I just finished reading Professional LAMP. These four components make for quite a powerful open source solution. It is being used at the enterprise level, with companies such as Yahoo and Google taking advantage of the flexibility if can offer. This book is ideal for anyone wanting to delve further into this development environment. As far as I know, it is the first book to cover LAMP at the professional level. The full listing of chapter topics covered are as follows:
1. What's New in PHP5
2. PHP5 Object Oriented Programming
3. More Obscure PHP
4. Advanced MySQL
5. PHP Configuration
6. Apache Tricks
7. Site Security
8. PEAR and PECL
9. Code Efficiency
10. PHP Extensions
12. Caching Engines
13. Content Management Systems
As you can maybe tell, the above topics are a bit light on the "L" aspect of LAMP. Linux is covered briefly, addressed as the platform on which the AMP aspect runs. To be honest, I did not expect that this book would be a comprehensive look at Linux, because there is already a plethora of books out there. This book addresses in detail many aspects of Apache, MySQL and PHP.
- What's New in PHP5
This chapter covers the changes between PHP versions 4 and 5. This includes object-oriented programming, new functions, configuration changes, mysqli, XML support, Tidy library extension, and SQLite. Suffice it to say, there is quite a bit of information to absorb from this comprehensive first chapter.
- PHP5 OOP
This chapter opened with a good discussion on procedural versus object oriented programming. It then moved on to cover class definitions, methods and instances. One of the things I thought was cool is abstract, which allows you to create a class that can be extended by others. Using OOP methods also allows you to build an extensible API so that developers can create their own plugins. One such example would be peppers that people make for Mint.
- More Obscure PHP
This chapter was great, and helped to clear up some confusion for me. It covered some of the history behind Perl and C that led to PHP coming into its own. Like many languages, PHP has been around long enough that there is some "legacy" code still packaged in it. These relics remain only for backwards compatibility with older applications. Much like target="_blank" and iframe are deprecated as of XHTML 1.0 Strict, there are some things in PHP that are no longer supposed to be used, though they are still supported.
Anyway, the point is that PHP has breadth and depth that many programmers never even touch. They describe it like the English language, that though we understand quite a bit of terminology, most of us only use a small portion of it in our own daily vocabulary. Examples of things covered in this chapter are: callbacks, array_map(), array_walk(), array_filter(), preg_replace_callback(), call_user_func_array(), create_function(), glob() and creating streams.
They even discuss the code necessary to create an aerial orthophoto database query, such as would be seen in Google Maps' satellite view. They cover various compression methods for PNG files that make up the series of photos. I have to admit, it is pretty heady stuff, so you'll just have to check it out for yourself.
- Advanced MySQL
In this chapter, a simulated list of cars at an auto dealership is presented. They show you how to maintain data based on manufacturer, model, paint color, etc. There are many code examples for creating new entries, modifying existing data, and joining / merging tables. Also covered is how to use a MySQL database with the InnoDB storage engine, as opposed to the default MyISAM. Some of the benefits to this include transactions, row-level locking, and foreign key constraints. The one major drawback is lack of full-text searching. They also show you how to switch back and forth between MyISAM and InnoDB on the fly, should you ever need to use both in any particular situation.
In addition, the process of granting / revoking user priviledges is covered, which is a crucial aspect to understand if you want to have different tiers of access to different sections of your data. For instance, you might want the administrator to be able to affect everything, whereas your staff worker you would only want to be able to enter new entries into a product inventory.
- PHP Configuration
Next, they cover some of the basics of tweaking PHP for optimal performance. This all revolves around the php.ini file. They give several recommendations for settings to change, such as: register_globals = off, display_errors = off, log_errors = on, magic_quotes = off, asp_tags = off, and short_open_tag = off. They gave a compelling reason why to leave off short_open_tag, because instead being "< ?php", it is shortened to "< ?". This would cause a parsing error, because XML is written "< ?xml" but would be treated as PHP because it begins with "< ?" as well. If you plan on doing any AJAX, this would create major problems. Keen insights such as this are sprinkled throughout this chapter.
- Apache Tricks
This chapter offered a slew of helpful pointers on Apache Server, including sixteen pages on mod_rewrite alone, the Apache module that allows for more readable clean URL's, instead of messy addresses. Consider the following two examples, both of which lead to the same page (this very book review):
As you can see, while the first might be a bit more lengthy, it contains more memorable information, such as the fact this is an article, and it is a book review of Professional LAMP. This goes a long way in making things more human friendly, and helps search engines index your site more accurately.
Another topic covered is that of mod_deflate, a compression method used in conserving bandwidth. This will cause Apache to send along text such as HTML and CSS with white-space and line-breaks compressed in gzip format, which most browsers are able to interpret and then convert back into a plain text, uncompressed equivalent. The book gives the example of sending a Zip file in an email, rather than several separate attachments. There are also security tips, such as authenticating MySQL users or using SSL when uploading files.
