23rd August, 2007
sk.fan & The Wedding
Thursday, 11:14 am in CodeGirl
As some of you may know, I had a brief interest in running fanlistings at one point in time. When I set them up, the only available script was phpFanBase, but one look at the code convinced me I’d rather be caught dead than use it on my site (luckily for me), so I re-wrote it. I remember at the time being absolutely scandalised that there were no functions in the original code, so most of the edits went into the back-end; I kept most of the front-end, particularly the admin panel1. When I was done, I renamed by bastardised script phpFanBase REDUX and then didn’t think much about it for the next three years.
Now, at the time I used a quick-and-dirty 403 hack to add password protection to the admin panel. I don’t remember what my reasoning for this was at the time2, but at some point in the intervening years it broke and I couldn’t be arsed finding out why. For ages I did my site admin ‘raw’ via phpMyAdmin. By the time this had happened, several other fanlist management sites had appeared, but after some investigation I decided I didn’t particularly like them. I found Enth3 too heavy and needlessly confusing. BellaBuffs turned me off by being based on flat-files. So the other day I rolled up my sleeves and put my own script back into an appropriately working state.
For the lulz, I’ve decided to release the end result as sk.fan. It fills a hole in between the two ‘big name’ scripts in this space by being extremely lightweight in comparison. Yes, this means it doesn’t have things like code upload and management, and doesn’t organise your joined fanlistings, but… meh. Works for me! Might work for you, too.
So yes, for those of you who missed it, ~Mat [h] and I got married on the 11th. The ceremony was very small; 13 people in a private room at The Ottoman. We ate posh food and drank posh wine and it was an all-round great night apart from the fact that I’d put my back out earlier in the afternoon while putting on my boots. No, I am not kidding; it was that old back twinge from the car crash I thought I’d gotten rid of. But no, it was back with a vengeance. I’d gone to see Die Hard 4.0 the night before, so when the pain hit I asked myself “What would Bruce Willis do?” and limped around for three scenes then put a band-aid on my nose (trufax).
Anyway, the next day we flew down to Melbourne for the week for our honeymoon. The plane tripe was decidedly uncomfortable, but that night in the hotel I managed to fix my back by accidentally kicking one of those metal stand things you put suitcases on. Hard. It crunched.
And you know how usually when you stub your toe you kind of hop around for a minute feeling stupid then get over it? Yeah. No; I couldn’t walk. Which of course felt so fucking dumb because, Jesus Dee, you just stubbed your toe; stop whinging. The next day, the whole thing came up purple and stayed like that for the rest of the week. I felt all the bones, but none of them hurt to touch so I assume that means I didn’t actually break anything I (justify not going to a doctor to get a x-ray by saying that, even if I was fractured, there’s not a hell of a lot they can do for a toe-bone anyway). Conveniently, I was walking in a new pair of Chucks at the time. Now, the thing about Chucks is that they’re very long, narrow shoes; not a good combination at all when you’ve just destroyed your little toe. So we went out and bought me some ugg boots from the Target in Chinatown. As I type this I’m still wearing one Chuck and one (now extremely filthy) ugg boot; their pairs are still sitting together at home in pristine, near-new condition.
Anyway, asides from that it was a good week, mostly involving shopping and lazing about the hotel room watching American Chopper. And also some crazy show about an ex-SAS guy parachuting into wilderness areas and eating zebra carcasses. A nice break from the frantic panic of the previous fortnight (getting both the wedding and the house purchase organised), despite the constant, agonizing pain.3
Oh, and I caught the wrong direction of tram trying to get out to the Ministry of Style again. West Preston, Dee; you want to catch the 112 to West Preston.
- I have a pathological hatred of writing admin features. ^
- Probably my pathological hatred of dealing with from data. ^
- I never realised limping was such hard work. Whenever we’re in Melbourne we pretty much walk everywhere, and this was amazingly hard going; especially on top of the still-healing back injury (which manifests itself as stiffness running down my right side from the small of my back to my knee). ^
- « Previous
- Next »
Related Posts
Comments
-
I might give sk.fan a go! I got approved for my second fanlisting recently and I was going to give BellaBuffs a go. Why do you think flat files are bad, or is just a personal preference? Flat files really work for me in that I don’t have to bother with databases and stuff, just simple text files.
And yay for low-key weddings!
