How to Do Everything with PHP and MySQL

Michael J. Ross writes "When it comes to creating a dynamic Web site with data store capabilities, the site developer can choose from many technologies, including PHP and MySQL. The combination of the two is rapidly emerging as a favorite, partly because they work well together, and partly because they are both available under open-source licenses. As a result, technical book publishers are cranking out a growing number of high-priced tomes that try to cover all of the details of either technology, or both. But for the developer just getting started in either one, there is a new title that could prove more accessible: Vikram Vaswani's How to Do Everything with PHP and MySQL, published by McGraw-Hill/Osborne." Read on for the rest of Ross's review. How to Do Everything with PHP and MySQL author Vikram Vaswani pages 381 publisher McGraw-Hill/Osborne rating 7 reviewer Michael J. Ross ISBN 0072257954 summary A tutorial on PHP and MySQL, geared to the new developer.

The publisher has a page on their Web site devoted to the book; for some reason, it lists the book as containing 400 pages, but my copy has 381. The page also has links to a table of contents and a sample chapter, namely the first one. For those readers with very slow Internet access or unstable Adobe Acrobat plug-ins installed, be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.

Most technical publishers, for every one of their books, wisely have links to the errata and sample code, right there on each book's Web page. This is the best approach, because when readers are having difficulty getting a book's examples to work correctly, they want to be able to quickly find and download the most up-to-date sample code, as well as check the errata page for any bugs in the printed code. Unfortunately, McGraw-Hill/Osborne has their links to those two types of information in an easily-overlooked part of a menubar, using small black text on a blue background. The links are near the upper left-hand corner, and outside the content section of the Web page, where the typical reader would be seeking fruitlessly for them.

The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire. The site has the book's table of contents (in HTML), a link to chapter 1 in PDF, a profile of the author, three full-length case studies, a feedback form, and an extensive collection of links to PHP and MySQL reference material, discussion lists, articles, and tutorials. At the end of the Introduction in the book, the author invites the reader to use that companion site for connecting with other PHP users, and sharing their thoughts on PHP and MySQL development. The site itself has no such forum, so the author probably meant the discussion lists.

The companion site also has a link to download a Zip file containing all of the sample applications from the book -- from chapters 7, 12, and 16 -- comprising nine PHP scripts, an SQL file, and a data file. The code snippets themselves do not appear to be included in the download. This shouldn't pose a difficulty for the typical reader, since few of the code snippets are long. Besides, typing them in on one's computer can help to reinforce the language syntax that one is learning, as well as decent code formatting (valuable for newbies).

The book is organized into four parts.The first of these presents the basics of PHP and MySQL, including the history and features of both technologies, as well as how to install them on Unix and Windows systems, verify the integrity of the installations, and make some critical security and configuration changes, such as changing passwords. Parts II and III cover the basics of PHP and MySQL, respectively. The fourth and final part describes how to use the two together. To that end, every chapter contains snippets of code to illustrate the ideas being described. In addition, each section is wrapped up and illustrated with a sample application. For PHP, the author shows how to build a session-based shopping cart. For MySQL, he presents a simple order-tracking system. For using PHP and MySQL together, he shows a news-publishing system.

Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL. As the author notes in the Introduction, the book is not designed to be a complete reference for either technology, but instead intended as a tutorial for Web developers who are interested in learning how to do server-side scripting in combination with a database management system. Vaswani states that he does not assume prior knowledge of programming or database fundamentals, and that these basic concepts will be taught by example, using tutorials and realistic examples. I suspect a reader not familiar with HTML, however, could be easily baffled by the book. On the other hand, most if not all developers reading a book on PHP or MySQL are likely to already know HTML well enough to understand the output of PHP-enhanced Web pages.

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely. This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache -- and not coding the applications themselves.

Another welcome aspect of the book is the author's enthusiasm for the technologies -- although characterizing MySQL as "quite friendly" (page 150) is a stretch. Furthermore, his explanations are clear and concise. In addition, Vaswani makes no pretense that his book has all the answers; he frequently refers the reader to URLs in the online manuals of the products, for more details. In addition, he does a nice job of illustrating the advantages of normalized database tables, and later explaining how to format query output -- an important topic omitted in many similar books.

Yet, like all books, this one is not perfect. There are a number of errors or pitfalls in the book that could confuse the reader. They range from incomplete explanations of what a user will see when running particular commands, to the sort of errata one finds in all technical books. I found over two dozen in total (there may be more). In the interests of keeping this Slashdot version of the book review close to the recommended length, I won't list all of the problems here, but will instead refer the reader to a longer version of this book review, if they are interested in those details.

Aside from its many minor flaws, I recommend this title to any programmer who wants to learn the basics of PHP and MySQL. Even though the publisher could improve their production quality, choice of binding, and Web page, the author has done a good job of clearly presenting the major points. Future editions could incorporate fixes to the errors noted in the longer version of this review, as well as better explain to the neophyte how to test/debug the code snippets. Nonetheless, the intended reader would be well served by this particular book.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase How to Do Everything with PHP and MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

It can do everything!

This is finally the book that I need to write my php/mysql based operating system. Linux and Microsoft are dead!

Re:It can do everything!

[macaulay805]

Google? Is that you?!

Re:It can do everything!

[Leroy_Brown242]

The next new thing!

An OS, emulated on APACHE!

Re:It can do everything!

[adolfojp]

http://www.masswerk.at/jsuix/> Been there, done that. :-P

Re:It can do everything!

[cmstremi]

...
CREATE PROCEDURE `sp_DoStuff` (OUT pReturnCode INT)
BEGIN
DECLARE EXIT HANDLER FOR SQLEXCEPTION
BEGIN
ROLLBACK;
SET pReturnCode = 123;
END;
START TRANSACTION; ... do some stuff ...
COMMIT;
END ....

Re:It can do everything!

[Wieland]

Actually, Google mostly uses Python, IIRC.

Instructions:

Step 1: Use Emacs as your text editor.

Re:Instructions:

[__aaclcg7560]

Personally, I like Crimson Editor for Windows better. :)

Re:Instructions:

[CTalkobt]

Step 2: Enable VI Compatibility mode within EMACS.

Re:Instructions:

[Leroy_Brown242]

VIM!

Re:Instructions:

[AvantLegion]

Step 1: Use Emacs as your text editor.

This has to be one of those, "Step 2: ?????", "Step 3: Profit!" things...

Re:Instructions:

[Charles+W+Griswold]

Vigor!

Re:Instructions:

[SensitiveMale]

Step 3: Profit!

Re:Instructions:

[springbox]

Yeah, Crimson's great, but I noticed that gVIM can do everything Crimson can except for regular expression searches in files.

Re:Instructions:

[cortana]

/type_regexp_here

Or do you mean across multiple files? Use grep for that. Admittedly a pain in the arse since you have to deal with that dreadful excuse for a terminal emulator that Windows has.

Re:Instructions:

[springbox]

I meant files in the directory, but since VIM was written for UNIX systems anyway that's why the feature wasn't built in. I thought of grep but Windows doesn't have such a tool included.

Re:Instructions:

[Jackmn]

Install Cygwin, then put the bin directory of Cygwin in your PATH variable.

Bam! Grep and a whole host of other *nix utilities (including Bash, which you can use in place of cmd).

Re:Instructions:

[Decker-Mage]

Frankly I have about every editor known to man (or woman) here and Crimson has become my favorite editor for day to day use. I still like emacs (boo hiss from the Vi(M) crowd I imagine, not!), but it does the job, is light-weight, and has a price that can't be argued with.

Comparison to Other Books?

[Uber+Banker]

How different is what this book covers from what this, this, this, or this?

Re:Comparison to Other Books?

[AuMatar]

Its a good reference, but its not easy to learn from. Few to no examples, and its organized as a reference, not as a tutorial. Awesome when you want to look up the parameters of some function call, hideous when you're trying to learn the capabilities of the language.

Re:Comparison to Other Books?

[killermookie]

Because it does EVERYTHING!

Re:Comparison to Other Books?

[corpsiclex]

I've got php.net for that.

Like the old saying goes

[grazzy]

Dont buy a book about PHP AND MySQL.

Seriously, buy one for each one of them.
Then, when you've bought those two, you can stack them under your laptop and type in:

http://www.php.net/
http://mysql.com/doc/

Ready to go!

Re:Like the old saying goes

[Nos.]

I would have moded insightful instead of funny. I'm a fan of php, and one of the reasons I like it so much, is their website. Its a very complete reference to the language, and the user comments included with each function are inavluable. In fact, one of the best things about the website is its ease of use. If I'm trying to remember exactly how a function works, its as easy as http://ca.php.net/function

Re:Like the old saying goes

Fully agreed,

those two sites are more informative than any book I've read on PHP/MySQL. Even with moving from php3 to php4 and then php4 to php5 or from mysql 3.x to 4.x I have still yet to purchase any documentation for either of the two.

Any book I've picked up at the local book store on the subject I've found to have too much filler and have somehow stretched out 1 paragraph in to two pages.

If anyone is going to be getting into PHP/MySQL do your self a favor and just read through the tutorials and syntax examples on the parents post. I guarentee they will be just as, if not more informative as any $25 - $50 book you'll purchase at a book store and you will have the option of Ctrl+F.

Re:Like the old saying goes

[Parham]

I'd have to agree, my perfect PHP book would be one where they just dumped all the PHP documentation into it... and magically let me search it like I can on the website with user comments: PHP Manual

Re:Like the old saying goes

[DigitumDei]

Hell the php .chm is wonderful as well.

When I started developing in php and mysql I went out and bought "Open Source Web Development with LAMP". It was recommended, and apparently was very helpful. After an hour, put it on the bookshelf and went to php.net, and haven't looked back since. Anything that is in these books I can usually figure out myself with the help files, and anything I cannot figure out myself usually isn't in the book (though there is always a web site somewhere with example code that does exactly what I want).

Re:Like the old saying goes

[Albanach]

Would you really do that to your eyes?

It's true, PHP and MySQL both ahev great doccumentation. It's very complete, the examples are well laid out and commented but to learn a language from the on screen doccumentation?

I like to be able to lie with a book in bed, in the garden, on the bus, all the places I don't really want to be with a laptop.

When you're physically coding at the keyboard the online doccumentation is often the fastest way to look up a query, but you can really get a feel for something by spending time reading and understanding a book away from the keyboard. I guess that's why there's so much money to be made in writing computer books.

Re:Like the old saying goes

[Martin+Blank]

I have it shortened even more using a Firefox keyword. The URL is http://www.php.net/%25s and the keyword assigned is php. When I need something, I just enter:

php strings

and it takes me right there, and with seven fewer keystrokes than you, making me more efficient. :)

Re:Like the old saying goes

[grazzy]

.. but I've got a girlfriend ;)

Re:Like the old saying goes

[eddy+the+lip]

I'm big on books for learning and reference. I like to read, and I like to read on paper. I almost always prefer to grab something from my bookshelf and flip through the index than dig through a website. And I really want to emphasize that the PHP site is not, not, not a good way to learn the language. It's great when you want to find out why something doesn't work as documented (it's probably in the reader comments), but it is entirely useless as a way to learn how to effectively use the language.

And that's ok - that's not it's intent. All of this "you don't need a book, just go to php.net!" is really doing a disservice to those new to the language, or those that would like to actually learn good programming technique. Regarding the latter, the reader comments are generally abysmal and show the ignorance common in a (relatively) young community. For those just starting out, random access to > 3000 functions is not useful. At all.

With that little rant out of the way, I'd love a recommendation for a PHP book similar to Thinking in Java, or Advanced Perl Programming. I've looked, but all I've found are Dick and Jane Learn PHP, or dead tree dumps of the documentation.

Re:Like the old saying goes

[DrSkwid]

I just memorized it, 0 keystrokes !

Re:Like the old saying goes

[Raypeso]

Wow, I was going to mod you up but you are already a 5. That is exactly what I think every time I see one of these book reviews. Ha ha! Very funny post! ha ha!

Re:Like the old saying goes

[Lillesvin]

Somehow I can't really make it seven fewer... I've got the same keyword thingy in firefox, but I only save like 5 keystrokes... (?)

"http://php.net/strings" <-> "php strings" // 15 strokes less (":" is shift-. on Danish keyboards and "/" is shift-7 so 2 strokes for each of them).
"php.net/strings" <-> "php strings" // 5 strokes less. (".net/" is 6 strokes but there's still a space between "php" and "strings" in the keyword search.)

But yeah, keywords are great, I've got them setup for wikipedia, mysql.com/doc, php.net, discogs, apache... Everything... Thank you Mozilla-people! :)

Re:Like the old saying goes

[Martin+Blank]

I was using the URL mentioned by Nos. and dropping the protocol.

ca.php.com/strings = 18 characters
php strings = 11 characters

I could shorten it to just "p" but that might cause some confusion later on.

I have about 40 keywords defined here (mostly ripped from here), plus a massive other block I need to build for currency conversion involving eleven different monetary units.

