Re:Author seems to live in a vacuum
on
On PHP and Scaling
·
· Score: 3, Informative
Yes Smarty compiling the templates into PHP causes some overhead. Compiling templates only happens once (unless you modify the template) so I'm not sure why your performance numbers were so much better with Savant, maybe the config?
But if you are running a site that can use the output caching that Smarty offers and the code is done properly, you will see huge speed increases as you can skip everything in the page including opening a db connection. Which gives very close to flat HTML performance.
As to using PHP accelerators, they don't handle output caching by themselves. You can code your own, but my time is better spent doing other things;)
Using Smarty and Turck together is pretty impressive.
On my OS X install, I installed the cert so if someone tries a man-in-the-middle I'll know as the cert isn't going to match the one on my box.
I don't know how the browsers handle it but i can tell Mozilla (all variants I use) to allow the cert. The part I don't know is, do they cache a hash or the fingerprint or just ignore cert warnings for the domain.
I also provide the cert to anybody that needs it and wants to install it.
While I agree with you completely. It all depends on what you are using it for.
The problem with rolling your own is when a browser hits it, it burps up an error saying it can't verify the validity of the cert. Depending on what you are using the cert for, who cares.
I have my webmail server forced through https with a self signed cert. If someone that uses my webmail server doesn't like it it's no skin off my butt (I provide free mail to a few friends).
For any business sites that I setup I suggest InstantSSL, they are cheap, fast and trusted by pretty much any browser around. And that is the important part when selling to the public, that they don't get some warning. Most of them will never even look to see if the page is encrypted but if they get some funky warning odds are they will leave.
The box it ran on peaked at 980 pages/sec right after it was mentioned on The Screen Savers. Then he ran out of invites;)
totals for the day (9:00a - 5:00p): bandwidth: just under 20G page views: just under 7 million max throughput: ~28 Mb/s busiest hour: 4PM PDT 2.25 million pages
It made some pretty graphs, maybe they will show up online soon.
The problem is more that the URL doesn't necessarily mean a lot. For instance, in one e-commerce project I'm working on, most of the pages are served by a single program and POST data is what makes it behave differently.
Doesn't that make inbound links difficult? Not to mention search engine coverage.
If it works anything like all of the other 3rd party tracking tags I have implemented over the years you specify params in the request, so you pass one of the identifying post vars with the page name.
On another note, they do have an "Enterprise" version that you can license to run on a server you have control over. No mention of price without requesting a quote, maybe when the hammering it's getting slows down.
I think it's rooted a little higher than that. The same keystrokes work in Terminal.app and I think just about everywhere that the app doesn't grab them for it's own shortcuts.
Disclaimer: I'm not in front of my Mac so I can't check how many places this actually works.
also.. the people you meet on the internet tend to be sober. people you meet at bars/parties/wherever tend to be drunk (at least tipsy enough to make an otherwise inverted character talk to strangers).
Obviously we haven't met;)
I'm not sure why you think that people you meet online tend to be sober... Hell I find it harder to tell if they are drunk or sober and normally don't care. They are either pleasant to interact with or they aren't.
Online you don't know if they are just a cheerful person or have a pleasent buz, on the other end are they just an obnoxious person or they have exceded pleasent buz and become a bitter drunk having a bad day.
At least when you walk up to a person and they have a drink in their hand it's a decent indicator that they either have been or are about to be drinking.
Maybe if you had to use a Breathalyzer before interaction so your computer could automatically append a disclaimer...
The message makes sense to a geek, but I'm with an earlier poster, many users will just click OK out of confusion.
While this is true in Windows, the dialogs are worded very poorly and usually only have OK CANCEL. The dialogs in OS X are usually worded in such a way as to make sense and the buttons usually have words on them directly related to what they do.
Even in this example, Cancel Open, so you know even without reading the dialog that one button is going to open something and the other is going to cancel.
Where as OK CANCEL is completely reliant on someone reading the dialog (not normally going to happen) or click OK and see what happens.
The action you are trying to perform will destroy data and we have stopped it, do you wish to allow it to continue? OK CANCEL
The action you are trying to perform will destroy data, do you want us to stop this from happening? OK CANCEL
Your post made me go back and look a little closer at the specs.
AirPort Extreme and AirPort Express can extend the range only of an AirPort Extreme or AirPort Express wireless network.
This device sounds more like a repeater than a bridge to me. This device will extend range, not bridge a gap wirelessly and convert back to Ethernet. Poor choice of words on Apples part.
