Monday, 17 March 2014

Programming PHP

Title: Programming PHP
Author: Kevin TatroePeter MacIntyre,Rasmus Lerdorf
Publisher: O'Reilly

Learning PHP is designed to quickly get you up and running in your efforts to develop with PHP. Probably a redundant statement there but it's been said now so let's get on with it.

Pretty much everything that I'd expect to find in such a book is here from lexical structure, classes and databases (with NoSQL thrown in for good measure). Template support is also touched upon for all of you budding CMS/theme developers along with a host of other fun and technical topics.

The authors also include an introduction to PHP security that covers basic security concepts. While this is a very welcome topic to be covered it is only an introduction, as pointed out by the authors, and should not be solely relied upon. Additional resources are identified by the authors that cover security in more detail. Make no mistake, in this day and age you need to ensure that you're writing secure code.

Does what it says on the tin  - I felt though at times some of the examples were a little poorly explained though.. 4/5 for an otherwise solid title.

"Programming PHP" can be found on the O'Reilly website

Thanks for reading!


Monday, 17 February 2014

RESTful Web Services Cookbook

Title: RESTful Web Services Cookbook
Author: Subbu Allamaraju
Publisher: Yahoo Press

RESTfull Web Services Cookbook by Subbu Allamaraju

REST, as we all know, stands for Representational State Transfer. If you’re not one of those in the know, then you might look at the CodeProject page Everything About REST Web Services - What and How for a nice example and practical guidance.

Once you’re past that, assuming that you need to go there in the first place, you might then find yourself asking “How might one find solutions to various web service designs / problems that are written in a RESTful frame of mind?”. Well, look no further as Mr. Allamaraju has provided the answer.

It’s very important to note that this is a cookbook so don’t expect it to hold the answer to every question that you’ve ever formed in your head regarding the web and design. This book exists to help with day-to-day design and implementation questions in the confines of RESTful design for web services.

As such, it is as exciting as any cookbook can be. The author has kindly provided 14 chapters of recipes starting with the basics (Using the Uniform Interface) but covering more advanced and concerning topics such as security.

It’s hard for me to get excited about a cookbook - they’re mostly functional with little in the way of narration and/or humour. If RESTful web design is of interest to you though and you need a hand with implementation, then you won’t go far wrong with this book - AND - the author is kind enough to link to other books to help guide you if more information is required. 5/5 as it works as advertised, is clearly laid out and has lots of nice examples.

"RESTful Web Services Cookbook" can be found on the O'Reilly website

Thanks for reading!


Worldly wide webs

After a brief stint in South Africa, where I spent some time in Milpark Hospital thanks to a spider (or so they think) and the insanity of moving home twice, I'm back to normal duties (or will be once my broadband is set up - tethering sucks).

Coming up, a review of RESTful Web Services Cookbook from the ever-lovely people at O'Reilly who feed my tech addiction :-)

Friday, 15 November 2013

Hacking Web Apps

Title: Hacking Web Apps
Author: Mike Shema
Publisher: Syngress

Hacking Web Apps Book Cover

Got a website? Maybe it's just displaying a few static pages, maybe it's running a pretty fancy web app. You're proud of what you've made, it looks nice and it's bulletproof, right? Wrong.
In Hacking Web Apps, Mike Shema shows how security on your average site is an illusion. In reading this book I was frankly amazed at how many ways there are to attack a site. Some of them you will know - denial of service, cross scripting attacks, all make the news. Lurking in the background though are the other attacks, the ones that don't make the headlines but are very much as real a threat as anything reported in the media. 

Indeed, some of the very things that are supposed to make data, and the web in general more secure such as cryptography, can be an entry point for would-be attackers if implemented poorly. Client-side validation, implementation errors in cryptography and insufficient randomness can all be exploited to allow an attacker access to otherwise protected information. Add to this other points of failure / access, such as the browser, the OS and techniques such as clickjacking and you might wonder if the web should just be shut down and we all go back to using real banks and writing letters and so forth.

Not to worry for help is at hand. The author provides countermeasures for the various attacks and points of failure listed in the book. For the most part they’re pretty easy to follow and to implement. If you have a website, or are building one, I highly recommend reading this book if you’ve got anything to lose. And even if you don’t have anything to lose, and just don’t want the hassle of fixing your site after some kid breaks in and puts some garbage up on your home page, read it and follow the instructions.

An excellent read, the author describes each potential issue or attack and then proceeds to dissect how it works, following up with preventative measures to stop the attack from happening (again). If you work with website design, read it. If you don’t, ensure that your designer has read it! A hearty 5/5 for this particular book, it’s clearly written with links to a lot of tools and resources. 

