derekville.net

I figured it was about time to upgrade to a new theme, so I found this one, Snoods theme.  Whaddya think?

Because this theme doesn’t accommodate the native tagging capability of Wordpress 2.3, I had to hack into the wp functions to add the capability to display tagging in the post.  What Wordpress really just needs to do is append the tag info to the end of all posts, like I’ve done for this theme. 

If you need to do the same, update “the_content()” function in wp-includes/post-template.php to the following code (additions in yellow):

function the_content($more_link_text = ‘(more…)’, $stripteaser = 0, $more_file = ”) {
    $content = get_the_content($more_link_text, $stripteaser, $more_file);
    $content = apply_filters(’the_content’, $content);
    $content = str_replace(’]]>’, ‘]]>’, $content);
    ob_start();
        the_tags(’Tags: ‘, ‘, ‘, ‘<br />’);
    $tag_html .= ob_get_clean();
    if (!empty($tag_html))
    {
        $content .=”<br /><div align=’center’ style=’clear:both;’><span style=’border:solid #333333 1px; padding:3px;’>”;
        $content .= $tag_html;
        $content .= “</span></div>”;;
    }
    echo $content;
}

This really the first time I’ve dove into the innards of Wordpress, and wow is it rather horrid.  Considering how important Wordpress is to the evolution of the blogging community, developers are important, and with the way the code looks now, I can’t imagine anyone would take up Wordpress development as a hobby.

written by Derek \\ tags: 135, 181

In a logical step, Google has launched a mobile version of it’s ad network AdSense so users can now visit sponsored links on sites they are browsing on their phone. The original incarnation of AdSense uses JavaScript to embed ads in a page, which carries little security risks to the user and the server the page is hosted on. However, because most mobile devices don’t support JavaScript, they had to resort to using servers-side scripting languages (PHP, Perl, ASP, etc..) to embed ads prior to delivering the page to the user. Here’s an example of the PHP version of Mobile AdSense.

<?php

$GLOBALS[’google’][’ad_type’]=’text’;
$GLOBALS[’google’][’channel’]=”;
$GLOBALS[’google’][’client’]=’pub-5039159613133207′;
$GLOBALS[’google’][’format’]=’mobile_single’;
$GLOBALS[’google’][’https’]=$_SERVER[’HTTPS’];
$GLOBALS[’google’][’host’]=$_SERVER[’HTTP_HOST’];
$GLOBALS[’google’][’ip’]=$_SERVER[’REMOTE_ADDR’];
$GLOBALS[’google’][’markup’]=’xhtml’;
$GLOBALS[’google’][’output’]=’xhtml’;
$GLOBALS[’google’][’ref’]=$_SERVER[’HTTP_REFERER’];
$GLOBALS[’google’][’url’]=$_SERVER[’HTTP_HOST’] . $_SERVER[’REQUEST_URI’];
$GLOBALS[’google’][’useragent’]=$_SERVER[’HTTP_USER_AGENT’];
require(’http://pagead2.googlesyndication.com/pagead/show_ads.php’);

?>

While Google’s motto is “Do No Evil” and I don’t think they would ever do anything to harm a Mobile AdSense client’s server, using server-side scripting languages presents a massive security hole on most servers. Once I can execute that code on your serer, all bets are off. One could access the database to gain customer information, redirect users to phishing sites, or even just reformat the hard drive just for the hell of it. The best method for hacking a server running Mobile AdSense would be DNS Cache Poisoning.

While I don’t exactly have any solutions on a method to deliver dynamic ads from the AdSense network that doesn’t use JavaScript or a server-side scripting language, I find their approach completely unacceptable from a security perspective and you will find a lot of objection in the enterprise community towards this method.

written by Derek \\ tags: 135, 16, 76

One of the more recent coding projects I’ve been working on is the redesign of the our customer signup process at work. During this process, a lot of data validation & integrity needs to take place from the user entered information coming from the HTML forms. For a PHP/Javascript coder, this scenario has always meant, “Do I validate in PHP? Javascript? Both?” PHP gives you database access but it comes at the price of having to submit the page. Plus, you have to build in extra navigation logic which can sometimes be messy. Javascript is quick & easy, but can be unreliable (user can turn javascript off) and you do not get any access to a database. If you do both, then you split up the validation between specific fields and that becomes flat out messy.

So which route did I go to accomplish this validation task? None. Well, actually all of them, but not by the traditional means. Rather, the best method I found here was to use an AJAX method and split the display (HTML), trasportation (Javascript), and validation (PHP) layers up and keep them completely seperate. By using this method you have a lot of advantages;

• Because AJAX is as asynchronous, user does not have to submit the form (and wait for a reload). The less clicks for the user, the better.
• It makes the experience is as smooth as possible for the user
• Seperation of view (HTML), transportation (javascript), and validation (PHP) layers to make coding much cleaner.

Once I had an understanding of what I needed to build, here is the basic outline of the steps needed to design this app…

• Be able to convert the HTML form into XML
• Use the XMLHTTPRequest object to POST an XML string to a PHP script
• Within PHP, validate data using regular expressions and database queries
• Denote valid & invalid data values only by adding “valid” and “error_message” attributes to the element nodes and not altering any of the original XML data.
• Send the same (but slightly modified) XML document back to the Javascript
• Within Javascript, determine what (if any) errors the user may have with the data entered
• Inform user of errors

I also had the goal of making this validation process as portable/reuseable as possible and be able to add it to any form by only adding a “onsubmit()” attribute to the HTML form and the error message <div> to the HTML document. Aside from that, everything else takes care of itself in terms of XML creation, validation, error message(s) being displayed, and the input boxes being highlighted within the form.

So here’s a link of a stripped down version of what was built. It isn’t pretty and isn’t meant to show off my design skills. Rather is it designed to demo the functionality and behavior of the script, and then provide the source code (with comments) to build a much more useful app on top of the existing code. Play around with it, modify it, break it, & fix it. That is usually the best way to learn.

Post in the comments below or email me if you have any questions

(Update: I just checked the example page for the first time in a long time, and something is broken. I’ll update again when it is fixed.)

written by Derek \\ tags: 101, 135, 168, 17, 183, 69