And Danes have weird keyboards. :)

Re:Like the old saying goes

[On_fire7]

but it is entirely useless as a way to learn how to effectively use the language.

It really depends on what kind of a person you are, and how you learn. Different people learn differently, so there never is one best way to learn anything. You said yourself that you're big on books, but not everyone is. I wouldn't learn anything from a book, I do much better learning as I go. Don't be so quick to bash other methods, there is almost always more then one way to do something. On the other hand, I do think they were a bit to hard on the books, cause like I said everyone learns differently.

Re:Like the old saying goes

[Cyberax]

Even better: don't buy ANY book on PHP and MySQL.

Buy yourself a good book on programming in C/C++/Java to get acquainted with good OO-style, write some stand-alone programms. Read Knuth's "Art of Programming".

Then buy a book on SQL and learn basics of relational algebra (it's not hard). Write a DB-frontend or another simple application.

Then download PHP and MySQL manuals and start writing web-applications. PHP is very easy, a good programmer can learn it in about 40 minutes.

PS: Honestly, I'm sick of supporting poor web-applications written by "web-programmers" who read only something like "PHP and MySQL in 21 Days".

Re:Like the old saying goes

[eddy+the+lip]

I probably wasn't entirely clear in my frustration-powered, near-trollish ranting ;) It's not that I don't think the web is a good way to learn stuff (considering that I just finished helping build an online distance learning course, that would be awful silly of me.) It's just that while I think php.net is a good resource for certain kinds of information, such as "why doesn't this function work?" or "what are the other five functions that do almost the exact same thing, but not quite?", I don't think it's a good format for learning how to program effectively with PHP.

(I might be entirely misunderstanding your point here, too. If I am, my apologies.)

What I was trying to get at is that php.net doesn't really have context. You can learn the syntax of the language there. This is usually how I get my feet wet with a language - pull up a reference and start reading. I've done it enough times that I can get a feel pretty quickly this way.

But it's not a good way to learn how to be effective with the language. For someone new to programming (much of the new-to-PHP audience), it teaches you nothing about best practices. For the experienced programmer, it doesn't provide traction for questions like "what features are useful in implementing an MVC architecture" or "How can I kludge together a singleton?" (Kludge referring to doing that in PHP4. I haven't spent any time with 5 yet, but I suspect you can do it The Right Way now.)

Anyway, thanks for your reply. I do agree that people learn best in different ways. I just wish there were better information available on how to program well with PHP, not just how to program with PHP. Maybe as it becomes taken more seriously, these will start to crop up.

I prefer a different book

[RelliK]

It's called "Why Not To Do Everything with PHP and MySQL". ;-)

Re:I prefer a different book

Yes, but that one is more advanced. This one said it was for beginners.

Re:I prefer a different book

What's wrong with "How to Do Everything with PHP and Postgresql" ?

Re:I prefer a different book

[rawyin]

We should author that book.

MySQL has garnered such popularity because it is EASY. It is unfortunate however that easy does not mean good. MySQL is the Geo Metro of database systems. It's easy to drive and anyone can finance the thing. It pays to note that LAMP is the ultimate driving force behind the movement.

As a result of this ease and the lack of knowledge needed to make it operational, there are more scripts than one can count that you just drop into a LAMP installation and *bing*, instant website. The security concerns alone make me shudder, but the proliferation of bad code is perhaps just as serious of a problem.

While I think there are things that MySQL and PHP do quite well together, I would prefer if the development groups spent less time trying to perfect their recipe for "instant website" and instead increased their educational resources and expanded their product to meet standards.

It would make better netizens of their users. Or at least teach them "no, the world doesn't have padded walls for when your server falls down and gets a booboo."

Re:I prefer a different book

[operagost]

"How to Do Everything with DCL and RMS"

I have a very long beard. Growin' it since Nine-teen-diggety-three.

Re:I prefer a different book

[nxtw]

MySQL is the Geo Metro of database systems.

Thanks! Going into my sig.

Re:I prefer a different book

[tomhudson]

This one said it was for beginners.

I think you mis-spelled "windows users"

The book has a LOT of filler if you're not a Windows user. From TFA:

This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache

A lot of the people here won't be having that problem ,,, for those who do, snag a distro, and use the money you saved by not buying a Winders license on your development box or this book to buy a a half-dozen books on php, mysql, javascript and css.

Just knowing php and mysql is not enough any more. People expect some interactivity (menus, showing/hiding columns, rows, paragraphs, etc) on the client side w/o having to keep hitting the server every time they click on something.

Trying to do everything in php and mysql is actually harder than doing it right.

haha

[macaulay805]

The quote at the bottom of the Slashdot page says it all:

He flung himself on his horse and rode madly off in all directions.

Re:haha

[HeliumHigh]

Hey, I had that qoute about an hour ago! I knew it all lines up somehow!

One size doesn't fit everything

[vlad_petric]

PHP has two major shortcomings as far as high performance is concerned:

1. No proper database connection pooling (and no, pconnect is not connection pooling).

2. Can't really run Apache2 in its threaded mode because a lot of php libraries are not thread safe (although php itself is).

Don't get me wrong, I *love* both php and mysql, but for highly-trafficked sites, jsp is definitely a better choice (from my own experience).

Re:One size doesn't fit everything

[dostick]

You forgot one more major flaw: no persistent, servlet-like model. On every request everything need to be done again from start to finish.

Re:One size doesn't fit everything

[Jose-S]

I'm not that familiar with PHP, so correct me if I'm wrong. It's not really a runtime, like Java. So how do you manage threads? I'm sure it can be used to code CRUD websites (probably 95% percent of all websites) but can it handle more technical requirements? What if I needed to code a low-threaded load balancer with it? Does it have a collection API comparable to Java's? I believe session data is stored in a file. How complex an object hierarchy can you put in a session?

Re:One size doesn't fit everything

[anthony_dipierro]

No proper database connection pooling (and no, pconnect is not connection pooling).

Huh? What is it, then?

Can't really run Apache2 in its threaded mode because a lot of php libraries are not thread safe (although php itself is).

Clearly only a problem if you're using those php libraries that aren't thread safe, and even then, the performance increase of threaded apache usually isn't worth the additional programming overhead of dealing with threads - and if you really need to squeeze every ounce out of your boxes that you can you're probably better off not using apache in the first place.

Don't get me wrong, I *love* both php and mysql, but for highly-trafficked sites, jsp is definitely a better choice (from my own experience).

I can't imagine a site which is so heavily trafficed that the cost of hardware saved by using jsp vs. php is worth the cost of programmers to program in it. And then, you're probably better off not using apache at all in those situations. Of course, maybe you can find some cheap jsp programmers, but in my experience php is a lot easier to code.

Re:One size doesn't fit everything

[emarkp]

And as soon as I have a list of those libraries, I can consider using it. Last I asked about this, the comment was "it'd be better to list which libraries don't have a problem."

Can I have a list of libs that are or are not threadsafe and can use Apache2 in threaded mode?

Re:One size doesn't fit everything

[EraserMouseMan]

So which high-traffic website have you written in PHP?

Re:One size doesn't fit everything

[daBass]

The problem is the underlying C libraries use global variables for state without any locking/synchronization. This mean you cant have two threads using it concurrently.

Re:One size doesn't fit everything

[anthony_dipierro]

Wikipedia

Re:One size doesn't fit everything

[MikeFM]

The language you use really doesn't matter as much as a good design. If you just throw something together then yes you might get some minor boost from one language over another. Being able to easily scale across a cluster of machines is more a design issue though and that's what counts for enterprise apps.

Re:One size doesn't fit everything

[EraserMouseMan]

Good point. But on the same note I've always noticed that that site is slow. Hopefully the new servers that Yahoo is providing will help with that.

Versions

[amembleton]

Which Version of PHP does this book apply to?
Which Version of mySQL does this book apply to?

Specifically, does it cover PHP5?

Re:Versions

[puppetman]

Good point - and MySQL 4.0, 4.1 (sub-selects) or 5.0 (in beta - stored procedures, triggers)

Re:bah!

excatly. and mysql is a toy as well. when they're done playing, they can move to postgres.

Most comments to this review

[jbellis]

will be either "wooo! php rocks!" or "php sucks, use a Real Man's language like java."

Which is sad, because as much as PHP sucks, J2EE solutions suck just as badly in different ways. (That's another article.)

Re:Most comments to this review

[zulux]

will be either "wooo! php rocks!" or "php sucks, use a Real Man's language like java."

Or "Ruby on Rails is 202% Better!!!111!"

I don't know how to use RoR but all the trendy powerbooks people are using it so it's got to be cool.

Re:Most comments to this review

[Decaff]

Which is sad, because as much as PHP sucks, J2EE solutions suck just as badly in different ways. (That's another article.)

This is wildly unfair to both technologies.

PHP can suck in some ways. J2EE can suck in others.

However, what critics of J2EE often forget is that J2EE can be used in a very light manner. Major applications have been written using only JSP pages, possibly using a rich set of tag libraries. This allows development of scripted pages in a very similar manner to PHP, but with the ability to use the very rich Java libraries if required.

Re:Most comments to this review

[dodobh]

And then there is Perl. Use the force!

Re:Most comments to this review

[Jose-S]

It is true that many Java frameworks (and to be specific much of what Sun designs) tends to be over-engineered and complicated. That's not to say that Java the language sucks, or that there can't be simple Java frameworks. In fact, it has been a very successful language for a reason, a language that MS itself has put a lot of effort into cloning (and improving to a limited extent in some areas), and one that IBM is very fond of.

Everything?

[Infinityis]

I've been waiting for a book like this. I was really hoping to write a kernel entirely with this stuff...

buy a MySQL book

[John+Seminal]

and get the php book from the library.

why?

php won't require lots of reference, once you learn something, you won't need to look it up. but with mysql, you will want a reference.

the other reason, once someone learns php, they will probably want to move on to another language. save the $50 from the php book and use it for a Java book.

that is if people are like me and have limited money. get the most bang for the buck. there is no reason to have a book that you use once and then don't need. it is better to buy books you will keep using.

i learned MySQL while writing a forum based application using JSP. MySQL is very fast, very user friendly, and it never failed me. But it does require a good reference book, otherwise you will go mad. and if you will be using MySQL on a network, make sure to password protect it, please. ;)

Re:buy a MySQL book

[Decker-Mage]

Sorry but I find MySQL user (programmer) hostile, only (somewhat SQL-92) standards compliant, somewhat fast in some instances providing you live within their SQL implementation, and more than something of a security nightmare as many default settings are idiotic, to say the least.

Now, supposedly, all will be magically better in 5.0 when it goes gold. I'm in wait and see mode. However, as a database engineer who is totally database agnostic (heck, everything agnostic), it still needs more than a bit of work. Then that's true of most of the industry.

Security? Standards? We don't need no stinkin' (insert here).

To get back to the review, these books are nice but not the whole answer and I have a real problem with any book that states in the title "How to do anything with...". Sorry, but I'm not someone that restricts myself to any one toolbox when it comes to creating applications, be it on the web, the server, or the desktop. I use, simply put, the best tool for the job, period. To paraphrase, when you only have a hammer, everything looks like a nail, and that is far too true of the the IT industry. I pick the tools to suit the job at hand, not the job at hand to suit the tools, or to force fit the job to match the tools.

PHP is nice (heck, very nice). MySQL is nice, and often speedy, but still needs more than a bit of work (although 5.0 and native XML support would make it beautiful, IMNSHO). Force-fitting everything into that paradigm is right up there with the morons that say Java can do anything, anytime, and better.

Not that I have anything against Java (yeah, right).

Re:buy a MySQL book

[crucini]

While I partially agree, I have to mention the counterpoint. MySQL is very good across a certain domain of problems. Where I work now, we pick between Oracle and MySQL for specific projects. If we don't see transactional requirements, writer contention, or huge volumes of data, we pick MySQL. It's faster and generally easier to work with.

I just don't care that MySQL isn't SQL-92 compliant. By the way, none of the applications I have worked on on Oracle could be trivially ported to a different db, standards or no. I agree that MySQL is friendlier than other dbs. Most obvious example - meaningful error messages.

I am not excited by Innodb or most of the features being added to MySQL. These changes, which add Oracle-like capabilities, also add Oracle-like problems, such as complexity, slowness, lock buildups, etc. We already have Oracle. We use MySQL where it fits.

As for hammers and nails: the guy with only one tool has a problem; so does the guy who spends all his time learning new tools and never becomes expert with one. There is not a logical niche for every technology - many of them are not worth touching, period. It's better to invest time in learning a few tools deeply.

Re:MySQL good, PHP not so good

[chris_mahan]

Not so fast.

Java is proprietary.

Just now emerging, in 2005?

[skoda]

The combination of the two is rapidly emerging as a favorite, partly because they work well together

Didn't PHP / MySQL emerge as a favorite about 5 years ago? Isn't the pair now a fully emerged favorite? Did I dream the year 2000 or has the author been Rip Van Winkling?

Re:Just now emerging, in 2005?

[ari_j]

has the author been Rip Van Winkling?

Maybe he's been too busy verbing proper nouns to notice.

