In Golgota

I have been working on a PHP class that communicates with a Tokyo Tyrant server through the network API. It is not finished, I need to add support for calling Lua extensions through the ext() function and I have to write more documentation. I also need to test it more.

• Home : PHP Tyrant
• Documentation : PHP Tyrant documentation
• Source : PHP Tyrant source code

This is MIT license, feel free to clone and test.

Back in year 2000, I started to archive emails from cocoa mailing lists because I wanted to learn how to develop with cocoa and needed a searchable archive. Then, I built a small PHP application around that called cocoabuilder.com, so that others could also use it.

Maybe once a year, I get an email from someone asking me to remove her name from the archive. Since most people are polite, I usually do it, even if it means I have to waste some time digging into the database.

This time, I received an unpleasant email:

> If you do not remove all posts referencing my name at: > http://www.cocoabuilder.com/archive/message/cocoa/2008/8/25/216713 > I will be forced to take legal action against you.
To what I instantly replied "Be my guest".

Then I checked the message he was referring to. In this message, it is reported that he sends insults to mailing list subscribers privately and has racist language against Asian people. A message he sent to the mailing list subscriber is quoted for evidence. I can understand why he is upset to see his private correspondance publicly revealed, but I don't feel like removing this message and I don't have to since this information is already public. I will only remove it if Apple (or a court) asks me to.

To conclude, and for the fun of it, here is what he replied:

> Oh I see you're a frog. No wonder we had to save your sorry asses in WW2. > Ok - if that's the way you want it, I will be getting an attorney on Tues.
Nice guy.

Damn, I didn't really have the time to look at this version yet, but reading now the new features list, it looks like the most interesting PHP version ever.

I mean closures and lambda functions in PHP, I have been waiting for this for too long. Fileinfo, a very useful extension that I always had to compile is now bundled. Changes to the ternary operator ?:, hehe. A new MySQL driver which should eat less RAM ! ext/intl looks amazing too.

Well, this looks really great, I still have to test this (especially the anonymous functions) and see if it is as cool as it sounds.
Namespaces look weird with their antislash syntax tho... :/

Update : actually, given the long new features list, I start to wonder why they didn't call this version PHP6 ?

Hadopi utilise l'adresse IP pour identifier un potentiel contrevenant aux lois régissant le copyright. Dans le but de détecter des activités illégales, Hadopi devra donc surveiller les activités auxquelles se livrent les adresses IP sur le réseau Internet. Pour passer entre les mailles du filet, il faudra donc soit brouiller les pistes, soit trouver un moyen d'utiliser une adresse IP autre que son adresse IP officielle.

Dans le premier cas, l'internaute peut utiliser une connexion cryptée vers son service, ce qui rend très difficile l'identification du contenu téléchargé. Le contenu téléchargé pourra même être découpé en petits paquets cryptés et dispersés sur la toile. Dans ce cas, tant que le contenu n'est pas intégralement téléchargé, il est impossible de déterminer de quoi il s'agit. Ce type d'échange pourra par exemple se faire au sein de réseaux comme OFF System.

Dans le deuxième cas, il est possible de se connecter par l'intermédiaire de proxy hébergés dans des pays plus ouverts que la France (et la Corée du Sud), et donc de surfer avec une adresse IP différente. De nombreuses autres solutions embryonnaires se développent. Pour le moment, elles sont très difficiles à appréhender d'un point de vue technique, mais avec l'arrivée d'Hadopi, elles ne manqueront pas de toucher un public plus large. Quelques exemples :

http://www.i2p2.de/ http://gnunet.org/

Ainsi, grâce à Hadopi en quelque sorte, les solutions aujourd'hui embryonnaires d'échange de données cryptées et d'anonymat sur Internet vont pouvoir se développer. Avec comme effet collatéral de rendre accessible à tous des technologies qu'il était encore aujourd'hui difficile de mettre en place.

Car ce qu'il manque vraiment pour que ces technologies se développent, c'est une application concrète. Pourquoi vouloir se rendre anonyme sur Internet si on a le sentiment de ne rien avoir à craindre. Hadopi risque de rendre de nombreux internautes craintifs, voire carrément paranoïaques. Se trouvera-t-il parmi eux un génial développeur qui créera l'application que tout le monde voudra utiliser pour continuer à utiliser Internet tranquillement ? J'en suis persuadé.

Et quand je dis tout le monde, je pense aussi aux pédophiles et aux méchants décrits avec tant d'ardeur par Frédéric Lefebvre qui n'auront plus qu'à double-cliquer sur une icône pour pouvoir en toute tranquillité continuer leurs activités.

Alors, merci Hadopi...

I never used Google Checkout nor Paypal for my customers shops and this post on Slash7 along with the comments don't make me want to try.

