I have an API application written in Yii2 framework and I don't know how to measure and track the performance as I am keen to see what is happening behind the curtain. My API is using mongoDB and I also would like to see the queries somehow I just don't know where to start. The Yii2 has its own integrated debugPanel which is great, but works only with browsers and can't have the benefits with using Postman to perform API calls for instance.
How do you guys do it on the dev and live environment?
Cheers
For basic measuring, Yii has some built in profiling. You can call it with \Yii::beginProfile() and Yii::endProfile() for that and view results via the debug toolbar.
For development you can also use Xdebug. It support profiling as well.
For production, that's something else. You want a solution that has as little impact on performance as possible and you want something to run regularly and automatic. You should keep track of routes and their profiled result so you can compare the improvements (or not) of your code over time.
I worked on a couple very high traffic sites and what we used was xhprof that activated randomly.
For example in your index.php you can do something like
if (rand(1, 100) == 50) {
xhprof_enable();
// on after_request() or register_shutdown_function(): store route and results
}
Obviously whatever you need may vary but perhaps this gives you some ideas in what direction to look.
Related
after reading all the threads on stackoverflow and other platforms, I still wasn't able to find an answer, which satisfies me.
The task:
I want to create a single page application (SPA) which receives data from a REST API. In this SPA, NO authentication should be used. It's a public site.
But the REST API should only be accessible from people who loaded the SPA from my webserver.
I assume this is only solvable with something on server side like sessions, cookies etc. - otherwise I'm open for your suggestions, solutions etc.
Thx in advance!
There's no reasonably easy way to do this. You can easily prevent other domains (in browsers) from accessing a an API on your domain (via CORS), but it's significantly harder to prevent scripts from doing this.
The issue lies in 'how do you detect legit browser traffic from a script'. It turns out that this is not easy. You could try to detect 'unusual behavior' as much as possible (for example a large amount of requests in a short time), but this doesn't stop clients that are slower.
Ultimately if people want your data, they will find some way around whatever restrictions you come up with. You should reevaluate this and use one of the following options:
Don't do an SPA and API. Although one could wonder, if the data exists in HTML it can still be crawled.
Add authentication. But obviously this won't help you in any way if anyone can authenticate.
Re-evaluate why you have this restriction. What are you worried about? If you're worried about people taking your data and using it elsewhere, how does only showing it in a browser from 1 domain help with that? If you're worried about copyright theft, why not use a legal approach to this?
I've seen a lot of these types of questions, but in my opinion I haven't yet seen one that has a legitimate good reason to want this. But, maybe you're the first.
I believe I answered my question myself on a comment 30 minutes ago... I think with captcha I'm able to secure the REST API against unwanted access to my REST API
I consider to use GTK+ with Broadway backend for development of device control application.
Device is with functionality similar to broadband modem/router (I intentionally selected example which is familiar for all :-) ).
Device should be controlled remotely via web browser.
My concern is about performance of such control. I'm afraid that Broadway may be a bottleneck.
Probably I'm wrong but even in simple pilot I built it looks not so good.
It will be very appreciated to have your inputs based on real experience.
Thanks a lot
I've used broadway to deploy gtk+3 apps for multiple projects - usually in cases where the client's desktop is locked down, or people are stuck on Windows. Broadway performs significantly better than VNC or RDP.
There are solutions to the single-user nature of a broadway application. For example, I've developed a partial solution: http://tesla.duckdns.org/transparent-proxy-for-broadway-gtk3-html5-backend/ ... if you want security, you need to implement a login page, cookie setting, and port redirection based on a cookie. The example code is commented as such. I've been meaning to complete all this, but every time I've done it, it's been in a highly custom way for particular clients - not something that I can really open-source.
We are looking at building a b2b application for the iPhone. A major concern is the possible delay in publishing updates to the applications. I would like to believe that all updates will be orderly, but the reality of a newly found bug for a client or an upcoming trade show could mean that updating the application NOW is critical. Even an "expedited" day wait would not be acceptable.
One option I have thought of is having a flag for each page that we send down when the user logs into our server. If the flag is set, then instead of the native screen for a given page, there would be a page with a UIWebView that would get the latest HTML from the web or stored HTML loaded at the time of login.
I would prefer storing the HTML and using it "offline" because a data connection cannot be guaranteed.
The questions are:
1) Does this violate any of Apple's licensing?
2) Is this feasible or is there a hole I am not thinking of?
It doesnt violate Apple's guidelines and as far as I know you are not missing anything here...in fact, we have the exact same problem in my company (which on top of the issue that you have, we have customers that would like to "brand" the app for their users, and thats how we accomplish that) and there are no issues with apple (for now...:)). Obviously, you need to think of user experience implications...hope that helps.
I'm trying to plan out an application on the iPhone/Android that could be used to track dates/locations of events and update them as necessarily but I really have no idea what kind of method I should take.
Currently, there's two ideas for methods in my head:
1) Make a mobile webpage/website that could be updated with the necessarily information, then display this particular webpage/website on the App for users to view.
2) Make an app in iOS/Android to do the above without displaying the webpage at all.
The first idea is the easiest for me to grasp, since I roughly know the procedures of setting this method up. Displaying the webpages on a iPhone/Android screen should be relatively easy and this also allows me to only update the webpage with the latest information and all without (hopefully) building some kind of update system for the app itself.
The second idea is probably the better of the two, since I can make use of all the nifty features in the iOS/Android to make some pretty cool (what are the cool things, i don't know yet) things. I'm not exactly experienced in the field of creating apps, and I really have no idea how to start some kind of self-update functionality on an app, seeing all the apps I've done thus far are offline-based apps that does not communicate with anything save for local files. Should I get the App upon startup to download a file (XML or whichever?) to "read" the contents then update as necessarily?
Or should I just go for the first method, since it can be more efficient than the second one?
I'm really lost here, can anyone offer some tips and advice?
I believe that the first approach is a good one but I would suggest the following:
1- Create the website that will do all the business in your mind then
2- Port out the application in an easy way to be a mobile application how? Please have a look into this http://www.appcelerator.com/
3- Another idea that would save you the pain of going into all the above is to create a facebook application, this way you can make use of the facebook infrastructure and you will have the viral effect as I guess thats what you are looking for.
I hope I've introduced a good tips for you.
Duplicate:
Testing a website for cross-browser/multiple-version support
How do you test visual components
I recently talked to a colleague about a tool we use at work for system testing web applications. The colleague then raised the question as to whether we tested the appearance of the application.
Does anyone else do this and if so, how would one test it to ensure things don't get moved out of place or that things are the correct dimensions etc?
If you want to check what your website looks like in many different browsers checkout Browsershots.
One of my clients was already set up with Litmus when I got there and that project was a breeze to work on. So smooth.
I'd like to be able to roll my own system like that, though. It's too bad they don't sell the actual software - just the service.