This is pathetic. $129 for this. Come on. For 250 you get a hard drive and an interface. All this does is get a signal from your computer. It doesn't even have a way to change the song remotely. Stupid! I expect MUCH better from Apple. This with a wireless remote that resembles an iPod would be awesome. But since there is no remote. It sucks.
You do realize that it is also a Wireless bridge and can act as a remote print server. The print server doesn't make sense to me, I don't want a printer by my stereo.
Look at it this way, you have an xbox/ps2 that you want to get online and have also been looking for an easy way to listen to your iTunes music on your stereo. For $129 you get a bridge that will allow you to get your console online and an audio out to pipe into your stereo.
I paid close to $100 for a POS NetGear bridge a while back and it's only a b not g device.
Sounds reasonable. I don't see myself getting one, but that doesn't mean I think it's a watse of money/time and Apple should be slapped for making it.
On a related note, I've noticed that a lot of "messy" people seem to know where everything is. I call it the chaos theory of organization; it can often be easier to remember where things are than to spend the effort to put them someplace. So you just put them where there's space, and remember where they went.
I got a chuckle out of that...
But seriously, my wife always thought I had some magical powers. I never lose my keys/wallet/phone... I don't have some steel trap for a memory, maybe at one point, not anymore. I don't lose stuff because things are always in the same place. I get home, unload all my stuff into it's place and I'm done. There is no extra effort as the sideboard is right as you come in the door and that's where my junk lives.
One of the biggest beneifts I find in this method is that I don't even have to think in the morning on the way out. The down side is if my phone starts bitching in the middle of the night and my wife puts it in the charger, I WILL leave without it;)
My wife is the other side of the fence, I can't tell you how often she loses her keys or has to chase the ringtone to find her phone.
There are actually a few laws that can fit this one, depending on the officer and the judge. There are probably more, but this is all I bothered to dig up.
And yes they all relate to "the normal speed of traffic" so all bets are off in rush hour.
If you know of a hosting company that offers load balanced sites and isn't going to send you a nice fat bill when you transfer gigs worth of images in a coule hours... for only $10 a month.
While your list is nice if you don't care how they got in in the first place and you aren't really that concerend about cleaning you machine correctly...
I would strongly recommend that anyone that thinks they have been rooted/hacked/owned (call it what you will) should boot from something safe, think Gentoo or other non OS X source.
Copy the entire drive off onto another drive and only mount it read-only from that point on.
Now wipe the original drive and reinstall everything from scratch. Including downloading anything that you don't have a CD for.
After you get back up and running and if you want to know how they got in or if you care about anything on the old install, mount that drive read only and start poking around. There are many good resources online for post mortem analysis.
At the very minimum you should want to know when it happened so that you know how far back your backups are potentially unsafe. You do have backups, right?
If you honestly believe that cheking creation dates on files is enough, you will get burned. Take the following example.
When you look at the dates on SafeApp the app appears to be safe, is it?
Disclaimer: I'm not on an OS X box at the moment so I can't verify that it's version of touch supports -r, but even if it doesn't once their on your machine they can bring in one that does.
1. The retailer doesn't have access to the banking network's records, so there is no way for the retailer to perform his own checks. The banking network must be trusted without question. Try this: Pay for something on a web site, giving your legitimate credit card details but a made-up name and address. The charge will probably be accepted. Why? Because the name/address comparison is done loosely to allow for people typing stuff differently from how it is recorded, ie: "14a Halifax Street" is typed as "14 A HALIFAX ST". Bear in mind that credit card companies PROFIT from fraud, you can imagine how loose this comparison is. Some people would allege that there is no comparison done at all.
This is what you should be using AVS for. Yes I agree 100% that the address match is garbage, one of my own cards doesn't validate. If the zip and CVV data match it is a good bet that it is good.
A merchant is able to cancel a suspicious charge (and, as a slap in the face for running his business ethically, be fined for doing so) but that's all it is, a cancellation,
If you get fined by your card processor for cancelling an order and reversing the charge, I strongly suggest you find a better processor. I have never even been questioned for reversing a charge. Are you dealing with one of the 3rd party processing houses or directly with one of the big clearing houses?
Believe me, if other retailers are anything like me, they are ultra-paranoid in trying to prevent fraud. But ultimately we don't have access to the data we need, our on-the-ground feedback isn't wanted, and when the banking network lets us down we lose money on the sale and we are automatically fined with no appeals process and no way of knowing who fined us.
If you are truly ultra-paranoid about accepting credit card purchases online, as you should be. Have you looked into the Maxmind Credit Card Fraud Detection service? It will give you some extra insight into the customers intentions, did they come in through an anonymous proxy? How far is their current physical location from the billing address. And quite a bit more.
