Matt Read, Flibbertigibbet

I apologize for this, but thought it would be fun. I hacked my own site! I must be good!

Update: I did this using an exploit found in a plugin for Habari. I plan on fixing this plugin very soon. If you are worried use my Contact Form to contact me about it, and I'll let you know which plugin it is. Even better, if you feel like fixing something, let me know and you can fix it for me .

Update 2: This has now been fixed in the AutoSave plugin. The exploit could allow any cracker to post to the vulnerable site without being an authenticated user. So if any anyone is using AutoSave, you should update now.

From an email I got:

1. It's legal to play hockey professionally.
2. The puck is always hard.
3. Protective equipment is reusable and you don't even have to wash it.
4. It lasts a full hour.
5. You know you're finished when the buzzer sounds.
6. Your parents cheer when you score.
7. Periods only last 20 minutes.
8. You can count on it at least twice a week.
9. You can tell your friends about it afterwards.
10. A two-on-one or three-on-one is not uncommon.

One of the great things about Google Apps for Domains is they run a mail server for you, and you get the GMail web interface for email. Not only that, but you get a fully functional IMAP server as well. Unfortunately, GMail has a few annoyances.

GPG

The first annoyance is the lack of support for GPG. Fortunately this is easily overcome with the use of FireGPG extension for FireFox. FireGPG provides a simple easy interface for using GPG, including, but not limited to, digitally signing emails, encrypting email and attachments, and GPGAuth.

If your not into GMail, FireGPG can also support Rouncube Webmail. It also provides an easy mechanism to import GPG Keys, you know those big hash like things people paste on their sites; with one click you can import them.

Fixed-Width Fonts

The other major annoyance, which I find extremely annoying, is GMail displays all emails in a variable-width font instead of fixed-width. There is a "labs" feature that gives a toggle switch to change to fixed-width font, but you cannot make it the default. Fortuantely, again, FireFox comes to the rescue, with it's "user defined style sheets". With only a couple of lines of CSS you can haz your email in fixed-width fonts.

User style sheets are located your FireFox profile directory, and is named userContent.css. Any CSS you put in the file will be applied to each and every site you visit, so we can use it to get back our fonts. In Ubuntu it's located at "~/.mozilla/firefox/xxx.default/chrome/userContent.css".

Just add the following to that file:

/* GMail fixed-width font: see http://3cx.org/item/34 */
 
div.msg div.mb, div.ArwC7c {
    font-family: monospace !important;
    font-size: 12px !important;
}
 
div.yxEQwb {
    display: none;
}
 
div.ckChnd textarea, textarea.tb {
    font-family: monospace !important;
    font-size: 12px !important;
}
 
td.ct {
    font-family: monospace !important;
    font-size: 12px !important;
}

This will give you fixed-width fonts for all plain text emails, in the old and new, GMail interface, and it will hide those annoying "Sponsored Links". Also, it will give you fixed-width fonts on Google Groups. Awesomeness!

Customizing GMail With Labs

In the GMail Labs section there are a bunch of goodies to be had. My favorites are Tasks, Advanced IMAP Control, and Navbar drag and drop.

Tasks are very simple. It gives you a little pop-out at the bottom for which you can add tasks, mark them as completed, link them to corresponding emails, etc. Lovely little TODO list keeper.

Advanced IMAP Controls gives you the ability to Choose which labels show up in IMAP, turn off message auto-expunging, or trash messages when they're deleted from IMAP. I love being able to choose which label/folders IMAP can use.

Pretty simple, title says it all. You can drag around all the little gadgets to the order of your choosing.

GMail Almost Rocks

As long as you have FireFox, the GMail web interface is almost a complete replacement for those old and clumsy desktop mail apps. Hopefully we'll see some cool new Labs features roll out, like plain text/fixed-width only email .

As long as I don't have to maintain a mail server, I'm happy with GMail.

After deleting thousands of spam comments every week, I got fed up. I went looking for a way to eliminate spam all together. There are many different approaches that work at completely destroying spam bots A Honey Pot, a Habari plugin by Sean Coates, that adds a CSS hidden field that only bots would fill in; encoding the "action" URL, and input elements names and ids of the submitting form, a technique used by Prof. Sneddy, killing all spam bots which don't use an HTML parser (which is all of them). There are others, but those are two that I find work reliably.

