Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re: Matt's Script Archive Strikes Again!

by Zaxo (Archbishop)
on Jul 04, 2001 at 06:57 UTC ( #93757=note: print w/ replies, xml ) Need Help??


in reply to Matt's Script Archive Strikes Again!

Professionals will minimize effort and maximize profit. It's a matter of integrity and good sense that they also deliver value to the customer.

Matt's Archive scripts excel in some ways:

  1. They are free as in beer.
  2. They are trivial to install -- no modules, no dependencies.
  3. They are easy to use, just paste in the form supplied.
  4. They cover a good range of jobs designers want done.
  5. They usually work as expected.

The theme here is that web designers get what they want, not what they need.

Professional web designers generally don't know programming or security, and their eyes glaze if you mention those subjects. Those accustomed to using matt scripts may fear liability if they ever learn about the horrors that can happen. In that case they may close their eyes, plug their fingers in their ears, and sing like Ethel Merman till you leave.

There's No Business Like Show Business</em

After Compline,
Zaxo

Update-- cosmetic corrections


Comment on Re: Matt's Script Archive Strikes Again!
Re: Re: Matt's Script Archive Strikes Again!
by footpad (Monsignor) on Jul 04, 2001 at 07:50 UTC

    They are free as in beer.

    And like cheap beer, they are bland, offer no flavor to speak of, and pass through your system and are (hopefully) quickly ejected.

    They are trivial to install -- no modules, no dependencies.

    And the security they provide is just as trivial. Be careful what you wish for, you may get it.

    They are easy to use, just paste in the form supplied.

    Just sign here and your soul, I mean, job, I mean server is ours. Also, don't forget to place this convenient "Hack Me" sign between your shoulder blades.

    They cover a good range of jobs designers want done.

    So does a raw silk blanket, but that doesn't mean you can't see everything there is to expose.

    They usually work as expected.

    No, they work as invested. If you go for the quick and dirty solution, you should expect to see some stains in your access logs. There *are* secure alternatives available, if you're willing to invest some education, some <local currency units>, and some time into learning better ways to do things. Sure, MW's free...but so is advice. People worth listening to are rare. Ignore their advice at your peril.

    --f

      I agree with most of what you say about Matt's scripts. I've been hacking Perl for less than two months, and they give me shudders just the same.

      But your secure alternatives link game me pause. I actually bought that book (Writing CGI Applications with Perl, by Kevin Meltzer and Brent Michalski), and I wouldn't recommend it to anyone.

      Now, I'm not trying to trash Kevin or Brent, both of whom I'm sure know far more about Perl than I do, but I thought the book was weak. Points:

      • It looks like a nice thick book, but it's very padded; this verges on dishonesty, IMHO. The font is huge (12 to 14 points), there's a lot of padding (most code samples listed twice, 40 pages of appendix material that could have been 8 URLs), the margins are huge, and there's an awful lot of repetition (the 10 lines justifying -wT are repeated nearly every time it's used in a program).
      • Some chapters belong better in a Perl book ("Tied Variables").
      • Some inclusions/exclusions and focus choices are very odd. There's a very detailed chapter for Mason, but no mention of templates (literally - not even in the index).
      • Their style is very choppy. They'll present a couple lines of code, then a paragraph talking about it, repeat. It's very difficult to get a cohesive view of the program this way - it's spoon-fed to you rather than presented whole.
      • The cover's odd. What are we supposed to call it, "The Spiky Ball book?" ;)
      In short, the book is much more vocational than educational. Need to hack up some code fast? This book will help. If you really want to learn CGI, to know why and how it works, to have a broader grounding in the technologies used with it, and to build a firm foundation for future self-teaching, then IMHO nothing beats the Mouse book (CGI Programming with perl, an O'Reilly book). I bet that the Mouse book squeezes twice as much content into 450 pages as Spiky Ball does in 525.
      --
      man with no legs, inc.
        Amidst all the great comments on the book here at TPC, I was alerted that someone bashed the book here. So, of course, I had to look and respond :) Not only because that is my personality but because I tend to find bad reviews (about many books, not just mine since there have only been two, and this is one) based from people who basically the book isn't for. Anyways, on with the show...

        It looks like a nice thick book, but it's very padded; this verges on dishonesty, IMHO. The font is huge (12 to 14 points), there's a lot of padding (most code samples listed twice, 40 pages of appendix material that could have been 8 URLs), the margins are huge, and there's an awful lot of repetition (the 10 lines justifying -wT are repeated nearly every time it's used in a program).

        Well, I can't comment on your taste of fonts, that is too subjective. When code samples are listed twice (which you didn't give any example of this, and I can't think of any which were) it would have been done for clarity. Sure, the appendix could be a list of 8 URLs, but then again, almost any book on Perl (c, Python, etc..) could be one page saying RTFM. Appendicies are meant for reference mateials. So, while reading (or whenever) you can quickly look some things up instead of needing to get on the web to look at a URL, and maybe have to print it. As well, it shows what was current when the book was written. Things on URLs may not be the same as you find in a book. So, you need the context. The bits repeated on using -wT are repeated a lot, why? Because it is important. If someone learns nothing from the book but to use -wT in CGI, then the book served a purpose. Sometimes, people need to see things many times before they remember and understand it.

