Larry Garfield talks about a new feature of Drupal 7 in a new post to his blog - the new introspective code registry that's been introduced in this latest version.

As a GHOP Task , Cornil did a performance analysis of Drupal and found its two largest performance drains were the bootstrap process and the theming layer. Quite simply, Drupal spends too much time including code. [...] Fortunately, Drupal 7's self-learning code registry system has just landed, which should obliterate most of the wasted bootstrap cost.

Larry describes the "heart of it all", the token_get_all call, that parses through an entire PHP file, splitting out things like classes included and functions called. This is passed through a function_exists call to the current script and, if it's already there, the file isn't included repetitively.

In some thoughts related to the just-passed religious holiday, Alan Knowles decided to come up with another series of 7 deadly sins one could commit in their PHP (CMS) development.

Among those on the list are things like:

• Defines for configuration
• Filenaming
• If your code is public, you should try not to ridicule yourself.
• Mixing PHP and HTML

Check out the rest of the post and some of the interesting comments that follow.

The Developer Tutorials blog has posted their "winner" of a list of things to do to keep you and your website secure:

When it comes to PHP security, you often think of input filtering, SQL injection prevention, XSS in user submitted content and so on. Well, forget about that. They're all pretty trivial compared to what I feel is by far the most important security issue of any web application. Read on to find out why.

Their number one thing to do to keep safe and secure? "Keep your systems updated." They point out that security a web site is one thing but securing the system that it runs on/has been developed on is another (and improperly patched, it could cause some huge problems).

Now, the best way to keep on top of potential vulnerabilities in your underlying systems is with updates. Sometimes, however, you need to go a little further. [...] Watching the web is also a good idea; major security vulnerabilities generally make it to the front page of Digg.

On the Developer Tutorials site today, there's a new tutorial posted that walks you through some of the useful features that PHP's CLI functionality can bring to your system administration.

In this tutorial, I'll show you how to use PHP-CLI, the command line interface for PHP, to get your maintenance under control using the technologies you're already familiar with. I'll also examine some of the By the time you've finished this tutorial, you'll be able to build human-assisted backup systems, automatic report generators.

It's a pretty basic introduction that talks about what the CLI environment is and what sorts of things PHP brings to the table. They include some sample scripts to do things like database cleanup and a method for taking in human interaction via the command line.