php-general Digest 28 Sep 2006 08:20:24 -0000 Issue 4372
Topics (messages 242321 through 242341):
Re: LAMP benchmarking tool
242321 by: Rasmus Lerdorf
Re: Download files outside DocumentRoot Dir
242322 by: Christopher Weldon
Re: I can see my php code in browser?
242323 by: Richard Lynch
Re: File Upload Security and chmod
242324 by: Richard Lynch
242329 by: Andy Hultgren
Re: Stored procs and transactions using Linux/PHP and Windows/MSSQL
242325 by: Richard Lynch
Re: strange errors from command line vs. web
242326 by: Richard Lynch
Re: Displaying MySQL results on runtime
242327 by: Richard Lynch
Re: Various errors being generated from an apache/php combo
242328 by: Richard Lynch
Re: Best open source project/framework to support a php training course?
242330 by: Ligaya A. Turmelle
242332 by: Larry Garfield
242334 by: Paul Scott
Logical OR in assignment
242331 by: Jason Karns
242333 by: Larry Garfield
242339 by: Kae Verens
242340 by: Kae Verens
Re: reading a remote directory
242335 by: Stefan van der Linden
Re: Display dynamic progress bar
242336 by: clive
Wallet based shopping cart
242337 by: wizard007
Custom Session Handler
242338 by: Glenn Richmond
Re: Print or Echo takes lots of time
242341 by: Ivo F.A.C. Fokkema
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Joseph Cheng wrote:
Is anyone using a reliable Linux/Apache/MySQL/PHP benchmarking suite?
There are benchmark software for individual pieces but I hope there is
one tool or several small tools that act together to give a picture of
how long a request takes from entering Apache, to PHP, to MySQL and
then back to the client.TIA!
There is no way a single tool can get you intra-request numbers for
that. Your best approach is to use a http benchmarking tool to measure
your entire roundtrip (http://acme.com/software/http_load/) and then
once you know your entire roundtrip time including latency numbers use a
profiler (http://valgrind.org/info/tools.html#callgrind) to figure out
where you are spending your time in your request.
-Rasmus
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
> On Mon, September 25, 2006 3:57 pm, Christopher Weldon wrote:
>> On 2:36 pm 09/25/06 "Ramiro Cavalcanti" <[EMAIL PROTECTED]> wrote:
>>> Hi Christopher,
>>> at first, thank you for your answer.
>>>
>>> I'd like to know if it's possible use this when php is running like
>>> cgi (php-suexec). I've put this code at httpd.conf at <module php>,
>>> then tryed to use it at .htaccess, but without successs.
>>>
>>> Thank you again.
>>>
>> Oh, in that case, you most definitely can't use the .htaccess
>> conditions.
>> PHP will have issues if you are running php-suexec.
>>
>> I'll see if I can think of any other ways around this, but php-suexec
>> definitely limits your usage for this simple fix right now.
>
> If you *want* that ugly HTTP Auth popup box, you can search on php.net
> for code to do that.
>
> If not, you can take that code, and replace the HTTP challenge with a
> simple login form.
>
> If they aren't logged in, the download just doesn't go...
>
How do you mean? The particular code that I was talking about included
doing authentication outside of an ugly HTTP Auth popup box and just
including a PHP script that checked that the user was authenticated, and
if not, either deny access to him or redirect them to a login page.
My proposal requires minimal amount of changes that the user would have
to do. He can keep his downloads in the web root and not have to load
ANY file into memory. The only PHP side of downloading a file that's in
the web root downloads folder is to check for authentication. Thus, a
very quick and scalable solution.
--
Chris Weldon
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 2:53 pm, Robert Cummings wrote:
> On Wed, 2006-09-27 at 21:45 +0200, [EMAIL PROTECTED] wrote:
>> hi,
>> I just installed suse se9 on one machine and didn't have a problem.
>> then
>> installed apache and works fine. installed php - didn't get any
>> error, but
>> when tested I was able to see my code (tested with <?php phpinfo();
>> ?>) in
>> the browser. for installation used yast.
Didja start/stop Apache after installing PHP?
> You need a line like one of the following in your Apache http.conf
> file:
>
> LoadModule php4_module /usr/local/php/phpWeb/.libs/libphp4.so
> #LoadModule php5_module /usr/local/php/phpWeb/.libs/libphp5.so
The configure/install scripts will only dink with httpd.conf under
certain conditions, in my humble experience...
