Archive for the ‘Programming Languages’ Category

7 Programming Languages On the Rise

Wednesday, November 10th, 2010

by Peter Wayner(InfoWorld)

In the world of enterprise programming, the mainstream is broad and deep. Code is written predominantly in one of a few major languages. For some shops, this means Java; for others, it’s C# or PHP. Sometimes, enterprise coders will dabble in C++ or another common language used for high-performance tasks such as game programming, all of which turn around and speak SQL to the database.

Programmers looking for work in enterprise shops would be foolish not to learn the languages that underlie this paradigm, yet a surprising number of niche languages are fast beginning to thrive in the enterprise. Look beyond the mainstays, and you’ll find several languages that are beginning to provide solutions to increasingly common problems, as well as old-guard niche languages that continue to occupy redoubts. All offer capabilities compelling enough to justify learning a new way to juggle brackets, braces, and other punctuation marks.

While the following seven niche languages offer features that can’t be found in the dominant languages, many rely on the dominant languages to exist. Some run on top of the Java Virtual Machine, essentially taking advantage of the Java team’s engineering. And when Microsoft (MSFT) built C#, it explicitly aimed to make the virtual machine open to other languages. That detail may help make deployment easier, but it doesn’t matter much to the programmer at creation time.

Either way, these seven languages are quickly gaining converts in the enterprise. Perhaps it’s time to start investigating their merits.

Python  There seems to be two sorts of people who love Python: those who hate brackets, and scientists. The former helped create the language by building a version of Perl that is easier to read and not as chock-full of opening and closing brackets as a C descendant. Fast-forward several years, and the solution was good enough to be the first language available on Google’s AppEngine — a clear indication Python has the kind of structure that makes it easy to scale in the cloud, one of the biggest challenges for enterprise-grade computing.

Python’s popularity in scientific labs is a bit hard to explain, given that, unlike Stephen Wolfram’s Mathematica for mathematicians, the language never offered any data structures or elements explicitly tuned to meet the needs of scientists. Python creator Guido von Rossum believes Python caught on in the labs because "scientists often need to improvise when trying to interpret results, so they are drawn to dynamic languages which allow them to work very quickly and see results almost immediately."

Of course, a number of libraries that offer much of what a scientist could want are available for Python. NumPy and SciPy are just two of the most notable libraries nurtured as open source projects and tuned for scientific computation.

Scientific and engineering enterprises such as pharmaceutical companies aren’t the only ones tapping Python for research. Many Wall Street firms now rely heavily on mathematical analysis and often hire university scientists who bring along their habit of coding in Python. Python is becoming so popular on Wall Street that there are even proposals to require the prospectus for a bond to include a Python algorithm for specifying who gets what return on the investment.

Ruby  Some may argue that Ruby and Python are hardly "niche" languages, but the truth is, from an enterprise perspective, they remain promising tools all too often pushed to the margin. That said, Ruby, or more precisely the combination of Ruby with the Rails framework known as Ruby on Rails, is becoming increasingly popular for prototyping. Its entrance into the enterprise came on the heels of the Web 2.0 explosion, wherein many websites began as experiments in Ruby. 37signals — one of Ruby’s many proponents — actually uses Ruby to deploy code.

The secret to Ruby’s success is its use of "convention over configuration," wherein naming a variable foo causes the corresponding column in the database to automatically be named foo as well. As such, Ruby on Rails is an excellent tool for prototyping, giving you only one reason to type foo. Ruby on Rails takes care of the rest of the CRUD scaffolding for you.

Ruby on Rails sites are devoted to cataloging data that can be stored in tables. Well-known examples include Web applications like Basecamp, Backcamp, and Campfire from 37Signals, a collection of websites that knits together group discussions, debates, and schedules. Ruby on Rails handles the formatting of these database tables, as well as decisions about what information to display. Using Ruby on Rails’ naming convention, production quality code can be sketched up easily without much duplicate effort.

Many of the production-grade Ruby websites run on JRuby, a version written in Java that sits squarely on the JVM. JRuby users get all of the JVM’s prowess in juggling threads, a very valuable asset in production-level deployments with many concurrent users.