        Some chapters belong better in a Perl book ("Tied Variables").

        Um... it is a Perl book. Refer to the title. Of course, if we didn't cover tied variables, and just used them, then people would complain that we didn't cover this topic (which many people don't know about).

        Some inclusions/exclusions and focus choices are very odd. There's a very detailed chapter for Mason, but no mention of templates (literally - not even in the index).

        Because it covered Mason, not templates. There are too many templating systems and, IMO, if you cover one, you need to cover them all. If there is a 2nd Ed. I do want to cover TT.

        Their style is very choppy. They'll present a couple lines of code, then a paragraph talking about it, repeat. It's very difficult to get a cohesive view of the program this way - it's spoon-fed to you rather than presented whole.

        When you have a 100+ line program, it is quite hard (and ugly) to list all the code then explain it. An explination of code which was shown 5 pages before isn't very friendly, or helpful. If you want to see the full code, you look at the end of the chapter in the section titled Listings. One of the points of the book was to explain what was happening in digestable chunks. So, you have to spoon feed large scripts if you want to actually encourage learning.

        The cover's odd. What are we supposed to call it, "The Spiky Ball book?" ;)

        Actually, some people call it that. It has no name, and is mostly refered to as 'the book with that cover', or the M&M book.

        rest of comments not quoted

        Actually, I think you have it backwards. I think the Mouse book and this book are good compliments of one another. I (and most I speak with) find the book to be educational, then vocational. It teaches many concepts (of CGI, DBI, graphics, Perl, etc...) Then, once you learn, you can refer to it.

        I bet that the Mouse book squeezes twice as much content into 450 pages as Spiky Ball does in 525.

        If you are to blurt something like this out, please back it up, or remove it. As a (new) author, I find that when people simply spew out comments like this, it doesn't help anyone. What does the Mouse cover that we don't? What do they cover in more depth? What do we cover they don't? What do we cover in more depth? Do the books seem to go after different audiences? Do they compliment eachother?

        You say you wouldn't recommend this to anyone, but really haven't given any good (IMO), reason as to why. Because you don't like the font? Because we repeat important concepts like tainting and warnings? Because we cover Mason and not templates? Because we give code in digestable amounts, and then give detailed explinations of that code? Because you don't know what is one the cover? These really aren't good reasons. Good reasons would be: we got things wrong, the code is bad, it is unsafe, we don't cover important and interesting topics (which we do, DBI, XML, POP, graphic manipulation, cookies, embedded Perl, security, etc...) Maybe the book simply isn't for you, but that doesn't mean it isn't good for someone else and you should really consider if your reasoning to not recommend (especially in a public arena like this) is valid. If you have some valid gripes, send email to us so we can take them into account for future printing/editions. If you do not, and you simply didn't enjoy or 'get' the book, keep in mind that others may.

        Cheers,
        KM

Re: Re: Matt's Script Archive Strikes Again!
by jepri (Parson) on Jul 04, 2001 at 11:20 UTC
    They usually work as expected.

    Not even that, I'm afraid. I grabbed the form mailer a while ago, because I needed one fast and I thought I could just patch the major security holes. As it turns out, I have nearly completely rewritten it, because it wasn't even SMTP compliant, and many newish servers won't accept non-compliant SMTP clients. (My server won't)

    Worse though, I had some web designer hand me a script that required CGI-LIB. I hadn't even heard of cgi-lib until I looked it up. It had it's time, but it's time to bury it and move on.

    ____________________
    Jeremy
    I didn't believe in evil until I dated it.

      Assuming you think its worth it (PHBs usually mean it isn't ;) ). Then it may be worth deciding whether they broke the copyright on the search script. After all, if the job was to make the site searchable and they didn't change it then they charged 15K to install a CGI script. Nice work if you can get it!
Re: Re: Matt's Script Archive Strikes Again!
by delegatrix (Scribe) on Jul 07, 2001 at 18:07 UTC
    Web designers don't have to be programmers just like architects don't have to be carpenters. They just have to know good ones. In this case, the design firm probably lacked programming staff yet needed a no-cost mindless way to implement search.

    Maybe the firm said "Well, we recommend Verity but it will be another $20,000 to implement". To which the client replied "No way!"

    With the popularity of Matt Wright scripts, it's a shame he doesn't update the scripts. As the Archive is his business, you'd think he'd feel some responsibility in that regard.

    His website says "I always have lots of stuff in the works, but most of it only gets about halfway finished before I get bored and give up. That's the way I work. :)"

    That says a lot.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://93757]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (8)
As of 2014-09-01 08:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (299 votes), past polls