#1. They find it where they expect it to be
#2. It "looks" like what they expect inside -- If you've made changes,
or the Apache Dev Team made changes, then they can't automate their
changes to the file anymore.
You really do need to understand how that httpd.conf file works anway.
:-)
> (you may not want all of them for your system):
>
> AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml .html
> .htm
You forgot this:
.css .shtml .asp .cfm
[evil chuckle]
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 12:12 pm, Andy Hultgren wrote:
> So I've been trying to figure out where php uploads files to
> temporarily
> store them before I move them to their permanent storage directory,
> and I'm
> having some difficulties:
>
> -- php_info() says the temporary file upload directory is "/tmp" but I
> don't
> know if that's relative to my root directory or what and can't figure
> out
> from the documentation how that path is displayed.
/tmp means the /tmp on the root of the hard drive, which your webhost
allegedly isn't letting you share...
HOWEVER:
It is entirely possible (nay, even likely) that they have you in a
ch-rooted environment where your "/tmp" is not somebody else's "/tmp"
so you'll just see "/tmp" and you don't have to worry about the fact
that it's not really really /tmp but somewhere else...
> -- I have tried to call pathinfo() and realpath() on my
> $_FILES['name']['tmp_name'] file before it is moved, but neither gives
> the
> full path to the file
If $_FILES['name']['tmp_name'] does already have the full path,
something is very wrong on your system...
Note that as soon as your upload-receiving script ends, the file is
deleted.
You *have* to use move_uploaded_file() on it in the upload-receiving
script to save the file somewhere else, or it's just gonna go away,
and you ain't gonna see it never again.
> Maybe I should have one of those disclaimers posted on my homepage
> like the
> ones that you see in taxis sometimes: "This driver never carries more
> than
> $20 cash." --> "This website never carries anyone's financial
> information." :)
:-)
While there are obviously people "out there" who will just attack
randomly, (spammers) I honestly believe that a
valuable/useful/warm-fuzzies site (in the eyes of the attackers) is a
much less likely target for an actual human attack.
I have absolutely zero evidence to support that claim, other than one
site that's been wide open to abuse for most of a decade, and only the
mindless spam-bots bother it... :-)
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
Well, seeing as I have no directory anywhere in my file structure called
"/tmp" and yet my file uploads are still working, it would appear that my
temporary file upload directory "/tmp" given by php_info() is somewhere
outside of my root directory. So that's good news! That's were I'll be
doing my file checks anyway before moving any files into my root directory.
Anyway, at this point it looks like I need to buckle down and do some
thinkin'. Thank you everyone for your advice, I really really appreciate
it!! You guys have given me a really good foundation to start from on these
questions of site security, and I appreciate you taking the time to pass on
your expertise to a newcomer.
All the best,
Andy
On 9/27/06, Richard Lynch <[EMAIL PROTECTED]> wrote:
On Wed, September 27, 2006 12:12 pm, Andy Hultgren wrote:
> So I've been trying to figure out where php uploads files to
> temporarily
> store them before I move them to their permanent storage directory,
> and I'm
> having some difficulties:
>
> -- php_info() says the temporary file upload directory is "/tmp" but I
> don't
> know if that's relative to my root directory or what and can't figure
> out
> from the documentation how that path is displayed.
/tmp means the /tmp on the root of the hard drive, which your webhost
allegedly isn't letting you share...
HOWEVER:
It is entirely possible (nay, even likely) that they have you in a
ch-rooted environment where your "/tmp" is not somebody else's "/tmp"
so you'll just see "/tmp" and you don't have to worry about the fact
that it's not really really /tmp but somewhere else...
> -- I have tried to call pathinfo() and realpath() on my
> $_FILES['name']['tmp_name'] file before it is moved, but neither gives
> the
> full path to the file
If $_FILES['name']['tmp_name'] does already have the full path,
something is very wrong on your system...
Note that as soon as your upload-receiving script ends, the file is
deleted.
You *have* to use move_uploaded_file() on it in the upload-receiving
script to save the file somewhere else, or it's just gonna go away,
and you ain't gonna see it never again.
> Maybe I should have one of those disclaimers posted on my homepage
> like the
> ones that you see in taxis sometimes: "This driver never carries more
> than
> $20 cash." --> "This website never carries anyone's financial
> information." :)
:-)
While there are obviously people "out there" who will just attack
randomly, (spammers) I honestly believe that a
valuable/useful/warm-fuzzies site (in the eyes of the attackers) is a
much less likely target for an actual human attack.
