Just another WordPress site

Tag: web dev

  • New tekArtist site launched

    Tada! I have decided to move away from Blogger and instead leverage features afforded to me by my new web host, DreamHost. I have now acquired the tekArtist.org domain name and set myself up with a WordPress instance to run the present site.

    newsite-banner1.jpg

    Besides having imported my previous Blogger posts to the new blog section, you can now also browse through two new main sections:

    • labs: the geeky side of things
    • more: the public disclosure area

    The base page is mostly there as a soft landing pad for visitors just stumbling upon my site, but also serves as an OpenID delegate through myOpenID.

    Please bare with me in regards to the domain-wide search, as I’m only using Google’s most basic site search feature. They have not yet picked up my pages in their index, since I just turned off the temporary password I had setup at the root level this morning.

    Technologically speaking, the new site features tools and options such as:

    You can read more about the WordPress theme I custom develop for this site in the related labs page. Since there is nothing really private in it (sensitive values are protected through more appropriate means), I have also decided to make the theme’s source available publicly, fact which might change at any time if I realize that this leads to abuse or security issues outside of what I originally planned for.

    I have been relatively quiet online in the past few years while primarily focusing my energies on my responsibilities as a dad and as a professional. I obviously never stopped playing, but limited my personal publishing activities to blogging and participating in online communities, rather than releasing products or experiments.

    Now that my beloved children are starting to require less of my attention (IE: less then 24-7), I now have the opportunity to revert closer to previous levels of contribution to the web and Open Source spheres. Don’t get me wrong though, I still have clear priorities. ๐Ÿ™‚

    As a final note, I just wanted to mention that my moving away from Blogger had nothing to do with necessity, as they truly have an excellent blogging platform, but stemmed from a desire for the increased flexibility that only a full on web hosting account and a product like WordPress can provide.

  • parseMe v2.1 update

    I have released a new version of parseMe, my lightweight browser-based RSS/Atom feed reader utility, which main target remains mobile phones and accessibility devices (universal access).

    You can find the latest release in the download section, and more information about it in the release log. There is now also a public Subversion repository.

  • Since I was addressing poor online busin…

    Since I was addressing poor online business ethics in my last post, I might as well touch the following, as it came up while I was browsing the upcoming security stories thread on Digg.

    I was googling my online trail recently, and was quite stirred that the nickname I use on a lot of online communities started showing up as a registered user of a number of social-networking-flavoured porn sites. Most of them pumping out (pardon the analogy) long lists of sites and videos one allegedly features on their profile as interesting, ร  la Digg et al.

    I thought someone else was simply using the same moniker, but the following article and its author might just have provided me with some valuable insight: Why are my picture and name showing up on porn sites without my permission?

    Thankfully, this seems limited to the user name for now, and my real name isn’t returning such search results. But it is definitely of interest to me professionally, since McGill does have, and is looking forward to further develop, people pages. We will definitely have to take this trend in consideration in the upcoming incarnation of the software and content.

  • First Facebook worm[-ish behaviour]?

    A friend of mine supposedly sent me a Facebook-based invite for an FB app called Advanced Wall. It came as a notification in FB and prompted me to retrieve a message from my contact by adding the app to my profile.

    ‘k, I bite, since I’m in Facebook-API-craze mode for work and fun anyway and get the following, as allegedly written by my friend:

    Check this out!

    It’s an Advanced Wall!

    You can change colors, sizes, fonts, add smilies, pictures, videos and a lot more…

    :)

    Odd.. Especially from the supposed author…

    First, I was just curious to know if they are using tinyMCE for the advanced editor, like WordPress and co. Evidently, I dig a bit deeper, and fire up Firebug, which as a complete aside is the most amazing piece of software. I use it everyday, and am still baffled by how efficient and powerful it all is.

    So, the Javascript doesn’t look familiar and the editor’s iframe goes to http://ai.idlestudios.com/write.php, a domain which strangely enough doesn’t respond under http://www.idlestudios.com/ or http://idlestudios.com/, and just redirects http://ai.idlestudios.com/ to the app’s description inside FB (as of 2007-07-22, ~1 AM).

    Odder…

    Head off the the terminal: whois idlestudios.com tells me the domain is registered to a more than likely fine fellow from the Russian Federation, which in and of itself doesn’t really imply anything.

    But that’s when I start noticing the ads in multiple locations around the Advanced Wall’s WYSIWYG editor. Text ads, subtly placed in the telling Facebook colour scheme. Blockbuster, icon sets, the usual.

    So on to my friend’s profile I go, and what do you know? What do I see on his wall, with no other message than:

    Check this out!

    It’s an Advanced Wall!

    You can change colors, sizes, fonts, add smilies, pictures, videos and a lot more…

    :)

    Really? And it’s coming from someone else in my contact’s own friend list…

    Next: Facebook ยป Profile ยป Applications ยป Edit ยป Remove

    ๐Ÿ™‚

    This all said, I haven’t gotten a reply from my friend yet on if he actually sent the invite in the first place (it’s late, and the invite was sent at 11:59pm), so maybe I’m just seeing things and outta get to bed. I’ll post an update here when I know more. Call me traumatized by another friend’s experience. ;P See update below.

    Personally, I’m not sure I’m willing to go for this one anyway. Best case scenario, it’s gonna be MySpace all over again…

    And if by any chance you receive an invite for Advanced Wall from me, you’ll at least know how it did not get there: Not-by-my-click.

    Update (20:45): Well, it seems that my friend is as surprised as I was. Although he did see an option to invite his friends, he is fairly sure he canceled. Yet, the app seems to have propagated itself to his contact list. He also had the same reaction as I with the dubious first message template, and brought to light an error message he received from the app stating “there are still glitches we’re working on with the facebook team“. So worm[-ish]? Questionable interaction design? Buggy app? Plain old bad taste? I’m not a security expert by any stretch, so I’ll hold off on the labeling, but as a software developer, I say: none for me, thanks.

  • We Should Not Bite the Hand that Diggs

    I’ve been noticing that Digg has been getting a substantial amount of cr*p about things they’ve done on and with the site recently. Nothing new or exceptional, as every popular Web outfit gets the community treatment once in a while, but now that the dust settled a bit, I just wanted to express the following thoughts.

    I had the pleasure to meet with some of the Digg crew in San Francisco last month, coincidentally hours before they released their new commenting system. What I saw was a group of people who, on top of being passionate about their respective vocations, actually believe in the product they bring us. This is a relatively rare and precious thing, and I think that as a community, we should nurture it as much as we can.

    I’m definitely not saying we should just fall into blind fanboy-ism and idolize their every actions, but I do think that there’s a [not so] fine line between constructive criticism, which is usually welcomed by any self-respecting professional, and plain old bashing, which can be the most depressing aspect of public releases. And it’s not like they’re not listening (1, 2).

    Yes, I do think that a balance between surprise releases and usability testing could gain to be developed. And yes, I do understand that sudden changes to something you enjoy can be offsetting for users. But I also know that they’re cultivating a tight-group/almost-family-like atmosphere amongst their ranks, and that the last thing I want is for the people behind the code to be nudged anywhere close to just being yet another bunch of salary makers, in yet another faceless corporation.

    So I say, keep on guys, and thanks for your efforts. I’ll happily keep on digging and watching the site evolve.

    And no, I’m not going to submit my own post to Digg. ๐Ÿ˜‰

  • Mooooooo

    I just have to let it all out: I love mootools!

    I’m not going to get in a pi**ing match with prototype, jquery, dojo and company, since they’re all truly neat little bundles of joy, but as a write-all-javascript-from-scratch kinda guy, I wasn’t inclined on having to rely on such involved libraries in the past. Especially when coupling them with huge server-side code base that I must keep in mind might actually outlive me. Call it an ever-lasting “vendor” lock-in allergy.

    Choosing the best contender to be included in the McGill web platform among the countless available options in the compact JS framework sphere was one of the most difficult tech decisions I’ve had to make in years. But so far, I sure am glad we opted for mootools. Bonus: I didn’t even have to force it on anyone either, and adoption by different levels of developer has proven smoother than in tests involving other potential choices.

    Great docs, tight syntax, (close to) worry free platform compatibility and a lively dev community are all among the many benefits we are so far enjoying.

    But beware! I’d advise anyone going the framework way to:

    • Do a lot of research before committing to anything, to really gauge what is best for you and your team(s).
    • Not be afraid to write a slew of tests to be implemented in the selected top choices to right away define what has more potential in your very context.
    • And most importantly, not get too comfortable and devolve into a one-lib-only coder.

    On this, I’m going back to milking it for all its worth.

  • It's a Love / Hate Thing

    It’s days like this I both love and loathe my vocation all at once.

