Author: Manuel Lemos
Last month viewers: 3
YUI Development Stopped (3:33)
Writing to Page Document Asynchronously with Postscribe (5:59)
Six reasons to define constructors with only one argument (14:16)
MySQL HTTP plugin (34:04)
Download Size: 39MB Listeners: 2156
Introduction music: Riviera by Ernani Joppert, São Paulo, Brazil
Note that the timestamps below in the transcript may not match the same positions in the video because they were based on the audio timestamps and the audio was compacted to truncate silence periods.
- Writing to Page Document Asynchronously with Postscribe
Arturs Sosins: Yeah, do I look like that, at this time?
Manuel Lemos: Well, I assume that was the case because we are not used to record this earlier. But it's OK, it's always interesting. So, Arturs, how are you doing?
Arturs Sosins: Oh, OK.
Manuel Lemos: Well, well, well, that's fine. So you are working as an employee? Or are you a founder or something?
Arturs Sosins: No. I was involved in another startup, and that startup closed. That was like my main job for the most time, and that startup had a relation with this startup. So this new account kind of employed me. So currently, I'm working for them.
Manuel Lemos: So you are not a founder or a partner?
Arturs Sosins: No, it was founded more than a year ago, I think.
Manuel Lemos: So, you are just being paid to work there, I suppose.
Arturs Sosins: Yeah.
Manuel Lemos: OK, that's fine. So I suppose the next time, probably we'll have some Node.js components submitted by somebody from Latvia, right?
Arturs Sosins: It could be quite tricky, because you know what they say about apps: there is an app for that. Then now, while looking at technologies, there almost... For every needs that there is, there is node package for that. So it's hard to find a niche where I would like to create something new, but I'll try.
Manuel Lemos: Well, for instance, for JSClasses, it has to be innovative, where it just matters is that there is no other package in there that's the same over there. So it would it still count.
As a matter of fact, the Node.js packages are just a minority right now, but that could always change in the future. But, OK, let's see if you can bring something new that you can check from your work.
YUI Development Stopped (3:33)
Personally, I think I never tried it in practice other than looking at examples and such, but I know people that have been using it a lot. Although over time, libraries such as JQuery sort of obfuscated other libraries like YUI that used to be more popular in the past.
Arturs, did you manage to try at least YUI somehow?
Arturs Sosins: Fortunately not. And now, probably, I even don't know what it is exactly. I know basically all Yahoo! is built on it. There is a lot of YUI underneath, but I haven't looked and tried it.
And focus is changing to that new direction, new approach and there has been less and less commits or contribution from external developers to YUI. And basically, that's why they will stop working on it.
Manuel Lemos: I think since people were not really using it much nowadays, that's probably because it was not really that popular, as it was probably once. Maybe not many people will miss it.
Writing to Page Document Asynchronously with Postscribe (5:59)
Manuel Lemos: Now, moving on to another topic, let me find the actual screen here. I have too many windows open here, making it confusing.
So the next topic is related with a library that is meant to make it easy to sort of replace components that load content that probably relies on document.write calls. When you load something from a remote site, the progress of the page loading sort of halt until the remote content is downloaded.
I was trying to look at the examples here, but I'm not sure if I can see as it used to be before. Because I supposedly would see some results here, but for some reason, they are not working. I don't know, maybe this got stuck. OK, it's working now.
So they have several examples here. Let me try to increase the font here. There are several examples, and for some reason, it seems to be slow. Or maybe it's just me.
Arturs Sosins: Basically, we can see that PostScribe does a job asynchronously.
Manuel Lemos: Yeah, this is what should appear if you do the document.write. And asynchronously, we postscribe it to a peer, OK. And then, there are other...
Arturs Sosins: They're probably, I don't know what are those errors.
Manuel Lemos: Yeah, I'm not sure if this is the right response to expect. "Cannot redefine property HTML."
Arturs Sosins: OK.
Manuel Lemos: And there. Well, so PostScribe is working but it doesn't way what we should expect from there.
So I think this example's not really, really working at it should. OK, anyway, the idea is that you can load pages asynchronously and using the document.write that otherwise probably would be blocking the loading of the rest of the page.
Arturs Sosins: We saw lots of different approaches to that problem like using a syntax or injecting the script asynchronously, injecting the remote script asynchronously. And this is just one of another approaches that could be done, that after the page has load, only then you can enter HTML code directly with document.write to load the script and PostScribe could do this synchronous job asynchronously.
