| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Aug | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Jump on the bandwagon and download OpenOffice. It's a full-featured and free replacement for that "other" proprietary Office product
Meet “Java”, a new addition to the PeterMac team.
Although only 9 weeks old, she shows great focus in object oriented design (she chases any object that moves). She’s got an excellent grasp of string manipulation technniques and we have to agree that her display of experience in the J2SE (Sleeping and Eating) area is beyond expectations for one so young.
I’ve just finished reading a little gem of a book. It’s called ‘The Martian Principles for Successful Enterprise Systems’ with a subtitle of ‘20 Lessons Learned from NASA’s Mars Exploration Rover Mission’. The author is Ronald Mak.
Imagine designing an information retrieval, indexing and presentation system for the two Mars rover vehicles that were sent on a one-way reconnaissance mission to Mars for a three month mission. The feisty little vehicles kept going for two years and the information systems had to be designed to cope with this unexpected project over-run.
The book runs to 168 pages and is a ’should-read’ for anybody involved in designing or buying large-scale enterprise software. From an architect’s perspective, you get a reinforced mental checklist of the aspects of your designs that make them work and ensure they keep working long after you’ve moved on. From a customer’s perspective, you gain an appreciation of the effort put into designing such systems. From a developer’s perspective, now you know why you spend so much time writing and executing unit tests.
The book has short and well directed chapters and is an easy read with coverage of both the technical side of software development and the soft or human side.
As a result of this read, I went back to enhance some application logging classes that I’ve used on a number of projects to provide more granular output and statistics on usage patterns.
The attached files contain binaries and source code for a .Net Compact Framework application we built to enable the input of petrol consumption details and the subsequent downloading of that information to a desktop application. It was written in C# under a Visual Studio 2005 project and makes use of a set of libraries provided by OpenNETCF Consulting.
To develop the application you will need to download the Smart Device Framework libraries from OPenNETCF and add a reference to them in your project. I have included a feature that allows you to dynamically upload all necessary components to your mobile device. This is a cool feature enabled using a .Net custom installer application.
Feel free to download and modify the application to suit your fancy.
In this world of bad guys and hackers and crackers, us developers have to be on our guard against all sorts of stuff that tries to break our websites. Validating input using JavaScript alone is not sufficient to gurad against the baddies as it can be worked around by building their own custom forms to interact with your site and/or disabling JavaScript.
What this means is that every piece of data you accept from a user should be validated against a set of rules for that datatype.
Some general validation rules
If it’s a text string, does it contain any less than or greater than brackets?
If it’s a date, are it’s day, monthy, year parts valid numbers?
If it’s a credit card number, is there an online number validation algorithm you can use to verify it?
Regular Expressions in PHP
In order to validate your user-input, you’ll generally find yourself resorting to regular expressions. In PHP there are two options.ereg and preg. ereg is older, less sophisticated and somewhat slower than it’s younger brother. My preference is to use the preg options even though they’re a little more complicated, the end results is betterer(sic).
An example of using preg to validate a date:
An online manual is available from the main php website at http://www.php.net/manual/en/ref.pcre.php
And some lessons explicitly on how to use the preg function is available here http://www.php.net/manual/en/function.preg-match.php
I’ve worked on a bundle of web based applications over the years and time and time again I’ve seen the recurring problem of the slash. Yes, we’ve probably all seen it in one or more forums where the apostrophe some user entered, probably with the name O’Brein ends up as O\\Brein.
Why does this happen in sites running on PHP? The answer is a duplication of escapes. Yep, a Houdini Supreme.
Firstly a systems administrator has installed PHP and set the value for magic_quotes_gpc = on in the system’s php.ini (usually located in /etc/). This will automatically add slashes to all GET/POST/COOKIE data. This makes it safe before writing it to a database. Mr O’Brein becomes Mr O\\’Brein when magic_quotes_gpc is set to on.
Secondly, a programmer has come along and thinking they’re doing the right thing takes all user input and uses the addslashes() funtion to escape all quotes. This results in a doubling of the escapes so, Mr O’\\Brien now becomes MR O\\\\’Brein.
When this data is rendered, we see the automatic removal of only one set of escapes but the other set is left behind…yuck!!
When programmers see this they think…”I’ll just use the stripslashes() method, I mean, that’s what it’s there for”. As the light from the idea bulb fades, they realise they’re fixing a problem that should never have occurred in the first place. You need to go to the source of your data and clean it up, make sure you’re either using magic_quotes_gpc=on OR addslashes. My preference is to use addslashes all the time and turn magic_quotes_gpc off, this way the logic of your code explicitly sets user input to be what you want.
I recently modified a web server to run Postfix instead of sendmail as it’s main MTA. The result was fairly pleasing and a Postfix/Imap/Webmail implementation meant my client was able to pick up and manage mail while travelling. One problem encountered however was the mail server was also a web server. Any time emails were sent using online forms, the resulting mail looked something like the following…
: No recipients specified
Reporting-MTA: dns; mail.threerock.com
X-Postfix-Queue-ID: 93E255C4E41
X-Postfix-Sender: rfc822; apache@threerock.com
Arrival-Date: Wed, 6 Sep 2006 08:26:14 +1000 (EST) Final-Recipient: rfc822; unknown
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; No recipients specified Received: by mail.threerock.com (Postfix, from userid 76)
id 93E255C4D4; Wed, 6 Sep 2006 08:26:14 +1000 (EST)
To: admin@threerock.com
Subject: Threerock Support - Report a Bug
From: “peter mac”
Reply-To: admin@threerock.com
Message-Id: 20060905222614.93E255C4D4@mail.threerock.com
Date: Wed, 6 Sep 2006 08:26:14 +1000 (EST)
After a bit of research and many different opinions from online groups, the fix turned out to be a simple change to the php.ini file (located in this case at /etc/php.ini)The change is as follows:look for the section [mail function] and create (if it doesn’t already exist) a key
sendmail_path = /usr/sbin/sendmail -t -i -f someone@yourdomain.com
Firstly check the path to your sendmail executable by typing
$ which sendmail
Secondly enter a valid username/domainname. This is the user the email will appear to come from. Examples are support@yourdomain.com, admin@yourdomain.com etc.
After saving your php.ini file, you will have to restart your httpd process.
$ /etc/rc.d/init.d/httpd restart