SlideShare une entreprise Scribd logo

International-PHP-Magazine-January-2007

Marc Isikoff
Marc Isikoff
1  sur  45
Télécharger pour lire hors ligne
Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Beginner’s Guide to PHP Transform an HTML Web Page to PHP Code 01.07 International PHPPHPMagazineCutting-Edge Technologies for Web Professionals The Economics of Open Source in the Relational Database Market Beginner’s Guide to PHP Transform an HTML Web Page to PHP Code Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Synergies and Opportunities Open Source and Commercial Vendors Synergies and Opportunities Open Source and Commercial Vendors Web 2.0 Security: Back to the Basics Preparing for the Future Web 2.0 Security: Back to the Basics Preparing for the Future AJAX Growing Up – Part II Enhancing the Reliability of Your AJAX Apps AJAX Growing Up – Part II Enhancing the Reliability of Your AJAX Apps Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM
2 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Table of Contents www.php-mag.net 08 Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Beginners 05 The goings on in the PHP world News & Trends 21 Synergies and Opportunities: Open Source and Commercial Vendors Individuals and organizations are increasingly seeing open source as a method for collaborative software development. Big businesses are also realizing the benefits open source software holds for them. This article aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. by Lukas Kahwe Smith 08 Beginners When we read our own code after a while, we sometimes have a hard time figuring out what the code actually does. When it comes to other people’s code, things can get really tough. Luckily, Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. by Stefan Priebsch 15 Beginner’s Guide to PHP Over the last three issues, I’ve dealt with the basics of PHP, to provide you with a good background of PHP syntax, variables and processing loguc. In this issue we’ll look into a practical PHP to HTML program so you can put all the knowledge you’ve gained to make web pages. We will see what PHP can do and how you can write code to make PHP render wonderful web pages. by Marc Isikoff 28 Sprinkling Sugar on LAMP In November 2006, SugarCRM announced the release of Sugar FastStack, a fast and simple way to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co- Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM, one of the largest PHP applications in the world. by Jacob Taylor Cover Story 21 Synergies and Opportunities: Open Source and CommercialVendors The Economics of Open Source in the Relational Database Market Practice Column 15 Beginner’s Guide to PHP Transform an HTMLWeb Page to PHP Code
3 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Januaruy 2007 Issue 32 AJAX Growing Up – Part II Since AJAX has become a mainstream technology for a “richer” Internet, most programmers have successfully implemented it or have at least experimented with the possibilities. As the complexity of AJAX-based web applications grows, so does the need for reliability. In this second (and last) part, I will discuss how to sculpt your AJAX environment to optimize feedback to the user when an (unexpected) error occurs. by Robert-Jan de Vries 39 Web 2.0 Security: Back to the Basics The new buzzword these days is ‘Web 2.0’. While the definition of Web 2.0 may vary amongst individuals, we all agree that it is no longer the yesterday’s one-to-many Internet that we have somehow accustomed to. Blogging (as in Windows Live Spaces), Video-sharing (as in YouTube.com, or Windows Live SoapBox), Music-sharing (as in MySpace.com), Photo-sharing (as in Flickr. com), Podcasting, Instant Messaging (as in Live Messenger), Real Simple Syndication (RSS), Wiki, and the list go on. Today’s Web is highly interactive, complex, and interconnected; a system that provides for fast changing many- to-many interactions, allowing anyone to actively contribute to its contents using an assortment of mobile and wireless devices rather than just consuming them previously from a fixed wired desktop computer. Such is the Web 2.0 era, creating many new business opportunities while bringing Internet to the next stage of its evolution. by Kang Meng Chow Development 32 AJAX Growing Up – Part II Enhancing the Reliability ofYour AJAX Apps Department 04 Editorial 44 Advertising Index / Preview / Imprint www.php-mag.net 28 Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM Enterprise Spotlight 39 Web 2.0 Security: Back to the Basics Preparing for the Future
4 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Open source does not blow away traditional economics. Lukas Smith says it only revalidates a lot of the existing theory, maybe in a somewhat surprising way for many, including economists. Our Cover Story this issue aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. After reading the article, Lukas says you will not be lost for words the next time you have to explain what open source is, to a guy in a business suit. Over the last few issues in the Beginner’s Guide to PHP, Marc Isikoff has detailed the basics of PHP, the syntax, variables and processing logic. This month he steps through a practical PHP to HTML program to put all these learning’s to use for developing web pages. Analyzing code is not a fun task. While var_dump() is probably the most widely-used PHP debugger in the world, there is a much better debugging tool for PHP today. Stefan Priebsch says that Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. In November 2006, SugarCRM announced the release of Sugar FastStack, which helps to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co-Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM. Read the interview on Page 28. In the second and final part of the article on how to enhance the reliability of your web applications, Robe-Jan De Vries discusses how to sculpt your AJAX environment to optimize feedback to the user when an (unexpected) error occurs. Today’s Web is highly interactive, complex, and interconnected; a system that provides for fast changing many- to-many interactions, allowing anyone to actively contribute to its contents using an assortment of mobile and wireless devices rather than just consuming them previously from a fixed wired desktop computer. The Web 2.0 era creates many new business opportunities while bringing Internet to the next stage of its evolution. As the Web continues to evolve the rigor and timeliness of responses that are necessary to ensure continuous improvements in the security practices along with the introduction of those new technologies should also evolve alongside. Kang Meng Chow explains why this requires a solid foundation implemented in the organization’s Information Security Management Systems (ISMS). If you would like to share your experience of having used PHP and how it has helped you in your projects, write me at ibritto@php-mag.net. We will feature the ten most well written pieces in an upcoming issue of PHP Magazine. We hope you enjoyed reading this issue of this magazine. Till next time, Happy New Year from the PHP Magazine team. Editorial Explain PHP to the Guy In the Business Suit (ibritto@php-mag.net)
I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 5 News & Trends PHP IDE Project Plan for Release 0.7 The plan of the PHP IDE Project 0.7 version is based on the initial SRS. On top of that SRS many bugs were submitted together with enhancement requests that were/ will be included in the 0.7 release. You can find all PHP IDE open bugs here. The first part of the plan deals with the important matters of release deliverables, release milestones, target operating environments, and release-to- release compatibility. These are all things that need to be clear for any release, even if no features were to change. The release deliverables are: • Source code release for PHP IDE is available in the eclipse.org CVS repositories for PHP • PHP IDE runtime binaries and SDK distributions are available in the download page • PHP IDE runtime binaries and SDK features are available on eclipse.org update site (install via Eclipse update manager) Release Milestones PHP IDE builds are available weekly as Integration builds. PHP IDE Milestone Releases are approximately every six weeks of integration builds. Following the final milestone, release candidates will begin. There should be at least two release candidates before the actual release. Scheduled release candidates should end one week before the release: • 0.7M3: 26th of October 2006 • 0.7M4: 21st of December 2006 • 0.7RC1: 1st of January 2007 • 0.7RC2: 29th of January 2007 Target Operating Environments PHP IDE 0.7 will support all operating environments supported by the Eclipse Platform itself. For a list of supported environments and reference platforms, refer to Eclipse Project 3. The outstanding issues that should require further investigation are: • API: complete the API design so other projects can be based on with minimal changes. Provide extensibility mainly for model, debugger and parser • Debugging: provide a solution for the PHP developer in terms of PHP behaviour. Integration with WTP: discussion about it is available on the Wiki More Info Actuate and Zend Collaborate to Deliver Reporting for PHP Actuate, a provider of enterprise reporting and performance management applications and Zend Technologies, have teamed up to allow PHP developers to add reporting capabilities to web applications using Actuate BIRT. Actuate BIRT, Actuate’s report development product based upon the Eclipse Foundation’s open source project of the same name, complements PHP, the company said. The collaboration between Zend and Actuate has resulted in new capabilities in the 3.0 version of the Zend Platform, which is available for download as a pre-release version here. Zend Platform 3.0 allows PHP developers to integrate reporting capabilities, including charting, to web applications by calling Actuate BIRT reports via the Zend Java Bridge. Web application developers are often faced with strong end-user demands for reports that integrate and summarize application data. This new functionality will provide an alternative to hand coding reports from scratch using PHP, and will ensure that more PHP applications are up and running quickly with the reporting capabilities that they need. According to the company, functionality that is now available to PHP developers includes: • Flexible report output formats that deliver single or multi-page PDF or HTML reports in several viewing and printed formats using parameters, multiple sections, grouping levels, charts, and more. Report content can also easily be exported to CSV format. • Reports built on top of any data source that enable report developers to access and generate reports from SQL databases, text files, or XML. • Easy-to-use visual design environment that enables developers to create and deploy reports in minutes via a simple, robust, wizard-driven interface. • Integrated charting that enables charting reports to be built easily in a variety of types which include Line, Bar,
6 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 News & Trends Pie, Meters, Area, Scatter and Stock. The charts can be output in different formats including Scalable Vector Graphics (SVG). More Info November 2006 PHP Usage Statistics PHP usage statistics for November 2006 has been released at DynamicWebPages.de. The spread of PHP seems to have settled down this month to a more stable value. For November, the number of domain using PHP came in at 19 million (19,404,533) and the number of IPs using PHP is at 1.3 million (1,319,743). This drop can be somewhat attributed to several hosts being made aware of the expose_ php setting in their installations and turning it off for security reasons. Check out this month’s numbers as well as how it relates to previous months (and years) in the following graph: More Info Zend Announces ‘Zend Platform 3.0 Beta’ Zend Platform 3.0 Beta has been released. This version of the tool, which is free for development use, includes the following features: • PHP 5.2 Support • Installation massive improvements (flow, detection, correctness) • Session Clustering High-Availability mode • Session Clustering Graceful Shutdown option • Job Queues • SNMP Traps Support • Actuate BIRT Reporting integration • Performance Enhancements including Performance Tuning page • Dynamic Content Caching Regular Expression Support • PHP Configuration Control enhancements • Web Services Enabled • GUI usability updates More Info PostgreSQL 8.2 Released The PostgreSQL Global Development Group has released version 8.2 of the PostgreSQL object-relational database management system. Version 8.2 is expected to drive even more migrations toward PostgreSQL. “This release touches almost every command and database facility”, said PostgreSQL core team member and EnterpriseDB database architect Bruce Momjian. “It adds expanded, compatible syntax and interfaces, which have been requested by our community, making it easier for new DBAs to fully use all of PostgreSQL’s advanced features.” “Unisys is pleased to note significant enhancements in the scalability and performance of PostgreSQL on large-scale multi-processor systems,” states Ali Shadman, vice president and general manager, Open Source Solutions, Systems and Technology, Unisys. “The newly released 8.2 version continues the maturation of PostgreSQL into a database management system capable of enterprise adoption.” More Info Callicore Desktop:A PHP-GTK-2 Framework Callicore Desktop, the base of Writer (really Callicore Writer), is a framework for PHP-GTK2. It’s not really a framework in the traditional MVC web application sense, says Elizabeth Naramore. Instead it’s a group of fairly loosely coupled widgets and classes with an emphasis on clean code. There are a lot of singleton classes enforced more than would ever be feasible in a web application, Elizabeth writes. The point of CC Desktop is to provide a base of commonly used widgets that take care of ‘minor details’ so creating a program is quick and painless. Callicore Desktop is designed to be modular so you can Fig 1: 2006 PHP Usage Statistics
I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 7 News & Trends drop your program in the programs folder and send the name to Callicore’s run.php to start. For example Elizabeth has a shortcut for Writer that looks like this—Start in, C: callicoredesktoptrunk (that’s where run.php is located) Target: ‘C:phpphp-debugphp-win.exe’ run.php writer. There are several core classes to handle common actions. There’s a config class that writes out .ini files but can be handled like a basic object, a folders class to find things like ‘My Documents’, and where to write application data, a tooltips singleton class to simplify handling, a toolbar class that handles toolbar customization, an actions class to consolidate gtkactiongroup and gtkaction handling. More Info Visustin v4 Automates PHP Flowcharting and UML Diagramming Aivosto has updated Visustin, an automated software diagramming utility. With Visustin, software developers can reverse engineer their PHP code into flow charts and UML activity diagrams, saving their manual drawing efforts. Users can print the diagrams or export to Visio, PowerPoint and Word, the company said in a statement. According to the company, the new Visustin v4 visualizes programs at three levels, a detailed flow chart, a ”bird ’s eye” overview and a codeless mode showing program structure only. Recent improvements include flow chart metrics, UML activity diagrams and support for 29 programming languages. “Visustin makes flowcharting painless”, said Tuomas Salste, President of Aivosto. “With the click of a button, you diagram an entire class or a module. Developers can spend their time developing, not drawing. Automated diagramming ensures documents will be up-to-date rather than lagging behind development.” Pricing is at USD 299/Standard Edition, USD 499/Pro Edition. More Info 1 . 8 7 S U G A R C R M • + 1 . 4 0 8 . 4 5 4 . 6 9 4 1 w w w. s u g a r c r m . c o m • w w w. s u g a r f o r g e . o r g Copyright © 20062007 SugarCRM, Inc. All rights reserved. SugarCRM and the SugarCRM logo are registered trademarks of SugarCRM, Inc.. in the United States, the European Union and other countries. SugarCRM® gives you control over your CRM solution that proprietary closed source CRM restricts. Now you can manage your business data. SugarCRM is the most customizable commercial open source CRM solution built on LAMP architecture that manages sales, marketing, support and collaboration. Download Sugar Open Source today! Visit www.sugarcrm.com/phpmag
Beginners Non-Invasive Surgery for PHP 8 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Introduction Remember the old days of web development? As the web pages did the transition from just being statically served to more interactive, dynamic pages, the Common Gateway Interface (CGI) was state of the art. Using the CGI, we could process input and generate HTML pages on the fly, for example, by Perl scripts. Though PHP today does not necessarily use the CGI any more, the way the CGI works still provides the basics for the web programming we do today. CGI programs, however, were a pain to debug. You had to create HTTP headers and the page body, and if you forgot that one additional new line was required between these two parts, the web server would punish you by just displaying a 500 error. If something else went wrong, you had to run your Perl program at the command line outside the CGI context to be able to view the error messages. PHP made debugging much easier by inserting error messages and warnings directly into the generated HTML page. Though it is not recommended to use this feature in production, it certainly helps a lot when developing software with PHP. When things go wrong, we usually put var_dump() statements into the code to find Non-Invasive Surgery for PHP By Stefan Priebsch When we read our own code after a while, we sometimes have a hard time figuring out what the code actually does. When it comes to other people’s code, things can get really tough. Luckily, Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. Analyzing PHP Programs with Xdebug out . While var_dump() is probably the most widely-used PHP debugger in the world, there is a much better debugging tool for PHP today. The makers of the tool have thrown in some other interesting features as well. Getting Started with Xdebug Xdebug [1] is a PHP extension created by Derick Rethans [2] . Aside from some small, but very useful features [that I will detail a little later in the article] Xdebug profiles scripts, and creates trace logs or code coverage statistics. Last but not least, it is a debugger that supports client/server debugging. Before we dig into Xdebug’s features, let us get the installation done. On Unix and Linux, you need to compile Xdebug from source. To compile Xdebug, you need an Apache web server with PHP installed as a module. In addition to a C compiler, you will need recent versions of tools such as Autoconf, Automake and Libtool. Two helper programs, phpize and php-config that are a part of PHP, are also required. To compile and install Xdebug, run: wget http://www.xdebug.org/link.php?url=xdebug200b5 tar -xzf xdebug-2.0.0beta5.tgz cd xdebug-2.0.0beta5 phpize Xdebug does not work with any PHP versions before 4.3. It only works with PHP 5 and higher.
Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 9 ./configure --enable-xdebug –with-php-config=/usr/bin/php-config make cp modules/xdebug.so /usr/lib/apache2/modules/xdebug.so A l t h o u g h this example does not use the latest version of X d e b u g you should use it. It’ll be helpful in case you need to adjust the path to your system. phpize will output API version numbers that must be supported by the Xdebug version you use. The Xdebug web site lists the API versions of the various PHP versions and the matching Xdebug versions. Take care when updating PHP with Xdebug installed. If the internal APIs change between the PHP versions, the new version of PHP will probably not start or give you funny errors when running with Xdebug. You can always get away with disabling Xdebug, of course. By compiling Xdebug, we have created a shared object that we copy to the directory where all other Apache module are located. Usually, also the PHP module itself is located in this directory. To configure PHP to load the Xdebug extension, add the line: zend_extension=”/usr/lib/apache2/modules/xdebug.so” to php.ini and restart your web server. If you use PHP in a multi- threaded environment like the ISAPI module for IIS of the Apache2 MPM module, you must load Xdebug as a thread-safe module using: zend_extension_ts=”/usr/lib/apache2/modules/xdebug.so” If you are not sure whether your PHP installation is thread-safe, check the phpinfo() output for ‘Thread Safety’ which is either enabled or disabled.You should not load any other Zend extensions while working with Xdebug, because they would probably use the same internal mechanisms in the Zend engine, which usually calls for trouble. Installing Xdebug on Windows is even easier. You do not have to compile Xdebug by yourself, but just download a pre- built DLL and add an appropriate php.ini entry, like this: zend_extension_ts=”C:phpextphp_xdebug.dll” Again, you must decide on whether you need to load Xdebug as a thread-safe module or not, as shown earlier. Let us now check the Xdebug configuration. We can do this by looking at the phpinfo() output or by running php -m at the command line. The - m switch makes PHP list all loaded extensions. Xdebug appears twice in the list, once as a PHP extension and once as a Zend extension. There are a lot of php.ini switches to configure Xdebug, but most of them have sensible deafult values, so we can start using Xdebug without worrying about configuration settings right now; the Xdebug web site lists all available configuration settings. Useful Small Features As mentioned earlier, var_dump() is the most widely used PHP debugger. The native var_dump() output, however, turns out to be not very readable, especially when you dump arrays or complex objects. When Xdebug is activated, the var_dump() output is automatically formatted in a more human readable way, as Figure 1 shows. Xdebug also improves the way PHP displays error messages by adding a stack trace, as shown in Figure 2. The stack trace Fig 1: var_dump() Output after Xdebug is Activated Be careful when updating PHP with Xdebug installed. If the internal APIs change between the PHP versions, the new version of PHP will probably not start or give you funny errors when running with Xdebug. “ Do not load any other Zend extensions while working with Xdebug. They would probably use the same internal mechanisms in the Zend engine, which usually calls for trouble. “
Beginners Non-Invasive Surgery for PHP 10 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 lists the history of function calls that lead to the error. As PHP programs become more and more object-oriented, sometimes errors tend to show up deep inside libraries or helper objects. The stack trace allows you to quickly find out where the code piece that caused an error was called from. You can configure Xdebug to display the current local and global variable values along with the error message.To display local variables along with every error message,you need to add the following setting: xdebug.show_local_vars=1 to php.ini. Note that you have to restart the web server for the setting to take effect. Figure 3 shows a dump of local variables. You can also display superglobal variables with PHP error messages. Since the superglobal variables are arrays that can contain lots of values, you need to configure which keys of certain superglobal variables we want Xdebug to output. For example, to display $_REQUEST[‘command’] you need to add the following: xdebug.dump.REQUEST=command xdebug.dump_once=Off Since superglobal variables never change at runtime, Xdebug displays them only on the first error message (or warning). You can turn this feature ‘off’, if you want Xdebug to repeat dumping the global variables on every error, by setting xdebug.dump_once as shown earlier. Should $_REQUEST[‘command’] not be defined, because no command URL parameter was passed to a script, Xdebug will not output this variable. Since this can be confusing for a developer, you can force Xdebug to also output undefined indices of superglobal variables by adding this setting: xdebug.dump_undefined=On to php.ini. As always, you must restart your web server after you alter the PHP configuration. Note that the extended error display of Xdebug does not work if you define a custom error handler using register_error_ handler(). This is because Xdebug internally uses the same mechanism. Should your scripts use a custom error handler, you can still use the function xdebug_get_function_stack() to output the stack trace in your custom error handler. Another useful feature is the fact that Xdebug limits recursion depth, thus preventing endless recursion, which usually makes PHP segfault, at least on Unix or Linux. Figure 4 shows how Xdebug kills a script when the maximum nesting level is reached. On Windows, PHP tends to lock up the system for quite some time. Xdebug prevents endless recursion by stopping the script once a pre- defined nesting depth is reached. The default value is 100 and this feature is enabled by default. You can modify this limit, which can be necessary if you work with a script that works on deeply nested recursive data structures, for example. Just set xdebug.max_nesting_level in php.ini. Bear in mind, however, that Xdebug does not prevent endless loops, since they do not involve repeated function calls that use up the stack. Fig 2: With Xdebug, PHP Displays Error Messages by Adding a Stack Trace Fig 3: Dump of LocalVariables Fig 4: Xdebug Kills a Script When the Maximum Nesting Level is Reached
Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 11 CreatingTrace Logs As programs, especially object-oriented ones, get more and more complex, the individual code blocks become smaller and smaller. Small code blocks make a program easier to maintain, since changes and additions can be introduced without changing existing code. If you look at an object-oriented PHP program for the first time, however, it may seem that the program never does any actual work and that it only comprises of a seemingly endless series of delegations. Though it may sound awkward, this is a sign of quality in the object-oriented world. Each piece of code should do exactly one thing. This makes software really maintainable, but this comes at the cost of ‘global’ readability. It is rather easy to understand a single class or method, but we can have a real hard time figuring out the main control flow of an object-oriented application just by looking at the code. Instead of putting various var_dump() statements into the code to get an idea of what is going on, we can use Xdebug’s tracing feature. If tracing is activated, Xdebug writes a trace log that lists all function and method calls in the order they were processed. We can also configure Xdebug to include the parameters that were passed in and the return values in the trace log. Keep in mind, however, that each trace shows just one single execution path of our program. Depending on the input values and the internal state of the software, the program can have a different execution path the next time you run it. A good example to illustrate this is a program that expects the command to execute as a URL parameter. When we issue a different command, the program will do something completely different, thus resulting in a completely different trace log. The fact that there are so many possible different combinations of execution paths in a complex program also is the reason why software as a whole is difficult to test. Here, unit testing, which we explored in the November 2006 issue of PHP Magazine, comes to the rescue. To activate tracing in Xdebug, we need to modify php.ini,like so: xdebug.auto_trace=On xdebug.trace_output_dir=”c:traces” The second setting defines the path where Xdebug will store the trace logs. This path defaults to /tmp which is fine on Unix/Linux systems, but calls for trouble on Windows, since the directory c:tmp usually does not exist on Windows. So you either need to create this directory or specify another existing directory; otherwise Xdebug will not be able to create trace logs since it cannot store them. Many php.ini settings can also be performed at script runtime using the ini_set() function. It is not possible, however, to start trace logging at script runtime, because PHP can automatically run an optional ‘prepend’ script before the main script is called. This behaviour is defined in the auto_prepend setting in php.ini. If we start trace logging in our main script, the prepend script would miss from the trace log, possibly calling for a lot of confusion. Xdebug determines the log file names automatically at runtime by calculating a CRC checksum of the script file that is traced.This ensures that an individual log file is being written for each file. For example a log file name could be trace.3482098110.xt. If you trace the same PHP program twice, the original trace log is overwritten. By setting: xdebug.trace_options=On in php.ini, you make Xdebug append to existing logs instead of overwriting them. Listing 1 shows an excerpt from a trace log that was created on Linux. The first column shows the execution time of the script, whereas the second column shows the memory usage of PHP at that time. As we can tell from the trace, the file() function takes up most of the execution time since it requires reading a file from disk or possibly over a HTTP connection.The memory size grows and On a first look, it may seem that an object oriented program never does any actual work. It may seem the program only comprises of a seemingly endless series of delegations. Although this is a sign of quality in the object-oriented world, this comes at the cost of“global”readability.To get an idea of what is going on in a script, use Xdebug’s tracing feature. Listing 1 TRACE START [2006-01-21 18:16:14] 0.0059 43072 -> {main}() /var/www/trace.php:0 0.0089 43072 -> read_input() /var/www/trace.php:12 0.0096 43112 -> process_file() /var/www/trace.php:13 0.0099 43112 -> file() /var/www/trace.php:18 2.0047 139632 -> strlen() /var/www/trace.php:19 2.0053 45808 -> create_page() /var/www/trace.php:14 2.0056 45880 -> array_rand() /var/www/trace.php:26 2.0154 45888 -> implode() /var/www/trace.php:34 2.0182 8384 TRACE END [2006-01-21 18:16:16] A Simple Trace Log
