Learn More About PHP And The Web Platform!

Struggling with your web server, or to scale your PHP application to meet growing demand?

Whether you're running one server or a whole server farm; whether you're hosting on Windows Server or on Linux.

Learn from Stuart's experience with system design, delivery, support and management to help you do a better job and have an easier time.

Beneath Whitby breakwater

When it comes to web development, there’s no doubt that Firefox is king. What makes it king is the large collection of third-party extensions available for it. These days, just about everyone has heard about Firebug, but what other extensions would you recommend to folks who do web development?

Be the first to leave a comment »

The motivation for this blog post came from reading an article today touting the meme that cloud computing is coming. That’s the message from Sarah Perez over on Read/Write Web. The “classic geek” (which presumably includes many of the folks reading this on Planet PHP) will no longer be the ones “working with the CEOs to execute the vision and direction via information technology,” according to Sarah.

Presumably because the companies will have gone bust from a lack of good leadership. Something we’ve seen before, and will see again.

The successful IT departments in the sort of larger organisations that can provide food and shelter for your true “classic geek” have been part of the business for the last decade, if not longer. Before we had the sexy CTO and CIO titles, there were IT Managers and Operations Managers who did all this stuff with little fan-fare and trumpet blowing. They did it on a budget, so they had to have financial management skills. They managed staff, so they had to have people skills. They delivered results, so they had to have project management skills. They made sure the business could do its job, so they had to have quality assurance skills. They implemented approaches such as ITIL and more lately CoBIT to ensure that the IT department was aligned to the business and relevant regulation. And they did this whilst still groking computers. In fact, they did this because they groked computers.

I’ve seen this sort of nonsense before when Java came on the scene, and the rise of the Web 2.0 blogger means I’m seeing it again. “Everything is new, everything is different; the old skills and the old lessons no longer apply, so don’t bother learning them” – that is the seductive siren call. Any student of management history can trace this echo back hundreds if not thousands of years. The core skills of good governance – direction, organisation and supervision – have not changed. You can read the works of Confucius from over two thousand years ago, and the principles behind the lessons for the leaders of the time are no different than the principles behind the lessons for the leaders of today. Practices have changed, but not principles.

There are no secrets, no short-cuts for those-in-the-know; not in business, engineering, or the arts. You have to know the basics, and you have to do the basics. Hard work and dedication is always the key, and you won’t find a single leading member of the PHP development team who doesn’t reflect that reality.

So what does this have to do with our favourite punch-bag here on Planet PHP, Ruby on Rails? For me, the rallying call of Rails is different from the Java and Web 2.0 hype/bullshit machines. I cringe every time Terry takes a swipe at it. Whilst I’m as sick of the term ‘agile’ as can be, Rails doesn’t try to claim that the old skills don’t matter. Quite the opposite. What they have done is to take the old skills and put them into one approach that can, and does, really work exceptionally well for a lot of firms and a lot of problems. They’ve worked out what the basics are, and they’ve designed a whole paradigm that ensures the basics are done well. They’ve executed in a way that the PHP community should be in awe of, not taking the piss out of.

They are years ahead of us in so many important areas, and yet PHP is thriving more than ever. They must have done something wrong, because they sure didn’t grow the market for web applications. What did they do wrong?

The fundamental mistake the Rails designers have made, and one that they still haven’t groked en-mass that I can see, is architectural, not philosophical. Rails is a classic application server, with all the deterministic, concurrency and big-iron-needed-here problems that stopped J2EE from squeezing out PHP at the turn of the century. For many of the problems of the web, the PHP execute-again architecture has repeatedly been proven to be superior to the application server architecture.

  • PHP is easier for average-skilled folks to deploy. What’s the point of creating applications if you can’t figure out how to run them anywhere but your bedroom?
  • It is easier to track down and eliminate bugs in PHP applications. No persistent processes mean that PHP applications are deterministic. PHP code is also much simpler to work through and debug.
  • It is easier to scale applications written in PHP. Folks have done it, and other folks have repeated it. The Rails community as yet has not.
  • It may be quicker to create applications in Rails, but the operational costs once the application goes into production quickly erode that advantage. If you’re not in the US, servers cost real money, and application servers need more iron than the equivalent PHP code.

The Agile community likes to talk about “smells”, so how come they don’t see something like mod_rails and gag on the stench of trying to mask architectural failings with such cleverness?

