From westerman at purdue.edu Wed Feb 6 13:06:38 2008 From: westerman at purdue.edu (Rick Westerman) Date: Wed, 06 Feb 2008 16:06:38 -0500 Subject: [Purdue-pm] Next technical meeting in a week Message-ID: <47AA215E.2060607@purdue.edu> Next technical meeting is in a short 6 days. Typical ME 119 room. So far we have talks from: -- Mark on Perl 6 Objects -- Phillip on his recent work with web scraping. -- Dave on .. on .. well, something. Lately he has been a javascript coder and can't think straight anymore. :-) -- Rick on Template Toolkit (or how I have ruined my Perl skills) Anyone else have something that they wish to present to the group? -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From pmiguel at purdue.edu Wed Feb 6 13:56:40 2008 From: pmiguel at purdue.edu (Phillip San Miguel) Date: Wed, 06 Feb 2008 16:56:40 -0500 Subject: [Purdue-pm] Next technical meeting in a week In-Reply-To: <47AA215E.2060607@purdue.edu> References: <47AA215E.2060607@purdue.edu> Message-ID: <47AA2D18.3060902@purdue.edu> Rick, Last year wasn't the February Perl Mongers meeting canceled due to a snow storm that shut down Purdue? Can we be absolutely sure that will not happen again? Phillip Rick Westerman wrote: > Next technical meeting is in a short 6 days. Typical ME 119 room. So > far we have talks from: > > -- Mark on Perl 6 Objects > -- Phillip on his recent work with web scraping. > -- Dave on .. on .. well, something. Lately he has been a javascript > coder and can't think straight anymore. :-) > -- Rick on Template Toolkit (or how I have ruined my Perl skills) > > Anyone else have something that they wish to present to the group? > > > From westerman at purdue.edu Wed Feb 6 13:59:58 2008 From: westerman at purdue.edu (Rick Westerman) Date: Wed, 06 Feb 2008 16:59:58 -0500 Subject: [Purdue-pm] Next technical meeting in a week In-Reply-To: <47AA2D18.3060902@purdue.edu> References: <47AA215E.2060607@purdue.edu> <47AA2D18.3060902@purdue.edu> Message-ID: <47AA2DDE.1000306@purdue.edu> Phillip San Miguel wrote: > Rick, > Last year wasn't the February Perl Mongers meeting canceled due to a > snow storm that shut down Purdue? Can we be absolutely sure that will > not happen again? Yes we can. I have a flying lesson on the Monday previous. My flying lessons *always* get canceled due to bad weather followed by good weather the day afterwards. This is sort of like washing one's car -- a sure way to make the rain come. -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From jacoby at csociety.ecn.purdue.edu Tue Feb 12 10:00:32 2008 From: jacoby at csociety.ecn.purdue.edu (Dave Jacoby) Date: Tue, 12 Feb 2008 13:00:32 -0500 Subject: [Purdue-pm] Next technical meeting TONIGHT! In-Reply-To: <47AA215E.2060607@purdue.edu> References: <47AA215E.2060607@purdue.edu> Message-ID: <47B1DEC0.6090300@csociety.ecn.purdue.edu> Just a reminder, that six short days are up, and that meeting is TONIGHT! Also, I have a topic. "a tree grows in the basement". It's the best topic I can think of with, with my javascripty mind not thinking straight.... Rick Westerman wrote: > Next technical meeting is in a short 6 days. Typical ME 119 room. So > far we have talks from: > > -- Mark on Perl 6 Objects > -- Phillip on his recent work with web scraping. > -- Dave on .. on .. well, something. Lately he has been a javascript > coder and can't think straight anymore. :-) > -- Rick on Template Toolkit (or how I have ruined my Perl skills) > > Anyone else have something that they wish to present to the group? > > -- David Jacoby jacoby at csociety.org When you hear music, after it's over, it's gone, in the air. You can never capture it again. -- Eric Dolphy From derrick at csociety.org Tue Feb 12 12:17:09 2008 From: derrick at csociety.org (derrick) Date: Tue, 12 Feb 2008 15:17:09 -0500 Subject: [Purdue-pm] Next technical meeting TONIGHT! In-Reply-To: <47B1DEC0.6090300@csociety.ecn.purdue.edu> References: <47AA215E.2060607@purdue.edu> <47B1DEC0.6090300@csociety.ecn.purdue.edu> Message-ID: <47B1FEC5.2000905@csociety.org> I won't be able to make the next few month's meetings, there is a class on Tuesday nights that I want to sit in on. I'll be back near the end of April. dsk From westerman at purdue.edu