Author Archives: admin

Web security workshops in Saudi Arabia

I am off for few weeks delivering several 3-days trainings on web app security best practices in Saudi Arabia. It's my first training outside of Europe so I had to spend some time exploring the culture of the nation here which is pretty exciting.

Already had two trainings so far and few more to go. There is going to be another batch on November for another colleague of mine and I'm trying to sync my materials to serve as a good reference during the next batch of trainings. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

DX Image Box – Lighbox Croogo plugin

Today I released on github DX Image Box. It's a Fancybox wrapper that hooks in the Croogo plugin system so a developer could easily integrate lightbox integration with two lines of code. 

Last time I was doing Croogo work was in December, but recently I had to do some development on small Croogo-based projects and due to the chance that some of the features are going to be reused later, decided to do some plugin work. This is the first plugin released and I will consider contributing another one or two small thanks to Fahad's work on Croogo. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

Twitter using Drupal

Following Dries and Rob Douglas on Twitter I mentioned in the latest updates that Twitter started using Drupal for community site for the dev team. Dries has described in his blog that Twitter migrated to Drupal using one of their community platforms that I really enjoy. While WP has BuddyPress (and that could be ran separately as well) Drupal has few configurations for social platforms and seems like Twitter is using one of them.

There we are - . I would really like to see a feedback from the Twitter dev team for the usability of the platform. It's a well known fact that Drupal is a great platform for developers but has an non-intuitive interface for end clients which is one of the reasons WordPress is so popular right now. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

ddsmoothmenu arrow dynamic paths

Working with ddsmoothmenu Smooth Navigation Menu by Dynamic Drive for a WordPress project I encountered a stupid lack of setting to provide image paths dynamically. This is a jQuery-based dropdown menu which seems and works fine but requires a static path to the images. Only two images though, for the arrows down and right, but it would be a serious issue when releasing a website or migrating to a new server.

So I decided to add a new setting configurable through the JavaScript call in your call-menu file where you could use php/java/python/whateva to retrieve the correct path dynamically and just pass it. I'm using v.1.5 and I did 2 corrections:

  1. in the ddsmoothmenu.js file replaced all smoothmenu.arrowimages strings with setting.arrowimages (just changing 'smoothmenu' to 'setting' in these three lines). There are 5 strings to be replaced at lines 75 to 77. What I do is add a new setting for them in the next section.
  2. Adding the paths to the images as a setting. So at the end my call includes the dynamic path to be used in the menus. Since I'm using WordPress, here there is my code for calling the menu:
  2. ddsmoothmenu.init({
  3. mainmenuid: "header_top_menu",
  4. orientation: 'h',
  5. classname: 'ddsmoothmenu',
  6. arrowimages: {down:['downarrowclass', '<?php bloginfo("template_url"); ?>/img/down.gif', 23], right:['rightarrowclass', '<?php bloginfo("template_url"); ?>/img/right.gif']},
  7. contentsource: "markup"
  8. });
  9. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

Google Plus is on

Google started their new service called Google+ which is the newest addition to their web toolkit collection. After the fail of Buzz and Wave (I'm sincerely missing the last one) this one stands a chance to survive and definitely shake the Facebook market.

Few hours of clicking around I was happy with the light version of network - the standard minimalistic design (total lack of any design according to some users) and lightweight platform unlike Wave. The invitation procedure that we know since GMail works as well - plenty of mediocre users wanted them to be _in_ only for the being special case. However.

A great review on the subject is the comparison of Plus with Wave and Buzz. I'm hitting the +1 on that one. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

Subscribe to comments has to be integrated

WordPress is still number 1 platform for blogging. Top used blogging functionality is blog posting and commenting to blog threads. 

However, people that comment on a blog post normally have no way to get feedback eventually if anyone comments back in the same post. The post author (and administrator) receives notification for the comment but the comment author, on the other hand, has no natural way to be pinged back for a reply. This is a serious leak in the WP standard functionality. It is at least unethical not to inform someone for the reply (which might occur in a day, month, year even more).