As for not knowing who nailed you with a chargeback, again, you may need to find a better processor. If I get a charge back I know who it was as I get a copy of the letter that the customer sent to the credit card company when I get my 15 day appeal letter. Thankfully this rarely happens as I use Maxmind to screen and have no problem requesting a fax with a signature and copy of both sides of the card if I feel the charge warrants it. No fax, the charge gets reversed.
I am in no way affiliated with Maxmind, I am just a very happy customer and recommend them highly.
Slashdot Mirror
Yes Smarty compiling the templates into PHP causes some overhead. Compiling templates only happens once (unless you modify the template) so I'm not sure why your performance numbers were so much better with Savant, maybe the config?
;)
But if you are running a site that can use the output caching that Smarty offers and the code is done properly, you will see huge speed increases as you can skip everything in the page including opening a db connection. Which gives very close to flat HTML performance.
As to using PHP accelerators, they don't handle output caching by themselves. You can code your own, but my time is better spent doing other things
Using Smarty and Turck together is pretty impressive.
Now that I look at it today, neither do I.
;)
I swear when I looked last night the price was $99, but then again I did botch the InstantSSL link at the same time.
If I really cared I guess I could check the cache on my PowerBook when I get home, but I see no reason for that.
So lets call this one operator error
Did I miss something?
;)
InstantSSL 1 yr $49
FreeSSL 1 yr $99
They claim 96% compatibility, InstantSSL claims 99.3% (love those numbers, WTF)
They do mention the "hassles" of chained certs. I know it was a huge pain to drop one more file on my box, but I don't see it being worth $50
If I did miss something, I apologize. Let me know I'll be checking them out again in the morning.
It all depends on how you deal with it.
On my OS X install, I installed the cert so if someone tries a man-in-the-middle I'll know as the cert isn't going to match the one on my box.
I don't know how the browsers handle it but i can tell Mozilla (all variants I use) to allow the cert. The part I don't know is, do they cache a hash or the fingerprint or just ignore cert warnings for the domain.
I also provide the cert to anybody that needs it and wants to install it.
While I agree with you completely. It all depends on what you are using it for.
The problem with rolling your own is when a browser hits it, it burps up an error saying it can't verify the validity of the cert. Depending on what you are using the cert for, who cares.
I have my webmail server forced through https with a self signed cert. If someone that uses my webmail server doesn't like it it's no skin off my butt (I provide free mail to a few friends).
For any business sites that I setup I suggest InstantSSL, they are cheap, fast and trusted by pretty much any browser around. And that is the important part when selling to the public, that they don't get some warning. Most of them will never even look to see if the page is encrypted but if they get some funky warning odds are they will leave.
He did this earlier in the week on Wednesday.
;)
The box it ran on peaked at 980 pages/sec right after it was mentioned on The Screen Savers. Then he ran out of invites
totals for the day (9:00a - 5:00p):
bandwidth: just under 20G
page views: just under 7 million
max throughput: ~28 Mb/s
busiest hour: 4PM PDT 2.25 million pages
It made some pretty graphs, maybe they will show up online soon.
heh, that thing lived on one of my boxes the first round on Wednesday...
/. It made some pretty graphs.
It peaked at 980 pages/s and 28 Mb/s. Apparently getting a mention on the Screen Savers is a little like getting on
I would have hosted it again, but bandwidth doesn't grow on trees.
If it works anything like all of the other 3rd party tracking tags I have implemented over the years you specify params in the request, so you pass one of the identifying post vars with the page name.
On another note, they do have an "Enterprise" version that you can license to run on a server you have control over. No mention of price without requesting a quote, maybe when the hammering it's getting slows down.
If you are building dynamic sites, I'll assume that you have a common header and footer...
Just put it in one of those.
Personally I'd rather see an option to be able to license a server side version as I'd rather not use 3rd party tracking.
And I agree with you about the Windows only junk, but with VirtualPC or Win4Lin it's not a huge problem.
I think it's rooted a little higher than that. The same keystrokes work in Terminal.app and I think just about everywhere that the app doesn't grab them for it's own shortcuts.
Disclaimer: I'm not in front of my Mac so I can't check how many places this actually works.
I'm not sure why you think that people you meet online tend to be sober... Hell I find it harder to tell if they are drunk or sober and normally don't care. They are either pleasant to interact with or they aren't.
Online you don't know if they are just a cheerful person or have a pleasent buz, on the other end are they just an obnoxious person or they have exceded pleasent buz and become a bitter drunk having a bad day.