Manuel Lemos: Yeah. Well, I was trying to play with the options here to see if I could see anything different. I don't know what is going on. Probably, the server of this...
Arturs Sosins: Yeah, it seems like...
Manuel Lemos: Yeah.
Arturs Sosins: Not hooked up correctly or something like that.
Manuel Lemos: Anyway, that's the purpose.
Manuel Lemos: So we're going to move on. The next topic is related with using cryptography for several purposes on the browser side. So basically, I found this article, which is in practice a presentation, that talks about Web Crypto... which is an API that I'm not sure if all browsers implement it.
I have never tried it, but it sort of only explains how it would work in practice. You can use cryptography to implement not only encrypting of data but also to get hashes.
I don't know if cryptography is that important, because... on the browser side, I mean... once you get the access to the browser data, you probably kind of intercept the sensitive information. And when we talk about cryptography, we talk about passwords that need to be used to encrypt the data.
So, actually, we even commented about that one package, I think it was by Jason Gerfen, that would encrypt data to be stored on the browser side. And it was not clear from where the password would come, maybe it was some password that would probably come from the server and be used once, and from then on, you could encrypt and decrypt data to be stored in local storage.
Maybe the main value of that is that you can have your local storage stored with cryptography. So, unless somebody finds a way to find the password, decrypt it, nobody would be able to decrypt things.
Arturs Sosins: Theoretically, it would be possible to use the key as some properties of the current browser, like the browser version name, language, maybe IP address. So combine it all together, it would make a key that is automatically generated, and so making the storage accessible only from machine, on this browser... theoretically.
And people that are looking for data on hard drives... so just scanning on files that are encrypted... probably will not find any information, but if the information is not encrypted, it could find the information more easily.
OK, that's just to mention about this API, for people that are more interested in looking into this. The actual introduction of the presentation mentions the post-Snowden era. Maybe they are just also considering using cryptology to send and receive data to the server.
But at a certain point, you need to exchange the keys to encrypted data. So, if you are not using SSL, the key would also be exposed at a certain point, if it is being exchanged between the browser and the server. But OK, maybe I'm not getting this right.
Anyway, there is this presentation about the Web Crypto API for those that are interested in this topic.
Six reasons to define constructors with only one argument (14:16)
Manuel Lemos: So moving on to the next topic which is one of those point articles. In this case, it mentions six points to define constructs with only one argument. Let me increase the font here if I can. And so I can, but it is large. That's okay now.
So the idea is that instead of doing something like this to create and construct an object, you could do... like many people do... which is to pass an object in to the actual object instantiation and take some properties from that object. So instead of passing many arguments, just pass one, but still need to build the object that you want to pass as the parameters.
So the first reason that he mentioned is it would be for easy maintenance and optional 'new'. This is interesting because they are playing some tricks to avoid passing many arguments. And then, instead of passing it too many properties one argument at a time, it would pass a single argument.
And then, as you can see here, they're applying here some logic just to determine if the code, this object, is actually an instance of the object of the constructor we've been calling. And if not, to actually return any object passing the parameters to the object. And if it is the actual instance, it would assign just the variable.
Arturs Sosins: Basically, the easier maintenance part here is that if you add another parameter like Phone in VanillaPerson class, you would need to change it in all three places like the passing arguments, then recalling an instance, and then assigning properties. But in Person, there would be only one place to change it.
Another point is you could actually deal with optional parameters. So if you have certain parameters that are optional, you will not need to pass them. But this way, you do not even have to remember what is right order nor taking account the actual values that are being passed.
I mean, assume those defaults because they're optional anyway, so once you pass them too as an object, the actual constructor function will assume the right defaults. Well, maybe it's not what is happening but if you use this syntax, you have to write, re-write this somehow to only assign values if the properties of the options parameters is being defined.
Another supposed advantage that they mentioned is you get JSON deserialization for free, because in reality, it would be actually already passing some data in JSON format already serialized which would be the definition of the object with options that you won't pass.
And then, there is one point that's, for me, it's not very clear. It talks about idempotence, which basically is a property of functions that when they're applying to themselves, they return the function itself, I mean, the application of the function itself.
And here, I'm really not sure if this is very clear. Arturs, did you get this supposed advantage?