Beginners Non-Invasive Surgery for PHP 12 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 reaches is maximum when strlen() is executed, since this function works on two large strings, then gets lower again as the memory that was used by strlen() is being freed again. If you create trace logs on Windows, the memory usage will always be displayed as 0, although this is not true. The official PHP builds for Windows do not have the memory-limit switch activated— so Xdebug cannot trace the memory usage on Windows. If you manage to compile PHP on Windows, which is a very daunting task, you can activate the memory limit and trace the memory usage of your script. It is probably not worth the effort to do this, since you can always just run the trace on Linux. Memory usage might differ slightly on Windows, but you will get a general idea of how much memory your script needs at which time. Profiling PHP Applications As we know, PHP is an interpreted language. At runtime, every script is translated to an intermediate code which is executed. This translation is repeated each time a script is called. This makes PHP, by design, slower than compiled languages like C or Java.We can use opcode caches like APC [3] or PHP Accelerator[4] to save and reuse the intermediate code, thus making the script faster since we do not have to re-parse the actual PHP code each time a script is executed. If we keep the intermediate code,it makes sense to optimize it. Most PHP programs are written to be readable and maintainable, so their intermediate code is not optimized for performance by nature. There are a lot of optimizations that can be done on intermediate code—unused variables could be removed, calls to short functions could be removed (this is called ‘inlining code’), repeated calculations can be removed from loops, and loops can be rearranged for better performance. If these optimizations were to be done each time a PHP script is called, the question is whether the computing time used for optimization actually pays off by reducing the script execution time at a whole, because we cannot tell how much computing time the optimization will require. If we keep the optimized intermediate code, we can afford spending much more computing time for optimisations. You can do this once and benefit from executing a faster script multiple times. In compiled languages, you can choose an optimization level when you compile.The more optimization you do, the longer the compilation takes, but the faster the resulting code is. Usually one tends to aim for quick compilation while developing and the highest possible level of optimization when the software is deployed. PHP 6 will have the opcode cache APC as part of the standard distribution, so I expect much more (automated) optimizations to happen to PHP code as PHP 6 spreads out. Untilthen,theonlychoicewehavetoimprovetheperformance of our programs is manual optimization; aside from using faster hardware, of course. Manual code optimization is not an easy task, especially if you don’t know where to start. Many programmers have been fooled by guessing which part of a program would be the bottleneck, then spending time optimizing it, only to find out their effort did not result in substantially better performance. We need to base our optimization efforts on reliable statistics. Enter Xdebug—which can profile PHP applications and create a log file that tells us which code line was executed how many times and how much time and memory were used. It may sound like a profiling log is pretty much the same as a trace log, but a profiling log contains much more information, making the log much less human readable. While we can lean a lot from reading a trace log, we need to visualize all the data in a profiling log to be able to work with it. But first of all, let us create a profiling log. Turn ‘on’ profiling in php.ini by adding: xdebug.profiler_enable=On xdebug.profiler_output_dir=”c:traces” As mentioned earlier, Xdebug writes the profiling logs to /tmp by default, so you must change this value on Windows. Just like tracing, you can also not enable profiling by ini_set(), since auto_prepend scripts would not get profiled in this case. And again, as mentioned above, Xdebug caltulates the filename of the log from the CRC checksum of the script name. The name of all profiling logs start with cachegrind.out. By adding: xdebug.profiler_append=On to php.ini, you ask Xdebug to append to an existing log rather than overwrite it. Note that profiling logs tend to grow really PHP is an interpreted language, which make it, by design, slower than compiled languages like C or Java. Use opcode caches to save and reuse the intermediate code to make the script faster, and optimize the intermediate code. PHP 6 will include opcode cacheAPC as part of the standard distribution. Until then you’ll have to resort to manual optimization, which Xdebug provides.
Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 13 large. An average PHP program can easily create a profiling log that is around one megabyte in size. Since writing to the profiling log takes time, program execution will be really slow with profiling activated. You should never activate profiling unless you need it, and never use Xdebug on a production server, just to make sure. Now it is time to have a look at the profiling data. On Linux, use KCachegrind[5] to visualize profiling data, and on Windows use WinCachegrind[6] . Both programs are similar in their basic functionality, though KCacheGrind has more advanced features. Both programs are licensed under GPL so you can use them for private and commercial purposes without any license fee. Figure 5 shows a profiling log visualized in KCacheGrind.You can dig down into the individual functions and methods by clicking on them, but the power of KCacheGrind lies in the aggregation of data.You can quickly tell which functions or methods take up the most execution time. When you need to optimize your application, these are the ones you want to go for first. Keep in mind, however, that it only makes sense to optimize code that is called various times. If you highly optimize one function that is called only once, there is not too much speedup for your application. If your application has hundreds or thousands of concurrent users, it might again make sense so optimize such code to reduce the overall server load. Another rule of thumb in optimization is that you should reduce the number of input/output operations. I/O always takes longer as compared to computations. Therefore, reducing I/O operations can be an efficient way of speeding up your programs. Removing one I/O call can give you more speedup instantly than the couple of hours you may have to spend on optimizing code. Code Coverage We have been talking a lot about analyzing complex programs now. There is yet another type of statistic that Xdebug can create while running an application, namely code coverage statistics. Code coverage statistics help us determine which parts of an application are never executed. Quite often, as the software changes over time, obsolete code (code that is no longer executed, that is) piles up. When we add a new interface that supersedes an older one, we might leave in the old interface in the code for a while to give users of the API time to start using the new one. At some point in time, nobody will be using the old code any more— it has become obsolete. For one, obsolete code adds weight to our application. Even worse, it may still contain bugs or security issues. An attacker might exploit these some day. We should therefore remove obsolete code from our application. But how can we ensure that code is really not being used any more? We create code coverage statistics. While a trace log lists every line of code that is executed, code coverage statistics list every line of source code and count how many times it is being executed. After the program has finished, you can see that all lines with a count of zero are never executed. There is one problem, however. Fig 5: Profiling LogVisualized in KCacheGrind Scripts grow over a period of time, as does the obsolete code in it.This not only weighs down the application, but may also include bugs and cause security issues. The solution is to run unit tests and have Xdebug collect code coverage statistics of the application code to ascertain what parts of the script is obsolete and can be removed. Fig 6: Code Coverage Statistics Created with Phing
Beginners Non-Invasive Surgery for PHP 14 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Conclusion Xdebug is a small, yet useful tool in PHP development. It should be installed and activated on every computer you do PHP development on. Xdebug is pretty stable, though there is still no official release. You should not run Xdebug on a production system, though, because most features degrade performance. Besides, since you probably won’t debug on a production system, there is really no reason for Xdebug to be installed there. On my development system, I would never want to miss Xdebug a single day, and even if it is just for the better formatting of the var_dump() output. Resources & References [1] http://www.xdebug.org [2] http://www.derickrethans.nl/ [3] http://pecl.php.net/package/APC [4] http://www.php-accelerator.co.uk/ [5] http://sourceforge.net/projects/kcachegrind [6] http://sourceforge.net/projects/wincachegrind/ [7] http://www.phpunit.de [8] http://www.activestate.com/Products/Komodo/ [9] http://www.weaverslave.ws/ As mentioned before, a program has many execution paths. One run of the program will usually not execute all code. Again, unit tests come to the rescue. In November 2006 issue of PHP Magazine, I detailed how to create unit tests with PHPUnit [7] .The trick is to run the unit tests and have Xdebug collect code coverage statistics of the application code, as we do not want to find out how much test code is executed, but how much of the application code is executed. Figure 6 shows an example for code coverage statistics created with Phing, a build automation tool that was presented in the October 2006 issue of this magazine. Xdebug collects the coverage statistics in an array, which is not very human-readable. So Phing, together with PHPUnit, takes this array and creates a neat HTML report from it. Debugging Debugging software is probably the least interesting of a developer’s job.If a bug causes the program to fail and a stack trace is created, the bug is usually rather easy to find. If the program just delivers wrong results, the bug can be very tough to find. Instead of putting var_dump() statements into your code to track down the error, you can use the debugging feature of Xdebug. With the debugger, you can set breakpoints that make the program stop, allowing the debug client to display all variables. You can not only run the program, but also step through it and watch the variables change. When stepping through your application, quite often it becomes rather easy to track down a bug. The Xdebug debugging feature comes with a grain of salt, though. To this day, there is no decent debug client that is available for free. ActiveState Komodo [8] has a debug client, but is no free software. Weaverslave [9] does a good job in displaying the variables when an exception occurs, but stepping and setting breakpoints does not seem to work. Derick Rethans has now started to work on a debug client, so we can expect this situation to improve in the near future. Until then, it seems that var_dump() will remain the PHP debugger of choice for many of us. Stefan Priebsch has been solving IT problems for over 20 years. After seven years as an IT consultant and two years as a software engineer he founded e-novative GmbH in the year 2000 as an IT consultancy for small and medium- sized corporations. Stefan holds a degree in Computer Science from the Munich Technical University. He is an internationally acclaimed PHP expert, a regular contributor to various IT publications, and a speaker at international conferences. His first book, “Enterprise PHP Tools”, was published in summer 2006 by entwickler.press. DeveloperSutra www.developersutra.com InformationTreatiseForThe DeveloperCommunity DATABASE JAVA ECLIPSE PHP OPENSOURCE SECURITY SOA WEB TECHNOLOGIES .NET
I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 15 Beginner’s Guide to PHP Column Review of Last ‘Class’ Last issue I detailed control structures like the if statement and while..do and do..while loops. We also covered for loops. Control statements like these are the core of PHP coding. For example, when you have a requirement for a web site, it’s usually based on a condition. So you’ll have to use a control statement to handle the logic of the web site requirement. With control statements, you can handle almost any set of logic. For instance, in a web site you’d have to take care of a variety of requirements, such as validating users, updating a featured article for today, transacting with a credit card processing company, and e-mailing a newsletter. All these requirements are done with control statements (such as if, while, for) and variables (such as strings, arrays, and integers) holding the data to be validated. Homework Review Last class, I assigned a homework that would further your PHP knowledge and give you a practical example of using a condition. I assigned the task of telling the world your age and increment it year by year to the point of retirement. You should have saved you work as php_hw3.php and tested and run it using the URL: http://localhost/php_hw3.php. Listing 1 holds the script I wrote. You’ll notice I kept it to five lines by not making a line breaking (HTML <br>) until a different decade of age (for example, my forties) is reached. I made PHP add one year with ..year.. until the line break. The entire program is really a while..do statement that handles the requirement of ‘until you retire, do something’, where the ‘something’ is then handled by a series of if conditions. As detailed last month, in a while..do loop you need to be able to set the condition within the loop to avoid an infinite loop. In the earlier script, I initially set $retired to false, so the while..do loop runs until retirement. I needed to be able to set $retired to be true within the loop, or I would be working until I was 999,999,999+ years old! So I hope this homework has provided a foundation for how you would handle any web page, break the requirements up between variables and logic, and then determine program flow and code the logic. Lesson #4 This should be a fun lesson, because I’m going to take a standard web page (all HTML) and slowly transform it to PHP code. In this way, you will see how PHP can render the HTML to make a duplicate page, but also gain the ability to make the page dynamic. Beginner’s Guide to PHP By Marc Isikoff Over the last three issues, I’ve dealt with the basics of PHP, to provide you with a good background of PHP syntax, variables and processing logic.In this issue we’ll look into a practical PHP to HTML program so you can put all the knowledge you’ve gainedtomakewebpages.WewillseewhatPHPcandoandhow you can write code to make PHP render wonderful web pages. Transform an HTML Web Page to PHP Code
16 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP Let’s recap what HTML knowledge you should know: • The <HEAD> tag an included tags for <TITLE> and <META> • The <BODY> tag and included tags for <FONT> • Table <TABLE> tags like row <TR> and cell <TD> • Form <FORM> tags and <INPUT>s for data The last HTML tag <FORM> is where PHP will really shine, because in HTML the action attibute of the <FORM> statement suggests that some action should occur from and based on the data of the form. PHP provides the action. The <HEAD> and <BODY>Tags A simple web page can be made with just the basics, right? Consider this simple web page: <HTML> <HEAD> <TITLE> Simple Web Page </TITLE> </HEAD> <BODY> Welcome to my webpage! </BODY> </HTML> You could run this and get a simple web page where you can see the title in the browser bar and a line of text in the browser that reads, Welcome to my webpage!. We can also make this simple web page using PHP, like this: <?php echo “<HEAD>”; echo “<TITLE>Simple Web Page</TITLE>”; echo “</HEAD>”; echo “<BODY>”; echo “Welcome to my webpage!”; echo “</BODY>”; ?> <?php // Establish the required variables with values $retired = false; // initially setting retirement to be false $age = 35; // my initial age, yours should be set to your current age $retired = ($age > 74); // Sets $retired to boolean TRUE if $age is more than 74 $prior = null; while (!$retired) { // creating a while-do loop until retirement $retired = ($age > 74); // Sets $retired to boolean TRUE if $age is more than 74 if ($retired) echo “<br>I’m now $age and I’m retiring... goodbye!<br>”; else { if ($age > 69) $current = “seventies”; else if ($age > 59) $current = “sixties”; else if ($age > 49) $current = “fifties”; else if ($age > 39) $current = “forties”; else if ($age > 29) $current = “thirties”; $left_to_go = 75 - $age; if ($prior == $current) echo “..$age”; else echo “<br>I’m now $age and in my $current and now there’s $left_to_go years until I retire”; } $age++; $prior = $current; } ?> Listing 1 I’m now 35 and in my thirties and now there’s 40 years until I retire..36..37..38..39 I’m now 40 and in my forties and now there’s 35 years until I retire..41..42..43..44..45..46..47..48..49 I’m now 50 and in my fifties and now there’s 25 years until I retire..51..52..53..54..55..56..57..58..59 I’m now 60 and in my sixties and now there’s 15 years until I retire..61..62..63..64..65..66..67..68..69 I’m now 70 and in my seventies and now there’s 5 years until I retire..71..72..73..74 I’m now 75 and I’m retiring...goodbye!. Listing 2
I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 17 Beginner’s Guide to PHP Column You would get the EXACT same web page with this PHP code. But if you’re saying, “HTML is easier…seems like less coding for the same output.”, you’re right. For a static web page—one with no decision-making and not variable to process—always use HTML. How many times do you see web pages like that though? Maybe while you’re building your web page you want a basic “Under Construction” with a graphic. Of course, you can use HTML for that. The <TABLE>Tag Let’s take a look at a web page that has a table of figures in it. In this example, the web page will show a savings discount based on several checkout coupons versus how much is in the cart of a potential customer. Listing 3 shows the code in HTML. This web page can be used by telephone order clerks who advise customers as well as for online FAQ (for the customer) access. It can also be used by affiliate web sites where they tell the world what coupons are worth what for various web sites. Listing 4 holds the PHP version of the same example. What do you think of this script? It’s close to the same amount of coding and the PHP script is a little more difficult with variables, arrays, and conditional statements. That aside, PHP allows a provision to grow into the future a little better. <HTML> <HEAD> <TITLE>Potential Savings with Coupons</TITLE> </HEAD> <BODY> <p><center>Coupons Available Based on CartValue</center></ p> <table border=”1”> <tr> <td>Code</td> <td>Needed CartValue</td> <td>Savings</td> <td>Freight</td> <td>Tax</td> <td>Total</td> </tr> <tr> <td>TEN%OFF50</td> <td>$50</td> <td>$5</td> <td>$9.99</td> <td>$2.25</td> <td>$57.29</td> </tr> <tr> <td>NOFREIGHT</td> <td>$50</td> <td>$0</td> <td>$0</td> <td>$4.50</td> <td>$54.50</td> </tr> <tr> <td>WEPAYTAX</td> <td>$50</td> <td>%0</td> <td>$9.99</td> <td>$0</td> <td>$59.99</td> </tr> </table> <p>Customer would be best off if they chose coupon code NOFREIGHT</p> </BODY> </HTML> Listing 3 <?php echo “<HEAD>”; echo “<TITLE>Potential Savings with Coupons</TITLE>”; echo “</HEAD>”; echo “<BODY>”; $tax = .05; $freight = 9.99; $cart_basis = 50; $PERCENT = array(“TEN%OFF50”,50,.1,$freight,$tax); $NOFREIGHT = array(“NOFREIGHT”,50,0,0,$tax); $WEPAYTAX = array(“WEPAYTAX”,50,0,$freight,0); $coupons = array($PERCENT,$NOFREIGHT,$WEPAYTAX); echo “<p><center>Coupons Available Based on CartValue</ center></p>”; Listing 4
18 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP What if there were 100 discounts codes applicable to USD 50 cart value? Hand coding the HTML would take a while and there would be ever-changing maintenance on the names of the codes, discount percentages, and calculations. In the PHP code, it would suffice to leave it all alone for future growth, except for the original array definitions and the values of freight, tax, and the cart dollar amount. But as we’ll learn—in future issues of this column—you can pull that data from a database so your PHP code can also remain fairly static. Then the to-do is to build a maintenance form to all, so the database can be updated as needed. The <FORM>Tag Now let’s learn about a specific variable called $PHP_SELF. This is a ‘super global’ of PHP, which means it comes with PHP and you are free to use it as required. You can also use it make a web page call itself. The concept is that you set up an HTML form and ask for several inputs (say, the cart value and the coupon code). You then can reload the exact same web page and get different results because the inputs pass back into the web page as variables in an array. The web page reads the array and decides how to display the web page. In the next coding example, we’ll display some cart information such that the total is USD 50 and we’ll ask (in a form) what coupon code to apply. When the user submits the information we’ll reload the same web page, but you’ll see that the title, and display information has changed. See Listing 5. The above PHP code does what HTML can’t do. It calls itself and determines what to show. If you copy it and save it as a .php program you will be able to choose your coupon and move to what appears to be a different form, to validate that the coupon code is correctly applied. I left out the last part, though, which echo “<table border=’1’>”; echo “<tr><td>Code</td><td>Needed CartValue</ td><td>Savings</td><td>Freight</td><td>Tax</td><td>Total</ td></tr>”; $best = “”; $prior_total = $cart_basis + $freight + $tax; foreach ($coupons as $key=>$value) { $discount = $cart_basis * $value[2]; $taxable = $cart_basis - $discount; $taxed = $taxable * $value[4]; $total = $taxable + $taxed + $value[3]; if ($total < $prior_total) $best = $value[0]; echo “<tr>”; echo “<td>$value[0]</td>”; echo “<td>$value[1]</td>”; echo “<td>”; echo $discount; echo “</td>”; echo “<td>$value[3]</td>”; echo “<td>$taxed</td>”; echo “<td>$total</td>”; echo “</tr>”; $prior_total = $total; } echo “</table>”; echo “<p>Customer would be best off if they chose coupon code $best</p>”; echo “</BODY>”; ?> Listing 4... (contd) <?php $mode = $_POST[‘mode’]; if (!$mode) $mode=”choose_coupon”; if ($mode == “choose_coupon”) { $title = “Choose Checkout Coupon”; $show_cart = true; $show_coupons = true; $show_final = false; $coupon = “”; } else if ($mode == “validate_cart”) { $show_cart = false; $title = “Confirm Checkout Options”; $show_coupons = false; $show_final = true; Listing 5
I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 19 Beginner’s Guide to PHP Column $coupon = $_POST[‘coupon’]; } echo “<HEAD>”; echo “<TITLE>$title</TITLE>”; echo “</HEAD>”; echo “<BODY>”; if ($show_cart) { echo “<center>Your Shopping Cart Items</center>”; echo “<table border=’1’>”; echo “<tr><td>Item</td><td>Qty</td><td>Description</ td><td>Extended Cost</td></tr>”; echo “<tr><td>A091B</td><td>2</td><td>USB Cable</ td><td>$25.00</td></tr>”; echo “<tr><td>4FGCI</td><td>1</td><td>DVI to HDMI Converter</td><td>$15.00</td></tr>”; echo “<tr><td>566FP</td><td>1</td><td>Loopback cable</ td><td>$10.00</td></tr>”; echo “</table>”; echo “<br>”; echo “Cart Total: $50.00”; } $tax = .05; $freight = 9.99; $cart_basis = 50; $TENOFF50 = array(“TENOFF50”,50,.1,$freight,$tax); $NOFREIGHT = array(“NOFREIGHT”,50,0,0,$tax); $WEPAYTAX = array(“WEPAYTAX”,50,0,$freight,0); $coupons = array($TENOFF50,$NOFREIGHT,$WEPAYTAX); if ($show_coupons) { echo “<p><center>Coupons Available Based on CartValue</ center></p>”; echo “<table border=’1’>”; echo “<tr><td>Code</td><td>Needed CartValue</ td><td>Savings</td><td>Freight</td><td>Tax</td><td>Total</ td></tr>”; $best = “”; $prior_total = $cart_basis + $freight + $tax; foreach ($coupons as $key=>$value) { $discount = $cart_basis * $value[2]; $taxable = $cart_basis - $discount; $taxed = $taxable * $value[4]; $total = $taxable + $taxed + $value[3]; if ($total < $prior_total) $best = $value[0]; echo “<tr>”; echo “<td>$value[0]</td>”; echo “<td>$value[1]</td>”; echo “<td>”; echo $discount; echo “</td>”; echo “<td>$value[3]</td>”; echo “<td>$taxed</td>”; echo “<td>$total</td>”; echo “</tr>”; $prior_total = $total; } echo “</table>”; echo “<p>You would be best off if you chose coupon code: $best</ p>”; echo “<br><br>”; } if ($show_coupons) { echo “<FORM method=’post’ action=’$php_self’>”; echo “Choose Coupon:<br>”; echo “<input type=’hidden’ name=mode value=’validate_cart’>”; echo “<select name=’coupon’>”; echo “<option value=’TENOFF50’>10% of $50</option>”; echo “<option value=’NOFREIGHT’>No Freight Charge</ option>”; echo “<option value=’WEPAYTAX’>Tax Included</option>”; echo “</select>”; echo “<br>”; echo “<input type=’submit’ value=’Submit’>”; echo “</FORM>”; } Listing 5... (contd)
20 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP is to ask the customer if what they see is correct or if they want to go back and choose another coupon instead. You can also see there are opportunities to shorten the logic of the PHP code. See the validation where there are three different if statements to choose which coupon array we should use, based upon the coupon string the customer chose. If the number of coupons goes up, that code will grow. YourThird Homework Now comes the time to give you this month’s homework assignment. Next month, I will post the answer, so you have enough time to work on it. Homework:asmentionedearlierinthearticle,therearesignificant updates to the PHP code I detailed earlier. See if you can improve the script. Save the modified script as php_hw4.php, and use the URL http://localhost/php_hw4.php in your browser. Have fun! Marc Isikoff is a Senior Project Manager at Warner Music Group in New York City. He has taught PHP at the collegiate level at Columbia University in the city of New York. He is active in programming PHP, being a helpful to resource to peer developers, and speaking at PHP conferences. Resources & References [1] International PHP Magazine web site: http://www.php-mag.net if ($show_final) { echo “PleaseValidateYour Coupon Selection<br><br>”; if ($coupon == $coupons[0][0]) $code = $TENOFF50; else if ($coupon == $coupons[1][0]) $code = $NOFREIGHT; else if ($coupon == $coupons[2][0]) $code = $WEPAYTAX; $disc = $code[1] * $code[2]; $tax_on = $code[4] * ($cart_basis - $disc); $subtotal = $cart_basis - $disc + $code[3] + $tax_on; echo “<table border=’1’>”; echo “<tr><td>CartValue:</td><td>$$cart_basis</ td></tr>”; echo “<tr><td>Coupon:</td><td>$code[0]</td></ tr>”; echo “<tr><td>Discount:</td><td>$$disc</td></tr>”; echo “<tr><td>Freight:</td><td>$$code[3]</td></ tr>”; echo “<tr><td>Tax:</td><td>$$tax_on</td></tr>”; echo “<tr><td>Total:</td><td>$$subtotal</td></tr>”; echo “</table>”; } echo “</BODY>”; ?> Listing 5... contd
Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 21 Individuals and organizations are increasingly seeing open source as a method for collaborative software development. Big businesses are also realizing the benefits open source software holds for them. This article aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. Introduction This article is based on my diploma thesis where I did a detailed economical analysis of the open source relational database market. One of the things I wanted to achieve with my paper is to base my observations on a solid understanding of economic principles. Historically open source has always had an ethical dimension. The term ‘open source’ was invented to strip the political dimension from Stallman’s ‘free software movement’ and to simply provide a term for the practice of sharing source code. Today the distinction between ‘free software’ and ‘open source software’ is not widely understood. The term FOSS or FLOSS is used to describe both movements at the same time. However, an increasing amount of individuals and more importantly organizations today see open source as a method for collaborate software development and not as an ethical quest. This has made it increasingly easier for big business to realize the benefits open source software holds for them. In the following pages I will introduce the key terms economists use to describe open source software. I will use examples from the open source database market to illustrate each of them. So once you have read to the end of this article you should know the economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. A lot of information about the economics of information goods can be found in the book ‘Information Rules’ by Hal Varian, although it lacks making any references to open source directly. But it may serve as an interesting read if you want to know more once they have finished this article. Benefits to Individuals The thing that most economists find most peculiar is the notion that open source at first sight appears to be based on altruism. While altruism may play a role or at least partial role for some open source developers it would seem quite unlikely that for some reason programmers are more altruistic than people in other fields. If you dig deeper it becomes clear that other reasons are more likely the cause for the global success of open source, even if Stallman may have started the movement initially for purely ethical reasons. Individuals benefit from participating in open source in several important ways, such as self education, career building, and reduced work. Self education is a result of the peer review process common in most open source projects, that leads to very detailed hints on how to improve a given piece of code. Open source has also been the launching pad for many who are now famous in the IT industry.Two of the most prominent people in IT today are Linus Torvald of Linux fame, and AndrewTidgell of Samba fame. In the Synergies and Opportunities: Open Source and CommercialVendors By Lukas Kahwe Smith The Economics of Open Source in the Relational Database Market