Wed Feb 13 07:39:02 2008 From: westerman at purdue.edu (Rick Westerman) Date: Wed, 13 Feb 2008 10:39:02 -0500 Subject: [Purdue-pm] Web sites using Catalyst Message-ID: <47B30F16.4050608@purdue.edu> Interesting talks last night. A followup on my catalyst MVC framework talk. I was asked about sites that actually use catalyst. We looked at one glowing report but, really, one data point does not make a success story. Here are some web 2.0 sites that use catalyst. Online spreadsheets .... http://www.editgrid.com/ ... although, interestingly, their API which uses SOAP and WSDL only has code examples for PHP and Python. A application rating system (for Macs at the moment) .... http://osx.iusethis.com/ TV and radio listings in the UK ... http://www.mightyv.com ... their 'about' section shows what Perl modules they use to supplement catalyst (http://www.mightyv.com/about/) Blogging ... http://www.vox.com ... the company also does other blogging sites such as MovableType and TypePad; I am not sure if the other sites use catalyst but vox does. While I suppose one could always argue the need for another spreadsheet site or another rating site or another TV/radio site, all of the above are very nice sites. They show what can be done with catalyst & friends. -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From westerman at purdue.edu Wed Feb 13 07:54:49 2008 From: westerman at purdue.edu (Rick Westerman) Date: Wed, 13 Feb 2008 10:54:49 -0500 Subject: [Purdue-pm] Follow up on Per 6 objects Message-ID: <47B312C9.9050105@purdue.edu> Mark's talk last night about Perl 6 objects or, more appropriately, the lack of Perl 6 brings up this add-on to Perl 5. It is a way to bring a lot of Perl 6 objects to Perl 5. The add-on is called 'Moose' and, as the author succinctly put it, "I built Moose because I was tired of writing the same old boring Perl 5 OO code, and drooling over Perl 6 OO. So instead of switching to Ruby, I wrote Moose :)" http://search.cpan.org/dist/Moose/lib/Moose.pm http://search.cpan.org/dist/Moose IMHO, it would be a good idea to have one (or more) of us look over Moose and report back at the next PM technical meeting. Any takers? Another IMHO, after Mark's talk last night I am beginning to doubt if we will ever see Perl 6 in production. Since Perl 5 is getting a beating from the other modern languages, e.g., PHP, Python, Java, Ruby and even JavaScript, it seems like the way that Perl will survive is to bolt on the good ideas into Perl 5 ... even at the risk of making the language yet more cumbersome and not clean. -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From jacoby at purdue.edu Wed Feb 13 07:58:24 2008 From: jacoby at purdue.edu (Dave Jacoby) Date: Wed, 13 Feb 2008 10:58:24 -0500 Subject: [Purdue-pm] Follow up on Per 6 objects In-Reply-To: <47B312C9.9050105@purdue.edu> References: <47B312C9.9050105@purdue.edu> Message-ID: <47B313A0.6070400@purdue.edu> Rick Westerman wrote: > Mark's talk last night about Perl 6 objects or, more appropriately, > the lack of Perl 6 brings up this add-on to Perl 5. It is a way to > bring a lot of Perl 6 objects to Perl 5. The add-on is called 'Moose' > and, as the author succinctly put it, > > "I built Moose because I was tired of writing the same old boring > Perl 5 OO code, and drooling over Perl 6 OO. So instead of switching to > Ruby, I wrote Moose :)" > > http://search.cpan.org/dist/Moose/lib/Moose.pm > http://search.cpan.org/dist/Moose > > IMHO, it would be a good idea to have one (or more) of us look over > Moose and report back at the next PM technical meeting. Any takers? I'll hunt Moose. > Another IMHO, after Mark's talk last night I am beginning to doubt > if we will ever see Perl 6 in production. Since Perl 5 is getting a > beating from the other modern languages, e.g., PHP, Python, Java, Ruby > and even JavaScript, it seems like the way that Perl will survive is to > bolt on the good ideas into Perl 5 ... even at the risk of making the > language yet more cumbersome and not clean. -- David Jacoby jacoby at purdue.edu Purdue Genomics Facility S049, WSLR building Phone: hah! From andy at petdance.com Wed Feb 13 07:59:18 2008 From: andy at petdance.com (Andy Lester) Date: Wed, 13 