Thursday, 19 September 2013

Software Requirements, Third Edition

Title: Software Requirements, Third Edition
Author: Karl Wiegers and Joy Beatty
Publisher: Microsoft Press

Although it’s been a long time since I studied SSADM, I've worked in the IT industry for some 18 years now and I remember the painful lessons learned in Trinity College all those years ago - and the even more painful lessons learned from ambiguous or incomplete requirements in the years since.

The authors of Software Requirements, Third Edition have clearly felt this pain too and have sought to minimise the amount of painful lessons learned by following good methodologies, learning from mistakes and learning how to work with the customer and all relevant stakeholders. They then kindly shared this knowledge in the form of this offering from Microsoft Press.

This is not a boring title droning on about how to obtain requirements however; the authors have looked at every facet of requirements gathering and requirements analysis and present information on every stage to the readers. Software Requirements, Third Edition begins most chapters with an anecdote - or perhaps horror story is more apt - which serve to highlight the need for the specific topic covered in the coming chapter. At the end of each chapter is a 'Next Steps' section which give you practical exercises to do to reinforce what you have learned.

I'm an advocate of humour in teaching as it helps to engage the audience that you’re trying to teach, makes it a little easier for your audience to focus and even makes it a little more bearable for the teacher too. As such, it’s always nice to find little gems in a book, as was the case here. Coming from initially a science background I loved the following comment in one of the case studies “The synthetic chemist who first makes the new chemical (he’s a real person, but a synthetic chemist)” and general witticisms offered throughout such as “It’s important to recognize the value of recording vital requirements information in a shareable form, rather than treating it as oral tradition around the project campfire” and headings such as “When bad requirements happen to good people”.

Software Requirements, Third Edition mostly assumes that you have experience in project management but still takes the time to explain the fundamentals, albeit at a high level. With that having been said, don't expect to use this as a learning text with zero prior knowledge - you won't be completely lost but you will find that it is outside of the scope of this book to teach you everything from scratch.


For it's horror stories alone I'd rate this 5/5, this book is a must for anyone involved in determining requirements. Buy it, read it, laugh at the 'horror stories' and then prepare for a similar fate if you don't heed the content! 

"Software Requirements", Third Edition can be found on the O'Reilly website

Thanks for reading!


I review for the O'Reilly Blogger Review Program

Tuesday, 10 September 2013

Designing For Change

Title: Designing For Behavior Change
Author: Stephen Wendel
Publisher: O'Reilly Media.

First and foremost - as this is an early release there were numerous formatting issues and some spelling mistakes but this was to be expected, "Early Release - Raw and Unedited" emblazoned on the front of the book does somewhat suggest potential issues. As such, I'll stick solely to the content.

Stephen Wendel guides us adeptly through the inner workings of our lazy minds and shows us how to maximise our chances of effective designs for behaviour change by paving the way to good design with excellent theory, references and his own experiences to draw upon.

In the preface, the author clearly defines the scope of this book and, most importantly, the audience for whom the book has been written and the types of changes that the book can help you to achieve in your designs. If you're planning world domination by brainwashing people through your apps then this book is not for you (indeed bad news for you in general as the author reveals that it is in fact quite difficult to coerce people to do something that they don't want to). If, however, you genuinely want to help people to develop better habits then read on. 

In order to effect change, the person looking to design for change needs to understand how the mind makes decisions and why it makes the decisions that it does make and not others. Once this has been discussed (with some fascinating data / anecdotes from studies), the author then introduces strategies for actually changing behaviour. 

Armed with this knowledge, you are then taught how to take the theory already learned and apply to the people that you want to reach, in a logical progression that begins with figuring out what exactly you want to do, how to do it and then continues on to how to actually implement it, solicit feedback and continually refine your product.

Even if you never hope to develop a product for behaviour change, this book is a fascinating read that illustrates how we as a species tend to think and how people try to use that information (for both good and bad) to influence our decisions. If you are hoping to develop a product for behaviour change then get this book without delay.

I'm quite delighted, apart from the sterling content of the book, at the use of humour too. Little things like the summary of each chapter being referred to as "On a Napkin" make it all a more pleasant read. I was also delighted to see references to Brian Wansink, another excellent author on behaviour (and a funny guy too)

If you're looking to help people with behaviour (not addictions) or are just interested in the topic then get this book, you won't regret it.


A hearty 5/5, this book is a fascinating read. Buy it, read it and then go read the material that he's linked or referenced. 

"Designing For Behaviour Change" can be found on the O'Reilly website. 

Thanks for reading!


I review for the O'Reilly Blogger Review Program

O'Reilly Blogger Program

In order to ensure a healthy amount of up-to-date books and topics I have joined the O'Reilly blogger program. This program is effectively the trade of a book for a review, though O'Reilly impose no restrictions on the review, reviews can be negative or positive. Where a book has been received as part of the review program I'll clearly mark it as such.

Thanks for reading!