October 23rd, 2008
CodeIgniter 1.7.0 just released. Get it while it’s hot! New validation library, greatly enhanced form validation, some sexy loader enhancements and “whacks” of fixes including significant work in active record. For a list of all changes please see the change log. My personal favourite is this bug which I was proud to squash:
Fixed an edit from 1.6.3 that made the $robots array in user_agents.php go poof.
“Poof” you see… is the technical word for what was experienced. Now that’s good developin’ fella! Official announcement is here… but its not nearly as colourful as this post.
Continue reading “CodeIgniter 1.7.0 Released”. Posted in
CodeIgniter with 14 comments 
October 21st, 2008
For some work I’m doing right now I needed the current time output into the input field that the (excellent) jQuery datepicker uses, but I don’t need it selectable by the user. The default format is
mm/dd/yyyy
but can be formatted using the formatDate parameter. The list of formatting options is considerable, including predefined setups for ATOM, COOKIE, ISO_8601, various RFC dates, RSS, TIMESTAMP and even W3C. Unfortunately none of the predefined formats, nor the large list of date components includes time.
Read on for my solution to this dilemna.
Continue reading “Adding time to jQuery UI Datepicker”. Posted in
How-To, Javascript with 10 comments
October 08th, 2008
This one scares me. Click jacking essentially is where various vulnerabilities in browser, OS and the Flash player allow a malicious user to use your camera and microphone without your knowledge. There are many variations on it, but today Adobe released an advisory statement on the implications within the Flash player, and now the beans are officially spilled.
I first read about it via Jeremiah Grossman’s blog, and then quickly thereafter on ha.ckers.org. The definitive proof of concept can be found at guya.net, and all things considered I actually have a Post It note over my camera at the moment.
These sources cover it much better then I could, but let me just say that what scares me mostly is the variety with which this can be executed. Javascript, CSS, iFrames, known browser or OS vulnerabilities. The only current (practical) way to protect one’s self is to cripple plugins (in todays world of YouTube… I don’t see that happening) or to permanently change the security permissions of the Flash player (Adobe’s instructions), probably needing to cripple them, otherwise one could get clickjacked back into restoring them.
Even more terrifying is what a hacker would have seen and heard coming from my office this morning. I’ll spare you the visuals, but it would have sounded like “Meow, meow, meow, meeeeeeoooowwwwwww!” and then “who’s a frisky girl… who’s a frisky girl”, followed by my cat making a nice big scratch under my eye…
Continue reading “Clickjacking: Web pages can see and hear you”. Posted in
Noteworthy with 5 comments
October 03rd, 2008
This is clearly one of the posts I write that belong in the “personal” category (where it is). If you’re looking for nerdly goodness and don’t give a flying-fadoo about my personal life (and honestly, who really does?) then feel free to skip this post and just hang tight watching the RSS feeds for my next post on “liberating” wireless from pretty much any airport in North America. If you want to know what I’ve been up to for a week, well then, by all means keep reading!
Continue reading “I’ve been gone for a week, I need home for a rest”. Posted in
Personal with 4 comments
September 28th, 2008
Well, the highly anticipated Vancouver EE Roadshow was on Friday. It was attended by (among many others) Rick Ellis, and a very secret guest… me! ;)
Before I even discuss the actual show, the community, or the wonderful city, I’d like to send out a few words of thanks to Kevin Shoesmith, Travis Smith, and Monique Trottier for putting on a killer event. It was very well organized, run, and attracted the type of folks who I love spending time with. Thanks all!
As to the show itself, it was an afternoon of connecting with a bunch of really smart people, who are passionate about what they do, and how they do it. All the sessions were worthwhile, and well done. First was Susannah Gardner, whose talk “Templates and Buckets” was well thought out, and a fantastic demonstration of the over-arching ideas behind any EE site. I wish I could have packed the room with EE-newbies for this one, as in 45 minutes she clearly laid out the flexibility, power, and utility of EE, as well as a few handy tricks and tips! Rick and I gave a talk following Susannah (more on that in a sec), and then after us was ExpressionEngine SEO (they’ve given me much to think about on my own site) and Justin Crawford and Travis Smith wrapped up the day by teaching me and Rick how to build extensions for EE ;) - truly, they did a great job, and while extension building is a bit on the “high-end” for most EE users, I spoke to several people during the (ample) beer drinking afterwards who told me they were inspired to start in on a few of their own extensions.
