xml

introduction
the extensible markup language (xml) is a general-purpose specification for creating custom markup languages. it is classified as an extensible language, because it allows the user to define the mark-up elements. xml’s purpose is to aid information systems in sharing structured data, especially via the internet, to encode documents, and to serialize data; in the last context, it compares with text-based serialization languages such as json and yaml.
Continue reading »

mysql

introduction
mysql is a relational database management system (rdbms) which has more than 11 million installations. the program runs as a server providing multi-user access to a number of databases.

mysql is owned and sponsored by a single for-profit firm, the swedish company mysql ab, now a subsidiary of sun microsystems, which holds the copyright to most of the codebase. the project’s source code is available under terms of the , as well as under a variety of proprietary agreements.

“mysql” is officially pronounced /maɪˌɛskjuːˈɛl/ (my s q l), not “my sequel” /maɪˈsiːkwəl/. this adheres to the official ansi pronunciation; sequel was an earlier ibm database language, a predecessor to the sql language. the company does not take issue with the pronunciation “my sequel” or other local variations

uses
mysql is popular for web applications and acts as the database component of the lamp, bamp, mamp, and wamp platforms (linux/bsd/mac/windows-apache-mysql-/perl/python), and for bug tracking tools like bugzilla. its popularity for use with web applications is closely tied to the popularity of and ruby on rails, which are often combined with mysql. and mysql are essential components for running popular content management systems such as expression engine, drupal, e107, joomla!, wordpress and some bittorrent trackers. wikipedia runs on mediawiki software, which is written in and uses a mysql database. several high-traffic web sites use mysql for its data storage and logging of user data, including flickr, facebook, wikipedia, google, nokia and youtube.

platforms and interfaces
mysql is written in c and c++. the sql parser uses yacc and a home-brewed lexer.

mysql works on many different system platforms, including aix, bsdi, freebsd, hp-ux, i5/os, linux, mac os x, netbsd, novell netware, openbsd, ecomstation , os/2 warp, qnx, irix, solaris, symbian, sunos, sco openserver, sco unixware, sanos, tru64, windows 95, windows 98, windows me, windows nt, windows 2000, windows xp, and windows vista. a port of mysql to openvms is also available.

libraries for accessing mysql databases are available in all major programming languages with language-specific apis. in addition, an odbc interface called myodbc allows additional programming languages that support the odbc interface to communicate with a mysql database, such as asp or coldfusion. the mysql server and official libraries are mostly implemented in ansi c/ansi c++.

to administer mysql databases one can use the included command-line tool (commands: mysql and mysqladmin). also downloadable from the mysql site are gui administration tools: mysql administrator and mysql query browser. both of the gui tools are now included in one package called tools/5.0.html mysql gui tools.

in addition to the above-mentioned tools developed by mysql ab, there are several other commercial and non-commercial tools available. examples include phpmyadmin, a free web-based administration interface implemented in php, and navicat lite edition, a free desktop based gui tool.

javascript

introduction
javascript is a scripting language widely used for client-side web development. it was the originating dialect of the ecmascript standard. it is a dynamic, weakly typed, prototype-based language with first-class functions. javascript was influenced by many languages and was designed to look like java, but be easier for non-programmers to work with.

although best known for its use in websites (as client-side javascript), javascript is also used to enable scripting access to objects embedded in other applications (see below).

javascript, despite the name, is essentially unrelated to the java programming language, although both have the common c syntax, and javascript copies many java names and naming conventions. the language’s name is the result of a co-marketing deal between netscape and sun, in exchange for netscape bundling sun’s java runtime with their then-dominant browser. the key design principles within javascript are inherited from the self and scheme programming languages.

“javascript” is a trademark of sun microsystems. it was used under license for technology invented and implemented by netscape communications and current entities such as the mozilla foundation.

history and naming
javascript was originally developed by brendan eich of netscape under the name mocha, which was later renamed to livescript, and finally to javascript. the change of name from livescript to javascript roughly coincided with netscape adding support for java technology in its netscape navigator web browser. javascript was first introduced and deployed in the netscape browser version 2.0b3 in december 1995. the naming has caused confusion, giving the impression that the language is a spin-off of java, and it has been characterized by many as a marketing ploy by netscape to give javascript the cachet of what was then the hot new web-programming language.