Cover Story Synergies and Opportunities: Open Source and CommercialVendors 22 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 database field several people have attained fame through their involvement in open source. For example, Josh Berkus managed to score a position as a senior engineer at SUN through his work on PostgreSQL. Richard Hipp, author of SQLite database which is used in many applications and even operating systems like Mac OS X and Solaris 10, has gotten several job offers as a result of his work and is a recognized leader at conferences around the world—although he never expected to make a dime from SQLite. The last point of the earlier list needs a bit more explaining. As other people collaborate on producing a combined piece of work it is obvious the result will likely be superior in quality and scope of what any individual could have produced on their own. However, the fruits of their labour are available too all. Some open source licenses, like the BSD license, even allow users to extend the given code without sharing any of their changes with the community or even the people they distribute the source code to. The PostgreSQL project is a good example of this. It has been the starting point f o r dozens of other databases, m a n y of which are being sold u n d e r a proprietary license. So what is the basis for cooperation in this case? The core idea is that people or companies who allocate resources to PostgreSQL need to determine what their market differentiator is. For smaller companies it could just be their geographical location. That is, there are simply no local competitors and so they have no drawbacks from having other people be able to use the source code in other places of the world. With many global players having entered the PostgreSQL ecosystem most companies focus on technical differentiators. They focus on producing an optimized version of PostgreSQL for a very specific task. For example,EnterpriseDB is focused on Oracle compatibility, while Greenplum is focused on Business Intelligence. Since both of them need some things added to the core that is not among the features that truly differentiates them, or which would be too much work to maintain themselves, they decide to open source many of their changes [although the BSD licenses does not force them to do so]. Cloudscape is following a similar model after IBM open sourced the source code. Today the database is available under the Apache project as Apache Derby. But SUN has also added it to their support line-up as Java DB, which will be bundled with the next version of Java. This gives all these companies a manufacturing advantage over their competitors in their respective niche market, since they have to employ less people to get the same functionality. So by now we have established that there are other reasons than pure altruism that also motivate people to work on open source. All economists reading this are probably much relieved by now. The Power of Networks One of the key drivers of open source has been the Internet. With a cheap distribution mechanism it became possible for open source projects to make their source code available free of charge.This is a requirement in order to get the huge numbers of users necessary to be able to truly benefit from a community of developers and users. These are so called distribution costs and transaction costs. While speaking of costs, one of the key things to remember with software is that in order to first develop it one must invest resources that are sunken costs; that is, even if production is halted, they cannot be regained. As a result, it costs more or less the same to produce a single copy or a million. Therefore at any time the margin costs—the costs of producing another unit, that is—are near zero. However, the more copies distributed, the lower the average costs per unit. This is called supply side economies of scale. This is one of the reasons why market leaders are often also cost leaders. Another important aspect of software development is that, aside from the looming threat of patents, the software market has very low barriers to entry. So it’s easy to enter the software market, as there is no need to invest in elaborate facilities like, Apart from purely ethical reasons, individuals benefit from participating in open source in several important ways, such as self education, career building, and reduced work. “
Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 23 say, a car manufacturer. Let’s get back to a concrete example— MySQL was able to build up a huge installed user base counting millions of installations by leveraging the low distribution costs via the Internet. More importantly, MySQL is also able to push its recent version into the hands of its users very quickly. This is important to keep MySQL users happy as their needs continue to grow. MySQL is a recognized brand name although their marketing and turnover is significantly small as compared to its proprietary competitors. While most open source projects still get most of their source code from only a dozen core developers at a time, it is still vital to get a constant stream of new developers working on edge features or even replacing core developers that fade into the background due to lack of time. Users are key in evangelizing and documenting the given piece of software. They also provide invaluable feedback to the development team. The more developers and users on a project, the more the project grows, which in turn attracts yet more people to the project—this is a known phenomenon.While Brook’s law—the observation that adding more developers to a late project makes the project even later—would seem to imply that more developers could actually hurt open source, this is not the case in practice in successful projects. By structuring projects as many subprojects, or like an onion where any proposal has to pass several layers until it finally reaches the core developers of the project, open source is able to elegantly evade the exponential growth in communication paths which underpins Brook’s law. Economists use the term network effects to describe the principle that the larger the network, the higher its value to the people involved. This results in demand side economies of scale, which do not dissipate like supply side economies of scale when the market grows big enough. Again MySQL serves as a perfect example. With so many tutorials, free applications and cheap hosting out there for MySQL, users are driven towards MySQL not necessarily because it is the best database, but more because it runs the applications they need. Business Models Traditionally companies have been mainly focused on locking their customers into their product and selling proprietary licenses to them. Once a customer has invested in training and certification for a specific product he faces large so-called switching costs if he was to move to a competitor, since this would mean having to retrain the entire staff. As a result, proprietary software makers tend to not favour standards to keep margins high. Using a concept called limit pricing, companies put prices exactly at a level where it does not make sense for competitors to invest the sunken costs to enter the market because customers would not yet be willing to incur the switching costs in order to escape the high margin prices of their current vendor. Companies may still accept standards to grow a market and products that aren’t yet mature, since customers may be unwilling to take the risk of having the given product disappear and their training becoming obsolete as a result. The need to cooperate with competitors is often referred to as coopetition. User interests, however, have naturally driven open source, especially if these users are also the developers. As a result, open source software tends to be big on standards compliance. The RDBMS market used to be very standards compliant as well, since government regulations in the U.S, mandated this. But when the government stopped developing compliance tests after the SQL92 standard was released, so did the compliance testing for later versions of the standard. In the open source database market we find both extremes, however. PostgreSQL is very standards compliant, while MySQL is only recently paying a lot of focus on the SQL Internet is a key driver of open source. For example, MySQL was able to build up a huge installed user base counting millions of installations by leveraging the low distribution costs via the Internet. Further, Internet enables a large number of developers and users to come together on a project to make it a success. Successful open source projects are often structured as many subprojects, where any proposal has to pass several layers until it finally reaches the core developers of the project, which allows open source to elegantly evade the exponential growth in communication paths [that are often detrimental to a project]. “
Cover Story Synergies and Opportunities: Open Source and CommercialVendors 24 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 standard. We will revisit MySQL’s lack of standards compliance later in the article. However, for now an important point is that standards compliance, as practiced in the open source world, does not seem to result in loss in variety, which is usually a concern of standardization. Finding a business model around open source took some time. But today there are actually several successful models. We have already seen one approach in the PostgreSQL market, which relies on the specific aspect of the BSD license to allow selling proprietary licenses to software based on the open source code base. I will to refer to this model as the proprietary extension model, athough some people also refer to it as the secret soup model. Another popular business model is called the dual licensing model. In this model the software copyright of the license needs to reside in the hands of a single company. This enables the entity to provide the software under an open source license free of charge and also sell proprietary licenses at the same time. Now why would anyone choose to pay for something if they can get the same thing for free under an open source license? The key is to choose the right open source license. While the BSD license is a so-called non-propagating license, the GPL is a strongly propagating license. That means any software linked to a piece of GPL’ed code must also be made available under the GPL. Databases are however often included as part of the infrastructure of a larger piece of software, whose manufacturer may rely on a business model where the GPL does not fit. For these kinds of companies it makes sense to buy proprietary licenses. They still benefit from being able to read and modify the source code. More importantly, they also know that if their supplier goes out of business, they at least have the option of considering switching to the open source license, whereas traditional proprietary customers are solely at the mercy of whoever scoops up the source code, if at all. In a sense, dual licensing companies provide two different versions solely based on the license. On one side, the open source licensees expand the ecosystem around the product and on the other hand, the proprietary customers pay the bills. There are several dual licensing companies in the database market. MySQL is probably the most prominent, but recently Ingres also became available under this model. Sleepycat is another example, which also illustrates another interesting aspect of dual licensed companies. Oracle recently acquired Sleepycat, the makers of Berkeley DB, which is [likely] the most popular relational database in the world. Since Sleepycat owns the entire copyright, Oracle is now free to integrate the source into its proprietary line-up in anyway it sees fit. One drawback with this model is that while PostgreSQL can benefit from cooperation on the actual development of the core product, dual licensing companies mostly rely on end users to provide feedback and applications, not on actually helping on developing code for the core product. MySQL is trying to improve this situation by providing an agreement under which source code contributors are compensated if their code is integrated into the core product. Dual licensing companies, and pretty much all software companies, either directly (or indirectly through partners) also makes a portion of their turnover based on selling support as a complementary product. There are even companies that essentially make the bulk of their income through support and training. For example,the PostgreSQL company,Command Prompt,makes about 85 per cent on services. The same applies to many other companies in the Firebird ecosystem. There are also now companies dedicated to MySQL performance tuning as well. The support business model is a double-edged sword. Selling software is such a great business model mainly because the cost of producing additional copies is close to zero.With support however, the more customers a company has, the more support staff they need to employ. Of course, there are advantages as well. For one, by building up a knowledge database, companies can take benefit from supply side economies again, since they only have to build this database once in order to more quickly answer customer questions. Further, service is a hard to quantify feature. So once customers are satisfied with the support they are getting, they are even less likely to switch to a competitor. Furthermore, support contracts bring in a fairly constant stream of income but software licenses are usually sold as perpetual licenses. Customers are therefore less likely to upgrade to newer versions, which increases support costs and also makes them more likely to switch to a competitor when it comes time to upgrade. Another approach is to sell time-limited licenses. Companies therefore often have to give discounts to existing customers, which reduces their margins. A final advantage of support based business models is that it is an elegant way to evade issues of software piracy. By now it should be clear that by choosing a particular license and managing the copyright, you effectively limit the business model options. PostgreSQL only allows very specific business model due to the BSD license and the copyright that is scattered among many individuals and companies. MySQL’s business model is determined by the GPL and the fact that MySQL AB holds the copyright to the entire source code. Borland did not choose the proper license back when it open sourced Interbase. They choose a weakly propagating license with the Mozilla license. However, they had the intention of closely controlling the source, which turned out impossible given
Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 25 the license they choose. Within days the code was forked to create Firebird and Borland later returned to closed source development of the original Interbase source code. To their dismay the open source code even exposed a back door in their closed source product that has been in the case base for years prior to the open sourcing. Productization As any developer will know its a lot easier to write a piece of software to scratch a personal itch than it is to write a piece of software that solves the problems of a broad market.The moment the software is distributed to end users, not only will they find that the software is still missing a feature here and there, but they will most likely use the software slightly different and, as a result, expose bugs and issues hidden to you. They will also try to set up the software in their own IT environment that will be different in ever so subtle ways. Alternatively, they will clamour for adding support for some hardware or operating system that is unknown to you. Mastering these challenges is the art of turning a piece of custom code into a product also known as productization. Open source developers have a huge advantage here as end users are much more willing and able to assist in this process. Since the source code is open to them competent users can even do all the necessary work themselves. As it is in their best interest to ensure that future releases will also contain the necessary fixes, most users will provide their changes to the original project although open source licenses do not require anyone to make changes to their personal installation available as open source. As a matter of fact, this close relationship between the developers and end usersofopensourcesoftwareiscritical.Thiscreatesafeedbackloopthat is superior to the relationship that proprietary manufacturers have with their customers. Here the manufacturer tends to hide defects from his customers instead of engaging them in finding a solution. Productization is also a possible business model for companies. While the open source software may be provided fairly raw without a nice printed manual and a GUI driven installer,third-party companies can step up and provide just that to willing buyers who do not have the expertise. Linux distributions have made this their business. DisruptiveTechnologies As I mentioned earlier, Relational Database Management System (RDBMS) is big business. Databases have increased in scope dramatically through the years, especially since compliance testing stopped being expanded for new standards. In a maturing market companies become worried their bread and butter becomes commoditized, as competitors catch up to the market leader. The reaction of the market leader is usually to just expand the scope of his product using elaborate marketing campaigns to make everyone believe they actually need these new features. This is what Clayton Christensen described in his book ‘The Innovator’s Dilemma’. As products overshoot what the market really needs, while keeping prices and margins high, a window of opportunity is opened for companies—willing to accept lower margins—who provide a product that is good enough. Especially if these products themselves make it possible for entirely new markets to spawn, they may turn out to be disruptive technologies. Initially these products have lower margins, but as this new market [that they have enabled] matures, the existing market leaders will not react in time, because to them it only looks like a low margin opportunity. MySQL turned out to be exactly that. It was a good enough RDBMS that focused on easy installation and a ‘just works’ mentality, whereas others focused on data integrity.This was the key,however,in enabling the armies of hobby programmers to storm the Internet with their ideas, which in the end turned out to be big business. The best illustration of this is the various social networking sites that have been acquired for triple digit millions and even billions of dollars. By the time these products prove the impact they have on future markets, the established leaders begin to realize their mistake. By then it is often too late. In a move that some claim was squarely directed at disrupting MySQL, Oracle acquired the companies behind both the transaction capable storage engines available for MySQL. What would seem as a ‘death blow’ turned out to simply validate the open source process. For one there was already someone in the community working on an open source transactional storage engine called PBXT forMySQL.Notonlythat,butMySQLABtookmattersintotheirown hands by getting the database guru and original author of Interbase, Jim Starkey,on board to develop another transactional storage engine for MySQL AB, code named Falcon. MySQL AB expanded its storage engine API to become pluggable without a recompile, to spawn a market for companies willing to bring their database products to the MySQL platform. The first company to do so is SolidDB, a close neighbour of the Finnish MySQL AB offices. Finally, Oracle agreed As a market matures and competitors start to catch up to the market leader, the latter often reacts by expand the scope of their product using elaborate marketing campaigns to make users believe they actually need these new features. “
Cover Story Synergies and Opportunities: Open Source and CommercialVendors 26 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 to renew the license terms of one of the transactional storage engines and MySQL AB dropped the other one from their distribution. While nobody outside Oracle knows the exact motivations for their steps [if their original aim was to disrupt MySQL, that is] they should know by now that their approach turned out to be futile. Perhaps they were just hoping to lower the price for an acquisition of MySQL AB, which Oracle apparently also attempted a little later. However, the offer was declined by MySQL AB’s CEO, Martin Mickos. Today MySQL looks stronger than it did before Oracle’s acquisitions. Commoditization When you speak about commoditization it is important to realize that many people in the IT industry have a vested interested in commoditizing the database market. Microsoft has traditionally been probably the greatest commoditizer in the IT industry. Their aim is to rake in the profits by shipping insane quantities of their products. They have also been found guilty of keeping prices high at the same time by abusing the monopoly they have gained as a result. Today open source is responsible for commoditizing software markets. Before we go any further, let me clearly explain what commoditization really is. Commoditization is the process whereby technology that was previously owned exclusively by a single vendor, and therefore priced at a premium, becomes widely available at comparatively low prices. More importantly it is possible to substitute one product with another. Obviously this is in the best interest of consumers. In some cases these consumers are other companies,especially in the database market, since databases are usually part of the IT infrastructure and not a final end user product. SAP has been particularly annoyed by the high margins Oracle is able to make with its database. Initially SAP and Oracle had a very close relation as all SAP products where actually developed to run on Oracle. However, Oracle has now entered the ERP and CRM market as well and is now one of the main competitors of SAP. As a result, SAP is actually handing money to Oracle, as the vast majority of SAP installations end up running on Oracle. The high prices of Oracle just make the SAP platform more expensive. SAP decided to combat this by acquiring the rights to develop and distribute Software AG’s ADABAS database. But the resulting product, SAP DB, never took off and still only holds a fraction of the SAP market. To step up the game, SAP decided to open source the database with the clear mission statement of wanting to commoditize the database market. A few years later they decided to partner with MySQL AB and rename SAP DB to MaxDB. This obviously gave SAP’s database more credibility in the open source world, but more importantly it put MySQL on the radar of many high-end business users. Since MySQL is now very close to being ‘SAP certified’ this lending of credibility could pay off big time for SAP, if MySQL manages to slowly erode Oracle’s dominance in the SAP market. As such SAP seems to be putting its money on open source in order to scorch the market for Oracle. Crossing the Chasm Another aspect I want to touch upon, which IT companies constantly face, is the challenge of managing their work force. Companies usually have an initial phase when they are developing a new product, especially for a new market, where they require the expertise of innovators—people who invest themselves strongly into the product before there are any users around it. The few users they find are of a similar mindset, willing to try out something new. However, once the product is mature, they will be faced with having to adjust to a much more conservative development style. Suddenlynewfeaturesmatterlessthanmakingsurethattheproduct is backwards compatible. At this point the innovators often become more a liability than a true help. This is what Geoffrey Moore called ‘crossing the chasm’ in his book by the same title. In open source development, the innovators still have a way to express themselves. For example, the popular SAMBA server was forked off by a team of developers who wanted to focus on expanding the feature set with a revolutionary concept, rather than slowly evolve the product. They just forked off the code and the current product obviously could at any time use their results—if they matured far enough and fit into the evolutionary developed product, that is. Similarly, developers in the database field have been known to adapt their database in quite surprising ways. For example, when a company found it hard to Fig 1: An Open Operating System Doesn’t Only Have Advantages (Source:A Microsoft Ad Released in Germany)
Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 27 thinkitisimportanttorealizethis,asitgivesustheopportunitytobetter understand open source using the experiences economists have made over the last centuries, that [apparently] also apply to open source.This also provides an opportunity to more reasonable discussions with big business. So when you struggle explaining what open source is about the next time you meet someone in a business suit, consider using some of the arguments and terms from this article. Hopefully this way you will be able to not instil more than just a blank stare from the person you are facing, as you may have before. Resources & References [1] Diploma thesis “Synergies and Opportunities”: http://pooteeweet.org/public/ Diplomarbeit.pdf [2] Information Rules by HalVarian [3] The Innovator’s Dilemma by Clayton M. Christensen [4] Crossing the Chasm by Geoffrey A. Moore www.jaxmag.com Come, See What's Brewing The Premier Online Resource for Java, Apache, XML and Web Services Fresh Brew Jax Hojo Coffea Works Book Club sell their Firebird services to Oracle customers, they simply adapted Firebird so that it became a drop-in replacement for Oracle. The result is a new database called Fyracle. Now innovators can keep pushing forward without jeopardizing the existing product line. As such, the process of forking is an advantage of open source, although Microsoft may want to spin it the other way around; see Figure 1, an advertisement by Microsoft that was released in Germany. Another advantage of open source software development is that it is traditionally distributed. Companies like MySQL AB have adopted this structure by allowing most of its workforce to work from home. This enables them to focus on hiring the best talent anywhere on earth, rather than being limited by who is willing to relocate. More importantly, this reduces the overhead of having to maintain huge offices, and employees save the time they usually spend on commuting to and from work.As an added bonus, MySQL AB has a presence in many countries in the world, although they are still a comparatively small company. The challenge is to ensure the work force knows the company vision and stays committed to this. This is done by weekly reports, frequent meetings that can just consist of five to 10 people to larger internal conferences. MySQL AB is also keen to hire people form the open source community since they have experience in this development style. Conclusion As we have seen in this article, open source does not blow away traditional economics. It just revalidates a lot of the existing theory, maybe in a somewhat surprising way for many, including economists. I Lukas Smith has over 7 years of experience in professional web application development and is a long time contributor to the PHP scene. Among his contributions is the popular PEAR::MDB2 database abstraction layer and the semi official PHP release management wiki. He has established himself as an expert in relational databases through his many published articles and numerous talks given at conferences around the globe. Located in Switzerland he works as a senior consultant for the open source integration and consulting firm Optaros.
Enterprise Sprinkling Sugar on LAMP 28 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Using PHP to build SugarCRM and FastStack Q: How is it to work with PHP? Jacob Taylor (JT): It is the fastest language and environment that I’ve ever developed in. I think we at SugarCRM have one of the largest PHP applications on the planet. We have roughly 800,000 lines of code. If there is a stability issue in PHP it is typically found by a Sugar user very quickly. In fact, a few weeks ago I found a bug that’s been in every version of PHP since back when they rewrote it back in early 2000. When the Zend guys, Andi and Zeev, got together and wrote PHP, they introduced a bug that still exists today, and I found it a few weeks ago by our load test. We are definitely pushing the state of the art with PHP, but there are a lot of people with us, and we’ve got a lot of good support from that community, and Zend, the organization itself. PHP has insanely good developer tools. Most of the problems that we’ve encountered, in fact, well over 99% of the problems, are very easy to reproduce, and a lot of times that ease of reproduction is the hardest part of fixing bugs. That helps a lot. The environment starts up almost instantly. So we don’t need to make code changes, rebuild something, restart an app server, get back to where we were, try something, and then repeat the whole process if there’s a problem. Q: What kind of PHP environment are you personally using? JT: It’s a bit of a hybrid right now. I have the PHP Eclipse plug-in that’s provided by Zend (zend.com/phpide); it’s now an official Eclipse project. The Zend version is pre-packaged like a FastStack installer, so I choose to use that one. I think it’s easier to manage and deal with, and if I need a new version I just kind of blow it away and reinstall the whole thing. It leverages the Eclipse toolset, and so the commands are familiar, and it also provides some of the levels of functionality that only the Zend group has been able to provide in terms of the IDE. That helps a lot with text completion. Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM In November 2006, SugarCRM announced the release of Sugar FastStack, a fast and simple way to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co-Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM, one of the largest PHP applications in the world.
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007
International-PHP-Magazine-January-2007

