I'm pleased to announce that I'll be speaking at OSCON again. I have the pleasure of co-presenting an Extending PHP tutorial session with Marcus Boerger, giving a new talk entitled Hot Chocolate: Creating Cocoa apps with PHP, and the tried and true PDO Talk. As always, I'm looking forward to catching up on what's going on outside of my usual stack of software, meeting up with friends and making a visit to my favourite restaurant. I hope to see you there :-)
I've got a couple of full-time positions open on my engineering team. We believe in a fun but focused development environment: open-plan, flexible hours, and great benefits. Our customers include Fortune-500 companies, hot startups and tier-1 telecommunications carriers. Our software helps those customers deliver billions of email messages per day.
I'm looking for one mid-level and one mid-to-senior-level engineer with strong "C" programming skills (3+ years of professional experience). These roles involve design, implementation and testing of our flagship email server product. E-mail encompasses a very broad range of standards and specifications which in turn means that our code base touches on a little bit of everything; it's both interesting and challenging. [Full Job Description]
I'm also looking for someone with a knack for breaking things. This person would be dedicated to dreaming up ways to make the product stress out, panic and fall over, and distilling that abuse into test cases to run in our white box, smoke testing, stress and soak testing environments. This position requires strong Perl skills and 3-5 years industry experience. [Full Job Description]
If you're interested in working with us, please send your resume to me: jobs@messagesystems.com.
You may be aware that we're starting discussions on the future of PDO; despite being pretty good for many common uses, it isn't perfect, and we want to improve it. One of the items to be discussed is whether we can or should adopt a Contributor License Agreement (CLA), which will make it simpler for the database vendors to work together with us on PDO.
The discussion is aimed chiefly at the "core developer" community, that is, the people that are working on the internals code for PHP, because the CLA would impact how they contribute to PDO. The broader PHP user/developer community would not be affected by a CLA (if we were to go that route), as it would not affect their ability to use PDO in their applications.
If you are wondering what all the fuss is about, you might be interested in reading the transcript of a conversation I had on IRC this evening; you can find it below. It's between myself and a few members of the PHP Community IRC channel on FreeNode (used with their permission!), and I think it does a good job of explaining in fairly simple and somewhat unbiased terms a couple of the main arguments for and against the CLA. I'm not saying that this is all there is to it, just that these are likely to be the main points that the core developers need to discuss first.
It would be premature to say that you are for or against PDO 2 at this stage because we are yet to define what PDO 2 will actually be; that is the purpose of the discussion on the PDO mailing list.
If, after reading this, you have questions or comments of your own, then please read the email that Andi and myself put together, take a look at the FAQ, and if your question is still unanswered, join the discussion on the PDO mailing list (read the archives first!) Browse it via the web, over NNTP, or subscribe via email.
We'll be working to update the FAQ to reflect questions and answers that keep coming up. It's important to direct questions and comments to the mailing list, so that we have an archive of the discussion and a single thing to keep track of.
Here is the transcript from IRC; the initial question was in response to blog entries from Antony and Pierre, and some questions are based on content from our initial email to the PDO list.
21:59 <vluther> Wez: so why would a CLA be bad?
22:00 <Wez> vluther: two arguments are 1) it actually increases the risk potential
for some companies that have a patent portfolio (Rasmus and Adam
brought this up on internals a little while back)
22:01 <vluther> but that puts the company at risk, not php right?
22:01 <Wez> vluther: 2) The contributor community might be segmented into people
that can/will sign the CLA and people that won't, which could be bad
for the community (but also might not matter)
22:02 <Wez> vluther: yeah, it puts the company at risk, not PHP, which means that
it makes if difficult/impossible for people that work for those companies
to contribute
22:03 <vluther> ahh, so if we force a cla.. then we risk losing contributors.. got it
22:03 <vortex`> does it work the other way, no CLA no commercial support?
22:04 <Wez> vluther: yeah, that seems to be the main argument against it really.
Whether that has a tangible impact is something to discuss
22:04 <Wez> vortex`: without a CLA, the amount of support that a vendor can provide
would be limited, because it is difficult for them to share their work
with the other vendors (they're in competition)
22:04 <vluther> Wez: so the say no movement is based purely out of fear of what may
happen?
22:04 <Wez> vluther: yep
22:08 <coldflame_> can i ask why it's been important for php to _not_ have a legal
entity?
22:09 <Wez> coldflame_: it's not "important to not have one" so much as impossible to
retro-fit one. To do so would require tracking down everyone that ever
contributed and sign off on transferring that work to the legal entity
22:09 <coldflame_> Wez: ahh.. thanks
22:10 <Wez> so PHP as a whole could never (in any practical sense of the word) be put
under CLA
22:10 <coldflame_> Wez: is there a list of main vendors?