The above mentioned methods, however, do not provide any way to authenticate the identity of the submitting comment author. In comes OpenID. Using OpenID to authenticate that the commenter is who they say they are, allows us to ensure that only valid comments are submitted. Since I haven't seen a spam bot with an OpenID, this will absolutely stop them in their tracks.

OpenID also allows to use heuristics to determine which OpenIDs can be trusted, and which can be blacklisted. Since every commenter has a unique authenticated OpenID, we can reliably trust repeat commenters and push their comments through the moderation queue; at the same time, not trust blacklisted OpenIDs, deleting them immediately, without needing any human interaction to reliably do so.

I've decide to jump head first into the deep end, and only allow comments to be submitted using an OpenID Identifier. This means, that if you want submit a comment on my site, you must have an OpenID. There are many people who do not have an OpenID yet, but for your protection, and mine, I would highly recommend you go out and get one now.

I use Verisign's PIP service for my OpenID provider. The service is still in "beta" (whatever that means nowadays) but I would highly recommend it. They even provide phishing detection, and "Strong Authentication" methods, including Browser Certificates, and their VIP Credetial. Go sign up!

One of the "neat" things in Javascript is you are able to dynamically add or change methods of a class and automatically update every instance of that class. Some of the things I usually find useful are adding to the String class, like so:

String.prototype.htmlSpecialChars = function() {
    return this.replace(/\</g,'&#060;').replace(/\>/g,'&#062;');
}
String.prototype.trim = function() {
    return this.replace(/^\s+|\s+$/g, '');
}

Obviously we cannot do this in PHP, and why would we, right? However we can emulate this behaviour to a certain extent using my "neat" little Prototype class. With this Prototype class we can dynamically add properties and methods to any class, and they will be inherited by all instances of that class.

Let's look at the following "normal" PHP code.

class Person extends Prototype
{
    public $name;
    public $gender;
   
    public function gender()
    {
        printf("%s is %s\n", $this->name, $this->gender);
    }
}
 
$matt = new Person;
$matt->name = 'Matt';
$matt->gender = 'male';
$matt->gender();
 
// Matt is male

Now, there is nothing magical or out-of-the-ordinary going on here. We just instantiate the Person class and setup some properties. Calling the gender() method outputs a nice little string for us.

However, you see that the Person class is actually a child of the Prototype class. This will allow us to do some of that "neat" Javascript stuff. Using Prototype, let us expand the Person class to add an $age property and an age() method to output a nice string. Like so:

Person::add_property('age');
Person::add_method('age', 'printf("%s is a %d year old %s\n", $this->name, $this->age, $this->gender);');
 
$matt->age = 28;
$matt->age();
 
// Matt is a 28 year old male

Now all instances of Person inherit the $age property and age() method. So we can create a new Person, Susie, and this object will now have the age stuff.

$susie = new Person;
$susie->name = 'Susie';
$susie->gender = 'female';
$susie->age = 21;
$susie->age();
 
// Susie is a 21 year old female

One limitation of the Prototype class though, is you cannot overload a current method. So the following code, that attempts to overload the gender() method, will not work.

Person::add_method('gender', 'printf("%s is a %d year old %s\n", $this->name, $this->age, $this->gender);');
 
$matt->gender();
 
// Matt is male

There are also many, many, many other problems with this Prototype class. Some of which are:

• The '$this' keyword is reserved, so it actually does a string replace and uses '$self' instead.
• You cannot access/add new methods or properties statically (until PHP 5.3 with __callStatic()).
• It uses create_function, so every "method" is actually defined in the global namespace.
• Iteration does not work, although it could possibly be done with Iterator, Countable, et al.
• You cannot reference static variables/methods in your add method.
• You cannot share methods between classes.
• And so on and so forth...

This class was just an experiment to see if it was at all possible to implement something like Javascript's prototype behaviour in PHP with out using the Runkit PECL extension. I had no intention of actually making this usable in production, for many reasons , although it was fun. If you have any improvements or additions to Protoype please add them to the wiki page, or paste them in comment.

