The document discusses various optimizations that can be made to improve the performance and security of a PrestaShop installation. It covers optimizations to server infrastructure, database queries, PHP code, and front-end performance. Key recommendations include using caching, minimizing database queries and regular expressions, compressing responses, and securing against common attacks like SQL injection. Measurements are suggested to identify bottlenecks before optimizing.
Full-Text Search Explained - Philipp Krenn - Codemotion Rome 2017Codemotion
Today’s applications are expected to provide powerful full-text search. But how does that work in general and how do I implement it on my site or in my application? Actually, this is not as hard as it sounds at first. This talk covers: * How full-text search works in general and what the differences to databases are. * How the score or quality of a search result is calculated. * How to implement this with Elasticsearch. Attendees will learn how to add common search patterns to their applications without breaking a sweat.
This is the Moose talk I gave at YAPC::NA 2012.
It included a practical example of a Moose objects code, a simple app called Comican. The code is not available online. If you want it, just email me (sawyer ATT cpan DOTT org).
Full-Text Search Explained - Philipp Krenn - Codemotion Rome 2017Codemotion
Today’s applications are expected to provide powerful full-text search. But how does that work in general and how do I implement it on my site or in my application? Actually, this is not as hard as it sounds at first. This talk covers: * How full-text search works in general and what the differences to databases are. * How the score or quality of a search result is calculated. * How to implement this with Elasticsearch. Attendees will learn how to add common search patterns to their applications without breaking a sweat.
This is the Moose talk I gave at YAPC::NA 2012.
It included a practical example of a Moose objects code, a simple app called Comican. The code is not available online. If you want it, just email me (sawyer ATT cpan DOTT org).
Apache DataFu is a collection of libraries for working with large-scale data in Hadoop. This presentation provides an introduction to Apache DataFu covering both the datafu-pig and datafu-hourglass libraries. This presentation also contains a number of examples of using DataFu to make pig development easier.
(BDT402) Performance Profiling in Production: Analyzing Web Requests at Scale...Amazon Web Services
Code profiling gives a rich, detailed view of runtime performance. However, it's difficult to achieve in production: for even a small fraction of web requests, huge challenges in scalability, access, and ease of use appear. Despite this, Yelp profiles a nontrivial fraction of its traffic by combining Amazon EC2, Amazon EMR, and Amazon S3. Developers can search, sort, filter, and combine interesting profiles; during a site slowdown or page failure, this allows a fast diagnosis and speedy recovery. Some of our analyses run nightly, while others run in real-time via Storm topologies. This session includes our use cases for code profiling, its benefits, and the implementation of its handlers and analysis flows. We include both performance results and implementation challenges of our MapReduce and Storm jobs, including code overviews. We also touch on issues such as concurrent logging, cross-data center replication, job scheduling, and API definitions.
Six Feet Up's senior developer Clayton Parker will lead you on a journey to become a Python zen master. Your code should be as fashionable as it is functional. To quote the Zen of Python, "Beautiful is better than ugly". This talk will teach you about the Python style guide and why it is important. The talk will show you examples of well written Python and how to analyze your current code to make Guido proud.
Arpad Ray's PHPNW08 slides:
Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals.
This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against.
* Getting around common precautions against SQL injection
* Free spam with SMTP injection
* Making a malicious website to exploit PHP sessions
* The holes every attacker hopes for
* Making use of a newly exploited website
Python's "batteries included" philosophy means that it comes with an astonishing amount of great stuff. On top of that, there's a vibrant world of third-party libraries that help make Python even more wonderful. We'll go on a breezy, example-filled tour through some of my favorites, from treasures in the standard library to great third-party packages that I don't think I could live without, and we'll touch on some of the fuzzier aspects of the Python culture that make it such a joy to be part of.
JavaFest. Philipp Krenn. Scale Elasticsearch for Your Java ApplicationsFestGroup
Elasticsearch is a highly scalable system if you use it to its full potential. In this talk we discuss the most important parts to make it scale with your Java applications:
Monitoring your setup for performance. Optimize with bulk requests.
Distribute the load in your cluster. Pick the right index and shard strategy.
Apache DataFu is a collection of libraries for working with large-scale data in Hadoop. This presentation provides an introduction to Apache DataFu covering both the datafu-pig and datafu-hourglass libraries. This presentation also contains a number of examples of using DataFu to make pig development easier.
