Jacques Marneweck's Blog

Occassionally apache with mod_ssl just breaks after doing an operating system upgrade or even just upgrading openssl. Doing a backtrace against the httpd.core file (gdb httpd httpd.core) I got a backtrace which revealed to me the following:

Basically what the backtrace gives us back informs us that there is a problem with OpenSSL. Normally the way to resolve this is to recompile apache+mod_ssl as well as php's openssl extension using portupgrade and force it to do the upgrade, and magically next time you run "apachectl startssl" it works.

Posted by Jacques Marneweck at 7:33 PM | Permalink | Comments (0) | TrackBacks (0)

PHP's Benevolent Dictator for Life, Rasmus Lerdorf, wrote a 30 second AJAX Tutorial in response to various people discussing on the php-general mailing list how AJAX is going to change web development.

function createRequestObject() {
    var ro;
    var browser = navigator.appName;
    if(browser == "Microsoft Internet Explorer"){
        ro = new ActiveXObject("Microsoft.XMLHTTP");
    }else{
        ro = new XMLHttpRequest();
    }
    return ro;
}

var http = createRequestObject();

function sndReq(action) {

    http.open('get', 'rpc.php?action='+action);

    http.onreadystatechange = handleResponse;

    http.send(null);

}

function handleResponse() {

    if(http.readyState == 4){

        var response = http.responseText;

        var update = new Array();

        if(response.indexOf('|' != -1)) {

            update = response.split('|');

            document.getElementById(update[0]).innerHTML = update[1];

        }

    }

}

  switch($_REQUEST['action']) {
    case 'foo':
      /* do something */
      echo "foo|foo done";
      break;
    ...
  }

  function sndReqArg(action,arg) {
    http.open('get', 'rpc.php?action='+action+'&arg='+arg);
    http.onreadystatechange = handleResponse;
    http.send(null);
  }

Posted by Jacques Marneweck at 6:35 PM | Permalink | Comments (0) | TrackBacks (0)

Over at I love Jack Daniels there is another article about Writing Secure PHP, Part 3.

n Writing Secure PHP and Writing Secure PHP, Part 2 I covered many of the basic mistakes PHP developers make, and how to avoid common security problems. It is time to get a little deeper into security though, and begin to tackle some more advanced issues.

Posted by Jacques Marneweck at 5:40 PM | Permalink | Comments (0) | TrackBacks (0)

Perlbal 1.3 has been released! :) Perlbal is an uber cool Perl-based reverse proxy load balancer and web server.

Posted by Jacques Marneweck at 10:43 PM | Permalink | Comments (0) | TrackBacks (0)

ajaxdeveloper.org has started for those interested in everything ajax.

Our hope is that we can provide news, software release information, code examples, etc for the Ajax community and, in the process, provide a good place for all of them to share their problems, cool hacks, and even lists of other resources for the rest of the Ajax commmunity.

Bear with us as we work on things around here - we're still in the startup phase. But, if you'd like to get involved with the site, no matter what kind of role you'd like to take, shoot us an email and let us know.

You'll also notice some references to our sister site, PHPDeveloper.org, around until we get things a bit more polished up. We're using their backed to run the site, so things will look and feel a bit similar between the two...

Posted by Jacques Marneweck at 9:20 PM | Permalink | Comments (0) | TrackBacks (0)

Andrei Zmievski posted the following Firefox tip on his blog which is quite useful for pasting links which go over two lines in mutt:

Here's another Mozilla/Firefox tip: if you copy a URL wrapped over multiple lines from somewhere and try to paste it into the address bar, you will end up only with the first line of it. To fix it, go to about:config and change editor.singleLine.pasteNewlines setting to 3 or add:

user_pref("editor.singleLine.pasteNewlines", 3);

to your user.js file. Now all the line breaks will be removed upon pasting.

Posted by Jacques Marneweck at 7:37 PM | Permalink | Comments (0) | TrackBacks (0)

Ben Saunders popped me an email earlier today announcing his next challenge which he and Tony are embarking on a expedition called "South", where they are planning on completing Scott's epic 1912 journey. Ben is back after his Serco TransArctic Expedition.

January 1912. Dying inch by inch, Robert Falcon Scott and his team crawled back from the South Pole through the most hostile conditions on earth. Eleven miles from their depot they finally perished. In the 93 years since, no one has ever walked to the South Pole and back. Many experts still consider it impossible.