Arturs Sosins: Actually, I'm not sure why when VanillaPerson is not idempotent, you could actually also make it behave like that. And I think it was done in the first example where... Well, yeah, I think it could be done with VanillaPerson. But yes, the idea is that to make it idempotent, so it doesn't matter if we pass a data to a constructor or another instance, it would return as instance to work with it, like a safe typecasting form.
We don't know what data it is, we just pass it to constructor and use it as an instance. We won't know that output would be an instance. That's I think for me what value would provide.
Manuel Lemos: I do think what they mean is that if you ever an object... for instance in this case, it would be 'Person' that is already instantiated with some properties... if you pass it to create a new object, passing it as parameter, it would take the object variables and assign them to the new object. So it will create a copy of the object.
Arturs Sosins: Yes, and you can't do it with Vanilla because it does not accept one singular argument but multiple arguments.
Manuel Lemos: Yeah, you would have to...
Arturs Sosins: Yeah, you can't pass it as one argument. OK, that makes sense.
Manuel Lemos: Yeah. That is another advantage that I did not get quite right. It just says, "if you are a Domain Driven Design guy, you struggle with the verbosity of defining all your classes, but with the 1-arity pattern you can avoid the boilerplate with a simple function like this."
Arturs Sosins: Yes, basically, the struct (with the smaller case S) struct function returns a new class, so you can dynamically define classes by providing what properties they should have.
Manuel Lemos: Well, this is really, really abstract.
OK, well, I think they are applying a trick here, creating a function named struct. And the struct here would use an object with that takes properties and in case the definition of the properties are the object, then there is this struct function.
Arturs Sosins: Which basically a class.
Manuel Lemos: And "Struct.meta and props = props" .
Arturs Sosins: Well, that's...
Manuel Lemos: Return Struct when you construct two object, it returns Struct. It would be the function here. Well, it's very confusing, I really not get this point. Did you understand anything here?
Arturs Sosins: Yeah, as I said, for example, they create a class 'Person' by passing the name and surname. They could create another class, I don't know, an Apple and pass the arguments so there could be a color and the size, for example. That way, the functions struct (with small case S) dynamically create a class, and so they're making instantiated classes by passing the one single argument that cover the properties with the struct function.
Manuel Lemos: So this struct here that is returned is not really the object. It's just some meta object, you can call it that, I think. Well, that's what it seems to me. And then, you would call 'new' to get... Well, I'm not sure if this is the intention, but that's what it seems.
OK, I was convinced that passing options would be an interesting approach, at least for construction classes that may have many parameters for the reasons that were described here.
Arturs, have you been using testing in the code coverage tools?
Arturs Sosins: Yes. In the new work, in the new sphere, the scope that I'm working on, I would work about with the code and provide testing. I was also implementing new tests and code coverage, and I was using Blanket.JS. It's kind of similar to Istanbul. I think the Blanket.JS would go the first place in code coverage between Node.js developer in Istanbul is probably the second one most popular.
The process is called instrumentation, so you're on to test to something instrumented code and every time you walk in to some of these codes, it dispatches the code here. Well, we had the code here so this section was covered. So in the end there is an option to provide the report of how many code was covered and which bit section was not covered at all. And yeah, it's very useful to see.
Manuel Lemos: Well, at least, it should help you to figure what could may have not been tested even if you add tests for all your codes, it doesn't mean that it will catch all the bugs because it can be an infinite number of situations with special values, special conditions that your code may have not been tested.
But at least, with some testing, you reduce the chance of shipping code with series of bugs that otherwise could be detected earlier using some testing library.
Manuel Lemos: So OK, now moving on, the next topic is about a library called Hello.JS.
Arturs Sosins: Hello.
Manuel Lemos: That means... Yes, exactly. I'm trying to open the window but for some reason, the Google hangouts is not allowing me to do it.
So, basically this library is to make API calls using OAuth 2, and actually also OAuth 1, for querying REST APIs and anything else.
But well, my concern here would be more with application keys and secrets that you need to somehow ship to the browser, I mean make it developed through the browser and these keys are usually secret. You cannot share it with not even your application users.
I'm not sure how well this API handles it, but at least for OAuth 1, they say the users are now on OAuth proxy. I assume that the OAuth proxy knows about what are the secret keys. I'm not sure if I'm getting this right. Arturs, are you familiar with OAuth. Did you get how this works?