Matlab  Built for mathematicians to solve systems of linear equations, Matlab has found rising interest in the enterprise, thanks to the large volumes of data today’s organizations need to analyze. Many of the more sophisticated statistical techniques that match people with advertisements, songs, or Web pages depend upon the power of algorithms like those solved by Matlab.

Expect Matlab use to grow as log files grow fatter. It’s one thing for a human to look at the list of top pages viewed, but it takes a statistical powerhouse to squeeze ideas from a complex set of paths. Are people more likely to shop for clothes on Monday or Friday? Is there any correlation between product failures and the line that produced them?

MathWorks, the company behind Matlab, offers a diverse set of whitepapers showing how engineers are searching for statistical answers. Toyota Racing, for instance, plans its NASCAR entries by analyzing tests in wind tunnels and other labs. Canada’s Institute for Biodiagnostics is searching for the best treatment for burns.

There are also a number of open source alternatives, including Octave, Scilab, Sage, and PySci, one of the aforementioned Python libraries. All of these tools help with the complicated statistical analysis that is now becoming common for firms trying to understand what the customer did and what the customer may want to do in the future.

Javascript JavaScript is not an obscure language by any means. If anything, it may be the most compiled language on Earth, if only because every browser downloads the code and recompiles it every time someone loads a Web page. Despite this fact and the increasing dominance of AJAX-savvy Web pages, JavaScript is rarely thought of as a language that runs on the big iron.

This isn’t for lack of trying. Netscape tried to make JavaScript the common language on its server platform back in 1996, but ended up establishing it only in the browser. Aptana, one of the latest devotees, throttled its development of Jaxer when it never caught on. AppJet, a small experimental company, used the Rhino JavaScript library written in Java to make it simpler to code server-side. That company was acquired by Google in 2009 and now seems to be devoted to other projects.

Still, new applications for JavaScript abound. CouchDB, for instance, doesn’t use SQL for queries, instead taking two JavaScript functions, one for selection (Map) and the other for bundling everything together (Reduce). Node.js is one of the more exciting server-side JavaScript frameworks to appear as of late, revitalizing the ancient dream of bringing harmony to both client and server-side programming. The package takes Google’s V8 JavaScript engine created for the browser and lets it make the decisions about formatting outgoing data.

Everywhere people need a small amount of scripting power, JavaScript finds new uses. One of the simplest ways for developers of large applications to offer users the ability to create subapplications, JavaScript continues to grow in the enterprise, one small chunk of code at a time.

R  Statistical analysis is being increasingly done in R these days, although some purists call the language S, its original name. Tibco sells a commercial version called S-Plus.

There probably won’t be an S++ because the language is more a version of LISP or Scheme with additional features for computing statistical functions and then displaying the results in pretty pictures. If the boss wants the computer to churn through billions of lines of log files looking for patterns, clusters, and predictive variables, R or S is a well-loved solution.

R is another Swiss Army Knife of numerical and statistical routines for hacking through the big data sets — collections big enough that it might be better called a Swiss Army Machete. Lou Bajuk-Yorgan, senior director of product management for Tibco’s Spotfire S-Plus, says its software is used by a number of clients who are studying how business or engineering projects might work or why they fail to work. Analyzing weather patterns to find the best places to build wind-powered generators is one example.

Erlang  Does your server need to respond to many different independent messages concurrently? Do you need to parcel these requests out to different cores or servers in various parts of the world? That’s practically the definition of the hardest part of enterprise computing. Erlang, an open source language first created by scientists at Ericsson Computing Laboratory, excels at these tasks.

The language mixes traditional facets of functional programming (no side effects) with a modern virtual machine that compiles down to machine code. The structure of the language forces the programmer to build something that’s easier to spread across multiple cores and multiple machines. There are a number of practical implementations of Web servers and the CouchDB. That’s right: The database that asks to receive queries written in JavaScript instead of SQL is itself written in Erlang.

