28 July 2006

OSCON day 5

Short day today (just two morning sessions after the keynotes). Damian Conway gave a very funny keynote about patents. He's a really good speaker.

My first session was "Extreme Perl Makeover" by Peter Scott. This was another 'best practices'-type talk. The speaker suggested a couple of useful-sounding Perl modules: Text::Outdent sounds good for doing HERE documents without having to move them over into column 1, and Inline::Files lets you have several separate data sections after __END__.

Next was "Perl Hacks You Never Knew Existed" by chromatic. Just about everything he said went right over my head. But his talk got me interested in the Attribute::Handlers and Attribute::Method modules, which implement the subroutine attributes that I've seen in Catalyst and Class::Std. I managed to overcome the urge to get chromatic to sign my new copy of Perl Testing: A Developer's Notebook.

27 July 2006

OSCON day 4

One of this morning's keynote speaker was a fellow named Jason Scott. He made a documentary about the online bulletin board systems of the 1980s. His Web site is www.textfiles.com.

Some pretty cool sessions today. The first was "Subversion Best Practices" by Ben Collins-Sussman and Brian Fitzpatrick (both from google). A lot of what they said I'd gotten from the documentation. But they talked about a couple of features I hadn't heard of: autoversioning and autoprops. And they described a neat trick involving making the document root of a Web site be a working copy of a project, with a hook such that the working copy is updated whenever there's a change in the repository.

Next was "Low-Maintenance Perl" by Perrin Harkins. Most of his talk was along the lines of "don't do this in your code". Most of the things he discouraged were things I hadn't heard of or knew to be generally 'bad'. So that was somewhat encouraging. Damian Conway and Larry Wall were both in the audience--if this made the speaker nervous, he didn't show it.

After lunch (which was provided by OSCON [Aramark]), I went to "SQL Outer Joins for Fun and Profit" by Bill Karwin. He solved several interesting problems with outer joins. He used a syntax that I hadn't really seen before: he put row-elimination statements in the ON clause, stuff I'd only ever seen in WHERE clauses. He pointed out that the WHERE clause isn't evaluated until after the join, so it's often quite beneficial to eliminate rows in the ON clause (fewer Cartesian products that way).

Next was "Writing Maintainable Code with PHP" by Laura Thomson from OmniTI. I actually found her point of view a little puzzling. She said that, in general, she doesn't like frameworks, database abstraction layers, or templating engines. As I've come to rely pretty heavily on the latter two and am interested in starting to use the former (I have yet to find a PHP framework that I don't hate), I have trouble understanding how code which doesn't use any of those components is more maintainable than code which does delegate those tasks. But overall I thought it was a good talk, and she made lots of good arguments for creating a set of coding guidelines for your organization (how variables are named, how code is indented, documentation templates, lots of other stuff).

Then there was "Understanding ZFramework" by John Coggeshall. I confess that I sort of zoned out after I learned that the Zend Framework requires PHP 5 (I'm kind of stuck with PHP 4). However, it looks like ZF has a nice input validation component written by Chris Schiflett.

Finally, I went to "The Conway Channel 2006" with Damian Conway. He talked about a couple of modules he's been working on: List::Maker and Contextual::Return. C::R looks particularly cool. It does what wantarray() does, but also distinguishes between the different possibilities in scalar context (a string, a number, a hashref, an undef, etc). The module has lots of neat features and is very flexible.

Powell's bookstore was one of the exhibitors/vendors, and they were offering a 35% discount. So I bought a copy of Perl Testing: A Developer's Notebook. It's ordinarily around $30, and I got it for around $20.

And I talked to my high school buddy for around an hour. Sure enough, he's getting married. It was really good talking to him. I hope I'll be able to go to the wedding.

26 July 2006

OSCON day 3

Started the day by learning that my workstation at work probably has a bad hard drive. When my officemate rebooted it, he saw those two magic words...

kernel panic

Oh, well. I've (probably) got good backups.

I attended several sessions today. The first was about compiling a kernel to improve speed (only the drivers you need) and security (so a cracker can't load kernel modules--the speaker advocated a monolithic kernel, if possible). The speaker (Steve Suehring) mentioned a security-related patch called grsecurity, which sounds interesting. I wonder how it compares to the openwall kernel patch (hmmm, guess that's just for 2.4).

