If any of you read Inc.com you might have already seen this, but for those of you who don’t – read on.

One of the reasons I’m publishing this is to encourage people to lend money to entrepreneurs around the world using Kiva. A second reason is that this is an awesome story out of a country that was probably my favorite place in the entire world to visit.

Cambodia is a war-torn country, and the people still seem to live in daily fear that at any moment the Khmer Rouge could return to destroy and oppress once again. So seeing this glimmer of hope from an entrepreneur in Cambodia really seemed to make my day. And if the fact that this family is able to make $400 per month in their business seems like peanuts to you, remember that most of the population lives off of about $350 per year.

If you’re using CodeIgniter on Mac OS X, and you have a .htaccess file that looks something like this:

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?/$1 [L]

If you’re finding that it doesn’t seem to be working, and you’re getting 404’s when trying to access any controller other than the front controller, you might want to check on your main httpd.conf file to make sure that you don’t have an AllowOverride None that is preventing your .htaccess directives from being executed.

The main apache configuration file on Leopard is here:

/private/etc/apache2/httpd.conf

Hopefully this saves someone a couple of hours and a couple of Tylenol.

It’s a typical story. Dan on a rescue mission, fixing a mess that some clown(s) left behind. PHP. No framework to speak of, riddled with SQL injection holes, a TABLE-based layout – and it doesn’t get any better from there.

For the love of all things holy, why do people have to do stuff like this:

$sql = "SELECT user_id,user_status FROM users WHERE user_name='$username' AND user_password='$p'";
$r = mysql_fetch_assoc(mysql_query($sql));

For the record, $username and $p were just grabbed right out of $_POST.

If you spent 30 seconds to write even a crappy inefficient function to actually do something intelligent, not only would you not have code that’s riddled with SQL injection vulnerabilities (did I mention that this snippet of joy came out of a 3112 line file without a SINGLE comment?), but it might actually make your life easier because your code won’t suck so much – and you can stop repeating yourself.

I’m no 1337 PHP h4×0r, but how about – oh, I don’t know – something like this:

function fetch_associative_array_safely( $array ){
  $sql = $array[0];
  foreach ($array as $index => $value) {
    $sql = str_replace( "?".$index, addslashes($value), $sql );
  }
  return mysql_fetch_assoc( mysql_query( $sql ) );
}

And just execute that bad boy like so:

$r = fetch_associative_array_safely( 
      array( "SELECT user_id, user_status FROM users WHERE user_name='?1' AND user_password='?2'", 
             $username, $p) );

It’s not overly elegant, beautiful or efficient. But I don’t think that really matters. It helps me to not repeat myself, and by golly – at least someone can’t drop tables from my database anymore. It’s a bit Rails-esque, at least as far the the conditions portion of ActiveRecord::Base.find(...).

What do you think? I haven’t done any significant PHP coding in years.

I wanted to make a totally off-of-normal-topics entry regarding what I consider to be the greatest television show of all time.

It just so happens there is a very aptly timed xkcd sort of on the same topic (at least the “I can kill you with my brain” part).

Carly and I have been watching the first (only) season on DVD again, and each and every episode has me bursting forth with some form of “MAN! This is the best TV show EVER!” or another.

It continues to amaze me that Fox pulled this off the air, I’m pretty sure that THAT was a crime against humanity.

Sigh.

Avdi Grim has begun a thought-provoking series surrounding the idea of sustainable software development – specifically targeting Ruby as an example.

With some of the recent discussion surrounding “monkey patching” in Ruby, I think that the timing seems about right, for some serious thought to be given about the long-term effects of maintaining Ruby-based code-bases, should prolific “monkey patching” continue to be used haphazardly by many of the libraries, plugins, gems and other code that makes (sometimes critical?) modifications to the underlying core language classes.

Nick Sieger has crafted a thoughtful response to Avdi, which includes the quote:

[Monkey patching is] still a basic part of the Ruby programming culture, like it or not.

While Nick is totally correct, and Ruby does give you the power to shoot, maim and otherwise pillage and murder yourself in a bazillion different ways – that doesn’t take away the fact that it is still an incredibly powerful, elegant and syntactically beautiful programming language.

At the risk of sounding like a trite broken record (for the 485,000 time), I think that once again it boils down to using and choosing the right tools for the job. If the consequences of Ruby’s dynamism (among whatever other consequences) outweigh the positive benefits that a Ruby solution provides – then choose a different tool.

You can complain about the verbosity of a language like Java all you want (heck, I know I do at times), but I come back to Java sometimes after working with Ruby for a few months, and I’m all of a sudden thankful for strict, static typing, always knowing what I’m gonna get.

What continues to irk me are the folks who seem completely hell-bent that their way is the only One True Way™.

I was in a job interview the other day (company name shall be kept confidential) at a place that does extensive software development in many languages including Java, C, C++, Perl and PHP (at the very least). Near the end of the interview, we were discussing different languages, and I mentioned how sometimes I really enjoy the dynamic typing facet of Ruby, as opposed to the statically typed facet of Java. At this statement, one of the interviewers piped up to tell me that the fact that I enjoyed dynamic typing at times was “the most brain-dead thing” he’d ever heard anyone say.

It seems so strange to me, to be on the receiving end of an insult like that, coming from a company that performs extensive development in PHP (which is not only dynamically typed, but also weakly typed, as opposed to Ruby which is strictly typed).

At any rate, all of that comes to some sort of summary that everyone should already know by now:

1. there is no silver bullet
2. think before you choose your tool/language/whatever
3. don’t hate the unknown simply because it’s unknown
4. don’t call someone brain-dead if they sometimes enjoy a programming language that is dynamically typed, it hurts their feelings
5. read Avdi’s series on sustainable development in Ruby.