Julius Beckmann » PHP

PHP: Micro vs. Macro optimization, or "Get the low hanging fruit first"

Julius — Tue, 16 Feb 2010 12:56:46 +0000

After using and developing PHP for a few years now, i heard pretty much stuff about optimization, special technice's and other myths and fairy tales. But this article is not about tips or tricks, it is about if this the real key to better performance.

Nearly all of us have heard about hints like "static method calls are faster" or "++$i is faster than $i++". First is wrong, second is true by the way, but more important is the question, does it really perform better in overall?

I would like to categorize the optimization possibility's into micro-optimization and macro-optimization.

Micro-optimization:

I already mentioned the ++$i tip. This would be a perfect example for a micro-optimization. Imagine you have a website, just a normal one with a few thousand hits a day. Simple fetching articles from database and formatting/outputting these. Of course you could use ++$i instead of $i++, but what will be the achievement? Lets guess there are about 1000 PHP operations done on a normal page request. About 50 of them could be optimized with ++$i which is guessed 10% faster.

950 + 50 * (1-0.10) = 950 + 45 = 995 calls left.

You saved 5 simple operations, what are about 0,5%.

This might look noticeable at first, but this is only the number of operations, not the real spend time where these 5 calls will not be measurable any more. Every request the PHP parser has to read and parse the PHP file. On every SQL SELECT there is the database overhead which also depends on database server load. Our previous result combined with that knowledge might be ~0.1% at the end. Conclusion: This kind of optimization simply does not make the page significantly faster.

Macro-optimization:

First, this is not about using macros like in C. No simple code substitution. It is the opposite of the micro-optimization. Once again a example with the simple imaginary PHP website. The main menu using JavaScript is generated by a complex SQL query on every request. This whole procedure takes about 10ms (unrealistic i know, but it is _just_ for the example calculation). 9ms for the SQL query and 1 ms PHP. For all of you who do not know why SQL is slower: Because there are sockets / TCP, database-daemon and harddisk access involved.

THIS is the point where we could use a macro-optimization.
Either, we could invest much work and create a different menu system without javascript and faster SQL queries, or we could do it a much easier.

If we have APC for caching (other anything else), we could use the following strategy:

1. Check for a cached result of our SQL query.
2. If yes, skip to 5.
3. We have no cached entry and perform the SQL query now.
4. The result of the query will be saved in our cache for 1 hours.
5. Use the result to generate the menu.

After this optimization that _just_ affect the SQL fetching part, we have a APC cache request that might take ~1 ms. So we reduced our 9ms SQL to 1ms APC. Of course the overall benefit will not be that big, but will be notice- and measurable. But what really makes the point here is, that we need to query only 24 times a day and not on _every_ request.

Low hanging fruit

After reading about micro and macro optimization, you might understand the meaning of this much better.
There are several ways to optimize, some of them are easy and fast. These are the "low hanging fruit" - easy to pick. This fruits should be always the first thought when it comes to optimizing. Some of them can be found easily with profiling.
I want to give you a few hints for optimizing your PHP (Python, Ruby, ...) application.:

1. Keep an eye on the IO load. The harddisk of the server is mostly the slowest part and should be used only if necessary.

2. Try to avoid complex SQL querys. The database servers are often under heavy load, even if they have some integrated caching, there is still the SQL overhead.

3. Try to store results. If you need to analyse the browser of your clients, do not do this every request, save the needed values in their $_SESSION and check only if the UserAgent has been changed with a simple crc32 hash.

4. Try to cache. If you have parts in your code that are called nearly every request, have the same result and do not change often. Cache them! Some options are: APC, XCache, Memcache, eAccelerator, tmpFS.

5. Try to avoid unnecessary function calls. Try to store the result of that function and use it multiple times.

High hanging fruit

I do not say you should not use ++$i or static methods. I want to clarify that there are more important parts worth optimizing.
If you write new code, it should always be your aim writing the fastest code possible. Some of these tips floating on the internet might be helpful, but please check if they are true first!
Some tips i tested myself:
1. ++$i is faster than $i++
2. Static methods are not always faster. (source)
3. Relative paths are slower to include than absolute.
4. foreach is fastest for iterating over arrays. (benchmark)
5. floor and ceil can be replaced bei (int) casts. (benchmark)
6. Try to avoid preg_* function if possible. (benchmark)

Conclusion

If you are hungry, profile the tree first, then pick some of the large low hanging fruits.
While coding pick some of the tiny high hanging.
I hope you had fun reading about my point of view.