CouchDB is just the beginning. A number of project managers dealing with "big data" are building systems for storing large volumes of data in a scalable way. Hibari, an open source project from Gemini Mobile, offers consistent, scalable clusters to store key-value pairs that repair themselves after failure. The functional structure makes it easier to create big applications that juggle multiple connections efficiently.

Cobol  It may not be fair to call Cobol a niche language as it was once the dominant language in the enterprise. Grace Murray Hopper, famous for finding the first bug in the early mainframes, helped create the language in 1959 and it’s been enhanced hundreds of times since. Cobol jockeys today get to play with object-oriented extensions, self-modifying code, and practically every other gimmick.

That never earned it much respect in some circles. Or as famous academic Edsger Dijkstra put it: "The use of Cobol cripples the mind; its teaching should, therefore, be regarded as a criminal offense." The folks in mainframe shops everywhere ignored this note and soldiered on. IBM calls one of the latest releases "Enterprise Cobol 4.2," but it could as easily be numbered 147.2 or maybe even 588.3. Cobol programmers like the syntax that’s more like a natural language with actual nouns and verbs that form clauses and sentences — a technique that might call Ruby to mind.

While fewer schools are teaching new programmers Cobol, the language is far from dying, with many corporations continuing to invest in their Cobol stacks. A recent search of Dice.com showed 580 jobs mentioning Cobol and 1,070 mentioning Ruby. The bulk of the jobs seemed to involve counting money ("asset management") and counting doctor’s visits ("Health IT"). While these are some of the same areas that first adopted computers for back-office processing, the work still needs to be done.

Versions of the languages run on JVMs and .Net virtual machines making it possible to migrate code stacks away from mainframes to Linux boxes. Programmers who want to use a more modern IDE can search for plug-ins to Eclipse, a project that is gaining new support.

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | Comments Off

Web developers accountable for HTML 5 security

Monday, October 25th, 2010

By Jamie Yap, ZDNet Asia

Whether HTML 5 will introduce new security threats is less an issue than the need for Web developers to be able to effectively mitigate any potential risk borne from the pending programming standard, advise industry observers.

Jeremiah Grossman, CTO of WhiteHat Security, told ZDNet Asia: "With a specification as large and as powerful as HTML 5, implementation should be taken with the upmost concern toward security."

Currently still a working draft, Hypertext Markup Language version 5 (HTML 5) is the latest revision of the Web language–used to describe Web pages–and boasts several new advancements. These include data storage on a local computer which allows Web applications to run offline, as well as native support for rich Web applications and interactions which was previously only possible by installing third-party, proprietary plugins such as Adobe Flash and Microsoft Silverlight.

In an e-mail interview, Ian Jacobs, communications head of the World Wide Web Consortium (W3C), stressed the need for HTML 5 to be adopted particularly because its last official update, HTML4, was in 1999. The consortium is the official standards body responsible for overseeing HTML 5′s development.

As the Web evolves from "a Web of documents to a formidable platform of networked applications", facilitating the sharing of information and services over the Internet, Jacobs said there is a significant demand for open standards that allow the creation of rich Internet applications.

Heightened security threats
However, with its promise to deliver new richer functionalities, HTML 5 has also sparked much discussion among security experts whether the increased capabilities could bring along added security vulnerabilities. Paul Roberts, security evangelist from Kaspersky Labs, said in a blog post last month that while Web security professionals agreed HTML 5 encompasses security enhancements, they also expressed concern that the new Web language will "greatly increase the attack surface of HTML" and provide more avenues on which malicious codes can be delivered.

Hon Lau, senior security response manager at Symantec, said: "Increased functionality often brings with it increased risks."

Lau explained in an e-mail that HTML 5 includes "around 45 new markup tags", such as the <canvas> and <video> tags, to enable rich multimedia functions. "[The possible] attack surface is increased due to the sheer volume of changes undergone," he added.

WhiteHat’s Grossman also pointed to another potential security threat where users could face an amplified risk of data loss due to the massive amount of data in local storage.