Re:bah!

[downward+dog]

PHP is a full programming language. You can do basically anything in PHP that you can do in Perl, Java, .NET, Ruby, etc.

Granted, PHP lends itself to sloppier code than some other languages. Or rather, it _allows_ you to write sloppy code. But this is only a disadvantage if the developer is unskilled/undisciplined. A skilled PHP programmer can write robust, object-oriented code that follows the same design patterns as Java. It's just that certain Java frameworks force every project to be heavyweight, while PHP allows you to do a lot of things simply. If you want to write yourself a simple photo gallery app, why bother with Struts?

I write this as an ex- (not current) PHP programmer. I recently made the switch to Ruby on Rails, which has proved to be fantastic thus far.

Never trust anyone who says "Language X is terrible and Language Y is great."

PHP and MySQL

The Visual Basic and Access of the next generation...

Re:PHP and MySQL

[shutdown+-p+now]

Just not VB, but rather VBScript

PHP not a true language?

[ChipMonk]

The last I knew, PHP had variables, conditionals, loops, and functions. Perl has these, too, as do Python, Lisp, Bash, and even PostScript. Their Turing completeness has nothing to do with their execution environments.

Re:PHP not a true language?

[njcoder]

" The last I knew, PHP had variables, conditionals, loops, and functions."

I dated lots of girls that had those too... I wouldn't call them programming languages either :)

Re:PHP not a true language?

[ChipMonk]

If I had mod points, you would be Funny immediately.

You forgot...

[DogDude]

...MySQL! There are a few of us who hang around /. who know databases (a very few), and we've always got to chime in whenever MySQL is mentioned.

Oh yeah...

MySQL sucks. Not a real RDBMS. Very limited. Not ACID compliant. blah, blah, blah.

Re:You forgot...

[a1cypher]

The book I was just reading on mySQL said that the InnoDB table's were ACID compliant...

Re:You forgot...

[paulymer5]

By some standards, even current (stable) versions aren't so great. That said, I fully intend to give 5.0 a whirl when it comes out of beta.

Re:You forgot...

[nxtw]

They aren't the default table type, though.

PostgreSQL, SQL Server, Oracle, and many other database systems (including commercial and open source) have been ACID compliant for quite some time. Not to mention the abundance of features that other database systems have, like stored procedures, triggers, views, subselects, etc. Many of those features have not yet made their way into MySQL and may not until 5.1; some have been recently added to production releases; others are still in "5.0" beta.

Even then, data integrity and features have never been a primary concern of MySQL developers.
Access manages to beat MySQL; MySQL completely chokes (for whatever reason) on joins that Access handles in seconds. SQL Server, PostgreSQL handle these queries fine.

Re:You forgot...

[DogDude]

You're partially right. We at least won't give it a chance for a *long* time. I'm not too keen on putting all of my most mission critical data in a database that *just* got all of these important things tacked on in the past few months. Call me crazy, but I don't trust my data to just any old program. But then, my data (that runs my business) is probably much more critical than what most people use MySQL for (I hope). I'd much rather go with something like Oracle or SQL Server or DB2, all of which have been around for quite a bit longer, and have been tested much, much more than MySQL has been. If you're just using MySQL for a blog or your mom's recipies or something like that, I say go right ahead. No big deal if you encounter a glitch. If I encounter a glitch, I've got at least a dozen people's livelihoods on the line.

Re:You forgot...

[Osty]

They aren't the default table type, though.

Worse than that, if the table type isn't available and you try to use it, MySQL doesn't fail. It'll happily go on, ignoring that you asked for InnoDB tables with ACID compliance, and pretend that it's actually doing something when you ask it to open/commit/rollback a transaction. This is one of those "user friendly" features that really isn't, and MySQL has a bad habit of doing crap like this. If I want a table of a certain type, and that type isn't available, the DDL should cause a failure. It shouldn't succeed silently, choosing a different table type than what I asked for.

Not to mention the abundance of features that other database systems have, like stored procedures, triggers, views, subselects, etc. Many of those features have not yet made their way into MySQL and may not until 5.1; some have been recently added to production releases; others are still in "5.0" beta.

Don't forget, implementing those features will make MySQL slow! Real programmers don't need them! Well, not until MySQL implements them, anyway (wait, I thought implementing them would make MySQL slow? They's gots some kind of magic that can keep MySQL fast after implementing features that'll make it slow? Well hot damn!).

Features come and go, and I have no doubt that the MySQL developers will continue to advance MySQL until it can effectively mimic a real RDBMS. The lack of features is just an additional reason to complain about MySQL. The real reason why Those Who Know Better (tm) give them so much shit is the developers' attitudes, that they think they know so much more than development houses that have spent 20+ years researching and building real RDBMS engines (Oracle, IBM, and even Microsoft). If MySQL developers would've just said something along the lines of, "We understand the importance of foreign keys for proper referential integrity enforcement, but we have other priorities right now and want to make sure that when we do implement foreign keys that we do so in a robust and performant way," I wouldn't have ever had a problem with MySQL lacking foreign key support (just used as an example). Instead, they had an attitude like, "You don't need foreign keys. If we implemented them, they'd slow down MySQL, and besides, if you're a good enough developer you can compensate for the lack of foreign keys in your application code." That attitude earned them the scorn and distrust of anybody who knows anything about RDBMS design and usage.

Make it stop

[glwtta]

I wonder if there really isn't a single person out there who knows MySQL and PHP and who can write a decent book?

Seems like the only explanation for this myriad of redundant books on such a simple topic. Really, how can there be a market that can accomodate another one of these identical books every month?

Re:Make it stop

[eddy+the+lip]

Beats me, but I would be satisfied with just one good PHP book that dealt with some more advanced topics. Something like "Design Patterns in PHP", or "How to Architect a PHP Web Application That Isn't 5 Thousand Unmaintainable Spaghetti Files."

I've been doing web app development almost exclusively with PHP for the last four years. I pretty much hate the language, but there are a lot of solid, pragmatic reasons to use it. The funny thing is, almost all of the "PHP suxor!" posts that I see here would be easily refuted by one solid book on how to apply good programming practices to the language. (And namespaces. The one thing I really, really wanted out of PHP5, and they cut it. Bastards.)

I would also just like to say that the online PHP documentation is not the reason for the dearth of good PHP books. The online documentation is handy for finding out that (insert one function of 3000) doesn't actually implement the functionality it claims to, and here's a really slow algorithm for faking it.

I'd happily put down a half dozen PHP fanboys for an equivalent to Thinking in Java. If I've missed it, and someone can recommend it, send me your postal address, and I'll make sure you get their heads. Just my way of saying thanks.

Re:Make it stop

[nxtw]

I think most people that can write a decent book and that *should* be writing books are smart enough to use a better database than MySQL.

change of minds ?

[kreativemind]

I, for one, am dedicated to PHP & MySQL but lately I"ve been experimenting with Coldfusion. Now I realize that Coldfusion is no open-source but in the past months, it has been a very good friend to me unlike PHP. CFM gave me the quick and easy commands to perform what I do on a daily basis or easy intergration ongoing projects.

In all, PHP & MySQL are by far the best there is, but i still have to explore other regions. Hence, I do not look forward anytime nor in the future to ASP.Net. I like to stay away from the proprietary enforcements and give my small snippets a chance when I need them on open-source applications!

Re:change of minds ?

[Al+Dimond]

I'm working with ColdFusion now, and I think that its way of integrating itself into the markup helps keep my web pages' code looking nice, for sure. It makes the most common operations very simple and I love the "query of queries" feature (I've used PHP and I don't know of anything like that in PHP).

On a smaller level I really don't like CFML because it doesn't feel consistent; it's not a scripting language in the way that PHP is, and so every step has to be in its own tag, and sometimes because HTML and CFML tags look so similar I get tricked into thinking they behave in the same way. And it often makes for much more typing than PHP.

So... if I had to get some stuff done in a work environment where I would have to move from development to test to production machines and get it all done quickly and without having to worry about the mechanics too much, I'd use ColdFusion. If I was coding for joy, I'd either use PHP or try to learn perl.

Re:change of minds ?

[Just+Some+Guy]

I realize that Coldfusion is no open-source

Why not take Zope for a spin?

Re:change of minds ?

[OxygenPenguin]

As a Java/C++ developer by heart, and used to Perl in a UNIX environment for scripting purposes, my exposure to ColdFusion as a primary web application programming language has been bittersweet.

I've had to resort to writing my own Java tools to accomplish tasks that ColdFusion should've been able to do multiple times, and torn my hair out over programming errors that seem logical, only to find that it's a simple typecasting problem.

Not having used JSP in a production environment, I am curious how it would compare to a ColdFusion programming interface. The tags and html familiarity make it simple for non-programmers to catch on, and the power of the server to reach in and generate content is also very nice at times. The code can get hairy, and non-logical in certain circumstances, though. Annd....it's not open source, either.

Altogether, those are just about the three strikes I need to use PHP or JSP in the future.

Re:MySQL good, PHP not so good

[moonty]

The problem with these PHP run forums was not that they were written in PHP, but with the forums themselves. Blaming the language for the problems is like blaming the English language for mangling George W. Bush's speech, while the fact is that the English language is merely what he is speaking. Granted, there were security issues with PHP that didn't help much, but it isn't entirely the fault of the language.

Also, you must not have explored PHP much if you don't think any large applications exist.

Really?!

[Silicon+Knight]

Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL.

Darn marketing double-speak, gets you every time!

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL ... This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working

/sigh/ Practically every beginner PHP/MySQL book I've looked at describes installation in some depth. Quite often too much depth for my taste.

Re:Really?!

[Decaff]

[Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL.]

Darn marketing double-speak, gets you every time!

It is awesome how many /. articles become more accurate if you insert a 'NOT' in the title...

I hate the title

[diegocgteleline.es]

"How to Do Everything? with PHP and MySQL"?

I hate how people abuses of PHP. PHP is nice when you really need what things like PHP/ASP/etc provide, but these days some people use it for everything. I hate it. Take a look at blogs - they're not really "dynamic content", they're just static content which changes very frequently, still everybody uses PHP to implement them.

Re:I hate the title

[youknowmewell]

I think perhaps our definitions of 'dynamic' are different.

Re:I hate the title

[AuMatar]

"static content which changes very frequently"

Doesn't that make it dynamic?

ANd why not use PHP to implement them? Instead of ftping the file tomy computer, adding my new text, then ftping it back, I can just use a PHP script to add it to a db, and a second script to write it out to the world. Much easier. As someone who did things the bad old way once upon a time, this is a huge time saver.

Re:I hate the title

[jinzumkei]

"they're not really "dynamic content", they're just static content which changes very frequently"

I can't tell if this is a joke or not. If it is, cheers! if not, dear lord, sign up for a dictionary's word of the day.

Re:I hate the title

[diegocgteleline.es]

Doesn't that make it dynamic?

IMO dynamic content is something like "show me a different frontpage depending on my login" and things like that.

Re:I hate the title

[nxtw]

By *dynamic*, they mean content that is somehow generated every time the page is viewed. Examples would be Slashdot, forums, high-traffic news sites, etc.

ANd why not use PHP to implement them?

It's unnecessary, that's all. A text or HTML editor with FTP, SFTP, or WebDAV can do the job just as well. And for sites that actually get traffic, it's best to minimize the amount of database hits and processing required to display a page.
Just because you *can* is not a reason why you *should*. (Now if only I'd think that way while driving...)

Re:I hate the title

[DrSkwid]

You are just refering to a [poor] design philosophy.

When a site has more reads than writes it is wise to cache the output page. Thus blogging software could write out the static content when the blogger presses "submit new entry" or someone adds a comment.

My high traffic site works kind of like that. The ratio of reads / writes is something like 1000 / 1. Thus each public facing php page has something akin to :

<php #blog.php
require_once "cache.php";

$html = $cache->page("/blog.php");
if ($html) {
print $html;
exit;
}

list($html, $cache_page) = $make_page();
print $html;
if ($cache_page) {
$cache->save("/blog.php"), $html);
}
php>

and in the private area something akin to :

<php
require_once "cache.php";

if ($_POST("submit")) {
$cache->clear("/blog.php")
}
php>

not that exact code but I hope you get the idea

Thus one can have loads of intense SQL going on that is only going to get run once per page change.

I use javascript to make some pages different on every page load thus only the bits that get changed every page get run every time, good for random quotes or images banners etc. stuff that you wont mind losing too much if the client has scripting turned off.

Re:I hate the title

[diegocgteleline.es]

Interesting, my obsession with PHP is not just avoiding database querys, I like static .html were possible because with .html files apache can use the sendfile() syscall (which improves performance quite a lot)

Re:I hate the title

[DrSkwid]

of course, there's nothing to stop you writing out your static HTML for Apache to the document tree, using mod_rewrite to check the "cache" for you :

<VirtualHost *>
ServerName = cached
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-s
RewriteRule ^(.*\.html$|.*/$) /index.php [T=application/x-httpd-php,L]
</VirtualHost>

The RewriteCond triggers the RewriteRule only if the document is (!found || filesize == 0) (!-s).
The RewriteRule internally redirects Apache to index.php if the requested page ends in html or / (ignoring any querystring)

index.php then builds the page (based on $_SERVER['REQUEST_URI']), serves it, and writes it to the document tree if appropriate.

you could also do this for your images / css etc. with different rules or just redirect *every* 404 to index.php and serve "something!"