Before I make it onto Terry’s Christmas card list, I should state that I firmly believe that Ruby itself is a programming language that is vastly superior to PHP, especially when you get away from Apache and are creating the behind-the-scenes plumbing required. The OO in Rails continues to leave PHP for dead, and OO brings many advantages to a thriving development community. There are real advantages to being able to share code between both the must-be-real-time web front-end and the non-real time backends, and to be able to easily reuse whatever external open-source libraries save you time and effort. And I believe that solutions such as the Ruby gems are vastly superior to PEAR and PECL. PEAR/PECL should have been our CPAN, or our RubyForge. They deliberately chose not to be, wrongly believing that CPAN was a negative feature of Perl. They believed that one high-quality solution would prove the superior model over time. They failed to execute, and the paradigm was plain wrong in the first place.

My prediction is that a Rails-like framework, but built using a PHP-style mod_ruby and execute-again architecture, would have a real chance at displacing PHP. RoR the application server hasn’t a snowball’s chance in hell of achieving that. Their market firmly remains the same market that .NET and Java already fight over, and it’s a market they’re very welcome to.

Be the first to leave a comment »

What Should An ORM Offer?

Posted by Stuart Herbert on May 8th, 2008 in Toolbox.

I have a question for you: what features do you think a good PHP-centric ORM should offer?


The folks from Packt Publishing recently sent me another of their books to review. If you’re not familiar with Packt, they’re a relatively new book publisher who are steadily building up quite a range of technology books on open source software, normally written by people involved or close to the software being written about. They’re like a modern day equivalent to the old O’Reilly of the 90’s, only (imho) with higher quality 🙂

A Bit About Packt

Mastering phpMyAdmin 2.11 for Effective MySQL Management by Marc Delisle is the third edition of this book, and it follows the usual pattern of Packt Publishing books. The book has clearly defined objectives on the cover, and it follows a clear progression of its chosen subject from start to end. It is well presented, with a clear layout and clean page design that makes it easy to read. The book also includes a sizeable index, something no decent technical book can be without.

I’m really pleased to see that Packt are now providing example code online for download, as well as online errata for the book. Many of their earlier books reviewed here on Planet PHP have been criticised for not doing so; it’s great to see Packt improving in this area.

No matter which Packt book you pick up, don’t let the use of language be the reason you put it back on the shelf. Most Packt books are written and reviewed by folks who don’t speak English as their first language. Once you get used to it, it’s never really a problem, but it’s worth pointing it out because if you browse their books at your local bookstore, it might put you off at first.

Introducing phpMyAdmin

If you’ve never heard of it, phpMyAdmin is (imho) one of the most important open source projects for the LAMP stack. phpMyAdmin provides a web-based admin interface for MySQL, making it extremely easy for folks new to the LAMP stack to start working with databases, and a very convenient way to avoid firing up the MySQL command-line if you need to check something or make changes to your databases.

It feels like phpMyAdmin has been around forever.

Unfortunately, it looks that way too at times. In the post Google Maps world of AJAX enabled slick and efficient user interfaces, phpMyAdmin’s usefulness can be hampered by its Web 1.0 UI, and by its continued reliance of manual configuration instead of a WordPress-like admin panel. Don’t get me wrong, phpMyAdmin is a good tool without equal atm, but it’s a workmanlike and functional tool that younger folks used to the Facebook world find a bit long in the tooth.

About The Book

Marc’s book is aimed both at folks new to MySQL and phpMyAdmin as well as experienced developers such as myself who aren’t aware of the advanced features that have been added over the years. The full chapter list is:

  1. Introducing phpMyAdmin
  2. Installing phpMyAdmin
  3. Interface Overview
  4. First Steps
  5. Changing Data
  6. Changing Table Structures
  7. Exporting Structure and Data
  8. Importing Structure and Data
  9. Searching Data
  10. Table and Database Operations
  11. The Relational System
  12. Entering SQL Commands
  13. The Multi-Table Query Generator
  15. System Documentation
  16. MIME-Based Transformations
  17. Character Sets and Collations
  18. MySQL 5.0 Features
  19. MySQL Server Administration
  20. Troubleshooting and Support

The first ten chapters cover the basics of using phpMyAdmin. If you’re new to phpMyAdmin, these chapters will be very helpful to you, and if you’ve been using phpMyAdmin for years, there’s still little bits in here that you might not have been aware of before now. I particularly like the way that these chapters often refer back to the configuration settings in phpMyAdmin’s config file. However, towards the end of this section, the material starts to feel a bit rushed, as if the author himself can’t wait to get onto the clever features of phpMyAdmin that have yet to come. If you’re completely new to MySQL, you might find the end of this section to be a little light on detail. I hope the next edition of this book beefs these chapters up a bit.