22:11 <Wez> and that was another of the fears that people had about PDO being under a
CLA; that it would "leak" out to affect PHP as a whole
22:11 <Wez> coldflame_: Andi, Ilia and myself have been talking to MySQL, PostgreSQL,
IBM, Oracle and Microsoft
22:11 <Wez> all of which want to contribute to PDO
22:11 <vortex`> nice :D
22:12 <Wez> the problem is doing so in such a way that the companies feel happy about
Working together, and in such a way that doesn't cause problems with the
php developer community
22:12 <Wez> and that's what I want to get people discussing on the pdo mailing list
22:13 <coldflame_> Wez: oh cool, and the last of my n00b questions is that this CLA is
Meant only for PDO yer? not to be confused with the one for PHP?
22:13 <Wez> correct, we don't want and are not suggesting that PHP go under CLA
(it's impossible anyway), just that putting PDO under CLA will let us get
the most out of the vendors
22:14 <coldflame_> Wez: thanks for your clear and concise answers :)
22:14 <Wez> coldflame_: you're welcome.
22:15 <vortex`> coldflame_: just judging how good pdo1 is, pdo2 should be a cracker :D
22:15 <coldflame_> Wez: good luck :) i look forward to hearing about it
22:15 * coldflame_ signs up to pdo list
Please don't comment on this blog entry, discuss on the pdo mailing list instead!
I was scheduled to appear at PHP London 2008, but due to unforeseen circumstances, I've had to cancel my trip and back out from the conference. I don't like doing this, but unfortunately don't have much of a choice. Thankfully, the PHP London folks have managed to find replacement speakers for the two sessions that I was going to give.
If you're going to be in or around London on the leap day (February 29th), or are within commutable distance, then you might consider attending the conference; it's a one day conference with a number of expert speakers from the PHP Community. If you sign up now, the early bird rate is only GBP 90. Find out more at their web site.
I was really looking forward to this conference, and I'm sorry that I'm going to miss it; I hope you have fun!
I've had some code hanging around on my laptop for the better part of a year (feels like two, but I don't think I've had my MBP that long), that implements a bridge between PHP and the Objective-C runtime. This is similar in spirit to CamelBones and PyObjC, but obviously a bit less mature.
Yesterday I debugged the last portion that I regarded as a total showstopper for anyone else that might want to use it, and added a script that pulls in your PHP installation and dependent libraries (such as Fink or Mac Ports libraries) and generates a "Bundle" and optionally a DMG containing the Bundle. I also persuaded Jan to try it out on Leopard, and discovered that Apple has deprecated most of the things I've been using for this (doh!) but we got it working on Leopard too. (note: you'll need to build your own PHP on Leopard, the one Apple ships has had its exports stripped, so you can't run the extension--it'll build, but not run)
There's still some way to go before I consider this "nice" to use, but it's a solid start. Jan built a simple GUI for the ping command:
I want to underscore that this is still in the very early stages, and that you'll most likely need a good bit of C and Objective-C savvy to get the most out of it right now, and that neither Jan nor myself can guarantee to fix problems that arise, but I in the spirit of release early, release often, I've put the code into the PHP CVS repository in the php-objc module, and created a php-objc mailing list on the PHP list server.
So, if you can figure out how to get at the code and on the mailing list, welcome! If you can't, it's too early for you to participate; you'll need to hold tight until we've made things easier to use.
It's been a long week, but, as is usual for ZendCon, it was worth it.
Short version:
If you're looking for the slides from my Best Practices for Sending Mail from PHP talk, they are available here.
Highlights: Microsoft announces their first PHP extension (for talking to SQL Server) and go-live for their FastCGI support, Terry Chay on Ogres, new Trading cards and a couple of really nice drinks courtesy of Christian Flickinger and Curt Zirzow. Oh, and Joel Spolsky on something that had nothing to do with PHP, but was good fun all the same.
Things I'd rather forget: the Yahoo disco with obnoxiously loud and crass comedian and crappy beverages--your choice of Bud or Bud Light (which ran out), mediocre (at best) lunch offerings.
Long version:
I got in on Sunday at around noon, and had 3 hours to kill before I could check into my room. That was mildly irritating, because it meant hanging around in a "well travelled" state--it would have been nice to have had a shower a little sooner. I met up with some familiar and some not so familiar faces in the sports bar, and later over dinner. I persuaded Sara to procure a 4-pack of Red Bull for me (BTW, if anyone from Red Bull is reading this and is considering people for sponsorship deals, I'm an extreme programmer :-), and we planned some finishing touches for our tutorial session.