I just catch html & / because thats all I want to do thus avoiding all the requests for /.*/winnt/system32/cmd.exe & co.

In the backend one can truncate the files to zero length when it is time to invalidate them which might be a bit quicker than deleting.

Re:I hate the title

[gallir]

> When a site has more reads than writes it is wise to cache the output page. Thus blogging software could write out the static content when the blogger presses "submit new entry" or someone adds a comment.

Done. http://mnm.uib.es/gallir/wp-cache-2/

Re:I hate the title

[utopicillusion]

Wordpress is a blog tool using php.

You can generate html using this plugin.

http://photomatt.net/2004/07/26/staticize-25/

Re:I hate the title

[AuMatar]

They can do the job, but at a lot more effort by the writer, and with much lower functionality. Thats why they use PHP scripts- it takes half the effort for the writer. If you ever used the ftp and edit technique for updating even a once a day page, you'd see how much effort the script removes. THats why we use computers after all- to automate time consuming tasks.

Re:I hate the title

[nxtw]

They can do the job, but at a lot more effort by the writer

It takes less than 15 seconds to open up a file in UltraEdit over FTP. Other editors with remote file editing are just as easy to use; both free and commercial software text and HTML editors exist that will edit files remotely.

and with much lower functionality.

Much lower functionality? I don't know what "functionality" you're talking about. Maybe if you're editing files with Notepad. But for those using something like Dreamweaver, and editing the page is as simple as opening the file, making your changes in an easy WYSIWYG environment, and saving.

If you ever used the ftp and edit technique for updating even a once a day page

I don't use the "ftp and edit technique". I use the "text/HTML editor that doesn't suck technique". I only use databases when it's warranted.

Re:I hate the title

[AuMatar]

Automatic archiving of old news, improved searchability, automatic timestamping of news, etc is improved functionality. These and cmore can easily be built into a PHP script. They have to be done by hand otherwise. I've done it, and its a fucking pain in the ass.

Re:I hate the title

[lachlan76]

If you must do it that way, you'd be better off using a cron job to get a copy of the output of the php script for the static pages.

Re:MySQL good, PHP not so good

[downward+dog]

Java is only the better language to learn if you work on large projects with a team of programmers. For 1-3 programmers on a mid-sized project, I'd take PHP over Java any day.

And what's this business about scripting languages not being true languages?

Re:both available under open-source licenses?

[markybob]

you're absolutely wrong. mysql is dual-licensed, with one of those two being the GPL. the GPL is not only for non-commercial. seriously, read up before throwing stones.

Re:both available under open-source licenses?

[l-ascorbic]

Sorry, but you really have not got a clue. MySQL is GPL.

No, buy a SQL book

[DogDude]

I can't stress strongly enough that people NOT buy a MySQL book. Buy a SQL book. Even better, buy a RDBMS book. We have enough people doing stupid things with data. We don't need any more. You might as well suggest that somebody buy a Windows 95 book.

Re:No, buy a SQL book

[njcoder]

" I can't stress strongly enough that people NOT buy a MySQL book. Buy a SQL book. Even better, buy a RDBMS book."

If people start doing that.... I can't see people still using MySQL :)

Re:No, buy a SQL book

[DogDude]

If people start doing that.... I can't see people still using MySQL :)

I agree. Especially since Postgre costs the same thing, and even Oracle offers free personal version of their RDBMS, and MS has it's MSDE, and I'm betting that even DB2 has a free/cheap one for something as lightweight as a web site.

Re:No, buy a SQL book

[Rick+and+Roll]

I prefer MySQL to stripped-down versions of MS SQL and DB2. And that's not just because MySQL is free.

I agree that Postgre is much better than MySQL. But MS SQL and DB2 don't deserve to be linked into the same category.

Re:No, buy a SQL book

[DogDude]

But MS SQL and DB2 don't deserve to be linked into the same category.

I was actually giving Postgre the benefit of the doubt by lumping it in with SQL Server and DB2. I've never used it, but I've heard good things about it. I was planning on giving it a shot once a version of Toad came out that supports it.

Re:No, buy a SQL book

[njcoder]

I haven't used Toad for a while as I've been using PostgreSQL more now and haven't used Oracle in a while. So I can't compare the current versions of Toad to other products. PGAdmin3, which installs if you install PostgreSQL on windows. Probably not as good as Toad but you can do most of the things you'd want to. Also tools like CaseStudio are good modelling tools that work with PostgreSQL. I'm still looking for a good open source data modelling tool that can reverse and forward engineer with PostgreSQL.

Re:No, buy a SQL book

[Rick+and+Roll]

I wasn't talking features, I was talking simplicity.

AFAIK, MS SQL and DB2 don't run on many platforms, and are poorly suited to small projects. They also don't have the variety of nice API's that Postgres and MySQL do. So for most people who would be considering MySQL, MS SQL and DB2 free editions don't get them anywhere.

I was thinking about a comparison to car varieties, but I decided not to.

And yes I am aware of some of MySQL's past and present SQL issues. They don't make a huge difference for small projects, though.

Re:No, buy a SQL book

[dingfelder]

toad does more than oracle now

their mysql admin tool rocks
http://www.toadsoft.com/toadmysql/toad_mysql.htm

they also have a sqlserver version now too
http://www.toadsoft.com/toadsqlserver/toad_sqlserv er.htm

If you use mysql, oracle or sqlserver you are missing out if you have not tried toad.

Re:No, buy a SQL book

[Cronopios]

Any recommendation?

Simple Answer

[Moth7]

"@" suppresses error messages.

It was the language and not the code?

[Wee]

At the risk of feeding the trolls...

PHP websites are more vulnerable to worms. Just six months ago, many PHP run forums were shut down and destroyed. The exploit was something that worked only with PHP forums.

So it was a shortcoming endemic to the langauge, and not sloppy coding, right? I mean to say, PHP itself was at fault, due its very nature? A similar thing can't possibly happen in a "real" programming language like Java?

Java is the better language to learn. It is more like a true programming language than PHP. The reward for the time spent learning a language is greater with Java than with PHP.

That's begging the question. And wooly-headed thinking at its best. I'd argue that the barrier to entry is a lot lower with PHP than Java (or C, C++, .Net, et al.). So someone new to the language is bound to see results faster. But your point is nonsensical to begin with...

I always thought of PHP as more of a scripting langugae, and not a true language. No large PHP applications exists out there. But there are tons of enterprise Java applications.

A scripting language is a "true language". BASIC is a true programming langauge. MSDOS batch is a true programming langauge. Further, have you ever heard the saying "use the right tool for the job"? There are a lot of types of websites filling a lot of roles. Many (most?) of them don't need the overhead and complexity of an enterprise-class system. Use what works, without specious limitations brought on by technical snobbery.

-B

Re:It was the language and not the code?

[Scyt]

So it was a shortcoming endemic to the langauge, and not sloppy coding, right? I mean to say, PHP itself was at fault, due its very nature? A similar thing can't possibly happen in a "real" programming language like Java?
A language that produces problems like this is at fault in its very nature.

(0 == "a")

should never be true.

Re:MySQL good, PHP not so good

[Peter+Cooper]

PHP websites are more vulnerable to worms. Just six months ago, many PHP run forums were shut down and destroyed. The exploit was something that worked only with PHP forums.

I don't think PHP sites are inherently more vulnerable because they use PHP. I think it's because PHP coders are more likely to be amateurs, and PHP projects more likely to be developed by new coders, that they'd have holes. It's not a failure of PHP IMHO. It just happens that more bad coders use PHP.

Re:MySQL good, PHP not so good

[hobbesx]

PHP websites are more vulnerable to worms

If this is the worm I am thinking about, it was specific to one particular forum, which is quite popular and written in PHP. The exploit was a vulnerability in the source, not PHP itself. Is all JSP code automatically uber-secure?

And if the 'reward' of programming with a 'real' programming language is that much better, write your web-apps in C, or ::shudders:: Assembly... For now, I'll use the tool that is best suited for the job based on it's merits and my ability to complement them. (Unless the reward is cash, in which case, I complement cash whoreing quite well...)

Just Another Book...

[__aaclcg7560]

But can you build a /. from PHP and mySQL? A lot of books will show you the bits and pieces that make up a comprehensive website but usually don't show you how to put the whole thing together.

Re:Just Another Book...

[tthomas48]

Absolutely. Check out my URL. I have content management, blogs, webmail (including the fact that postfix delivers my mail to a php script), mailing lists, and reservation management.
The real flaw for php is the same problem mod_perl has. One database connection per thread, so you don't have true connection pooling. Under load that can become a serious problem.

Re:both available under open-source licenses?

[markybob]

can someone please mod this idiot down? htf does he have a "score 3 informative" when he doesnt even know that mysql is available under the GPL?

Melonfire

[MikeMacK]

The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire.

Do I really want to read a book by someone who works for a consulting firm named after the ignition of fruit?

Re:Melonfire

[kaladorn]

Do I really want to read a book by someone who works for a consulting firm named after the ignition of fruit?

And the other alternative is even more disturbing....

Re:Melonfire

[Chiisu]

Why not a guy named Mel? ;)

Re:both available under open-source licenses?

[Al+Dimond]

MySQL is dual-licensed; it is available for free download, and if you wish you may distribute it under the terms of the GPL. A commercial license can also be bought, and I think that includes things like support and possibly the ability to distribute under different terms. I don't remember exactly...

Re:bah!

[google]

But... but... but... I want a language that does everything! Thus I will finally prove Godel wrong once and for all!

Besides Slashdotters Gross Conceptual Errors in programming language theory, I already have my desk references, and they are written by insane, whimsical men known as Knuth and Corman. Sometimes they require use of a secret decoder ring found in select Cracker Jack boxes to figure out, but are entirely more useful than something that could be grokked online.

Step 2) Quit Emacs, then start vi...

[sir+lox+elroy]

/me ducks the tomatoes. :-)

Re:MySQL good, PHP not so good

[ScytheBlade1]

How about you learn the language before you speak out of what google news and fellow slashdotters tell you?

Saying that there was a worm that only affected PHP forums is only a half-truth, at best. It only affected a single PHP based forum, not every PHP forum made in existance. The flaw there was a hole in the software, NOT a hole in PHP. Have there been holes in PHP? Of course, there's hole in everything else, too. The exploit was not in PHP, it was in some software that's coded in PHP. Using your thinking, that's like saying C is a horrible language because if you don't know what you're doing, there's a chance of a buffer overflow.

From "A Note on Security in PHP":
" A recent Web Worm known as NeverEverSanity exposed a mistake in the input validation in the popular phpBB message board application. Their highlighting code didn't account for double-urlencoded input correctly. Without proper input validation of untrusted user data combined with any of the PHP calls that can execute code or write to the filesystem you create a potential security problem. Despite some confusion regarding the timing of some unrelated PHP security fixes and the NeverEverSanity worm, the worm didn't actually have anything to do with a security problem in PHP."

The phpbb developers are not stupid, they are competent people. Yet, there was a hole. It happens, no one is perfect.

I'm quite certain that JSP/Tomcat can be just as insecure if you code it wrong. Same with ASP. Or, gasp, anything.

Re:both available under open-source licenses?

[svallarian]

It's only free if you release your web app as GPL also.

Re:both available under open-source licenses?

[svallarian]

It's only free if you release your web app as GPL also.

Not very free IMHO.

Re:bah!

[cosinezero]

You can do basically anything in PHP that you can do in Perl, Java, .NET, Ruby, etc.

-->Um, wrong. So very, very wrong.

Re:MySQL good, PHP not so good

[Just+Some+Guy]

use MySQL [...] JSP and Tomcat.

The performance of Java and the functionality of MySQL. There's a match made in hell for ya.

Seriously, do their problem domains overlap at all? Big servers with plenty of resources: Java + an ACID database. Small servers that want to be responsive at the expense of all else (like complex functionality and data integrity): PHP + MySQL. I can't imagine harnessing DB2 to PHP, and the inverse doesn't seem a whole lot more sane.

I know someone's going to pipe up and announce that they've been using PHP and an Oracle to drive their website for years, but it still just feels wrong.

If everything you have is a hammer...

[hubertf]

... then every problem tends to look like a nail.

- Hubert

Re:If everything you have is a hammer...

[dangermouse76]

Sounds like a job for perl!!

Re:both available under open-source licenses?

[markybob]

gimme a break. that's the difference between GPL and LGPL. that's like saying bsd is MORE free than GPL.

Not entirely correct

[Safety+Cap]

You cannot distribute MySQL without a license, but you can use it to your little "I 'program' databases... but what's this primary key thingie I keep hearing about" self.

