PHP

Often there is the situation where you serve multiple top level domains with one software / hosting package. Because a lot of providers map all subdomains to the same virtual host often the problem of duplicate content arises.

So I tried to find rewrite rules for mod_rewrite to solve this problem.

As a base I used the example provided the mod_rewrite documentation:
http://httpd.apache.org/docs/2.0/rewrite/rewrite_guide.html#canonicalhost

RewriteCond %{HTTP_HOST} !^fully\.qualified\.domain\.name [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://fully.qualified.domain.name/$1 [L,R]

But with this example it was only possible to redirect one domain. But I have several domains on my hosting and I want to redirect all of them to the correct www subdomain:

RewriteCond %{HTTP_HOST} !^www\.(.*)$
RewriteCond %{HTTP_HOST} ^([a-zA-Z0-9\-]+\.)?([a-zA-Z0-9\-]+)\.([a-zA-Z]+)$
RewriteRule ^(.*) http://www.%2.%3/$1 [NS,R=301,L]

... or why a search engine indexing bot makes 160 000 incorrect requests within 48 hours.

China has implemented their own answer to Google. The search engine is called: Qihoo.com. The are some major differences to Google. The first thing I noticed was, that I cannot read chinese websites..... that´s bad....

But there is major problem with Qihoo.com. I noticed in the statistics of our project www.fertighaus.biz and www.mba-studium.info that we had about 160.000 requests all bringing up a 404 error. After some research in the log files, resolving the ip and using the better search engine Google I found out that the requests came from the Qihoo Bot. After some research using again Google I found statements from various web masters that this bot is working like a Zombie. It does not react on 404 errors either it reacts on 403 errors and it also does not take robots.txt file into account. Furthermore it makes several requests per second which can cause serious performance problems on small hostings. The bot is officially declared as "beta". But if this is the chinese definition of beta I will never ever use their beta products.

In our particular situation we had the problem that our error reporting was a little bit to exhaustive. We are using a front controller answering all request to the domain. Because we are using mod_rewrite our front controller inspects every request. For the wrong requests in made log statements to our application log and during two days the log files filled up our whole web space and the application was not able to create new sessions. This caused our application to malfunction.

Now I just blocked the IP addresses of the Qihoo.com. I really have no interest to be listed on chinese search engines. I used .htaccess and mod_access for it:

order allow,deny
deny from 220.181
allow from all

The most interesting references on the web are:
Qihoo - oder wehe wenn China Google ablösen will
Wenn ein chinesischer Crawler selbständig wird

I just read on Ajaxian that Symfony 1.0 beta is out. This is a great MVC framework for PHP. It is based on the ideas of ROR and combines it with the big benefits of PHP and its ease of development. I think I have to plan some time to upgrade my projects to the new version! Great work! Go on!

Currently I am planning for an upcoming project and I am about to choose the technology stack to use. I know that there are a lot of possibilities out there. Luckily I already decided not to learn completely new things. So at least I cannot exclude things like Perl, Ruby on Rails, .NET + Atlas, Zope and other stuff from my evaluation.

I am quite familiar with the worlds of JAVA and PHP. So I consider these two as possible candidates. But it also makes a big difference, which frameworks on top of these environments to use. This is the point where it gets really complicated.

Of course there is already a huge amount of information and comparison about these two technologies available. But you have to be very carefully when reading this material because in a lot of situations it is some sort of a religious war between both of them. But I do not want to make religious decisions. I want to be pragmatic. That’s why I will try to make a short competition for myself to find out which one is more productive for me.

The candidates:

Option 1) PHP5 with Symfony for MVC without a template engine. Propel as ORM. Not sure which AJAX toolkit to use. Research must be done here.

Option 2) JAVA with Hibernate and Spring and SpringMVC + WebFlow. Plain JSP with JSP 2.0 Taglib as View Helper. SiteMesh for page decoration. DWR for AJAX remoting.

Option 3) Grails (Groovy + JAVA) with Grails View Technology

It was quite easy to choose the PHP stuff because Symfony is the most exciting and productive MVC framework I ever saw for PHP. It solves a lot of day-to-day real style problems in a comfortable and well designed way. Allthough it still has its issues I am looking forward that they will disappear when Symfony gets more mature and its heading to 1.0 version.

To choose a framework in Java is much more difficult because there are a lot of possiblites and a lot of mature frameworks. The frameworks which come to mind first are typically Struts and JSF. Both are inadequate from my point of view. Struts is too much work in terms of configuration and XML wiring. Additionally I absolutely do not like the form bean stuff. Java Server Faces (JSF) is well suited for big back office solutions where you want to make reuse of widgets and where you have massive reuse of widgets. But JSF has to less flexibility. It does too much of the web staff for you. It makes it extremely difficult two build SEO optimized pages. It has big troubles with a GET requests. Components development is awful. So all JSF based frameworks like JBoss SEAM, Oracle ADF, … are out of scope too.

I choose Spring and Hibernate because they are some sort of well-known best practices. I like SpringMVC because it tightly integrates the IOC approach and is very well designed. WebFlow might help us with out wizards a lot. I want to use JSP because I like well introduced technologies with a lot of resources on the net (for example compared to Velocity). The tag libraries as view helper are a very clean and useful approach. Especially with JSP2.0 they get much less painful to implement, because you can use JSP to implement tags which make work much more comfortable.

