Troubleshooting preventer

Posted by mkhairul - September 26, 2007 at 08:09:22 pm - No Comments

 Categories: blog



I’m in kind of a conflict. I’m expected to be a troubleshooter at my office but what I wanted to be more is a troublepreventer, the troubleshooter is still required for some stuffs but doing the same stuff over and over again is not something I’m looking forward to.

The current way we do things around at work something drives me nuts. Lots of security nightmare, disabling all error reporting and much more. I wanted to do the right way, but my justifications went unheard (or maybe its me who doesn’t know how to explain). Either way, I just have to keep playing ball and fix here and there just to keep things together.

As I mentioned in a couple of my previous post. Interakt (or is it MX Kollection?) is the preferred method of building web stuffs (dynamic forms, thumbnails, etc). Well, it is great and fast but hacking it is kinda tedious, the validation isn’t quite as flexible as I’d expected and the documentation is terrible. It only explains on the frontend with all the GUIs shit, but not under the hood where it really matters.

I’d rather stick with CI (Codeigniter) but then again if I do that, some people couldn’t join in developing it. The learning curve is low but you have to have some basic understanding of how stuff works and doesn’t whine and depend on code generators and IDE.

Enough ranting maybe I should do something else like scamming the scammers by scooping 16 Awards or something. Heh. But then again, its too much work for a procrastinator like me. Oh yeah, I’m doing some screen scraping and hopefully it’ll be up and ready to feed my current project with data.

Sleepy monday.

Posted by mkhairul - September 26, 2007 at 08:09:32 pm - No Comments

 Categories: blog

Another day at work. I can’t pull off my Serious Shit Day. I just can’t, its not in my nature. Heh.

Anyway, I’m doing a little bit of development and searched for jQuery cheat sheet so I dont have to click through every page of the documentation to find what I’m looking for. Cheat sheets gives you an overall view of the stuff its representing. Its colourful too. 

While I was doing some printing modifications for an event’s pass. I found out that page-break-before: always doesn’t work with absolute elements. Urgh, took quite a while to adjust it. 

I just lost my train of thought and forgot to post this entry. A few days late but, oh well. 

Diminishing Moments..

Posted by mkhairul - September 20, 2007 at 06:09:22 pm - No Comments

 Categories: blog

I’m feeling a bit down. It’s all because I felt unappreciated for all the stuffs that I do. Ok, maybe I’m a bit slow but there’s no need to tell me to stop browsing my sites and stop my reading. I did what I could, I know what I did. I went for it and focuses all my efforts on it, knowingly there are other easier stuffs that can be done.

"I think you should stop all of these sites before 5" and some other crap.

That remark is insulting and makes me angry, but not angry enough to burst into an anger fit and throw a tantrum.

I have done lots of stuffs, stuffs that looks easy because I took the time of trying it out and showing how its done. These informations doesn’t come knocking on my door or from some divine revelation. I went to the news site and read about these stuffs. Hours after hours of trying it out. Argh! I can’t stand this anymore..

Tomorrow is Serious Shit Day

Speak with a clear tone voice. Deny things that can be denied. No browsing other sites. No smiling. Be pessimistic. No trying out stuffs or innovating. Just get the work done. In and out as quickly as possible.

If there’s a problem and something like "I know you know something" comes out, just reply with "Nope, I dont know anything about that, BECAUSE I didn’t browse my sites at work anymore, I think someone told me to stop doing it but I can’t remember who".

I don’t feel like going to work tomorrow. This is really depressing. :(

Remember Me for logins

Posted by mkhairul - September 19, 2007 at 11:09:26 am - No Comments

 Categories: Development, Tips, blog

Nothing much

Another day in the office. I didn't sleep last night, watched UEFA Champions League (Liverpool vs FC Porto, 1-1). I didn't watch the first half, but the rest is quite dull. I slept earlier in the evening so I didnt feel sleepy too much.

System

Anyway, there's an event management system that we're doing. Won't come out anytime soon, and it'll probably be proprietary. I'll find a reason to make it open source after it takes off.

Interakt

The system uses the interakt (MX Kollection 3.0) stuffs, framework or not its horrible. The thing is tightly integrated and stuffs are passed around here and there. Maybe my understanding of OO concepts ain't as solid but CI doesn't give me any problems, I can understand it clearly. Its simple and it does it well. It was implemented with CI previously, but my boss wanted to scrap it, I guess he can't get involved with it too much if I use CI, which frustrates him.

Remember Me, You and Me Again

remember.jpg

Enough about MX Kollection, what I've been searching for is the best practices for Remember Me feature for the login. Practical PHP Programming doens't have it, so I googled and browsed a few sites and after lots reading found a few.

And I went to search a little bit about cookie hijacking. After a while, I guess I have to accept it is a disadvantage of implementing the Remember Me feature.