He explained that in the past, Web developers could only save small snippets of data in the form of cookies on the browser. With HTML 5, however, they can store "many megabytes of data" on the user’s computer and this will most likely include sensitive data to allow Web applications to be used offline, he said.

Naveen Hegde, market analyst at IDC’s Asia-Pacific software research group, said the conventional motive for attacks has been gaining access to sensitive data and hackers would launch cross-site scripting and SQL injection attacks in a bid to steal confidential user information.

Developers obligated to address risks
According to Hegde, developers looking to build on HTML 5 should first evaluate whether it is "beneficial" to deploy the platform’s new features which could "end up facilitating Web attacks" on a user’s machine.

Lau echoed a similar view, noting that while changes in the Web standard may introduce new security risks, the onus is still on developers to mitigate these threats.

He suggested that developers practise and build more security coding principles to reduce potential security risks, such as improved error handling, validating inputs and ensuring boundary checks to avoid buffer overflows.

Grossman also advised developers to create backups and save large volumes of potentially sensitive information contained in end-users’ PCs.

"Care should be taken by developers not to…assume it cannot be manipulated by someone with local or remote access to the machine," he cautioned.

He concluded that since HTML 5 vulnerabilities are expected to appear at some point in the future, HTML 5 designers and implementers "should be prepared to respond quickly" whenever new issues or vulnerabilities arise.

Jacobs from W3C, too, emphasized the importance of designing and building Web applications "with sensitivity to user privacy and security needs".

Lau said: "From a security standpoint, the issues with HTML in the past were a result of poor and inconsistent implementation of features described in the HTML specification, and also the non-practice of security coding principles within browser engines and the plugins used by them."

He described HTML 5 to be "a reaction to the current state of the Web space and the evolution that has taken place over the past decade". "[It is a] public standard that aims to address many shortcomings in the functionality provided by previous versions," he added.

Despite its security risks, WhiteHat’s Grossman acknowledged that "HTML 5 has arrived". "Security, as a discipline, must help enable technology and business applications, not inhibit them," he said.

Echoing similar sentiments, W3C’s Jacobs said HTML 5 may only still be a working draft, but browser vendors are already deploying its features, allowing W3C to revise its drafts. "This way, the final standard can transparently inform implementers where they need to pay close attention to security and privacy issues," he noted.

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | Comments Off

The future of Java

Monday, October 18th, 2010

image

By Aaron Tanimage, techgoondu.com

The acquisition of Sun Microsystems by Oracle had left developers on tenterhooks over the future of the Java programming language.

Those concerns were laid to rest on Monday by a top Oracle executive who shared the Java roadmap with JavaOne attendees on the sidelines of Oracle Openworld.

Thomas Kurian, Oracle executive vice-president for product development, said: “I’ve been at JavaOne since 1997, but this year is very special for us because it is the first year that Oracle is the steward and responsible for Java. What we want to do today is to make sure every developer is crystal clear on where we see the Java platform evolving.”

Oracle will unveil JDK 7 in 2011, with JDK 8 coming a year later, Kurian revealed. He also assured developers that Oracle is committed to delivering the best Java Virtual Machine as well as OpenJDK, the open source implementation of the Java programming language.

Mark Reinhold, chief architect of the Java platform group at Oracle, told developers at a JavaOne general technical session Tuesday that the enhancements in the new JDKs are centered around productivity, performance, universality, modularity, integration, and serviceability of the Java platform.

For example, in Project Coin, small changes to Java’s syntax that help to reduce redundant codes are proposed, while Project Jigsaw aims to modularize Java by eliminating classpaths and describing library dependencies with a module path and the command jpkg.

JAR files can be built by jpkg, but other formats such as jmod, rpm and deb can be created as well. This allows users to install Java programs easily through standard package managers, Reinhold said.

Reinhold added that to meet the 2011 deadline for JDK 7, Project Jigsaw and Project Lambda – which proposes to add first-class functions, function types, and lambda expressions (informally, “closures”) to Java – will only be available in JDK 8 slated for a late 2012 release.

