Untitle Entry #65

"I cannot persuade myself that a beneficent and omnipotent God would have designedly created parasitic wasps with the express intention of their feeding within the living bodies of Caterpillars." Charles Darwin

Hail the(n) snow

We got bombarded with some snow this weekend.


Last week I talked about getting caught up in this web of information... Well another link that popped up in my Web Clips in email tonight was OnSingularity.com. (I decided to take a screenshot of it for those that don't know what I mean). I read the byline of the clip which seemed interesting; "Futuristic news"... so I thought I'd check it out. The first link that caught my eye on that site was a link to an article called "How to Raise your Cyborg Child" which is an "out there" article about life with kids in the future. I must admit, I found it interesting. Far fetched, but definitely interesting. Plus, I learned a few new things. For example I had no idea what Singularity was until tonight (which I have yet to decide to be a good or a bad thing...)

New Radar for the Snow

The weather network is calling for a nice storm heading our way this weekend. Up to 40-50cm of snow. This prompted me to throw together a page to display the current radar so that I will have a quick reference to it anytime.

I see something Furly.

Ever clicked around so much on the web that about an hour or two later when you snap back to reality you say "holy, how in the world did I end up here?"... This usually happens by something catching your eye on one page, then you follow a link, then something else catches your interest on that page, so you follow a link on there, and this continues on and on before you're so far in the forest of the web that you've lost all sense of direction...

Tonight I opened up my email (Gmail) and amongst the Web Clips at the top it featured an article entitled Why developers need to rethink the 'While' loop, which is a ridiculous itWorldCanada article about some programming nonsense. Anyway after reading the article and the comments and having a nice chuckle, what caught my eye was the "Bookmark this article at" section at the bottom of the page. I clicked on Furl and I started randomly clicking around on it.

Then I thought to myself, hmm I wonder what they use behind Furl; PHP? .NET? Python? Rails? At this time I happened to be at the Find A Member section. So like I often do when I don't feel like resorting to Google, I try to simply put random extensions on filenames in the URL. (Sometimes this works.) The base URL for the Find a Member section is http://www.furl.net/members/search so I tried http://www.furl.net/members/search.php, http://www.furl.net/members/search.aspx... and they both seemed to work. Neat.

The next thing that popped in my head was "Maybe it's mod_rewrite taking care of it all. That must be some interesting Regex if that's the case." So I just typed http://furl.net/.htaccess (because if the rewrite rules are anywhere, they'll be in .htaccess). Obviously a long shot, you'd figure that file would not be accessible so easily. But to my surprise I could open the file. What the? Anyway I opened it and saw that the content was for Rails.

So that solves that problem. Furl loves Rails. Now another problem. Why the hell was I able to open that file? I have my own .htaccess file to rewrite photos to the photo script (ie: http://miklos.ca/###### to http://miklos.ca/photo?id=######) but browsing to http://miklos.ca/.htaccess throws a 403 error. In fact most webservers do. Maybe there's a reason for why Furl's is open. Maybe not. Maybe nobody cares. The moral of the story: between random clicking and this pointless entry, I just wasted about an hour and a half. Now it's time for bed.

Sandisk Sansa View

I Bought one of these today. It's pretty nice and costed me half the price of its iPod equivalent.

Exercise Prescription

A great resource for exercises, diet & nutrtition, so on and so forth. Check out the Muscle Directory.

Untitle Entry #38

Today's addiction: Bumpcopters 2.


Last month I wrote an entry about the Osenoa globalheader script... When I wrote that entry, this site was hosted somewhere else. Since then, I've migrated back to DreamHost. If I was still with the other host, there probably wouldn't have been an issue. I'm glad this incident surfaced though, it has exposed another level of security in the background that I'm not sure many people know about--I for one did not know about this--which I think all hosts should have.

Here's the story... Yesterday I noticed an error in the above mentioned log post. I wanted to fix it so I logged into my admin editor, fixed the error and tried to save the record. The record did not save. It threw a "503 Service Temporarily Unavailable" error. I was scratching my head as to why the hell it did that. Every other entry in my admin panel saved just fine. So I started eliminating the contents of the entry and narrowed it down to the part where it explains the globalheader's php code, in particular the one bit where it talks about the $nl (new line) variable.. This contains the string chr(13).chr(10); which turns out to be a big red flag if you have "Extra Web Security" enabled for your domain in the DreamHost control panel.

Extra Web Security makes mod_security kick in, which disallows certain script functions (eg: chr, fwrite, fopen, system, etc) from being written into a web form and passed through POST. I think the original idea behind this security feature was to stop malicious activity from idiots out there that want to cause harm to websites and web servers which are open to public input, such as for example leaving comments on someone's blog. While individual blog software might have its own layer of security, a very basic example would be to strip HTML tags from the person's comment, some servers also have mod_security behind the scenes.