We currently use either SIPS or CyberMut for such jobs because that's what most people use in France. They are also far from perfect, SIPS produces bad markup and is a bore to customize. I am not even sure CyberMut can use custom templates. But what's worst is that they are bad at detecting frauds. A bad guy can come and test all the credit card numbers he wants, they will allow it and even process the orders... So these systems are not very clever neither. SIPS relies on a key to encrypt form datum. I have noticed that some of their customers place their keys in public areas of their website, you can even find some on Google! That's to show the level of support these solutions provide... Furthermore, these solutions sometimes don't manage to contact our servers back so some orders don't get processed in our system even after they have been paid.

It seems there is room for improvement in this market. We need a solution where the level of security can be finely tuned, the pages can be fully customized and it needs to be reliable 100% of time. And last but not least, unlike Google Checkout, they need to keep in mind that the seller is more often the victim than its customer on the web.

I have been using PDFLib for over 4 years now on various projects. Of course, I had to buy the PDFLib license because most are commercial projects and we needed the PDI feature which allows you for example to use another PDF document as a template. So I bought the PDFLib 5 license, then the PDFLib 6 license update because if I remember correctly PDFLib 5 didn't support unicode or something like that. That's about 1000 euros each time.

Recently, we have upgraded our hosting plan from our hosting company and instead of a single CPU on the server, we now have two for the same price. It's a nice upgrade. Unfortunately, PDFLib didn't like the upgrade and now returns the following error when we generate a document with our serial number "Found 2 CPUs - license covers only 1".

Of course, I have contacted their sales department about the problem. They replied that I should either buy another license for PDFLib 6 for the second CPU, or eventually buy PDFLib 7 which doesn't have this per CPU limitation. Both solutions cost approximately the same price, more than 900 euros !

I don't feel like buying another license and I don't need PDFLib 7 "features". So, farewell PDFLib ! It was nice working with PDFLib but they obviously became too greedy.

I am going to investigate other toolkits. I know that most of them do not support features like PDI, but I can probably find another way around this issue. So far, I have found :

• Haru : There is a brand new PECL extension for Haru written by Antony Dovgal which was released last week in version 1.0. Sounds interesting !
• FPDF : These are mostly PHP classes. The author claims that it is not as fast as PDFLib but says it performs well. I have already tried this solution before and it was working very well but I was only producing PDF invoices for an e-commerce site. Building a full catalogue might be too much for it. The nice thing is its companion class FPDI which can also import existing PDF files and worked for me the last time I tried.
• TCPDF : In the same vein as FPDF, these are a set of PHP classes for generating PDF documents. I need to have a look at it as well. It seems to work with FPDI too.
• Panda : There is also a PECL extension for Panda, but I am not sure it is maintained and the project didn't release anything for a long time.
• Cairo : Cairo has a backend for PDF rendering. Given its strengths in graphics, this can be interesting but I think it will be too limited in my case as I need to create documents with multiple pages. There is also a PECL Extension for Cairo (there are two actually, but the other one didn't make a release yet).

I now have to evaluate them and rewrite some code for our new server. But in the end, I won't have to deal with PDFLib and its licensing mess anymore, so that's for the better.

Update : based on your comments, here are other interesting libraries to deal with PDF within PHP, http://www.ros.co.nz/pdf/ (not updated and not unicode aware it seems), ezPdf (looks too much integrated in an over-engineered framework. I couldn't even figure out where to download the class...), Zend_Pdf (well documented but I am not sure it supports features like PDI for importing a PDF), dompdf (an HTML to PDF converter, it is not what I need).

2008 s'annonce plutôt mal pour SFR et je m'en réjouis. Leurs mauvais résultats signifient peut-être que les gens se rendent enfin compte qu'il s'agit d'une société de voleurs et d'arnaqueurs, à commencer par leur service client qui est des plus déplorables et incompétents.

Sans compter leurs pratiques commerciales immondes qui consistent à vous faire croire au téléphone que tout est possible, par exemple avoir la clé 3G et l'abonnement téléphonique sur la même ligne, jusqu'à ce que vous vous engagiez pour une longue durée, comme ça il vous sera impossible de rompre le contrat, à moins de vouloir vous faire débiter plus de 700 euros d'un coup sans être prévenu.

Et pour vous empêcher de résilier le contrat dans les limites prévues par la loi, SFR prend bien soin de vous envoyer les éléments que vous avez commandé le même jour au compte-goutte et en plusieurs fois. Comme ça tout est bien flou et bien malin le client qui saura quand commence vraiment son contrat.