I have absolutely zero evidence to support that claim, other than one
site that's been wide open to abuse for most of a decade, and only the
mindless spam-bots bother it... :-)
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 11:50 am, Rick Emery wrote:
> Warning: mssql_query() [function.mssql-query]: Query failed in
> /var/www/html/business/entity.php on line 127
>
> which is:
> mssql_query('RollBack Transaction');
Smush all of that into one line in Google, and see what you get...
Oh, look:
http://bugs.php.net/bug.php?id=31498&edit=1
http://bugs.php.net/bug.php?id=31243&edit=1
.
.
.
:-)
>>> I'm just asking to see if anyone is successfully doing what I'm
>>> trying
>>> to do, and if so, what method is being used to accomplish it.
>>
>> The probability that *nobody* from the millions of PHP users and the
>> millions of MS SQL users is doing this is pretty much 0.
>
> Agreed. I just need to somehow find the successful one(s) :-)
It looks like the transactions may actually be doing the right thing,
just the return value of FALSE is fooling you into thinking they
aren't...
You may want to consider trying the Sybase drivers, if they work with
PDO...
Last I heard, the Sybase drivers were still faster and more reliable
than Microsoft's (MS SQL was a buyout-fork of Sybase at some point in
history)
No promise this is still true in normal usage, much less that funky
PDO stuff.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 11:36 am, blackwater dev wrote:
> I have some code that makes a connection to the db. When I run this
> code
> from the command line, it stops at the db connection.
Show us the code, without any embedded passwords, of course...
> If I call the
> script
> from the browser, it works fine.
This almost always boils down to:
PHP runs as "nobody" or a similarly unpowered user
You log in as you, blackwaterdev or whatever, with many powers.
In this case, it looks like 'nobody' has their own database, and is
allowed to connect to it, but you are not.
> I've changed the permissions and
> that
> didn't work.
Changed which permissions?
mysql_admin?
If so, did you reload the permissions after change?
File executable?
What?
> The db connection is the basic, localhost, root, with no
> password.
Now that is an entirely separate problem.
DON'T DO THAT!
:-)
> What else can I try?
You're going to have to create a user and set a password anyway, so do
that first.
There's no point in getting localhost/root/[blank] to work when it's
not what you want anyway.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 11:25 am, Mário Gamito wrote:
> I have this code to create a database and a few tables.
>
> Is there a way to display the MySQL actions at runtime, i. e., display
> the MySQL commands while they are being executed ?
If you happened to have each SQL statement in an array, you could just
echo them as you go...
Another option would be to use backticks and cat the file into a mysql
monitor shell, I guess, and then you'd see the stuff it prints out.
If the commands are static, and don't contain ';' in the data, you
could read in the file, $statements = explode(';', $sql); and then
you'd have the aforementioned array.
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
On Wed, September 27, 2006 10:25 am, Jochem Maas wrote:
>> Just to add more confusion, the errors are intermittent - sometimes
>> it works
>> fine, other times we get these errors which makes it even more
>> difficult to
>> pinpoint.
If you're using that autoload thingie, and the objects being loaded in
are complex and inter-twined enough, and if your include_once files
are loaded in some non-predictable ordering, you can easily make a
right mess of things real fast, and end up in this position...
This usually indicates (to this naive reader) that what's really going
on is that the developers don't really understand what functionality
is in what, the architect hasn't laid things out cleanly, and there's
a lot of copy&paste code floating around that works more by Voodoo
Programming than by Design.
Don't do that. :-)
I'm not claiming that this IS the situation here -- only that it's one
possible diagnosis of this symptom.
I'd have to read, or, more accurately, attempt to read and give up in
frustration, the source code to know for sure.
If you can't sit down and map out what PHP files get loaded when
throughout the course of your application, you don't have a chance of
understanding what's actually happing *IN* those files, do you?
--
Like Music?
http://l-i-e.com/artists.htm
--- End Message ---
--- Begin Message ---
There are a number of frameworks that you can use from PEAR (though many
argue over whether it is a framework), Solar, CakePHP, Symfony, Zend's,
and many many more. As for most OS projects - I don't know of a
particular project that uses a particular framework (someone feel free
to tell me otherwise). Many of the larger (aka well known) OS projects
tend to be hodged podged together from what I have been told (again
someone feel free to contradict me).
