DaveDevelopment::Dave Marshall

After reading this thread, I thought I’d spend some time writing about what I feel are some measures you can take to landing a job in PHP. This first part is going to concentrate on the kind of technical matters I think any PHP developer should at least have knowledge of, if not some kind of experience. A lot of the subjects discussed aren’t specific to PHP, but the focus will be on PHP. It’ll be far from exhaustive (please feel free to flame, but constructive comments would be nicer) and there’ll probably be quite a few references to Joel on Software articles, mainly because I’ve read a lot of them and I can’t be bothered to research the topics further! There’ll be plenty of links to follow, plus the odd dead tree format recommendation.

Programming

This should be a no brainer. Lots of experience of programming in PHP, is not strictly necessary, a good programmer, particularly with experience of scripting languages or programming for the web should be able to pick up PHP in no time.

For someone who is basically a good software developer, learning another programming language is just not going to be a big deal. In two weeks they’ll be pretty productive. In two years, you may need them to do something completely different in a programming language which hasn’t even been invented.

- Sorting Resumes by Joel Spolsky

Most PHP applications are used in conjunction with an SQL database, predominantly MySQL, so you’re going to need some of this under your belt.

Some knowledge of PHP is essential. Be aware of the benefits, the caveats and if you’re interested, a little of PHPs history, some people really care about it. I think it definitely shows you are passionate about what you do or want to do. Maybe look to PHP’s future, research whats coming up in PHP 5.3, or whatever the next version is at the current time.

Software Engineering

Most PHP roles go beyond just programming, so a good sense of what’s involved in a full project life cycle should help you get that PHP job over the next guy. There are lots of processes and models available, but you don’t need to be familiar with them all. Get a good idea of the 7 stages of the traditional Waterfall Model and you should be able to apply the principles to most methods. They are:

1. Requirements Specification
2. Design
3. Implementation
4. Integration
5. Testing
6. Installation
7. Maintenance

I like UML for design and documentation, so worth knowing about even if you haven’t practiced it.

Libraries and Frameworks

If you are familiar with Object Oriented methodologies, arm yourself with the knowledge of PHP5’s OO capabilities. Once you’ve got that, get a handle of the vast array of PHP frameworks that are available. You don’t have to know them inside and out, just be aware of them and the benefits they give you. PEAR is a huge library of PHP code, check it out

Development Tools

There are plenty of tools available to aid and improve the development process, be familiar with as many as you can handle. I would insist on becoming familiar with, downloading and experimenting with subversion, or some other version control system.

Joel Spolsky has what he refers to The Joel Test. Later in this series, we’ll discuss interviews, and I will recommend asking at least one of these questions at an interview, so you need to understand what they all mean and why they might benefit a software development team.

Security

Security is often a big cause for concern in the PHP world, mainly because it’s not been handled correctly before. PHP is not insecure in itself, most vulnerabilities attributed to PHP are actually simply in softwares written in PHP.

Be aware of security issues in your code such as SQL Injection, XSS and CSRF. Also be aware of configuration directives that can affect the security of your PHP powered web servers.

Web Services

Understand what a web service is and some of the related technologies. PHP is ideal as a glue language, combining web services to consume single web services or create mash ups of several web services, but can also be used for providing web services.

System Administration

In my opinion, developers should be capable of administering the full stack they develop for, usually in this case, the LAMP stack. There can’t be many potential PHP developers out there who don’t have a spare computer or hard disk lying around that they can’t install Debian on and follow a simple LAMP installation tutorial. If you’ve not got a spare hard disk, download VmWare Player and a debian appliance

I think thats all I can think of for now, I’m sure there’s plenty I’ve missed. If there’s any technical leads, managers or recruiters reading, please pipe up with what you expect from your applicants. The next part in the series will focus on the soft skills required for banking that PHP job.

More in this series

• Part 1: Technical Skills
• Part 2: Soft Skills
• Part 3: Curriculum Vitae

After reading John Rockefeller’s post on Handling multiple domains and less recently Richard Heye’s post on displaying errors, I thought I’d write a little post about my qualms with their methods.

I won’t go into too much detail, but both examples use a variable that can be manipulated by the user, $_SERVER['HTTP_HOST']. Richard actually changed his example to use $_SERVER['SERVER_NAME'], but as Chris Shiflett shows, neither are guaranteed to be genuine.

My example relies on having access to the server configuration, but is fairly simple. I think Ruby on Rails uses a similar method.

First we set up our virtual hosts, all pointing to the same codebase, but each getting an individual environment variable set using mod_env.

<VirtualHost *:80>
    ServerName davedevelopment.co.uk
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV davedevelopment.co.uk
</VirtualHost>

<VirtualHost *:80>
    ServerName test.davedevelopment.co.uk
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV test.davedevelopment.co.uk
</VirtualHost>

<VirtualHost *:80>
    ServerName anotherSite.com
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV another_site
</VirtualHost>

The code then switches on this variable, which should be guaranteed to be controlled by yourself?