In October 2006, we will attempt to prove them wrong. Setting out from Scott's wooden hut on the edge of Antarctica, we will manhaul 400lb sledges across 1,800 miles of the most hostile terrain on earth, to the Pole and back.

From the Serco TransArctic Expedition site:

On 5 March, Ben Saunders set out to ski solo more than 1,200 miles across the Arctic from the Russian edge of the arctic ice pack to Canada via the North Geographic Pole.

In the weeks that followed Ben experienced what NASA called 'the worst conditions on record'. Of the four solo expeditions that started out that year, one died and two were rescued suffering from frostbite and injuries. Ben was the only solo expedition to make it to the North Pole and in doing so set a world record; he is by far the youngest person to reach the North Pole solo.

Ben continued on towards Canada, but conditions worsened and he was told by his expedition team that he would have to be picked up. Despite not being able to reach Canada, Ben set another British record for the longest solo arctic trek, skiing more than 1,000km in treacherous conditions.

Ben is asking users to pay for the 1800 miles that he and tony are travelling.

Posted by Jacques Marneweck at 6:22 PM | Permalink | Comments (0) | TrackBacks (0)

Picked up via Jim Winstead:

damian conway’s “ten essential development practices” article (via daring fireball) may appear on perl.com, but the basics are applicable to any software project.

i would put “use a revision control system” way at the top of the list, and i would also add “use a bug-tracking system.”

Posted by Jacques Marneweck at 6:50 PM | Permalink | Comments (0) | TrackBacks (0)

Dear Lazyweb,

After much googling and yahooing, I'm busy looking for an open source installer which runs various installers as well as placing various files in directories and creating shortcuts to roll out some software to remote offices, without having to have skilled people installing the said software on the other side.

I'd ideally like to not have multiple files that need to be downloaded, just one.

UPDATE:
Ended up using two different installers, one which was recommended by Francois is Nullsoft Scriptable Install System which was used for distributing the python files excluding the python installation files and Paquet Builder 2.9 for bundling various python modules with python 2.3.2 and then getting it to first install python 2.3.2 and added custom actions to run the rest of the installers and wait till each installer is finished running prior to running the next installer.

Posted by Jacques Marneweck at 1:15 PM | Permalink | Comments (0) | TrackBacks (0)

Just days after the release of Mozilla Thunderbird 1.0.5, Thunderbird 1.0.6 is now available for download. This latest version should resolve the extension problems that were accidentally introduced in Thunderbird 1.0.5. In particular, the popular Enigmail PGP add-on should now work correctly.

To get Thunderbird 1.0.6, head to the Thunderbird product page or the Thunderbird 1.0.6 directory on ftp.mozilla.org. More information about the changes in this version can be found in the Thunderbird 1.0.6 Release Notes.

Posted by Jacques Marneweck at 10:55 AM | Permalink | Comments (0) | TrackBacks (0)

Mozilla Firefox 1.0.6 has been released. As we reported previously, API changes in last week's Firefox 1.0.5 broke some extensions. This version should resolve the problems.

Firefox 1.0.6 can be downloaded from the Firefox product page or the Firefox 1.0.6 directory on ftp.mozilla.org. Consult the Firefox 1.0.6 Release Notes for more information.

Posted by Jacques Marneweck at 10:51 AM | Permalink | Comments (0) | TrackBacks (0)

Picked up from Coda.

Online retailer Amazon.com has opened a software development centre in Cape Town, a statement issued by the company said on Tuesday.

The centre will create innovative web services and help software developers build innovative applications using Amazon technology.

It is the third centre of its kind in the world, with the other two in Scotland and India.

Chris Pinkham, managing director of the centre, co-founded South Africa's first internet service provider, UUNET, in 1993. In 2000 he joined Amazon.com in Seattle as director for the network engineering group and later as vice president responsible for worldwide IT systems infrastructure.

The launch of the Amazon centre in Cape Town is "testament to the calibre of the highly-skilled talent pool in South Africa", according to Pinkham.

The centre will deal with idea generation and technical design and will expand Amazon.com's global web services offering, allowing software developers around the world to develop and launch their own services built around the company's infrastructure and product data.

"We want to build a team of the most talented individuals that South Africa has to offer," Pinkham said in the statement. The centre is looking for computer scientists and software engineers with entrepreneurial spirit to join the start-up team. - I-Net Bridge

Actually Colin founded what was known as the Internet Africa which also went by the name of TICSA (The Internetworking Company of South Africa). They were based in the Compustat house in Newlands, round the corner from the South African Brewries Newlands plant. One can read how TISCA became UUnet South Africa (Pty) Ltd.

