Skip to main content


Showing posts from February, 2009

Haskell or Erlang?

I've coded in both Erlang and Haskell. Erlang is practical, efficient, and useful. It's got a wonderful niche in the distributed world, and it has some real success stories such as CouchDB and Haskell is elegant and beautiful. It's been successful in various programming language competitions. I have some experience in both, but I'm thinking it's time to really commit to learning one of them on a professional level. They both have good books out now, and it's probably time I read one of those books cover to cover. My question is which? Back in 2000, Perl had established a real niche for systems administration, CGI, and text processing. The syntax wasn't exactly beautiful (unless you're into that sort of thing), but it was popular and mature. Python hadn't really become popular, nor did it really have a strong niche (at least as far as I could see). I went with Python because of its elegance, but since then, I've coded both p

Python: Logging to Email in Pylons

I figured out how to get Pylons to send logging messages via email. Note, this is separate of the Paste mechanism which sends email when there is an uncaught exception. Here's a diff of my .ini file: [handlers] -keys = console +keys = console, smtp [formatters] keys = generic [logger_root] level = INFO -handlers = console +handlers = console, smtp [handler_console] class = StreamHandler @@ -67,5 +67,11 @@ level = NOTSET formatter = generic +[handler_smtp] +class = logging.handlers.SMTPHandler +args = ('', 'myapp@localhost', [''], 'myapp log message') +level = WARN +formatter = generic + Once everything is setup, you can add calls like the following to your controllers: log.error("This is a test of the logging system.")

Books: Ruby for Rails

I just finished a series of blog posts called Ruby: A Python Programmer's Perspective . Now, I'd like to finish up by writing a quick review of Ruby for Rails . Overall, it wasn't bad. If you can't tell by my other posts, I learned a lot. I really enjoyed the middle of the book which covered Ruby, but I got bored toward the end when the author spent three chapters improving an ecommerce site. The author appears to be an intelligent, native English speaker, however his grammar patterns made it difficult for me to read the book quickly. Here is an example: We must be able to determine before executing an action what state we're in with regard to the visitor's login status and its importance. [p. 440] Translation: "Don't show the login form if the user is already logged in." Here's another example: Facility with Ruby will stand you in good stead in your controller programming, as well as your model programming. [p. 438] Translation: "

Ruby: A Python Programmer's Perspective Part IV

This is a somewhat random list of things that were interesting or surprising to me when I read Ruby for Rails . The previous post in the series is Ruby: A Python Programmer's Perspective Part III . It's possible to add methods directly to an object instead of to a class: >> obj = => #<Object:0x348c44> >> def >> puts "Hi!" >> end => nil >> Hi! => nil The methods are attached to what's called a singleton class. There is a singleton class that is associated with every object: You can think of an object's singleton class as an exclusive stash of methods, tailor-made for that object and not shared with other objects--not even with other instances of the object's class Class methods are similarly methods that are attached to the singleton class of an object of type Class. There's even this weird syntax to attach additional methods to a class's singleton class: ?> class <

Ruby: A Python Programmer's Perspective Part III

This is a somewhat random list of things that were interesting or surprising to me when I read Ruby for Rails . The previous post in the series is Ruby: A Python Programmer's Perspective Part II . I've mentioned before that Ruby has symbols which are similar to, but distinct from, strings (which are mutable). The syntax is :foo. To create a symbol with spaces, use :"foo bar". Ruby has two syntax for ranges. ".." includes both endpoints. "..." does not include the right endpoint and thus behaves like slices in Python do: >> (0...2).each {|x| p x} 0 1 => 0...2 >> (0..2).each {|x| p x} 0 1 2 => 0..2 Since the "+" operator is just syntactic sugar for the "+" method, the following are equivalent: >> 1 + 1 => 2 >> 1.+(1) => 2 Whenever possible, I think interpreters should raise an exception if you misspell something. Hence, I found the following interesting: >> def f >> p @und

Ruby: A Python Programmer's Perspective Part II

This is a somewhat random list of things that were interesting or surprising to me when I read Ruby for Rails . You may also be interested in my previous post: Ruby: A Python Programmer's Perspective . In Python, directories map to packages and files map to modules. This is similar to Java. Ruby is not like this. Ruby is more like Perl. Basically, any file in any directory can contain code for any module. That means that there are module declarations in the code itself. Ruby has global variables. They start with $, such as $gvar. A variable defined at the top-level of a file is not global. The top-level has its own local scope, just as class, module, and method definition blocks each have their own local scope:: >> a = 1 => 1 >> def f() >> p a >> end => nil >> f NameError: undefined local variable or method `a' for main:Object from (irb):3:in `f' from (irb):5 This is different than Python that treats anything at the top-lev

REST: RESTful Shopping Carts

I've been thinking about the book RESTful Web Services . It has lots of negative things to say about cookies, for instance, "OK, so cookies shouldn't contain session IDs" [p. 252]. Elsewhere in the book, it describes a scheme using temporary URLs for transactions [p. 231]. I was thinking about shopping carts. If you can't use a cookie to store a session ID, then it seems natural to embed the session ID into the URL. (I'm thinking about the case when the user hasn't even logged in yet.) However, therein lies the problem. If you put the session ID in the URL, you open yourself up to well-known session fixation attacks . Let me explain. Attacker A creates a shopping cart on a legitimate Web site that embeds the session ID (or some other sort of state) in the URL. Attacker A spams a bunch of people. A victim V clicks on the link. He knows that the site is legitimate. He adds a few things to his cart, logs in, and places the order. At this point,

Python: Google App Engine

Here are some things I found interesting, deep, or surprising while reading the documentation for Google App Engine: Being able to easily roll back to a previous version of your application is a really nice feature. webapp uses "self.request" instead of a magic global named "request" like Pylons. (Note, magic globals act as proxies for the actual request object which is stored in thread local storage.) I'm a little confused by: run_wsgi_app() is similar to the WSGI-to-CGI adaptor provided by the wsgiref module in the Python standard library, but includes a few additional features. Does that mean GoogleAppEngineLauncher's default template should be updated since it doesn't use run_wsgi_app()? GQL is meant to be familiar for SQL users, but it knows what you mean when you say: greetings = Greeting.gql("ORDER BY date DESC LIMIT 10") Bret told me: A good rule of thumb for whether you need transactions is whether you have a set that is based