November 7th, 2008 Denham Coote
Amongst a number of other uncharacteristic decisions I’ve recently made, I went off and got myself a tattoo yesterday.
Circle of Friends
Some (geeks) may recognise it right away. For those of you that don’t, other than it being a cool design (I think so, anyway), there’s a bunch of meaning to it.
The symbol is that of Ubuntu Linux. From their website:
Ubuntu is an African word meaning ‘Humanity to others’, or ‘I am what I am because of who we all are’. The Ubuntu distribution brings the spirit of Ubuntu to the software world.
It’s about community, caring, sharing, acceptance, diversity, and the ideologies that the culture embraces.
In addition to that, I’ve gone up 10 points in a) geekiness b) coolness or c) both! Hehe.
The photo doesn’t quite show it off properly yet, since the light grey areas are still a little dark (and look black). Look here to understand it better.
A big thanks to Kay from Skin Deep Tattoos who left his mark on my virgin skin.
Posted in General | 29 Comments »
August 27th, 2008 Denham Coote
What do geeks, code, blogs, Matt Mullenweg and I all have in common? Well, for one, we were all in Cape Town this weekend for WordCamp SA. The glue that holds it all together? WordPress.
Friday, 22nd August, 2008
WordCamp weekend kicked off with Tyler and I heading out to the airport on Friday morning at 5am, meeting Vincent Maher on the way. Upon landing, we were taxied around by Jason Bagley. A few client meetings later, we made our way to the hotel we were staying at, which happened to be a mere 20 meter walk from The Wild Fig (where the event took place).
After dropping off our luggage, we made our way back to Cape Town International to meet Warwick Poole and Matt Mullenweg, both of Automattic. After waiting an hour or so, Warwick came out and informed us that Matt’s bags were missing. Fantastic! There were still held up US side.
After stopping to do some essential shopping for Matt, we made our way to none other than Spur. Not quite South African gourmet, but certainly a home-grown experience. From there we went to the pre-un-conference geek-meet at Asoka. I’d love to be able to link to all the people we met, but I’m afraid Google might turn on me. Needless to say it was an awesome evening, with me introducing Matt to his first Jaeger Bomb!
Back at the hotel, Tyler and I worked until about 2am, sorting out last minute details, and spending a bit of time on Project Wolf.
Saturday, 23rd August, 2008
The event that got 100+ geeks and their laptops assembled in Cape Town: WordCamp SA 2008. Organised by Younique, with the likes of Matt and Warwick as guest speakers, it was a day of note.
Kicking off at 9am, with coffee and muffins, the venue quickly filled up. Prominent bloggers and entrepreneurs alike were crammed into the The Wild Fig. An awesome line up of speakers kept everyone interested (and awake) throughout the day.
Matt is a very natural speaker. He spoke about running a business, and making money, utilising a business model based of free software. Warwick, also of WordPress, gave us some incredible stats about wordpress.com - its traffic and infrastructure.
The day, however, was not without incident. As Tyler was giving the closing speech, I managed to knock a glass of water over into his brand new Macbook. It’s amazing, but in those few seconds following, I was photographed more times than all the key speakers combined. *blush*
That night we went off to Sinns at Wembley Square for dinner. Sinns is the type of place that charges twice as much as Spur, serves half the amount of food, but makes it look pretty. It wasn’t bad at all, though.
Chris Rawlinson, of Stormhoek (who were kind enough to sponsor wine for the day) invited us back to his place after dinner. A special word of thanks to him for putting up with us until 5am, even after having parts of his apartment demolished.
Sunday, 24th August, 2008
I managed to surface at 10:30. I felt like ass. Now, normally, I do not suffer the after effects of consuming too much alcohol. This day was different. I blame Matt. Those Mohitos (sp) were lank dodgy, oke. After dragging my sorry ass out of bed and getting showered, the only logical thing to do was to go to KFC and buy out half their shop. After buying enough for 17 people, Tyler and I were happy that we had enough for the 2 of us. We were also kind enough to share with the other guys when we got back to the hotel.
From there, we made our way to Stormhoek Wine Estate. Graham Knox was simply awesome, giving us a private tour of the farm, and treating us to a wonderful lunch. I have never had so many open bottles of wine in one sitting. Stormhoek is an estate that is full of history, and really takes pride in the wine it produces. I shall certainly be buying many many bottles from them in the future.
After a great day out in Wellington, Jason once again taxied Tyler and I back to the airport for the last flight back to Joburg.
A very big thank you goes out to Tyler, who is responsible for the weekend. Though he will try pass credit on to other people, WordCamp would not have happened without him. His guiding hand, his generosity, his huge personality and his ability to bring people together and enjoy themselves. Thank you, mate!