Now that I know about this and what it does, I don't really have a desire to turn it off. However, I want to be able to save entries no matter what they may contain, as long as I'm the one adding them. There is an easy to digest DreamHost wiki article on mod_security, which gives you an example on how to disable mod_security on a site per IP or per script by appending to the .htaccess file:
SetEnvIfNoCase Request_URI ^/whatever_script\.php$ MODSEC_ENABLE=Off
By adding this line to point to my log's editor script, I am now able to save any entry, regardless of the content. Kudos to the DeamHost support team for their quick diagnosis of this issue, and the friendly/timely manner they helped me in.

Hungarian cartoons from my childhood

There are so many of them... but these are the ones that stand out in my mind. I haven't seen these in about 15-20 years.

Magyar Népmesék (Az Égig Érô Fa)

Magyar Népmesék (A Csillagszemü Juhász)

A Mézga Család

Süsü a Sárkány

Nagy hohoho horgász





I have restructured the Log and Photos components. They now follow a proper CRUD (Create, Read, Update, Delete) structure. Before this change, I had an Admin class which took care of creating/updating/deleting photo or log entries, and I had the Photos or Log classes which grabbed the entries from the database. I've discarded the Admin class and built the add/update/delete functionality right into the respective components. Secondly, I've added a FileName column to the Photos table. Before today, the system used to interpret the filename based on the Photo's ID, and assume a .jpg extension. I've changed it so it now respects the image type that was uploaded, and stores the filename in the table. Of course, this is not really useful today, because everything I upload is typically .jpg, but at least it won't have to be done later on when I get bored of the current format and decide that I want to upload drawings, or who knows what as opposed to photos.


In ColdFusion when using the <cfntauthenticate> tag to authenticate a domain user (eg: Active Directory User), it is important to keep in mind--as per the documentation--that "ColdFusion must run as a user that has the privilege to authenticate other users in the specified domain." Otherwise a "UserNotInDirFailure" error is thrown.

Untitle Entry #17

Today's addiction: Bloxorz... (also, the cheats if you need)

New RSS Feed Locations

Since I moved my log from Tumblr to here, not only did it break the old URI but the RSS feed link as well. So I've signed up to FeedBurner. Please update your RSS readers to the following, so that if I change things around later on, only I will need to update these pointers, and you won't have to worry about a thing: Photos RSS: http://feeds.feedburner.com/memento_photos Log RSS: http://feeds.feedburner.com/memento_log

Dave's old flash games collection

http://farmfive.com/flash/ I'm addicted to BowMaster Prelude right now.

Untitle Entry #6

I replaced my Tumblr log with a home-made system that I finished writing today.

New Global Header

Advancements in the land of Osenoa. Introducing a new javascript file: globalheader.js.php. This came about because this text log is powered by Tumblr, and the rest of the Osenoa framework is home made. Therefore every time i change the navigation around on Osenoa, I have to update the source of the Tumblelog as well. Which means logging into Google Docs, editing the main tumblr template file that I have saved there, copying it, logging in to tumblr dashboard, going to the theme editor, and pasting it in a tiny inefficient textarea box. Anyway, so now this is how it works:

Update 07-Feb-2008: Since I wrote this entry, I have moved away from Tumblr and created my own system which you see today but this globalheader.js.php method is still in use.

1) The javascript reference in header.tpl as well as in the log's template:
<script language="javascript" type="text/javascript"
(In the log's template ?page={PAGENAME} simply gets replaced by ?page=log)

2) The template file globalheader.tpl
<!-- BEGIN: gh -->
<div id="globalheader" class="{PAGENAME}">
<table width="100%" cellspacing="0" cellpadding="0">
<td align="left" id="logo">
<div id="logo">
<a href="/"><img src="stub.gif" width="339" height="81" /></a>
<td align="right" valign="bottom">
<ul id="globalnav">
<li id="gn-photos"><a href="http://www.miklos.ca/">photo</a></li>
<li id="gn-log"><a href="http://log.miklos.ca">text</a></li>
<li id="gn-shop"><a href="http://www.miklos.ca/shop">shop</a></li>
<li id="gn-about"><a href="http://www.miklos.ca/about">about</a></li>
<!-- END: gh -->
3) The PHP file globalheader.js.php:
include_once 'components/XTemplate.class.php';
$page = $_GET['page']?$_GET['page']:"photos";
$tpl = new XTemplate('global/templates/globalheader.tpl');
$nl = array("\r\n", "\n", "\r"); // formerly chr(13).chr(10);
$contents = str_replace($nl,'',$tpl->text('gh'));
echo "document.write('".$contents."');";
4) The CSS file: http://miklos.ca/global/styles/nav.css

So now if I want to update the navigation, I just edit globalheader.tpl and maybe the CSS file and not have to touch anything else.
448 entries

 Subscribe in a reader