7KH�606�6HUYHURU�ZK\�,�VZLWFKHG�IURP�7FO�WR�3\WKRQ

Frank Stajano

KWWS���ZZZ�RUO�FR�XN�aIPV�

KWWS���ZZZ�FO�FDP�DF�XN�aIPV���

&RPSXWHU�/DERUDWRU\

0RWLYDWLRQ

Serving the mobile computer user

functionality portability

$$$alivation-inducingnotebook Libretto Palmtop

Quaderno Pilot

BUT: What if no computers nearby?

Don’t carry equipment:use someone else’s andpersonalise it.

The ORL alternative:

Regular human beingGeek / gadget freak

no gadgets,but cellphone is carriedspontaneously!

Use existing facilities⇓

GSM’s SMS

moregizmos

than youhave

pockets...

606�VHUYHU�XVDJH�H[DPSOHV

$%�:+2�$+-

$%�$:$<�$+�,1�,7$/<�72'$<

5$,/�&$0%5,'*(�/21'21

6+�25&/

&85�����)5)�,7/

52$'�0��

0$,/�/$55<#25$&/(�&20�+,�7+(5(

:)�(',1%85*+

+…and their

push versions

606�VHUYHU�DUFKLWHFWXUHPULL

SMS server

spawn

SMSsend

DispatchAuthorise

SMSreceive

6+�25&/www.stockmaster.com

HTMLpage

HTTPGET

stdout

smssendwebform

shareshandler

email gw,CORBA,...

PUSH

reply

cron

7KH�6HUYHU$SS�DEVWUDFWLRQ

File descriptors modelledby 5HDGDEOH withRQ,QFRPLQJ'DWD��callback

Single thread waits forevents in a VHOHFW��loop

20-line example ofserial ↔ socket

user-defined

OpenDataSocket

user-defined

NewSerialLine user-defined

OpenFile

NewListenerSocket

OpenListenerSocket

Readable

TimerServerApp

ServerApp

:HEVXFNLQJ

Simple URL manipulationCGI (thanks IPWP!)

…and train timetable,weather forecast, etc etc

currency.XenonLabswww.xe.net/currency

rail.RailTrackwww.railtrack.co.uk

shares.StockMasterwww.stockmaster.com

NASDAQ, NYSE, ...

shares.Yahoofinance.yahoo.co.uk

LSE, FSE, ...

shares.Easdaqwww.easdaq.be

EASDAQ

shares.ShareSite

webgrab.PageFamily

2EMHFW�RULHQWHG�ZHEVXFNLQJ

“I’ll cleanit uplater”

Typical: grab someoneelse’s working sourceand tweak it until it doeswhat you want.This is evil.

No commonimprovements

No common fixes!

Big maintenancemess

Without OO:

0RUH�ZRQGHUV���

Back-endsystem recordsTV to MPG

Schedule recording of yourshow from anywhere

Search today’sTV listings

Easier than settingthe VCR! (maybe —certainly cooler…)

From a nicecafé...

7KH�OLPLW�LV�\RXU�LPDJLQDWLRQ�

In-car 486with GPSand SMS

Fetches trafficinfo, stockquotesSends geographical coordinates to

Active Badge system

6SDZQLQJ��TXRWLQJ�DQG�VHFXULW\

Remaining words are passed tothe handler as arguments:FXUUHQF\�S\�����)5)�,7/

The executable we run canonly be one of the approvedones, so we’re ok.

&85�����)5)�,7/

IXOO&RPPDQG� �VWULQJ�MRLQ�>FRPPDQG@���DUJ/LVW�KDQGOH� �RV�SRSHQ�IXOO&RPPDQG���U��UHVXOW� �KDQGOH�UHDG��

First word selectswhich handler:FXU → FXUUHQF\�S\

(Ha Ha!)

Handler: external program. Takes user parameterson command line, returns result on stdout.

+D�KD�

FXU�����IUI�LW��PDLO�[#\�FRP���HWF�SDVVZGFXU�����IUI�LW��PDLO�[#\�FRP���HWF�SDVVZGFXU�CPDLO�[#\�FRP���HWF�SDVVZGC

Overzealousmutilation: chars maybe legitimate.

Same problems for CGICommonly recommended fix(Garfinkel-Spafford 546 etc):•avoid spawning•or at least avoid passing user strings•or at least avoid passing ‘$|;>*<&

Nannyish advice, but prudent“because people aregenerally incompetent atquoting”

Alternatives to RV�SRSHQ��:�RV�V\VWHP���RV�H[HFY�� & friendsStill no good.

a spawning function taking a list of arguments,not a string that will be reparsed by VK!

Who said we wanted VK anyway?(forced flattening and in-band signalling)

Quoting acrobatics are fun,but morally wrong.