I’m glad to hear you had fun! Sorry to hear about your toe though! -
Why do you think flat files are bad, or is just a personal preference?
Yes and no. I think like most everyone who was taught C/++ and/or Perl in an institutionalised environment, I would rather gouge my eyes out with spoons than parse another file. There are so many irritating gotchas with file parsing, usually around the field delimiter character and the potential for what for what of a better word I’m going to call buffer overflow.
For example, say I decide to use a comma as a field delimiter (a CSV file). So my data looks like:
name1,email1,this is the user's comment
name2,email2,this is a second commentNow, if my file data comes from user input I have to be really careful to sanitise it properly: What happens if a user puts a comma in their name? What happens if a user fills a field with a thousand bytes of rubbish? Et cetera, Et cetera. From a coding perspective there are just so many more potential failure points than working with a database. This is especially true in the PHP/MySQL context, since the interface is relatively robust and mind-numbingly simple; PHP was explicitly designed to work with MySQL as its primary data source, so I just think it’s nuts not to take advantage of it (as opposed to, for example, a language like Perl or Python which were specifically designed to use flat files and can be a massive PITA to connect to anything else).
Do I think flat-file scripts are bad? Again; yes and no. It depends on how they’re coded; a well-coded flat-file script is probably not actually any worse than a well-coded database-driven script. However, with that being said, like I mentioned above there are a lot more potential failure points, and the potential failures are more serious. If someone injects your database about the worst that can happen is they can
DROPthe table, or maybe retrieve everyone’s password hash (because you’re not storing them as plain text; right… right). On the other hand, if you flat-text files bork up you’re in the situation where you’re not dealing with a restricted environment (like the database); you’re dealing with the operating system. I have to say that in, like, nine years of having a website, I’ve only ever had one SQL injection attack (someoneTRUNCATE‘d all the data out of an oekaki board); the vast majority of scripts I’ve had fail have done so due to file manipulation exploits.So, no; I don’t like them and I don’t write them myself.
-
Oooh I see… but for example, if you use commas to ad delimiters, can’t you stop people from putting in commas in the actual form? For example, there are some forms I’ve encountered that only allow alphanumeric characters and no symbols. I don’t know how to go about setting that up though.
-
can’t you stop people from putting in commas in the actual form?
Yes, you can. The easiest way is with a regexp in the back-end code; I actually have a whole generic function library I pull from script to script to do this kind of cleaning.
But the point here is that you have to remember to do it (and if you forget, your data potentially gets corrupted), as opposed to using a database, where you don’t have to worry so much. Depending on what your script does, it can also be a bit irritatingly arbitrary. Imagine – for example – I was using flat-files for sk.log; no matter what delimiter I picked (comma, pipe, colon, tab, et al), someone would invariably want to use it in a comment. Telling someone, “No, sorry, you can’t have commas in your post because I use them as a data field delimiter” is going to annoy them.
Of course, there are ways around this (the ‘easiest’ would be to use an XML flat-file database; but then you’ve got the added complication of having to write an XML parser) because there are ways around everything. I dunno, I think flat files are fine if you’re using very regular, very predictable, short-text or number data fields. But for complex data (i.e. full-text) or anything that requires joining, filtering or arithmetic I much, much prefer databases.
-
Flat files
The only true advantage of flat files is speed, blistering asskicking speed. If you don’t need performance, there is no reason to re invent the wheel - used a DB (and remember to patch it).
-
Does the speed thing hold true even if you’re doing the equivalent of relational joining? I’m just guessing, but it would seem that it doesn’t; since with a DB it’s the DB itself that is performing the indexing and joining (and is optimised to do so), whereas if you’re working with flat files it’s your script that needs to do all that processing.
… though I suppose the solution would be don’t use flat files for relational data.
[b]Edit
/b] And just following on from the speed issue; at the complexity level of scripts that we’re talking about it’s pretty much a moot point anyway. Your visitors are not going to notice the difference between something that takes 0.04 seconds to execute and one that takes 0.004. -
well speed doesn’t really apply to any scripting language, what I’m talking about is compiled C or similar languages dealing with highly optimised flat files. The “one size fits all” nature of DB’s makes them incredibly slow at a lot of low level stuff as they implement a whole lot of checking and extraneous features that you probably won’t need.
-
Ah, compiled stuff; yeah. That’s different.