<?php
switch($_SERVER['WEB_ENV']) {
    case 'davedevelopment.co.uk':
        $message = 'Welcome to DaveDevelopment';
        break;
    case 'another_site':
        $message = 'Welcome to another site';
        break;
    case 'test.davedevelopment.co.uk':
    default:
        $message = 'Welcome to DaveDevelopment Test';
        break;
}

echo $message;

?>

I had a problem today at work, I’ve been coding exclusively in PHP5.2 since it was available and most of the servers I’ve been working for are Debian or Ubuntu based, so I didn’t have any problems until this afternoon. We’ve recently bought a SAN solution from Dell and to gain support we bought two new servers, both with SUSE Enterprise Linux installed, which only comes with PHP 5.1.2. That particular version came out in January 2006. Since then I’ve been using the new DateTime object, the filter functions, memory_get_peak_usage() and sys_get_temp_dir(). And they’re only the problems I noticed. We could install from source, but then we lose the subtle benefits of package management.

So, this lead to me wondering what LAMP versions the popular distros are using, with the help of DistroWatch, I compiled this table. It only shows the community/open source distributions, the commercials counterparts for each are usually at least a year behind, guaranteeing support but only for out of date versions.

Here’s a quick tip to optimise the HTTP response headers sent by your webserver. While being pretty useless to the average user, the Server signature and powered-by headers could be removed or at least reduced. Obviously these changes are only minor, but on a heavily loaded server such as large forums, could make a decent little saving.

These two little changes…

apache2.conf

ServerTokens Prod

php.ini

expose_php = Off

Will change the HTTP response headers on this server from:

Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-16 \
mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4
X-Powered-By: PHP/4.3.10-16

To:

Server: Apache

That’s a saving of 128 bytes. This site has served 2025 requests so far this month, so this little trick might only have saved me 253kB, but what if there had been 20,000,000 requests?

payday loans cash advance needs

I’ve finally gotten around to finishing the basic design on the Broadband affiliate site project I’ve had ongoing for a while and figured it would be nice to have a backend to add/remove, de-activate all the different packages etc. So, I decided to go crazy and have a look at Ruby on Rails.

Now I’m not extremely well versed with patterns and so on, but I have a decent understanding of the MVC style architecture that seems to be popular these days and I’ve seen a few tutorials on Symfony, a PHP 5 web framework which I believe is fairly similar in nature to Rails, so I figured I’d get along okay. I feel I was pretty right, in a few hours over today and yesterday I’ve come out with a working database driven website and administration area running on Ruby on Rails.

Running Gentoo, I always try and use the portage package management tool, to be double sure on what I needed to do I had a little search on google which led me to this page, and these commands.

echo "dev-ruby/rails mysql fastcgi" >> /etc/portage/package.use
emerge -av rails
rails /path/to/app

That all went well and I was sat looking at a clean rails application. I fired up the builtin webserver, WEBrick, it worked, so I closed it again. Seeing as I use Apache on all my servers, I wanted to use it for the development aswell. I’ve never used FastCGI before, but what do you know there was an example virtual host definition in the rails README file.

  <VirtualHost *:80>
    ServerName rails
    DocumentRoot /path/application/public/
    ErrorLog /path/application/log/server.log

    <Directory /path/application/public/>
      Options ExecCGI FollowSymLinks
      AllowOverride all
      Allow from all
      Order allow,deny
    </Directory>
  </VirtualHost>

Once again, this worked a treat. I then set about creating my application, which by enlarge went along without many flaws, using a combination of the excellent Rails API, this Create a weblog in 15 minutes screencast and Rolling with Ruby on Rails as guidance. The biggest problem I had was creating initially trying to create the scaffolds. Not knowing RoR’s naming conventions, I’d foolishly named my database tables in the singular form, ie provider rather than providers. After overcoming this, I rolled on pretty nicely.

Using this page as guidance I used the login_generator to create a simple admin area, and the scaffolding stuff filled most of the admin pages for me, just a few tweaks here and there were required. The public face was even easier, basically allowing a few different ways to filter the list of broadband packages through one action, ‘list’.

As far as the language Ruby itself goes, I’ve barely learnt anything, basically because Rails does it all for me. The most complicated things I did code wise, was using a case statement to change the filtering on the public packages page and this simple function for turning bytes into a more readable form.

        def human_readable(number)
                count = 0
                while number/1024 > 1
                        number = number/1024
                        count += 1
                end

                iec = ['', 'K', 'M', 'G', 'T']
                return number.to_s + iec[count]
        end

My only gripe with this so far, is the speed. It does take forever to generate these simple pages, the built in webserver does seem to be a shade quicker, but I’d still rather use apache. I’m sure there’ll be some tweaks I can make to speed the FastCGI module up, but there’s no rush for that now.

Hopefully I’ll signup for a few affiliate programs and launch the site properly within the next few days, I don’t expect to make a fortune but it’s been a good little learning utility so far and I hope to use it to learn a few things about affiliate marketing.