That being said, it is a toy database, and as such, should not be used on serious projects (i.e., anything that uses normalized data schemas and requires data integrity).

Re:Not entirely correct

[Zeut]

Not true... Please read:
http://www.mysql.com/company/legal/licensing/comme rcial-license.html

It has nothing to do with distribution. If your app is open source than you can use the GPL version of mysql, if not, then you can't.

Re:Not entirely correct

[n6mod]

Did you even read your own link?

The second paragraph reads:

When your application is not licensed under either the GPL-compatible Free Software License as defined by the Free Software Foundation or approved by OSI, and you intend to or you may distribute MySQL software, you must first obtain a commercial license to the MySQL product.

(emphasis mine)

Sheesh. I expect better from someone with a 5-digit UID.

Re:Not entirely correct

[kryptx]

it is a toy database, and as such, should not be used on serious projects (i.e., anything that uses normalized data schemas and requires data integrity).

Huh?

see here for a list of companies using MySQL. Do you think any of these companies use normalized data schemas? Do you think data integrity is important to them?

People choose databases (as with any software) based on a cost to performance comparison. MySQL happens to be very fast and efficient at what it does, and for the perfect price tag. On top of that, version 5.0 includes features that address every legitimate complaint that people have had against MySQL: Stored Procedures, Views, and Triggers. Am I missing something?

Re:Not entirely correct

[kryptx]

- they probably aren't aware of the problems with the software
- alternatively, they inherited it as part of another application
- third-case: they built the app four years ago on a shoestring and data quality didn't matter. Back then there were fewer descent options.

Pure speculation. Worthless unless you've got examples.

- without partitioning it can't keep up with oracle or db2 on adhoc queries.
- its write performance with myisam is a joke
- its read & write performance with innodb is completely unimpressive
- its optimizer is trivial - so common queries with 5-way joins or subselects can cause horrific performance problems that you wouldn't see with a more mature product.
- it costs $500 or so for a license, postgresql is free, and db2/oracle just a little more. You're better off either saving your $500 or spending a few hundred extra for a database with fewer issues.

Wrong, on many counts. First, MySQL is as free as postgresql. You do not have to pay for a license to use the software. Currently the Standard (STD) edition of Oracle is priced at $15,000 per processor, and the Enterprise (EE) edition is priced at $40,000 per processor. The RAC feature is $20,000 per processor extra, and you need to add 22 percent annually for the support contract. Alternatively, you can license it on a per-user basis, at $300 per user for STD and $800 per user for EE.

Next, MySQL is more stable and faster (when using MyISAM) than PostgreSQL in just about every comparison I've ever seen. If you've got one that shows otherwise, I'd be interested to see it. You are right, though, that InnoDB is much slower. I haven't used that format, with any database, so I don't really know the significance of this.

I have seen the performance problems you're talking about with moderately complicated queries, however that was on an older version, and I don't know the details of the schema I was using. I do remember that I was joining the same table multiple times on different criteria. It's possible I had been doing something wrong, or it's possible that this was due to poor software. But given the subjectivity (and inaccuracy) of many of your objections, I don't have a hard time believing that it was my own fault.

- this is an initial release that will still have enormous limitations in the use of these features
- it fails to address the far more serious and legitimate complaint of poor exception handling - in which errors are ignored and data is corrupted.

First, this is a BETA release, not an "initial" release. I don't typically try beta releases of database products, so I haven't tried these in particular, but rest assured that I will be very disappointed if stored procedures are not fully implemented and contain considerable optimization.

As for your other complaint, what errors does MySQL ignore?

I'm not saying MySQL is without problems (taking 10 years to implement Stored Procedures is worth complaining about, not to mention the mediocre SQL compliance) but it is extremely competitive in a performance analysis of FREE database products.

Re:Not entirely correct

[Fahrvergnuugen]

"That being said, it is a toy database, and as such, should not be used on serious projects (i.e., anything that uses normalized data schemas and requires data integrity)."

Care to back that up?

I use MySQL/InnoDB in a commercial environment where data integrity is (obviously) very important. All of my tables are InnoDB, and I use it's foreign key feature wherever possible. It's been running for 5 years on 3 different servers and I've never had any problems...

If there's some great reason why I shouldn't be using MySQL, I'd like to know about it. Seriously, why does it seem like everyone hates MySQL so much?

Re:Not entirely correct

[amarodeeps]

At the last place I worked we were using MySQL but the DB programmer we hired, an expert with 15+ years experience almost immediately started coming up against limitations with MySQL when he started to use anything fancier than simple INSERT, UPDATE, and SELECT. I think he was creating a temporary table when he noticed that some data was lost in the process. And because of the way replication was handled, the error was propagated to our replication servers, so we had no backup (yes, I know replication is not a good backup solution, but--that's something else that MySQL is really bad at--providing a scheme to reliably back up your data while keeping 100% uptime and no slowdown).

We then started looking into other options. On a challenge from management ("well, they're using it, why should we have to pay for Oracle?") we called up a few organizations with enterprise needs that were using MySQL and were listed in the MySQL customer list, and we found that they were generally using it in small ways and some were moving away from using it as they scaled up.

It's a fun, fast database, but it is a toy so far. And the previous poster is dead-on when he states that the 5.0 release is going to take a while to 'take.' One lesson I've learned is that you don't install 5.0 software for the most part and expect it to work in a mission-critical environment.

MySQL just doesn't cut the mustard yet.

Brilliant!

[Soong]

By posting a comment on this article, I can troll two products at once! I'm a PostegreSQL snob and a Java snob!

Of course, this book is just indicative of one of the key features of the Open Source movement: the ability to take two bad software packages and combine them to form something truely horrific.

(I wasn't using that Karma anyway.)

Re:Brilliant!

[deuterium]

I'm working on a simulator that involves large amounts of data, and originally started work with MySQL. It's so popular that I assumed it was the easiest to use. Since our product is sold as a workstation, I quickly realized that each unit would cost us $200 for the MySQL server. A quick search uncovered PostGres, which has really turned out to be just as easy to use, is free, and even has a .NET interface and simple administrative utility. Pretty nice. I don't know if it's slower than MySQL, but it's plenty fast for me. You can even do transaction processing. It's strange that even though PostGres is so old, there are almost no books available for it (aside from the Douglas text), while MySQL has dozens.

Re:Brilliant!

[Jose-S]

It comes to show that how technically impressive a project is doesn't necessarily have a correlation with how popular it is. It likely has to do with how MySQL has been marketed and positioned. It may have to do with its licensing model. Maybe it's easier to get going for most simple applications.

Re:Brilliant!

[jbplou]

and even has a .NET interface

Where have you been for the last 20 years, you could always connect different development platforms to different RDBMS. I mean you can connect MySQL to .NET just as easily with ADO.NET there are atleast two different dedicated providers and you can always use OLEDB standard connection as well.

Re:Brilliant!

[deuterium]

Well, yeah. What's your point? I was just surpised to find that there was a .NET interface. A lot of commercial code libraries still don't.

Re:Brilliant!

[jbplou]

Name a commercial RDMS still in production that does not have a .NET interface.

Re:Brilliant!

[Tom]

Then give me that brilliant insight I'm still lacking.

I've built a dozen or so websites with PHP/MySQL, and when I found Postgres, I was so happy. It is an incredible database, far better than MySQL.

But, for some reasons, it's convulted and I just can't make the switch. Postgres is pretty troubling to start with, it uses a lot of pretty odd and unusual systematics, starting from user management to table syntax. It makes the switch pretty hard, and it has made it clear to me why I choose MySQL in the first place: Because MySQL is simple, and it gets you rolling very quickly. So what if it's not an enterprise level DBS - I'm not an enterprise, either, and my largest table has half a million or so rows.

Re:Brilliant!

[deuterium]

I'm thinking more of things like Novodex. I'll defer to your knowledge in the realm of databases.

Re:Brilliant!

[cmburns69]

If local data is all you need, a good free solution is the Advantage Database. This can operate in either client+server mode or "local" mode (where the client opens all the tables locally). The local mode is available free of charge.

Re:both available under open-source licenses?

[Zeut]

I'm well aware that it is dual licensed, however it's not like you can just choose whichever license you want. From their license found on:

http://www.mysql.com/company/legal/licensing/comme rcial-license.html

The Commercial License is an agreement with MySQL AB for organizations that do not want to release their application source code. Commercially licensed customers get a commercially supported product with assurances from MySQL. Commercially licensed users are also free from the requirement of making their own application open source.

When your application is not licensed under either the GPL-compatible Free Software License as defined by the Free Software Foundation or approved by OSI, and you intend to or you may distribute MySQL software, you must first obtain a commercial license to the MySQL product.

Re:bah!

[Decaff]

A skilled PHP programmer can write robust, object-oriented code that follows the same design patterns as Java.

This isn't quite true. A good example is that many very-high load Java websites use application-scoped caching of data. This is very hard to do elegantly in PHP.

Java was designed to be object-oriented from the start. With PHP, it was an afterthought.

It's just that certain Java frameworks force every project to be heavyweight, while PHP allows you to do a lot of things simply. If you want to write yourself a simple photo gallery app, why bother with Struts?

Java also allows you to do a lot of things simply. There is nothing forcing you to use those Java frameworks. You can write everything in scripted JSP pages.

Re:bah!

[SomeOtherGuy]

Great reply.

And this captures it in a nutshell. Ease of use (even sloppy use), documented examples, price, and saturation is 9/10's of the battle...And PHP has claimed all of those crowns.

Re:bah!

[downward+dog]

So... Let's see some examples.

Perl and PostgreSQL

[stlhawkeye]

I must be some kind of retard, I build my stuff with Perl and PostgreSQL.

Re:Perl and PostgreSQL

[Leroy_Brown242]

s/retard/genius/

Re:Perl and PostgreSQL

[imroy]

Here here! My variation of the "LAMP" acronym is Linux, Apache, Mason, PostgreSQL. Working pretty damn well for me. I've been looking at AxKit on and off for a while, but who wants to use "LAAP"? :P

Re:Perl and PostgreSQL

Agreed! I don't think Mason gets the light of day that it greatly deserves. It's by FAR my weapon of choice when creating dynamic websites. I find that it's very easy to develop in, super fast, and very maintainable.

Re:Perl and PostgreSQL

[bluGill]

If that is for historical reason you are smart. PostgreSQL has always been a better database than MySQL. Perl is the old standby for web development. However today Ruby and Python have both proven themselves better languages, in that you have a good chance of reading and understanding your code latter when you need to maintain it. Therefore I have to suggest you evaluate them both, and choose one for jobs that don't have historical reasons to use perl.

Don't waste your time on PHP. It is better than Perl, but not by enough to be worth the pain.

Re:Perl and PostgreSQL

[dangermouse76]

you must be so much better than everyone else then.

Re:Perl and PostgreSQL

[vrai]

There is no "better" language out of PHP, Perl, Python and Ruby. It depends on what you're doing, your background in programming and the time you have available for coding.

I use Python, Perl and PHP. PHP for web sites, Perl for text-mangling or scripts that need to be fairly fast, and Python for any other high-level work (C and/or C++ handles the low level work).

This "one true language" talk is total bullshit and people that perpetuate this myth should be ranked along side the kids who fill online forums with endless arguments about which console making multi-nation is the best.

Re:Perl and PostgreSQL

[Kainaw]

PostgreSQL has always been a better database than MySQL.

"Better" is a matter of opinion. I had two contracts many years ago. One was using PostreSQL, the other MySQL. The day before the PG one went live, the database went down and corrupted itself. I went to the docs to see how to fix a corrupted PostgeSQL database and it had the following quote (as best I can remember):

We would greatly appreciate it if someone would write and document a corruption recovery tool.

This problem actually killed the project. There was no option of rebuilding the database because they had just spent three weeks paying data entry clerks to fill the database and the hardware guy they paid to set up their system never turned on their backup server.

Fearing a similar issue with the MySQL job, I went to their docs and found all the recovery tools I could want and plenty of documentation on how to use it.

After that experience, I felt that while PostgreSQL is superior to MySQL in many ways, it is inferior in many others. Since then, both have been working to the point they are currently at - about equal. Of course, both sides use ignorance and purposeful misinformation to claim their favorite Db is better.

PHP editorfor Linux, anyone?

[bogaboga]

Disclaimer: This *might* be moded off-topic but I'll still ask:

If anyone can point me to a good *free* PHP editor for Linux, I'd be very glad. The editors for Linux I find here http://www.php-editors.com/review/, are not good enough. I want one I can get for free.

Re:PHP editorfor Linux, anyone?

[Anthony]

You've tries all the free ones? Including Eclipse? Perhaps you'd like to write a review yourself. I noticed my PHP editor of choice is not on the list. GNU Emacs. It naturally has a PHP-mode.

Re:PHP editorfor Linux, anyone?

[terrencefw]

Not trolling... I code PHP for a living. I maintain a codebase of around 750,000 lines of complicated legacy code.

I use vim, but make sure you set ctags up.

Re:PHP editorfor Linux, anyone?

http://www.kdevelop.org/

Re:PHP editorfor Linux, anyone?