At least when you walk up to a person and they have a drink in their hand it's a decent indicator that they either have been or are about to be drinking.
Maybe if you had to use a Breathalyzer before interaction so your computer could automatically append a disclaimer...
WARNING: Person at keyboard is drunk.
Even in this example, Cancel Open, so you know even without reading the dialog that one button is going to open something and the other is going to cancel.
Where as OK CANCEL is completely reliant on someone reading the dialog (not normally going to happen) or click OK and see what happens.
This device sounds more like a repeater than a bridge to me. This device will extend range, not bridge a gap wirelessly and convert back to Ethernet. Poor choice of words on Apples part.
Look at it this way, you have an xbox/ps2 that you want to get online and have also been looking for an easy way to listen to your iTunes music on your stereo. For $129 you get a bridge that will allow you to get your console online and an audio out to pipe into your stereo.
I paid close to $100 for a POS NetGear bridge a while back and it's only a b not g device.
Sounds reasonable. I don't see myself getting one, but that doesn't mean I think it's a watse of money/time and Apple should be slapped for making it.
If you do how do you explain the "Shared file, confirm deletion" during an uninstall?
If you had said that OS X has it right, you would have been closer, but even some apps in OS X scatter things around during an install.
But seriously, my wife always thought I had some magical powers. I never lose my keys/wallet/phone... I don't have some steel trap for a memory, maybe at one point, not anymore. I don't lose stuff because things are always in the same place. I get home, unload all my stuff into it's place and I'm done. There is no extra effort as the sideboard is right as you come in the door and that's where my junk lives.
One of the biggest beneifts I find in this method is that I don't even have to think in the morning on the way out. The down side is if my phone starts bitching in the middle of the night and my wife puts it in the charger, I WILL leave without it
My wife is the other side of the fence, I can't tell you how often she loses her keys or has to chase the ringtone to find her phone.
I'm not saying I agree with the patent, but it is for a PDA not a PC.
;)
It's almost funny to see them referring to it as a palm-type device all over the patent app
There are actually a few laws that can fit this one, depending on the officer and the judge. There are probably more, but this is all I bothered to dig up.
And yes they all relate to "the normal speed of traffic" so all bets are off in rush hour.
Yielding for Passing
Slow-Moving Vehicles
Turning Out of Slow-Moving Vehicles
Is posting the same comment to the same parent within 2 minutes of each other part of the Slashdot editor applicaiton process? ;)
If you know of a hosting company that offers load balanced sites and isn't going to send you a nice fat bill when you transfer gigs worth of images in a coule hours... for only $10 a month.
;)
I'd really like to know who they are
I would strongly recommend that anyone that thinks they have been rooted/hacked/owned (call it what you will) should boot from something safe, think Gentoo or other non OS X source.
Copy the entire drive off onto another drive and only mount it read-only from that point on.
Now wipe the original drive and reinstall everything from scratch. Including downloading anything that you don't have a CD for.
After you get back up and running and if you want to know how they got in or if you care about anything on the old install, mount that drive read only and start poking around. There are many good resources online for post mortem analysis.
At the very minimum you should want to know when it happened so that you know how far back your backups are potentially unsafe. You do have backups, right?
If you honestly believe that cheking creation dates on files is enough, you will get burned. Take the following example.When you look at the dates on SafeApp the app appears to be safe, is it?
Disclaimer: I'm not on an OS X box at the moment so I can't verify that it's version of touch supports -r, but even if it doesn't once their on your machine they can bring in one that does.
or take your pick
If you get fined by your card processor for cancelling an order and reversing the charge, I strongly suggest you find a better processor. I have never even been questioned for reversing a charge. Are you dealing with one of the 3rd party processing houses or directly with one of the big clearing houses?
If you are truly ultra-paranoid about accepting credit card purchases online, as you should be. Have you looked into the Maxmind Credit Card Fraud Detection service? It will give you some extra insight into the customers intentions, did they come in through an anonymous proxy? How far is their current physical location from the billing address. And quite a bit more.
As for not knowing who nailed you with a chargeback, again, you may need to find a better processor. If I get a charge back I know who it was as I get a copy of the letter that the customer sent to the credit card company when I get my 15 day appeal letter. Thankfully this rarely happens as I use Maxmind to screen and have no problem requesting a fax with a signature and copy of both sides of the card if I feel the charge warrants it. No fax, the charge gets reversed.
I am in no way affiliated with Maxmind, I am just a very happy customer and recommend them highly.
There are two options that I know of, there may be others.
For 1.3 you can use mod_become, but it looks a little scary to me.
For 2.x you can use mod_suid2