Charl van Niekerk » Blog: November 2005

Main

Latest

WE05 & The Address Element

Since I had a lot of exams to write, I didn't have too much time to listen to all the WE05 Podcasts. Finally I got around to listening to most of them the last couple of weeks.

In general, I'm a bit disappointed. Most of the talks are pretty basic and uninteresting, and there were too few talks about hard-core technical stuff IMHO. But then again, I guess most people need/want to hear all the philosophical aspects, other people's opinions and experiences, and all that crap.

Anyway, one of the few presentations that even just vaguely interested me was The Elements of Meaningful XHTML by Tantek Çelik (also see the slideshow).

One of the things that shocked me was that I, along with many other idiots, used the address element incorrectly. I never particularly bothered until now to actually look up the exact meaning of the element in the spec, just because the meaning seemed so obvious: To mark up addresses, naturally. Or not.

I think the spec says it best:

The ADDRESS element may be used by authors to supply contact information for a document or a major part of a document such as a form. This element often appears at the beginning or end of a document.
<ADDRESS>
<A href="../People/Raggett/">Dave Raggett</A>, 
<A href="../People/Arnaud/">Arnaud Le Hors</A>, 
contact persons for the <A href="Activity">W3C HTML Activity</A><BR> 
$Date: 1999/12/24 23:37:50 $
</ADDRESS>

Let's face it, as Tantek pointed out, the name for the element was very badly chosen. Maybe something like contact would have been better; I don't know.

Of course, don't trust Tantek not to stuff things up a bit too. :) Take one of his slides:


<p><div>
 Please contact
 <address>webmaster at example dot com</address>
 if you find any problems with this site.
</p></div>

He's actually replacing the p element with a div! Do I even need to explain why this is wrong?

Ok, so the address element is invalid in the p element... But according to the spec (as I read it) this would be better:


<address>
 Please contact
 webmaster at example dot com
 if you find any problems with this site.
</address>

Anyway, I'm really just nitpicking now. At least Tantek can write much better markup than probably around 99,99% of the web development community. Credit given where credit is due.

There are some other things about his presentation I also want to comment on, but since I don't like massive posts we'll leave that for another day. Now I need to go pick up my mom at the airport.

Draconian Error Handling of XHTML

Since Anne doesn't like comments, I am writing this post in reply to his post Draconian error handling hurts business and real people; XHTML be doomed.

He does make some valid points, but just to even out the argument, please keep in mind the following.

Firstly, it seems like the developer of the games site he refers to fails to make the site valid because of content negotiation, not because of ~~a compliant XML parser~~ XML.

Second of all, if the developer has been using a proper CMS (which seems to still not be in existence as yet) this problem would not have occurred.

In other words, all that I'm trying to say is "Don't blame XHTML because of incorrect implementation." And yes, lack of incremental loading (although it's not required by the XML standard) as well as no XHTML support to start with (think most search engines and IE) are shortcomings in current implementations too.

One thing I thoroughly agree on though - most developers are sadly incompetent fools and should rather stick to forgiving parsers, just because they can't handle anything proper.

SuprGlu

SuprGlu [via] lets you set up your own (public) page and lets you add feeds to it. If you have accounts at various different places with feeds, you can add them to your page so that you can show people exactly what you've been up to the last while...

I quickly grabbed an account myself an set up my own page with some of my feeds on it (the feeds of both my blogs, my del.icio.us account and my Flickr photostream). Pretty useless, I know, but it's just cool. :)

I like their use of XmlHttpRequest when adding new feeds during setup. My page is XHTML though (sent as text/html naturally) and it doesn't even validate. Bah. But other than that it's still pretty cool. :)

Update: An interesting thing is that now you can subscribe to all those feeds through one central feed it seems. As if anyone actually wants to do that...

Security: Mambo, Joomla, phpMyAdmin

Both Mambo and Joomla are affected by a serious security issue that has caused thousands of Mambo/Joomla sites to be hacked the last couple of days. There are patches for both, although Mambo seems to be trying to cover the thing up (their own site also got hacked but they said it was merely network troubles and there's nothing about the bugfix on their homepage).

phpMyAdmin also reports a serious security issue affecting all installations with register_globals enabled. Please disable it for your installation or upgrade to the new bugfix release.