(BDT402) Performance Profiling in Production: Analyzing Web Requests at Scale...Amazon Web Services
Code profiling gives a rich, detailed view of runtime performance. However, it's difficult to achieve in production: for even a small fraction of web requests, huge challenges in scalability, access, and ease of use appear. Despite this, Yelp profiles a nontrivial fraction of its traffic by combining Amazon EC2, Amazon EMR, and Amazon S3. Developers can search, sort, filter, and combine interesting profiles; during a site slowdown or page failure, this allows a fast diagnosis and speedy recovery. Some of our analyses run nightly, while others run in real-time via Storm topologies. This session includes our use cases for code profiling, its benefits, and the implementation of its handlers and analysis flows. We include both performance results and implementation challenges of our MapReduce and Storm jobs, including code overviews. We also touch on issues such as concurrent logging, cross-data center replication, job scheduling, and API definitions.
Six Feet Up's senior developer Clayton Parker will lead you on a journey to become a Python zen master. Your code should be as fashionable as it is functional. To quote the Zen of Python, "Beautiful is better than ugly". This talk will teach you about the Python style guide and why it is important. The talk will show you examples of well written Python and how to analyze your current code to make Guido proud.
Arpad Ray's PHPNW08 slides:
Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals.
This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against.
* Getting around common precautions against SQL injection
* Free spam with SMTP injection
* Making a malicious website to exploit PHP sessions
* The holes every attacker hopes for
* Making use of a newly exploited website
Python's "batteries included" philosophy means that it comes with an astonishing amount of great stuff. On top of that, there's a vibrant world of third-party libraries that help make Python even more wonderful. We'll go on a breezy, example-filled tour through some of my favorites, from treasures in the standard library to great third-party packages that I don't think I could live without, and we'll touch on some of the fuzzier aspects of the Python culture that make it such a joy to be part of.
JavaFest. Philipp Krenn. Scale Elasticsearch for Your Java ApplicationsFestGroup
Elasticsearch is a highly scalable system if you use it to its full potential. In this talk we discuss the most important parts to make it scale with your Java applications:
Monitoring your setup for performance. Optimize with bulk requests.
Distribute the load in your cluster. Pick the right index and shard strategy.
Rapid and Scalable Development with MongoDB, PyMongo, and MingRick Copeland
This talk, given at PyGotham 2011, will teach you techniques using the popular NoSQL database MongoDB and the Python library Ming to write maintainable, high-performance, and scalable applications. We will cover everything you need to become an effective Ming/MongoDB developer from basic PyMongo queries to high-level object-document mapping setups in Ming.
Caching and tuning fun for high scalability @ PHPTourWim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site. If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you. In this tutorial, we'll start from a Zend Framework based site. We'll add caching, begin to add servers and replace the standard LAMP stack, all while performing live benchmarks.
Web Performance, Scalability, and Testing Techniques - Boston PHP MeetupJonathan Klein
I gave this talk on 4/27/11 at the Boston PHP Meetup Group. It covers both server side and client side optimizations, as well as monitoring tools and techniques.
Réussir l'internationalisation de sa boutique e-commercePrestaShop
Quelles sont les étapes à suivre pour internationaliser son site e-commerce ? Voici les étapes clés à respecter et les bonnes astuces pour mettre toutes les chances de votre côté ! Support de conférence de Bruno Lévêque, co-fondateur de PrestaShop.
Barcamp 3 PrestaShop - Atelier Découverte de So-ColissimoPrestaShop
Une solution de livraison en réponse aux attentes des e-acheteurs : à la découverte du module So Colissimo !
Par Géraud Felgines, La Poste-ColiPoste et l'équipe PrestaShop
Barcamp 3 PrestaShop - Atelier Découverte de PrestaShop v.1.4PrestaShop
A la découverte de PrestaShop 1.4 et ses nombreuses fonctionnalités… LA solution pour votre site e-commerce !
Par l'équipe PrestaShop et l’agence certifiée Or Profileo
« Développez le chiffre d’affaires de votre site e-commerce PrestaShop grâce à eBay »
Par Fabien Alet (PrestaShop) et Lucile Chanel & Yohan Ruso (eBay)
Barcamp 3 PrestaShop - Découvrez le webservice et la version mobile de Presta...PrestaShop
Connectez votre boutique PrestaShop aux CRM, ERP… Découvrez le Webservice de PrestaShop v.1.4 ! Témoignage de Peugeot Sport
Par Bruno Lévêque et Lucas Cherifi – PrestaShop, accompagnés de J.C Fargetton, Peugeot Sport
Barcamp 3 PrestaShop - Conférence Ergonomie et Tunnel de commandePrestaShop
Ergonomie, tunnel de commande et relation client : 3 points clés pour la croissance de votre chiffre d’affaires !
