A List Apart #242 is out and focuses on writing for the web.

• Better Writing Through Design by Bronwyn Jones
• Reviving Anorexic Web Writing by Amber Simmons

Ulf Wendel at Internet Super Hero has explained what the mysqlnd driver for PHP is and why you might (or might not) need it. He also provides a nice history of the drivers and APIs that PHP uses to connect to MySQL.

In short, mysqlnd is a MySQL native driver for PHP that works like libmysql. It’s a replacement for libmysql but they can co-exist so that it doesn’t break existing applications. Primarily, mysqlnd offers improved speed, persistent connections, mysqli_fetch_all() and performance statistics calls.

In my opinion, if you are using ext/mysqli then you’ll want to check it out and see if the feature/performance trade-offs make sense for you. It’s primarily designed for advanced users who need to get every drop of performance out of PHP that they can. If you are using PDO/MySQL then you’ll want to avoid it because PDO isn’t supported yet. If you are using ext/mysql for general use (or don’t know what “ext/mysql”, “ext/mysqli” and “PDO/MySQL” are) then stick with what you’ve got—you’ll never notice the difference.

New and Notable This Week

• Tegan and Sara: The Con
  I’ve been waiting several years for this one. Despite being identical twins, they are always original. None of the songs rise to the level of “Walking with a Ghost” but they are all great. I can’t decide if it’s their melodies, harmonies or timber of their voices that I find so enticing. If you haven’t heard them, I’d call them a less bombastic version of the Yeah, Yeah, Yeahs or TV on the Radio. (iTunes lables it “sugary electro-pop”.) I’m sure it’s an odd reference point that not everyone will relate to but Tegan and Sara remind me of the things I loved about Sinead O’Connor’s first album, The Lion and the Cobra. I think that musical territory has gone largely unexplored since then and I’m glad to see Tegan and Sara mapping it out for us.
• Unkle: War Stories
  A line-up of guest vocalists as you’d expect, but more of a rock depature from Unkle’s previous work. It’s less DJ Shadow/Radiohead and more Queens of the Stone Age. The critics are largely unimpressed, and I see their point that it becomes a bit monotonous in places, but overall I think I’m still on board and recommend it.
• Portugal the Man: Church Mouth
  They draw heavily on 70’s guitar rock but combine it with more modern sensibilities. They remind me of The Raconteurs, Franz Ferdinand and (one of my recent favorites) El Presidente. Thumbs up.
• Garbage: Absolute Garbage (Special Edition)
  A repackaged greatest hits album. The original greatest hits came out 10 years ago and is still $10 on iTunes. This one is $15 and adds 13 remixes from the likes of Crystal Method, Massive Attack, U.N.K.L.E., Rabbit In the Moon, Felix Da Housecat and more. If remixes are your thing then you’ll want it, but if not, since Garbage only had four albums and 48 songs total, you might prefer to splurge and buy them all.
• Silverchair: Young Modern
  Notable because I had written these guys off as Pearl Jam imitators. This album is experimental and sounds completely different (young and modern). Some of the tracks are rather catchy. Too bad they’ll have to drag those old songs around with them…
• Sum 41: Underclass Hero
  One of the few pop-punk bands I like. Certainly they aren’t pushing any musically boundaries, and sure it’s a little watered-down at times, but there’s still something to it.
• John Vanderslice: Emerald City
  Singer-songwriter, in the Elliot Smith style but without as much angst.
• Wir Sind Helden: Soundso
  I don’t speak German, but if I did I’d probably have to buy this catchy bit of German pop.

Ryan Bates at Railscasts keeps cranking out nice Ruby on Rails tutorials. There have been a number of good ones recently—both for beginners and advanced users—but I want to highlight two in particular.

In Episode 58, he walks you through creating your own generator. More advanced users will get the most benefit out of the time saving techniques this provides.

In Episode 61, he gives a primer on how to send email using ActionMailer. It makes it simple for beginners to get started and, even if you learned how to send email long ago, it’s worth watching because the “best practices” have changed in the last year. The information in a lot of the tutorials, blogs and Wiki pages is out of date.

O’Reilly’s OnLamp has posted the second installment of their how-to guide on using Google Gears. (I wrote about Part I previously.)