Kurian also detailed plans to provide a common programming model based on JavaFX across all Java platforms, with interoperability between HTML 5, Java and JavaScript. JavaFX is used for developing rich Internet applications such as video streaming.

“We’re going to give you a single programming model based on JavaFX that spans both (native Java and browser) domains,” he said.

Kurian also outlined efforts to jazz up Java apps with eye candy using a new graphics engine based on the Prism graphics stackthat delivers 2D/3D vector graphics and high-quality media. In addition, developers can use JavaFX’s Swing programming routines in Prism to create snazzy user interfaces.

Future Java developments will continue to be guided by simplicity to ensure the programming language will be understood by another developer in the same organization, Reinhold said.

“Simplicity matters, things need to be understandable and a clear semantic model is essential,” he explained.

“Java tries very hard to be the same language everywhere, so as we evolve the language we’ll do it cautiously with a long term view,” he added. “We will add a few selected features periodically and I think going forward we’ll see relatively more features over the next few years than you’ve seen in the past.”

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | Comments Off

Mark Brown Explores the Benefits of Running PHP on Windows

Monday, October 11th, 2010

 

By David Hamilton, TheWhir.com

For some time, running PHP on Windows or on IIS has not been seen as an option – especially in a production environment – however, this is changing, according to Microsoft’s Mark Brown. In his presentation, “PHP on Windows? – Yeah Right”, at cPanel Conference 2010, Brown said “you can get PHP screaming on Windows.” This has a lot to do with Microsoft’s recent efforts into developing applications around PHP. One of the major developments has been PHP Manager for IIS 7 (www.microsoft.com/web/php/), a open-source extension for IIS Management Console, which Brown said greatly simplifies the tasks of setting up, configuring and managing one or more PHP versions on an IIS server.

Use it to register PHP with IIS, run multiple PHP versions, get the information about PHP runtime settings, add and modify php.ini directives and enable or disable PHP extensions. This is helpful in conjunction with PHP installed via Web Platform Installer or PHP Windows Installer.

Further, the Windows Web App Gallery gives an easy way for users to find, install and deploy popular PHP Web applications such as WordPress Drupal, and Joomla. All these applications are tested to run seamlessly on the Microsoft Web Platform.

Microsoft has also been continuing its work with the PHP community and the larger open-source community, for instance, making the code for SQL server driver for PHP available on Codeplex.

These continuing efforts, which are by no means fully realized, are making running PHP on Microsoft platforms a more lucrative option not only for an individual running a WordPress blog, but also for more demanding applications. Brown concluded, "Windows and IIS is now viable for production PHP application hosting."

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | Comments Off

Microsoft Fixes ASP.NET Zero-Day Flaw

Monday, October 11th, 2010

 

by Tony Bradley, Yahoo News

Microsoft released Security Bulletin MS10-070 out-of-band today–a couple weeks ahead of the regularly scheduled Patch Tuesday for October. The update resolves a zero-day issue with ASP.NET that could allow an attacker to compromise information on all supported versions of Windows.

The details from the Microsoft security bulletin describe the zero-day vunerability. "An information disclosure vulnerability exists in ASP.NET due to improper error handling during encryption padding verification. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server."

A blog post from Microsoft’s Scott Guthrie provides a detailed explanation of the vulnerability. "To understand how this vulnerability works, you need to know about cryptographic oracles. An oracle in the context of cryptography is a system which provides hints as you ask it questions. In this case, there is a vulnerability in ASP.NET which acts as a padding oracle. This allows an attacker to send cipher text to the web server and learn if it was decrypted properly by examining which error code was returned by the web server. By making many such requests (and watching what errors are returned) the attacker can learn enough to successfully decrypt the rest of the cipher text."

Andrew Storms, director of security operations for nCircle commented via email to say, "Microsoft delivered today’s zero-day patch release in just eleven days. It’s not the fastest turn-around time in Microsoft patch history, but it’s pretty close to the seven day turnaround we saw in January. We now know that in the January update Microsoft knew about the bug before the exploit, so the seven day quick turnaround is a not entirely accurate measurement. This leaves me wondering if Microsoft already knew about today’s bug. But the bigger question in my mind is the potential effect of this short turn-around on quality."