This post is VERY short compared to the sum of the events of the weekend. I think the best suggestion I can make is that you don’t miss next year’s!
Posted in General, WordPress | 1 Comment »
August 21st, 2008 Denham Coote
On Saturday I’ll be attending WordCamp SA 2008. For those who don’t know, WordCamp is a gathering (or is it gaggle?) of geeks who all have one thing in common - A passion for WordPress.
What is WordPress? For my even less-informed friends, WordPress is primarily a blogging platform, which is very extensible. My site is built on top of WordPress.
The event has been organised by Younique, and takes place at The Wild Fig. With a diverse array of guest speakers, including WordPress founder Matt Mullenweg, it’s sure to be an informative and enlightening day!
Posted in General | No Comments »
July 24th, 2008 Denham Coote
When accepting data from a user, any data at all, it should be sanitized before making its way to your database.
What does this mean? Well, for one, you’re going to inspect the data and make sure that it doesn’t contain any malicious code such as ill-intentioned javascript. Another is to prepare the data so that when it gets added to your insert/update SQL it doesn’t break the SQL (or do other nasty actions). Otherwise know as a SQL injection attack.
The technical details of the types of attacks we’re protecting against are a bit out of the scope of this post, but there are numerous resources available which will explain far better than I am able to.
After a form has been submitted (via get or post) it gets stored in the global array $_GET or $_POST. Once we have this data, we can and should do a bunch of things to it, such as:
Stripping out malicious code
We’ll scan through the input, searching for anything that shouldn’t be there, like html code, <script> tags, etc.
<?
function cleanInput($input) {
$search = array(
'@<script[^>]*?>.*?</script>@si', // Strip out javascript
'@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags
'@<style[^>]*?>.*?</style>@siU', // Strip style tags properly
'@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments
);
$output = preg_replace($search, '', $input);
return $output;
}
?>’slashing
This part can sometimes get tricky, but not to worry, the code’s not too bad. Basically we’re adding a backslash before any of the following: ‘ (single-quote), “ (double quote), \ (backslash) and NULL characters. Depending on your server configuration, there are a bunch of ways of getting this done. PHP has something called magic_quotes, which does this automatically. Note, however, that as of PHP 6 this feature has been deprecated and removed. Another PHP function, addslashes(), is the manual version of magic_quotes. addslashes(”Where’s Wally”); will return “Where\’s Wally”. A better option, if your server supports it, is mysql_real_escape_string(). It performs pretty much the same function, but is apparently better.
<?
function sanitize($input) {
if (is_array($input)) {
foreach($input as $var=>$val) {
$output[$var] = sanitize($val);
}
}
else {
if (get_magic_quotes_gpc()) {
$input = stripslashes($input);
}
$input = cleanInput($input);
$output = mysql_real_escape_string($input);
}
return $output;
}
?>To use, we simply pass any input to the function. The function works on single strings, as well as deep arrays.
<?
$bad_string = "Hi! <script src='http://www.evilsite.com/bad_script.js'></script> It's a good day!";
$_POST = sanitize($_POST);
$_GET = sanitize($_GET);
$good_string = sanitize($bad_string);
// $good_string returns "Hi! It\'s a good day!"
?>
Typecasting
Making sure that the data we’re inserting matches the expected type; i.e, someone’s age should be received as an integer value, and not a string.
<?
$age = (int) $_GET['age'];
?>
This is a very gentle introduction to sanitizing your database input, and I would certainly recommend that you do a lot more research on these methods in order to use them correctly in your given environment.
That’s it for today. If you found this useful, of would like to improve it, comments are always appreciated!
Posted in php | 34 Comments »
July 14th, 2008 Denham Coote
Pricing on the Dell Studio 17 is available. The Studio 17 looks like a great machine. The pricing is even better! It sells for less than the Vostro, looks nicer, and has more features. Awesome.
I’ve ordered the following:
Intel Core 2 Duo T9300 (2.5 GHz, 800 MHz FSB, 6 MB L2 Cache)
4096MB 667MHz Dual Channel DDR2 SDRAM [2x2048]
17.0″ Widescreen WUXGA+ CCFL (1920×1200) TFT Display with TrueLife
160GB Free Fall Sensor (7200RPM) Hard Drive
8X DVD+/-RW Drive
256MB ATI Mobility RADEON HD 3650
9-cell 87 WHr Lithium Ion battery
Biometric Fingerprint Reader
Wireless 1510 Half Mini Card (802.11n)
Wireless 370 Bluetooth Module
AVerMedia AVerTV Hybrid NanoExpress DVB-T TV Tuner
2.0 Mega pixel Integrated Web Camera
Travel Remote Control Express Card
I can’t wait for it to arrive!
Posted in General | 4 Comments »