For our talk, Rick and I weren’t sure what we were going to do, since the conference attendees ranged from people who were only investigating EE, and haven’t even used it, to grizzled EE-veterans who have seen it all and done it all. We opted to give a glimpse into the future of ExpressionEngine, highlighting some of the new features of EE 2 that will allow administrators to customize the control-panel experience for their clients. After I clean up a few loose ends in the actual code, we’ll release another video showing some of this to the world.
The most fruitful part of the day came after the conference, as these things usually do. I was surprised at how engaged and passionate people really were. They view ExpressionEngine as “the home team”, and root for it, support it, and help to shape it into what it is today. I met people from Ottawa, Alaska, Cranbrook, and of course several Vancouver-ites. Each of them, people I’m happy to have gotten to know. Ray and Alli were 2 users who have been with ExpressionEngine since the 1.0 days! Wow!
Seriously, I want to take a moment to thank everyone. The community gives back to us as much as we try to give back to them. After the talk, and over beer, I had this conversation that I think sums up how we stand with respect to EE users:
So wait a minute. For this small conference, you sent Rick (President and bigcheese), and you, and you came thousands of kilometers, and gave up days of your time, and you brought all this (referring to t-shirts and swag) and gave away the EE licenses? I can’t think of any other company on the planet who’d do that.
And the truth is yeah, we did, and we loved it. I can’t wait for the next conference either. Selfishly, I really hope its in Canada also. Go Canada! Way to reprEEsent (oh, clever, clever play on words there - cheap shots at my lack of a humour bone are welcome in the comments).
Continue reading “EE Road Show Wrap Up”. Posted in
ExpressionEngine with 8 comments
September 22nd, 2008
Late last week I flipped open my macbook, and was surprised that the battery was totally dead. I thought I had charged it, but there was no power. Turns out, even plugging it in didn’t help, the battery simply wouldn’t accept a charge, and the macbook (when plugged in) was telling me it couldn’t even detect the battery. I’ve had this particular laptop since March ‘07. D’oh!
A quick google search indicated that a few others had reported similar issues, and were nearly always resolved by getting a new battery, many people even mentioned that Apple had taken care of it for them. So I decided today to drop into the Apple Store at Yorkdale Mall and see if they can help me. What an absolutely fabulous experience.
Here’s how it went down: I walked into the (packed) store and made my way to the genius bar. I was hoping to schedule an appointment, but the digital sign said that all appointments were booked for the day. As I was deciding how I’d handle it a cute and energetic representative approached me and asked if I needed a hand. I relayed the battery story to her, and she politely asked if I had an appointment with the genius bar. I told her I didn’t, and before I could get another word out she said “one sec, I’ll get someone to help you”.
About 15 seconds later another cute rep in a different coloured shirt comes over and listens to the story. She asked how old it was, and I said “a year and a bunch of months” (I couldn’t exactly remember). She types my name into the computer, tells me with a smile that she’ll be right back, and walks into the back. A minute later she emerges with a brand new battery and a receipt for me.
“Here you go.”
“Wow, anything I need to sign?”
“Nope, you should be all set.”
A quick test to verify it actually did solve my problem and I walked out in under 5 minutes, very happy, with a new battery, and a renewed appreciation for service. The experience was inspiring, and I hope each person who deals with me, and with EllisLab feels the same way.
Continue reading “Apple Store service, the way service should be”. Posted in
Mac with 9 comments
September 12th, 2008
One oft-requested feature of Bamboo is the ability to have multiple usernames and passwords for administration. Perhaps you’ve got 2 people in your company, who both issue invoices… perhaps you just want 2 separate accounts. To that end, I’ve started working on a new feature of BambooInvoice, called “Accounts”.