Might I make a suggestion to you - no matter which framework/OS project
you use... Have it be in PHP5. Yeah it may restrict you in options, but
that is where PHP is going and to my mind that is what someone new to
PHP should be learning.
You should also make sure to go over security in one of your classes -
the intro would be my preferred class since security is a mindset as
well as a way of coding. And it is easier to create habits then unlearn
and relearn them. Just my $0.02
OK - I'll shut up now.
Respectfully,
Ligaya Turmelle
-----Original Message-----
From: Pinocchio007 [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 27, 2006 7:25 PM
To: [email protected]
Subject: [PHP] Best open source project/framework to support a php
training course?
I am in charge of outlining a PHP/mySQL course (intro and advanced) for
an education institute. I would like to include in the course program an
in-depth study of an existing open-source project, allowing the students
to be confronted, from an early stage, to a real-world environment. My
problem is simple: which project/framework to choose in order to bring
the current "best practice" to our students, and prepare them for the
future. Not being a professional PHP developer myself, I would
appreciate any recommendation.
Which OS project would you include? Which framework? And why?
My first idea was "osCommerce", then somebody recommended "Typo3",
followed by a "go for Joomla". Well, I am hesitating.
Anybody can recommend an article/paper comparing the different PHP
frameworks/application architectures?
Is there a list where such topics are discussed?
Thanks for your help and recommendations.
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On Wednesday 27 September 2006 20:47, Ligaya A. Turmelle wrote:
> There are a number of frameworks that you can use from PEAR (though many
> argue over whether it is a framework), Solar, CakePHP, Symfony, Zend's,
> and many many more. As for most OS projects - I don't know of a
> particular project that uses a particular framework (someone feel free
> to tell me otherwise). Many of the larger (aka well known) OS projects
> tend to be hodged podged together from what I have been told (again
> someone feel free to contradict me).
Varies widely with the project. OSCommerce is a great application to study as
an example of what NOT to do. It's horrid.
On the other hand, Drupal is a very good example of using PHP4-era code to its
fullest. Modular design, plugin architecture, separation of logic and
content and presentation, function-level polymorphism, all kinds of good
stuff. (Disclaimer: I am a Drupal contributor, so I am biased, but I'm a
Drupal contributor because of how good a system it is.) Of course, Drupal is
not a framework per se, but a CMS/framework. It's not for the first time PHP
developer.
Here's another idea: If they're just starting out, don't give them a
framework. Make them work without one, then write their own, realize how
hard it is, then they'll appreciate what separates good code from bad code
much better. :-) One should never use a WYSIWYG HTML editor until one is
fluent in HTML tags and CSS by hand. Similarly, using a super-high-level
framework before you understand how to write a decent function that
manipulates a nested associative array to control an SQL query means that you
will never learn how to properly manipulate a nested associative array (which
is, frankly, what makes PHP teh awesome).
> Might I make a suggestion to you - no matter which framework/OS project
> you use... Have it be in PHP5. Yeah it may restrict you in options, but
> that is where PHP is going and to my mind that is what someone new to
> PHP should be learning.
True, and Zend is certainly pushing that hard. On the other hand, there's
plenty to learn with PHP 4-era code (although that can certainly be done in
PHP 5) before introducing advanced topics like magic object callback
overrides. Plus, better than 50% of the shared hosts out there today still
run PHP 4 for a mixture of legit and stupid cop-out reasons.
> You should also make sure to go over security in one of your classes -
> the intro would be my preferred class since security is a mindset as
> well as a way of coding. And it is easier to create habits then unlearn
> and relearn them. Just my $0.02
The very very very first code they write after "Hello world" should be a
secure input wrapper. Go over ALL the issues with PHP user input *in
historical context* (register globals, magic quotes, $_REQUEST as evil, why
you should get out of the global namespace as soon as possible, etc.) and
have them write code to safely get input from the user regardless of the
server configuration. That right there is a good solid challenge, but it
makes them paranoid from day one, which is how they should be. It also is
code they can (and should) then use in all their later projects.
10 points off for every way you find to hack their code. :-)
--
Larry Garfield AIM: LOLG42
[EMAIL PROTECTED] ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
--- End Message ---
--- Begin Message ---
On Thu, 2006-09-28 at 11:47 +1000, Ligaya A. Turmelle wrote:
> Might I make a suggestion to you - no matter which framework/OS project
> you use... Have it be in PHP5. Yeah it may restrict you in options, but
> that is where PHP is going and to my mind that is what someone new to
> PHP should be learning.