Update: Mambo, albeit being a little late, finally published about the security vulnerability giving as little info as possible it seems. Visit Joomla's site if you actually want to learn something...

Beyond Web Standards

A lot has been done regarding Web Standards, but what people are often forgetting is that sometimes formats that aren't always directly related to the web are also often sent over the Internet. For example, word processing documents, spreadsheets, images, etc.

If you send a Microsoft Word document to somebody else, you are making the assumption that they are using Microsoft Word. Personally I take offence when people are so careless as to send me files in proprietary formats without checking with me first to see if I have the required apps.

What? But everybody uses Microsoft Office, no? Uh, well at least everybody uses Windoze? No, sorry my friend. Linux/BSD are my operating systems of choice. And I use OpenOffice, naturally. :)

But can't Open Office open Microsoft Office files? Well, yes, it has some support and it can even save back to some Microsoft formats. However, because Microsoft is as proprietary as can be and because they have the typical proprietary mindset, some of their formats are not all that well documented and much of them needed to be reverse-engineered, a practice which is always dangerous. And now OpenOffice chokes on some of the more advanced formatting.

The OpenDocument standard is an attempt to solve many of these issues by creating a standardised XML-based format for word processing documents, spreadsheets, charts and presentations. Two Office suites that currently support it is OpenOffice and StarOffice (the latest versions). We hope Microsoft will add support one day too.

It seems like some governments, particularly in the U.S.A., seem to want to start standardising on open formats for word processing documents. With the South African government pushing open source along with many other countries in the world, this weakens the need/use/practicality of proprietary formats even more. Viva freedom of choice!

I want to strongly encourage all readers of this blog to start thinking about standardising on open formats for internal/external company/private use. It's the right thing to do (poking fun at one of the SABC TV ads).

Frappr

Ek het nou-net met 'n oulike diens gespeel genaamd Frappr. Dit werk met Google Maps. Jy kan jou eie kaart skep en mense toelaat om hulself op die kaart te plaas.

Hier is 'n kortlys van my gunsteling kaarte:

Die laaste twee op die lys hierbo het ek self gemaak. Gaan kyk gerus as jy in een van die interessegroepe val. :)

Frappr

I just took a look at Frappr; quite a cool idea making use of Google Maps. It allows individuals to create a new "map" and let people from around the world place themselves on it.

They announced one for Firefox Users; it seems like I'm the second South African to successfuly list on it. The user interface was a bit unclear though, so some people (including myself) had trouble listing so I decided to help clear it up quickly.

I started two maps, one for open source and one for BSD Users. I also listed on Linux Users.

ASP.NET 2.0

Finally my last exam for this year has been written off. Unless of course I get some rewrites, but that's early next year. Now I have some more time to spend on work and blogging. ;)

I wanted to do some more posts about ASP.NET 2.0 and most likely will. It must have gone past me, but it seems like .NET 2.0 and Visual Studio 2005 Express have gone live.

Earlier (as many of you will know) I played a bit with the .NET 2.0 betas, in particular ASP.NET 2.0 and Visual Web Developer Express. At that time, I was quite surprised that Microsoft seemed to be giving away the Express (beta) editions for free (as in no-cost, not as in free software); I thought this might have something to do with Java, etc.

Anyway, now I am quite surprised again because it seems like they'll only be giving away the Express editions away for "free" the first year; if you don't grab your copy before the 6th of November, 2006 you'll have to pay.

Ok, so paying isn't the end of the world but it all is still rather interesting to me personally. It seems like greed got the better of them again. And back to Java we go...

My point exactly is that commercial customers (or at least those in first-world countries) will buy the expensive, but better "full" versions while students, hobbyists, etc can use the Express versions to further their skills in .NET. This makes sense, really, especially for third-world countries where the (earlier proposed) fee of US$ 49 is a month's salary for many.

Don't tell me the cost of development is too high - they're turning even higher profits than Telkom (also known locally as "Telscum").

I actually started to think that ASP.NET was becoming a viable development platform. ASP.NET 1.1 had many design and architecture faults which mostly have been corrected in ASP.NET 2.0. Also, it has better standards support, but that says nothing. You're just comparing bad with worse really. Validation isn't everything. I would still not use the built-in web forms; I would write my own controls that generate perfect, valid, semantic and accessible markup the way it's supposed to be.