[Oid.Surin]

I've been using vim, and love it

Re:PHP editorfor Linux, anyone?

[Ucklak]

Eclipse with PHPEclipse Plugin.

Invaluable and the CVS integration makes it even better.

I run it on (seriously) on Windows (Work), Linux (Home), Mac (Laptop) and don't skip a beat.

Re:PHP editorfor Linux, anyone?

[knarfling]

Personally I prefer Quanta +. I looked at many of them, including some that cost money and always ended up back to Quant +.

Reasons:

1. Free
2. Comes with KDE
3. Syntax highlighting
4. Project mode - group pages into projects
5. remote connections - edit remote files with WEBDAV, SFTP, FTP, FISH, NFS, or SMB mounts
6. CVS enabled
7. debugger
8. preview mode

It has more features that I do not use, but they might be helpful to you.

Re:PHP editorfor Linux, anyone?

[colinrichardday]

It does? How does one invoke php mode in GNU emacs?

Re:PHP editorfor Linux, anyone?

[wheany]

Using colors for syntax highlighting is different? Or it uses different colors than others? Or something else?

Re:PHP editorfor Linux, anyone?

[colinrichardday]

Sorry, but apt-get doesn't work on SuSE. Now where did I put that Knoppiz disk?

Re:both available under open-source licenses?

[markybob]

again, WRONG. you need a license to DISTRIBUTE mysql with your non-gpl'd app.

QUIT emacs?!?

[PlacidPundit]

I would very much like to. But my fingers won't spread far enough to hit all the keys.

Re:both available under open-source licenses?

[markybob]

to DISTRIBUTE mysql, not to use mysql.

Re:both available under open-source licenses?

[markybob]

and it ONLY matters if you distribute mysql, not if your app uses it.

Re:both available under open-source licenses?

[EvanED]

BSD is more free than GPL.

There is not one thing that you can do under the GPL that you are not allowed to do under the BSD license, and there is quite a bit more you can do under BSD.

That is pretty much the definition of "more free" under any definition of "free" that applies to this disucssion (e.g. is not the same as "gratis").

Now, the questions of whether the BSD license or GPL leads to more software freedom and which license promotes free software better are up for some debate. The GPL makes sure the software STAYS free, and as such, there are very good arguments that the GPL better promotes free software, the OSS movement is better off than if everything was released BSD, etc. But this is a different matter than which license is more free. If the promotion idea is what you are thinking when you say the GPL is more free, I put to you that you need to be less sloppy with your language and say what you mean, not what sounds good.

Re:bah!

[downward+dog]

You're right about the caching. I have no doubt that Java is a better language than PHP for the largest 1% of web apps.

And if you want spaghetti code, both PHP and JSP are happy to help.

This doesn't mean (contra the AC above) that PHP is a toy language. :)

"JSP in a very light manner"

[jbellis]

is only light relative to even heavier Java solutions. :-|

Invariably people who sing the JSP praises have no significant experience with a real lightweight toolkit (Spyce, CherryPy, RoR, ...)

But that's okay, because doing things the hard way builds testosterone.

Re:"JSP in a very light manner"

[Decaff]

is only light relative to even heavier Java solutions. :-|

No, it really isn't.

If you have a Java application server set up (like Tomcat - which can only take a few minutes to do), then creating JSP pages in a free open-source IDE like NetBeans can be done in seconds. Everything is done for you. Even better, you have the ability to validate and interactively debug the pages you script. You can add new JSP pages to the live application just like PHP, then when you are finished, NetBeans automatically builds a single file - a WAR, that you can deploy on on any J2EE app server - a process that can involve nothing more than putting the WAR in the right directory.

Compared to the horror that can be involved in compiling and configuring compatible versions of apache and php required for particular PHP applications, this is a dream.

Invariably people who sing the JSP praises have no significant experience with a real lightweight toolkit (Spyce, CherryPy, RoR, ...)

This isn't true either. There are Java equivalents for these (such as Trails).

Re:"JSP in a very light manner"

[falzbro]

If you have a Java application server set up (like Tomcat - which can only take a few minutes to do)

Tomcat must have progressed quite a bit in the last 5 years then. I was supporting some jsp-writing devs on an Apache/Tomcat setup in 2000something, and even finding docs on the correct connector for the two, or even *choosing* from the 80 available connectors is a nightmare.

Yes, you could run Tomcat on port 80, with no Apache, but I seem to recall that Tomcat specifically leaves out much of the functionality that Apache does natively- perhaps lock something down by IP, etc.

Once you've gone through the nightmare of setting this up properly, you then get to learn Ant to make your WARs. While I did find Ant appealing/nice/whatever, it's quite a bit more complex than you're making it up to be to be serving up .jsp.

Compared to the horror that can be involved in compiling and configuring compatible versions of apache and php required for particular PHP applications, this is a dream.

Again, Tomcat must have come a long way since then, or you should be using FreeBSD.

--falz

Re:"JSP in a very light manner"

[Decaff]

Tomcat must have progressed quite a bit in the last 5 years then.

It certainly has. Especially in terms of performance. The latest Tomcat (5.5) approaches the speed of Apache in some cases.

Yes, you could run Tomcat on port 80, with no Apache, but I seem to recall that Tomcat specifically leaves out much of the functionality that Apache does natively- perhaps lock something down by IP, etc.

This is all available now (RemoteHostValve, RemoteAddrValve etc).

Once you've gone through the nightmare of setting this up properly, you then get to learn Ant to make your WARs. While I did find Ant appealing/nice/whatever, it's quite a bit more complex than you're making it up to be to be serving up .jsp.

The latest versions of NetBeans (4.0, 4.1) does this for you. Every change to a J2EE project automatically updates your WAR file. It even (again automatically) writes and maintains Ant scripts so that you can do this from the command line as well.

I do feel a lot of the criticism of Java/JSP/J2EE is based on the way things were years ago. This have changed a lot!

Re:"JSP in a very light manner"

[jbellis]

Oh, man.

Comparing Trails to a real lightweight kit says "I'm a fanboy and I don't know what I'm talking about."

Bye.

Re:"JSP in a very light manner"

[Decaff]

Oh, man.

Comparing Trails to a real lightweight kit says "I'm a fanboy and I don't know what I'm talking about."

Ruby on Rails is a real lightweight kit, but only when you first start developing. It is good at producing templates for later coding, but it very poor at following subsequent changes in database schemas. On the other hand, Trails allows the generation of an object model from a schema and the generation of a schema from an object model.

The Rails model of dynamically generating ORM classes at run time can potentially make applications extremely fragile, and means that much code can be difficult or impossible to debug and test independently of the actual deployment database.

If I don't know what I am talking about here, and Ruby On Rails has improved beyond my last look at it, I would be interested to know.

Re:"JSP in a very light manner"

[killjoe]

It all strikes as me as being a bit like building scaffolding around a poorly designed building though. It's great that the IDE and ant (along with xdoclets) have all been built to make the insanely complicated thing manageable but most people probably would rather start with something simpler in the first place.

Re:bah!

[sloanster]

Ah yes, spoken like an anonymous coward. I've used Oracle, postgres, and mysql, and interestingly, mysql seems to be the right tool for the job most of the time, in the projects I've been involved with.

There are certainly places where oracle is the right tool for the job, but I can't think of any case where postgres would be the best choice, mysql-bashing, anonymous coward postgres bigots notwithstanding ;)

Re:both available under open-source licenses?

[Leroy_Brown242]

Hey, I bought this glass house so I could throw any stones I want!

Dammit, I'm going to get my money worth!

[OT] Re:PHP editorfor Linux, anyone?

[gregmac]

If anyone can point me to a good *free* PHP editor for Linux, I'd be very glad.

Kate

Has syntax highlighting (including recoginizing builtin functions), bracket matching, code folding, regex search and replace, blah blah.

If you want one that does fancier stuff like show you class structures etc, then I dunno. Eclipse has a PHP plugin I heard - dunno how it works. One of my friends is huge into zend studio (non-free), but he works at a university (where they think nothing of spending a students tuititions worth on a computer - what do you mean our programmers don't need 23" apple cinema displays?)

Great Book!

[po_boy]

I\'ve just read this book, and it\'s great! I\'m going to use PHP and MySQL for all of my web-based apps now!

How to make Php and MySQL do anything...

[chriswaclawik]

Can your precious PHP and MySQL tell you "I love you?" Can it offer you solace throughout your trials and tribulations? Will is cuddle with you after? Will it hold you?

I didn't think so... so alone... so alone...

Re:How to make Php and MySQL do anything...

[cranos]

This is why I use Postgres, that and the amazing thing it can do with its tongue :)

Re:bah!

[rmgrotkierii]

I love the commercial support that can come with PostgreSQL, if I wanted to buy it. Oh wait, it doesn't come with commercial support, only MySQL does. Gotta keep the two seperated y'know? ;-)

I also love the fact that you need to download half a million tarballs just to run PostgreSQL. Makes for a nice and easy setup if I ever saw one.

Re:MySQL good, PHP not so good

[eddy+the+lip]

Bingo. No language can make up for bad coding. PHP happens to be a) ubiquitous, b) easy to get started with, leading to c) lots of crap code. PHP can be criticized for a lot of things, but the ability of those that use it isn't one of them. (Although maybe we can lay a bit of blame at the feet of publishers that won't put out a book that talks about applying good programming practices to PHP? We have more "Dick and Jane Learn PHP" books than we know what to do with already.)

PHP encourages bad code.

[Some+Random+Username]

In fact, look at the zend website even, they give horrible examples that nobody should ever follow. Gee, I wonder why so many PHP programmers end up writing crappy code.

Also, the PHP developers have proven over and over again that they do not care AT ALL about security. As an ex-PHP programmer myself, I have to agree with the "dear god use anything but PHP" people.

Re:PHP encourages bad code.

[Decker-Mage]

I've found that people can code sloppy in any language just like engineers can do sloppy designs, cooks can do sloppy meals, etc. ad nauseum. Sure, the examples may be (heck ARE) terrible. I've also seen terrible examples many other places on the web or in books, even by recognized experts at their particular profession. Enough times that I've wanted to line up the people and shoot them (or use small thermonuclear weapons). *Shrug* Examples, nor the characteristics of a language do not make a bad engineer/developer. Bad practices do. That we do not have really good books, well read books (!), on the subject says volumes about our industry. That we do not have mandatory, self-imposed (I'm an anarchist in that respect) standards speaks even louder.

As for security, we don't want to go there. That's not just a PHP or MySQL issue, IMNSHO. That's an industry-wide/profession-wide problem. PHP/MySQL seem to get quite few more notices here, but even supposedly secure apps over ten years old do as well. Security is my religion; it is what I preach. I don't find many converts. I don't think I ever will.

Re:PHP encourages bad code.

[Some+Random+Username]

I've found that people who don't want to hear the truth choose not to. Read the title of my post, there is a huge difference between how you can write bad code in any language, and how PHP actively enourages you to write bad code, and teaches people to do things wrong. The people who make python do not put up websites full of examples of bad python code that is full of exploits. Same with perl, same with every language except PHP. PHP actively encourages people with no programming experience to use their language, and then gives them examples that teach them how to do things COMPLETELY AND TOTALLY WRONG. The fact that PHP even has a register_globals setting is a testament to how bad it is, nevermind that so many examples still rely on it.

And I never said security was just a PHP or mysql issue. Mysql has nothing to do with this. Compare the number of security problems in PHP to any other language. PHP makes ASP look good for christ's sake. And yet the PHP developers have done nothing to stop the constant exploits, they refuse to learn how to program securely. So even if you know how to write secure PHP code, it doesn't matter because PHP itself is undoubtedly still vulnerable to tons of exploits.

Use anything but PHP.

Risk of SQL injection

[the_european]

Look at the examples given in the companion web site. There is code like the following, which is highly vulnerable to SQL injection attacks:

$title = $_POST['title'];
$content = $_POST['content'];
$contact = $_POST['contact'];

// validate text input fields
if (trim($_POST['title']) == '')
{
$errorList[] = 'Invalid entry: Title';
}

Validate? Just by removing trailing spaces? People trusting this book's advice will be very sorry soon.

// and later in the script ...

$query = "INSERT INTO news(title, content, contact, timestamp) VALUES('$title', '$content', '$contact', NOW())";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

One more example:

// generate and execute query
$id = $_GET['id'];
$query = "SELECT title, content, contact FROM news WHERE id = '$id'";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

No validation at all! User input thrown into the database without any check!

It's unbelievable that in 2005, after all the outrage and cry about SQL injection ther is still a new book proposing such horrible code!

Re:Risk of SQL injection

[kryptx]

Is it possible that the authors also suggest the use of magic quotes? If so, the query above would to be safe to run, since the user could not submit an un-escaped apostrophe. (not that this is an excuse not to explain what SQL injection is and how to protect against it.)

Of course, magic quotes creates more problems than it solves, and I don't like it, but it does dramatically reduce vulnerability to SQL injection.

