PHP bashing has to end!
Of late, I've been noticing a lot of PHP bashing around the web. Most of it is related to one major issue: Security. Granted, PHP's security implementation isn't the best out there, and it is a widely discussed topic. But more often than not, the security loopholes are due to bad/inconsistent programming principles, rather than a core PHP issue.
Also, PHP's lack of support for threaded programming is another major let down. While this is a genuine issue, rewriting the entire PHP core and the parser to support threads is not worth the effort. But I genuinely haven't felt the need for multi-threading in PHP till date. While threading is a must for system programming, the need for it in a web environment is not entirely clear. Also, the major strength of PHP - its simplicity will be compromised if threading is to be introduced.
Another genuine concern is the confusion caused by settings such as "register_globals" , "magic_quotes", "safe_mode" . These three variables have had a major impact on the deployment of PHP scripts. Web hosts allow ways to tweak these settings, but for the layman who just wants to get a blog up and running, its a bit of a hassle. Also its an issue that needs to be addressed by web developers who want maximum compatibility for their applications. The next major release PHP 6.0 aims to completely do away with this settings for good, and that will indeed clear up a lot of mess.
Most of these issues boil down to one thing - the lack of a an official formal specification. Although the PHP Group oversees the continued development, it is still a community effort, and as such requires stringent software engineering and management. Since the original PHP parser was completely rewritten for version 3 and above, there have only been attempts to patch up vulnerabilities, and add new features like Object Oriented Programming, namespace support among others. PHP 6 is touted to be THE release, which will address most of the major concerns.
For all its shortcomings, its still THE easiest server side scripting language to work with. The C/C++ syntax, seamless integration with MYSQL, support by almost all web hosting providers still make it THE web language IMHO. The LAMP stack is undoubtedly the king of the web, and will continue to be so, owing to the simplicity and widespread community support offered by all its components. And not to forget, its completely free.
Small and light PHP frameworks
Frameworks offer quick and dirty ways to get your code done. Though hardcore programmers still shun them, they are God sent for lazy/beginner programmers who need to get lot of work done quickly. Having looked at all the major heavyweights(literally) of PHP frameworks, I wanted to look for alternatives.
My requirements:
- Small footprint
- Simple
- Easy to use (For a beginner like me)
So here are the nominees:
1. ELF-PHP (Extra Light PHP Framework)
This framework is built on the MVC architecture for software engineering buffs, has good documentation, and will get you started in a jiffy. It probably has the most features compared to the others in this list, and the developer plans to add some more in the future release.
P.S: Grab the latest code from the repository.
It simple, its PHP and its a framework. Has comprehensive logging features, offers various modes for the server (local, production, staging, shell) and is actually being run in 40 different sites by the developer. Should be dependable. Needs documentation on various features though.
Other than having a unusual name, its a micro php framework for separating application logic from presentation. Development has been stopped by the developer, so don't expect support or documentation. For a more recent version micro paging framework, check out Sticks by the same developer.
4. Write your own micro framework!
This excellent post by Anant Garg gets you started on MVC framework basics, and tells you how you can design your own mini framework, and then implement your application using it!
Expect a more comprehensive review of each framework in the furure.
Lightweight alternatives to phpBB
phpBB is the holy grail of free and open source forum/discussion board on the internet. With tons of plugins, themes and a amazing community, its probably the best too. But for those like me who don't want the bloat, and would rather use a simple and easy to manage forum, here are a few alternatives:
1. SimpleMachines - Probably the second best known free forum script. Slimmer than phpBB, and with a better, cleaner admin interface, its my personal favourie. And yes, it does have its fair share of themes/plugins and good community support.
2. FluxBB - This one is "really" light. The download comes in under 300kb, is XTML and CSS valid, and with a minimal but delightful interface is bound to loved by Mac fans.
3. bbPress - Comes from the creators of WordPress, its their in house forum software. Nuff said.
4. Vanilla - Other than having a tasty name, it also offers a very small and simple forum. Great for "minimal" fans.
5. Phorum - Its an open source PHP forum. Probably not as good looking as the others, but does the job well.
How to create a Mac OSX finder like download script using PHP
This is a small tutorial/article on how to create a Mac OSX Finder like navigation page and to use it to list and download files that you have. A screen shot below for people who do not know how it looks. It can be used as a simple yet elegant download script.
Javascript to generate query from form
One of the most mundane tasks in web development is insertion of forms into databases. Writing a query for each form is cumbersome and isn't the best way to go about it. Now before I get started, there are "far better" ways of doing it like using datagrid, or form designers, etc. Since I don't find them suitable for my taste, I've put together a very simple javascript that can do the job.
My example is based on PHP/MySQL and uses jQuery
The Problem: Generating an Insert Query for the particular form. Traditionally, if you form had say 25 fields, you'll name them, and post/get them to a server side script like php. Then you have to get each field using the $_POST or $_GET variables, and generate the query. Imagine doing this for 25 fields! Hope you get the point.
The Solution: Automatically traverse the form, generate the query using javascript, then submit it to the server side script by Ajax POST using jQuery. The function takes 3 arguments: table name, success message, error message.
The Limitations: As you'd imagine, there are a few serious limitations:
- The order of the form elements should match the order of the fields in the table. Needless to say the number of form elements should also match the number of fields in the table.
- The database name is hard coded into the server side script. Since my work involves only a single database, I find it easier to keep things simple.
Steps:
1. In your normal HTML form, arrange the input boxes in the order that they appear in your database table. In this example, we have 3 text boxes: user, email and pass.
<div id="container">
<form id="loginForm" method="POST" action="dbprocess.php">
<dd>
<dl><label for="user">Username</label></dl>
<dt><input type="text" name="user" maxlength="20" /></dt>
</dd>
<dd>
<dl><label for="email">Email</label></dl>
<dt><input type="text" name="email" maxlength="20" /></dt>
</dd>
<dd>
<dl><label for="pass">Password</label></dl>
<dt><input type="password" name="pass" maxlength="8" /></dt>
</dd>
<input type="submit" value="Submit" id="submitForm" />
</form>
</div>
2. Include the jQuery.js and formSubmit.js files in the header
3. Insert the following Javascript code that disables the submit button of the form, and calls our formSubmit function instead. The form submission is handled in the function via jQuery Ajax request.
<script type="text/javascript>
$(document).ready(function(){
$("#loginForm").submit(function(){
return false;
});
$("#submitForm").click(function(){
formSubmit("users","New user added successfully!","Error adding user!");
});
});
</script>
4. Write your server side PHP script to connect to the database, and perform the operation
<?php
$query = stripslashes($_POST["query"]);if(!$con = mysql_connect("localhost","root",""))
die("Database Connection Error");if(!mysql_select_db("login"))
die("Database does not exist");$result = mysql_query($query,$con);
if($result)
echo "1";
else
echo mysql_error($con);
mysql_close($con);
?>
And that's it! Your form insertion should be working provided you took care of the limitations. This script is useful if you have many forms with lots of input fields in your application. Comments, suggestions and criticisms welcome!
Download the script with example