Interestingly, the update will not be immediately pushed through Automatic Updates. A blog post from the Microsoft Security Response Center explains, "The update will be made available initially only through the Microsoft Download Center and then released through Windows Update and Windows Server Update Services within the next few days. This allows customers the option to deploy it manually now without delaying for broader distribution."

nCircle’s Storms notes, "It’s a bit odd that today’s patch release won’t be immediately available on Windows Update. Administrators and consumers will both be required to manually download the patch and install it manually," but Storms adds, "Since the major risk of this bug is with network administrators running IIS websites, manual downloads are probably a reasonable compromise between convenience and getting the patch out as quickly as possible."

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | Comments Off

JQuery set to tackle mobile Web development

Friday, October 8th, 2010

 

by Stephen Shankland, cnet.com

                         John Resig, founder of the jQuery project

Countless developers use jQuery software tools today to build advanced Web sites and to ease the difficulties of spanning multiple browsers.

Starting in about two weeks, though, they will start being able to extend their reach to the fast-growing world of the mobile Web as well. That’s when the alpha version of jQuery Mobile is planned to be released, jQuery founder John Resig told attendees of the Future of Web Apps conference here today.

JQuery is a library of pre-written JavaScript code that browsers can download when loading a Web site. JQuery Mobile is an extra option geared to reach a range of mobile browsers.

"We’re hoping to provide easier tools for making a scalable user interface," said Resig, a Mozilla employee, in an interview at the conference. Specifically, he hopes to release the alpha version on September 16 at a jQuery conference in Boston, he said.

One major goal of the project is to reach more than the top-tier mobile Web browsers such as those used in Apple’s iOS, Google’s Android, and Hewlett-Packard’s Web OS, he said. JQuery Mobile will also reach BlackBerry OS and mobile versions of Windows, he said.

Many Web developers, if they support any mobile devices at all, support only iPhone or Android devices, he said.

"That’s because that’s what was sitting in front of them. What’s unfortunate is that ignores the larger issue," he said, pointing to StatCounter Web browser usage statistics that show those developers are neglecting their major market.

"Opera is the most popular [mobile] browser, followed by BlackBerry," which has gained an impressive 10 percentage points of usage share in the last year, he said. iPhone, in contrast, is tied for third place and actually losing share when it comes to overall mobile browsing usage.

StatCounter shows BlackBerry rising in importance in mobile browsing

Mobile Web development is of course different from programming for browsers on personal computers, with their large screens and powerful hardware. Mobile Web developers should concentrate on sites that quickly present users with an opportunity to do what they need rather than the full panoply of options that typically are available on desktop browsers, Resig said.

That, of course, raises the difficulty of separate mobile and PC Web sites. Resig hopes jQuery Mobile will help to span the gap, though.

Resig showed the first public demonstrations of jQuery Mobile at the conference. The interface worked on Google’s Chrome browser on Mac OS X and on developer-kit versions of BlackBerry OS and Web OS browsers also running on his Mac.

JQuery Mobile is designed to use native technology such as scroll bars as much as possible. In contrast, he said, Google tried JavaScript-based scroll bars with the mobile Web version of Gmail, but it worked poorly in part because of performance.

"Everything started to feel wrong," he said. "It was very, very noticeable. It gives you a negative impression."

With jQuery Mobile, "wherever possible, we use the native capabilities of the browser," he said.

A big challenge is accommodating the diversity of mobile browsers, many of which offer poor support for JavaScript or other useful technologies. jQuery Mobile, therefore, must work around issues such as Opera’s shortcomings supporting the increasingly important CSS (Cascading Style Sheet) technology for Web page formatting, Resig said.

"Unlike on the desktop, there are a lot of really, really bad mobile browsers," Resig said.