Par Catherine Barba (Malinea Conseil) et François Ziserman (Araok!)
Barcamp 3 PrestaShop - PrestaShop v.1.5 se dévoile !PrestaShop
PrestaShop v.1.5 se dévoile !
Découvrez en exclusivité les fonctionnalités de la prochaine version de PrestaShop !
Par Nebojsa Stojanovic, Directeur Technique chez PrestaShop ; accompagné de l’agence certifiée Bronze iRessources
Barcamp 3 PrestaShop - Conférence Optimisations et Hébergement de votre site ...PrestaShop
Les meilleures techniques d’optimisation d’un site e-commerce pour une rapidité exceptionnelle !
Par Philippe Humeau – NBS, et Rémi Gaillard – PrestaShop
Atelier "Installation et configuration de PrestaShop" - Barcamp² PrestaShop
Workshop "Installation and configuration of PrestaShop" - Barcamp² PrestaShop
Sécurité et performance, comment bien optimiser PrestaShopPrestaShop
Sécurité et performance, comment bien optimiser PrestaShop - Oxalide & Rémi Gaillard
Security and performance, how to optimize PrestaShop - Oxalide & Rémi Gaillard
An introduction to the cryptocurrency investment platform Binance Savings.Any kyc Account
Learn how to use Binance Savings to expand your bitcoin holdings. Discover how to maximize your earnings on one of the most reliable cryptocurrency exchange platforms, as well as how to earn interest on your cryptocurrency holdings and the various savings choices available.
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
buy old yahoo accounts buy yahoo accountsSusan Laney
As a business owner, I understand the importance of having a strong online presence and leveraging various digital platforms to reach and engage with your target audience. One often overlooked yet highly valuable asset in this regard is the humble Yahoo account. While many may perceive Yahoo as a relic of the past, the truth is that these accounts still hold immense potential for businesses of all sizes.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
In the Adani-Hindenburg case, what is SEBI investigating.pptxAdani case
Adani SEBI investigation revealed that the latter had sought information from five foreign jurisdictions concerning the holdings of the firm’s foreign portfolio investors (FPIs) in relation to the alleged violations of the MPS Regulations. Nevertheless, the economic interest of the twelve FPIs based in tax haven jurisdictions still needs to be determined. The Adani Group firms classed these FPIs as public shareholders. According to Hindenburg, FPIs were used to get around regulatory standards.
10. Your architecture has to be efficient (good planning) You have to code using best practices (don't do **obviously** stupid things) But prefer rather maintability and readibility of code over the speed When speed is not critical (i.e. real time systems, high traffic sites), you can improve it in later iterations When to optimize?
11. Measure first! You should know bottlenecks. Benchmark different scenarios and configs Going Linux? Test Linux, not Win. There are differences Will have 10000 products in your store? Test your modules with db of 10000, not 5 Is a 1% improvement worth of additional work? What about 5%? 10%? Try to estimate coding cost vs. hardware cost Sometimes it's just cheaper to add RAM What to optimize?
12. Small performance gains Using (int) instead of intval() can be even 4 X faster But overall gain is negligable (unless you are Facebook) Code executed once Tools::setCookieLanguage could be improved, but it is executed once Mythical optimisations ( ” vs ' ) But ”$a $b $c” … is faster than $a.” ”.$b.” ”.$c Whatshouldn'tbeoptimised
13. Server load: ab, siege, multi-mechanize ... Databaseload: MySql Slow Query Log, mysql proxy, ... EXPLAIN PHP: xdebug, dbg, xhprof ... Network / client side Yslow, firebug, WebKitinspector, dynaTrace AJAX, fiddler, google webmaster tools How to measure?
14. Server: Difficult task, often impossible on shared hostings Ask your admin CPU is rarely a bottleneck, generally indicates problems with suboptimal code RAM is cheap but not unlimited – attention to memory consuming scripts Typical problem: gd + jpg -> 2 Mb on disk, 33 Mb decompressed into memory Ramdisk for often accessed, not critical files (frameworks, configuration, tmp) Most common bottleneck: I/O (filesystem, dbs) Improving infrastructure
15. Every call to fs costs, depending the OS, filesystem and number of files Always use absolute paths in require / include Performance may start to degrade if you have more than 50 000 files in a directory Each product has image, each image has 6 thumbnails Debian + Apache 1.3 (shared hosting, nfs): Filesystem # Files Glob('*') exec. in sec. file_exists / sec. 1000 4,59 36000 11000 13,30 21000 65000 55,81 1475 122000 142,16 718
16. Directory content splitting: img/p/534-189-small.jpg becomes img/p/small/534-189.jpg Reading transparently via .htaccess RewriteRule (.*)/p/([^/]*)homejpg $1/p/home/$2home.jpg Writingtransparently via class if (!imageResize($file, $dir.$imageType['name'].'/'.$language['iso_code'].'-default- '.stripslashes($imageType['name']).'.jpg', ... Solution
17.