The Extending PHP tutorial was the next day; one full day of internals hackery featuring Marcus, Sara and myself. Usually these sessions attract 20-30 people, of which maybe 2-5 people admit to having developed in C or written their own extension. This particular session had 40-50 people at the start and a good 30+ had done C or extension development. I forgot to ask how many of those people work for Yahoo, but I'm guessing that a significant portion did. The turnout and qualifications of the attendees made for a very good session; there were good questions at the right places.
The next day I went to Terry Chays talk on Ogres. He also mentioned that simplicity is the new complexity and how complex is the new simple. I wasn't quite sold on the analogy, which got confusing when he used the word simple on a later slide (did that really mean complex? ;-) It was an entertaining talk, and I think I got the gist of what he was trying to say, which, simplified (complexified!?), is something along the lines of: you can build elegantly complex systems from simple building blocks, and those systems will have a comparatively low complexity compared to over-engineered systems. You could also say KISS, and remember the Pareto principle.
Later that day I gave my Mail talk to approximately 50 people in the big room used for the keynotes, which had a camera at the back and some big bright spotlights shining on the podium to illuminate the speaker. If you've ever been on that side of the room before, you'll know that those lights make things difficult because you can't see anything but silhouettes beyond the second row, and that makes it quite hard to read the body language of your audience for cues such as sleeping, nodding off, laptop use and actually looking at you. Despite this, I think the session went quite well, with good questions being asked throughout.
I don't really remember exactly what I did on Wednesday, aside from work, but recall helping Elizabeth Marie Smith with a build issue, Joe Stagners session on PHP-and-Windows, Lauras best-practices talk and sitting in on a Silverlight un-conference session.
I was in a meeting all day Thursday, so I missed the conference sessions, and saying goodbye to the folks at the conference. I was up at 3:30am the next morning to make sure that I made it to the airport for my flight home, touching down later that evening, just in time for the sunset.
It was great to have some more "face time" with people that I don't see too often, or that I've been corresponding with over email. I've been working in a fixer/advisor capacity towards a couple of PHP related things over the last few months, and this was an excellent opportunity to follow up on those things.
A lot of hours were spent talking, and I greatly value the conversation and the company. It might sound like these conferences are a week-long party, but they're hard work because the intensity level is so high. A typical day has me up around 6-7am and down for breakfast in under an hour, and then the whole day is spent talking or listening to people talking up until around 2am. I am by nature a fairly quiet person, so I find these events especially taxing, but it's worth it.
So thanks to everyone that shared their time with me at the conference, and I hope to see you next time!
I'm excited for OSCON, so much so that I don't mind my 5am start tomorrow. I'm in good spirits; we reached a big milestone at work a week or so ago and I've had a couple of days vacation, so I'm feeling rested and receptive for what I think is the best OpenSource conference out there.
As I mentioned in an earlier post, I'll be co-hosting a tutorial on extending/embedding PHP with Marcus Boerger bright and early on the Monday. If you're planning on attending, I strongly recommend pre-caffeinating yourselves as it will be an intense 3 hours! You can also see me doing my usual PDO talk (when people stop asking me to give it, I'll stop giving it!) on the Thursday.
Aside from getting together with the usual crowd again, I'm hoping to make some new friends. I'm also looking forward to some fun social events around the conference, and particularly looking forward to visiting my favourite restaurant in the whole world (I'm not going to tell you what it is until after I've been thereāit's mine, all mine!).
After the conference I'm bouncing up to Seattle for a Sushi-and-Xbox-360-on-120-inch-screen party with friends and colleagues from OmniTI. And after that, I'm bouncing down to San Jose for a couple of days before red-eyeing it back to the office.
A busy schedule ahead, and just over a week away from home; I think it's going to be a good combination of fun, busy, tiring and restful all at the same time.
If you see me there, stop me and say hi!
I've been a little tardy in mentioning this, but I'll be at ZendCon this year.
I'm co-hosting a mega tutorial session on Extending PHP with Marcus Boerger and Sara Golemon (this time, we three really are all there!), and giving my talking on best mailing practices for PHP.
That's right, no PDO talk this time around; it will make a nice change for me (not that I don't like giving that talk, it's just that I've given it so many times over the last couple of years!).
I like ZendCon; it has a good balance between business and dev. If you can persuade your boss, or you are the boss, you could do worse than book yourself into the conference.
This year, join Marcus Boerger, Sara Golemon and myself in an intense 3 hour tutorial covering everything we can possibly fit in the slot on the topic of Extending/Embedding PHP. Just in case you didn't know it, the three of us form something of a power trio when it comes to PHP internals, so who better to give such a tutorial eh? Having given my share of talks on this topic in the past, I'm not joking when I say it isn't for the faint hearted; there's a lot of material and 3 hours is short (we wanted a longer slot, but we'll take what we're given). Oh yes, it kicks off at 8:30am on the first day. Make sure you are suitably caffeinated for the kick-off and throughout.
Later in the week, at the more respectable time of 1:45pm, I'll be giving my PDO talk again. I've been given a 45 minute slot again, which is a tad tight, so I'll do my best to avoid spilling over into the next talk.
OSCON is my favorite conference; there's a lot of diversity in the content and the people which makes an excellent melting pot for ideas. It's interesting and a lot of fun; the conference highlight of the year. I'm looking forward to it, and to perhaps seeing you there.
This post is in response to this comment on my blog (because I have no idea who that is :-). Here's my suggestion on how to get the most out of your OpenID.
I'm currently using AOL as my preferred identity provider; I also have accounts with Verisign and MyOpenID. If you already have an AIM account, you can use AOL as your identity provider without having to explicitly sign up for another service (which means that you don't need to remember yet another password).
So, assuming that you're using AOL, the next thing to do is edit your home page or blog template and add a couple of lines to the <head>:
<link rel="openid.server"
href="https://api.screenname.aol.com/auth/openidServer">
<link rel="openid.delegate"
href="http://openid.aol.com/wezfurlong">
If you're using Verisign PIP:
<link rel="openid.server"
href="https://pip.verisignlabs.com/server/" />
<link rel="openid.delegate"
href="http://wezfurlong.pip.verisignlabs.com/" />
<meta http-equiv="X-XRDS-Location"
content="http://pip.verisignlabs.com/user/wezfurlong/yadis" />
<meta http-equiv="X-YADIS-Location"
content="http://pip.verisignlabs.com/user/wezfurlong/yadis" />
And for MyOpenID:
<link rel="openid.server"
href="http://www.myopenid.com/server" />
<link rel="openid.delegate"
href="http://youraccount.myopenid.com/" />
<meta http-equiv="X-XRDS-Location"
content="http://www.myopenid.com/xrds?username=youraccount.myopenid.com" />
These fragments allow an OpenID consumer site (such as my blog) to discover your identity provider and your identity with that provider. They can then initiate authentication using those credentials but then retain your original URL as your identity. This is nice because your URL is more meaningful than the various identity endpoint URLs from the providers, and also nice because you can easily switch out to a different provider if it takes your fancy.
This delegation mechanism relies on the consumer being able to parse your web page to locate those elements. Sometimes you may not be able to control some of the content on your page, so it may not be successfully parsed. You can avoid that issue by explicitly sending X-XRDS-Location and X-YADIS-Location headers, either in your PHP script, or by some magic in your httpd.conf.
Another trick is to redirect to your yadis file if the client indicates that it is looking for it:
RewriteCond %{HTTP_ACCEPT} application/xrds\\+xml
RewriteCond %{HTTP_ACCEPT} !application/xrds\\+xml\\s*;\\s*q\\s*=\\s*0(\\.0{1,3})?\\s*(,|$)
RewriteRule ^$ http://netevil.org/yadis.xrdf [R,L]
(I think I borrowed this from Sam Ruby, or maybe it was Simon Willison).
What's in the yadis file? You can read all about it on openidenabled.com. Here's mine:
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
xmlns:xrds="xri://$xrds"
xmlns:openid="http://openid.net/xmlns/1.0"
xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="5">
<Type>http://openid.net/signon/1.1</Type>
<URI>https://api.screenname.aol.com/auth/openidServer</URI>
<openid:Delegate>http://openid.aol.com/wezfurlong</openid:Delegate>
</Service>
<Service priority="10">
<Type>http://openid.net/signon/1.1</Type>
<Type>http://openid.net/sreg/1.0</Type>
<URI>https://pip.verisignlabs.com/server</URI>
<openid:Delegate>http://wezfurlong.pip.verisignlabs.com/</openid:Delegate>
</Service>
<Service priority="20">
<Type>http://openid.net/signon/1.0</Type>
<Type>http://openid.net/sreg/1.0</Type>
<URI>https://pip.verisignlabs.com/server</URI>
<openid:Delegate>http://wezfurlong.pip.verisignlabs.com/</openid:Delegate>
</Service>
</XRD>
</xrds:XRDS>
This yadis file says that I prefer to use AOL (its priority value is lower than the others) and then VeriSign PIP, preferring OpenID version 1.1 over version 1.0.
If you're using only one provider, you can just use their yadis URI rather than setting up your own (that's what those http-equiv meta elements are doing in my examples above).