Anyway, I now (officially) throw out ASP.NET as an alternative; if they can't even spare a "basic" version for free there's really no point in it. I'm not going to increase Microsoft's bank balance even more just to help them take monopoly at the end of the day. I'll still be learning it and playing with it out of interest's sake, but that's it.

Mono, anyone?

Open Source Gangsterism on IRC

I just discovered a funny log I saved:

Vhata Spinach: seen Charl
Spinach Charl was last seen on #clug 78 days, 12 minutes and 6 seconds ago, saying: open source of course [Mon Aug 15 17:52:00 2005]
Vhata of course.
Charl :D

This was on #clug on ZANET for those that are interested. I'm there when I'm not too busy, which I normally am. Bah, that sounds pathetic.

Anyway, and yes, the markup for this conversation was inspired by Anne, whose name should be pronounced in Dutch and is therefore marked up with the lang attribute. Who's the extremist now, hey?! ;)

PHP Error Reporting & Compatibility

Most seasoned PHP developers will know about PHP's Error Reporting mechanisms.

Since PHP is a scripting language that runs through an interpreter (although you can use some caching), errors are generated on-the-fly. This also allows for the opportunity to suppress certain types of errors/warnings when the site goes live, while choosing to view more errors while developing.

The later PHP versions have some rather nice error/warning types. For example, E_NOTICE complains when there's a smaller problem that typically appears because of bad coding practices. For example, when you use a variable that doesn't exist (PHP will normally just return null in such a case).

Having E_NOTICE turned on might help debug problems and help you to write structured programs; it might even help you to follow good coding practices to a certain extent.

E_STRICT is a new level introduced in PHP 5. It will complain and nitpick about many of the common mistakes made by programmers. Having it turned on certainly learned me a lot, even when later coding in PHP 4 again. It will also give advice on how to make your programs more forwards-compatible. However, making things more forwards compatible often leads to breaking backwards compatibility, and with many hosting providers still sticking to PHP 4 because of forwards compatibility issues with PHP 5, coding for PHP 4 too will be to your advantage (unless of course you're only developing for a specific system/systems that you know only run PHP 5).

The problem with having these error levels enabled is that, if you make use of third-party tools, it will mostly complain about those tools a lot. I think there's no excuse to have any code generate E_NOTICEs, because having that enabled promotes good programming practice and won't break neither backwards nor forwards compatibility. But as we all probably know, most third-party programs suck in general. :)

I think that any code generated for Fidelis should never send out E_NOTICEs or any other kind of errors/warnings, even if they're being reported according to server configuration. For now, we can probably forget about E_STRICT though, because of backwards compatibility reasons with PHP 4. But let's try to have it generate the least possible issues under each case, and let's aim for compatibility with both PHP 4 and PHP 5 as far as we can.

PHP Coding Standards

To my knowledge, there is no definitive set of standards to follow when coding in PHP; it might be a heck of a language but it has always been (and still remains to be, to a lesser extent maybe) a hack of a language (if you're dyslectic like me, note spelling of emphasised words please).

However, since we're starting with Fidelis I think it would be cool to try and stick to certain established best practices and coding techniques to promote forwards-compatibility and secure coding.

So, which standards are there? What can one conform to?

Well, the PEAR project has laid out some standards that are worth looking into. They have quite strict requirements it seems.

Some of the guidelines, especially the for-spaces-no-tabs indentation scheme, don't seem good to me. Personally I believe tabs should be used for indentation, because each tab is only one key, tabs are made for indentation (I could be wrong though, but this is what they're commonly used for these days), most editors let you customise their width and they are efficient because they only count for one character each (instead of 4).

However, I guess that my personal opinions don't always matter that much. At the end of the day, it's not about what one person thinks but what the community thinks. There is always room for improvements and innovation, and nothing will ever be perfect, but sometimes one needs to make certain sacrifices on behalf of the greater good. (Huh? Should I have written a novel or something? Shit!)

But seriously, if everybody runs off and do their own thing we'll never achieve consistency in the open source (and proprietary) worlds.

Anyway, sounding sappy is not what this post is about. There are other things that also need some consideration. Naturally, we shouldn't use register globals and all of that kind of crap. We should also not rely on magic quotes for similar reasons. The reasons go mainly as follows:

Forwards compatibility (look at default configuration of latter versions of PHP 4 and PHP 5)
Security
Keeping clean & logical program structure
Trying to keep consistency with other projects

I don't know; these are just my thoughts. Anything to add?

