I always try to keep the # of add-ons loaded on my Firefox at a minimum. In my many years of being in web development I have found that there are at least 3 essential add-ons that any serious web developer must have.

• Firebug - Live tracing and debugging for HTML, CSS, and JavaScript.
• Pearl Crescent Page Saver - Save an image of a web page to a file.
• Web Developer - Adds a menu and a toolbar with various web developer tools.

Snap Links - Opens multiple links contained in a selected area in new tabs. Get the Firefox 3 compatible version.

Share This

Lately this blog has been suffering from MySQL out of memory error messages which got worse as the days went by. Sometimes Is could not post stories, or my sidebar would not load. Other times I could not load the admin area, or my site went down entirely. After doing a bit of tracing and research I was shocked to discover that my wp_options table had almost 2,000 records in it. As I skimmed through the records I saw that majority of it had rss_ to it, which led me to research on Wordpress’ RSS caching mechanism.

So, I did some more digging until I came across lildude’s explanation of Wordpress’ autoload functionality, which defaults to yes, causing it to bloat the $GLOBALS variable with all the crap our lovely plugins dump into the wp_options table. Finally I came across jayrocas’ post on the Wordpress support forums on how his blog database had a bunch of entries whose option_name looked something like “rss_f07b6018d7bc77b2520b5ec4296f3e66_ts”. After reading the community’s response, I decided to delete all 1,325 rows that started with “rss_”. The query I used was:

DELETE FROM `wp_options` WHERE `option_name` LIKE “rss_%”

Like magic, my blog loaded without any more hiccups. Reloading the home page immediately after cleaning up the database results in 8 new “rss_” entries. I can only think of two RSS feeds that my homepage pulls from (Flickr and Last.FM) so I’m not sure where the other 6 is coming from. Looking at the database, it appears that there is a duplicate entry for Flickr and Last.FM, and there is 3 entries with the same option_name hash “rss_89613d9a050aad8af096de3c8dfa83bd_ts” and option_value of “1224690561″. I don’t know what’s causing the duplication, or what the bogus triplicate entry is. I have no intention of doing so. Right now, I’m content with a running blog. I’ll just do a database clean up every now whenever necessary.

I am still trying to see if the CommentLuv plugin had anything to do with bloating my wp_options table. There is a huge chance that it does, but I love this plugin so I will just try to upgrade it when I’m done with this post.

Finally, I also installed the Clean Options plugin, which searches for and removes orphaned entries in the wp_options table. Cool. But is there no select all / remove all option? I can’t imagine having to place a check on all 1.7k rss_ entries when it takes me less than a minute to login to PhpMyAdmin and execute that query I listed above. Will this plugin be of any use? I’ll just keep it installed - just in case.

Share This

On September 1, 2008 Google released its very own open source web browser. Called the Google Chrome, it combines elements from the top 3 web browsers. Here’s a quick list:

• A powerful address bar (Firefox)
• Tabbed browsing
• Starred items (Firefox)
• Saved passwords
• Maximized browsing interface (IE)
• Auto-dial with preview thumbnails (Opera)
• In-line resizable input fields (Safari)

In a stroke of creativity, Google even came up with a comic strip to explain why they created Chrome.

While Chrome’s feature set may be nothing short of revolutionary, what did catch my attention is its speed and memory utilization. Everything feels very snappy and responsive. One thing that caught my attention, though, is the memory utilization. Windows Task Manager reports five chrome.exe processes, and I only have three tabs open. The total memory utilization for all five processes amount to at least 108 Megabytes. I loaded these game tabs into Firefox 3 and it only consumed 60 Megabytes without any add-ons.

I guess I have yet to experience more of Google Chrome before I can come up with a fair verdict, but I can honestly say that I am enjoying the experience so far. I am already looking forward to future enhancements and developments of this browser.

At the end of the day, this browser does indeed pack a heavyweight punch while keeping everything slim and sexy.

Kudos to the Google Chrome team!

Share This

Got this message when I logged into BaseCamp today. It appears that more and more businesses are now dropping support for antiquated browsers like IE6, which to me is a good sign and would pave the way to better internet standards.

Important Reminder: IE 6 Phase Out

In July we announced that we would be phasing out support for Internet Explorer 6 on August 15, 2008. To make the transition easier, we’ve extended that deadline to October 1, 2008. From now until October 1st, anyone using IE 6 to access Basecamp (or our other products) will receive a notice every 3 days letting them know they’ll need to upgrade their browser before October 1, 2008 in order to continue to use Basecamp. The notice will be displayed in the web browser and will include links to download a modern browser (IE 7, Firefox, or Safari). This notice will also be shown to your clients who use Basecamp. You may want to re-read the announcement so you are prepared for any questions they may have. If you have any questions please contact support. Thanks for your patience during the transition.