Like most people I know, my use of phpMyAdmin over the years has tended to stick with the basics: creating and browsing tables. I confess, it’s partly because I’ve found the phpMyAdmin UI to be more and more clunky as time has gone by, a throwback to the days before Google showed us just what could be done with Javascript and AJAX. So the second half of the book, which looks at the more advanced features of phpMyAdmin, were ones I found very educational. I had no idea, for example, that phpMyAdmin now includes an AJAX-based Designer tool, or that I can use phpMyAdmin to generate PDF documentation of my databases. I found these chapters to be very detailed and informative, although again towards the end of the second half of the book, the chapters began to feel a little rushed in places to me.


I have several new starters joining my team in June, and it’ll be interesting to see whether or not they find the book useful as they find their feet in their first job doing PHP web development. One thing’s for sure: I’ll have no hesitation in leaving this book out for them to read.


The challenge with securing a shared hosting server is how to secure the website from attack both from the outside and from the inside. PHP has built-in features to help, but ultimately it s the wrong place to address the problem. Apache has built-in features too, but the performance cost of these features is prohibitive.

This has created a gap that a number of third-party solutions have attempted to fill. One solution you may have heard of is mpm-itk, by Steinar H. Gunderson. How well does it work, and how well does it perform?

  • mpm-itk: Running Apache As A Specified User
  • Installing mpm-itk
  • Configuring Apache
  • Some Benchmarks
  • Other Considerations
  • Conclusions

mpm-itk: Running Apache As A Specified User

Like mpm-peruser, mpm-itk is an alternative multi-processing module (MPM) for Apache 2.x. It also allows each website’s PHP scripts to run as a separate user. But the main difference is that it doesn’t maintain separate pools of processes for each user. Instead, after the PHP request has completed, each process is terminated, and new processes must be created to handle new requests.

Until I researched mpm-itk for this article, I didn’t realise that it didn’t recycle processes after each request. This means that there’s no chance at all of it matching mpm-peruser for performance (something I suggested was possible), but that doesn’t mean that mpm-itk is entirely without merit.

Installing mpm-itk

mpm-itk needs to be compiled into your Apache installation. It cannot be loaded as a module.

First of all, download the Apache source code, and then download either the mpm-itk patch for Apache 2.0, or the mpm-itk patch for Apache 2.2. For this article, I’m going to focus on Apache 2.2, but the same instructions should apply for Apache 2.0.

Unpack the Apache source code, apply the mpm-itk patch, and rebuild Apache’s build scripts:

$ mkdir -p /tmp/apache-itk
$ cd /tmp/apache-itk
$ wget http://www.mirrorservice.org/sites/ftp.apache.org/httpd/httpd-2.2.8.tar.gz
$ wget http://mpm-itk.sesse.net/apache2.2-mpm-itk-20080105-00.patch
$ tar -zxf httpd-2.2.8.tar.gz
$ cd httpd-2.2.8
$ patch -p1 < ../apache2.2-mpm-itk-20080105-00.patch
$ autoconf

Then, configure the Apache source code to build with mpm-itk as the chosen MPM. Make sure that you run configure with any other configuration switches that you need:

$ ./configure --with-mpm=itk

After that, compile and install Apache:

$ make ; make install

Configuring Apache

mpm-itk is very easy to configure. For each of your virtual hosts, simply add the AssignUserId entry:

<VirtualHost *:80>
ServerName www.example.com

<IfModule mpm_itk_module>
AssignUserId stuart stuart

AssignUserId takes two parameters:

  • The first parameter is the user ID to run Apache under for this website.
  • The second parameter is the group ID to run Apache under for this website.

Remember to restart Apache after adding AssignUserId, and you should be all set.

Some Benchmarks

To benchmark mpm-itk, I used Apache s ab benchmark to load a simple phpinfo() page 1,000 times. I ran the benchmark five times, and averaged the results.

  • mpm-itk: average of 37.01 seconds
  • mpm-prefork: average of 6.21 seconds

mpm-itk benchmarks much better than suexec and suphp, but is still quite a bit slower than mpm-peruser.

