Monthly Archives: August 2006

Provo Labs in the news

Posted on by
3

Today the Las Vegas Review-Journal, the largest newspaper in Las Vegas, published a column on Provo Labs and how Carolynn Duncan landed a job with them through blogging. The column also alludes to the startup- and technology-friendly environment that Utah is becoming: “[Geek dinner] is a monthly gathering of the high-tech community in Provo….”

If you’re an entrepreneur, you can get inexpensive office space and invaluable mentoring through Provo Labs Academy. If you’re looking for development work, Provo Labs Solutions is a one-stop shop.

This story could easily have been about Russ Page; I heard he also landed a job through blogging.

Article: If you write it, it will come about: How a blog landed its author a job

APIs drive innovation

Posted on by
Reply

Facebook launched an API just 72 hours ago and there are already 944 registered developers, 117 discussion threads, hundreds of blog posts, and at least a couple of mashups: Facebook+Google Maps and Facebook+Bill Splitting.

I’m constantly amazed at how opening an APi to your web app drives traffic, buzz, and innovation.

UPDATE: See #5 on Guy Kawasaki’s list of how to Create a Community.

PHP 5 and Beyond

Posted on by
1

I enjoy developing in PHP 5, for its improved object oriented design and XML support. PHP 6 is slated to have additional useful improvements like built-in Unicode, built-in caching, and increased security out of the box (no register_globals, magic_quotes, or safe_mode).

Here are other improvements I’d like to see in a future version of PHP:

  • while-else statement — A while-else statement would be perfect for MySQL results: loop through the results, or if there were no results display an error.
  • a better toString() — The toString() function lets you cast an object as a string, but in PHP it only works when directly combined with echo or print. Dumb.
  • function overloading — Let the signature of the function call decide which definition to use.

Read more about PHP 6.

Essential PHP Security

Posted on by
1

I recently finished reading Essential PHP Security by Chris Shiflett (O’Reilly). It was a good, quick read, and for me it was mostly a review of principles I had previously read on Chris’s blog. The main principles are filter input and escape output. Using separate arrays for each kind of data is a best practice:


// filter input and assign it to the "$clean" array
if (ctype_alnum($_POST['name']))
$clean['name'] = $_POST['name'];

// escape HTML output with htmlentities()
$html['name'] = htmlentities($clean['name'], ENT_QUOTES);
echo "You entered the name $html[name].";

// escape MySQL output with mysql_real_escape_string()
$mysql['name'] = mysql_real_escape_string($clean['name']);
mysql_query("INSERT INTO table (name) VALUES ('$mysql[name]')");

After reading the book I was only left with one question: is HTTP Authentication over SSL fairly secure? (I assumed it would be.) I emailed Chris with my question and he responded quickly in the affirmative. Thanks, Chris.

CSS Best Practices

Posted on by
35

Last month at the UPHPU meeting, Wade Shearer presented on CSS best practices. He’s one of the few programmers in the group that’s a designer first, and a programmer second, so he has unique insight into web design. Here are my notes:

  • Keep HTML free of presentational attributes
  • Write clean, semantic HTML
  • Use HTML tables semantically–for tabular data, not layout (generally)
  • Create print-friendly version of all your pages using media=print
  • For input buttons, use a 1px invisible GIF and then restyle the image with CSS:


    • <!-- HTML -->
    <input type="image" src="1px.gif" class="next_button" />

    // CSS
    input.next_button
    {
    background-image: url(next_button.gif);
    }

  • Do the same thing for image links, but for accessibility include link text overwritten by a style:


    • <!-- HTML -->
    <a href="next_page.html" class="next_button" />Next Page</a>

    // CSS
    a.next_button
    {
    display: block;
    background-image: url(next_button.gif);
    text-indent: -99999px;
    }

  • Use comments in CSS to separate typography, headers, layout, forms
  • Sometimes body styles don’t cascade into tables like they should so you need to repeat body styles on all tables
  • begin with a few default styles:


    • table, tr, td
    {
    margin:0;
    padding:0;
    border:0;
    border-collapse:collapse;
    vertical-align:top;
    }

    form
    {
    padding:0;
    margin:0;
    }

    img
    {
    border:none;
    padding:0;
    margin:0;
    }

  • Restyling the horizontal rule (<hr>) with an image can be a beautiful addition to a web page
  • Keep a library of helpful CSS classes:


    • .float_left
    {
    float:left;
    }

    .float_right
    {
    float:right;
    }

    .clear
    {
    clear:both;
    }

    .col2_left
    {
    float:left;
    width:45%;
    }

    .col2_right
    {
    float:right;
    width:45%;
    }

  • Use PHP to do browser sniffing and to include CSS files relevant to the section.
  • For more best practices, take a peak at the stylesheets for Wade’s place of employment, Doba.com