Arturs Sosins: Every time I need to implement OAuth authentication in some work, I always think, Yeah, this time, I would go through it and see how it works. But then I find the library that does exactly what I need, so I use it. That's why I never have to run through what it does exactly.
Manuel Lemos: Yeah, well, I don't know. This seems to be sort of a wrapper to different libraries because it allows you to authenticate and then make some API calls.
Manuel Lemos: Yes, but in this case, I think, they are using some kind of proxy server because there must be some... The real browsers is going to redirect, I see a redirect HTML. So I supposed this isn't the return page. Then they also pass client IDs. And these are usual secret.
Arturs Sosins: But wouldn't redirect would not be problem? You just open a new window and as it is a child window, it is controlled. And once it gets back to the redirect URL you provided, so you can retrieve and evaluate it there, and pass it to them.
Arturs Sosins: In Facebook, you can disclose application ID. You can't disclose application secret. So your applications...
Manuel Lemos: That's the OAuth 2.
Arturs Sosins: Somehow you can authenticate on Web-based on an app ID?
Manuel Lemos: Well, maybe this implement some kind of black magic that I'm not following here. But anyway, for anybody that isn't interested to make API calls to many servers, I'm not sure if this library has built-in support for just this library or it configurable to support other libraries. Because each server needs a specific end point that you need to redirect.
OK, I'm trying to see if this works. Actually, it is not working at all, because probably this is relying on some pop-up windows. OK, I think I need to start from the start. That's the problem. So the start here is...
Arturs Sosins: You need to authenticate it on the top of the page. There are lots of buttons that you need to authenticate. For example, it's Facebook and then you probably would be able to retrieve the additional...
Manuel Lemos: OK, let's try Facebook. Oh, I see. There is an application called... I've never seen this application, and there is no information about this application, right?
Arturs Sosins: No, they're just f or the test of the page.
Manuel Lemos: Yes, it's an application from the guy that developed this package. Yeah, this is a bit confusing. So, well, from here on, I would accept and say OK, and...
Arturs Sosins: And it reloaded the page.
Manuel Lemos: Reloaded the page. It was a pop-up, right?
Arturs Sosins: Yes, so on pop-up close, you can execute the function to allow the parent window, and that's what exactly what it did.
Manuel Lemos: Yes. So, if I'm logged, I supposed it can execute some other methods like this one.
Arturs Sosins: Yeah, just click on the green checkbox that's now appeared. It should restart.
Manuel Lemos: Oh, it's working.
Arturs Sosins: Ha, a developer of the PHP Classes website.
Manuel Lemos: This is impressive.
Arturs Sosins: We can see where did you go to high school.
Manuel Lemos: As if it is not public in Facebook.
Well, OK, people that are interested to implement this OAuth on browser side, there are certain... This is interesting. I'll try to study a bit about this later.
Arturs Sosins: This is what I would call it works automagically.
Manuel Lemos: Well, maybe there are just some few details that are missing but I have to study it better.
MySQL HTTP plugin (34:04)
Manuel Lemos: Anyway, moving on to another topic, this one is not exactly about PHP but I think it interests most PHP developerd, and not just PHP because it is related with MySQL.
Recently, it was announced, a new plugin for MySQL server that lets you connect to it using a regular HTTP connection. You can use a browser, but you can also use socket connection. You can use HTTP client to connect to it and execute queries just like you would with any Web server. But, in this case, we would send SQL queries
It uses JSON as format to communicate with the server. JSON may not be the fastest format, more complex format to use, but it is portable. For applications that are not performance-intensive, the overhead of using JSON as communications format, it is not a big deal. Anyway, I thought it was interesting.
Arturs, I don't know if you followed this development. Do you think it is interesting for the PHP world? Or maybe not that much?
Manuel Lemos: You mean communicating from the browser directly?
So it would be probably also locally on the same machine. And it communicates in a familiar manner, that you could also execute SQL queries. The only thing that I'm kind of concerned of is security.
Manuel Lemos: I think it's not really meant to be called from the browsers.
Arturs Sosins: Yeah.
Manuel Lemos: It's more like be called from Node.js or something on the server side because authentication will always exist. So if you want to connect to a database from a browser, even if you can make it, you have to have the username and password. And if you put the username and password in the browser, that probably causes some security concerns.
I think that's more to become on par with that because, personally, I don't see an application for this. Even because it's less, it's less efficient to exchange data. So for queries that exchange lots of data, probably it will make it slower.