Posted by Jacques Marneweck at 9:17 AM | Permalink | Comments (0) | TrackBacks (0)

Thomas Rutter has written an article on Sitepoint entitled Cross Site Scripting Could Make You Lose Your Cookies

Cross Site Scripting (XSS) is a form of security exploit that threatens any web application. Its severity is often underestimated. The problems go far beyond annoyances and practical jokes. By stealing your cookies, Cross Site Scripting attacks can allow attackers to gain administrative access to your CMS.

Posted by Jacques Marneweck at 8:44 AM | Permalink | Comments (0) | TrackBacks (0)

A while back I posted about one of our more persistent spammers in South Africa, called Samantha Bowman from Callum-Lee IT Solutions which is rather one annoying individual. I used to think SPAM king Greg from Reflex was bad but he learnt his when his ability to send out via port 25 on his leased-line was cut!!

I regularly like clockwork receive four copies of her SPAM message every time she decides to SPAM about her various “Special Offers”. It’s highly obvious that she’s been harvesting WHOIS records from the co.za website. Since when do email addresses listed as the dns-admin@domain.name really want to receive her specials on laptops which are over priced? Also I don’t know who at Mr Delivery decided to sell her their customer database! When I registered on the Mr Delivery website I decided to use a generic address to identify SPAM originating from that address. The only way that Samantha Bowman could have gotten hold of that address was either paying a dishonest employee of Mr Delivery money for their customer database for a list of names and email addresses.

Originally she was using both M-Web and SAIX dial-up accounts and sending of her bulk mail via SAIX’s SMTP cluster (smtp.saix.net) and after contacting SAIX’s abuse department I had put an end to her ability to send mail via SAIX’s SMTP cluster. SAIX earns extra brownie points for getting rid of a SPAM sending individual from their network.

It took extra effort to get rid of her M-Web web hosting and dial-up account. But none the less explaining to M-Web’s abuse department that she is in breech of their Terms of Service document took quite a bit of convincing with M-Web’s SMTP servers getting blacklisted for Samantha’s SPAM it woke them up as one spammer on their network can cause a huge inconvenience for the rest of their dial-up users.

Generally when I complain to second-tier ISP’s I tend to always CC the first-tier ISP which they utilise for connectivity as this normally works well except in the case when dealing with Sentech. In the case with Sentech, which Samantha Bowman, is now using for her connectivity to SPAM from, I have been CC’ing the Internet Solutions abuse department as well as their Managing Director in the hope that they would enforce the terms of their Acceptable Usage Policy on Sentech who in turn would be forced to remove Samantha Bowman from their client base.

I’m not sure how many people are purchasing hardware and website hosting from Callum-Lee IT Solutions, but why would they be sending unsolicited commercial mail if they were not making a profit from sending the mailers.

From - Tue Jul 12 00:42:08 2005
Return-Path: <*snip*>
Delivered-To: *snip*
Received: from smtp.sentechsa.com ([66.18.69.33] helo=mail02.infosat.net)
	by maquis.powertrip.co.za with esmtp (Exim 4.34; FreeBSD)
	id 1Ds20J-000OlY-2y
	for *snip*; Mon, 11 Jul 2005 19:23:41 +0200
Received: from [66.18.85.56] (HELO Jinxed)
  by mail02.infosat.net (CommuniGate Pro SMTP 4.1.8)
  with ESMTP id 275854128 for *snip*; Mon, 11 Jul 2005 19:23:17 +0200
From: "Callum-Lee IT Solutions" 
Subject: Toshiba Notebooks - 7 Options with a Printer & USB Flash Drive
To: "Jacques" <*snip*>
Content-Type: multipart/alternative; boundary="_Boundary_2mlksmuasadvnqk5prcsiwy"
MIME-Version: 1.0
Sender: Callum-Lee IT Solutions 
Date: Mon, 11 Jul 2005 19:24:25 +0200
X-Mailer: MailList King 5.1.2.120
Message-ID: 

Posted by Jacques Marneweck at 11:49 PM | Permalink | Comments (0) | TrackBacks (0)

Noticed that Brad has committed to IO::AIO support to perlbal, so in theory perlbal should be a happy camper under FreeBSD.

Posted by Jacques Marneweck at 6:43 PM | Permalink | Comments (0) | TrackBacks (0)

It seems to me that I have turned into the bugmaster at work writing bug reports for software which has been developed for work.