In the second article, Jack Herrington walks us through how to use Google Gears’ SQLite database for offline data entry and how to sync the offline data with a PHP web application when connectivity becomes available again.

Capistrano 2.0 has been released.

Capistrano is a tool for automating tasks on remote servers, especially those running Ruby on Rails applications. It lets system administrators execute commands and roll back changes in parallel across multiple machines.

There are very few new releases this week. But that’s okay, I’m still listening to all the good music that came out last week.

New and Notable This Week

• The Chemical Brothers: We Are the Night
  Always worthwhile in my opinion. Electronica that knows how to switch it up and keep it from being repetitive.
• Josh Rouse: Country Mouse, City House
  Rouse reminds me of Wilco, if you also toss in some 70’s soul and Nashville influences. It’s early still, but this may be his best album so far.
• Colbie Caillat: Coco
  Chill California beach-folk music. A female Jack Johnson. The single “Bubbly” is free this week on iTunes.

Firefox has implemented httpOnly cookies in version 2.0.0.5.

What’s the big deal? How are they different? Basically, httpOnly cookies are mostly just regular cookies, usable in the standard cookie ways, but also tagged so that browsers keep them invisible to JavaScript. That means that if you have an XSS hole (Cross-site scripting, a technique for inserting JavaScript into sites and databases) in your website, it will be harder for malicious evil-doers to view cookies and to hijack user sessions. They can only be accessed by a HTTP request (which is probably what you as a developer intended).

In terms of technical implementation, it simply adds “HttpOnly” to the cookie header.

# Standard cookie header
Set-Cookie: person_id=42; expires=Wednesday, 31-Dec-07 23:59:59 GMT;

# httpOnly cookie header
Set-Cookie: person_id=42; expires=Wednesday, 31-Dec-07 23:59:59 GMT; HttpOnly

Internet Explorer added support for httpOnly cookies in IE 6.0. Safari and Opera still do not support them, but it’s planned for Opera version 9.5. I couldn’t find any hints online as to Safari’s plans.

PHP added support for setting httpOnly cookies and sessions in version 5.2. Ruby on Rails has a patch (#8895) ready that will hopefully make it into the next version.

Regular Expressions (”regex” for short) are extremely useful regardless of which programming language you are using. They work in Unix Ruby, PHP, JavaScript, and Perl. I even use them just for simple text processing with editors like BBEdit and TextMate. (Have a list of names which are formatted “Last name, first name” and want to invert it? Regex is the answer.) They can help validate user form input. They can help you clean up and alter data. They can help you search your code when developing. They can help you mine your weblogs for trends and stats. But a reliable regular expression can be tricky to write—especially for beginners who have a hard time understanding what the elements in the syntax signify.

Mike Malone has written a couple of nice blog posts that summarize some essentials for both beginners and for more experienced regex users.

• The absolute bare minimum every programmer should know about regular expressions
• 5 Regular Expressions Every Web Programmer Should Know
• Extreme regex foo: what you need to know to become a regular expression pro

There’s now a one-click installer for the Mac that installs Ruby, Rubygems, Mongrel, SQLite and a few other bits. The current packages seem to be for 10.3 and 10.4 with more coming soon.

From their webpage:

This package is the most simple way to equip your Macintosh Apple OSX System with Ruby - similar to the Windows Ruby One-Click Installer. It replaces the broken Readline library, updates to a current version of SQLite3 and prepares your OSX for Rails, which needs at least Ruby 1.8.4 to run. The current Ruby Version is 1.8.6 (1.8.5 is recommended for Rails) and Rubygems 0.9.4.

This package’s intention is to remain small while being a Universal Binary that serves everything to deploy Ruby Applications on OSX Machines - Cheetah, Puma, Jaguar, Panther, Tiger or Leopard. You don’t need to compile anything and you don’t need Apple’s Developer Tools (xcode) installed.

The Ruby One-Click Installer for OSX is adding the installed files to /usr/local, not replacing Apple’s original Ruby. That means you can easily uninstall this package or switch to Apple’s Ruby again.

Note that if you want the ri and rdoc files you’ll need to download the “Documentation Package” separately.

I haven’t tried it yet, but the next time I’m installing from scratch I will. If you try it and have good luck, let me know in the comments.