>
What you could do, is look at http://avoir.uwc.ac.za and have a look at
our PHP4 and PHP5 frameworks. Both use modular design, both have good
code generation modules, bith are MVC based and both are really easy to
install and learn. There is also excellent tutorial documentation to get
you started on a module of your own!
The PHP4 framework also has the added benefit of being a full fledged
e-learning system (LMS) that you can even use to deliver the courses...
--Paul
All Email originating from UWC is covered by disclaimer
http://www.uwc.ac.za/portal/uwc2006/content/mail_disclaimer/index.htm
--- End Message ---
--- Begin Message ---
I once saw the use of OR (|) in assignment.
$x = $y | $z;
Does this use bitwise OR? I'm trying to see if I could use the above
expression in place of:
$x = is_null($y) ? $z : $y;
Jason Karns
~~~~~~~~~~~
The Ohio State University [www.osu.edu]
Computer Science & Engineering [www.cse.osu.edu]
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.12.8/455 - Release Date: 9/22/2006
--- End Message ---
--- Begin Message ---
The single pipe | is bitwise OR, yes. You're probably thinking of this
construct:
a = b || c
Which is a valid and common default-value idiom in Python and Javascript, but
I don't think works in PHP. (If it does, someone please correct me because
I'd like to use it. <g>)
On Wednesday 27 September 2006 21:05, Jason Karns wrote:
> I once saw the use of OR (|) in assignment.
>
> $x = $y | $z;
>
> Does this use bitwise OR? I'm trying to see if I could use the above
> expression in place of:
>
> $x = is_null($y) ? $z : $y;
>
> Jason Karns
> ~~~~~~~~~~~
> The Ohio State University [www.osu.edu]
> Computer Science & Engineering [www.cse.osu.edu]
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.405 / Virus Database: 268.12.8/455 - Release Date: 9/22/2006
--
Larry Garfield AIM: LOLG42
[EMAIL PROTECTED] ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
--- End Message ---
--- Begin Message ---
Jason Karns wrote:
I once saw the use of OR (|) in assignment.
$x = $y | $z;
Does this use bitwise OR? I'm trying to see if I could use the above
expression in place of:
$x = is_null($y) ? $z : $y;
yes, '|' is bitwise OR, but that is /not/ a ternary operator.
it's not safe to just replace the ternary operation with the bitwise operation.
for example, if $y=5 and $z=9, then:
$x=$y|$z; -> $x=13
$x=is_null($y)?$z:$y; -> $x=5
Kae
--- End Message ---
--- Begin Message ---
Jason Karns wrote:
I once saw the use of OR (|) in assignment.
$x = $y | $z;
Does this use bitwise OR? I'm trying to see if I could use the above
expression in place of:
$x = is_null($y) ? $z : $y;
yes, '|' is bitwise OR, but that is /not/ a ternary operator.
it's not safe to just replace the ternary operation with the bitwise operation.
for example, if $y=5 and $z=9, then:
$x=$y|$z; -> $x=13
$x=is_null($y)?$z:$y; -> $x=5
Kae
--- End Message ---
--- Begin Message ---
I have to read a directory (on a windows machine) from another box (a
linux machine) and I thought that I could set the handle to the IP
address of the windows box, but that does not work. Do I have to open a
socket or is there another way?
Thanks!
You'll need a webserver to read the directory, as there isn't any program that
listens
by default. Or you could start up an FTP server and open a connection to that.
Regards,
Stefan van der Linden
--- End Message ---
--- Begin Message ---
well actually you can , firstly you have some element you can update
like a text box and then use javascript to up this text box.
what you then do is flush the content to php file generates and spit
out some javascript to change the text box data
I'm sorry, I should have said "You'll need javascript to do that." Oh
wait, I did.
tedd
True, I just clarified it a bit , I hope, by adding the info about
flushing the "javascript updater thing" from your php file.
--
Regards,
Clive
--- End Message ---
--- Begin Message ---
Hi,
I am looking for a shopping cart/member script that will allow members of a
site to purchase credits and then spend their credits on my site. I have
trawled for hours but can't seem to find one anywhere. :-$
Anyone got any ideas???????
Frustrated and wanting to move forward!!
--
View this message in context:
http://www.nabble.com/Wallet-based-shopping-cart-tf2349014.html#a6541046
Sent from the PHP - General mailing list archive at Nabble.com.
