Rewind a little more than 10 years to December 18, 1997. Internet Explorer 4 had been released 3 months earlier. The Mozilla Foundation had not yet formed, and their Firefox web browser was years away from public release. There was no XMLHttpRequest… there wasn’t even XML. On that day, over a decade ago, HTML 4.0 was published as a W3C recommendation. Read the rest of this entry »
After working on several large scale PHP projects, and writing a lot of PHP code, I’ve discovered a number of tools that improve code quality, streamline rollouts, and generally make life as a PHP developer a whole lot easier. Many of these tools probably deserve a post of their own. But, since some people aren’t even aware that these tools exist, I figured I’d start there. So, without further ado, here’s my list of tools that every PHP programmer should know about. Read the rest of this entry »
A good model and a proper database design form the foundation of an information system. Building the data layer is often the first critical step towards implementing a new system, and getting it right requires attention to detail and a whole lot of careful planning. A database, like any computer system, is a model of a small piece of the real world. And, like any model, it’s a narrow representation that disregards much of the complexity of the real thing. Read the rest of this entry »
WordPress seems to have a bad reputation when it comes to scalability. Maybe it’s deserved, since a default WordPress installation doesn’t really scale well. But making WordPress scale isn’t hard. I recently hit the Digg home page and got roughly 70,000 pageviews in under 12 hours. Another post hit the home page later the same day, and another 10,000 clickthroughs followed. As a result, I’ve been asked by a few people how I managed to keep my site up under that sort of stress. Honestly, I haven’t done anything that fancy. But for future reference I figured I’d document my configuration, and let people in on one trick that saved my butt. Read the rest of this entry »
I wrote last week about how DNS rebinding can bypass browser same origin policies. Since then I found a paper titled Protecting Browsers from DNS Rebinding Attacks that describes rebinding attacks in greater detail. It turns out that there are several varieties of rebinding attacks, and a couple of proof-of-concept DNS rebinding demonstrations already exist. Read the rest of this entry »
A Japanese blogger who goes by the name Hamachiya2 has discovered a single line of HTML and CSS that crashes IE 6. The line is:
<style>*{position:relative}</style><table><input></table>
If you’re brave, you can click here to try it out. The code is rendered correctly in Firefox, Safari and Opera (didn’t get a chance to try any other browsers, but presumably they work too). But in IE 6 it raises a fatal error in mshtml.dll.
Artur Bergman posted an interesting story yesterday on O’Reilly Radar titled Your browser is a tcp/ip relay. In the post, Bergman explains a new technique that could allow malicious code to bypass the same origin browser security model. The article credits security researcher Dan Kaminsky with discovering the loophole, though it appears to have been around for a while. Read the rest of this entry »
The Adobe Flash Player is a multimedia application created by Macromedia (now a division of Adobe Systems). Flash Player features support for both vector and raster graphics, along with a scripting language and bidirectional streaming of video and audio content. The player is a virtual machine that runs Flash files, which are often embedded in websites to present animations, games, GUIs, or other visual interestingness. If you’re reading this website, you probably know all of this. What you might not know is that Flash sucks. It is the bane of the Internet, and it needs to go away. Read the rest of this entry »
While I’m primarily a developer, I end up spending a lot of time working with CSS and other front end technologies. I’ve learned a lot about CSS, but I don’t use it enough to have really good habits and often end up with superfluous selectors and bloated code. So when Tom Armitage’s CSS Redundancy Checker popped up in my feed reader I was intrigued. Tom’s solution is simple, elegant, and reasonably quick. But it’s a command line app that requires ruby and some additional packages — not exactly newb (or lazy programmer) friendly. Since I was looking for an excuse to play with Rails a bit more, I decided to write a web front end and build an Online CSS Redundancy Checker on top of Tom’s code. Read the rest of this entry »
Giving users mobile access to data is the latest vogue, but unless you’re a mega-corporation, or have a boat load of funding, it can be prohibitively expensive. If you’re looking into getting a short code and building your own SMS gateway, be forewarned: it’s an arduous process that’ll cost you upwards of $15,000. For the rest of us, 4INFO’s Open Platform is a pretty cool (and FREE) alternative that enables developers, content providers, and bloggers to utilize the 4INFO short code to deliver mobile content. Read the rest of this entry »
Recent Comments