Archive for December, 2004

eBay Category of the Week: Cemetery Plots

We really do sell everything: Everything Else -> Funeral & Cemetery -> Cemetery Plots

MySQL Users Conference 2005

I just received word that I’ll be giving an encore performance of “PHP 5 + MySQL 5 = A Perfect 10” (PPT) at the MySQL Users Conference 2005. Date and time still TBA, but the conference runs from April 18 – 21, 2005 and is at the Santa Clara Westin. Happily, that’s only 15 minutes from work, so it’s an easy drive.

Maybe this time I’ll actually talk about MySQL 5.0. When I first gave the talk, back in July at OSCON, it was really PHP 5 + MySQL 4.1 = An Above Average 9.1“.

Folgers Crystals

Yesterday, by co-worker Robert secretly replaced our office’s regular Starbucks coffee with Dunkin’ Donuts coffee.

Apparently, he had it imported from home because you can’t get it on the West Coast. I guess you can take the boy out of Chicago, but you can’t take the Chicago out of the boy.

The funny thing — I don’t even drink coffee, but I immediately recognized the smell from my years in Boston.

PHP in Canada: PHP West and PHP Quebec

For some reason, we can’t seem to get any PHP-only conferences here in the US. Fortunately, our hockey-playing, maple syrup-drinking, funny-speaking brothers to the north, have stepped up to fill the gap.

Following on the success of 2004, there are two excellent looking PHP conferences coming up in 2005: PHP West and PHP Quebec.

PHP West is a one day mini-conference in beautiful Vancouver, BC. Much to my disappointment, I missed out on last year’s, but there’s another one coming up on January 14th. Best of all, it’s focused on Web services.

Right now, I’m thinking these guys really need to hear something on building e-commerce applications using eBay. Stephen’s doing such a good job with Services_Ebay, that I don’t think it’s fair to let the Europeans keep it to themselves. We need to have a North American talk to share in the goodness.

Unfortunately, PHP West is right at the end of MacWorld, so I need to check my schedule to see if I can make it. Stay tuned for more details.

The other conference, PHP Quebec, is in Montreal on March 31st and April 1st. I attended last year — speaking on Web services — and had a blast. Everyone was really nice and there were many other great speakers, including Rasmus.

I encourage everyone who can to drop by and join in on the fun. You might not be able to make both, but whether you’re an east coast or west coast guy, there’s something for you.

Fortune Cookie Bayes Poisoning

From: Eric's Restaurant
Date: Fri, 03 Dec 2004 21:00 -0800 (PST)


Virus, Virus, Spam, Virus

Last month, I received 51,301 virus or spam e-mail messages. This is according to ClamAV and SpamAssassin. That doesn’t count all the ones that slipped through my filters, which I had to flag manually. That’s another 307.

I’ve long been sending spam to /dev/null, but when I hooked up ClamAV, I had it store virii in a file. That turned out to be a 1.7 GB mistake in November. Oops. I just deleted 2.8 GB of virus junk, which made my buddy who hosts a happy guy.

I also do a pretty good job of tuning my SA filters. Through regular care and feeding of its Bayesian engine, I’ve managed to safely reduce my spam threshold to 2.0 instead of the default value of 5.0.

Additionally, I have enough confidence in SA to auto blacklist anything flagged as BAYES_80, BAYES_90, and BAYES_99. Those messages are always spam. (I came close to killing BAYES_70, too, but I couldn’t safely pull the trigger.)

Last, I’ve found that with a few specific whitelists, it’s pretty easy to eliminate quite a few false negatives without worrying about inflicting yourself with any false positives. I had whitelist Evite, my high school and college, Zagat, and United Airlines tickets. (That’s a big one. Don’t want to lose my e-ticket receipt.)

That’s really all, however. It’s not difficult to grep your mail for the SA score, pipe it to sort, and pick out the outliers. Once you’ve found the changes you need to make, just edit up your user_prefs file and you’re all set.

PHP Streams Sucks! PHP Streams Rocks!


I often think the most overlooked and underrated part of PHP are streams. First added in PHP 4.3 by Wez, streams enable the magic that lets you call file_get_contents() (and friends) on more than just local files, but also remote files using ftp, http, https, etc.

In PHP 5, you can do lots of really cool things with streams, including filtering them using a concept similar to Unix pipes. You can also define your own stream wrappers in PHP, so you can “speak” LDAP or to shared memory using fopen() and other file system commands.

This totally rocks. You should really check it out.

At first, I thought nobody used streams because it wasn’t documented. Lots of PHP books have been queued up waiting for the release of PHP 5, so a PHP 4.3 feature didn’t have the chance to make it into print. However, the streams documentation on is actually quite comprehensive.

When I wrote the “Streams, Wrappers, and Filters” chapter in “Upgrading to PHP 5,” I was able to find quite a bit of information in the manual if I was willing to look around long enough. Normally, I needed to do quite a bit of wrangling about amid the mailing lists, CVS commit logs, test cases, and the source code itself. (Or, if all else failed, I broke down and e-mailed the author directly.)

However, the more I play with streams — or to be more specific the HTTP wrapper — the more I run into trouble. Everything works fine for plain-vanilla requests, but when I try to do a more complex HTTPS POST request, then I run into mysterious issues and frustrating limitations.

For instance, you can only make HTTP 1.0 requests. You can’t use HTTP 1.1. And I’m running into this weird problem that seems to occur because PHP sends the request in chunks, and one of those divides is between the opening line and the Host HTTP header. (Even worse, since it’s an HTTPS request, I can’t easily monitor the wire.)

I don’t know whether it’s a “bug” in PHP, the web server, or a vagueness in the HTTP specification, but, honestly, I don’t really care. I just want it to work. Not surprisingly, implementing a protocol is somewhat subtle and tricky, and maybe it doesn’t make sense to embed your own handwritten HTTP and FTP client libraries inside of a language. Maybe it’s better to save the headache and just use cURL. (And, indeed, the request does work great when I do.)

This attitude has led to a clear tension over the future direction of streams. There was a bit of a fuss on php-internals a few months back, last time someone contributed a major patch to the HTTP wrapper. The prevailing sentiment was exactly what I just described: don’t continue to reimplement cURL inside of PHP, but figure out how to better embed cURL as stream wrappers.

Sadly, this hasn’t happened. Instead, there’s been no progress in either direction.

So now I’m stuck. I’d like to remove cURL entirely from the equation, if for no other reason than to remove a dependency on yet-another extension. Yet, cURL seems to be the way to go for anything serious — if for no other reason than it works and the HTTP wrapper doesn’t.

But if cURL is good, why are we bothering with streams and wrappers in the first place? Am I crazy for not wanting to use both cURL and streams? What’s a good PHP 5 programmer to do?