--- End Message ---
--- Begin Message ---
Hi guys,
I couldn't find a developers list, so I hope this is the right list to
post to. I need to create a custom session handler for our PHP server.
We have a memcache server and so want to use that to handle our session
information. I was able to get basic session code working via the custom
PHP user handler, but it has an inherent bug that means that the
following code doesn't work:
session_start();
session_write_close();
session_start();
session_write_close();
The problem is that when write_close is called, it wipes all knowledge
of the custom session handler. It's a documented bug, but hasn't been
fixed as of yet. So here's what I want to do to resolve this:
I want to write a custom PHP module similar to mod_user that handles the
memcache interface (mod_memcache) because this would avoid the issues of
the handlers being wiped etc... I've effectively replicated the
mod_user code (but changed it to a blank canvas) and incorporated the
appropriate makefile & configure changes to get it built & I get the
mod_memcache.lo file as an intermediate file. However, when I install
the PHP5 module in apache and set the save handler in the php.ini to
"memcache", it tells me that it can't find the memcache handler?
What's the process for setting up a new (custom) session handler in the
php build?
Thanks in advance,
Glenn.
--- End Message ---
--- Begin Message ---
On Tue, 26 Sep 2006 21:45:58 +1000, David Tulloh wrote:
> Google Kreme wrote:
>> On 25 Sep 2006, at 06:11 , Sancar Saran wrote:
>> ...
>>
>> If this is generating hundred of K of HTML, use ' instead of "
>>
>> (yes, it's faster).
>>
>
> I've seen this stated several times and at first glance it seems to make
> sense. The double quoted version has all the \n and related characters
> that need to be handled.
>
> Except that php is a C program and uses the printf family of functions.
> This means that all the single quoted strings actually have to be
> converted to escaped versions of double quoted strings, so internally
> '\n' becomes "\\n".
>
> You can see this in some benchmarks, I ran the following script and a
> single quoted version from the command line. I ran each 10 times,
> interleaved to try to balance changes in the system load.
>
> <?php
> $str="";
> for($i=0; $i<10000000; $i++)
> $str.="foo";
> ?>
>
> I found that the double quoted version averaged 5.5516 seconds against
> the single quoted script of 5.5627. Which really goes to show that
> while the double quoted version is faster the difference is almost
> completely irrelevent.
While we're at it (running benchmarks three times, varying amount of loops):
Benchmarking with 100K loops
Case 1 : 'Adding a 10-character single quoted string to a var'
Time : 0.23s - 0.24s
Case 2 : 'Adding a 10-character double quoted string to a var'
Time : 0.23s - 0.24s
Performance : Anywhere between Decreased 1.1% and Increased 26.7%
This seems really funny to me, cause I was under the impression a single
quoted string was faster... I remember benchmarking that before.
----------------------------------------
Benchmarking with 10K loops
Case 1 : 'Adding a 100-character single quoted string to a var'
Time : 0.03s - 0.08s
Case 2 : 'Adding a 100-character double quoted string to a var'
Time : 0.03s
Performance : Anywhere between Increased 0.7% and Increased 66.9%
Still funny... and numbers get higher, too.
----------------------------------------
Benchmarking with 1M loops
Case 1 : 'Setting a var with a 100-character single quoted string'
Time : 2.29s - 2.63s
Case 2 : 'Setting a var with a 100-character double quoted string'
Time : 2.53 - 2.78s
Performance : Anywhere between Decreased 3.1% and Decreased 16.3%
Now this is probably what I saw previously and what made me decide using
single quotes where possible.
----------------------------------------
Benchmarking with 1M loops
Case 1 : 'Setting a var with a 100-character single quoted string incl. a
variable (concat)'
Time : 3.59s - 4.07s
Case 2 : 'Setting a var with a 100-character double quoted string incl. a
variable'
Time : 4.14s - 4.40s
Performance : Anywhere between Decreased 8.2% - Decreased 19.2%
Well, try not to use variables in a string, but concatenate it together.
----------------------------------------
Benchmarking with 1M loops
Case 1 : 'Setting a var with a 100-character double quoted string incl. a
variable (concat)'
Time : 3.58s - 3.79s
Case 2 : 'Setting a var with a 100-character double quoted string incl. a
variable'
Time : 4.12s - 5.24s
Performance : Anywhere between Decreased 14.9% - Decreased 38.4%
Same with using double quoted strings only...
----------------------------------------
Hey! It's coffee break already!
Ivo
--- End Message ---