microsoft named its dialect of the language jscript to avoid trademark issues. jscript was first supported in internet explorer version 3.0, released in august 1996, and it included y2k-compliant date functions, unlike those based on java.util.date in javascript at the time. the dialects are perceived to be so similar that the terms “javascript” and “jscript” are often used interchangeably (including in this article). microsoft, however, notes dozens of ways in which jscript is not ecma compliant.

netscape submitted javascript to ecma international for standardization resulting in the standardized version named ecmascript.

main uses
the primary use of javascript is to write functions that are embedded in or included from html pages and interact with the document object model (dom) of the page. some simple examples of this usage are:

• opening or popping up a new window with programmatic control over the size, position, and attributes of the new window (i.e. whether the menus, toolbars, etc. are visible).
• validation of web form input values to make sure that they will be accepted before they are submitted to the server.
• changing images as the mouse cursor moves over them: this effect is often used to draw the user’s attention to important links displayed as graphical elements.

because javascript code can run locally in a user’s browser (rather than on a remote server) it can respond to user actions quickly, making an application feel more responsive. furthermore, javascript code can detect user actions which html alone cannot, such as individual keystrokes. applications such as gmail take advantage of this: much of the user-interface logic is written in javascript, and javascript dispatches requests for information (such as the content of an e-mail message) to the server. the wider trend of ajax programming similarly exploits this strength.

a javascript engine (also known as javascript interpreter or javascript implementation) is an interpreter that interprets javascript source code and executes the script accordingly. the first ever javascript engine was created by brendan eich at netscape communications corporation, for the netscape navigator web browser. the engine, code-named spidermonkey, is implemented in c. it has since been updated (in javascript 1.5) to conform to ecma-262 edition 3. the rhino engine, created primarily by norris boyd (also at netscape) is a javascript implementation in java. rhino, like spidermonkey, is ecma-262 edition 3 compliant.

the most common host environment for javascript is by far a web browser. web browsers typically use the public api to create “host objects” responsible for reflecting the dom into javascript. the web server is another common application of the engine. a javascript webserver would expose host objects representing an http request and response objects, which a javascript program could then manipulate to dynamically generate web pages.

things to consider
the dom interfaces for manipulating web pages are not part of the ecmascript standard, or of javascript itself. officially, they are defined by a separate standardization effort by the w3c; in practice, browser implementations differ from the standards and from each other, and not all browsers execute javascript.

to deal with these differences, javascript authors can attempt to write standards-compliant code which will also be executed correctly by most browsers; failing that, they can write code that checks for the presence of certain browser features and behaves differently if they are not available. in some cases, two browsers may both implement a feature but with different behavior, and authors may find it practical to detect what browser is running and change their script’s behavior to match. programmers may also use libraries or toolkits which take browser differences into account.

security
javascript and the dom provide the potential for malicious authors to deliver scripts to run on a client computer via the web. browser authors contain this risk using two restrictions. first, scripts run in a sandbox in which they can only perform web-related actions, not general-purpose programming tasks like creating files. second, scripts are constrained by the same origin policy: scripts from one web site do not have access to information such as usernames, passwords, or cookies sent to another site. most javascript-related security bugs are breaches of either the same origin policy or the sandbox.

one common javascript-related security problem is cross-site scripting, or xss, a violation of the same-origin policy. xss vulnerabilities occur when an attacker is able to cause a trusted web site, such as an online banking website, to include a malicious script in the webpage presented to a victim. the script in this example can then access the banking application with the privileges of the victim, potentially disclosing secret information or transferring money without the victim’s authorization.

xss vulnerabilities can also occur because of implementation mistakes by browser authors.

xss is related to cross-site request forgery or xsrf. in xsrf one website causes a victim’s browser to generate fraudulent requests to another site with the victim’s legitimate http cookies attached to the request.

ajax

introduction
ajax (asynchronous and xml) is a group of interrelated web development techniques used for creating interactive web applications or rich internet applications. with ajax, web applications can retrieve data from the server asynchronously in the background without interfering with the display and behavior of the existing page. data is retrieved using the object or through the use of remote scripting in browsers that do not support it. despite the name, the use of and xml is not required, and they do not have to be used asynchronously.
Continue reading »

php

introduction
php is a scripting language originally designed for producing dynamic web pages. it has evolved to include a command line interface capability and can be used in standalone graphical applications.

while php was originally created by rasmus lerdorf in 1995, the main implementation of php is now produced by the php group and serves as the de facto standard for php as there is no formal specification. php is free software released under the php license, however it is incompatible with the glp due to restrictions on the usage of the term php.