Feb 2008 09:59:18 -0600 Subject: [Purdue-pm] Follow up on Per 6 objects In-Reply-To: <47B312C9.9050105@purdue.edu> References: <47B312C9.9050105@purdue.edu> Message-ID: <3524E079-5C7D-4EB3-AD83-B10DD1E18184@petdance.com> On Feb 13, 2008, at 9:54 AM, Rick Westerman wrote: > Another IMHO, after Mark's talk last night I am beginning to doubt > if we will ever see Perl 6 in production. Since Perl 5 is getting a > beating from the other modern languages, e.g., PHP, Python, Java, Ruby > and even JavaScript, it seems like the way that Perl will survive is > to > bolt on the good ideas into Perl 5 ... even at the risk of making the > language yet more cumbersome and not clean. The bolting-on is already happening. See the features that are in Perl 5.10 that came from Perl 6. However, it seems clear to me that Perl 6 is moving forward, and Rakudo Perl (the implementation of Perl 6 on Parrot) is getting closer to reality. Keep an eye on Perlbuzz.com and Rakudo.org for notes about what's happening in Perl 6 land. xoa -- Andy Lester => andy at petdance.com => www.petdance.com => AIM:petdance From andy at petdance.com Wed Feb 13 08:01:04 2008 From: andy at petdance.com (Andy Lester) Date: Wed, 13 Feb 2008 10:01:04 -0600 Subject: [Purdue-pm] Follow up on Per 6 objects In-Reply-To: <47B313A0.6070400@purdue.edu> References: <47B312C9.9050105@purdue.edu> <47B313A0.6070400@purdue.edu> Message-ID: On Feb 13, 2008, at 9:58 AM, Dave Jacoby wrote: >> IMHO, it would be a good idea to have one (or more) of us look >> over >> Moose and report back at the next PM technical meeting. Any takers? > > I'll hunt Moose. Chris Prather has a presentation on Moose at Frozen Perl 2008 on Saturday: http://www.frozen-perl.org/mpw2008/user/983 xoa -- Andy Lester => andy at petdance.com => www.petdance.com => AIM:petdance From pmiguel at purdue.edu Wed Feb 13 07:59:23 2008 From: pmiguel at purdue.edu (Phillip San Miguel) Date: Wed, 13 Feb 2008 10:59:23 -0500 Subject: [Purdue-pm] Web sites using Catalyst In-Reply-To: <47B30F16.4050608@purdue.edu> References: <47B30F16.4050608@purdue.edu> Message-ID: <47B313DB.2030303@purdue.edu> Rick Westerman wrote: > Interesting talks last night. A followup on my catalyst MVC > framework talk. I was asked about sites that actually use catalyst. We > looked at one glowing report but, really, one data point does not make a > success story. Here are some web 2.0 sites that use catalyst > Here is the podcast I mentioned: http://twit.tv/floss20 It's about 45 minutes long. In the description it is mentioned that "Vox" uses Catalyst. From westerman at purdue.edu Wed Feb 13 08:18:31 2008 From: westerman at purdue.edu (Rick Westerman) Date: Wed, 13 Feb 2008 11:18:31 -0500 Subject: [Purdue-pm] YAPC::NA (Jun 16-18) In-Reply-To: References: <47B312C9.9050105@purdue.edu> <47B313A0.6070400@purdue.edu> Message-ID: <47B31857.5060306@purdue.edu> Andy's comment about the frozen-perl conference this weekend prompts me to ask if anyone is planning to go to the YAPC::NA conference this year. It is in Chicago on Jun 16-18th. Perhaps we could plan a joint road trip. If nothing else we should remind ourselves to register for it by the April technical meeting. -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From jacoby at purdue.edu Wed Feb 13 08:32:28 2008 From: jacoby at purdue.edu (Dave Jacoby) Date: Wed, 13 Feb 2008 11:32:28 -0500 Subject: [Purdue-pm] YAPC::NA (Jun 16-18) In-Reply-To: <47B31857.5060306@purdue.edu> References: <47B312C9.9050105@purdue.edu> <47B313A0.6070400@purdue.edu> <47B31857.5060306@purdue.edu> Message-ID: <47B31B9C.5020506@purdue.edu> Rick Westerman wrote: > Andy's comment about the frozen-perl conference this weekend prompts > me to ask if anyone is planning to go to the YAPC::NA conference this > year. It is in Chicago on Jun 16-18th. Perhaps we could plan a joint > road trip. If nothing else we should remind ourselves to register for > it by the April technical meeting. I'm hoping/planning to go. I enjoyed it completely last time I went. -- David Jacoby jacoby at purdue.edu Purdue Genomics Facility S049, WSLR building Phone: hah! From jacoby at purdue.edu Fri Feb 22 07:22:47 2008 From: jacoby at purdue.edu (Dave Jacoby) Date: Fri, 22 Feb 