The title is a misnomer since the first half of the book addresses MediaWiki basics, topics with which an “administrator” should already be familiar. Besides chapter 2, which covers installation, it’s not until Chapter 7 (”Administrating MediaWiki”) that the book really begins to address administrative topics. In a few places the book even suggests that you “request an administrator” (sic) to complete a certain task. (Wait, I thought I was the administrator?) The book might more aptly be called “The MediaWiki User and Administrator’s Guide.”

These are the chapters:

• Chapter 1 - About MediaWiki
• Chapter 2 - Installing MediaWiki
• Chapter 3 - Starting MediaWiki
• Chapter 4 - Advanced Formatting
• Chapter 5 - Organizing Content
• Chapter 6 - MediaWiki in a Multi-User Environment
• Chapter 7 - Administrating MediaWiki
• Chapter 8 - Customizing MediaWiki
• Chapter 9 - Hacking MediaWiki
• Chapter 10 - MediaWiki Maintenance
• Chapter 11 - Cool Hacks

There were a few instances of gushing praise for wiki software that seemed untempered and unsubstantiated. These weakened the book, as if the book were fighting for legitimacy. For example, the introduction states, “If we think a forum, blog, and CMS are easy solutions for this, then a wiki will be an even easier solution for the problem.” (p. 9) Not a line you’d use to sell MediaWiki door to door. After explaining how to edit a page (again, is that necessary for an administrator?) it reads, “Can editing be simpler than that? I don’t think so.” (p. 15) An administrator’s guide doesn’t need to preach the virtues of the software — administrators are already sold — but if it attempts this, the claims should be specific and backed by evidence, not sweeping and general. If the book were to explain that “X percentage of users prefer wiki software because of Y and Z” or “wiki software isn’t right for every situation, but it’s great for A and B,” the administrator might actually have some ammunition with which to sell wiki software to users and decision makers.

Chapter 6 addresses using MediaWiki in a multi-user environment. I think this should be assumed from the beginning. Again, wiki software is not universally superior to all other blogging or CMS packages. It should be assumed that MediaWiki will be used for multi-user collaboration since that’s where it excels. It shouldn’t be an afterthought.

I found several typos and awkwardly written sentences. The editing team should have done another pass over the book.

The book taught me several new things about MediaWiki, including the following:

• Interwiki links, page 61 — “Using interwiki links, we can create links to other sites on the Internet. This gives users the option to avoid pasting in entire URLs (as for regular web pages) and instead use shorthand by adding a prefix to another wiki.”
• External images, page 67 — Use $wgAllowExternalImages = true; then write something like this: [http://www.packtpub.com http://www.packtpub.com/images/PacktLogoSmall.png]
• Definition Lists, page 75 — “To indicate a definition term, use a semi colon at the beginning of the line. To indicate the definition, use a colon….”
• Creating a gallery, page 100 — You can create pages with four columns of image thumbnails.
• Magic Words, page 107 — “Magic words [like NOTOC or NOEDITSECTION] are a few reserved words that are used for special purposes in MediaWiki. They are used to create special types of formatting.”
• Using Sort Keys to Sort Category Listings, page 121 — Category listings are sorted alphabetically by first letter. With sort keys you can cause specific categories to appear out of the usual order.

Administrators and developers will like the sections on how to use templates (p. 122), how to create a new skin (p. 208), and how to write MediaWiki extensions (p. 226).

I would have liked more information on these topics:

• Subversion (SVN) usage and best practices
• Database internals
• Memcached
• Administering multiple installations of MediaWiki (wiki farms)

This book could conceivably be two. After being thoroughly proofread and polished to match the audience, the first half of the book could be a great resource for MediaWiki users. The second half, expanded to include the above topics, would be well suited for a MediaWiki administrator.

Yahoo Developer Security Best Practices

// filter input and assign it to the “$clean” array
if (ctype_alnum($_POST[’name’]))
    $clean[’name’] = $_POST[’name’];

// escape HTML output with htmlentities()
$html[’name’] = htmlentities($clean[’name’], ENT_QUOTES);
echo “You entered the name $html[name].”;

// escape MySQL output with mysql_real_escape_string()
$mysql[’name’] = mysql_real_escape_string($clean[’name’]);
mysql_query(”INSERT INTO table (name) VALUES (’$mysql[name]’)”);

After reading the book I was only left with one question: is HTTP Authentication over SSL fairly secure? (I assumed it would be.) I emailed Chris with my question and he responded quickly in the affirmative. Thanks, Chris.

http://www.richardkmiller.com/blog/archives/2006/06/report-on-php-hacker-night

Thursday, June 1st
7:30 - Dinner at Las Tarascas Mexican restaurant (map: http://tinyurl.com/n5ncn)
8:30 or 9:00 - We’ll walk over to Pudding On The Rice (www.puddingontherice.com) for dessert

Las Tarascas and Pudding on the Rice are located almost next door to each other in the Albertson’s shopping center on University Pkwy. (From I-15 take the University Pkwy exit and head east. They are on the right-hand side as you come down the hill into Provo — across the street from the dollar theater.) Both locations have free Internet access.

By the way, if you haven’t tried Pudding on the Rice, it’s pretty cool. They serve rice pudding in a variety of flavors, and they have LCD screens on the walls, the decor is all white, the tables hang from the ceiling, and the menu is projected. It’s really futuristic looking. If you have a white iBook you’ll blend right in.

Feel free to come to just dinner or dessert if you can’t come to both. John and I will be there the whole time. I think it will be a fun and productive evening. (And you should try the toffee rice pudding.)

Richard

See http://www.socallinuxexpo.org/ for more info.