Update (August 2007): These are all off the site.

Those of you who are attentive may have noticed a couple things about my blog. First, there's the fact that I have placed google adsense on various pages on my blog. Also, I'm using google analytics to monitor how people are reaching this site and what they're doing when they are here.

Both of these technologies creep me out. In my opinion, they are both somewhere between a threat to privacy to an obnoxious invasion. Both are closed source, and google has become the overwhelming market leader for both contextual text ad publishing as well as google analytics.

Why have I used them?

Play with any webserver long enough, and you'll realize, they aren't all the same.
On one end, you have light webservers that respond to requests for static content off of a disk, and then send it to the user. thttpd is an extreme example of a webserver like this. Others instead will use apache with hardly any modules installed and, if apache 2.x, a worker MPM can be used that enables each process to serve multiple requests.
Well, that's all fine and dandy, but if you're using PHP or some other language you might find that your web applications aren't thread-safe. Suddenly you have concurrency issues, because you'll have two PHP interpreters running inside of the same process, and this can create enough issues where php recommends against it.
So you equip your apache with mod_php and off you go - but now each request for a small static file bogs down a massive apache process. Which is a bummer, because thttpd or even apache could serve the request with far fewer resources.

Found an XSS vulnerability on a website that I won't mention last week. Before the day was out, I was threatened with legal action.

PHP was started as a template engine but it's grown into a full featured language, so much so that for some, keeping logic and presentation separate is a real challenge. That's led to an entire class of "template engines" being implemented on PHP. On one extreme, these engines provide a wholly distinct template markup language that in turn is compiled into PHP - e.g. Smarty. On the other side are contenders like Savant - but the unanswered question is, how do they perform?

I'm working on a blog entry comparing the performance of different templating engines (Smarty, Savant, etc.) and one thing I wanted to do was use http_load to provide data points regarding performance. Trouble is, while http_load kindly provides connection times and first response times means, minimums, and maximums, it doesn't provide a standard deviation. Given that my test environment is a multi-user operating system and other things are running, I am a bit concerned that measurements might contain extra variation because of background processing time.

While not a perfect solution, a good start is getting the standard deviation of measurements. Now, I can compare means with more confidence (ha, ha, a statistics pun) in determining what makes a difference. So, this hack is adding standard deviations to http_load output.

A few weeks ago, I was brought in to help raise the performance of a site running tiki that was under high load.
I saw Rasmus Lerdorf give a very interesting talk on PHP optimization called "Getting Rich with PHP5." In it, he recommends the use of valgrind as a way of holistically profiling a web server running an application. That's a nice way of seeing what's holding you down when you have that luxury, but what can you do when the machine is under heavy load?

Hello everyone! My name is Daniel, and I'm a unix geek and PHP developer. I graduated from Carnegie Mellon University in 2006 with a degree in Political Science and Policy and Management, but during my years there I fell into the web application crowd, doing development for my school's Student Senate.