Book Reviews

The following book reviews are the copyright of their respective authors and no part should be reproduced without the express permission of the author. Publishers and Authors of the books reviewed may reproduce the whole or extracts of a review for their book. To request copyright permission please email

All the reviews herein are the opinions of the reviewer and are not necessarily the views of Birmingham Perl Mongers and its members. If you feel a review or comment has been made in error, please contact to rectify the situation.

Perl Books

Static Link:

Secure Coding: Principles & Practices
Title:Secure Coding: Principles & Practices
Author(s):Mark G. Graff, Kenneth R. van Wyk
Publisher:O'Reilly Media
Reviewer:Jon Allen

If you aren't sure what XML is and you work in I.T, then chances are you've been living on the moon. On the off chance that you haven't heard about XSLT, then it is a language designed for the purpose of transforming XML documents into text, HTML or other XML documents, or in short, transforming XML.

As Perl has a number of XSLT processing modules available for it, and the increasingly popular AxKit, then it certainly won't do a Perl programmer's prospects any harm to learn a little about XSLT. Be warned, however, that although powerful, it certainly isn't a language for everyone - the Marmite principal certainly seems to apply here.

Anyway, that's enough of an introduction to the subject matter, so it's time to move onto the book. It assumes that the reader has a sound knowledge of XML prior to reading, so it certainly isn't aimed at the first time reader. The book itself, like many others is split into two sections, the appendices form a reference to XSLT and XPATH, and the main part of the book offers a more tutorial led approach. The Reference section is quite useful, and is split into sensible parts, although some material is duplicated, which is slightly disappointing, but does not detract too much from the overall value of this section.

It has to be said, that I wasn't the greatest fan of the tutorial section. Whilst there are some useful examples towards the end of this section, the beginning seems to cover the correct material, but in a way that may not convey the concepts as effectively to a beginner as they might, which is disappointing given the quality of some of the material in the book. The lack of illustrative diagrams of the functioning of XSLT processors, in favour of screenshots are a symptom of this approach. Another criticism of this part of book is the amount of space given over to the hello world example - I felt as though this space could be better used giving a fuller explanation of the fundamental basics of XSLT and XPATH, which I feel would have been far more valuable for the beginner.

On the plus side, the examples are effective and appear to be stepped conceptually, so that each one builds on the one previous, although the explanation of the "Muench Method" leaves a little to be desired, generally the descriptions are quite effective.

My overall conclusion of the book is quite mixed, I would love to see a second edition that takes into account some of the points made above, as I feel it has the potential to be a very informative and instructional piece of work. As it stands however, I would not be comfortable recommending this work to a newcomer to XSLT, but if someone had a sound base of experience in XML, and had worked through a few web tutorials in XSLT in order to get an understanding of the basics, and wished to extend their knowledge and have a decent and clear reference, then they could do worse than buy this book.