18. Avoid to using too many JOINSSELECT * FROM ps_feature` f LEFT JOIN ps_feature_lang` fl ON ( f.`id_feature` = fl.`id_feature` AND fl.`id_lang` = 1) WHERE f.`id_feature` = 1SELECT * FROM ps_feature_lang` fl WHER fl.`id_feature` = 1 AND fl.`id_lang` = 1 Version Tables Columns Without index 1.1.0.5 88 458 50 1.2.0.5 134 670 50 1.3.10 135 679 2 (cool! :)
19. Use VIEWS instead of complicated SELECTS Are you needing ps_connections & ps_connections_page? If you are expecting high traffic, thay can rise 10+ Mb / day Database
20. Big problem - non unique queries 1.3.10, simulation of command process: Index – search – authentication – order (11 pages total) 3001 SQL queries, but only 1314 uniques! (44%) PHP - SQL
23. Best is use mysql proxy or memcachedNot always possible Do not resolve overhead of unnecessary calls Use internal cacheCan be scoped or globalPrestashop partially uses scoped cacheEasy to implement, tune, and … forget Each method / class is responsable for caching its query results Solutions
24. static public function getCurrency($id_currency){ return Db::getInstance()->getRow('SELECT * FROM `'._DB_PREFIX_.'currency` WHERE `deleted` = 0 AND `id_currency` = '.intval($id_currency)); } static public functiongetCurrency($id_currency){ if (!isset(self::$_cache[$id_currency])) { self::$_cache[$id_currency] = Db::getInstance()->getRow('SELECT * FROM `'._DB_PREFIX_.'currency` WHERE `deleted` = 0 AND `id_currency` = '.intval($id_currency)); } return self::$_cache[$id_currency]; } Scoped cache
34. foreach($cart->getProducts() as $product) if ($orderStatus->logable) ProductSale::addProductSale(intval($product['id_product']), intval($product['cart_quantity'])); Should be: if ($orderStatus->logable) foreach($cart->getProducts() as $product) ProductSale::addProductSale(intval($product['id_product']), intval($product['cart_quantity'])); (no need to test if in every iteration if it does not change) Use conditions wisely
37. We are preparing whole mail, including pdfattachement, even if we are not sending it. Every times you do it, a little kitten dies Non optimised conditions
50. Use Cache (mod_expires, Etags) for static content such as imagesyou can do it in htacces or httpd.conf ExpiresActiveOn ExpiresDefault"access plus 15 days“ ExpiresByTypeimage/gif A2592000 Network
53. Avoid passing HTML / XML as AJAX result. Use JSON instead of. You can reduce amount of data by magnitude of 75% (which if of course faster. Which is of course better). Client-sidestuff
56. Allowsyou to interactwith the database Sanitize all your variables before use in SQL requests!<?php ...... $order_detail = Db::getInstance()->ExecuteS(' SELECT * FROM .'_DB_PREFIX_.'order_detail WHERE id_order='.(int)$_GET['id_order'] AND payment=apos;'.pSQL($_GET['payment']).'apos;'); SQL Injection
57. Exploit the site's trust in your identity Use tokens Requiring authentication in GET and POST parameters index.php?tab=AdminOrders&token=e84b3fda0b04b922b3bc27b08d4fe136 CSRF
58. Inject HTML code in the page Sanitize all your variables before output! <input type="text" name="lastname" value="{$smarty.post.lastname|htmlentities}" /> preg_replace('/.*script/ui', '', $_POST['lastname']); preg_replace('/.*onmousedown|onmousemove|onmmouseup|onmouseover|onmouseout|onload|onunload|onfocus|onblur|onchange|onsubmit|ondblclick|onclick|onkeydown|onkeyup|onkeypress|onmouseenter|onmouseleave/ui', '', $_POST['lastname']); ... XSS
59. Access to unauthorized datas Sanitize all your variables before load files! Check the extention of the file include (dirname(__FILE__).'/mails/'. preg_replace(‘/{2,}/', '.', Tools::getValue('mail')).'html'); Path transversal