PHP: Easy and secure password hashing class

Julius — Fri, 29 Jan 2010 13:26:06 +0000

Everybody talks about security but most of the people still save md5(password) in their databases. This is not funny. Reversing a simple and even a average password is not that hard.
I once wrote this tiny class that generates secure enough password hashes.

I build in salt and variable interations.
License is GPL so everybody can use it :D

Download / Source

http://juliusbeckmann.de/code/class.password.phps
http://juliusbeckmann.de/code/class.password.php.txt

Usage / Example

$pass = 'MyPassword';

echo $pass, ' => ', password::hash($pass);

Background

What is a "salt" good for?
A salt adds a pretty random string so passwords to make the hash more secure.
The saltless password grandma becomes a5d19cdd5fd1a8f664c0ee2b5e293167.
If you use the salt="!24sf+fs5SDG65-54" then grandma!24sf+fs5SDG65-54 becomes bab9015f430ad28f420581f069f5736f
And nobody would know that bab9015f430ad28f420581f069f5736f was "grandma"

Check it yourself:
Google a5d19cdd5fd1a8f664c0ee2b5e293167 = "grandma"
Google bab9015f430ad28f420581f069f5736f = "grandma!24sf+fs5SDG65-54"
You can clearly see yourself the salted password hash is not known by Google.

What are iterations good for?
Iterations mean you make a hash from a hash.
Again the "grandma" example:
md5(grandma) = a5d19cdd5fd1a8f664c0ee2b5e293167
md5(a5d19cdd5fd1a8f664c0ee2b5e293167) = ce807f095fa160ccce736e007fe74ff1
md5(ce807f095fa160ccce736e007fe74ff1) = e720fe3e6cc002a0eaabf5300283bd56
md5(e720fe3e6cc002a0eaabf5300283bd56) = ...
But be carefull, plain rehashing is not more secure than single hashing.
What makes rehashing more secure is using the salt again what makes the new hash dependent from the previous hash AND the salt.

PHP: FIFO queue with APC

Julius — Fri, 29 Jan 2010 08:04:42 +0000

A few days ago i needed a simple queue class that would also be persistent after the pagerequest. I first thought about putting this queue in SQL but did not want the whole SQL overhead and such and remembered a blog artice about memcache queues a once read. But i had no memcache for that project and used APC instead.

Basic idea

The basic idea looks like this:

There are 2 counters, one for the current head key, and the other for the current tail key.
The main part of the code is from the mentioned blog artice, but i ported it to PHP and APC instead of Memcache.

Documentation

A generated documentation can be found here:
http://juliusbeckmann.de/classes/li_apc_queue.html

Source

The source can be found here:
http://juliusbeckmann.de/classes/src/apc_queue/class.apc_queue.phps
http://juliusbeckmann.de/classes/src/apc_queue/class.apc_queue.php.txt

Usage

Here is a example how to use the queue:

$q=new apc_queue('test',isset($_GET['force']));
echo "STORE: ";

for($i=0; $i<10; ++$i) {

    $rand = rand(0,9);

    echo $rand,',';

    $q->add($rand);

}

echo "\nFETCH: ";

while(($g = $q->get()) !== FALSE) {

    echo $g,',';

}

echo "\nLENGTH: ", $q->length();

PHP/MySQL: Warning: mysql_query(): Unable to save result set ...

Julius — Mon, 18 Jan 2010 15:08:36 +0000

Today i found a error in a tiny script i was working on.
The error Message looked like this:

Warning: mysql_query() [function.mysql-query]: Unable to save result set in /var/www/example.php on line 55

First i found a few hints about repairing or optimizing MySQL tables, but this did not work out.
After a few debugging outputs a realized that the query was not properly written.

