AKA Marketing.com Logo            VISIT THE BLOG            

Blogged thoughts, is our web blog. Expect views, opinion, rants and tirades about everything and anything 

« Home / Forums »        


Subscribe to our SEO / IT related blog by entering your email address below

Blogged thoughts

| by the www.akamarketing.com team

Archive for the 'Hosting' Category

PHP 6 - a brief look ahead

Monday, June 26th, 2006

Despite the fact that PHP 5 is still not yet supported by all of the webs main hosting companies, the show must go on and this means the ongoing development of PHP 6. The minutes of all the PHP developers meetings are available on the www.php.net website and provide us with a fairly reliable look at what we can expect from PHP 6. The exact location of the minutes is http://www.php.net/~derick/meeting-notes.html. This document is over 83 KB and your most likely not going to read it all, I however have gone through it intermittently over the last few days and although there are a tonne of proposed changes, only three of these proposed changes are likely to be seen as major and having an effect on the general PHP developer population. The three major changes are that register globals, magic quotes and safe mode are all to be ditched.

Register Globals is a PHP directive that when turned on automatically sets all EGPCS (Environment, GET, POST, Cookie, Server) variables as global variables. This means that to use a post form variable you need only reference it by its name and not by its full location within the post array. For example to access the value of a form (submitted by the ‘POST’ method) textfield called firstname with register globals on one would simply use $firstname, however with the register globals directive switched off one would have to use $_POST['firstname'].

Enabling register globals appears then to be more convenient but it is also more of a risk as writing insecure code becomes a lot easier. The reason for this is that with register globals on a developers script can be injected with all sorts of variables including HTML form values and URL get values (which can easily be manipulated by a hacker). With EGPCS variables and internal variables that are defined in the script itself so easily available the programmer can mistakenly open a ‘door’ or a ‘hole’ to a hacker by simply getting confused. A great example of a potential security risk created by bad coding with register globals on is available on http://ie.php.net/manual/en/security.globals.php (see example 29-1 near the top). Although register globals was turned off by default as off PHP 4.2, many webhosts use earlier versions of PHP and others simply manually set the directive to on. To eliminate any risks associated with having register globals on then the development team of PHP 6 decided to get rid of the directive altogether. This means that any scripts which made use of the register globals directive must be rewritten before being ported to PHP 6 as they will not work otherwise.

Next there’s magic quotes, this directive when switched on automagically escapes incoming data (such as POST form values) to any PHP script. This means that you will not have to run addslashes() to prevent MySQL (and others which escape characters with a slash) returning a syntax error when a user enters in a ‘ (for example) in a form textfield. Magic quotes (when switched on) helps beginners code more safely and it’s more convenient as addslashes gets run by PHP without any explicit calls by the coder. The magic quotes directive can however be set to on or off without any influence from within the script itself as input parameters are escaped before the script starts, this means that developers have the cumbersome task of having to first check if it is on and then having to run or not run addslashes() accordingly. Unexperienced programmers could simply assume it is either on or off and code accordingly which will of course effect the portability of an application as obviously some servers will have it switched on and some will have it switched off. In an effort to clean up the code and remove any ambiguity the developers of PHP 6 have decided to remove magic quotes functionality altogether, this is fairly significant and will require code rewriting for those applications and scripts that relied on the magic quotes directive being on (without checking) before these same applications and scripts will work on PHP 6.

Safe mode too is on the way out. PHP safe mode is an attempt to solve the shared-server security problem (according to PHP.net anyhow). When PHP safe mode is on lots of functionality is turned off and other functionality needs a higher degree of authorization (such as UID checks) to run, not only does this frustrate many developers whose hosts have safe mode on but it also gives off the impression that PHP is completely safe with safe mode on, even the most inexperienced PHP coders know this is not the case. The particular section of the developers meeting minutes corresponding to safe mode is found at http://www.php.net/~derick/meeting-notes.html#safe-mode. I don’t believe that the removal of safe mode will require major code changes for applications and scripts to work on PHP 6, please tell me though if I’m wrong on this one (it has been known to happen…)

Although the minutes of the meeting are not final it’s looking like PHP 6, if developed according to them is likely to go through an even longer ‘probationary’ period with webhosts than PHP 5 did (and is still doing) as an awful lot of scripts stand to be broken with any rushed migration to version 6 of this very popular web programming language.

myhost.ie - lets hear it for the little guy

Friday, May 12th, 2006

Well as you can see the new version of akamarketing.com has finally been launched after months and months of hard and tedious labour by our team, one thing which wasn’t hard though was switching hosts. Before I continue let me mention why I decided to switch hosts.