Re:Risk of SQL injection

[NiTr|c]

First and foremost, I have NOT looked in-depth to try and find a book that talks about overcoming typical security issues with database programming. I would like to know if such a book exists. I do small SQL projects on the web, nothing that should draw any attention whatsoever, but they're still exposed on the web.

I would love a book that could explain some of these things (SQL Injection, etc, etc) and, this is key, HOW TO PREVENT IT. It's flat out not good enough to say "That's vulnerable. You should fix it." Ok, great, how? There has got to be someplace to learn to do it properly, and that is what I'm interested in.

Re:Risk of SQL injection

[aussiedood]

Mod this guy up.

I've been looking for such a book, or even online resource, I've yet to find one.

Perhaps because it is difficult to write about. It's easy to write about inserting and retrieving data from a database. Newbies get a feeling of accomplishment that they have "made something happen" with these kinds of books. You don't get that when you slog through a bunch of validation routines.

Re:Risk of SQL injection

[Santana]

This can be useful for you.

Re:Risk of SQL injection

[the_european]

Paul Dubois' last edition of MySQL covers, among other interesting topics, using Pear::DB with placeholders.

Re:Risk of SQL injection

[Decker-Mage]

Actually it is very believable. I've been validating inputs for some 30+ years, long before injection attacks came along, just a good practice. You always validate all your gozintas and your gozoutas, if you are an engineer. Since the software development community doesn't have a clue when it comes to engineering, safe practices, or mathematical validation of their models, why should this be any surprise?

Then again, there hasn't been much call for it either on the vendor/user side either. Yep, we the geek community bitch and whine but when it comes down the business/user communities, they shrug and move on.

You expect better? I don't, not in my lifetime. Not that I haven't already exceeded that measure.

Re:bah!

[njcoder]

ok... here's one... I have one web application where i record input to a database. It's not important for the user to know that the write was successful and I have a bit of logic to check for duplicates among other things. I don't need to tell the user that the data they submitted was bad so I just kick off a seperate thread so the user doesn't have to wait for the write to happen before they get their next page. This type of asynchronous writing sped up the response time of the application quite a bit. If I feel I need to increase performance even more I can have it running as a seperate thread controller with a pool of threads. This wouldn't increase response time but should cut down on server resources if I need to. The implementation I chose was very easy to code and the user experience greatly enhanced. This isn't anything special in a web application or the appserver. Just plain java threads.

As far as I know you can't do the same thing in PHP and if you can probably not as easily. The only way I can think of is to write it as a C/C++ module that you call from PHP but most people wouldn't consider doing that in PHP.

I tried to go to a bar and spend time with cool

[WillAffleckUW]

babes - but somehow PHP and MySQL just wasn't working out there.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Is that Realistic?

[Anthony]

Yahoo employ Rasmus Lerdorf. He is the author of PHP. They use a lot of front end servers. See here for an architecture discussion.

Re:MySQL good, PHP not so good

[sloanster]

Seriously, do their problem domains overlap at all? Big servers with plenty of resources: Java + an ACID database.

um..

mysql IS an ACID-compliant database...

Wake up, Rip Van Winkle, 1998 is SO over.

minor quibble

[J.+Random+Luser]

... be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.

It was plainly visible in my status bar that the link was .pdf. When a reviewer abdicates responsibility by blind clicking on every tasty looking link, suspicion of incompetence makes it so much more difficult to read the rest of an otherwise entertaining review...

Re:MySQL good, PHP not so good

[njcoder]

"Not so fast. Java is proprietary."

Have a look at how mustang is being developed and how the JCP works. Java is about as open as you can get without being osi approved. Also, the world existed just fine before open/free software came about. Many corporations/people out there still depend on proprietary software to keep their business going because there isn't a free/open equivalent to everything out there.

Open/Free software is good but trying to label java as "proprietary" and pretending it's a bad word is a weak argument. Try reading this.

Is Mason there yet?

[otis+wildflower]

I mean, I know that apache2 support is only available in CVS, but other than that, how's it compare to php?

I just wrote a bunch of php with PEAR DB and compared to perl it felt.. unclean.. hashes and regexes are unpleasant compared to perl, and I couldn't subclass DB cleanly since it has no constructor..

Granted, I could get stuff done pretty quickly because php is perl-like, but there's enough stuff that seems arbitrarily different from perl to make the experience sorta yucky.

Re:Is Mason there yet?

[MadAhab]

OK, I'll bite.

Mason rocks. It's got the "scripting language in a web page thing" which can be great, especially if you modularize your code so not too much is happening inside the Mason code. On the other hand, it's quite easy to write spaghetti of code and HTML, so PHP programmers should like it too.

Mason also has good control over execution phases - you can do things "once", "first", etc. Arguments are named (not positional), can be made optional, or given defaults - and this is easier than you can imagine (if you don't know why this is a good thing, you haven't done very much programming). You can also pass a Mason "component" formatting from the "outside" and let the "inside" take care of other logic. It makes caching things (like, say, a list of articles pulled from a database) as easy as it can possibly be (even worse than not pooling DB connections is not caching results when you can). It generally pushes you in the direction of good solutions.

Check this article on Catalyst, too.

But having used PHP, JSP, Perl with other templating systems, I prefer Mason by far. Mason uses Perl - no mini-languages here - and gives you access to the huge amount of stuff on CPAN - PEAR isn't there yet and won't be soon (and Java never will be).

Re:To PHP or not to PHP, that is the question

[W.+Justice+Black]

Use the best tool for the job.
</obCopout>

OK, now that's out of the way, I'll say this:

I've done sites in PHP (Makeuptracker), Java Servlets + JSP (Prayer Supply), and other technologies, and based on what you've said so far, there's no compelling reason to not use PHP if that's what you want.

On the other hand, there's no real reason to not use JSP, servlets, or any of a half-dozen other environments, either. The reality is that your site is unlikely to be overly sensitive to environment and that any half-decently-coded implementation in any tech is likely to work at least acceptably.

Thus you have a problem where the solutions aren't really distinguishing themselves a great deal. So come up with some more metrics--is technology X something you really want to learn? Do you want to be able to use a cheaper hosting service (PHP is common on cheap hosts, app servers not so much)? These sorts of questions are the ones you should probably be asking...

Re:bah!

[eddy+the+lip]

Execute a function when a variable is accessed, like Perl's tie.

I'd be really happy to proven wrong on this. I'd love to have that bit of functionality.

I use PHP a lot, but I find it beginner-focused enough to be really frustrating sometimes.

Just because...

[MBraynard]

Just because you are reviewing a technical manual doesn't mean the review needs to read like one.

Re:bah!

[jadavis]

This post is incorrect, or at least entirely misleading.

it doesn't come with commercial support

There are numerous companies that will help you, depending on what country you live in. Try Command Prompt, Inc in the U.S. (among others).

download half a million tarballs

Do you download the kernel source, the source for gnome, kde, gcc, glibc, bash, OO.o? Then why do you need to download the source for PostgreSQL?

I usually do "apt-get install postgresql" for production.

On a development box when testing out a new version I'll download the PostgreSQL source, and that involves one download, and a compile time of a couple minutes on my box.

Really, what more can you ask for from PostgreSQL? Serious question. If compiling source is too hard, download a binary like you do for 90% of everything else.

pfft

[DrSkwid]

% cat > coolpage.php
<html><? cool php script ?></body></html>
^d
%

Re:MySQL good, PHP not so good

[MAdMaxOr]

The exploit was not in PHP, it was in some software that's coded in PHP. Using your thinking, that's like saying C is a horrible language because if you don't know what you're doing, there's a chance of a buffer overflow.

People criticize C all the time for not protecting from buffer overflows. There are libraries dedicated to wrapping string handling in a way that doesn't allow buffer overflows.

You could apply the same criticism to PHP for allowing SQL injection attacks. PHP lets you input any old SQL, without prepared statements.

There's some good in having a language that protects you from yourself. I don't think protection always needs to be in the language core, but it can be a good thing.

Reasons PHP and MySQL are popular

[loudmax]

The combination of the two is rapidly emerging as a favorite, partly because they work well together, and partly because they are both available under open-source licenses.

These are valid reasons for their being popular, but the reviewer left out another very important reason: both of them are really easy to learn. Whatever their shortcommings, someone with only moderate technical inclanation or experience can learn enough PHP and MySQL to have a fairly powerful site up and running in a very short amount of time.

Re:bah!

[Decaff]

You're right about the caching. I have no doubt that Java is a better language than PHP for the largest 1% of web apps.

On the contrary. If you are setting up any website that has even moderate demands on a database (particularly if that demand involves things that have to be transactionally safe), and you will want to reduce load on that database. This is where cacheing helps.

Perhaps a better statement that yours is that for a lot of websites, PHP is fine 99% (or even 99.99%) of the time. The problem is when you get that occasional heavy load on the website.

And if you want spaghetti code, both PHP and JSP are happy to help.

This doesn't mean (contra the AC above) that PHP is a toy language. :)

It certainly isn't. However, that does not mean it is suitable for all websites, or even 99% of them. It is fantastic for lots of uses, though.

Re:MySQL good, PHP not so good

[njcoder]

Ok you quoted something from php.net. Not saying it's wrong but can you quote something from a third party unbiased source?

"I'm quite certain that JSP/Tomcat can be just as insecure if you code it wrong. Same with ASP. Or, gasp, anything."

Depends how you look at it. In JSP/Tomcat you don't have to worry about encoding/decoding input except in special cases. The appserver does it for you so you don't have to worry about these types of attacks. Languages like Java, C# and Managed C have some built in safty nets to prevent things like buffer overflows as well. SQL Injection attacks can be a problem if you're not using PreparedStatement but good coding practices shouldn't let the user have that much access to the sql statement to begin with in most cases.

Re:Depends on what you want to do

[L.Bob.Rife]

The great thing about php and mysql is that its very simple. If you already know SQL commands, and C#, then you can probably code 90% of what you need to do already. PHP accepts very generic commands that are common among a lot of languages, so there isnt much to learn. I don't know offhand how well it can scale into the really big league stuff, my php/mysql site got one million hits this month, and it handled that just fine.

Re:bah!

[rmgrotkierii]

I can't seem to find the command `apt-get' in either Slackware 10 or WinXP. Oh wait, you are one of those dirty debian lusers that think software should be free as in beer. Get a job, life, etc. ;-)

Re:both available under open-source licenses?

[BrookHarty]

It's only free if you release your web app as GPL also.

Not very free IMHO.

I think mysql license info about the GPL is incorrect.

GPL mentions modified versions, if you use mysql as a basic sql engine, and not modify its sourcecode, its still GPL compliant.

The GPL FAQ mentions using a GPL program for non-free software.

So, Just as you can use VI to write non-free code, you can use SQL for a non-free database. You havn't modified MYSQL sourcecode, you are using it as its intended purpose.

The GPL also says if you fork or exec a plugin you dont need to release your source, seems the same as a select or put. Now your interface plugin to the MySQL database would have to be GPL'ed by default.

I dont know how MySQL team could say using the product voids GPL, its sourcecode modification not use that voids GPL.

http://www.gnu.org/licenses/gpl-faq.html#DoesUsing TheGPLForAProgramMakeItGNUSoftware

variable scope issues

[truckaxle]

It has been a awhile since I have used php but something that bothered me at the time was the enforcing of variable scope. Does php have a similar concept of a Perl "package"? Which creates partitioned name spaces or private variables. Also a couple of other questions:

Can you overload methods or operators to provide custom extended functionality?

Can you inspect a namespace by easily printing out all members and values of a namespace at any point - great debug facility?

Does php have a safe eval mode?

Re:MySQL good, PHP not so good

[bombshelter13]

This os course, ignores the fact that C is a horrible language. If you don't know what you're doing, there's a chance of a buffer overflow.

Re:bah!

[kuzb]

Yeah, because there is absolutely NO WAY to write sloppy/bad code in C, or Perl, or Java, or ...

You might want to rethink what you just said.

Re:MySQL good, PHP not so good

[chris_mahan]

Speaking of Graham, read http://www.paulgraham.com/pypar.html.

Python is a lot more open than Java, and by Paul Graham, a better language.

Anyway, don't mean to start a flame. I read Graham too.

Re:bah!

[phek]

Yah you can do this, you just put the write/dupe checking code in a seperate file then you have php fork a the new script in the background and direct stdout and stderr somewhere else like /dev/null. This will return and proceed to the next line of code without having to wait for your write/dupe check code to finish.

Example:

$php_path = '/usr/local/bin/php';
$external_ps = '/path/to/write_dupe_check.php';
$output = '/dev/null';

system("$php_path $external_ps > $output &");

print('Done!');

exit;

Re:Perhaps PHP would be easier to start with

[Mutilated1]

Screw that, go use .NET then. PHP is good because PHP is fucking easy, if you can't do a button without some kind of .NET control holding your hand for you, then don't use PHP. Its not like making a button is hard you know.

Re:bah!

[cosinezero]

Multithreading? Distributable compiled controls? OOP?