Recommandé

2014 Future of Open Source Survey Results
2014 Future of Open Source Survey Results2014 Future of Open Source Survey Results
2014 Future of Open Source Survey ResultsBlack Duck by Synopsys
 
Continuous Documentation: The Best Time is Now
Continuous Documentation: The Best Time is NowContinuous Documentation: The Best Time is Now
Continuous Documentation: The Best Time is NowPronovix
 
Started in-tech-la-nov-21
Started in-tech-la-nov-21Started in-tech-la-nov-21
Started in-tech-la-nov-21Thinkful
 
Meteorjs
MeteorjsMeteorjs
MeteorjsRadhouen Assakra
 
Intergen Smarts 9 (2005)
Intergen Smarts 9 (2005)Intergen Smarts 9 (2005)
Intergen Smarts 9 (2005)Intergen
 
Dev ops lpi-701
Dev ops lpi-701Dev ops lpi-701
Dev ops lpi-701Radhouen Assakra
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 
Understanding and implementation of open source ecosystems final
Understanding and implementation of open source ecosystems finalUnderstanding and implementation of open source ecosystems final
Understanding and implementation of open source ecosystems finalRachit Technology Pvt Ltd
 

Recommandé

2014 Future of Open Source Survey Results
2014 Future of Open Source Survey Results2014 Future of Open Source Survey Results
2014 Future of Open Source Survey ResultsBlack Duck by Synopsys
 
Continuous Documentation: The Best Time is Now
Continuous Documentation: The Best Time is NowContinuous Documentation: The Best Time is Now
Continuous Documentation: The Best Time is NowPronovix
 
Started in-tech-la-nov-21
Started in-tech-la-nov-21Started in-tech-la-nov-21
Started in-tech-la-nov-21Thinkful
 
Meteorjs
MeteorjsMeteorjs
MeteorjsRadhouen Assakra
 
Intergen Smarts 9 (2005)
Intergen Smarts 9 (2005)Intergen Smarts 9 (2005)
Intergen Smarts 9 (2005)Intergen
 
Dev ops lpi-701
Dev ops lpi-701Dev ops lpi-701
Dev ops lpi-701Radhouen Assakra
 
The Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationThe Role of DevPortals in Digital Transformation
The Role of DevPortals in Digital TransformationPronovix
 
Understanding and implementation of open source ecosystems final
Understanding and implementation of open source ecosystems finalUnderstanding and implementation of open source ecosystems final
Understanding and implementation of open source ecosystems finalRachit Technology Pvt Ltd
 
8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)dima kirichenko
 
Fast Convergence Techniques
Fast Convergence TechniquesFast Convergence Techniques
Fast Convergence TechniquesBangladesh Network Operators Group
 
Resensi jeri
Resensi jeriResensi jeri
Resensi jerijerinobia
 
Gabriela lópez neumann
Gabriela lópez neumannGabriela lópez neumann
Gabriela lópez neumannMatías Castro
 
293. las bandas en san pedro alto
293. las bandas en san pedro alto293. las bandas en san pedro alto
293. las bandas en san pedro altodec-admin
 
Robert Randall CV
Robert Randall CVRobert Randall CV
Robert Randall CVRobert Randall
 
Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017FarragBahbah
 
Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0guestf34485
 
Full Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdfFull Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdfLaura Miller
 
Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.Harsh Tamakuwala
 
Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...Techcronus Business Solutions Pvt. Ltd.
 
Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022Katy Slemon
 
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYAMAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYAssuserb054d21
 
Front-End Web Development
Front-End Web DevelopmentFront-End Web Development
Front-End Web DevelopmentYash Sati
 
main report on restaurant
main report on restaurantmain report on restaurant
main report on restaurantNeeraj Kumar
 
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?Pixel Crayons
 
Roadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack DevelopmentRoadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack Development75waytechnologies
 
Over view of Technologies
Over view of TechnologiesOver view of Technologies
Over view of TechnologiesChris Mitchell
 
Open CMS
Open CMSOpen CMS
Open CMSBerry Soesanto
 
6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development tools6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development toolsAsadIjaz9
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Top 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web developmentTop 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web developmentAppfinz Technologies
 

Contenu connexe

En vedette

8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)dima kirichenko
 
Resensi jeri
Resensi jeriResensi jeri
Resensi jerijerinobia
 
Gabriela lópez neumann
Gabriela lópez neumannGabriela lópez neumann
Gabriela lópez neumannMatías Castro
 
293. las bandas en san pedro alto
293. las bandas en san pedro alto293. las bandas en san pedro alto
293. las bandas en san pedro altodec-admin
 
Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017FarragBahbah
 

En vedette (7)

8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)8 postroenie grafikov_v_excel (1)
8 postroenie grafikov_v_excel (1)
 
Fast Convergence Techniques
Fast Convergence TechniquesFast Convergence Techniques
Fast Convergence Techniques
 
Resensi jeri
Resensi jeriResensi jeri
Resensi jeri
 
Gabriela lópez neumann
Gabriela lópez neumannGabriela lópez neumann
Gabriela lópez neumann
 
293. las bandas en san pedro alto
293. las bandas en san pedro alto293. las bandas en san pedro alto
293. las bandas en san pedro alto
 
Robert Randall CV
Robert Randall CVRobert Randall CV
Robert Randall CV
 
Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017Minyate el nasr isn ambassador project2017
Minyate el nasr isn ambassador project2017
 

Similaire à International-PHP-Magazine-January-2007

Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0guestf34485
 
Full Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdfFull Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdfLaura Miller
 
Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.Harsh Tamakuwala
 
Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...Techcronus Business Solutions Pvt. Ltd.
 
Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022Katy Slemon
 
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYAMAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYAssuserb054d21
 
Front-End Web Development
Front-End Web DevelopmentFront-End Web Development
Front-End Web DevelopmentYash Sati
 
main report on restaurant
main report on restaurantmain report on restaurant
main report on restaurantNeeraj Kumar
 
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?Pixel Crayons
 
Roadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack DevelopmentRoadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack Development75waytechnologies
 
Over view of Technologies
Over view of TechnologiesOver view of Technologies
Over view of TechnologiesChris Mitchell
 
6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development tools6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development toolsAsadIjaz9
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Top 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web developmentTop 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web developmentAppfinz Technologies
 
10 Best Front-end Frameworks for Web Development
10 Best Front-end Frameworks for Web Development10 Best Front-end Frameworks for Web Development
10 Best Front-end Frameworks for Web DevelopmentMars Devs
 
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONS
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONSIN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONS
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONSssuserb054d21
 
Summarize the What Is Web 2.0
Summarize the What Is Web 2.0Summarize the What Is Web 2.0
Summarize the What Is Web 2.0wacerone
 
Leading With Banana Technology
Leading With Banana TechnologyLeading With Banana Technology
Leading With Banana TechnologyManas Patnaik
 
Un Microsystem Company Analysis Essay
Un Microsystem Company Analysis EssayUn Microsystem Company Analysis Essay
Un Microsystem Company Analysis EssayRikki Wright
 

Similaire à International-PHP-Magazine-January-2007 (20)

Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0
 
Full Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdfFull Stack Web Development Basics to Know.pdf
Full Stack Web Development Basics to Know.pdf
 
Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.Documentation of Online jobs for BCA last sem on PHP.
Documentation of Online jobs for BCA last sem on PHP.
 
Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...Top 10 open source technologies for enterprise/Business web application devel...
Top 10 open source technologies for enterprise/Business web application devel...
 
Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022Ultimate guide on how to hire full stack web developer in 2022
Ultimate guide on how to hire full stack web developer in 2022
 
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYAMAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
MAKHANLAL CHATURVEDI RASHTRIYA PATRAKARITA AVAM SANCHAR VISHWAVIDYALAYA
 
Front-End Web Development
Front-End Web DevelopmentFront-End Web Development
Front-End Web Development
 
main report on restaurant
main report on restaurantmain report on restaurant
main report on restaurant
 
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
Node.JS Vs PHP: Which Is The Top Server-Side Programming Language?
 
Roadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack DevelopmentRoadmap to Become a Pro in MERN Stack Development
Roadmap to Become a Pro in MERN Stack Development
 
Over view of Technologies
Over view of TechnologiesOver view of Technologies
Over view of Technologies
 
Open CMS
Open CMSOpen CMS
Open CMS
 
6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development tools6 most essential front end web &amp; app development tools
6 most essential front end web &amp; app development tools
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa
 
Top 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web developmentTop 6 leading PHP frameworks for web development
Top 6 leading PHP frameworks for web development
 
10 Best Front-end Frameworks for Web Development
10 Best Front-end Frameworks for Web Development10 Best Front-end Frameworks for Web Development
10 Best Front-end Frameworks for Web Development
 
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONS
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONSIN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONS
IN PARTIAL FULFILLMENT OF POST GRADUATE DIPLOMA IN COMPUTER APPLICATIONS
 
Summarize the What Is Web 2.0
Summarize the What Is Web 2.0Summarize the What Is Web 2.0
Summarize the What Is Web 2.0
 
Leading With Banana Technology
Leading With Banana TechnologyLeading With Banana Technology
Leading With Banana Technology
 
Un Microsystem Company Analysis Essay
Un Microsystem Company Analysis EssayUn Microsystem Company Analysis Essay
Un Microsystem Company Analysis Essay
 