    Love it: never bored, always have new things to learn, mentally challenging, great interaction with the many development communities, constant stream of new opportunities, etc…

    Loathe it: there are only 24 hours in a day and my body and brain stubbornly force me to sleep for a few of these… Almost every day too…

    Thirteen years of web app dev, and still see it it as the World’s biggest playroom. ๐Ÿ™‚

  • parseMe 20070602 Update

    Here’s another update to parseMe (back story), my little GPL’ed PHP-based RSS/Atom feed reader for mobile phones and other web-capable devices.

    You can find the appropriate links below:

    Release notes:

    • Moved my CVS repo to Subversion (svn), hence the revision number differences. I considered moving to a distributed revision control system, since they’re gaining in popularity, but I got lazy after the major rewrite. ๐Ÿ˜‰ Maybe for the next release.

    • This is a quasi-complete code rewrite. In this release, I have moved away from the initial goal of keeping within the 500 lines limit (including comments) and having an “educational” flavour, to focus instead on the code structure, the features, further increased security, etc. The security aspect does account for a lot of the extra lines, when coupled with the new features.

    • The parseMe class has now been substracted from the index.php script and has been moved to lib/php/parseMe.class.php.

    • One of the most significant features, on the user end, is that you can now request any number of feeds to be parsed at once. Keeping in mind that the main target audience for this tool is the mobile market (usually slow, tiny screens, low RAM, etc), the usual total number of feeds offered does not lead to major performance hits, unless of course the sources themselves are slow to answer the tool’s request(s). You can of course still set your feed selection in the cookie-based preferences, which now allow for multiple choices.

    • With the multiple feeds feature, the next logical step was to enable some sort of sorting options. You can sort the entries by feeds, or from new to old (descending) or from old to new (ascending). Your favourite sort order can be saved.

    • You can now opt in or out of using the Google Mobile Gateway for destination links, right from the query form, and save your preferred choice.

    • On the server end, self-contained caching is now done through PHP data serialization, since there is no point in reparsing the same XML at every page load, after all.

    • On the security front, and primarily with the concern that we do have an application-writable directory (cache), there are quite a few improvements. Since the data contained in the cache files is not very sensitive by design (and if it is, I’d suggest using ssl and password protecting the app), this is really more of an exercise in good coding practices. And there is of course the concern of php injection attacks.

      • The cache filenames are now generated as a sha1 sum, with the help of an admin-defined shared secret so that they cannot be easily guessed.

      • All cache files now start with a dot (.) so that most web servers will not even serve them, and to be invisible when directory listing is enabled at the server level.

      • On the other hand, there is still a very strong emphasis on user input sanitazation and usage in the logic itself (EG: no client-defined source URL, source validity tests, etc).

    • Fully valid class documentation can be leveraged in IDEs such Eclipse, auto-documentation tool such as phpDocumentor, etc.

  • It's SQLite-Mania Time!

    Between the freshly announced Google Gears and the upcoming Firefox 3, I’m really happy to see the SQLite project picking up some massive and forefront industry momentum. And well deserved at that, since I’ve always thought it was an excellent venture in many respects, though often overlooked by the general development community.

    Firefox will use it for their upcoming Places feature, which aims to be the evolution of bookmarks and history.

    Google Gears, on the other hand, uses it for offline web app data storage. I have to say I’m getting a geeky kick out of seeing SQL queries passed directly via client-side Javascript (although as an offline app, I guess the client is the server too). And not even as a WTF post: bonus!

    Kudos to the SQLite dev team, and good call to the two latest industry icons who chose it.

    That install base sure is going to grow fast! Makes me giggle when I remember thinking that every PC would be running at least 6 different embedded copies of the tiny DB within a few years when I first played around with it, all without 99% of the end users even realizing this. I’d say we’re right on track. ๐Ÿ™‚

    Who’s taking bets on Adobe doing the same with Apollo?

  • McGill Website Wins Silver CASE Award

    I guess we must be doing something right:

    The Council for Advancement and Support of Education (CASE) awarded McGill University the silver medal in the Complete Institutional Web Sites category. There were 41 entries in this category, with two silver medals and one bronze medal awarded. CASE is a non-profit association encompassing 3,300 colleges, universities and elementary and secondary schools in 54 countries.

    Via McGill Announcements.

    I don’t actually know any more than this, because the details haven’t been published on the CASE web site yet. I really want to know who we tied with, knowing CASE has members such as MIT, CalTech, Harvard, etc.

    2007-06-16: The CASE web site has now been updated: Web Sites โ€“ 2007 Winners