The following book reviews are the copyright of their respective authors and no part should be reproduced without the express permission of the author. Publishers and Authors of the books reviewed may reproduce the whole or extracts of a review for their book. To request copyright permission please email firstname.lastname@example.org.
All the reviews herein are the opinions of the reviewer and are not necessarily the views of Birmingham Perl Mongers and its members. If you feel a review or comment has been made in error, please contact email@example.com to rectify the situation.
Static Link: http://birmingham.pm.org/reviews/10
|Title:||MySQL and Perl for the Web|
'MySQL and Perl for the Web' has been written by Paul DuBois, the author of the book 'MySQL' (also published by New Riders), the definitive work on the MySQL database. While 'MySQL' did include some details about using Perl to interact with the database, the new book aims to provide much more in depth information, including examples of complete web-based applications.
To start with we are presented with some trivial CGI scripts to check that the web server is set up correctly, and both command line and CGI scripts which use DBI, the Perl database interface. These introduce a number of DBI functions, such as using placeholders in queries, and returning results as arrays, hashes, or references to either.
The coding style used in the numerous examples is exactly what I would expect from an experienced Perl programer. The 'strict' and 'warnings' pragmas are always used, and the author is also careful to use CGI.pm functions for generating [X]HTML instead of printing code directly. Sometimes when books deal with multiple technologies or products, it can be noticed that the author is an expert on either one or the other. But while of course DuBois' knowledge of MySQL is without question, it is nice to say that I could find no real issues with any of the Perl code in the book.
Another item of note is the early introduction of mod_perl. Apart from the usual increase in processing speed, the enabling of persistent database connections (with the Apache::DBI module) makes mod_perl even more important for any database driven application. The disadvantages of mod_perl are also discussed, e.g. the lack of support for suEXEC and problems with variable scope, but these are relatively minor concerns compared with the many positive features that mod_perl brings. The rest of the book actually assumes that an Apache/mod_perl environment is used, but for the benefit of those without access to mod_perl, most of the code is compatible with a CGI environment as well.
Security should be a primary concern for any web or network enabled application, but becomes even more important when there are direct interfaces between your web site and the main back-end databases which run your company. DuBois clearly takes this very seriously - before any code is written, we are told that "...security is a requirement, not an option". 'MySQL and Perl' has a complete chapter dedicated to security and privacy issues, detailing many different types of possible security breaches. The information given is very comprehensive, covering a wide range of topics from using SSH port forwarding to set up an encrypted tunnel between the Apache webserver and the MySQL database server, to advice that the value of cookies set by your application should not be trusted, as cookie data can easily be changed on a user's PC. My only complaint about this chapter is that while we are repeatedly told not to trust user input, there is no mention of using Perl's taint mode to force external data to be validated.
As well as the technical content, DuBois has included a lot of useful information about design issues. Some of these are quite subtle, for example when marking which fields are compulsory in a form, we are advised not to use red text (as this is useless to colour-blind people) or to make them bold (which will not show up on all browsers). This attention to detail is found throughout the book, and really emphasises that the author has a thorough knowledge of the subject matter.
As I'm sure you will have guessed, I like 'MySQL and Perl' a lot. Even if you are using a different database like DB2 or Oracle, the techniques and ideas that DuBois gives will still be very useful. 'MySQL and Perl' offers a comprehensive and authoritative treatment of the subject matter, and I would recommend it without hesitation to anyone involved in developing a database-driven web application.
We are one of the UK's largest Perl user groups, representing Birmingham UK to the international Perl community since 2000. We hold monthly social and technical presentations, and several of our members are now regular attendees and speakers at the YAPC::Europe Perl Conferences.
For further information about Birmingham.pm, please read our Frequently Asked Questions page.
For details about joining our mailing list, please Click Here for more details.
No meeting currently scheduled
14th Dec - Brum.pm Social
Download the Birmingham.pm ICalendar
or subscribe to our Google Calendar
Aberdeen Perl Mongers
Bath Perl Mongers
Birmingham Perl Mongers
Bristol Perl Mongers
Devon & Cornwall Perl Mongers
Edinburgh Perl Mongers
Glasgow Perl Mongers
London Perl Mongers
Milton Keynes Perl Mongers
North of England Perl Mongers
Nottingham Perl Mongers
Southampton Perl Mongers
Thames Valley Perl Mongers
• Linux System Programming
• Mastering Perl
• GIMP 2 for Photographers
• Minimal Perl
• Wicked Cool Perl Scripts
• Red Hat Linux 9 Unleashed
• IRC Hacks - 100 Industrial-Strength Tips & Tools
• eBay Hacks - 100 Industrial-Strength Tips & Tools
• Exploiting Software - How To Break Code
• Mac OS X Unleashed, 2nd Edition
* New Reviews
.. More Reviews