International-PHP-Magazine-January-2007

  • 1. Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Beginner’s Guide to PHP Transform an HTML Web Page to PHP Code 01.07 International PHPPHPMagazineCutting-Edge Technologies for Web Professionals The Economics of Open Source in the Relational Database Market Beginner’s Guide to PHP Transform an HTML Web Page to PHP Code Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Synergies and Opportunities Open Source and Commercial Vendors Synergies and Opportunities Open Source and Commercial Vendors Web 2.0 Security: Back to the Basics Preparing for the Future Web 2.0 Security: Back to the Basics Preparing for the Future AJAX Growing Up – Part II Enhancing the Reliability of Your AJAX Apps AJAX Growing Up – Part II Enhancing the Reliability of Your AJAX Apps Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM
  • 2. 2 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Table of Contents www.php-mag.net 08 Non-Invasive Surgery for PHP Analyzing PHP Programs with Xdebug Beginners 05 The goings on in the PHP world News & Trends 21 Synergies and Opportunities: Open Source and Commercial Vendors Individuals and organizations are increasingly seeing open source as a method for collaborative software development. Big businesses are also realizing the benefits open source software holds for them. This article aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. by Lukas Kahwe Smith 08 Beginners When we read our own code after a while, we sometimes have a hard time figuring out what the code actually does. When it comes to other people’s code, things can get really tough. Luckily, Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. by Stefan Priebsch 15 Beginner’s Guide to PHP Over the last three issues, I’ve dealt with the basics of PHP, to provide you with a good background of PHP syntax, variables and processing loguc. In this issue we’ll look into a practical PHP to HTML program so you can put all the knowledge you’ve gained to make web pages. We will see what PHP can do and how you can write code to make PHP render wonderful web pages. by Marc Isikoff 28 Sprinkling Sugar on LAMP In November 2006, SugarCRM announced the release of Sugar FastStack, a fast and simple way to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co- Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM, one of the largest PHP applications in the world. by Jacob Taylor Cover Story 21 Synergies and Opportunities: Open Source and CommercialVendors The Economics of Open Source in the Relational Database Market Practice Column 15 Beginner’s Guide to PHP Transform an HTMLWeb Page to PHP Code
  • 3. 3 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Januaruy 2007 Issue 32 AJAX Growing Up – Part II Since AJAX has become a mainstream technology for a “richer” Internet, most programmers have successfully implemented it or have at least experimented with the possibilities. As the complexity of AJAX-based web applications grows, so does the need for reliability. In this second (and last) part, I will discuss how to sculpt your AJAX environment to optimize feedback to the user when an (unexpected) error occurs. by Robert-Jan de Vries 39 Web 2.0 Security: Back to the Basics The new buzzword these days is ‘Web 2.0’. While the definition of Web 2.0 may vary amongst individuals, we all agree that it is no longer the yesterday’s one-to-many Internet that we have somehow accustomed to. Blogging (as in Windows Live Spaces), Video-sharing (as in YouTube.com, or Windows Live SoapBox), Music-sharing (as in MySpace.com), Photo-sharing (as in Flickr. com), Podcasting, Instant Messaging (as in Live Messenger), Real Simple Syndication (RSS), Wiki, and the list go on. Today’s Web is highly interactive, complex, and interconnected; a system that provides for fast changing many- to-many interactions, allowing anyone to actively contribute to its contents using an assortment of mobile and wireless devices rather than just consuming them previously from a fixed wired desktop computer. Such is the Web 2.0 era, creating many new business opportunities while bringing Internet to the next stage of its evolution. by Kang Meng Chow Development 32 AJAX Growing Up – Part II Enhancing the Reliability ofYour AJAX Apps Department 04 Editorial 44 Advertising Index / Preview / Imprint www.php-mag.net 28 Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM Enterprise Spotlight 39 Web 2.0 Security: Back to the Basics Preparing for the Future
  • 4. 4 I n t e r n a t i o n a l P H P M a g a z i n e 1 0 . 2 0 0 6 Open source does not blow away traditional economics. Lukas Smith says it only revalidates a lot of the existing theory, maybe in a somewhat surprising way for many, including economists. Our Cover Story this issue aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. After reading the article, Lukas says you will not be lost for words the next time you have to explain what open source is, to a guy in a business suit. Over the last few issues in the Beginner’s Guide to PHP, Marc Isikoff has detailed the basics of PHP, the syntax, variables and processing logic. This month he steps through a practical PHP to HTML program to put all these learning’s to use for developing web pages. Analyzing code is not a fun task. While var_dump() is probably the most widely-used PHP debugger in the world, there is a much better debugging tool for PHP today. Stefan Priebsch says that Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. In November 2006, SugarCRM announced the release of Sugar FastStack, which helps to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co-Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM. Read the interview on Page 28. In the second and final part of the article on how to enhance the reliability of your web applications, Robe-Jan De Vries discusses how to sculpt your AJAX environment to optimize feedback to the user when an (unexpected) error occurs. Today’s Web is highly interactive, complex, and interconnected; a system that provides for fast changing many- to-many interactions, allowing anyone to actively contribute to its contents using an assortment of mobile and wireless devices rather than just consuming them previously from a fixed wired desktop computer. The Web 2.0 era creates many new business opportunities while bringing Internet to the next stage of its evolution. As the Web continues to evolve the rigor and timeliness of responses that are necessary to ensure continuous improvements in the security practices along with the introduction of those new technologies should also evolve alongside. Kang Meng Chow explains why this requires a solid foundation implemented in the organization’s Information Security Management Systems (ISMS). If you would like to share your experience of having used PHP and how it has helped you in your projects, write me at ibritto@php-mag.net. We will feature the ten most well written pieces in an upcoming issue of PHP Magazine. We hope you enjoyed reading this issue of this magazine. Till next time, Happy New Year from the PHP Magazine team. Editorial Explain PHP to the Guy In the Business Suit (ibritto@php-mag.net)
  • 5. I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 5 News & Trends PHP IDE Project Plan for Release 0.7 The plan of the PHP IDE Project 0.7 version is based on the initial SRS. On top of that SRS many bugs were submitted together with enhancement requests that were/ will be included in the 0.7 release. You can find all PHP IDE open bugs here. The first part of the plan deals with the important matters of release deliverables, release milestones, target operating environments, and release-to- release compatibility. These are all things that need to be clear for any release, even if no features were to change. The release deliverables are: • Source code release for PHP IDE is available in the eclipse.org CVS repositories for PHP • PHP IDE runtime binaries and SDK distributions are available in the download page • PHP IDE runtime binaries and SDK features are available on eclipse.org update site (install via Eclipse update manager) Release Milestones PHP IDE builds are available weekly as Integration builds. PHP IDE Milestone Releases are approximately every six weeks of integration builds. Following the final milestone, release candidates will begin. There should be at least two release candidates before the actual release. Scheduled release candidates should end one week before the release: • 0.7M3: 26th of October 2006 • 0.7M4: 21st of December 2006 • 0.7RC1: 1st of January 2007 • 0.7RC2: 29th of January 2007 Target Operating Environments PHP IDE 0.7 will support all operating environments supported by the Eclipse Platform itself. For a list of supported environments and reference platforms, refer to Eclipse Project 3. The outstanding issues that should require further investigation are: • API: complete the API design so other projects can be based on with minimal changes. Provide extensibility mainly for model, debugger and parser • Debugging: provide a solution for the PHP developer in terms of PHP behaviour. Integration with WTP: discussion about it is available on the Wiki More Info Actuate and Zend Collaborate to Deliver Reporting for PHP Actuate, a provider of enterprise reporting and performance management applications and Zend Technologies, have teamed up to allow PHP developers to add reporting capabilities to web applications using Actuate BIRT. Actuate BIRT, Actuate’s report development product based upon the Eclipse Foundation’s open source project of the same name, complements PHP, the company said. The collaboration between Zend and Actuate has resulted in new capabilities in the 3.0 version of the Zend Platform, which is available for download as a pre-release version here. Zend Platform 3.0 allows PHP developers to integrate reporting capabilities, including charting, to web applications by calling Actuate BIRT reports via the Zend Java Bridge. Web application developers are often faced with strong end-user demands for reports that integrate and summarize application data. This new functionality will provide an alternative to hand coding reports from scratch using PHP, and will ensure that more PHP applications are up and running quickly with the reporting capabilities that they need. According to the company, functionality that is now available to PHP developers includes: • Flexible report output formats that deliver single or multi-page PDF or HTML reports in several viewing and printed formats using parameters, multiple sections, grouping levels, charts, and more. Report content can also easily be exported to CSV format. • Reports built on top of any data source that enable report developers to access and generate reports from SQL databases, text files, or XML. • Easy-to-use visual design environment that enables developers to create and deploy reports in minutes via a simple, robust, wizard-driven interface. • Integrated charting that enables charting reports to be built easily in a variety of types which include Line, Bar,
  • 6. 6 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 News & Trends Pie, Meters, Area, Scatter and Stock. The charts can be output in different formats including Scalable Vector Graphics (SVG). More Info November 2006 PHP Usage Statistics PHP usage statistics for November 2006 has been released at DynamicWebPages.de. The spread of PHP seems to have settled down this month to a more stable value. For November, the number of domain using PHP came in at 19 million (19,404,533) and the number of IPs using PHP is at 1.3 million (1,319,743). This drop can be somewhat attributed to several hosts being made aware of the expose_ php setting in their installations and turning it off for security reasons. Check out this month’s numbers as well as how it relates to previous months (and years) in the following graph: More Info Zend Announces ‘Zend Platform 3.0 Beta’ Zend Platform 3.0 Beta has been released. This version of the tool, which is free for development use, includes the following features: • PHP 5.2 Support • Installation massive improvements (flow, detection, correctness) • Session Clustering High-Availability mode • Session Clustering Graceful Shutdown option • Job Queues • SNMP Traps Support • Actuate BIRT Reporting integration • Performance Enhancements including Performance Tuning page • Dynamic Content Caching Regular Expression Support • PHP Configuration Control enhancements • Web Services Enabled • GUI usability updates More Info PostgreSQL 8.2 Released The PostgreSQL Global Development Group has released version 8.2 of the PostgreSQL object-relational database management system. Version 8.2 is expected to drive even more migrations toward PostgreSQL. “This release touches almost every command and database facility”, said PostgreSQL core team member and EnterpriseDB database architect Bruce Momjian. “It adds expanded, compatible syntax and interfaces, which have been requested by our community, making it easier for new DBAs to fully use all of PostgreSQL’s advanced features.” “Unisys is pleased to note significant enhancements in the scalability and performance of PostgreSQL on large-scale multi-processor systems,” states Ali Shadman, vice president and general manager, Open Source Solutions, Systems and Technology, Unisys. “The newly released 8.2 version continues the maturation of PostgreSQL into a database management system capable of enterprise adoption.” More Info Callicore Desktop:A PHP-GTK-2 Framework Callicore Desktop, the base of Writer (really Callicore Writer), is a framework for PHP-GTK2. It’s not really a framework in the traditional MVC web application sense, says Elizabeth Naramore. Instead it’s a group of fairly loosely coupled widgets and classes with an emphasis on clean code. There are a lot of singleton classes enforced more than would ever be feasible in a web application, Elizabeth writes. The point of CC Desktop is to provide a base of commonly used widgets that take care of ‘minor details’ so creating a program is quick and painless. Callicore Desktop is designed to be modular so you can Fig 1: 2006 PHP Usage Statistics
  • 7. I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 7 News & Trends drop your program in the programs folder and send the name to Callicore’s run.php to start. For example Elizabeth has a shortcut for Writer that looks like this—Start in, C: callicoredesktoptrunk (that’s where run.php is located) Target: ‘C:phpphp-debugphp-win.exe’ run.php writer. There are several core classes to handle common actions. There’s a config class that writes out .ini files but can be handled like a basic object, a folders class to find things like ‘My Documents’, and where to write application data, a tooltips singleton class to simplify handling, a toolbar class that handles toolbar customization, an actions class to consolidate gtkactiongroup and gtkaction handling. More Info Visustin v4 Automates PHP Flowcharting and UML Diagramming Aivosto has updated Visustin, an automated software diagramming utility. With Visustin, software developers can reverse engineer their PHP code into flow charts and UML activity diagrams, saving their manual drawing efforts. Users can print the diagrams or export to Visio, PowerPoint and Word, the company said in a statement. According to the company, the new Visustin v4 visualizes programs at three levels, a detailed flow chart, a ”bird ’s eye” overview and a codeless mode showing program structure only. Recent improvements include flow chart metrics, UML activity diagrams and support for 29 programming languages. “Visustin makes flowcharting painless”, said Tuomas Salste, President of Aivosto. “With the click of a button, you diagram an entire class or a module. Developers can spend their time developing, not drawing. Automated diagramming ensures documents will be up-to-date rather than lagging behind development.” Pricing is at USD 299/Standard Edition, USD 499/Pro Edition. More Info 1 . 8 7 S U G A R C R M • + 1 . 4 0 8 . 4 5 4 . 6 9 4 1 w w w. s u g a r c r m . c o m • w w w. s u g a r f o r g e . o r g Copyright © 20062007 SugarCRM, Inc. All rights reserved. SugarCRM and the SugarCRM logo are registered trademarks of SugarCRM, Inc.. in the United States, the European Union and other countries. SugarCRM® gives you control over your CRM solution that proprietary closed source CRM restricts. Now you can manage your business data. SugarCRM is the most customizable commercial open source CRM solution built on LAMP architecture that manages sales, marketing, support and collaboration. Download Sugar Open Source today! Visit www.sugarcrm.com/phpmag
  • 8. Beginners Non-Invasive Surgery for PHP 8 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Introduction Remember the old days of web development? As the web pages did the transition from just being statically served to more interactive, dynamic pages, the Common Gateway Interface (CGI) was state of the art. Using the CGI, we could process input and generate HTML pages on the fly, for example, by Perl scripts. Though PHP today does not necessarily use the CGI any more, the way the CGI works still provides the basics for the web programming we do today. CGI programs, however, were a pain to debug. You had to create HTTP headers and the page body, and if you forgot that one additional new line was required between these two parts, the web server would punish you by just displaying a 500 error. If something else went wrong, you had to run your Perl program at the command line outside the CGI context to be able to view the error messages. PHP made debugging much easier by inserting error messages and warnings directly into the generated HTML page. Though it is not recommended to use this feature in production, it certainly helps a lot when developing software with PHP. When things go wrong, we usually put var_dump() statements into the code to find Non-Invasive Surgery for PHP By Stefan Priebsch When we read our own code after a while, we sometimes have a hard time figuring out what the code actually does. When it comes to other people’s code, things can get really tough. Luckily, Xdebug is a great tool that can help to understand and analyze PHP code in a non-invasive way. Analyzing PHP Programs with Xdebug out . While var_dump() is probably the most widely-used PHP debugger in the world, there is a much better debugging tool for PHP today. The makers of the tool have thrown in some other interesting features as well. Getting Started with Xdebug Xdebug [1] is a PHP extension created by Derick Rethans [2] . Aside from some small, but very useful features [that I will detail a little later in the article] Xdebug profiles scripts, and creates trace logs or code coverage statistics. Last but not least, it is a debugger that supports client/server debugging. Before we dig into Xdebug’s features, let us get the installation done. On Unix and Linux, you need to compile Xdebug from source. To compile Xdebug, you need an Apache web server with PHP installed as a module. In addition to a C compiler, you will need recent versions of tools such as Autoconf, Automake and Libtool. Two helper programs, phpize and php-config that are a part of PHP, are also required. To compile and install Xdebug, run: wget http://www.xdebug.org/link.php?url=xdebug200b5 tar -xzf xdebug-2.0.0beta5.tgz cd xdebug-2.0.0beta5 phpize Xdebug does not work with any PHP versions before 4.3. It only works with PHP 5 and higher.
  • 9. Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 9 ./configure --enable-xdebug –with-php-config=/usr/bin/php-config make cp modules/xdebug.so /usr/lib/apache2/modules/xdebug.so A l t h o u g h this example does not use the latest version of X d e b u g you should use it. It’ll be helpful in case you need to adjust the path to your system. phpize will output API version numbers that must be supported by the Xdebug version you use. The Xdebug web site lists the API versions of the various PHP versions and the matching Xdebug versions. Take care when updating PHP with Xdebug installed. If the internal APIs change between the PHP versions, the new version of PHP will probably not start or give you funny errors when running with Xdebug. You can always get away with disabling Xdebug, of course. By compiling Xdebug, we have created a shared object that we copy to the directory where all other Apache module are located. Usually, also the PHP module itself is located in this directory. To configure PHP to load the Xdebug extension, add the line: zend_extension=”/usr/lib/apache2/modules/xdebug.so” to php.ini and restart your web server. If you use PHP in a multi- threaded environment like the ISAPI module for IIS of the Apache2 MPM module, you must load Xdebug as a thread-safe module using: zend_extension_ts=”/usr/lib/apache2/modules/xdebug.so” If you are not sure whether your PHP installation is thread-safe, check the phpinfo() output for ‘Thread Safety’ which is either enabled or disabled.You should not load any other Zend extensions while working with Xdebug, because they would probably use the same internal mechanisms in the Zend engine, which usually calls for trouble. Installing Xdebug on Windows is even easier. You do not have to compile Xdebug by yourself, but just download a pre- built DLL and add an appropriate php.ini entry, like this: zend_extension_ts=”C:phpextphp_xdebug.dll” Again, you must decide on whether you need to load Xdebug as a thread-safe module or not, as shown earlier. Let us now check the Xdebug configuration. We can do this by looking at the phpinfo() output or by running php -m at the command line. The - m switch makes PHP list all loaded extensions. Xdebug appears twice in the list, once as a PHP extension and once as a Zend extension. There are a lot of php.ini switches to configure Xdebug, but most of them have sensible deafult values, so we can start using Xdebug without worrying about configuration settings right now; the Xdebug web site lists all available configuration settings. Useful Small Features As mentioned earlier, var_dump() is the most widely used PHP debugger. The native var_dump() output, however, turns out to be not very readable, especially when you dump arrays or complex objects. When Xdebug is activated, the var_dump() output is automatically formatted in a more human readable way, as Figure 1 shows. Xdebug also improves the way PHP displays error messages by adding a stack trace, as shown in Figure 2. The stack trace Fig 1: var_dump() Output after Xdebug is Activated Be careful when updating PHP with Xdebug installed. If the internal APIs change between the PHP versions, the new version of PHP will probably not start or give you funny errors when running with Xdebug. “ Do not load any other Zend extensions while working with Xdebug. They would probably use the same internal mechanisms in the Zend engine, which usually calls for trouble. “
  • 10. Beginners Non-Invasive Surgery for PHP 10 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 lists the history of function calls that lead to the error. As PHP programs become more and more object-oriented, sometimes errors tend to show up deep inside libraries or helper objects. The stack trace allows you to quickly find out where the code piece that caused an error was called from. You can configure Xdebug to display the current local and global variable values along with the error message.To display local variables along with every error message,you need to add the following setting: xdebug.show_local_vars=1 to php.ini. Note that you have to restart the web server for the setting to take effect. Figure 3 shows a dump of local variables. You can also display superglobal variables with PHP error messages. Since the superglobal variables are arrays that can contain lots of values, you need to configure which keys of certain superglobal variables we want Xdebug to output. For example, to display $_REQUEST[‘command’] you need to add the following: xdebug.dump.REQUEST=command xdebug.dump_once=Off Since superglobal variables never change at runtime, Xdebug displays them only on the first error message (or warning). You can turn this feature ‘off’, if you want Xdebug to repeat dumping the global variables on every error, by setting xdebug.dump_once as shown earlier. Should $_REQUEST[‘command’] not be defined, because no command URL parameter was passed to a script, Xdebug will not output this variable. Since this can be confusing for a developer, you can force Xdebug to also output undefined indices of superglobal variables by adding this setting: xdebug.dump_undefined=On to php.ini. As always, you must restart your web server after you alter the PHP configuration. Note that the extended error display of Xdebug does not work if you define a custom error handler using register_error_ handler(). This is because Xdebug internally uses the same mechanism. Should your scripts use a custom error handler, you can still use the function xdebug_get_function_stack() to output the stack trace in your custom error handler. Another useful feature is the fact that Xdebug limits recursion depth, thus preventing endless recursion, which usually makes PHP segfault, at least on Unix or Linux. Figure 4 shows how Xdebug kills a script when the maximum nesting level is reached. On Windows, PHP tends to lock up the system for quite some time. Xdebug prevents endless recursion by stopping the script once a pre- defined nesting depth is reached. The default value is 100 and this feature is enabled by default. You can modify this limit, which can be necessary if you work with a script that works on deeply nested recursive data structures, for example. Just set xdebug.max_nesting_level in php.ini. Bear in mind, however, that Xdebug does not prevent endless loops, since they do not involve repeated function calls that use up the stack. Fig 2: With Xdebug, PHP Displays Error Messages by Adding a Stack Trace Fig 3: Dump of LocalVariables Fig 4: Xdebug Kills a Script When the Maximum Nesting Level is Reached
  • 11. Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 11 CreatingTrace Logs As programs, especially object-oriented ones, get more and more complex, the individual code blocks become smaller and smaller. Small code blocks make a program easier to maintain, since changes and additions can be introduced without changing existing code. If you look at an object-oriented PHP program for the first time, however, it may seem that the program never does any actual work and that it only comprises of a seemingly endless series of delegations. Though it may sound awkward, this is a sign of quality in the object-oriented world. Each piece of code should do exactly one thing. This makes software really maintainable, but this comes at the cost of ‘global’ readability. It is rather easy to understand a single class or method, but we can have a real hard time figuring out the main control flow of an object-oriented application just by looking at the code. Instead of putting various var_dump() statements into the code to get an idea of what is going on, we can use Xdebug’s tracing feature. If tracing is activated, Xdebug writes a trace log that lists all function and method calls in the order they were processed. We can also configure Xdebug to include the parameters that were passed in and the return values in the trace log. Keep in mind, however, that each trace shows just one single execution path of our program. Depending on the input values and the internal state of the software, the program can have a different execution path the next time you run it. A good example to illustrate this is a program that expects the command to execute as a URL parameter. When we issue a different command, the program will do something completely different, thus resulting in a completely different trace log. The fact that there are so many possible different combinations of execution paths in a complex program also is the reason why software as a whole is difficult to test. Here, unit testing, which we explored in the November 2006 issue of PHP Magazine, comes to the rescue. To activate tracing in Xdebug, we need to modify php.ini,like so: xdebug.auto_trace=On xdebug.trace_output_dir=”c:traces” The second setting defines the path where Xdebug will store the trace logs. This path defaults to /tmp which is fine on Unix/Linux systems, but calls for trouble on Windows, since the directory c:tmp usually does not exist on Windows. So you either need to create this directory or specify another existing directory; otherwise Xdebug will not be able to create trace logs since it cannot store them. Many php.ini settings can also be performed at script runtime using the ini_set() function. It is not possible, however, to start trace logging at script runtime, because PHP can automatically run an optional ‘prepend’ script before the main script is called. This behaviour is defined in the auto_prepend setting in php.ini. If we start trace logging in our main script, the prepend script would miss from the trace log, possibly calling for a lot of confusion. Xdebug determines the log file names automatically at runtime by calculating a CRC checksum of the script file that is traced.This ensures that an individual log file is being written for each file. For example a log file name could be trace.3482098110.xt. If you trace the same PHP program twice, the original trace log is overwritten. By setting: xdebug.trace_options=On in php.ini, you make Xdebug append to existing logs instead of overwriting them. Listing 1 shows an excerpt from a trace log that was created on Linux. The first column shows the execution time of the script, whereas the second column shows the memory usage of PHP at that time. As we can tell from the trace, the file() function takes up most of the execution time since it requires reading a file from disk or possibly over a HTTP connection.The memory size grows and On a first look, it may seem that an object oriented program never does any actual work. It may seem the program only comprises of a seemingly endless series of delegations. Although this is a sign of quality in the object-oriented world, this comes at the cost of“global”readability.To get an idea of what is going on in a script, use Xdebug’s tracing feature. Listing 1 TRACE START [2006-01-21 18:16:14] 0.0059 43072 -> {main}() /var/www/trace.php:0 0.0089 43072 -> read_input() /var/www/trace.php:12 0.0096 43112 -> process_file() /var/www/trace.php:13 0.0099 43112 -> file() /var/www/trace.php:18 2.0047 139632 -> strlen() /var/www/trace.php:19 2.0053 45808 -> create_page() /var/www/trace.php:14 2.0056 45880 -> array_rand() /var/www/trace.php:26 2.0154 45888 -> implode() /var/www/trace.php:34 2.0182 8384 TRACE END [2006-01-21 18:16:16] A Simple Trace Log