2008 10:22:47 -0500 Subject: [Purdue-pm] DBI Usage Question In-Reply-To: <47B31B9C.5020506@purdue.edu> References: <47B31B9C.5020506@purdue.edu> Message-ID: <47BEE8C7.1060301@purdue.edu> Assume a database table Test with a self-incrementing primary key field and two other fields, USERID and ABCD. You want to put user-input data into USERID and ABCD. Assume this is the SQL string you want. INSERT INTO Test ( USERID , ABCD ) VALUES ( 'random' , 'text' ) ; http://www.stonehenge.com/merlyn/UnixReview/col58.html Randal Schwartz codes his example using this syntax: my $sth = $dbh->prepare( q{ INSERT INTO Test ( USERID , ABCD ) VALUES ( ? , ? ) } ) ; $sth->execute( $a , $b ) ; I'd rather do it more like this: $a = $dbh->quote($a) ; $b = $dbh->quote($b) ; my $query = qq{INSERT INTO Test {USERID,ABCD} VALUES ($a,$b);}; my $sth = $dbh->prepare($query) ; $sth->execute() ; Because then I know that I've explicitly and clearly quoted the inputs. I know TMTOWTDI. I like that TMTOWTDI. But I believe that some ways are better than others, and Randal Schwartz might know some of the better ways. Is there an overriding, understandable reason why my way is worse? -- David Jacoby jacoby at purdue.edu Purdue Genomics Facility S049, WSLR building Phone: hah! From gribskov at purdue.edu Fri Feb 22 07:28:24 2008 From: gribskov at purdue.edu (Michael Gribskov) Date: Fri, 22 Feb 2008 10:28:24 -0500 Subject: [Purdue-pm] DBI Usage Question In-Reply-To: <47BEE8C7.1060301@purdue.edu> References: <47B31B9C.5020506@purdue.edu> <47BEE8C7.1060301@purdue.edu> Message-ID: <47BEEA18.60403@purdue.edu> it will be slower because you have to $dbh->prepare every sql query. other than that its fine Dave Jacoby wrote: > Assume a database table Test with a self-incrementing primary key field > and two other fields, USERID and ABCD. You want to put user-input data > into USERID and ABCD. Assume this is the SQL string you want. > > INSERT INTO Test ( USERID , ABCD ) VALUES ( 'random' , 'text' ) ; > > http://www.stonehenge.com/merlyn/UnixReview/col58.html > Randal Schwartz codes his example using this syntax: > > my $sth = $dbh->prepare( > q{ INSERT INTO Test ( USERID , ABCD ) VALUES ( ? , ? ) } > ) ; > $sth->execute( $a , $b ) ; > > I'd rather do it more like this: > > $a = $dbh->quote($a) ; > $b = $dbh->quote($b) ; > my $query = qq{INSERT INTO Test {USERID,ABCD} VALUES ($a,$b);}; > my $sth = $dbh->prepare($query) ; > $sth->execute() ; > > Because then I know that I've explicitly and clearly quoted the inputs. > > I know TMTOWTDI. I like that TMTOWTDI. But I believe that some ways are > better than others, and Randal Schwartz might know some of the better > ways. Is there an overriding, understandable reason why my way is worse? > > -- Michael Gribskov - gribskov at purdue.edu Professor of Biological Sciences and Computer Science Purdue University Lilly Hall of Life Sciences 915 W. State Street West Lafayette IN 47907-2054 voice: 765.494.6933 fax: 765.496-1189 email: gribskov at purdue.edu Calendar: http://www.genomics.purdue.edu/webcal/wcal.pl?anonymous=1&w=Gribskov Administrative Asst: Karen Studebaker voice: 765.494.8518 email: studebak at purdue.edu From westerman at purdue.edu Fri Feb 22 08:41:43 2008 From: westerman at purdue.edu (Rick Westerman) Date: Fri, 22 Feb 2008 11:41:43 -0500 Subject: [Purdue-pm] DBI Usage Question In-Reply-To: <47BEE8C7.1060301@purdue.edu> References: <47B31B9C.5020506@purdue.edu> <47BEE8C7.1060301@purdue.edu> Message-ID: <47BEFB47.6020308@purdue.edu> Dave Jacoby wrote: > Assume a database table Test with a self-incrementing primary key field > and two other fields, USERID and ABCD. You want to put user-input data > into USERID and ABCD. Assume this is the SQL string you want. > > INSERT INTO Test ( USERID , ABCD ) VALUES ( 'random' , 'text' ) ; > > http://www.stonehenge.com/merlyn/UnixReview/col58.html > Randal Schwartz codes his example using this syntax: > > my $sth = $dbh->prepare( > q{ INSERT INTO Test ( USERID , ABCD ) VALUES ( ? , ? ) } > ) ; > $sth->execute( $a , $b ) ; > > I'd rather do it more like this: > > $a = $dbh->quote($a) ; > $b = $dbh->quote($b) ; > my $query = qq{INSERT INTO Test {USERID,ABCD} VALUES ($a,$b);}; > my $sth = $dbh->prepare($query) ; > $sth->execute() ; > > Because then I know that I've explicitly and clearly quoted the inputs. > > I know TMTOWTDI. I like that TMTOWTDI. But I believe that some ways are > better than others, and Randal Schwartz might know some of the better > ways. Is there an overriding, understandable reason why my way is worse? > The use of '?' marks (placeholders) in DBI is two fold -- First for speed since the prepare statement only has to be done once instead of each time for each new set of variables. Second it automatically quotes the parameters so that you do not need to do so. As Michael pointed out, since you are not looping in the above code then there is no performance gain. If you were looping then using placeholders would be faster. Also I point out that using placeholders results in smaller code. Quoting from the DBI manual: *Performance* Without using placeholders, the insert statement shown previously would have to contain the literal values to be inserted and would have to be re-prepared and re-executed for each row. With placeholders, the insert statement only needs to be prepared once. The bind values for each row can be given to the |execute| method each time it's called. By avoiding the need to re-prepare the statement for each row, the application typically runs many times faster. -- Rick Westerman westerman at purdue.edu Bioinformatics specialist at the Genomics Facility. Phone: (765) 494-0505 FAX: (765) 496-7255 Department of Horticulture and Landscape Architecture 625 Agriculture Mall Drive West Lafayette, IN 47907-2010 Physically located in room S049, WSLR building From andy at petdance.com Fri Feb 22 08:43:37 2008 From: andy at petdance.com (Andy Lester) Date: Fri, 22 Feb 2008 10:43:37 -0600 Subject: [Purdue-pm] DBI Usage Question In-Reply-To: <47BEFB47.6020308@purdue.edu> References: <47B31B9C.5020506@purdue.edu> <47BEE8C7.1060301@purdue.edu> <47BEFB47.6020308@purdue.edu> Message-ID: <2DAD9785-FC51-4843-94ED-5D6BEDBEE5A6@petdance.com> On Feb 22, 2008, at 10:41 AM, Rick Westerman wrote: > The use of '?' marks (placeholders) in DBI is two fold -- First for > speed since the prepare statement only has to be done once instead of > each time for each new set of variables. Second it automatically > quotes > the parameters so that you do not need to do so. And number three, it protects against SQL injection attacks. xoxo, Andy -- Andy Lester => andy at petdance.com => www.petdance.com => AIM:petdance From jacoby at purdue.edu Fri Feb 22 09:01:49 2008 From: jacoby at purdue.edu (Dave Jacoby) Date: Fri, 22 Feb 2008 12:01:49 -0500 Subject: [Purdue-pm] DBI Usage Question In-Reply-To: <2DAD9785-FC51-4843-94ED-5D6BEDBEE5A6@petdance.com> References: <47B31B9C.5020506@purdue.edu> <47BEE8C7.1060301@purdue.edu> <47BEFB47.6020308@purdue.edu> <2DAD9785-FC51-4843-94ED-5D6BEDBEE5A6@petdance.com> Message-ID: <47BEFFFD.1060707@purdue.edu> Andy Lester wrote: > On Feb 22, 2008, at 10:41 AM, Rick Westerman wrote: >> The use of '?' marks (placeholders) in DBI is two fold -- First for >> speed since the prepare statement only has to be done once instead of >> each time for each new set of variables. Second it automatically quotes >> the parameters so that you do not need to do so. > And number three, it protects against SQL injection attacks. > xoxo, > Andy Starting from first principles, assume this is your query. SELECT * FROM table WHERE id = '$id' ; If you set $id to be "foo' ; SELECT * FROM * ; '" , you get SELECT * FROM table WHERE id = 'foo' ; SELECT * FROM * ; '' ; This gives me every table. But if quote $id, you get SELECT * FROM table WHERE id = 'foo\' ; SELECT * FROM * ; \'' ; That being a very unlikely value for the id field, the query returns nothing, and the injection attack is avoided. That may be done automagically in the Schwartz syntax. I do like the explicit, but I'm flexible. But it seems that Rick's point 2 and Andy's point 3 are the same. There are other reasons why you'd want to quote, like someone wanting to store this current paragraph with the possessives into a database, but avoiding SQL injection is a big and important one. -- David Jacoby jacoby at purdue.edu Purdue Genomics Facility S049, WSLR building Phone: hah!