What is Larry Thinking? #18 => Useful Stuff on the Web

January 8, 2009

In this edition…

About this Newsletter

Nothing special in this newsletter, just a bunch of useful information (I hope)!

On the Blog => User Interface

In my previous newsletter, I announced my blog (http://blog.dmcinsights.com). I created it mostly because there aren’t enough blogs out there yet. So maybe that’s a joke. Anyway, part of the thinking was that I’d use the blog to take notes on the new things I learn about—stuff that may show up in a book further down the line—and to report upon things that have never made it into a book, for whatever reason. It’s also a good place to address question that get answered in a more timely manner than I do using this newsletter. Anyway, in the past month, much of my extracurricular studies have been on “user interface” (UI). User interface is simply how a user interacts with something. On a Web site, this interaction involves graphic design, HTML forms, handling errors, etc. I’ve already written four posts on this subject, which you can read at http://blog.dmcinsights.com/tag/user-interface/.

As an amusing aside, in double-checking something for this newsletter, I came across this post in my second newsletter about why I wasn’t doing a blog. Things do have a way of changing…

On the Web => Sitepoint

In my previous newsletter, I discussed some of the newsletters to which I’m subscribed. I failed to mention Sitepoint, although it’s one of the best. The site also has support forums, very good articles, and their own books for sale (I like Sitepoint, but it’s all a bit more sales-oriented than I like to see). A recent newsletter directly talked about being a successful freelancer, a topic that I am frequently asked about. Check it out for some good advice.

On the Web => Less known SQL syntax and functions in MySQL

A monthly MySQL newsletter that I receive included a reference to an article on lesser known SQL syntax and MySQL functions. It’s fairly short article and there’s nothing too revolutionary there, but it’s worth the quick read. The INSERT IGNORE and GROUP_CONCAT are particularly interesting. Not mentioned but worth knowing is REPLACE. A REPLACE query works like an INSERT if a given primary key value is not already represented. If there is a record with that primary key, then that record’s non-primary key values will be updated to the new ones.

On the Web => Essential Bookmarks for Web Designers and Developers

In response to a previous newsletter, someone directed me to the Essential Bookmarks for Web Designers and Web Developers.

Q&A => How do you argue for PHP?

In response to previous book giveway, I was asked by a reader (twice) how one argues for using PHP. The specific question was “Many system administrators and applications developers gruffly dismiss suggestions of using PHP for seemingly suitable tasks, citing a poor reputation for security and exploited vulnerabilities in the past. What are the specifics of the basis for this reputation, deserved or not, and are these concern still valid today in modern versions of PHP?”

Now I couldn’t say for certain that this is or is not a problem, but here’s my response: First, it has to be conceeded that PHP isn’t suitable for everything. For Web-based stuff, it’s just as good as any other option, in my opinion. But I wouldn’t use it for system administration, command line utilities, or application development. You CAN use PHP for these tasks, but there are better technologies available: Perl, Ruby, C/C++, Adobe AIR, etc. Of course, if you don’t know those, then you may just as well use PHP.

As for PHP as a whole, and using it for Web development purposes, I think its reputation was hit by some security issues that arose in versions 3 and 4 (early versions, like 4.1) of the language. In particular I’m thinking of the register_globals issue that has since been disabled and removed (in PHP 6). But I would argue that many technologies end up with one or two serious security concerns. The more important consideration is how quickly they’re fixed. And I see no valid reason for considering PHP to be any more or less secure today than the common alternatives. A fairly large security hole was recently discovered in Ruby, a language I also admire greatly.

So all languages and technologies have their shortcomings, including potential security holes. But how a programming language is used (i.e., what the programmer does with it) is far more important than the language itself. A bad programmer can make insecure code with a good language; a good programmer can make secure code with a lesser language. If anything, the knock on PHP from a security perspective could be that it makes it too easy for an inexperienced programmer to write insecure code. But that’s a valid reason not to hire inexperienced programmers; it doesn’t rule out using PHP.

Finally, I’ll just say that anyone that outright dismisses a language or technology because of a reputation isn’t really providing an educated analysis of the situation. And, some people have ingrained opinions and aren’t going to be swayed by, you know, facts.

Book Giveaway Preview

I am planning on doing a book giveaway in January but I’m not ready quite yet. I’ll send out another newsletter later this month and do the book giveaway then. Primarily I’ll be giving away copies of the third edition of my PHP for the Web: Visual QuickStart Guide and my Ruby: Visual QuickStart Guide.

My Book News => Announcing the E-Commerce Book!

People have frequently requested that I write a soup-to-nuts e-commerce book, something that covers the whole e-commerce process using PHP and MySQL (and I very much appreciate the interest). I have suggested it to my primary publisher, Peachpit Press, and I am pleased to announce that they have agreed to do the book. Some of the details are still being negotiated and no publication date has yet been set, but I wanted to let people know as soon as possible. I’ll also probably ask for some input from you to see what you’d most want to get out of such a book. More on this in the next newsletter, later this month.

Also, I’m pleased to say that I’ve started sketching out my online JavaScript reference. I’m writing it in a wiki (just because that’s the fastest way for me to publish it online) and will provide a URL once I feel it’s sufficiently along. In keeping with the style of many of my books, this online guide starts with the fundamentals—placing JavaScript within HTML, variable types, defining functions, etc.—and then moves on to different uses (i.e., practical applications) of JavaScript. This last section will be the most important, showing actual code for doing specific, common tasks. The online guide won’t have the same step-by-step and script structure as my Visual QuickStart/Pro Guide books do, but will build up code with explanations.