The original query looked like this:

SELECT id

FROM `table` 

WHERE `order` >

(

  SELECT `order` 

  FROM `table` 

  WHERE active = 1

)

LIMIT 1;

As you can see the query as a non correlated subquery. It worked fine nearly all the time, but only when the subquery returns only zero or one lines. If there are more lines MySQL generates the "Unable to save result set", because `order` cant be bigger then 2 resultvalues at the same time.
The right query looks like this:

SELECT id

FROM `table` 

WHERE `order` >

(

  SELECT `order` 

  FROM `table` 

  WHERE active = 1

  LIMIT 1

)

LIMIT 1;

A extra LIMIT 1 makes the deal perfect, and saved a little bit of my day.

PHP: phpMyAdmin3 - deactivate slider effects

Julius — Wed, 06 Jan 2010 16:41:21 +0000

For all of you who liked phpMyAdmin2 where all relevant information was visible at any time, sould be annoyed be the new slider effects in phpMyAdmin3.
I did a short search for the config value to change this and found this solution.

Add this to your config.inc.php:

// Change slider behaviour

$cfg['InitialSlidersState'] = 'open';

And your sliders will start in visible state.

phpMyAdmin download:
http://www.phpmyadmin.net/home_page/downloads.php

PHP: floor() and ceil() are slow!

Julius — Sun, 03 Jan 2010 18:13:42 +0000

A workmate mentioned, that floor($i) could be replaced with (int)$i.
I found this very interresting and did some researched about that.

floor($i); will return a float that will have the lower value of $i.
A cast will just convert $i to an integer which will cut of all decimals.
So by symptoms, these two methods are equivalent. Even if floor returns a float, PHP does dynamic casting of its variables.

Benchmark

Next question for me was, which one is faster?
The benchmark script can be found here:
bench_floor_and_ceil_vs_cast.phps - with highlighting
bench_floor_and_ceil_vs_cast.php.txt - without highlighting

Results

E:>php bench_floor_and_ceil_vs_cast.php
Test: floor() vs. (int)-cast function:

0.628 seconds - floor()
0.239 seconds - (int)-cast

Test: ceil() vs. +1 && (int)-cast function:

0.624 seconds - ceil()
0.284 seconds - +1 && (int)-cast

The floor() and the ceil() function are about 60% (!) slower than the cast method.

Why?

Why is that so?
I think because of the function call, more resources are needed instead of the dynamic cast which should be done by PHP very fast.

Problems

One problem i could find was: What happens with large numbers?
Something bad will happen if you (int) cast a number greater equal than 2147483648. In this case it will revert to -2147483648 because PHP handles this as some kind of overflow.
Normaly, PHP will interpret such a number as a float, but because of the cast this cant be done.
This is also the cause why floor() returns a float instead of a int.
Some more information on this topic can be found here:
http://php.net/manual/en/language.types.integer.php

PHP: Do NOT rebuild preg_* functions!

Julius — Wed, 23 Dec 2009 08:14:07 +0000

In a PHP Project i am currently helping out, i found this function:

/**

 * Replaces every char in $str that does is not in $valid array

 * 

 * @param array $valid

 * @param string $str

 * @return string

 */

function cleanString($valid, $str) {

  $ret = '';

  $len = strlen($str);

  for($i = 0; $i < $len; ++$i) {

    if(in_array($str[$i], $valid, true)) {

      $ret .= $str[$i];

    }

  }

  return $ret;

}

It is a simple function for replacing chars. It works quite well, but was mainly only used for checking [^a-z0-9]. So i tested the speed of this code.

Benchmark script

Wrote this short bench script:
http://juliusbeckmann.de/static/scripts/bench_strcheck.phps
http://juliusbeckmann.de/static/scripts/bench_strcheck.php.txt

Result

The result of it is impressive.

php bench_strcheck.php
Test: Rebuilding preg_replace function:

gstzfg87i86ef6798zwefogflwef
should be the same like:
gstzfg87i86ef6798zwefogflwef

1.039 seconds - preg_replace()
1.117 seconds - preg_cleanString()
12.160 seconds - cleanString()

The pure preg_replace was the fastes, as expected.
The capsuled preg function inside preg_cleanString was 7,5% slower than direct. 7.5% just for calling a non void function with 1 parameter is too much in my opinion.
The cleanString() functions was, as expected, the slowest of the three. But 1070% more time is way too much.