The third option was chosen because it is the most similar based development approach on the JAVA platform compared to Ruby on Rails and Symfony at PHP. Ruby on Rails always gets extremely good feedback from the developer community. So I would like to see, if this approach is useful on the JAVA platform two. Grails itself is built on top of my personal Option 2 technology stack. So it will also be interesting which value the added compared to using the underlying technology.

The Procedure

I will set up a test use case, which has database connection and must do some emailing. The test case will consist of a multi step wizard and there must be various input including date / time done. The use case must be realized for two locales. Automated tests must be written on the service and action layer. The db schema must be the same for all. I will invest 2 days of development on each option. Afterwards I will collect results in a criteria catalogue. I am really looking forward to the results. Of course I will post them.

So there is only one big question left:
When do I have time to spend 6 days for doing the comparison? Perhaps at X-mas or New Year time? Arrrggg…. a day should have more than 24 hours.

As I started my blogging I really wanted to post nice positive messages. But this week I only have to struggle with strange bugs, spammers and other bad things. Today it was IE again, which had some nice surprising things for me.

Since the relaunch of Fachhochschulen.info I am using moo.tools and rounded corners based on Transcorners. I got the new design done and everything was fine. But as time goes by I got more and more reports from my customer, that the page is awful slow. In the first I had no idea how this could be – espacailly because the last relaunch was primarily an layout enhancement. But then I got a report that IE is trying to load more and more elements. After some staying on the page, IE reported that it want to load more than 200 elements.



After some research on the web I learned, that IE is not caching images and other resources when they are inserted using javascript. Because Transcorners is producing a lot of dom elements which a background image set and we are using a lot of rounded boxes the number of elements which IE wanted to load increased and increased. After a look into our usage statistics I also found that the number of requests grew by a factor of 10-15 since I put the new design online. But the number of visits and the number of page views kept quite the same. So the problem was found.

Now I knew what to ask Prof. Google. After some search, I also found the solution. It is possible to set an HTTP Expires header and than IE magically is using his own cache. The easiest way to do this, is using a module from the Apache HTTPD and putting the following code into my .htaccess:

BrowserMatch "MSIE" brokenvary=1
BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
BrowserMatch "Opera" !brokenvary
SetEnvIf brokenvary 1 force-no-vary

ExpiresActive On
ExpiresDefault A18000
ExpiresByType image/gif A86400

More details about the solution can be found here. There are also various other pages discussing this problem.

First I thought I should talk a little bit about myself. But on the other hand, there already this sort of information available on my webpage. On the other hand you can also find me at OpenBC. So I think it is not worth to talk that much about me. Just follow my writing and you will find out yourself.

So I am concentrating on the things which really concerned me today. First of all the spammers: they found our contact form in the postgraduate portal and started sending automated email to our customers. So I had to build in some sort of s spam filtering mechanism. The first thing I did was making the parsing a little bit harder by setting the forms action tag at runtime using Javascript and Prototype. The second important thing we have done is to check the texts for certain text patterns. If they are occurring we simply stop processing the form and I send a HTTP 500 Internal Server Error back to the client. I hope this confused the bots a little bit so that they are giving up their attacks. But I fear I am too optimistic in this concern. Seems that I should plan some time within the next weeks to build a good protection therefore. But I do not want the user to enter any sort of CHAPTA or stuff like that.

The second issue I had to bother with, is again IE. Of course - as a web developer I am using Firefox. But your customers and visitors are mainly using IE so I have to test all the stuff an IE too. Today we placed a new web banner to the Fachhochschulen.at. The customer wanted a SWF banner and I implemented it the good old way using the object and embedded html elements. But of course IE will not show them, because IE does not activate ActiveX elements like the flash player automatically. But the workaround is not that bad and it is presented by M$ itself. So after all I had fixed that quite easily too.

So lets call it a day – I still have to do some ironing today.

I already thought a while about creating my own blog. I have a lot of thoughts about IT, development and project management in my mind. I would like to share this thoughts and my blog should help me to organize this thoughts better and to formulate them more precise.

So this blog will mostly address IT topics. I will keep personal information rather spare because I like exchanging professional thought more than sharing my private information. But the next entry will address a little more about my person. You also find quite much information about me on my web page at www.schmelzer.cc.

I like reading blogs from other developers like Matt Raible or Michael Stal. But I also regularly read the blogs from my former colleagues Hilli and Wallace. Hopefully I can motivate them, to place a link to my blog. This would be very fine, because sharing my thought with at least some visitors is more exciting than just writing them for my own (-;.

First of all I have to sing a hymn on Serendipity. I downloaded it, put it on my server, started the installation script and everything was done. I like software, which can be installed easily very much. It is one of the most important things especially about Open Source software. The users need fast success or otherwise the will look further for the next project. And there are a lot of projects for nearly every problem you might imagine. I will try to take a look into the source code, too. In this project also Sebastian Bergmann was involved, which is a very good sign for the code quality of the project. But I will comment on that, when I have further insight into it.