In the early stages, having multiple accounts will simply mean having multiple admins. Bamboo will not track who did what activity, there will be no different permissions, etc. Basically, it just allows for a separate login. Down the road, I’d like to implement a few different privilege levels for accounts. Right now I’m thinking they might be “admin” (everything), “executive” (can do anything relating to invoices, but not change system preferences), “viewer” can see but not change invoice information, and “client” (individual clients will be able to see their company’s invoice history, including viewing past invoices).
The main thing with a permissions system like this is that Bamboo was not set up from the beginning to allow for granular permissions, so there is a lot of going back over to make sure I’m not accidentally letting an unprivileged account see something that only a privileged one should. I can imagine what a mess it would be if a client logged in to see their invoices but also had access to all your billing information. Yikes! So it will be a slow process as I make sure I don’t mess it up.
For now though, I need some different icons. C’mon you graphic savants out there… what can I use to represent “clients” that makes it distinct from “accounts” visually on the root system dashboard? I’d love to hear your input.
Continue reading “Multiple Account Logins coming to BambooInvoice”. Posted in
BambooInvoice with 9 comments
August 26th, 2008
It is often said, but one of the great things about the CodeIgniter project is the community that sprung up around it. Hardworking, smart, insightful, patient people. A true “open source” community willing to share in their time, expertise and enthusiasm. Too often these people don’t get the recognition they deserve. I just wanted to take a moment to mention one that I’ve always admired - FreakAuth.
FreakAuth is mostly driven by danfreak and grahack. The project is well documented, highly popular, and frankly, very useful. The kind of project we’re lucky to have. Show your appreciation by dropping them a “thank you” or as I did, make a small donation to a worthwhile project.
Thanks Dan and Grahack.
Continue reading “Freakauth : community driven CodeIgniter authentication”. Posted in
CodeIgniter with 8 comments
August 25th, 2008
This release is mostly a bug-fix release, but includes a few features that I had been meaning to get around to, and also has some architectural changes that should allow for some neat things in the future. Mostly though, some real effort went into trying to make Bamboo as intuitive as possible - the growth in popularity has meant that I’m now seeing it installed in some rather “unconventional” server setups (GoDaddy… I hate you).
This version of Bamboo also includes an automated “new version check”. I’m hoping this will reduce the number of very old installations I’m seeing - the newer versions really are superior. The new version check is just a simple file read from the BambooInvoice website, no information is transmitted, but it can be easily disabled in Settings > Advanced Settings > Automatically check for new versions.
You can get the new version from the BambooInvoice website.
If you are a Bamboo user, and discover any issues with this version, please let me know and I’ll get them fixed right up.
Here’s a small sample from the changelog:
- Naming changes on “private” invoice notes.
- Further adjustments to how logos get included. I think this time all the issues are resolved.
- Uploading a logo now changes both the web and PDF views.
- Moved logo insertion code into a centralized location.
- Added “Edit” option to Ajax client contact creation, move text into language variables.
- Specified that logo inserts must be jpg or gif for PDF creation.
- Flushed out new version check tool in utilities. Its functional now.
Happy Bamboo’ing!
Continue reading “BambooInvoice 0.87 Release”. Posted in
BambooInvoice with 5 comments
August 21st, 2008
An oft-requested feature has been implemented in CodeIgniter’s session class. If you use a database to store your session info, then all user data will now be in the database, rather then an encrypted cookie. From the subversion repository’s changelog
Updated the Sessions class so that any custom data being saved gets stored to a database rather than the session cookie (assuming you are using a database to store session data), permitting much more data to be saved.
More details available in the manual. Please read the svn upgrading instructions, as a new field needs to be added to the database for this.
Continue reading “CodeIgniter session changes when using a database”. Posted in
CodeIgniter with 15 comments
« First < 2 3 4 5 6 > Last »