MySQL, OpenBSD & More

I actually don't like these multi-topic posts, but sometimes there are some small things that just don't each deserve their own post.

Firstly, for those that haven't upgraded yet, get your asses over to phpmyadmin.net and download the latest security update.

Secondly, MySQL 5 has been released. In my humble opinion, anything earlier than 4.1 was a total waste of time (no support even for simple stuff like subqueries and "other" character encodings? bah!). Of course, MySQL is still far behind Postgres, but hey, it's getting there and for really simple stuff it's not that bad.

The installation is much like 4.1, but be careful: If you can call MySQL 5 backwards compatible, you can call Bush an advocate for world peace! See the migration toolkit for more info.

Thirdly, the southern part of South Africa was prettymuch on fire. Literally. The air was so thick with smoke where I stay in George that I could hardly breathe. Anyway, thanks to the colder weather and the much-needed rain, things seem to be under control again.

Naturally, I just had to go and save the best for last. OpenBSD 3.8 has been released!!! Read more on Tectonic and NewsForge. I added title attributes because it's no use to look at those IRIs. (In case you didn't know, this is exciting for me since OpenBSD is my all-time favourite server operating system.)

phpMyAdmin

Everybody in the web development world probably has used phpMyAdmin at some point in time to set up and/or modify the structure of and/or data in a MySQL database.

It's a very good piece of software, and one of the top projects at SourceForge; however, in my humble opinion, it's also very user-unfriendly.

Of course I could go into the specifics of what needs to be done to improve the current system, and I need to as well (since I believe in constructive criticism). But first I want to hear other people's feeling and opinions.

The summary of my complaints about the user interface of phpMyAdmin goes roughly like this:

The pages are cluttered.
It's often difficult to see on a glimpse what's what and what needs to be done.
A typical old-school approach has been taken to design. Instead of keeping to usability standards and having lists of information with add/edit/delete options on top or to the side, you often have to search for these functions scattered across the page.
The design could have worked better on 800x600.

I want to make it very clear that this is not supposed to be a bitch. This is not about complaining and wining about poor user interfaces; this is about making a statement, wondering about what other people think, getting more opinions, and drafting up a document of how improvements can be made and then sending that to phpMyAdmin for consideration.

Comments are very welcome, even if it's just your vote of support. I want to know who's out there and if I'm on the right track or not. So everything, including flames, welcome in the comments (as long as you flame me and not each other of course). :)

Firefox Baton

This is a cross-post from my SFX Blog. I don't like cross-posting normally, but since I got no reply there (weird) I thought this might be a good idea. Just in case.

Ok, so I just came up with this absolutely crazy idea: Let's make a Firefox Baton!

So many people must have heard about (and some people might even have been victimised by getting passed) musical batons. Some crazy bastard starts one and then passes on the baton to x amount of other people. Then those people need to answer the baton (typically by posting about it on their blogs - what music they like, how much of it is on their hard drives, etc) and each pass the baton to x other people.

Search on Google for "musical baton" and you get more than a million matches! Not bad!

Now my idea: Why not start a Firefox Baton. The baton can be to ask Firefox users questions about their Firefox installation, for example:

For how long have you been using Firefox?
Which extensions do you have installed? Which are your favourite(s)?
Which theme are you using?
[Think up more questions and comment!]

On the negative side, from experience with musical batons they might be irritating and some people might be offended by being passed one.

On the positive side, many people might think it's fun and it would be interesting to see what the various Firefox users think and are using. Also, it might help to spread Firefox; if non-Firefox users read about all its cool features on other people's blogs that might inspire them to try it themselves.

Of course, I'm aware that many people have posted about Firefox on their blogs (general reasons for using it, etc) and many people are displaying Firefox and/or Thunderbird buttons, but I would be interested more in finding out the specific details of each individual and their installations.

Ok, so I'll openly admit to it myself, this is nuts. Actually, it's so crazy, it just might work!

Feedback, comments, flames, etc welcome. And apologies if something like this has been done/proposed in the past, but I've been here at SFX for almost a year and I've searched on Google but yet couldn't find anything so crazy as this yet. :)

Main

Latest

Archives