Other Considerations

It isn’t just about performance. Both suexec and suphp bring limitations to your PHP applications, but mpm-itk does not. Because mpm_itk puts the job of switching users in the right place – at the heart of Apache – it allows your code to run under mod_php. As a result, your code is free to take advantage of any Apache features that aren’t available to PHP/CGI, such as HTTP authentication support.

Another consideration is the impact on RAM and CPU. Whilst you can definitely use mpm-peruser to provide a faster solution, it does involve a lot of effort in tuning the size of the process pools for each of the websites on a shared server. On a shared hosting server, you can’t necessarily find one tuned configuration that always suits demand – and it may not be worth your time to put the effort in anyway. Although mpm-itk is slower, it doesn’t need tuning for each individual website. It’s more of a fire-and-forget solution that might appeal to hosting providers who don’t know (and don’t really need to care) what your customers websites are.


Although it needs to be compiled from source, mpm-itk provides the security of suexec and suphp with much greater performance than either of these solutions. Although it performs worse than mpm-peruser, mpm-itk doesn’t require as much effort to configure and tune for best performance, and its greater simplicity probably makes it better suited to shared hosting servers running a random collection of websites.

mpm-itk is an option that you should seriously consider when designing your shared hosting server solution.

This article is part of The Web Platform, an on-going series of blog posts about the environment that you need to create and nurture to run your web-based application in. If you have any topics that you d like to see covered in future articles, please leave them in the comments on this page.

Be the first to leave a comment »

Any PHP User Groups In The Bath Area?

Posted by Stuart Herbert on April 5th, 2008 in News.

Tagged with , , , , , ,

I start my new job with Gradwell.com on Monday, and I’m interested in hooking up with any PHP, Linux or Mac user groups in the Bath area. If you know of any interesting groups in the vacinity, I’d love to hear from you.

And if there isn’t anything in the area atm, and you’re interested in helping with a monthly meetup, I’d love to hear from you too.

Be the first to leave a comment »

If you’re using the Advanced TinyMCE Editor plugin in WordPress (to replace WordPress’s less-than-stellar WYSIWYG editor), make sure you disable it before upgrading to WordPress 2.5. It isn’t compatible with the latest version of WordPress atm, and you might not need it … WordPress 2.5 includes a revamped WYSIWYG editor that (so far) seems to do a great job.

It even avoids screwing things up in Safari at last 🙂

Be the first to leave a comment »

A Book On Git

Posted by Stuart Herbert on March 25th, 2008 in Toolbox.

Tagged with , , , , ,

Travis has just announced that he’s working on a book about Git, the version control system created for the Linux kernel by Linus Torvalds. This is great news, as there currently isn’t anything else out there in dead-tree form to help folks get up and running with this incredibly powerful distributed version control system.

It’s predicted that workplaces will change over the next ten years, with more and more people telecommuting rather than working in the office. Distributed people mean distributed teams – something that the open source world is already very used to. Git was specifically designed to solve the version control problems that distributed teams maintaining multiple branches face, and it’s slowly but surely gaining popularity amongst folks who’ve found Subversion’s branching and merging too painful to do.

Be the first to leave a comment »

The challenge with securing a shared hosting server is how to secure the website from attack both from the outside and from the inside. PHP has built-in features to help, but ultimately it s the wrong place to address the problem. Apache has built-in features too, but the performance cost of these features is prohibitive.

This has created a gap that a number of third-party solutions have attempted to fill. One solution you may have heard of is mpm-peruser, by Telana Internet Services. How well does it work, and how well does it perform?

  • A Bit of History
  • Installing mpm-peruser
  • Configuring Apache
  • Some Benchmarks
  • Other Considerations
  • Conclusions


Comments Off on Using mpm-peruser To Secure A Shared Server

Anyone know of a really great mind-mapping tool for OS X? It’s the one tool I haven’t picked up since buying my beloved MBP in 2006.

What I’m really looking for is something that supports a more 3D approach to mind-mapping than the traditional tools do (which just mimic pen and paper, at the end of the day). I feel constrained with having to hang all the nodes off a single central node – rich detail just doesn’t work like that, where things are much more interconnected. Ideally, it can cope with thousands of nodes, and support storing rich text or HTML in the notes at each node too. (Don’t want much, do I? 🙂

If you’ve got a favourite tool for this job, please leave a comment below. Ta.

Page 16 of 19« First...10...1415161718...Last »

This Month

May 2020
« Sep