Share This

Had my hands full these past 2 months trying to fix SQL injected websites. It looks like this is the result of a recent string of attacks by Chinese hackers primarily exploiting websites running on ASP Classic with Microsoft SQL Server as the back-end database. Some of my sites had small amounts of data, which can be very easily cleaned up by hand. However, others can be quite huge and impossibly difficult for a brute force solution, that an automated script is necessary to fix the problem. After asking around one of my friends e-mailed me this. It gives no credit to the original source so if this is yours, please e-mail me so that I can give due credit.

Automatically clean up a database infected by SQL injection:

BEGIN
DECLARE @tblTable varchar(255), @colColumnName varchar(255), @Cmd NVARCHAR(4000)
DECLARE curSQLinjectionDataClean CURSOR FOR
SELECT a.name, b.name
FROM sysobjects a, syscolumns b
WHERE a.id = b.id AND a.xtype = ‘u’ AND
(b.xtype = 99 OR
b.xtype = 35 OR
b.xtype = 231 OR
b.xtype = 167)
OPEN curSQLinjectionDataClean
FETCH NEXT FROM curSQLinjectionDataClean INTO @tblTable, @colColumnName
WHILE (@@FETCH_STATUS = 0)
BEGIN
SET @Cmd = ‘UPDATE [’ + @tblTable + ‘] SET [’ + @colColumnName + ‘] = LEFT([’ + @colColumnName + ‘], LEN([’ + @colColumnName + ‘]) - 69)
WHERE [’+ @colColumnName + ‘] like ”%“></title><script src=”http://www3.800mg.cn/csrss/w.js”></script><!–”’
exec sp_executesql @Cmd
FETCH NEXT FROM curSQLinjectionDataClean INTO @tblTable, @colColumnName
END
CLOSE curSQLinjectionDataClean
DEALLOCATE curSQLinjectionDataClean
END

Replace “></title><script src=”http://www3.800mg.cn/csrss/w.js”></script><!– with the string that was injected. Note that this only clean records that are victims of SQL string injection.

To prevent future SQL injection:

BEGIN
DECLARE @tblInjectedTable TABLE (colTableName varchar(255))
DECLARE @tblInjectedColumn TABLE (colRecordID INT IDENTITY(1,1), colColumnName varchar(255))
DECLARE @tblTable varchar(255), @colColumnName varchar(255), @Cmd NVARCHAR(4000), @iCount SMALLINT, @iCountTo SMALLINT, @WhereCmd NVARCHAR(4000)
INSERT INTO @tblInjectedTable(colTableName)
SELECT DISTINCT a.name
FROM sysobjects a, syscolumns b
WHERE a.id = b.id AND a.xtype = ‘u’ AND b.length>99 AND
(b.xtype = 99 OR
b.xtype = 35 OR
b.xtype = 231 OR
b.xtype = 167)
DECLARE curSQLInjectedTable CURSOR FOR
SELECT colTableName
FROM @tblInjectedTable
OPEN curSQLInjectedTable
FETCH NEXT FROM curSQLInjectedTable INTO @tblTable
WHILE (@@FETCH_STATUS = 0)
BEGIN
SET @iCount = 2
INSERT INTO @tblInjectedColumn(colColumnName)
SELECT DISTINCT b.name
FROM sysobjects a, syscolumns b
WHERE a.id = b.id AND a.name = @tblTable AND a.xtype = ‘u’ AND b.length>99 AND
(b.xtype = 99 OR
b.xtype = 35 OR
b.xtype = 231 OR
b.xtype = 167)
SELECT @iCountTo = COUNT(*) FROM @tblInjectedColumn
SELECT @colColumnName = colColumnName FROM @tblInjectedColumn WHERE colRecordID = 1
SET @WhereCmd = ‘WHERE ins.[’ + @colColumnName + ‘] LIKE ”%<script%”’
WHILE @iCount <= @iCountTo
BEGIN
SELECT @colColumnName = colColumnName FROM @tblInjectedColumn WHERE colRecordID = @iCount
SET @WhereCmd = @WhereCmd + ‘OR ins.[’ + @colColumnName + ‘] LIKE ”%<script%”’
SET @iCount = @iCountTo + 1
END
SET @Cmd = ‘CREATE TRIGGER t’ + @tblTable + ‘ ON [’ + @tblTable + ‘] FOR INSERT, UPDATE AS
BEGIN DECLARE @iCount BIGINT SET @iCount = 0 SELECT @iCount = COUNT(*) FROM inserted ins ‘
+ @WhereCmd + ‘ IF @iCount > 0 ROLLBACK TRANSACTION END’
exec sp_executesql @Cmd
FETCH NEXT FROM curSQLInjectedTable INTO @tblTable
END
CLOSE curSQLInjectedTable
DEALLOCATE curSQLInjectedTable
END

This is all very easy to do. It took me less than two minutes to copy and paste the two code blocks above, make changes to the first one, and execute on MS SQL. Of course, I tested this first on a backup copy just in case. When trying out something unfamiliar for the first time, always make a backup copy!

