Older blog entries for bugg (starting at number 10)

PHP texis plugin

Several months back I wrote a hackish PHP extension to natively connect and talk with Thunderstone's texis SQL daemon and now it's just sitting around unused and unfinished. What I can't figure out is whether there's anyone out there who'd actually want such a beast - we were only thinking about going that route because we had a poorly deployed search index running out of texis, and replacing vortex with PHP seemed like a good idea.

read more

Syndicated 2008-04-11 03:02:35 from papasian.org - lifehacking

Exploit written for recently discovered PHP-APC vuln

So I discovered a vulnerability recently (see the previous article) in APC and disclosed it, and it's sat there for a few days without feedback... so I went ahead and wrote a proof of concept exploit for it.

Syndicated 2008-03-22 19:55:16 from papasian.org - lifehacking

Vulnerability dicovered in PHP APC module

UPDATE: CVE-2008-1488 has been opened for this vulnerability

So I was noticing apache segfaulting today when I was accidentally attempting to include() a Savant3 Error object. Attached strace, and saw that it was trying to stat the string representation of Savant3 (woops!) and was getting back -1 and name too long as the errorno, but then shortly after it was segfaulting.

read more

Syndicated 2008-03-17 17:58:09 from papasian.org - lifehacking

sneak peek: wizDom - manipulating the DOM with the ease of jQuery from PHP

What do you get if you take the ease of jQuery, the standards compliance of XPath, and implement it in PHP? wizDom!

(This is my first post in some time - I've been busy! Since the last post, I've migrated the site from wordpress to drupal, and there are some outstanding character encoding and lack-of-attachment problems I need to attend to. Hopefully I'll get to that soon...)

read more

Syndicated 2008-01-20 23:37:06 from papasian.org - lifehacking

Excitement for plainTemplates

I wanted to express my excitement about plainTemplates today.

The plainTemplates approach for template generation is to have the template be plain HTML, and then to have a PHP processor fill certain parts of the document with dynamic content. It's familiar territory for anyone who has written an AJA[X?] application in recent times.

It makes a lot of sense for anyone who is used to adding javascript entirely at the head of a page instead of by adding javascript throughout the HTML, and I suspect that, properly implemented, it could not only save time, but increase the hardiness of web applications.

read more

Syndicated 2007-08-20 08:34:26 from papasian.org - lifehacking

A simple RSS to SQL generator

Was looking for a simple way to put entries from an RSS feed into a database the other day, and didn't like what I found via a quick google. So, I put together a very short and to the point script using SimpleXML and the php mysql driver:

$ch = curl_init($argv[1]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$rss = new SimpleXMLElement(curl_exec($ch));

// fill these next two rows in!
$dbLink = mysql_connect('localhost', 'username', 'xxxxx');
mysql_select_db('xxxxx', $dbLink);

foreach($rss->channel->item as $blah) {

read more

Syndicated 2007-08-20 06:03:12 from papasian.org - lifehacking

Drupal module performance

Now that chx has beaten me to it, I'm going to profile and patch and find all the low hanging fruit to cache in drupal. Here's an improvement to the module_hook function.

read more

Syndicated 2007-01-12 07:50:56 from papasian.org - lifehacking

drupal theme performance

I've been playing with callgrind, xdebug, and kcachegrind to profile drupal. I'll go over the details of my results in a future blog entry, but if you want the short story just check out Rasmus's directions. Rasmus has given lots of talks with similar names to "Getting Rich with PHP5" and I'll leave it to the reader to google and find slides from this talk.

Profiling is an iterative process, and after awhile I might blog about it with something more concrete. But for now, I have early results.

read more

Syndicated 2007-01-12 05:44:51 from papasian.org - lifehacking

Adsense, adwords, and how google scares me

Update (August 2007): These are all off the site.

Those of you who are attentive may have noticed a couple things about my blog. First, there's the fact that I have placed google adsense on various pages on my blog. Also, I'm using google analytics to monitor how people are reaching this site and what they're doing when they are here.

Both of these technologies creep me out. In my opinion, they are both somewhere between a threat to privacy to an obnoxious invasion. Both are closed source, and google has become the overwhelming market leader for both contextual text ad publishing as well as google analytics.

Why have I used them?

read more

Syndicated 2006-12-18 07:18:04 from papasian.org - lifehacking

Running multiple webservers on a single port (sortof)

Play with any webserver long enough, and you'll realize, they aren't all the same.
On one end, you have light webservers that respond to requests for static content off of a disk, and then send it to the user. thttpd is an extreme example of a webserver like this. Others instead will use apache with hardly any modules installed and, if apache 2.x, a worker MPM can be used that enables each process to serve multiple requests.
Well, that's all fine and dandy, but if you're using PHP or some other language you might find that your web applications aren't thread-safe. Suddenly you have concurrency issues, because you'll have two PHP interpreters running inside of the same process, and this can create enough issues where php recommends against it.
So you equip your apache with mod_php and off you go - but now each request for a small static file bogs down a massive apache process. Which is a bummer, because thttpd or even apache could serve the request with far fewer resources.

read more

Syndicated 2006-12-09 21:16:54 from papasian.org - lifehacking

1 older entry...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!