One thing I noticed on Joe Tutorials and Scriptygoddess is they use 2 variables for storing information. Why did do that? Why can't they use just one variable? Example (this is the one that I did):

After authentication:

PLAIN TEXT
PHP:
  1. if($_POST['remember_me'] == 1)
  2. {
  3.     $hash = sha1($row['uid'] . random_string());
  4.     setcookie('something', $hash, time()+60*60*24*14); // 2 weeks
  5.     $sql_query = sprintf("UPDATE `user` SET remember_me = '%s' WHERE username = '%s' AND password = '%s'", $hash, $row['username'], mysql_real_escape_string(md5($_POST['password'])) );
  6.     mysql_query($sql_query, $conn) or die(mysql_error());
  7. }

Auto login:

PLAIN TEXT
PHP:
  1. if(isset($_COOKIE['eventuz'])) {
  2. {
  3.     $remember_hash = $_COOKIE['eventuz'];
  4.     $sql_query = sprinf("SELECT * FROM `user` WHERE remember_me = '%s'", mysql_real_escape_string($remember_hash));
  5.     $result = mysql_query($sql_query, $eventuz);
  6.     if(mysql_num_rows($result) == 1)
  7.     {
  8.         $row = mysql_fetch_assoc($result);
  9.         if($row['active'] == 1)
  10.         {
  11.             $_SESSION['user_id'] = $row['uid'];
  12.             $_SESSION['username'] = $row['username'];
  13.             $_SESSION['logged_in'] = TRUE;
  14.         }
  15.     }
  16. }

Final Thoughts

I think there's a way to prevent cookies from being fished retrieved by malicious website. Something along the way of changing to random string every week and keeps it in the database and compare each of the entry and find out if it exists (which could take alot of resources).

If anyone knows about this, feel free to inform me. I'm still learning.

Aria2 - download utility (bittorrent, http and some other stuffs)

Posted by mkhairul - September 13, 2007 at 05:09:07 am - No Comments

 Categories: Tips, blog

The Day The Server Went Down..

Due to excessive use, people handing out accounts to others and such, my friend's torrenflux causes his server to use tremendous amounts of resources which evidently leads to its crash. A perl program that torrentflux runs hogs all the resources, I can't remember from the back of my head the name of the program but I'm pretty sure its a perl program. Some kind of a flaw in the program (not perl, mind you). The crash was unacceptable because it was a shared hosting.

So anyway, those were the good old days where I dont have to worry about downloading torrents and stuff, just put it in torrentflux and a couple of hours it is done. I tried to relive the experience, I googled and wikied all that I can to find, a program that are similar to torrentflux (without the need for a root access), but found none. ctorrent, rtorrent is nice and all but there's a problem that I encountered, whether it needs some sort of library, dependency and some other stuff, in the end it requires root access to install these kind of things.

A few months I endured the torture of using utorrent. Not because the program bad, but because streamyx is limiting the bandwidth for torrent. As I had discuss in Streamyx O' Pain.

Alternative

While I was searching for a nice flash image gallery apart from fig and flash gallery (it doens't provide the source :( ), I found aria2 - The high speed download utility. Looks interesting, I decided to check it out. Ok the installation was simple. Apart from setting configure's --prefix.

sh ./configure --prefix=/home/yourfolder

I will create a bin folder inside /home/yourfolder and there's aria2c program in there. That's all you need to do. Use the instructions and all is ready to go. Oh yeah, make sure you run it on servers that are connected to the backbone for example servers that are in the datacenter or using a leased line. Away from the evil traffic shaping.

Aria

Of Alignments, ACL tear and Bioshock..

Posted by mkhairul - September 7, 2007 at 04:09:03 pm - No Comments

 Categories: blog

Just for fun do an alignment test at WotC Online Alignment Test. I wont tell my alignment. Its a secret guarded by Official Secrets Act.

What Happened?

I've been away for quite a time. Having experienced an ACL Tear (Anterior Cruciate Ligament), well seems like a tear but I'm not sure, unless its serious I am not too fond of seeing a doctor. Painful for the first few days. I'm hoping to go full throttle in futsal next month, October. Aiming 10 goals for my debut. lol.

I also finished watching Prison Break Season 1 and 2 in 5 days. Using a chinese site, that streams an RMVB file, something like that. The image is quite good, watchable and nice 5/10. Sound is great 7/10. Click on the site's link for the episode and wait it streams for 2-3 minute and watch it to the end. It was alot, but well worth it. Can't wait for Season 3.

New Game

Other than that nothing much, I bought Bioshock. Very nice game but after hearing PC Gamer Podcast #98, Logan or Will said something bout the realism of getting shot, the NPCs doesn't went limp after each shot, they're still at their full strengh which breaks alot of the realism. But still, an interesting game though.

In some level, it scared the shit out of me in the dentist office where the splicer just stands behind me doing nothing. Went I look back there he is fucking standing behind me doing nothing. My first reaction was to fire the shotgun before throwing my arms in the air shouting AAAAAAAARGHHHH!

My housemate laugh himself to tears. Well, I'm not embarrased, it was pretty scary.

Conclusion

This weekend I will end Bioshock. Not much to do really, Heroes isn't out yet. Other than Naruto and One Piece. Not much.

Powered by WordPress with GimpStyle Theme design by Horacio Bella.
Entries and comments feeds. Valid XHTML and CSS.