Archive for October, 2006
microsoft and zend?
By Justin Silverton
From the article:
“Bill Hilf, a Microsoft technical strategist, said the Zend deal, a multiyear, multiphase partnership, will ensure PHP programs run on past and future versions of Microsoft Web server software. The pact covers both the established Windows Server 2003 and the upcoming version, code-named Longhorn.”
“PHP has always worked on Windows. The problem is that it never performed very well,” Andi Gutmans, Zend’s co-founder and chief technology officer, said in an interview.
“Twelve-year-old PHP runs on more than 22 million Web sites and is used inside 15,000 companies.
Technical improvements by Zend and Microsoft to make it easier to run PHP on Windows computers will be available to PHP’s active base of contributors for further enhancement, starting in the first quarter of 2007.
Rather than marking a sudden change of course, Microsoft is openly engaging in a dialogue with Zend, a key open source promoter, and millions of PHP developers, analysts said.”
I think this is something that all open source and php developers have wanted for a long time. This will finally make windows a viable solution for running high-end lamp and php applications.
More about this can be found: Here
Storing passwords in php 5
By Justin Silverton
This topic is something that every php programmer will have to deal with at some point in their programming career. You have just created a system where a user needs to login with some type of username/password combo and you need to store the password (either in plaintext or in some type of database). How do you safely go about doing this? You could store it in plaintext, but this would be a bad idea. Anyone that has access to your server would also be able to get your passwords and the data that they are trying to protect.
A simple yet effective approach
In the past, sha1() or md5() would have been the most effective and secure way to encrypt your data, but recently it has been shown that these functions can be compromised and there is another set of more secure functions.
The function name is called hash(). Here is a list of it’s functionality/parameters:
string hash ( string algo, string data [, bool raw_output] )
Parameters
Algo: Name of selected hashing algorithm (i.e. “md5″, “sha256″, “haval160,4″, etc..)
Data: Message to be hashed.
Raw_Output: When set to TRUE, outputs raw binary data. Default value (FALSE) outputs lowercase hexits.
Returns: Returns a string containing the calculated message digest as lowercase hexits unless raw_output is set to true in which case the raw binary representation of the message digest is returned.
Using this function (note: this function is only available in php 5.1.2 and above)
You can use the following funcion: hash_algos() to get a list of system specific hashing algorithims that are supported by php.
(Inserting into your database/storing)
$password = hash(’sha256′,$_POST[’password’);
Top 5 Internet communities
By Justin Silverton
1) http://forum.deviantart.com/
Name: Deviant art
Description: Online Art community
Posts: 5,390,933
Members: 5,068,184
2) http://www.gaiaonline.com/forum/index.php
Name: Gaia Online
Description: Anime roleplaying community
Posts: 819,515,279
Members: 4,924,634
3) http://collect.myspace.com/index.cfm?fuseaction=messageboard.categories
Name: myspace
Description: Social networking and dating site forums
Posts: 912,500
Members: 4,150,200
4) http://www.imdb.com/boards/
Name: Imdb
Description: Movies message boards
Posts: 13,087,050
Members: 4,111,600
Name: IMobile (chinese)
Description: Mobile phones community
Posts: 16,018,061
Members: 4,016,125
The top bulletin board being used right now is vbulletin, which was built using php/mysql.
More statistics can be found here: http://rankings.big-boards.com/?sort=members
Wordpress 2.0.5 Released
By Justin Silverton
Wordpress 2.0.5 has been released, here is a list important changes/bug fixes:
- is_feed() status is preserved when handling 404s
- manually entering pages greater than the number of pages for a given post now shows the highest numbered page
- improved security in wp-db-backup plugin
- user description is no longer HTML-entity converted going into the database
- fix for
rel="nofollow nofollow"repetition default category is no longer checked by default(Saving this one for 2.1… won’t be in 2.0.5 final)- plugins are sorted by plugin name, instead of filename
- multi-line options in /wp-admin/options.php are preserved
- the authors dropdown is now sorted by display_name
- the_meta() properly ignores keys that start with an underscore
- post meta keys and data are escaped properly on the post screen
- users are prevented from entering strings that will be interpreted as serialized data when coming out of the database
- make_clickable() no longer adds links within links
- error suppression
- i18n fixes
This new release can be downloaded here: http://wordpress.org/download/
Top 5 freelance websites
By Justin Silverton
The following are the top 5 websites that I have found for freelance work. This is for mostly programming/development, which includes PHP and many other languages.
Rentacoder is good place to find small to mid-sized projects for earning extra money. It also offers a rating system which can hurt or help you depending on your work.
Odesk is a little bit different than the rest of the sites listed here. Instead of bidding on projects, you bid on hours. Employers can list the amount of hours/week and # of weeks they need out of a potential freelancer.
Craigslist is great because there is no barrier to entry for either the employer or the potential freelancer/employee (it is also among the top sites on the Internet). This can also be a detriment because anyone with a computer can post a job listing.
2) http://programmermeetdesigner.com/
A unique website that provides an opportunity for programmers to meet and work with designers.
Guru.com is a clean and professional website that has lots of large-scale projects. It also has a fairly high barrier to entry for the employers, which usually means better paying jobs.