  • 12. Beginners Non-Invasive Surgery for PHP 12 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 reaches is maximum when strlen() is executed, since this function works on two large strings, then gets lower again as the memory that was used by strlen() is being freed again. If you create trace logs on Windows, the memory usage will always be displayed as 0, although this is not true. The official PHP builds for Windows do not have the memory-limit switch activated— so Xdebug cannot trace the memory usage on Windows. If you manage to compile PHP on Windows, which is a very daunting task, you can activate the memory limit and trace the memory usage of your script. It is probably not worth the effort to do this, since you can always just run the trace on Linux. Memory usage might differ slightly on Windows, but you will get a general idea of how much memory your script needs at which time. Profiling PHP Applications As we know, PHP is an interpreted language. At runtime, every script is translated to an intermediate code which is executed. This translation is repeated each time a script is called. This makes PHP, by design, slower than compiled languages like C or Java.We can use opcode caches like APC [3] or PHP Accelerator[4] to save and reuse the intermediate code, thus making the script faster since we do not have to re-parse the actual PHP code each time a script is executed. If we keep the intermediate code,it makes sense to optimize it. Most PHP programs are written to be readable and maintainable, so their intermediate code is not optimized for performance by nature. There are a lot of optimizations that can be done on intermediate code—unused variables could be removed, calls to short functions could be removed (this is called ‘inlining code’), repeated calculations can be removed from loops, and loops can be rearranged for better performance. If these optimizations were to be done each time a PHP script is called, the question is whether the computing time used for optimization actually pays off by reducing the script execution time at a whole, because we cannot tell how much computing time the optimization will require. If we keep the optimized intermediate code, we can afford spending much more computing time for optimisations. You can do this once and benefit from executing a faster script multiple times. In compiled languages, you can choose an optimization level when you compile.The more optimization you do, the longer the compilation takes, but the faster the resulting code is. Usually one tends to aim for quick compilation while developing and the highest possible level of optimization when the software is deployed. PHP 6 will have the opcode cache APC as part of the standard distribution, so I expect much more (automated) optimizations to happen to PHP code as PHP 6 spreads out. Untilthen,theonlychoicewehavetoimprovetheperformance of our programs is manual optimization; aside from using faster hardware, of course. Manual code optimization is not an easy task, especially if you don’t know where to start. Many programmers have been fooled by guessing which part of a program would be the bottleneck, then spending time optimizing it, only to find out their effort did not result in substantially better performance. We need to base our optimization efforts on reliable statistics. Enter Xdebug—which can profile PHP applications and create a log file that tells us which code line was executed how many times and how much time and memory were used. It may sound like a profiling log is pretty much the same as a trace log, but a profiling log contains much more information, making the log much less human readable. While we can lean a lot from reading a trace log, we need to visualize all the data in a profiling log to be able to work with it. But first of all, let us create a profiling log. Turn ‘on’ profiling in php.ini by adding: xdebug.profiler_enable=On xdebug.profiler_output_dir=”c:traces” As mentioned earlier, Xdebug writes the profiling logs to /tmp by default, so you must change this value on Windows. Just like tracing, you can also not enable profiling by ini_set(), since auto_prepend scripts would not get profiled in this case. And again, as mentioned above, Xdebug caltulates the filename of the log from the CRC checksum of the script name. The name of all profiling logs start with cachegrind.out. By adding: xdebug.profiler_append=On to php.ini, you ask Xdebug to append to an existing log rather than overwrite it. Note that profiling logs tend to grow really PHP is an interpreted language, which make it, by design, slower than compiled languages like C or Java. Use opcode caches to save and reuse the intermediate code to make the script faster, and optimize the intermediate code. PHP 6 will include opcode cacheAPC as part of the standard distribution. Until then you’ll have to resort to manual optimization, which Xdebug provides.
  • 13. Non-Invasive Surgery for PHP Beginners I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 13 large. An average PHP program can easily create a profiling log that is around one megabyte in size. Since writing to the profiling log takes time, program execution will be really slow with profiling activated. You should never activate profiling unless you need it, and never use Xdebug on a production server, just to make sure. Now it is time to have a look at the profiling data. On Linux, use KCachegrind[5] to visualize profiling data, and on Windows use WinCachegrind[6] . Both programs are similar in their basic functionality, though KCacheGrind has more advanced features. Both programs are licensed under GPL so you can use them for private and commercial purposes without any license fee. Figure 5 shows a profiling log visualized in KCacheGrind.You can dig down into the individual functions and methods by clicking on them, but the power of KCacheGrind lies in the aggregation of data.You can quickly tell which functions or methods take up the most execution time. When you need to optimize your application, these are the ones you want to go for first. Keep in mind, however, that it only makes sense to optimize code that is called various times. If you highly optimize one function that is called only once, there is not too much speedup for your application. If your application has hundreds or thousands of concurrent users, it might again make sense so optimize such code to reduce the overall server load. Another rule of thumb in optimization is that you should reduce the number of input/output operations. I/O always takes longer as compared to computations. Therefore, reducing I/O operations can be an efficient way of speeding up your programs. Removing one I/O call can give you more speedup instantly than the couple of hours you may have to spend on optimizing code. Code Coverage We have been talking a lot about analyzing complex programs now. There is yet another type of statistic that Xdebug can create while running an application, namely code coverage statistics. Code coverage statistics help us determine which parts of an application are never executed. Quite often, as the software changes over time, obsolete code (code that is no longer executed, that is) piles up. When we add a new interface that supersedes an older one, we might leave in the old interface in the code for a while to give users of the API time to start using the new one. At some point in time, nobody will be using the old code any more— it has become obsolete. For one, obsolete code adds weight to our application. Even worse, it may still contain bugs or security issues. An attacker might exploit these some day. We should therefore remove obsolete code from our application. But how can we ensure that code is really not being used any more? We create code coverage statistics. While a trace log lists every line of code that is executed, code coverage statistics list every line of source code and count how many times it is being executed. After the program has finished, you can see that all lines with a count of zero are never executed. There is one problem, however. Fig 5: Profiling LogVisualized in KCacheGrind Scripts grow over a period of time, as does the obsolete code in it.This not only weighs down the application, but may also include bugs and cause security issues. The solution is to run unit tests and have Xdebug collect code coverage statistics of the application code to ascertain what parts of the script is obsolete and can be removed. Fig 6: Code Coverage Statistics Created with Phing
  • 14. Beginners Non-Invasive Surgery for PHP 14 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Conclusion Xdebug is a small, yet useful tool in PHP development. It should be installed and activated on every computer you do PHP development on. Xdebug is pretty stable, though there is still no official release. You should not run Xdebug on a production system, though, because most features degrade performance. Besides, since you probably won’t debug on a production system, there is really no reason for Xdebug to be installed there. On my development system, I would never want to miss Xdebug a single day, and even if it is just for the better formatting of the var_dump() output. Resources & References [1] http://www.xdebug.org [2] http://www.derickrethans.nl/ [3] http://pecl.php.net/package/APC [4] http://www.php-accelerator.co.uk/ [5] http://sourceforge.net/projects/kcachegrind [6] http://sourceforge.net/projects/wincachegrind/ [7] http://www.phpunit.de [8] http://www.activestate.com/Products/Komodo/ [9] http://www.weaverslave.ws/ As mentioned before, a program has many execution paths. One run of the program will usually not execute all code. Again, unit tests come to the rescue. In November 2006 issue of PHP Magazine, I detailed how to create unit tests with PHPUnit [7] .The trick is to run the unit tests and have Xdebug collect code coverage statistics of the application code, as we do not want to find out how much test code is executed, but how much of the application code is executed. Figure 6 shows an example for code coverage statistics created with Phing, a build automation tool that was presented in the October 2006 issue of this magazine. Xdebug collects the coverage statistics in an array, which is not very human-readable. So Phing, together with PHPUnit, takes this array and creates a neat HTML report from it. Debugging Debugging software is probably the least interesting of a developer’s job.If a bug causes the program to fail and a stack trace is created, the bug is usually rather easy to find. If the program just delivers wrong results, the bug can be very tough to find. Instead of putting var_dump() statements into your code to track down the error, you can use the debugging feature of Xdebug. With the debugger, you can set breakpoints that make the program stop, allowing the debug client to display all variables. You can not only run the program, but also step through it and watch the variables change. When stepping through your application, quite often it becomes rather easy to track down a bug. The Xdebug debugging feature comes with a grain of salt, though. To this day, there is no decent debug client that is available for free. ActiveState Komodo [8] has a debug client, but is no free software. Weaverslave [9] does a good job in displaying the variables when an exception occurs, but stepping and setting breakpoints does not seem to work. Derick Rethans has now started to work on a debug client, so we can expect this situation to improve in the near future. Until then, it seems that var_dump() will remain the PHP debugger of choice for many of us. Stefan Priebsch has been solving IT problems for over 20 years. After seven years as an IT consultant and two years as a software engineer he founded e-novative GmbH in the year 2000 as an IT consultancy for small and medium- sized corporations. Stefan holds a degree in Computer Science from the Munich Technical University. He is an internationally acclaimed PHP expert, a regular contributor to various IT publications, and a speaker at international conferences. His first book, “Enterprise PHP Tools”, was published in summer 2006 by entwickler.press. DeveloperSutra www.developersutra.com InformationTreatiseForThe DeveloperCommunity DATABASE JAVA ECLIPSE PHP OPENSOURCE SECURITY SOA WEB TECHNOLOGIES .NET
  • 15. I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 15 Beginner’s Guide to PHP Column Review of Last ‘Class’ Last issue I detailed control structures like the if statement and while..do and do..while loops. We also covered for loops. Control statements like these are the core of PHP coding. For example, when you have a requirement for a web site, it’s usually based on a condition. So you’ll have to use a control statement to handle the logic of the web site requirement. With control statements, you can handle almost any set of logic. For instance, in a web site you’d have to take care of a variety of requirements, such as validating users, updating a featured article for today, transacting with a credit card processing company, and e-mailing a newsletter. All these requirements are done with control statements (such as if, while, for) and variables (such as strings, arrays, and integers) holding the data to be validated. Homework Review Last class, I assigned a homework that would further your PHP knowledge and give you a practical example of using a condition. I assigned the task of telling the world your age and increment it year by year to the point of retirement. You should have saved you work as php_hw3.php and tested and run it using the URL: http://localhost/php_hw3.php. Listing 1 holds the script I wrote. You’ll notice I kept it to five lines by not making a line breaking (HTML <br>) until a different decade of age (for example, my forties) is reached. I made PHP add one year with ..year.. until the line break. The entire program is really a while..do statement that handles the requirement of ‘until you retire, do something’, where the ‘something’ is then handled by a series of if conditions. As detailed last month, in a while..do loop you need to be able to set the condition within the loop to avoid an infinite loop. In the earlier script, I initially set $retired to false, so the while..do loop runs until retirement. I needed to be able to set $retired to be true within the loop, or I would be working until I was 999,999,999+ years old! So I hope this homework has provided a foundation for how you would handle any web page, break the requirements up between variables and logic, and then determine program flow and code the logic. Lesson #4 This should be a fun lesson, because I’m going to take a standard web page (all HTML) and slowly transform it to PHP code. In this way, you will see how PHP can render the HTML to make a duplicate page, but also gain the ability to make the page dynamic. Beginner’s Guide to PHP By Marc Isikoff Over the last three issues, I’ve dealt with the basics of PHP, to provide you with a good background of PHP syntax, variables and processing logic.In this issue we’ll look into a practical PHP to HTML program so you can put all the knowledge you’ve gainedtomakewebpages.WewillseewhatPHPcandoandhow you can write code to make PHP render wonderful web pages. Transform an HTML Web Page to PHP Code
  • 16. 16 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP Let’s recap what HTML knowledge you should know: • The <HEAD> tag an included tags for <TITLE> and <META> • The <BODY> tag and included tags for <FONT> • Table <TABLE> tags like row <TR> and cell <TD> • Form <FORM> tags and <INPUT>s for data The last HTML tag <FORM> is where PHP will really shine, because in HTML the action attibute of the <FORM> statement suggests that some action should occur from and based on the data of the form. PHP provides the action. The <HEAD> and <BODY>Tags A simple web page can be made with just the basics, right? Consider this simple web page: <HTML> <HEAD> <TITLE> Simple Web Page </TITLE> </HEAD> <BODY> Welcome to my webpage! </BODY> </HTML> You could run this and get a simple web page where you can see the title in the browser bar and a line of text in the browser that reads, Welcome to my webpage!. We can also make this simple web page using PHP, like this: <?php echo “<HEAD>”; echo “<TITLE>Simple Web Page</TITLE>”; echo “</HEAD>”; echo “<BODY>”; echo “Welcome to my webpage!”; echo “</BODY>”; ?> <?php // Establish the required variables with values $retired = false; // initially setting retirement to be false $age = 35; // my initial age, yours should be set to your current age $retired = ($age > 74); // Sets $retired to boolean TRUE if $age is more than 74 $prior = null; while (!$retired) { // creating a while-do loop until retirement $retired = ($age > 74); // Sets $retired to boolean TRUE if $age is more than 74 if ($retired) echo “<br>I’m now $age and I’m retiring... goodbye!<br>”; else { if ($age > 69) $current = “seventies”; else if ($age > 59) $current = “sixties”; else if ($age > 49) $current = “fifties”; else if ($age > 39) $current = “forties”; else if ($age > 29) $current = “thirties”; $left_to_go = 75 - $age; if ($prior == $current) echo “..$age”; else echo “<br>I’m now $age and in my $current and now there’s $left_to_go years until I retire”; } $age++; $prior = $current; } ?> Listing 1 I’m now 35 and in my thirties and now there’s 40 years until I retire..36..37..38..39 I’m now 40 and in my forties and now there’s 35 years until I retire..41..42..43..44..45..46..47..48..49 I’m now 50 and in my fifties and now there’s 25 years until I retire..51..52..53..54..55..56..57..58..59 I’m now 60 and in my sixties and now there’s 15 years until I retire..61..62..63..64..65..66..67..68..69 I’m now 70 and in my seventies and now there’s 5 years until I retire..71..72..73..74 I’m now 75 and I’m retiring...goodbye!. Listing 2
  • 17. I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 17 Beginner’s Guide to PHP Column You would get the EXACT same web page with this PHP code. But if you’re saying, “HTML is easier…seems like less coding for the same output.”, you’re right. For a static web page—one with no decision-making and not variable to process—always use HTML. How many times do you see web pages like that though? Maybe while you’re building your web page you want a basic “Under Construction” with a graphic. Of course, you can use HTML for that. The <TABLE>Tag Let’s take a look at a web page that has a table of figures in it. In this example, the web page will show a savings discount based on several checkout coupons versus how much is in the cart of a potential customer. Listing 3 shows the code in HTML. This web page can be used by telephone order clerks who advise customers as well as for online FAQ (for the customer) access. It can also be used by affiliate web sites where they tell the world what coupons are worth what for various web sites. Listing 4 holds the PHP version of the same example. What do you think of this script? It’s close to the same amount of coding and the PHP script is a little more difficult with variables, arrays, and conditional statements. That aside, PHP allows a provision to grow into the future a little better. <HTML> <HEAD> <TITLE>Potential Savings with Coupons</TITLE> </HEAD> <BODY> <p><center>Coupons Available Based on CartValue</center></ p> <table border=”1”> <tr> <td>Code</td> <td>Needed CartValue</td> <td>Savings</td> <td>Freight</td> <td>Tax</td> <td>Total</td> </tr> <tr> <td>TEN%OFF50</td> <td>$50</td> <td>$5</td> <td>$9.99</td> <td>$2.25</td> <td>$57.29</td> </tr> <tr> <td>NOFREIGHT</td> <td>$50</td> <td>$0</td> <td>$0</td> <td>$4.50</td> <td>$54.50</td> </tr> <tr> <td>WEPAYTAX</td> <td>$50</td> <td>%0</td> <td>$9.99</td> <td>$0</td> <td>$59.99</td> </tr> </table> <p>Customer would be best off if they chose coupon code NOFREIGHT</p> </BODY> </HTML> Listing 3 <?php echo “<HEAD>”; echo “<TITLE>Potential Savings with Coupons</TITLE>”; echo “</HEAD>”; echo “<BODY>”; $tax = .05; $freight = 9.99; $cart_basis = 50; $PERCENT = array(“TEN%OFF50”,50,.1,$freight,$tax); $NOFREIGHT = array(“NOFREIGHT”,50,0,0,$tax); $WEPAYTAX = array(“WEPAYTAX”,50,0,$freight,0); $coupons = array($PERCENT,$NOFREIGHT,$WEPAYTAX); echo “<p><center>Coupons Available Based on CartValue</ center></p>”; Listing 4
  • 18. 18 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP What if there were 100 discounts codes applicable to USD 50 cart value? Hand coding the HTML would take a while and there would be ever-changing maintenance on the names of the codes, discount percentages, and calculations. In the PHP code, it would suffice to leave it all alone for future growth, except for the original array definitions and the values of freight, tax, and the cart dollar amount. But as we’ll learn—in future issues of this column—you can pull that data from a database so your PHP code can also remain fairly static. Then the to-do is to build a maintenance form to all, so the database can be updated as needed. The <FORM>Tag Now let’s learn about a specific variable called $PHP_SELF. This is a ‘super global’ of PHP, which means it comes with PHP and you are free to use it as required. You can also use it make a web page call itself. The concept is that you set up an HTML form and ask for several inputs (say, the cart value and the coupon code). You then can reload the exact same web page and get different results because the inputs pass back into the web page as variables in an array. The web page reads the array and decides how to display the web page. In the next coding example, we’ll display some cart information such that the total is USD 50 and we’ll ask (in a form) what coupon code to apply. When the user submits the information we’ll reload the same web page, but you’ll see that the title, and display information has changed. See Listing 5. The above PHP code does what HTML can’t do. It calls itself and determines what to show. If you copy it and save it as a .php program you will be able to choose your coupon and move to what appears to be a different form, to validate that the coupon code is correctly applied. I left out the last part, though, which echo “<table border=’1’>”; echo “<tr><td>Code</td><td>Needed CartValue</ td><td>Savings</td><td>Freight</td><td>Tax</td><td>Total</ td></tr>”; $best = “”; $prior_total = $cart_basis + $freight + $tax; foreach ($coupons as $key=>$value) { $discount = $cart_basis * $value[2]; $taxable = $cart_basis - $discount; $taxed = $taxable * $value[4]; $total = $taxable + $taxed + $value[3]; if ($total < $prior_total) $best = $value[0]; echo “<tr>”; echo “<td>$value[0]</td>”; echo “<td>$value[1]</td>”; echo “<td>”; echo $discount; echo “</td>”; echo “<td>$value[3]</td>”; echo “<td>$taxed</td>”; echo “<td>$total</td>”; echo “</tr>”; $prior_total = $total; } echo “</table>”; echo “<p>Customer would be best off if they chose coupon code $best</p>”; echo “</BODY>”; ?> Listing 4... (contd) <?php $mode = $_POST[‘mode’]; if (!$mode) $mode=”choose_coupon”; if ($mode == “choose_coupon”) { $title = “Choose Checkout Coupon”; $show_cart = true; $show_coupons = true; $show_final = false; $coupon = “”; } else if ($mode == “validate_cart”) { $show_cart = false; $title = “Confirm Checkout Options”; $show_coupons = false; $show_final = true; Listing 5
  • 19. I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 19 Beginner’s Guide to PHP Column $coupon = $_POST[‘coupon’]; } echo “<HEAD>”; echo “<TITLE>$title</TITLE>”; echo “</HEAD>”; echo “<BODY>”; if ($show_cart) { echo “<center>Your Shopping Cart Items</center>”; echo “<table border=’1’>”; echo “<tr><td>Item</td><td>Qty</td><td>Description</ td><td>Extended Cost</td></tr>”; echo “<tr><td>A091B</td><td>2</td><td>USB Cable</ td><td>$25.00</td></tr>”; echo “<tr><td>4FGCI</td><td>1</td><td>DVI to HDMI Converter</td><td>$15.00</td></tr>”; echo “<tr><td>566FP</td><td>1</td><td>Loopback cable</ td><td>$10.00</td></tr>”; echo “</table>”; echo “<br>”; echo “Cart Total: $50.00”; } $tax = .05; $freight = 9.99; $cart_basis = 50; $TENOFF50 = array(“TENOFF50”,50,.1,$freight,$tax); $NOFREIGHT = array(“NOFREIGHT”,50,0,0,$tax); $WEPAYTAX = array(“WEPAYTAX”,50,0,$freight,0); $coupons = array($TENOFF50,$NOFREIGHT,$WEPAYTAX); if ($show_coupons) { echo “<p><center>Coupons Available Based on CartValue</ center></p>”; echo “<table border=’1’>”; echo “<tr><td>Code</td><td>Needed CartValue</ td><td>Savings</td><td>Freight</td><td>Tax</td><td>Total</ td></tr>”; $best = “”; $prior_total = $cart_basis + $freight + $tax; foreach ($coupons as $key=>$value) { $discount = $cart_basis * $value[2]; $taxable = $cart_basis - $discount; $taxed = $taxable * $value[4]; $total = $taxable + $taxed + $value[3]; if ($total < $prior_total) $best = $value[0]; echo “<tr>”; echo “<td>$value[0]</td>”; echo “<td>$value[1]</td>”; echo “<td>”; echo $discount; echo “</td>”; echo “<td>$value[3]</td>”; echo “<td>$taxed</td>”; echo “<td>$total</td>”; echo “</tr>”; $prior_total = $total; } echo “</table>”; echo “<p>You would be best off if you chose coupon code: $best</ p>”; echo “<br><br>”; } if ($show_coupons) { echo “<FORM method=’post’ action=’$php_self’>”; echo “Choose Coupon:<br>”; echo “<input type=’hidden’ name=mode value=’validate_cart’>”; echo “<select name=’coupon’>”; echo “<option value=’TENOFF50’>10% of $50</option>”; echo “<option value=’NOFREIGHT’>No Freight Charge</ option>”; echo “<option value=’WEPAYTAX’>Tax Included</option>”; echo “</select>”; echo “<br>”; echo “<input type=’submit’ value=’Submit’>”; echo “</FORM>”; } Listing 5... (contd)
  • 20. 20 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Column Beginner’s Guide to PHP is to ask the customer if what they see is correct or if they want to go back and choose another coupon instead. You can also see there are opportunities to shorten the logic of the PHP code. See the validation where there are three different if statements to choose which coupon array we should use, based upon the coupon string the customer chose. If the number of coupons goes up, that code will grow. YourThird Homework Now comes the time to give you this month’s homework assignment. Next month, I will post the answer, so you have enough time to work on it. Homework:asmentionedearlierinthearticle,therearesignificant updates to the PHP code I detailed earlier. See if you can improve the script. Save the modified script as php_hw4.php, and use the URL http://localhost/php_hw4.php in your browser. Have fun! Marc Isikoff is a Senior Project Manager at Warner Music Group in New York City. He has taught PHP at the collegiate level at Columbia University in the city of New York. He is active in programming PHP, being a helpful to resource to peer developers, and speaking at PHP conferences. Resources & References [1] International PHP Magazine web site: http://www.php-mag.net if ($show_final) { echo “PleaseValidateYour Coupon Selection<br><br>”; if ($coupon == $coupons[0][0]) $code = $TENOFF50; else if ($coupon == $coupons[1][0]) $code = $NOFREIGHT; else if ($coupon == $coupons[2][0]) $code = $WEPAYTAX; $disc = $code[1] * $code[2]; $tax_on = $code[4] * ($cart_basis - $disc); $subtotal = $cart_basis - $disc + $code[3] + $tax_on; echo “<table border=’1’>”; echo “<tr><td>CartValue:</td><td>$$cart_basis</ td></tr>”; echo “<tr><td>Coupon:</td><td>$code[0]</td></ tr>”; echo “<tr><td>Discount:</td><td>$$disc</td></tr>”; echo “<tr><td>Freight:</td><td>$$code[3]</td></ tr>”; echo “<tr><td>Tax:</td><td>$$tax_on</td></tr>”; echo “<tr><td>Total:</td><td>$$subtotal</td></tr>”; echo “</table>”; } echo “</BODY>”; ?> Listing 5... contd
  • 21. Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 21 Individuals and organizations are increasingly seeing open source as a method for collaborative software development. Big businesses are also realizing the benefits open source software holds for them. This article aims to help you better understand open source by harnessing the unique experiences that economists have made over the last centuries and applying it to open source. It explains economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. Introduction This article is based on my diploma thesis where I did a detailed economical analysis of the open source relational database market. One of the things I wanted to achieve with my paper is to base my observations on a solid understanding of economic principles. Historically open source has always had an ethical dimension. The term ‘open source’ was invented to strip the political dimension from Stallman’s ‘free software movement’ and to simply provide a term for the practice of sharing source code. Today the distinction between ‘free software’ and ‘open source software’ is not widely understood. The term FOSS or FLOSS is used to describe both movements at the same time. However, an increasing amount of individuals and more importantly organizations today see open source as a method for collaborate software development and not as an ethical quest. This has made it increasingly easier for big business to realize the benefits open source software holds for them. In the following pages I will introduce the key terms economists use to describe open source software. I will use examples from the open source database market to illustrate each of them. So once you have read to the end of this article you should know the economic principles and key terms as well as how they apply to the many individuals and companies involved in the open source relational database market. A lot of information about the economics of information goods can be found in the book ‘Information Rules’ by Hal Varian, although it lacks making any references to open source directly. But it may serve as an interesting read if you want to know more once they have finished this article. Benefits to Individuals The thing that most economists find most peculiar is the notion that open source at first sight appears to be based on altruism. While altruism may play a role or at least partial role for some open source developers it would seem quite unlikely that for some reason programmers are more altruistic than people in other fields. If you dig deeper it becomes clear that other reasons are more likely the cause for the global success of open source, even if Stallman may have started the movement initially for purely ethical reasons. Individuals benefit from participating in open source in several important ways, such as self education, career building, and reduced work. Self education is a result of the peer review process common in most open source projects, that leads to very detailed hints on how to improve a given piece of code. Open source has also been the launching pad for many who are now famous in the IT industry.Two of the most prominent people in IT today are Linus Torvald of Linux fame, and AndrewTidgell of Samba fame. In the Synergies and Opportunities: Open Source and CommercialVendors By Lukas Kahwe Smith The Economics of Open Source in the Relational Database Market