Did you like this? Share it:

Tags: , , ,
Posted in Programming Languages | Comments Off

Why to Choose PHP for Web Development

Thursday, September 30th, 2010

 

by Diya Kapoor, associated content

Hypertext Preprocessor (PHP) is a well known programming language which is used for web development and to develop dynamic web pages. Most of the web developers today use PHP coding and this language has been in great demand in the software industry due to its special features. It supports more than 700 functions which eventually reduces complexities while programming. It is more useful if you want to host your website on Linux. It also supports multiple databases such as Oracle, MySQL, SQL server and MS Access and as it is an open source programming in PHP is cost effective also. This article contains some of the points on why PHP should be preferred in web development.

SIMPLICITY: The most advantageous thing in using PHP for programming is its simplicity as it is easy to understand and learn as it is similar to languages like C and Pearl, a person from any background will feel comfortable in understanding and using it.

POPULAR IN CMS: As most of the Content Management Systems such as WordPress, Drupal and Joomla are prepared in PHP only therefore, the websites made by using PHP is customized and programmers can manipulate it according to their requirement.

PERFORMANCE: It is another advantage if you want to run a website on your server. MySql database which is mostly used with PHP is much faster than the other databases present in the market. It is also very easy to integrate and implement applications with PHP.

COST EFFECTIVE: The reason behind the popularity of this language is that it is economic for programmers and can be obtained free of charge from the internet. This is alos preferred by most of the starters which make a new entry in the online market. As most of the businesses start with low budget and thus prefer for programmers who are less costly. This is the reason why this language has become so much popular in the software industry.

ADVANCED USABILITY: PHP has introduced more advanced way of introducing site by making it more attractive and interactive as well. The written scripts of PHP enable you to keep a track of target visitor’s activities and web masters an also obtain feedback from the users of their product and services.

FLEXIBILITY: It is quite simple to extend this language to suit the custom needs of businesses because of its modular system that can be integrated with a wide variety of libraries such as those for graphics and Extensible Markup Language (XML).

Ecommerce web development has gained a new way with PHP, as PHP supports many Ecommerce platforms.

Did you like this? Share it:

Tags: , ,
Posted in Programming Languages | Comments Off

After attacks, Microsoft to rush out fix for ASP.net bug

Tuesday, September 28th, 2010

 

By Robert McMillan, ComputerWorld

Microsoft is rushing out a fix for a Windows Web server flaw that is starting to be exploited by online attackers.

The patch fixes a bug in the Windows ASP.net technology used in Microsoft’s servers. Microsoft says it’s seen "limited" exploitation of the flaw in online attacks, but the problem is serious enough that the company has decided to rush out a fix ahead of its next regular patch update, scheduled for Oct. 12.

ASP.net is used to build Web applications, and the bug gives attackers a way to gain access to protected files or read encrypted data sent by an ASP.net application server. Earlier this month, researchers demonstrated how the attack could be used to steal encrypted session cookies or possibly even user names and passwords from websites.

Microsoft occasionally does this type of out-of-band update when it spots a serious security problem, but this release is different. For the first time, Microsoft will initially release the patch only at the Microsoft Download Center — typically used by users at large organizations who want to test the patches before manually installing them companywide.

"This enables us to get the update out as quickly as possible, allowing administrators with enterprise installations, or end users who want to install this security update manually, the ability to test and update their systems immediately," Microsoft said Monday in a blog post announcing the update. "We strongly encourage these customers to visit the Download Center, download the update, test it in their environment and deploy it as soon as possible."

For most consumers, who rely on automatic updates, the patch is still a few days away. Consumers aren’t vulnerable to the bug, however, unless they happen to be running a Web server on their computer.

Microsoft will release the update in the Download Center at 10 a.m. Pacific Time on Tuesday. The company didn’t give a date for the broader, automatic update.

"This is the first time we’ve released [an] update this way, but due to the nature of the active attacks and the severity of the potential loss of data, we are releasing the security update to the Microsoft Download Center first so customers (specifically large enterprises, hosting providers, and ISVs) can begin updating their systems," Microsoft said in an e-mailed statement. "Within a few days we will distribute the update through the rest of our standard distribution channels."

Did you like this? Share it:

Tags: ,
Posted in Programming Languages | 2 Comments »