Makes one realise that in certain cases that both the bug master and the developer overlook the obvious when things come to common modules getting out of sync, but that is another whole story.

Posted by Jacques Marneweck at 5:44 PM | Permalink | Comments (0) | TrackBacks (0)

The folks over at Six Apart have released a beta version of Movable Type 3.2.

Various members of the SixApart team have been blogging about their 32 favorite features in Movable Type 3.2:

1. System Overview: A home for administrators
2. Feedback rating framework
3. The Junk Folder
4. TrackBack moderation and editing
5. Blog feedback settings
6. Better Listings Pages Throughout Movable Type 3.2
7. Search Globally, Replace Locally
8. Powerful plugin management
9. Trusted commenters
10. Simpler Templating for Comments and TrackBacks
11. Commenter management
12. Improved Documentation
13. Activity Log improvements
14. Main menu display improvements
15. More to come...

The SixApart team have been busy enhancing the user experience by various user interface improvements.

Posted by Jacques Marneweck at 6:09 PM | Permalink | Comments (0) | TrackBacks (0)

Tobias Schlitt has an blog entry titled A clash of asociality on his blog which made a bit of amusing reading considering certain commit messages to the PEAR website code.

Open sources are great things, annoying things too. For example, take the PEAR project. There is a huge croud of developers in the project (more than 800 registered users on PEARWeb, more than 200 maintainers), which every day try to improve the project, try to work together and try to learn from what they code and from the code they read. They feel the spirit of open source, they invest much time and train their hard skills in coding and their soft skills in the cooperation with a team.

But every now and then it happens that there is a black sheep under those fine 800, someone who even doesn't seem to know, what "soft skills" means. Surely, it happens not often, but some there are. Those re-appear now and then, vituperate as much as they can, hastily commiting some code ("fixing up other peoples crap"), which does not even work or better to say, hasn't even seen a syntax check. Finally those people bring project internal problems to the public perverting the facts as much as possible for their own advantage. But thankfully, those people tend to disappear again as fast as they have appeared before...

Maybe certain people who don't run syntax checkers against their code before committing should loose cvs commit to pearweb for a few days while they learn how to use command line syntax checker? ;)

Posted by Jacques Marneweck at 6:44 PM | Permalink | Comments (0) | TrackBacks (0)

PHP 4.4.0 has been released!

The PHP Development Team would like to announce the immediate release of PHP 4.4.0. This is a maintenance release that addresses a serious memory corruption problem within PHP concerning references. If references were used in a wrong way, PHP would often create memory corruptions which would not always surface and be visible. The increased middle digit was required because the fix that corrected the problem with references changed PHP's internal API. PHP 4.4.0 does not have any new features, and is solely a bugfix release.

Release Announcement.

Posted by Jacques Marneweck at 5:28 PM | Permalink | Comments (0) | TrackBacks (0)

I'm sure programmers in Europe are celerbrating the fact that the European Parliment REJECTED the passing of making software patents in Europe by voting against it in a huge margin of 648 votes against to 14 for the directive and 18 abstenstions.

Via Derick Rethans:

So, it seems that the European Parliament did the only correct thing today. They voted massively against the proposed directive "Patentability of Computer Implemented Inventions Directive". 648 voted against, 14 for and there where 18 abstenstions. Now the European Commision has to restart the whole process, if they are going to do this at all.

• No software patents!
• Software Patent Directive REJECTED

Local organisations challenge Microsoft XML patent here in South Africa.

Posted by Jacques Marneweck at 5:06 PM | Permalink | Comments (0) | TrackBacks (0)

I wrote a script to backup a subversion database from a remote host mainly for syncronising a huge subversion database containing over 9300 changesets and just incremently retrieve changeset data rather than downloading compressed dump which takes over an hour to do.

Feel free to download the script (1.8Kb) and modify for your own usage.

Posted by Jacques Marneweck at 5:44 PM | Permalink | Comments (0) | TrackBacks (0)

Still working on the my PEAR Cache_Memcached project. The proposal is still in first draft stages as I still have certain things to do prior to changing the proposal from 'draft' to 'proposed'.

Posted by Jacques Marneweck at 3:14 PM | Permalink | Comments (0) | TrackBacks (0)

Regarding my PEAR Cache_Memcached proposal it is still in 'draft' stages. I still have a small amount of work to finish prior to 'proposing' the proposal. Please feel free to comment on this on this blog post.

Posted by Jacques Marneweck at 4:48 PM | Permalink | Comments (2) | TrackBacks (0)