WordPress comes with a standard feed for latest posts and feed for recent comments as well. However subscribing for all comments in a blog or finding a specific thread to subscribe for is not usable and not practical as well. The solution is the Subscribe To Comments plugin that adds a checkbox to the comment form which allows one to subscribe for further comments in the same thread. This is completely optional and up to ones preferences, but instead of breaking the whole conversation because of the 'echoing' this provides the instrumentation for a real communication. uses Subscribe To Comments for 2 years or something, it's integrated in their web service. So why is it not included in the platform yet? Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

Two students presented CodeIgniter research projects

Beyond the training and consulting business I am also part-time teacher for the Technology School Electronic Systems - Sofia and I do teach web technologies and WordPress. As the representer of the Web 2.0 world I took part in mentoring 2 teams for their diploma research assignments based on CodeIgniter.

One of the projects was a music web portal for artists, media, albums and more. Encyclopedia format for music addicts that could easily transform in a front-end manner using the same database structure. It was meant to start as a hard rock and metal project and later easily skinned and themed into other music categories as well. I really do hope to see it ready, as I already saw most pages and the database structure which extended the modeling structure that exists by default in CodeIgniter.

The other project is a social network for places. A mix of the foursquare listing of categories and places and the Golden Pages catalogue, but with better interaction for users, taking advantage of the localization browser services and latest HTML 5 fine tunes. It has a pretty neat design and more than 30 DB tables at the moment and is going to be ready soon. Users in the site could interact to each other and follow the new places being added with their comments. The basic idea is filling in a database of places with location (easy to find in a Google Map) with comments, ratings and more that is built on the CodeIgniter framework. This is a great profiler that helps the PR managers of a company or a restaurant to improve the quality and social skills and keeps the good rating online.

I'm glad to see the enthusiasm of the development process and the improving code quality and feature set. Both teams work hard and would probably take part in competitions with their projects. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

New: Virtual personal Java/DB trainings

After 6 years of on-site trainings in companies, organizations, schools and universities, last month I spent some time considering some other options for education, including online and multimedia options as well. 

One of the modern options today for trainings and seminars are the webinars. There are few platforms where you could attend to a mass event where one talks with a screen shared. It's pretty nice actually, but I don't find the platforms mature enough yet (especially with me and my Flash conflicts by default). 

Another great option is the video lessons. We do prepare video tutorials for our top priority product at the moment, but I'm quite sure they could be applied in the trainings as well. I did a pros and cons list and that option actually went at the bottom of my list. Why? Because video tutorials are a mentoring material with no option for feedback or questions during the video. This is the greatest benefit of the real life training - attendance guarantees you (usually) the ability to ask and receive adequate answers from an expert. This opportunity doesn't exist in the video recording. Also, technologies get updated in months so these videos has to be rerecorded again and again. The latest drawback is the copyright - as this is my job I would like to sell it in some way but we all know what piracy is all about - torrents and P2Ps could put an end on that initiative if someone uploads the videos. Probably some flash mechanism could protect it in an online platform like the webinars, who knows, but I vote 'No' here.

So basically a client of mine from another country contacted me for a personal training. He has a full-time job and he is an independent consultant so he is unable (and doesn't need) to hire a training hall and call me to teach a training. So I prepared an offer with the database training program to be trained via Skype or other video and voice sharing online technology. I am able to present my presentation slides on my screen and switch to Eclipse to run and alter demos while he is able to follow this real time and communicate this through the network in a real voice conversation. If he has the need to show something, he could share screen as well and I am able to check his examples and homeworks.

So that's the deal. Feel free to check this new option here for Java/DB/other trainings - prepared program packages or custom trainings if necessary. Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati

WordPress not resolving hosts – strace magical cure

It's been a week for my WordPress being unable to resolve some external host services via URL address. It was working for a while, couple of months, with no changes by my side, and suddenly the dashboard RSS and stats data stopped responding. The error was: 

RSS Error: WP HTTP Error: Couldn't resolve host ''

I haven't changed the httpd.conf file recently, neither the PHP settings or something. I thought about any possible update settings from my Fedora system, but no clue.

Restarted the apache server few times. The /etc/resolv.conf file was standard. One of the common failures is DNS server change and no flushing/refresh from the Apache. But mine was still there, no changes applied.

The solution was calling the httpd process via strace. It's been auto magic - just call it once via strace, then stop or kill the stracing process and start the server as normally. It worked here.

So, I stopped my apache server (which is in /usr/sbin/httpd here, could be in /usr/local/apache2 or /opt/lampp or somewhere else) and I reincarnated it that way:

strace -f -s 128 -o dbg /usr/sbin/httpd -k start

Once debugging started, the services updated by themselves. I killed the service and ran it again as usual:

/usr/sbin/httpd -k start

and everything went back to normal.

Thanks to maniax for the help Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati