Web Development

Website development, speed and security

I'm a freelance developer, Hire Me

Page speed will be a ranking factor for mobile searches

Today's bug: I tried to store a UTF-8 string in a MariaDB "utf8"-encoded database, and Rails raised a bizarre error: Incorrect string value: '\xF0\x9F\x98\x83 <...' for column 'summary' at row 1 This is a UTF-8 client and a UTF-8 server, in a UTF-8 database with a UTF-8 collation.
ProxySQL: high-performance, GPL licensed MySQL proxy. It supports hundreds of thousands of concurrent connections and can be multiplexed to hundreds of servers.
Some variations on the fasted way for to send out a request without waiting for the response.

Time to move on from PHP 5.6

The last planned release of PHP 5.6 has now taken place - release 5.6.30. This is the last release that contains planned bug fixes. Any further updates will only take place for security updates and that’s limited to the next two years. Plan to upgrade to PHP 7 - if you are still using 5.6 then you are burying your head in the sand.

An article on code complexity in PHP frameworks. Laravel is a clear winner.

Measuring Code Complexity

Last week as I was refactoring and cleaning Laravel for the 5.4 release, Graham Campbell showed me some code complexity statistics for the framework. I decided to compare this against some other PHP frameworks to see how Laravel stacks up. I looked at a few metrics.

Caching makes things faster. You can use HTTP headers to ask a browser to cache XHR (XMLHttpRequest) and Fetch requests however watch out for the back button. It appears that the back button is a history mechanism and it shouldn’t try to show the current state of a resource. Read more in the article below.

You Do Not Understand Browser History :: madhatted.com

The browser does not respect HTTP caching rules when you click the back button.

Recently Ars deputy editor downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them.

This isn’t something new but I heard about it for the first time today. An attacker can work out a remote password by measuring the amount of time it takes for the server to respond for various inputs. Hashing a password won’t make a difference as this attack relies on the way a language like PHP does string comparisons.