Next was "Maximum Netfilter" by Michael Rash of Solirix. He talked about several netfilter-related programs. fwknop does something called single-packet authentication, which is a more secure (albeit less convenient) version of port-knocking.

Then I went to "The Madness of AJAX" by Andrew van der Stock (it was about AJAX security). That was actually a little scary. Not because of anything that I've coded or something a co-worker has coded (I don't feel the need to run home and rewrite a bunch of AJAX), but the speaker did several demonstrations which were just spooky. Looks like several of the PHP AJAX toolkits have significant input validation problems, which are a little too reminiscent of register_globals. I'd like to buy a book on the subject, but there don't really seem to be any books on AJAX security (too new, I guess).

I finished out the day by attending the Perl lightening talks (a bunch of 5-minute presentations). It was sort of a strange potluck, punctuated by a rather bizarre performace called "A Perl module installation in 5 unnatural acts". But it gave me a few things I'll want to read about later: App::Ack (source code searches), Perl::Critic ('use strict' on methamphentimines), and stubmail.com (a re-implementation of SMTP by the SPF guy).

And I got voicemail from an old high school buddy of mine. Haven't heard from him in nearly 5 years. I suspect that he's renewing contact to send me a wedding invitation (good for him, if that's the case [good for him, in any case]). Maybe we'll be able to stay in touch this time.


Another couple of tutorials today. The first was "Advanced Perl DBI" by Tim Bunce. He showed up 15 minutes late, which was fairly annoying. But it was otherwise a good session. I learned lots of interesting and useful things. For example, fetchrow_arrayref() is faster than fetchrow_hashref(). And not a little bit faster, but several times faster. I like the convenience of fetchrow_hashref(), so that I can reference column values by name, rather than array index. But I learned that I can get much the same effect (and much more efficiently) using fetchrow_arrayref() and bind_columns().

I also learned that the DBI has built-in profiling capabilities, and prepare_cached() can be used in place of global statement handles.

The afternoon session was about testing Web applications. Part of the tutorial was about Grinder, a free load-testing tool (apparently, most such tools cost obscene sums of money). It looks pretty hard to use, but might be helpful. But most of the session was about a unit-testing tool called Selenium, which is also free. By contrast, it looks pretty easy to use. I downloaded it and ran the default test suite in Firefox. Two of the tests failed: they dealt with popup windows, which Firefox blocks by default. I then disabled popup blocking and re-ran the suite, and all the tests passed. Pretty cool.

Looks like my workstation at work has gone crazy. The kernel thinks that all the filesystems are read-only. I can't even reboot the thing remotely--I'll have to get my officemate to do it manually tomorrow. I never had this problem with Slackware, but I've now seen it three times with RedHats (twice on Fedora and once on CentOS). I'm wondering if it's LVM. I've never actually really used LVM features (like resizing a partition), so maybe I should go back to normal partitions.

The restaurant here in the hotel has an amber ale on draft called Drop Top. It's yummy.

24 July 2006

OSCON day 1

I'm at OSCON this week. I flew here yesterday (without incident). There were at least three other OSCON'ers on the DFW->PDX flight. The goodies aren't as cool this year: the bag is a canvas tote (we got nifty backpacks last year), and there were no really fun toys inside. Oh, well. I registered early, so I got the _AJAX Hacks_ book.

The wireless access is pretty spotty. I remember it being more reliable last year. Maybe it'll improve as the week goes on. The internet connection in my hotel room didn't work yesterday afternoon, but it's good now (it's how I'm doing this).

My room is a lot smaller this year (which is fine). But it's a nice view--I can see Mt. Hood. We actually flew right past Mt. Hood on the way in yesterday (I was surprised by how close the plane flew to the mountain).

This morning's tutorial was MySQL optimization. It was very informative. The speaker took the approach of optimizing queries over server configuration tuning (although he talked about that, too). Lots of good information. Looks like there's a possible InnoDB replacement engine coming out later this year called Falcon--that's good news, in case Oracle changes the InnoDB licensing or something (that came up in a question this morning--the speaker [Jay Pipes] said that it's "business as usual" for two years).

This afternoon was 'Higher-Order Perl' by Mark-Jason Dominus. He's really funny. The first half of the talk was really good (lots of the second half went right over my head). He talked about iterators, which was very interesting (good alternative to File::Find). He started his talk (which he gave barefoot) by throwing two chairs off the podium.