php is a widely-used general-purpose scripting language that is especially suited for web development and can be embedded into html. it generally runs on a web server, taking php code as its input and creating web pages as output. it can be deployed on most web servers and on almost every operating system and platform free of charge. php is installed on more than 20 million websites and 1 million web servers. the most recent major release of php was version 5.2.6 on May 1, 2008.

history
php originally stood for personal home page. it began in 1994 as a set of common gateway interface binaries written in the c programming language by the danish/greenlandic programmer rasmus lerdorf. lerdorf initially created these personal home page tools to replace a small set of perl scripts he had been using to maintain his personal homepage. the tools were used to perform tasks such as displaying his resume and recording how much traffic his page was receiving. he combined these binaries with his form interpreter to create php/fi, which had more functionality. php/fi included a larger implementation for the c programming language and could communicate with databases, enabling the building of simple, dynamic web applications. lerdorf released php publicly on june 8, 1995 to accelerate bug location and improve the code. this release was named php version 2 and already had the basic functionality that php has today. this included perl-like variables, form handling, and the ability to embed html. the syntax was similar to Perl but was more limited, simpler, and less consistent.

zeev suraski and andi gutmans, two israeli developers at the technion iit, rewrote the parser in 1997 and formed the base of php 3, changing the language’s name to the recursive initialism php: hypertext preprocessor. the development team officially released php/fi 2 in n1997 after months of beta testing. afterwards, public testing of php 3 began, and the official launch came in june 1998. suraski and gutmans then started a new rewrite of php’s core, producing the zend engine in 1999. they also founded zend technologies in ramat gan, israel.

on may 22, 2000, php 4, powered by the zend engine 1.0, was released. on July 13, 2004, php 5 was released, powered by the new zend engine II. php 5 included new features such as improved support for object-oriented programming, the php data objects extension (which defines a lightweight and consistent interface for accessing databases), and numerous performance enhancements. the most recent update released by the php group is for the older php version 4 code branch. as of august, 2008 this branch is up to version 4.4.9. php 4 is no longer under development nor will any security updates be released.

in 2008, php 5 became the only stable version under development. late static binding has been missing from php and will be added in version 5.3. php 6 is under development alongside php 5. major changes include the removal of register_globals, magic quotes, and safe mode.

php does not have complete native support for unicode or multibyte strings; unicode support will be included in php 6. many high profile open source projects ceased to support php 4 in new code as of february 5, 2008, due to the gophp5 initiative, provided by a consortium of php developers promoting the transition from php 4 to php 5.

it runs in both 32-bit and 64-bit environments, but on windows the only official distribution is 32-bit, requiring windows 32-bit compatibility mode to be enabled while using iis in a 64-bit windows environment. there is a third-party distribution available for 64-bit windows.

usage
php is a general-purpose scripting language that is especially suited for web development. php generally runs on a web server, taking php code as its input and creating web pages as output. it can also be used for command-line scripting and client-side gui applications. php can be deployed on most web servers, many operating systems and platforms, and can be used with many relational database management systems. it is available free of charge, and the php group provides the complete source code for users to build, customize and extend for their own use.

php primarily acts as a filter, taking input from a file or stream containing text and/or php instructions and outputs another stream of data; most commonly the output will be html. it can automatically detect the language of the user. from php 4, the php parser compiles input to produce bytecode for processing by the zend engine, giving improved performance over its interpreter predecessor.

originally designed to create dynamic web pages, php’s principal focus is server-side scripting, and it is similar to other server-side scripting languages that provide dynamic content from a web server to a client, such as mcrosoft’s asp.net system, sun microsystems’ jsp, and mod_perl. php has also attracted the development of many frameworks that provide building blocks and a design structure to promote rapid application development (rad). some of these include cakephp, prado, symfony and zend framework, offering features similar to other web application frameworks.

the lamp architecture has become popular in the web industry as a way of deploying web applications. php is commonly used as the ‘p’ in this bundle alongside linux, apache and mysql, although the ‘p’ may also refer to python or perl.

as of april 2007, over 20 million internet domains were hosted on servers with php installed, and php was recorded as the most popular apache module. significant websites are written in php including the user-facing portion of facebook, wikipedia (mediawiki), yahoo!, myyearbook, and tagged.

gnu general public license

GNU GENERAL PUBLIC LICENSE

Version 3, 29 June 2007

Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Continue reading »

what is ‘open source’

introduction
open source doesn’t just mean access to the source code. the distribution terms of open-source software must comply with the following criteria:
Continue reading »