Re:To PHP or not to PHP, that is the question

[DrSkwid]

Discussions concerning what scripting / pooling / serverlet system to use has nothing to do with open source outside of the normal OSS advocacy.

No one is in a position to tell you that you *should* learn PHP. The only people that care one way or the other what you do will be advocates/zealots of one flavour or another.

Presuming you are a competent programmer you should learn the fundementals PHP in an hour or so, just read the docs. You could probably have written your first script in the time it took me to write this.

That's what makes these books so laughable.

*and* they usually teach you to write difficult to maintain / poorly scaling code.

Re:Is that Realistic?

[v3xt0r]

google uses PHP and MySQL as well.

People who tell you Java or .NET are better (for small-2-enterprise-level web applications), are simply brainwashed by market-share data and proprietary software marketing tactics.

Re:bah!

[njcoder]

Similar but not quite the same. Forking is slower and more resource intensive than creating a new thread. If you're running on the 2.6 linux kernel starting a thread is about twice as fast and forking.

Re:bah!

[cosinezero]

And here, folks, you have a PHP developer demonstrating a fundamental misunderstanding of multithreaded applications. You replicate with mySQL? Why? Because the data integrity wasn't bad enough for you, so you figured you'd try to spice it up a bit?

ok, I'll advocate mine

[DrSkwid]

Acme in 9ports for Linux

though, naturally, I use the original plan9 version

Re:*sigh*

[Decaff]

If it's normalized and designed correctly, YOU DON'T NEED VIEWS or constraints.

Unless you want to do database development in the real world, with real users who might try and shove anything into your database.

Re:*sigh*

[Decaff]

Well, gee, because EVERYTHING has to be some high-end, million-hit per day, dynamic website, right?

Come on. PHP and MySQL have their place. Why do people have to rag on it just because there are higher-end (an sometimes unnecessary) solutions available?

Because there are alternatives that are just as easy to use, but can cope (or be adapted to cope) when your website unexpectedly hits that extra load.

Re:bah!

[Colol]

It is easier! It's 5 letters shorter, don't you see? ;)

Re:bah!

[PostItNote]

Doubly linked lists are impossible to implement due to namespace problems and issues about how PHP's aliases are neither ferences nor pointers.

Re:*sigh*

[Decaff]

So now there are constraints in the database to match the validation in the Rails apps.

Exactly! One of the main criticisms often thrown at Object-Relational Mapping (as used in Rails and other APIs) is that it implies that the only way the database should be accessed is via the ORM software, not directly. Of course, this isn't true if you add the right constraints.

I use a Java equivalent to Rails - JDO - and the implementation I use has a tool that automatically adds constraints to the database to ensure that the correct relationships between objects is maintained even if other users access the data directly. I have seen major projects get into trouble because the developers assumed that constraints in their software was enough.

Re:Waiting for PHP on a GPU

[nickos]

This reminds me of a story I heard once about people using the blitter on the Amiga for some kind of number crunching task. Apparently it was much faster to use the blitter than to use the CPU! :)

Re:*sigh*

[Decaff]

[Because there are alternatives that are just as easy to use, but can cope (or be adapted to cope) when your website unexpectedly hits that extra load.]

Like?

JSP or Coldfusion, for example. Technologies that allow easy and fast scripting yet allow decent management of connection pools and cacheing.

Re: How to Do Everything with PHP and MySQL

[pembo13]

Yes. Basically.

Re:bah!

[njcoder]

Just in case someone reads this before you get modded down... let me explain why you're wrong.

This was a database bottleneck, not an application bottleneck that I was able to overcome by making some modifications to the application.

This application has a lot of writes. An application with a lot of writes doesn't perform that well with MyISAM tables than a mostly read only application and it doesn't handle the type of transaction support other parts need. InnoDB is probably better better because it has row level locking but it's slower overall than MyISAM tables. I haven't benchmarked PostgreSQL vs InnoDB but I've seen other results and PostgreSQL is faster at writing than InnoDB. MyISAM uses table level locking so if you have writes and selects at the same time on the same table you're going to slow down. By implementing the verification logic as triggers the development was a lot cleaner and faster. Don't think you can do this with MySQL or transactions or stored procedures. MySQL is nice but when your application starts to have as many inserts/updates as it does selects you're going to see where the simple locking mechanism slows you down. Then multiply that by 10 for each replicated server.

Don't know where you get your 35-40 second number from but under simulated heavy load response the response times for both were in the millisecond range. My own tests show I can get better performance from Tomcat 5.5 vs apache/php without having to play any tricks.

Re:Is that Realistic?

[telstar]

google uses PHP and MySQL as well.

Just curious ... What do they use PHP and MySQL for?
Google is a pretty big entity these days. I'd be surprised if they didn't use most well-known technologies, but I'm interested in their PHP and MySQL uses.

Re:Perhaps PHP would be easier to start with

[njcoder]

"The ad hoc naming convention has to go if PHP is going to really end up taking over in those markets."

You whiney people always complaining about the simple stuff out there.

Like

if following stupid conventions

really make reading any easier.

coding! real some do and standards about complaining stop you don't Why

CODING ISNT ABOUT STYLE ITS ABOUT GETTING YOUR THING WORKING AND IT DOESNT MATTER HOW YOU DO IT.

Cómo_es_bonito ustedEscribeNoImporta.

Re:bah!

[Jose-S]

PHP is a full programming language. You can do basically anything in PHP that you can do in Perl, Java, .NET, Ruby, etc.

I previously posted a comment wondering if this is so.

Re:bah!

[ak3ldama]

yes, since you have managed large numbers of religious and patriotic people, we should hear what you have to say about it? let me guess: you can do anything with john dewey's help, that you could otherwise do with moses, jesus, or mohammed.

Re:MySQL good, PHP not so good

[Just+Some+Guy]

Uh-huh.

Re:bah!

[pipingguy]

PHP lends itself to sloppier code than some other languages. Or rather, it _allows_ you to write sloppy code. But this is only a disadvantage if the developer is unskilled/undisciplined.

I have no idea how to program, but you're probably right. Making (note my leet description here) stuff easy to do often opens up all kinds of holes for evildoers if the previously-mentioned stuff is open to the world at large, i.e., the internet.

Hmm, sounds like the J2EE guy

[MichaelPenne]

still doesn't get PHP:-).

"Ultimately think this a showdown between "Process / Fork" (LAxP) vs. "Runtime / Thread" (J2EE / .NET). When asking "does PHP scale?" you're really asking "does Process / Fork + X persistent store scale?".

In many ways that questioning whether *Nix scales..."

By the way, some yahoo is using PHP for one of the most highly trafficked sites in the world, how about that?

Re:Hmm, sounds like the J2EE guy

[daBass]

That not entirely accurate. When using AOLserver properly, each interpreter and the code in it gets re-used. This means all but the final bit of code to tie your procedures together is already compiled to bytecode ready to go on every request.

This makes it easy to develop (not having to think about which other files to require on each page as everything is available everywhere) and high performance as no need to recompile every time.

There is no reason PHP couldn't do this, but for some reason, they dont.

Re:Hmm, sounds like the J2EE guy

[1110110001]

Get http://pecl.php.net/package/APC and you have an open source opcode cache.

There're some others - some of the with optimizers. And if you have the money you can also get the Zend stuff.

b4n

This will get lost in the noise but...

[veg_all]

Really:
Advanced PHP Programming by George Schlosshnagle

Google for it.

Re:This will get lost in the noise but...

[eddy+the+lip]

Ah, thank you. I'll pop down to my favorite book store this weekend and check that out. I'll be a happy man indeed if it's what I've been looking for.

everything?

[mrselfdestrukt]

I tried to copulate with my G/f using php and mysql. It failed miserably. :-(
use girfriend;
show rack;
select * from rack;
insert into ... *CRASH!!!*

Why devote time to Install instructions?

[shpoffo]

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely

Setup Instructions:
1. Use an Apple Computer
2. Download Aaron Faby's packages (and tip him a few bucks)
3. Install (i.e. click 'continue' until the screens go away)

Simple! .....but I guess I'm assuming a few things here...... =)

is not difficult

.
-shpoffo

Re:Why devote time to Install instructions?

[slim]

Setup Instructions:
1. Use an Apple Computer
2. Download Aaron Faby's packages (and tip him a few bucks)
3. Install (i.e. click 'continue' until the screens go away)


Or, for Windows, Linux, or Solaris (Mac version in early stages of development), get XAMPP.

It's not bulletproof security-wise, but it's just the ticket for getting a development environment up in short order.

Re:Perhaps PHP would be easier to start with

[dangermouse76]

Amen!!! And I'm sure an advocate of the more than one way to do it tribe will disagree...

Re:Waiting for PHP on a GPU

[Decker-Mage]

There were all kinds of hacks using the BitBlitter on the Amiga, especially for logical operations which it could do with aplomb. Not that anyone would be interested, but I believe I still have a bunch of them here stored on CD (from my CompuServer librarian days).

Re:bah!

[Decker-Mage]

You mean when you are Slashdotted? *g,d,rvvvf!*

Re:MySQL good, PHP not so good

[Decker-Mage]

Yeah, right. Point to a May 2000 document that the author admits (in 2001) is in need of revision. While I am no MySQL fan-boy, heck I don't like much of it at all but it does fill the bill sometimes, it can be ACID compliant. All you need to do is use InnoDB. It's not even hard to do using something like MySQLAdmin.

To quote Microsloth, "get the facts" before you start whining about something that is so history it ain't even funny.

Oh yes, about the other whines on that page, MySQL 5 seems to address most all of them. As I said elsewhere, I'm waiting to see the gold version before I review it, but it is looking promising.

Re:both available under open-source licenses?

[Alioth]

No, that's not true. If you distribute your web app without MySQL, then you don't have to GPL it because you are not distributing MySQL.

pfft!

[tehshen]

% firefox /dev/tty
<html><? cool php script ?></html>
^d

Re:Some PHP learning links

[eddy+the+lip]

Thank you....just checking out hudzilla now, and it looks like a good resource. I can deal with not having flippy pages if I've got good data ;)

I've spent a fair bit of time at PHPpatterns (I think that's phppatterns.com, if anyone else is reading.) Too bad it doesn't seem to be seeing updates lately. I owe that man a beer.

Yes, it is a toy

[Safety+Cap]

Care to back that up?

Sure thing, boss, that's coming up.

A real database won't let you insert a value that is too long for the field. A toy database will truncate. Example:

create table type ( id integer not null, name varchar(10) not null,primary key(id), unique(name));

create table stuff ( id integer not null, name varchar(10) not null,typeid integer not null, primary key(id), foreign key(typeid) references type(id), unique(name));

insert into type(id, name) values (1, 'Heavy');

insert into type(id, name) values (2, 'Light');

insert into stuff(id, name, typeid) values ( 1, 'War n Peas', 1);

insert into stuff(id, name, typeid) values ( 2, 'Archie Comix', 2);

On the last line, MySQL says,

Query OK, 1 row affected (0.00 sec)

but PostgreSQL* says

ERROR: value too long for type character varying(10)

Let's run a query and see what we got from MySQL, shall we?

mysql select s.name, t.name from stuff s, type t where t.id = s.typeid;
| name | name |
| War n Peas | Heavy |
| Archie Com | Light |

Wrong, wrong, wrong! There is NO data integrity in accepting data and then truncating it. This is why TOY databases have no place in production environments.

Okay, not good enough, right? There's lots more. Let's try referential integrity.

drop table type;

MySQL says

Query OK, 0 rows affected (0.00 sec)

mysql> select s.name, t.name from stuff s, type t where t.id = s.typeid;
ERROR 1146: Table 'test.type' doesn't exist

PostgreSQL says

NOTICE: constraint stuff_typeid_fkey on table stuff depends on table "type"

ERROR: cannot drop table "type" because other objects depend on it
HINT: Use DROP ... CASCADE to drop the dependent objects too.

In other words, in TOY databases, "referential integrity" means about as much as a pinch of bat-guano. In real databases, preventing damage to the data is actually important.

* I'm using PostgreSQL here because that's what I have running on my laptop. The same things apply to other real databases, such as Oracle, MS-SQL, etc.

Re:*sigh*

[Kosgrove]

I understand how unpopular this is going to be with this audience, but ASP.NET blows away anything else I've seen in terms of web development.

• It's very similar to Windows Forms development (i.e. compiled apps) - it literally IS VB.NET/C# code, not like VBScript with ASP 3.0.
  
• Code is separated from presentation.
  
• It's the only true RAD tool I've ever seen for web development. (If there are any others, I want to know about them.)
  
• Browser compatibility is outstanding.
  
• It automatically generates client-side and server-side validation.
  

I'm using it now and unless I was absolutely forced to, I would never go back to scripting languages like PHP. I don't think I should need to manually write out tags in output strings. I've got better things to do with my time.

Re:I could be mistaken, but...

[f0rt0r]

I agree there. The feature list of what something Oracle has from Database Design/Development(PL/SQL/Java/C++ modules) to scalability ( Real Application Cluster, anyone? ) compared with MySQL makes the database selection for a high availability system a no-brainer.