Conclusion

My conclusion is:
Do NOT rewrite optimized functions like preg_replace and others. The will not be faster. Only in case preg_* functions are not available, a replacement functions is acceptable.

PHP: Easy Memcache handling

Julius — Tue, 03 Nov 2009 07:58:10 +0000

In a current project of mine i needed the use of a universal caching system.
After testing a little bit with APC i found memcache that will do the job perfectly.
So i wrote a few tiny functions for easy memcache handling.

The code can be found here:
With highlighting:
http://juliusbeckmann.de/code/memcache.lib.phps
Plain download:
http://juliusbeckmann.de/code/memcache.lib.txt

I wrote the code with the idea in mind that i could simply use this 3 cache_* functions without having to handle a memcache object. Till now this code works flawlessly on my project.

I added PHPDoc Comments but want to give some advices here:

You can use 2 constants for the functions if you want to run multiple systems with one memcache cache:

MEMCACHE_PREFIX

This will add a prefix to every $key. This is done inside the functions, no need to interact from outside.

MEMCACHE_SUFFIX

This will add a suffix to every $key.
If you do not use this constants, you can safely remove the 4 lines in every cache_* function.

function & memcache_instance($ip='127.0.0.1', $port=11211)

This functions returns a reference to the current memcache connection.
If you want to check if memcache connection is available:

if(!memcache_instance())

    echo "Memcache not available!";

function cache_set($key, $val, $ttl=0, $compress=false)

This is the set function. The name is selected universally so you can exchange the code easy. It will return FALSE if $key could not be set.
$ttl = 0 means caching forever, or it gets purged.
$compress = true would let memcache compress the $val with zlib. This only makes sense on huge arrays or objects.

function cache_get($key)

Simple get function returns FALSE or the $val of $key.

function cache_del($key, $timeout=0)

This is the delete function. It will return TRUE if the delete command was successful.
$timout = 0 means deleting immediately. A value of 60 would delete the $key in 60 seconds.

Rewrite: PHP String Flipper Class

Julius — Sun, 04 Oct 2009 09:59:49 +0000

I found this class on Twitter. Nice idea flipping chars by replacing them with their unicode upside down alternative.
But what bugged me was the code, it looked awful. So id did a rewrite to clean it up a little bit.

The class can be viewed here:
http://juliusbeckmann.de/static/scripts/flipper.phps
and downloaded here:
http://juliusbeckmann.de/static/scripts/flipper.php.txt

From the 150 lines of original code, i reduced it to only ~80 lines. I also added a few comments and PHPDoc.

HowTo: Use the ternary operator in PHP

Julius — Sat, 03 Oct 2009 11:31:11 +0000

A good program is sometimes equalized with few lines of code. But how do we program this way? One step is using the ternary operator...

What is it?

Ternary means 3. But nearly every operator you know is binary.

Some binary operator examples:

$a = $b + $c;

$a = $b - $c;

$a = $b % $c;

$a = $b * $c;

As you can see, +,-,% and * are binary operators because they need 2 variables for their action. But the ternary operator has one variable more!

How to use it?

The ternary operator has 3 "variables" and looks like this:

$result = $when ? $then : $else;

We can also write this in a normal if then else code:

if($when)

  $result = $then;

else

  $result = $else;

Example

Here a real life example i used in my code.
If i want to initialize a variable correct, this code is fast and tiny:

$iterations_max = (defined('ITERATIONS_MAX')) ? ITERATIONS_MAX : 10 ;

The if else version looks like this:

if ((defined('ITERATIONS_MAX')))

  $iterations_max = ITERATIONS_MAX;

else

  $iterations_max = 10;

Documentation

Hope you understood the usage of the ternary operator and might use it in your future code.

The documentation for this operator can be found here:
http://php.net/ternary