- Site Security
This leads me into the next chapter, which is all about security. Inevitably, with the ungoverned way the Internet operates, you will have malicious people trying to mess with your website. Basically, if you want something secure, don't hook it up to the `net. That being said, there are significant precautions you can take in order to minimize the likelihood that your site will be compromised either intentionally or accidentally.
They explain how to control authentication with both Apache and then adding another layer of PHP checks, such as form validation or register_globals protection. Plus, there is a section on protecting yourself from SQL injection attacks. This nastiness works by using an input, such as comment form or discussion forum, to do things like drop tables or granting user priviledges. Suffice it to say, that can cripple a database driven site, such as this one.
- PEAR and PECL
It has been said that good programmers borrow, but great programmers steal. While I do not advocate ripping people off, the premise of this quote is that if it's been done before, you'd be wasting your time to re-invent the wheel. PEAR - PHP Extension and Repository, and PECL - PHP Extension Community Library are two big components of what make PHP so great. You could think of it as standing on the shoulders of giants, continuing to build where they left off. Basically, each of these is a big pool of submitted extensions that improve PHP's functionality. You could think of it like installing a plugin for the language.
There are far too many extensions to do justice in this review, but one of the ones mentioned in the book was the Date class. With this package installed, you can reference and modify the date with methods like these: addSeconds, getDayName, getMonth, getNextDay, getQuarterOfYear, isLeapYear, etc. As you can tell, each of those is more human readable than: echo date("Y");.
- Code Efficiency
This was a great chapter on balancing code efficiency with real time efficiency. In other words, you don't want to kill yourself over a few milliseconds of loading time, if it is going to take several hours of real development work, especially if that time could be spent better elsewhere. They gave an example of a server computer running software slowly. The first reaction might be to buy new software, resulting in days of lost productivity due to necessary data backup, operating system and program upgrades. In their example though, all that was needed was more system RAM, requiring only a few minutes of down-time.
They take this same principle and apply it to coding methods, benchmarking a few ways of writing mathematical computations, namely a<<3 versus a*8 to multiply a variable integer by 8. If that looks like Greek to you, don't worry because it's explained in this chapter. Essentially, it's an argument of binary notation versus long-hand yet human readable code. They even go so far as to benchmark single quoted (') vs. double quoted (") strings. After an extensive series of tests, and rendering two very complex 3D graphs, it appears that single quoted is in fact faster, though many things can affect the outcome.
Aside from the theoretical arguments, they also help address various server configurations in order to find bottle-necks. An example of this would be too little RAM on your server, or too fast of a server in comparison with too slow of a connection. A good way to think of it is the adage "The box, or the band?" If it's the box, then you can make hardware tweaks, but if it's the bandwidth causing the problem, then you can either up that allotted amount, or tweak various compression schemes and server / client caching methods, to make things go faster. In addition, they of course show you how to write leaner, meaner PHP code, to save on both processor cycles and download time.
- PHP Extensions
This chapter touches on the many extensions that are available. Two of the ones I found to be interesting were PDFLib and GD Library. PDFLib does what the name implies, and creates PDF files on the fly via server-side methods, pulling info from a database. They give an example of how to create a r?sum? maker that outputs PDF versions for download. GD Library handles images on the server-side, allowing you to do things like rotate, resize, and even add watermark overlays or text descriptions with varying opacity directly into the image. This can be seen on sites like iStockPhoto, which have a branded stamp across preview images, encouraging you to buy the unaltered version.
- Caching Engines
This is a good chapter for people who might be concerned about getting Slashdotted or being on the front page of Digg. Basically, it covers several methods of caching pages on a server, so that when a visitor comes, your MySQL database is not constantly being hit in order to serve up content that has not changed. This can be done in a variety of ways.
One such method involves using Alternative PHP Cache, which stores code from the PHP runtime engine in shared memory, so that it not recompiled each time unnecessarily. Other caching engines that function comparably are eAccelerator and the Zend Optimizer. They also cover JPCache, which is unique in that it does not require being installed as a DSO or built into PHP statically, because it runs off standard include and required statements. There is also one called memcache which requires its own daemon to be running on Linux, and caches database results in RAM to keep SQL from running, freeing up the hard drive. It should also be noted that according to this book, JPCache and memcache can "play well together" on the right server, further increasing response time.
In this chapter, they cover installing and configuring a few different CMS's. Most of these I had not yet heard of, for example Exponent CMS. This is an enterprise level system, which I found is table-based and not very standards compliant. Therefore, I am not recommending it to anyone. Another CMS mentioned in this chapter is XOOPS, which suffers from the same sort of poor front-end markup. Basically, this chapter was about antiquated systems with bloated code. Also listed were Mambo and PHP-Nuke, both of which should be avoided. To their credit, the authors did cite Drupal and WordPress, which are more accessible and standards compliant than the aforementioned clunkers.
With the exception of the last chapter, I found that the whole of this book is one that I will refer back to often as I continue to grow in my usage of the LAMP development environment. I would highly recommend it to anyone who has dabbled in the Linux / Apache or PHP / MySQL combo, but really wants to gain a more complete understanding of how they interact. It will definitely help anyone who wants to write cleaner PHP or provide a more responsive hosting server.