Wait, What? Yeah that's what I thought too. Still no Idea what I'm talking about? Well, let's take a look at the following code. Let's call it "fred".

class foo {
    function bar( $b = 0 )
    {
        static $a = 0;
        if ( $b ) {
            $a = $b;
        }   
         echo $a;
    }
}
 
$faz = new foo;
$faz->bar(3);
$baz = new foo;
$baz->bar();
foo::bar();
foo:bar(1); 
$faz->bar();

The code above, named "fred", basically creates a static variable $a inside the function foo(). When you call foo(0) it outputs the value of $a. When you call foo('x') , where x can be anything, it updates the value of $a with 'x', and outputs the new result.

Now, what would expect "fred" to output? If your like me, then you are completely wrong. "fred" will actually output the following code.

/*
Actual Outputs:
$faz->bar(3); ==> 3
$baz->bar();  ==> 3
foo::bar();      ==> 3
foo:bar(1);     ==> 1
$faz->bar();   ==> 1
 
Expected outputs:
$faz->bar(3); ==> 3
$baz->bar();  ==> 0
foo::bar();      ==> 0
foo:bar(1);     ==> 1
$faz->bar();   ==> 3
*/

Yes, that's what I said at the start, "Persistent Static Variables Across Instances". The static variable $a actually persists across the two instances of foo that "fred" created, and even into the static method call. This was completely unexpected, at least by me. So I'll ask, does anyone know if this is actually the expected behaviour, and why it is or is not?

I just put the latest version of the Jambo contact form for Habari on the Habari-Extras repo. So now anyone who wants to participate in the development of Jambo can do so. And please feel free do make it better, or fix my mistakes, that's why it's there.

You will also find Tabasamu, StaticFront, and HabariMarkdown there too. Enjoy and thanks.

Just thought I would say Merry Christamas to everyone out there. I haven't done anything else with this site lately, but I hope to update a few things this holiday and maybe even do some Habari coding. Anyway Merry Christmas, and a Happy New Year to all.

Jim Whimpey and Brisbane Creative bring you Pasteosaurus. The new PHP pastebin on the block, based on the OSS code from Pastebin.com. The entire systme and codebase was almost completely rewritten by Jim, in aim of simplifying the entire system.

As Jim says on his blog, Every piece of junk I wasn’t using from pastebin has been removed, including DB fields and every file has been reorganised and rewritten in cleaner, smaller and more easily read code. This means it’s now much easier for me to add features, which I’ve already done!

It is quite a lovely pastebin, much faster and cleaner than most of those other big ones. The design is simple yet beautiful; I love to see red and pink in a design. And with the use of Geshi, the syntax highlighting works quite well.

Of course, being a good OSS citizen, the code available for download via the link at the bottom of every page. So let's not pastebin anymore, let's Pasteosaurus!

The Labs have a brand new design. This time I went for a colourful design using the basics, red, green, blue, violet, and yellow, as you'll see in the background. I tried to carry those colours throughout the whole design. The header is a dark violet to try to dull down the "jump in your face" colours in the background.

I really wanted this design to jump of the page with colour. I tend to design very "monochromatically", so I hope I pulled it off. With a simple layout and bright colours I think I might have achieved something close to what I imagined. Stay tunned, as there will be a few more updates to the Labs this week as I go through the design and update a few things, and hopefully add even more colour.

Well my new design, code named Oceanus, is finally (mostly) complete. It's been up for a while but I just haven't took the time to talk about it. My goal in this design was to create a simple, easy to read design without being boring, like so many "simple" designs out there.

I also went with a dark background this time, something that prooved harder than it sounds. The dark background In my opinion make it much easier to read on a computer monitor. It also looks ... "neater" .

My new archives, well, they're just rockin. I love how they show my "seasonal" posting, and I noticed I tend to post very little in the winter months. Must the cold weather. If you like them I can make the code available, just let me know.

There are still some bugs and improvements to be made, but let me know what you think of "Version Oceanus". If you are using MSIE, I know, it all looks fubar'ed .