SFR est une société qui a une très belle communication et donne une image sympathique d'elle-même, mais l'intérieur est pourri, rongé par les magouilles, les arnaques, l'incompétence et les pratiques commerciales illégales pour lesquelles elle a déjà été sanctionnée à plusieurs reprises.

Oui, j'espère que ce billet leur coutera quelques abonnements. J'ai déjà prévenu beaucoup de monde autour de moi et partagé mon expérience. Je pense à ce jour leur avoir fait perdre quelques clients, une goutte d'eau dans l'océan... mais il faut savoir commencer petit :) Leur nombre de nouveaux abonnés baisse énormément cette année, je crois qu'il est passé de 70.000 l'an dernier à 14.000 cette année. J'attends le jour où ce chiffre sera négatif.

Donc si vous cherchez un opérateur téléphonique pour vos services de mobilité ou votre portable, n'allez surtout pas chez SFR, les autres opérateurs ont des offres équivalentes voire meilleures, peut-être les vendent-ils seulement un peu moins bien, renseignez-vous. En tout cas je vous aurais prévenu.

Mise à jour : Après plusieurs aller-retour et un courrier au médiateur des télécommunications, j'ai enfin pu récupérer mes 700 euros. Cela aura pris plusieurs mois.

There was recently an interesting post about scripting languages by Steve Yegge. What I particularly liked are the hints on other languages he gives and his invitation to try new languages.

I have been programming PHP since 1999 and felt a need to learn something new approximately when they launched Rails a few years ago. But instead of learning Rails, because I don't usually follow the hype, I decided to learn Python.

So, recently, I have been learning Python, then Ruby and now the Lua programming language. Out of these three languages, my favorite is Lua and it is where I spend most of my time now.

They are all excellent languages to learn and in many ways, they are better than PHP. As I said in a previous post, I now see PHP as a big blob which along the years have been developing in too many directions and is now facing a lot of problems because a lot of things were implemented incorrectly and were not carefully planned. It is not obvious at first, but when you start looking at other languages, you understand how some things could have been done and you realize how wrong they are in PHP. I am thinking of all the stuff you find in SPL, create_function(), call_user_function(), ::, $this->, parent::, instanceof, is_a(), the way static are handled, etc, etc. It's all a mess. And it starts to look in blog posts. From time to time, I read things about how nice it would be to have closures, traits, anonymous functions, weak references, duck typing in PHP and some hacks on how to imperfectly implement them.

And because PHP is not idiot proof, you will find a lot of people there with little knowledge about programming. Like this week's post of someone who says "function in_array() sucks because it is slow"... The more I know about programming and the less I find the PHP community interesting. It's like all the interesting people here are doing things secretly and don't take the time to share their experiences (unless they write books).

And the last things I have started to dislike is the way a company like Zend is taking over the language. I have also recently very much disliked Oracle buying InnoDB and Sun buying MySQL, although I was not surprised for MySQL given the road they had taken lately, which is actually a lot like the road PHP is taking with Zend at the moment. With rumors about Microsoft, Oracle, IBM buying Zend, I start to feel the fear. Because in the end, who decides what goes where in PHP core?

Here is a list of programming languages that deserve a look soon:

• http://www.scala-lang.org/
• http://www.digitalmars.com/d/
• http://www.haskell.org/
• http://www.iolanguage.com/
• http://nice.sourceforge.net/
• http://boo.codehaus.org/
• http://www.squeak.org/
• http://www-sop.inria.fr/mimosa/fp/Bigloo/
• http://www.erlang.org/

For a new online shop I am working on, I needed to copy all the products images from the old site to the new one. The challenge is that both sites don't run on the same server and a product can have multiple images which are stored in different subdirectories. Furthermore, I am not interested in copying thumbnails since those will be regenerated with better quality and probably different format.

In order to perform such a copy, recursive and using a filter, here is what I found on the net:

$ tar -cf - `find . -name "*_xl.jpg" -print` | ( cd ../dest tar xBf - )

This will recusively copy all my *_xl.jpg files into a ../dest directory, while also creating the subdirectories when needed. Perfect !

Here is a quick reminder on how I built Lpdf, the Lua bindings for pdflib, on my Intel mac.

• 1. First, installed the PDFLib binaries
• 2. Installed Lua from source
• 3. Didn't bother about the Makefile in Lpdf
• 4. Used the following sequence

export MACOSX_DEPLOYMENT_TARGET="10.3"
gcc -I/usr/local/include -Wall -O2 -fno-common -c
     -o lpdf.o lpdf.c
gcc -Wall -bundle -framework Carbon
     -undefined dynamic_lookup -o pdf.so lpdf.o 
     -L/usr/local/lib -lpdf

At first, I forgot the -framework Carbon flag which lead to dyld: Symbol not found: _FSPathMakeRef.