  • 22. Cover Story Synergies and Opportunities: Open Source and CommercialVendors 22 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 database field several people have attained fame through their involvement in open source. For example, Josh Berkus managed to score a position as a senior engineer at SUN through his work on PostgreSQL. Richard Hipp, author of SQLite database which is used in many applications and even operating systems like Mac OS X and Solaris 10, has gotten several job offers as a result of his work and is a recognized leader at conferences around the world—although he never expected to make a dime from SQLite. The last point of the earlier list needs a bit more explaining. As other people collaborate on producing a combined piece of work it is obvious the result will likely be superior in quality and scope of what any individual could have produced on their own. However, the fruits of their labour are available too all. Some open source licenses, like the BSD license, even allow users to extend the given code without sharing any of their changes with the community or even the people they distribute the source code to. The PostgreSQL project is a good example of this. It has been the starting point f o r dozens of other databases, m a n y of which are being sold u n d e r a proprietary license. So what is the basis for cooperation in this case? The core idea is that people or companies who allocate resources to PostgreSQL need to determine what their market differentiator is. For smaller companies it could just be their geographical location. That is, there are simply no local competitors and so they have no drawbacks from having other people be able to use the source code in other places of the world. With many global players having entered the PostgreSQL ecosystem most companies focus on technical differentiators. They focus on producing an optimized version of PostgreSQL for a very specific task. For example,EnterpriseDB is focused on Oracle compatibility, while Greenplum is focused on Business Intelligence. Since both of them need some things added to the core that is not among the features that truly differentiates them, or which would be too much work to maintain themselves, they decide to open source many of their changes [although the BSD licenses does not force them to do so]. Cloudscape is following a similar model after IBM open sourced the source code. Today the database is available under the Apache project as Apache Derby. But SUN has also added it to their support line-up as Java DB, which will be bundled with the next version of Java. This gives all these companies a manufacturing advantage over their competitors in their respective niche market, since they have to employ less people to get the same functionality. So by now we have established that there are other reasons than pure altruism that also motivate people to work on open source. All economists reading this are probably much relieved by now. The Power of Networks One of the key drivers of open source has been the Internet. With a cheap distribution mechanism it became possible for open source projects to make their source code available free of charge.This is a requirement in order to get the huge numbers of users necessary to be able to truly benefit from a community of developers and users. These are so called distribution costs and transaction costs. While speaking of costs, one of the key things to remember with software is that in order to first develop it one must invest resources that are sunken costs; that is, even if production is halted, they cannot be regained. As a result, it costs more or less the same to produce a single copy or a million. Therefore at any time the margin costs—the costs of producing another unit, that is—are near zero. However, the more copies distributed, the lower the average costs per unit. This is called supply side economies of scale. This is one of the reasons why market leaders are often also cost leaders. Another important aspect of software development is that, aside from the looming threat of patents, the software market has very low barriers to entry. So it’s easy to enter the software market, as there is no need to invest in elaborate facilities like, Apart from purely ethical reasons, individuals benefit from participating in open source in several important ways, such as self education, career building, and reduced work. “
  • 23. Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 23 say, a car manufacturer. Let’s get back to a concrete example— MySQL was able to build up a huge installed user base counting millions of installations by leveraging the low distribution costs via the Internet. More importantly, MySQL is also able to push its recent version into the hands of its users very quickly. This is important to keep MySQL users happy as their needs continue to grow. MySQL is a recognized brand name although their marketing and turnover is significantly small as compared to its proprietary competitors. While most open source projects still get most of their source code from only a dozen core developers at a time, it is still vital to get a constant stream of new developers working on edge features or even replacing core developers that fade into the background due to lack of time. Users are key in evangelizing and documenting the given piece of software. They also provide invaluable feedback to the development team. The more developers and users on a project, the more the project grows, which in turn attracts yet more people to the project—this is a known phenomenon.While Brook’s law—the observation that adding more developers to a late project makes the project even later—would seem to imply that more developers could actually hurt open source, this is not the case in practice in successful projects. By structuring projects as many subprojects, or like an onion where any proposal has to pass several layers until it finally reaches the core developers of the project, open source is able to elegantly evade the exponential growth in communication paths which underpins Brook’s law. Economists use the term network effects to describe the principle that the larger the network, the higher its value to the people involved. This results in demand side economies of scale, which do not dissipate like supply side economies of scale when the market grows big enough. Again MySQL serves as a perfect example. With so many tutorials, free applications and cheap hosting out there for MySQL, users are driven towards MySQL not necessarily because it is the best database, but more because it runs the applications they need. Business Models Traditionally companies have been mainly focused on locking their customers into their product and selling proprietary licenses to them. Once a customer has invested in training and certification for a specific product he faces large so-called switching costs if he was to move to a competitor, since this would mean having to retrain the entire staff. As a result, proprietary software makers tend to not favour standards to keep margins high. Using a concept called limit pricing, companies put prices exactly at a level where it does not make sense for competitors to invest the sunken costs to enter the market because customers would not yet be willing to incur the switching costs in order to escape the high margin prices of their current vendor. Companies may still accept standards to grow a market and products that aren’t yet mature, since customers may be unwilling to take the risk of having the given product disappear and their training becoming obsolete as a result. The need to cooperate with competitors is often referred to as coopetition. User interests, however, have naturally driven open source, especially if these users are also the developers. As a result, open source software tends to be big on standards compliance. The RDBMS market used to be very standards compliant as well, since government regulations in the U.S, mandated this. But when the government stopped developing compliance tests after the SQL92 standard was released, so did the compliance testing for later versions of the standard. In the open source database market we find both extremes, however. PostgreSQL is very standards compliant, while MySQL is only recently paying a lot of focus on the SQL Internet is a key driver of open source. For example, MySQL was able to build up a huge installed user base counting millions of installations by leveraging the low distribution costs via the Internet. Further, Internet enables a large number of developers and users to come together on a project to make it a success. Successful open source projects are often structured as many subprojects, where any proposal has to pass several layers until it finally reaches the core developers of the project, which allows open source to elegantly evade the exponential growth in communication paths [that are often detrimental to a project]. “
  • 24. Cover Story Synergies and Opportunities: Open Source and CommercialVendors 24 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 standard. We will revisit MySQL’s lack of standards compliance later in the article. However, for now an important point is that standards compliance, as practiced in the open source world, does not seem to result in loss in variety, which is usually a concern of standardization. Finding a business model around open source took some time. But today there are actually several successful models. We have already seen one approach in the PostgreSQL market, which relies on the specific aspect of the BSD license to allow selling proprietary licenses to software based on the open source code base. I will to refer to this model as the proprietary extension model, athough some people also refer to it as the secret soup model. Another popular business model is called the dual licensing model. In this model the software copyright of the license needs to reside in the hands of a single company. This enables the entity to provide the software under an open source license free of charge and also sell proprietary licenses at the same time. Now why would anyone choose to pay for something if they can get the same thing for free under an open source license? The key is to choose the right open source license. While the BSD license is a so-called non-propagating license, the GPL is a strongly propagating license. That means any software linked to a piece of GPL’ed code must also be made available under the GPL. Databases are however often included as part of the infrastructure of a larger piece of software, whose manufacturer may rely on a business model where the GPL does not fit. For these kinds of companies it makes sense to buy proprietary licenses. They still benefit from being able to read and modify the source code. More importantly, they also know that if their supplier goes out of business, they at least have the option of considering switching to the open source license, whereas traditional proprietary customers are solely at the mercy of whoever scoops up the source code, if at all. In a sense, dual licensing companies provide two different versions solely based on the license. On one side, the open source licensees expand the ecosystem around the product and on the other hand, the proprietary customers pay the bills. There are several dual licensing companies in the database market. MySQL is probably the most prominent, but recently Ingres also became available under this model. Sleepycat is another example, which also illustrates another interesting aspect of dual licensed companies. Oracle recently acquired Sleepycat, the makers of Berkeley DB, which is [likely] the most popular relational database in the world. Since Sleepycat owns the entire copyright, Oracle is now free to integrate the source into its proprietary line-up in anyway it sees fit. One drawback with this model is that while PostgreSQL can benefit from cooperation on the actual development of the core product, dual licensing companies mostly rely on end users to provide feedback and applications, not on actually helping on developing code for the core product. MySQL is trying to improve this situation by providing an agreement under which source code contributors are compensated if their code is integrated into the core product. Dual licensing companies, and pretty much all software companies, either directly (or indirectly through partners) also makes a portion of their turnover based on selling support as a complementary product. There are even companies that essentially make the bulk of their income through support and training. For example,the PostgreSQL company,Command Prompt,makes about 85 per cent on services. The same applies to many other companies in the Firebird ecosystem. There are also now companies dedicated to MySQL performance tuning as well. The support business model is a double-edged sword. Selling software is such a great business model mainly because the cost of producing additional copies is close to zero.With support however, the more customers a company has, the more support staff they need to employ. Of course, there are advantages as well. For one, by building up a knowledge database, companies can take benefit from supply side economies again, since they only have to build this database once in order to more quickly answer customer questions. Further, service is a hard to quantify feature. So once customers are satisfied with the support they are getting, they are even less likely to switch to a competitor. Furthermore, support contracts bring in a fairly constant stream of income but software licenses are usually sold as perpetual licenses. Customers are therefore less likely to upgrade to newer versions, which increases support costs and also makes them more likely to switch to a competitor when it comes time to upgrade. Another approach is to sell time-limited licenses. Companies therefore often have to give discounts to existing customers, which reduces their margins. A final advantage of support based business models is that it is an elegant way to evade issues of software piracy. By now it should be clear that by choosing a particular license and managing the copyright, you effectively limit the business model options. PostgreSQL only allows very specific business model due to the BSD license and the copyright that is scattered among many individuals and companies. MySQL’s business model is determined by the GPL and the fact that MySQL AB holds the copyright to the entire source code. Borland did not choose the proper license back when it open sourced Interbase. They choose a weakly propagating license with the Mozilla license. However, they had the intention of closely controlling the source, which turned out impossible given
  • 25. Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 25 the license they choose. Within days the code was forked to create Firebird and Borland later returned to closed source development of the original Interbase source code. To their dismay the open source code even exposed a back door in their closed source product that has been in the case base for years prior to the open sourcing. Productization As any developer will know its a lot easier to write a piece of software to scratch a personal itch than it is to write a piece of software that solves the problems of a broad market.The moment the software is distributed to end users, not only will they find that the software is still missing a feature here and there, but they will most likely use the software slightly different and, as a result, expose bugs and issues hidden to you. They will also try to set up the software in their own IT environment that will be different in ever so subtle ways. Alternatively, they will clamour for adding support for some hardware or operating system that is unknown to you. Mastering these challenges is the art of turning a piece of custom code into a product also known as productization. Open source developers have a huge advantage here as end users are much more willing and able to assist in this process. Since the source code is open to them competent users can even do all the necessary work themselves. As it is in their best interest to ensure that future releases will also contain the necessary fixes, most users will provide their changes to the original project although open source licenses do not require anyone to make changes to their personal installation available as open source. As a matter of fact, this close relationship between the developers and end usersofopensourcesoftwareiscritical.Thiscreatesafeedbackloopthat is superior to the relationship that proprietary manufacturers have with their customers. Here the manufacturer tends to hide defects from his customers instead of engaging them in finding a solution. Productization is also a possible business model for companies. While the open source software may be provided fairly raw without a nice printed manual and a GUI driven installer,third-party companies can step up and provide just that to willing buyers who do not have the expertise. Linux distributions have made this their business. DisruptiveTechnologies As I mentioned earlier, Relational Database Management System (RDBMS) is big business. Databases have increased in scope dramatically through the years, especially since compliance testing stopped being expanded for new standards. In a maturing market companies become worried their bread and butter becomes commoditized, as competitors catch up to the market leader. The reaction of the market leader is usually to just expand the scope of his product using elaborate marketing campaigns to make everyone believe they actually need these new features. This is what Clayton Christensen described in his book ‘The Innovator’s Dilemma’. As products overshoot what the market really needs, while keeping prices and margins high, a window of opportunity is opened for companies—willing to accept lower margins—who provide a product that is good enough. Especially if these products themselves make it possible for entirely new markets to spawn, they may turn out to be disruptive technologies. Initially these products have lower margins, but as this new market [that they have enabled] matures, the existing market leaders will not react in time, because to them it only looks like a low margin opportunity. MySQL turned out to be exactly that. It was a good enough RDBMS that focused on easy installation and a ‘just works’ mentality, whereas others focused on data integrity.This was the key,however,in enabling the armies of hobby programmers to storm the Internet with their ideas, which in the end turned out to be big business. The best illustration of this is the various social networking sites that have been acquired for triple digit millions and even billions of dollars. By the time these products prove the impact they have on future markets, the established leaders begin to realize their mistake. By then it is often too late. In a move that some claim was squarely directed at disrupting MySQL, Oracle acquired the companies behind both the transaction capable storage engines available for MySQL. What would seem as a ‘death blow’ turned out to simply validate the open source process. For one there was already someone in the community working on an open source transactional storage engine called PBXT forMySQL.Notonlythat,butMySQLABtookmattersintotheirown hands by getting the database guru and original author of Interbase, Jim Starkey,on board to develop another transactional storage engine for MySQL AB, code named Falcon. MySQL AB expanded its storage engine API to become pluggable without a recompile, to spawn a market for companies willing to bring their database products to the MySQL platform. The first company to do so is SolidDB, a close neighbour of the Finnish MySQL AB offices. Finally, Oracle agreed As a market matures and competitors start to catch up to the market leader, the latter often reacts by expand the scope of their product using elaborate marketing campaigns to make users believe they actually need these new features. “
  • 26. Cover Story Synergies and Opportunities: Open Source and CommercialVendors 26 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 to renew the license terms of one of the transactional storage engines and MySQL AB dropped the other one from their distribution. While nobody outside Oracle knows the exact motivations for their steps [if their original aim was to disrupt MySQL, that is] they should know by now that their approach turned out to be futile. Perhaps they were just hoping to lower the price for an acquisition of MySQL AB, which Oracle apparently also attempted a little later. However, the offer was declined by MySQL AB’s CEO, Martin Mickos. Today MySQL looks stronger than it did before Oracle’s acquisitions. Commoditization When you speak about commoditization it is important to realize that many people in the IT industry have a vested interested in commoditizing the database market. Microsoft has traditionally been probably the greatest commoditizer in the IT industry. Their aim is to rake in the profits by shipping insane quantities of their products. They have also been found guilty of keeping prices high at the same time by abusing the monopoly they have gained as a result. Today open source is responsible for commoditizing software markets. Before we go any further, let me clearly explain what commoditization really is. Commoditization is the process whereby technology that was previously owned exclusively by a single vendor, and therefore priced at a premium, becomes widely available at comparatively low prices. More importantly it is possible to substitute one product with another. Obviously this is in the best interest of consumers. In some cases these consumers are other companies,especially in the database market, since databases are usually part of the IT infrastructure and not a final end user product. SAP has been particularly annoyed by the high margins Oracle is able to make with its database. Initially SAP and Oracle had a very close relation as all SAP products where actually developed to run on Oracle. However, Oracle has now entered the ERP and CRM market as well and is now one of the main competitors of SAP. As a result, SAP is actually handing money to Oracle, as the vast majority of SAP installations end up running on Oracle. The high prices of Oracle just make the SAP platform more expensive. SAP decided to combat this by acquiring the rights to develop and distribute Software AG’s ADABAS database. But the resulting product, SAP DB, never took off and still only holds a fraction of the SAP market. To step up the game, SAP decided to open source the database with the clear mission statement of wanting to commoditize the database market. A few years later they decided to partner with MySQL AB and rename SAP DB to MaxDB. This obviously gave SAP’s database more credibility in the open source world, but more importantly it put MySQL on the radar of many high-end business users. Since MySQL is now very close to being ‘SAP certified’ this lending of credibility could pay off big time for SAP, if MySQL manages to slowly erode Oracle’s dominance in the SAP market. As such SAP seems to be putting its money on open source in order to scorch the market for Oracle. Crossing the Chasm Another aspect I want to touch upon, which IT companies constantly face, is the challenge of managing their work force. Companies usually have an initial phase when they are developing a new product, especially for a new market, where they require the expertise of innovators—people who invest themselves strongly into the product before there are any users around it. The few users they find are of a similar mindset, willing to try out something new. However, once the product is mature, they will be faced with having to adjust to a much more conservative development style. Suddenlynewfeaturesmatterlessthanmakingsurethattheproduct is backwards compatible. At this point the innovators often become more a liability than a true help. This is what Geoffrey Moore called ‘crossing the chasm’ in his book by the same title. In open source development, the innovators still have a way to express themselves. For example, the popular SAMBA server was forked off by a team of developers who wanted to focus on expanding the feature set with a revolutionary concept, rather than slowly evolve the product. They just forked off the code and the current product obviously could at any time use their results—if they matured far enough and fit into the evolutionary developed product, that is. Similarly, developers in the database field have been known to adapt their database in quite surprising ways. For example, when a company found it hard to Fig 1: An Open Operating System Doesn’t Only Have Advantages (Source:A Microsoft Ad Released in Germany)
  • 27. Synergies and Opportunities: Open Source and CommercialVendors Cover Story I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 27 thinkitisimportanttorealizethis,asitgivesustheopportunitytobetter understand open source using the experiences economists have made over the last centuries, that [apparently] also apply to open source.This also provides an opportunity to more reasonable discussions with big business. So when you struggle explaining what open source is about the next time you meet someone in a business suit, consider using some of the arguments and terms from this article. Hopefully this way you will be able to not instil more than just a blank stare from the person you are facing, as you may have before. Resources & References [1] Diploma thesis “Synergies and Opportunities”: http://pooteeweet.org/public/ Diplomarbeit.pdf [2] Information Rules by HalVarian [3] The Innovator’s Dilemma by Clayton M. Christensen [4] Crossing the Chasm by Geoffrey A. Moore www.jaxmag.com Come, See What's Brewing The Premier Online Resource for Java, Apache, XML and Web Services Fresh Brew Jax Hojo Coffea Works Book Club sell their Firebird services to Oracle customers, they simply adapted Firebird so that it became a drop-in replacement for Oracle. The result is a new database called Fyracle. Now innovators can keep pushing forward without jeopardizing the existing product line. As such, the process of forking is an advantage of open source, although Microsoft may want to spin it the other way around; see Figure 1, an advertisement by Microsoft that was released in Germany. Another advantage of open source software development is that it is traditionally distributed. Companies like MySQL AB have adopted this structure by allowing most of its workforce to work from home. This enables them to focus on hiring the best talent anywhere on earth, rather than being limited by who is willing to relocate. More importantly, this reduces the overhead of having to maintain huge offices, and employees save the time they usually spend on commuting to and from work.As an added bonus, MySQL AB has a presence in many countries in the world, although they are still a comparatively small company. The challenge is to ensure the work force knows the company vision and stays committed to this. This is done by weekly reports, frequent meetings that can just consist of five to 10 people to larger internal conferences. MySQL AB is also keen to hire people form the open source community since they have experience in this development style. Conclusion As we have seen in this article, open source does not blow away traditional economics. It just revalidates a lot of the existing theory, maybe in a somewhat surprising way for many, including economists. I Lukas Smith has over 7 years of experience in professional web application development and is a long time contributor to the PHP scene. Among his contributions is the popular PEAR::MDB2 database abstraction layer and the semi official PHP release management wiki. He has established himself as an expert in relational databases through his many published articles and numerous talks given at conferences around the globe. Located in Switzerland he works as a senior consultant for the open source integration and consulting firm Optaros.
  • 28. Enterprise Sprinkling Sugar on LAMP 28 I n t e r n a t i o n a l P H P M a g a z i n e 0 1 . 2 0 0 7 Using PHP to build SugarCRM and FastStack Q: How is it to work with PHP? Jacob Taylor (JT): It is the fastest language and environment that I’ve ever developed in. I think we at SugarCRM have one of the largest PHP applications on the planet. We have roughly 800,000 lines of code. If there is a stability issue in PHP it is typically found by a Sugar user very quickly. In fact, a few weeks ago I found a bug that’s been in every version of PHP since back when they rewrote it back in early 2000. When the Zend guys, Andi and Zeev, got together and wrote PHP, they introduced a bug that still exists today, and I found it a few weeks ago by our load test. We are definitely pushing the state of the art with PHP, but there are a lot of people with us, and we’ve got a lot of good support from that community, and Zend, the organization itself. PHP has insanely good developer tools. Most of the problems that we’ve encountered, in fact, well over 99% of the problems, are very easy to reproduce, and a lot of times that ease of reproduction is the hardest part of fixing bugs. That helps a lot. The environment starts up almost instantly. So we don’t need to make code changes, rebuild something, restart an app server, get back to where we were, try something, and then repeat the whole process if there’s a problem. Q: What kind of PHP environment are you personally using? JT: It’s a bit of a hybrid right now. I have the PHP Eclipse plug-in that’s provided by Zend (zend.com/phpide); it’s now an official Eclipse project. The Zend version is pre-packaged like a FastStack installer, so I choose to use that one. I think it’s easier to manage and deal with, and if I need a new version I just kind of blow it away and reinstall the whole thing. It leverages the Eclipse toolset, and so the commands are familiar, and it also provides some of the levels of functionality that only the Zend group has been able to provide in terms of the IDE. That helps a lot with text completion. Sprinkling Sugar on LAMP Q&A with Jacob Taylor, CTO and Co-Founder of SugarCRM In November 2006, SugarCRM announced the release of Sugar FastStack, a fast and simple way to install a complete open source software solution that includes SugarCRM, Apache, PHP and MySQL. Jacob Taylor, CTO and Co-Founder of SugarCRM, sat down to discuss some of the reasoning behind the release and many of the lessons he has learned building SugarCRM, one of the largest PHP applications in the world.