PHP has the reputation of being more difficult (or at least different) to SEO (search engine optimise) than static HTML pages.

Stargeek has released an article covering the major issues encountered when trying to make PHP scripts rank well. While it focuses on PHP much of it is still relevant to dynamic pages in general.

CollegeLinux 2.5, codenamed “Obi Wan”, is an easy to use Linux distribution based on Slackware.

Obiwan comes ready for php development and is the only linux distribution so far to do this. apache/php/mysql/sqlite/phpmyadmin/sqlitemanger/webmin come preinstalled, with a one-step configuration via our own tool, called Server Robot.

Not content with just providing the server side, the distro also comes with Kdevelop, an IDE that works natively with PHP in a fully functional desktop environment.

After a CollegeLinux installation everything you need for developing in PHP is setup for you: your server will be up and running and you can easily change any of the settings via webmin, a user-friendly graphical control panel.

PHP-GTK extends PHP, but PHP-GTK itself can also be extended with new features. One of these extensions, libGlade, makes it possible to create all GUI elements from a single XML file. This reduces the required number of code lines and makes it possible to use programs as Glade (wGlade on Windows) to design advanced user interfaces without writing a single line of code.

Other extensions include tools to:

• Render HTML GtkHTML);
• Create advanced editors (Scintilla);
• Plot data (Extra); and
• Manipulate images (GtkPixbuf), drawing (Canvas) and more.

read more about PHP-GTK

The default time-synching service in Linux is not enabled by default nor is it particularly easy to configure on Redhat.  If you’re running any time-based applications however you’ll quickly realise how important it is to have your server reporting the correct time.

To get things up and running with the minimum fuss I would recommend you backup your default ntp config file and use these setting in /etc/ntp.conf:

server     ntp2.mcc.ac.uk prefer

server     127.127.1.0   # local clock
fudge      127.127.1.0   stratum 10

driftfile  /etc/ntp/drift

authenticate     no

The server listed, ntp2.mcc.ac.uk, is a free server hosted by Cambridge university you can connect to without authentication – this is set to the preferred connection.

The driftfile keeps track of how many seconds off your local time was off, and authentication is set to off in this case.

Once you’ve edited the /etc/ntp.conf file, start or restart the ntp daemon with

$ /etc/init.d/ntpd start

then you can check the results with

$ ntpq -p

It will take 3-4 mins to kick in, if your jitter value is 4000 that means it hasn’t worked, also confirm by checking your server’s local time with a

$ date

For more details see this tutorial.

MySQL is a great db server for sheer performance, Jon Lim’s benchmarks confirm this.  But if you want to get truly impressive results from your setup, there are additional measures you can take:

• make sure your version of linux is optimised for multi-threading (RH 8 and below are not)
• considering installing your scsi disks as an RAID array for fastest disk access
• many additional disk I/O tweaks can be achieved with hdparm
• consider compiling MySQL yourself which opens up a range of performance enhancements
• make sure you queries are optimised and tables appropriately indexed
• finally benchmark performance with each modification you make, you can use a tool like MySQL Super Smack
• and when it comes to realtime monitoring mytop can’t be beat

Thanks to the folks over at databasejournal.com for some great MySQL articles.

7 years to get a PHD = $500,000
Suit, shoes, 3 flights to Google = $10,000
Having your over inflated ego burst by google = priceless

posted by Justin at zawodny.com

If you’re looking to get db_dataobject and transactions working with mysql and the inno db table type, try the following:

1. define(’DB_DATAOBJECT_NO_OVERLOAD’, true); // somewhere in your script
2. $oUser = new DataObjects_Usr();  // call your dataobject
3. $dbh = & $oUser->getDatabaseConnection(); // get a db handle, reference essential!
4. $dbh->autocommit(); // set autocommit to false
5. … your queries …
6. $dbh->rollback()/$dbh->commit();  // called depending on your logic

Seeing as the above approach degrades with no issues on myisam tables, coding following the this convention would appear to be a good idea for apps thinking of a postgres upgrade path.

from the Seagull mailing list

Seeing what other frameworks are doing, i’ve done a diagram that may help developers to visualise the Seagull workflow from the app controller point of view.  You must imagine that the currently active module will override the validate/process/display methods to implement the specific functionality.

This way the framework takes care of framework tasks, and modules deliver specific functionality.

We don’t do things like Phrame and Mojavi (and struts) in terms of creating an object to encapsulate actions mainly to avoid the uneccessary overhead of using objects for objects’ sake.  In the Seagull equivalent, an action request parameter is mapped to $input->action and invokes the relevant private method in the module’s manager object.

Also worth mentioning as the question gets asked a lot, the choice of database abstraction layers and template engines are up to you.  Seagull happens to use PEAR::DB and Flexy but slotting in other components does not require a lot of code to be changed.

Thanks to Mario from the Spanish version of PHPkitchen for this one, a java applet that integrates with PHP to handle drag-and-drop recursive directory uploads – very neat

The code works  straight out of the box, and the lite version is free, worth a play.  Regular readers will remember that the HTML_Progress package can give you some very nice upload meters, however the drag and drop feature of this applet adds one extra degree of user-friendliness.

Check out the html source of this page that explains a new exploit discovered for msie.  I can see a lot of people getting pulled by this one, what percentage of web users even know how to ‘view source’, and even if you do you’re not going to check every page you go to.

Exploit
By opening a window using the http://user@domain nomenclature an attacker can hide the real location of the page by including a 0×01 character after the “@” character.

Internet Explorer doesn’t display the rest of the URL making the page appear to be at a different domain.

Reminds me, I still have to get the anti-string cut stuff working in Seagull.

Thanks to Simon’s weblog for the alert.