What is Larry Thinking? #3 => The End of PHP 4 & Spam, Spam, Spam

August 8, 2007

In this edition…

About this Newsletter

Thanks to those that provided feedback on the previous two newsletters. Your comments really help to make this newsletter useful. Please keep your questions and suggestions coming.

As always, older newsletters are available online and you can also use the corresponding forum to start any discussions.

Some people said the last newsletter was too long and some thought it was fine. I thought it was too long, myself. This one is going to be a bit shorter, just because… My apologies, as well, for how long it’s been since the last one (nearly a month). I’ve been juggling many different projects, including a kitchen remodel, with very little success.

For the next newsletter, I’m going to write up some thoughts on finding good Web hosting, as I’m about to change my host for the nth time. If there’s enough interest, I might discuss some Mac OS X applications that I live and die with, but I’m not sure how many of you are using Mac OS X (statistically, it’s like 5% worldwide).

On the Web => The End of PHP 4

PHP has announced the end of version 4 support. Even though version 5 came out in 2004, only 20% of servers have adopted it. Mostly, I believe, this is because hosting companies stick to the lowest common denominator. PHP 5 will break some code and hosting companies couldn’t afford that risk. I think in part because of this slow adoption and because PHP 6 is right around the corner, the PHP group has said enough on PHP 4. After this year, they won’t release any more versions of PHP 4 except for critical security patches (and you’d hope those have all been found by now). The recommendation is that servers make the move to PHP 5 over the next few months. A migration guide is available in the PHP manual.

Coincidentally, a couple of weeks ago I had to make a decision as to what versions of PHP and MySQL to support in the third edition of my “PHP and MySQL for Dynamic Web Sites”. I also decided to drop coverage of PHP 4 and MySQL 4. Trying to support older versions of these technologies would make less room for information about the newer versions, thereby watering down the book (the current edition will still be sold for PHP 4 users).

What is Larry Thinking => Spam, Spam, Spam

A fair amount of my time lately has been spent dealing with spam. I tried to ignore it for as long as possible, but I was getting like 300 spam messages per day so something had to be done.

The big mistake that I made was publishing my email address on my Web site in literal form. Spambots scour the Web looking for email addresses to harvest. Harvested addresses are then shared or sold, so having the same email address for eight years compounded the problem (like interest, but in a bad way). Some years ago I started using JavaScript to encode the email address. This makes it harder for a bot to see it, but not impossible. As with most security things, harder is better, but not necessarily enough.

Another cause for spam was sending messages to PHP and other newsgroups. These messages are archived online, meaning that all of those addresses are harvestable, too. There’s not much that can be done about this short of using a fake or altered email address in your postings, something like REMOVE-larry-THIS-TOO@example.com. The alteration can’t be too obvious or else the spambot can figure it out. (My forum will not show email addresses by default, in case you were wondering.)

I’m torn on the subject of spam filters. They sound like a good idea but there are two problems. First, some non-spam will get marked as spam, meaning you may never see it, which is very bad. Second, some spam will not be marked as spam (not a big problem, but it leads to situations like where my aunt thought she had really won a Dutch lottery because it wasn’t flagged as spam, yikes!). In the end, I have my server and mail client put everything they think is spam in a special folder, then look through it manually. There’s no spam filter as accurate as a person.

To cut down on the spam, I had to delete my older email addresses. A minor inconvenience but well worth it. To avoid getting spam through my new address, I’ve posted my email address as an image on my Web site. Spambots could theoretically read the image but that’s unlikely as the image is not given an obvious name. I also don’t use an A HREF=”mailto:…”, which would be just as bad as having the email address as text. This means that people have to manually type in the address to send me a message but so be it. The thing to be aware of with using the image technique is that text-based browsers can’t read the email (this would include the seeing-impaired). To compensate for that, I use an ALT attribute on the image with some descriptive, but not harvestable, text, like “my first name at this Web site”.

While I never thought getting 2,000 spam emails a week was unbearable, I am breathing easier now!

Book Giveaway Update

I have the following translations available to whomever wants them:

  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 2nd Edition (Romanian)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 2nd Edition (Romanian)
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 2nd Edition (Polish)
  • C++ Programming: Visual QuickStart Guide (Polish)
  • PHP Advanced Programming for the World Wide Web: Visual QuickPro Guide – 1st Edition (Polish)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 2nd Edition (Polish)
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 1st Edition (French)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 1st Edition (French)
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 1st Edition (Traditional Chinese)
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 1st Edition (Czechoslovakian)
  • C Programming: Visual QuickStart Guide (Croatian)
  • MySQL: Visual QuickStart Guide – 1st Edition (Russian)
  • MySQL: Visual QuickStart Guide – 1st Edition (Spanish)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 2nd Edition (Dutch)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 1st Edition (Dutch)
  • PHP Programming for the World Wide Web: Visual QuickStart Guide – 1st Edition (Swedish)

If you are interested in and could use any of these books, reply to this email with your shipping information and the book(s) you’d like. I’ll give them away on a first-come-first-served basis (there are about 25 total copies available). If you’re located in the US, I’ll ask you to pay $5 (US) for shipping and handling. If you’re in Canada, it’d be $8 (US) S&H. Anywhere else, it’ll be $10 (US) S&H (I’ll cover the rest of the expense).

Since there are not too many subscribers yet, I’m going to try, as an experiment, the same kind of giveaway for English language books. Here’s what I have:

  • MySQL: Visual QuickStart Guide – 2nd Edition
  • PHP 5 Advanced: Visual QuickPro Guide – 2nd Edition
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 2nd Edition
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide – 1st Edition
  • PHP for the World Wide Web: Visual QuickStart Guide – 2nd Edition
  • C Programming: Visual QuickStart Guide
  • Mac OS X Tiger Timesaving Techniques for Dummies

If you are interested in one of these books, reply to this email with your shipping information and the book you’d like. I only have 18 copies total of these and will give them away on first-proper-email-received-first-served basis. The same S&H rules apply as stated above. Please only email me once regarding the book you want. I’ll try to reply and handle all this as expediently as possible.

My Book News

Not too much to report this week. I’ve finalized the table of contents for the third edition of my “PHP and MySQL for Dynamic Web Sites”. I’m thinking of doing a fourth example chapter (the current edition has three examples: content management, user registration/login, and e-commerce). If there’s a particular example you’d like to see written up as a full-fledged chapter, please let me know. I’m going to start writing the actual book in the next week or so. I’m still working on the Adobe AIR book (more on that in future newsletters) and just finished a last-minute appendix for the Ajax book, adding some good information to fill out the pages.