My Common Lisp-powered origami photoblog is still up and running smoothly so far. (I posted more models, go look, shameless plugs and so on and so forth.) No major problems to report in the past couple weeks.
One huge benefit (in my opinion) of a site run on Common Lisp is the way you can solve the "admin control panel" problem. Most web site frameworks / blog engines / message boards have some control panel interface, for example the one I'm using to type this blog entry.
Why are control panels necessary? You could SSH to your server and run SQL queries directly to input your blog posts. One reason we don't do this is because it bypasses the logic of your website. We use a PHP form so that it can complain if you type a post with no title, or run a filter to convert your line-breaks to HTML tags, or do spell-checking, or whatever. It does all these things before entering your data into the DB, and then when the DB does need to be updated, it updates it in a consistent way. If multiple tables need to be updated, it doesn't forget to do them all. Etc. etc.
The problem I have with control panels is that due to limitations of web languages and how the internet works, these control panels must be run as web pages just like any other. Meaning they're open and accessible to the world if you visit the right URL.
To solve this we start heaping on the passwords. Above and beyond SQL client access and FTP access and shell account access, we make a brand new custom layer of user accounts and permissions. Only we implement it using .htaccess files and SQL hacks and fragile HTTP connections and cookies and sessions. And then we get to test how well we did by letting every script kiddie and crawler-bot in the world hammer on it at will.
I agonized about how to make a "control panel" for my photo blog. These things aren't easy to get right. Eventually, I realized it wasn't necessary. The REPL is my control panel. I can implement the necessary logic as simple Lisp functions. When I want to post a new model, I SSH to my server, fire up Emacs, connect to the Lisp running on my running server via local SLIME, and run an
ADD-MODEL function. Simple. Lisp automatically timestamps my posts, and checks for empty-string model names, and all the other good stuff you'd want from a control panel. (Plus if it fails, I get a debugger.)
What about authentication? I get that for free. SSH is my authentication. Authentication is what SSH is made for and it's going to be far better at it than some web-page SQL-based hack-job I come up with. I don't even have to remember a password, since I have certificates set up for passwordless login. And there's no URL that points to my photo blog control panel, which is nice.
What about letting multiple people log into the "control panel"? Anyone you don't trust to SSH into a shell account usually shouldn't be trusted to log into a Wordpress or VBulletin control panel either in my opinion. Run Lisp as a non-privileged user (probably should be doing that anyways, I am) and run SSH in a chroot if you really care.
What about the typical web gallery feature of letting you upload an image and then having it automatically thumbnailed? I wrote a two line shell script that uses ImageMagick (which is likely what a PHP-run gallery would be using anyways) to thumbnail all my photos locally, then rsyncs them to my server. Why re-invent the wheel?
Couldn't Perl or Ruby or PHP do the same thing? Well, Perl/Ruby/PHP don't run persistently on the server. So it'd be a bit different. Couldn't you write some standalone scripts to run from the commandline to insert new posts into your blog? I suppose, but it surely wouldn't be as nice an interface as Slime in Emacs, unless you enjoy using bash as your text editor. And have fun with quoting / escaping. (
EDIT: As some readers reminded me, yes they can run persistently via Apache hackery. And Rails has a "console". I stand corrected.)
The REPL obviously isn't a solution to every problem. If your authentication requirements are complex enough, you'll have to build something yourself. And it's a problem if your users don't know Lisp (and yeah, that right there kills it for 99.999998% of the world). Web-based control panels have the benefit of being "so easy anyone can use them".
But for my needs, and probably the needs of a great many websites run by one or two trusted Linux-savvy people who just need to be able to securely update the site once in a while, a few Linux tools + the REPL works beautifully.