The reasons were twofold, firstly I was getting sick to death of receiving all them ‘Vbulletin database error’ messages vbulletin was forced to send out when my dreamhost.com hosted database systems went down time after time and refused connections to willing forum visitors. As well as the database issues which vbulletin let me know about the guys at dreamhost constantly let me know about this server crashing, this service down etc. The thing that annoyed me most about this was how they always sign off their emails as ‘The Happy Dreamhost Server fixing team’ or the ‘The Happy Dreamhost broken system repair team’, blah blah blah. I think they are trying to come across as funny or hip. Well I say if they want to be funny, hit the New York stand up scene, but if you want to be in the hosting business, then provide at least some degree of reliability to your clients (yes that includes clients who use databases).

The second reason was that I wanted akamarketing.com to appear in the ‘pages from Ireland’ search on Google.ie (which Google.com redirects to for every Irish IP) to reach more of the people that are likely to become search engine optimisation clients of mine. In order to appear in Google’s results for a specific country a website must either be physically hosted in that country or have the domain name extension of that country. Since akamarketing.com is a very well established domain I did not want to change to akamarketing.ie and since dreamhost was located in the United States this meant that changing to an Irish host was the only viable option.

I don’t know how I did it but somehow I stumbled across the myhost.ie website (I’m sure Google had something to do with it though) when looking for a suitable webhost based in Ireland. After looking through the different hosting packages they had to offer and checking everything was up to stratch pricewise and feature wise, I decided to drop them a mail to ‘look under the hood’ of their services and find out about the little but important things that hosts generally don’t mention on their pages such as PHP version, MySQL version, curl version, whether or not ssh access was allowed or not as well as one or two other things.

I got my reply within an hour or two I’d say, which impressed me a lot as good support (sales or technical) is important to me, but I kind of thought that this might just have been a once off quick response time and not the norm. Anyhow over the next few days I was in touch over email with their main support guy, Martin Saunders in relation to my specific requirements in terms of functionality, storage space and bandwidth and the response time for this series of emails was under an hour, sometimes replies came through within minutes. Anybody used to dealing with webhosts should know that achieving regular response times like these to emails is pretty darn good. As far as what I needed (specification wise) on any hosting plan which I may sign up for, most things I needed where already installed/configured and Martin let me know that others could be setup as needed with little hassle. This coupled with the speed of the responses made my mind up to host with myhost.ie, a relatively unknown host trying to compete with the ‘big guns’ of the Irish hosting industry such as hosting365.ie and host.ie.

After a couple of weeks finishing off the various sections and designs of the new akamarketing.com site I signed up for a myhost.ie package. It just so happended that the current special offer package was closest to what I predicted I would need in terms of space and bandwidth so I saved myself a few euro in the process too. I would however have paid the extra if there was not a special package deal at the time, as I honestly believe that no serious webmaster should get hung up over a few euro, dollars, pounds or whatever when quality hosting is at stake.

After uploading the new site, I of course did have the usual teething problems associated with moving hosts, so I contacted myhost.ie with my first (and second, third etc..) technical support issues as a paying customer and the same pattern of quick responses brought me solutions to 95% of my issues which is great and much better than what a massive company such as dreamhost.com did for me during my almost three year stay with them.

As far as reliability and speed of servers is concerned so far so good, but of course I’ve only recently moved so could not make full judgement on these issues until some time has passed and some of my new server intensive SEO tools get a good runabout. For those that are interested myhost.ie runs plesk 7.5 hosting control panel software which makes managing your domain a snap. The really experienced webmasters among us could do most things they needed to with a text editor and an FTP program, but for everyone else plesk is a godsend.

So the bottom line for this post (well actually bottom paragraph) is to show my appreciation for myhost.ie (and particularly Martin Saunders who was great and very knowledgeable about all my issues) even at this early stage in our relationship. Without doubt they are a small time player in the Irish hosting industry and in the eyes of many have not ‘proved’ themselves but with excellent support, excellent features and moderate pricing they are certainly doing the right things to merit considerable growth and recognition in the hosting industry in Ireland. All at akamarketing.com appreciate their help and wish them the best of luck.

12 Lorcan Crescent, Santry, Dublin 9, Ireland +353 87 9807629