Arturs Sosins: Recently, as I started to learn Node.js... I was working on some examples, and it was awesomely easy to create REST API with Node.js because with using MongoDB, like NoSQL on the server side because you simply take JSON, you put it in, and then you take the JSON out and then you output it. So there is no modification, you can create REST API that manipulates whole documents.
Manuel Lemos: So you don't have to call that complicated function that is named json_encode.
Arturs Sosins: It's really a little code to do it. So you can basically put all JSON documents and it would automatically put in database and things and mount when you need it. So this is something similar, only you don't need any code at all.
Manuel Lemos: Yeah, you don't need that extra function, json_encode, to do that.
Yeah, well, anyway, this is just a curiosity. I don't see many people using this on the PHP world. It's interesting. And even in other worlds, I don't think so.
MySQL also implemented memcache interface to perform simple queries to the server. So you could also use it like you use memcache servers. But in this case, you still use your MySQL. So I think Oracle is committed to give you no excuse to use anything else other than MySQL servers.
Anyway, this is just an interesting topic. So we're moving on to other topics.
Manuel Lemos: Now, it's time to talk about a regular section on which we comment the Innovation Award winners of, in this case, July. Actually, those were voted in August, then in September the results come out. So we can start talking about them.
First we're going to talk about the winners of the JSClasses. Arturs, which ones would you like to comment? There's actually two, so just pick one.
Arturs Sosins: I would comment about a really interesting component. So, when you execute your code, sometimes there are bottlenecks. It's working slowly and you don't know why, and you need a way to identify where is the bottleneck, which function is the one that slows the code down.
This package does exactly that. It profiles the function and measures its execution time, so you can divide your code in this component and measure, trying to find out where is the bottleneck.
There is a simple example provided with the class. There are functions. We simply provide them to the profiler with the parameters we want to pass to the function. In demo, we could see how it performs. So it started at specific times, the times it started, and how long did it take for this function to execute. So this kind of component really eases the task to identify the bottlenecks of the code.
The component was created by Tony L. Requena from Spain. Probably, you would know better how to pronounce the surname.
Manuel Lemos: No, that's great.
Let me switch here to the other package that I will comment. Starting the screensharing if it works. OK, the other package that I would like to comment, this one is from Thomas Bjork from Sweden. He has been a great contributor; I've seen several packages. From the five that he has sent already, four were nominated to the Innovation Award.
OK, let me scroll it to the right position.
So kudos to Thomas Bjork for his contribution. And for that, he was entitled to pick one book of choice from Packt.
Manuel Lemos: Now, I am going to mention about the rankings of the Innovation Award winners of 2014. So far, Thomas Bjork is leading as an individual author with 4 packages and 15 points, and is followed by several other authors like David Castillo from Mexico with 2 packages and 13 points,then Andoitz Jordan Marmolejo with 2 packages and 10 points, and then several other authors with one package. Some with more but with less points.
On the ranking in terms of countries for 2014, so far France is leading with 3 packages and 17 points. It is followed right after by Sweden with 4 packages and 15 points. Those are the same from Thomas Bjork. And then, Mexico with 2 packages and 13 points, those are the packages of David Castillo. And then, Spain with 3 packages with 12 points, followed right after by Italy with 3 packages and 8 points, Canada, with 3 packages and 7 points, and then several other countries with just one package and less points.
As we may see, the competition is heating up. It is interesting. Actually, the JSClasses site has somehow been affected by Google Search ranking updates in the last two years, and that sort of brought less users to become potential contributors. The numbers of contributors that had been sending packages, at least in the first months of the year was very slow. The increase in packages was very slow. But since, I think, June, Google did an update on the search rankings and the traffic to JSClasses improved a lot, and that allowed to bring many more packages.
As you may see below... I mean, actually, above... in the next month that we see here, I think it is August, we already see many contributions. I hope these contributions keep coming at this pace because at JSClasses, the potential is to grow a lot, and it just depends on the users to participate.
Also, next month, I hope that Arturs can bring us also more interesting topics to talk about now that he's rediscovering the Node.js world, right?
Arturs Sosins: Yeah. That's what I will say for now.
Manuel Lemos: Cannot promise anything.
So we reached the end of this podcast. So on my behalf, that is all for now. Bye.
Arturs Sosins: Bye.
You need to be a registered user or login to post a comment
Login Immediately with your account on:
No comments were submitted yet.