Only satisfactory solution:

We really want theapi of RV�H[HFY��with the semanticsof RV�SRSHQ��

7R�IL[�WKLV���

KDQGOH� �RV�SRSHQ�IXOO&RPPDQG���U��

...so GvR fixedSRSHQ��� toaccept a listargument!

3\WKRQ�VXFFHVV

Practical proof:new maintainers happy!

Initial idea

Both waysEncouragesreadable, modular,maintainable code

But why Pythonin the first place?

Handedover code

Fixing PCMCIA,OS, cables etc

User docs, logging, accesscontrol, more handlers etc

Workingsystem

Core serverprogramming

Spec; firsthandlers

Jan 1997 Dec 1997

RapidApplicationDevelopment

)URP�7FO�WR�3\WKRQ

Every good craftsmanloves his tools

VRUW��

scripting isliberating

V� �µKHOORµV� �V���µZRUOGµ

Sold on Tcl & [incr Tcl]!

Found Python by accident,tried it by curiosity

regular expressions

so I’m biased too

&RPSDULQJ�7FO�DQG�3\WKRQ

Tcl / [incr Tcl]

Functionally equivalent

Python

Elegantly cleaner (à la LISP) More syntax, but “what you expect”Coherent design, easy to learn and internalise, despite little quirks...

...e.g. eval / upvar / uplevel ...e.g. lists & tuples, os.* vs posix.*

Lists, dictionaries, sort(), regexps

Tcl: no classes![incr Tcl]: fully featured, C++ style

Classes, but no visibility mods andobjects can grow new features!

BUT objects everywhere, including library

lack of static checksBUT separate “lint” just released

Punch line?

,W·V�DOO�LQ�WKH�GLVWULEXWLRQ

Python is greatbecause it comes withbatteries included!

Fact: script programmers hatehaving to recompile the interpreterto run an extension

•Will it clash with other extensions I have?•Will it still work with the new version of theinterpreter? Or will it prevent upgrades?•Will it compile at all with my C compiler?(...if I have one?)

cathedral bazaar

Tcl Python

Get the best from each other!

For Python: static checker (see ifTcl’s is any good), .exe writer,improved object model, a betterfirst book (both tut & ref)...

3RVW�6FULSWXP��D�KDFNHU·V�RIIHULQJ

Write WFO�S\ such that��S\WKRQ�WFO�S\�!�S\WKRQ�WFO��WFOVK�S\WKRQ�WFO�!�WFO�S\with WFO�S\ identical to the old one

More warming up:mutual gen in the same languageTo warm up: basic self gen

Mutually generating programs

python.tcltcl.py

python.py

python2.pypython1.py

tcl2.tcltcl1.tcltcl.tcl

VTV �����V4V ��>IRUPDW��F���@���VGV ����V'V ��>IRUPDW��F���@���G ��T ���LPSRUW�VWULQJU VWULQJ�UHSODFHWFOQX ���VHW�S\WKRQX�^VTV �����V4V ��>IRUPDW��F���@���VGV ����V'V ��>IRUPDW��F���@��G ��T ���`VHW�S\WKRQQ�^LPSRUW�VWULQJU VWULQJ�UHSODFHWFOQX VHW�S\WKRQX�^8`VHW�S\WKRQQ�^1`�SULQW�WFOQX`����SULQW�WFOQXWFOE VHW�S\WKRQE�^WFOE �VHW�S\WKRQE�^%`��SXWV��S\WKRQX��UHJVXE��DOO�>IRUPDW��F���@�S\WKRQQ�>IRUPDW��F���@�QGRXEOH��UHJVXE�8��QGRXEOH��S\WKRQX�QQ��UHJVXE�1��QQ��S\WKRQQQ��SXWV��Q��UHJVXE��DOO�>IRUPDW��F���@��S\WKRQE�>IRUPDW��F���@�EE��UHJVXE�%��S\WKRQE�EE�E��SXWV��E��SULQW�U�U�U�WFOE�VTV�V4V��VGV�V'V��G�T�`��SXWV��S\WKRQX��UHJVXE��DOO>IRUPDW��F���@��S\WKRQQ�>IRUPDW��F���@�QGRXEOH��UHJVXE�8��QGRXEOH��S\WKRQX�QQ��UHJVXE1��QQ��S\WKRQQ�Q��SXWV��Q��UHJVXE��DOO�>IRUPDW��F���@��S\WKRQE�>IRUPDW��F���@�EE�UHJVXE�%��S\WKRQE��EE�E��SXWV��E�SULQW�U�U�U�WFOE�VTV�V4V��VGV�V'V��G�T�

6XUHO\�\RX�FDQ�GRPXFK�EHWWHU�WKDQ�WKLV���

Solutions gradually revealed atKWWS���ZZZ�FO�FDP�DF�XN�aIPV���VHOIJHQ�

Enjoy the conquest!

WFO�S\