Update (09/19/2008): attaching a downloadable version of the cleanup script. Get it here!

Share This

Kom In I Garderoben is cool a Swedish site that will automatically generate an MTV-like video from any music file. The site is preloaded with a bunch of sample tunes, but you can actually upload your own MP3 file and watch as the video plays to its beat.

It’s very neat stuff, though it gets boring after a few minutes of repetition. I’m not really sure what this site is all about though, I wish I could understand Swedish

Share This

Just stumbled upon SoundManager 2, a JavaScript library that handles sound playback, something that has been missing in JavaScript, which leads developers to resort to Flash instead.

From the website:

SoundManager 2 is an attempt at providing the sound API which Javascript has been missing. It’s a Javascript library which wraps and extends Flash’s sound capabilities, bringing cross-platform audio functionality to Javascript.

The description basically states that SoundManager still uses Flash for playback, which is a bit heavy and still not a native solution, but a workaround is a workaround. Kudos to Scott Schiller on the awesome work!

Share This

It seems that Google wants a piece of the VR (virtual reality) revenue pie oh so famously milked to its bare skin and bones by Second Life, by introducing the new Google Lively (beta, of course!)

From the website meta-description:

Chat and hangout with your friends in rooms you design and customize your avatar. Experience another dimension of the web with Lively by Google.

Lively’s features include the following:

• Create your own virtual space

  Chat and interact with your friends in rooms you design

• Express yourself

  Customize your avatar and stream personal photos and video

• Add your room to your site

  Invite your friends to chat and help decorate

Google may have has also embraced the popular torrent based distribution method by providing a 450kb download, which is what I believe to be a torrent downloader. Note that this is just my unconfirmed hunch. After all, the mighty Google has all the bandwidth in the world to spare, and then some.

Of course, creating an account is easy as 1-2-3. If you already have a GMail account, all you have to do is sign in to the Google Lively website and it’s activated.
(more…)

Share This

The army of darkness has once again come alive, this time in full 3D glory!

Blizzard, makers of World Of Warcraft and Starcraft has unveiled Diablo 3 last June 28. Screenshots and photos can be found at the official Blizzard website for Diablo III.

While you’re at it, check out this Diablo 3 insider preview over at mmosite.

While there is no mention of a release date, we can be almost certain that it will come after Starcraft 3. Blizzard has assured us that we can look forward to a fulfilling multiplayer experience. This is very exciting, given that its predecessors were Diablo 1 and 2 were huge successes in that area. Combine that with the running the #1 MMOG World of Warcraft I look forward to a very mature gaming experience.

When that time comes, I am sure we will have another smash hit first person and MMO game to look forward to!

Share This

I first noticed this bug in the first beta release of Firefox 3. Whenever I apply a CSS rule to an element in order to give it a background image, if I add the top or bottom positioning rule along with the no-repeat rule, I get a blurred version of that background image.

First look at the image in the example below, which appears blurry:

CSS:
#containerMain { background: url(images/backgroundMain.jpg) top no-repeat; }

Compare the image above with the image below, which is what it should look like:

CSS:
#containerMain { background: url(images/backgroundMain.jpg) top; }

Now notice that the only difference is the absence of the no-repeat rule.

Blurring does not occur if the no-repeat rule is by itself, or if I use the left and right rule, or if I specify the background image location in pixels. The following rules will not cause any blurring:

#containerMain { background: url(images/backgroundMain.jpg) no-repeat; }
#containerMain { background: url(images/backgroundMain.jpg) 10px no-repeat; }
#containerMain { background: url(images/backgroundMain.jpg) 5px 10px no-repeat; }
#containerMain { background: url(images/backgroundMain.jpg) left no-repeat; }
#containerMain { background: url(images/backgroundMain.jpg) top left no-repeat; }

In essence, the background blurring bug only appears whenever the no-repeat rule is used in conjunction with the top or bottom positioning rule. This is probably due to Firefox 3’s rendering engine attempting to center the image which it does so successfully but with a blurred image.

I did not care back when Firefox 3 was still in beta, but now that it is actually out of beta I can’t help but feel disappointed that this “bug” was left unfixed.

Share This