JavaWoman's page



Quote of the month
maybe this should be the quote of the year, I like it so much!

The #1, overriding concept you need to remember when writing your CGI scripts is this: You cannot trust user input.

Go ahead -- repeat it aloud a few times. Write it down on a Post-it and stick it to your monitor. Get it tatooed on your arm. Do not forget it. Assuming that data received from a form (even those from hidden fields) is safe is a one-way ticket to a hacked web site. Period.

Matt Riffle in an article that's no longer online.
most active author badge

Awarded for the most impressive performance in code committing on the first day of a human being's tracked activity at CIA
Feb 27, 2007


On my Wiki / Wikka efforts

Working on a Wikka installation - for now only on my laptop Alan, as preparation for a (hopefully) community-supported user manual effort for an on-line forum system.


User accounts

My first focus is on making the process around user accounts somewhat more user-friendly as well as more secure - after all, if we are going to have user accounts with associated rights, we should also ensure those accounts themselves are secure. I'll describe those efforts (and share results) on a UserSettingsAndPasswords page here.

Related to UserSettings and a few other actions, something else I encountered while working on a few user-related actions: I found there are some issues with how email addresses are handled in Wikka; an overview on WikkaAndEmail - some code to be added later. On this page I'll also be relating to some WikiRoles; more on this in the next paragraph.

While working on a re-write of an action, and trying to develop a "clean pattern" for it, some thoughts occurred to me about the various roles people may have with respect to a Wiki. Thinking about the roles made it easier for me to write the code (I'll explain that later); first, here are my thoughts on WikiRoles (updated, in an attempt at clarification). Comments welcome, of course.

Calendar action

Starting with GmBowen's GmBowenCalendar I offered to make a "cleaned up" variant of the Calendar action for inclusion in the next (1.1.6.0) release; the result not only produces accessible table code but also has slightly extended functionality. I'm presenting it on JwCalendar with comments.

Wikka Code Structure

I just created a page describing my proposal for a new directory structure to organize the Wikka code.

Integration of GeSHi with Wikka

I've worked out a way to integrate GeSHi with Wikka that is very flexible: new language files can be "dropped in" without changing the code, line numbering is possible and can be enabled by a WikiAdmin and then "turned on" for an individual code block by the end user. See WikkaGeSHiIntegration for the details (try it for yourself!).

I've also created a little action that will automatically produce documentation about which language parser files are available for code highlighting - see HighlighterAction for the code and screenshots of output.

Secure configuration

I've never been happy with storing the configuration file in the same directory as wikka.php where it is accessible by a web server, specfically because it contains teh credentials needed to access teh database. Besides, the current process for Wikka configuration is not only hard to understand (and thus hard to adapt), it was also pointed out that it currently uses GetEnv() which constitutes a security risk.

I've now written up my thoughts about a more secure way to handle Wikka's configuration. This is not a complete solution (yet), but presents the logic we could follow to make Wikka configuration both more flexible and more secure.

New table action

Wikka doesn't have table markup - yet. Discussions about this subject are still going on, but while we haven't made a decision in which direction we want to go with this, a "preliminary" syntax might take us in the "wrong" direction if we later decide on something that's not compatible. That would not just imply extra work, but also cause needless conversions at Wikka sites.

Still, it's obvious we need something more powerful than the current simple table action, so I looked whether I could make that a bit more flexible to tide us over. The result can be found on the development page TableAction, with documentation and examples with screen shots on TableActionInfo. It's definitely not a perfect solution - an action won't be. It is, however backwards compatible with the current table action, so no conversions would be needed - it just can do a lot more.


More as I get to it...

From the CIA ;-)


JavaWoman



Wikis, Groupware and OpenSource
Links to stuff that is relevant to Wikis and other online collaboration tools, and to Open Source Software development (as a process):
OpenContent
Just as there are licenses for Open Source, there are licences for Open Content. Quite relevant for Wikis that actually publish content in a direct online collaboration, but I've seen several bloggers publish their content with an Open Content license as well (in fact, that's how I found out about them). There are (at least) English and German versions of such licences available. Here are a few relevant links:
Internationalization
More internationalization / Unicode links found through this presentation:
Other
Not relevant to Wikis but ...
Since Wikka has such an international community, some of you might enjoy the following column by Kevin Dolgin: Useful Phrases

Meet my assistants

If you ever hang out in #wikka you may find me talking about Alan. Or Grace, or Christiaan, or Donald now. So who the heck are they? They're my assistents, and I'd like to introduce them to you.

computer Grace
Grace
Grace is the matriarch of the current crew; she's aging, but patient and very capable. She serves as the command center of my little online world, with a direct ADSL Internet connection, tons of tools, and a 19" monitor that used to be nice but is slightly crippled now. Unless I'm travelling, she also handles all email and retrieves RSS feeds of a lot of sites (including this one), so I can easily follow what's happening in the world (or those aspects of the world I'm interested in). Actually, when I'm not away for long, she gets all the email by herself, and sorts it for me. She's still taking care of an external ZIP drive that she'd like to pass on to Christiaan once he gets a second parallel port. Apart from being my main assistant, she's also interested in space science, so when she has nothing to do, she makes herself useful doing calculations for SETI@home and (since a few days) Einstein@home.
Update: The ZIP drive has been passed on to Albert now.

computer Alan
Alan
Alan - poor Alan lost his head nearly a month ago... Err, his hard disk crashed. Now that was painful. The disk was replaced within a day - but his brains were not! Replacing all of Alan's tools and knowledge took a lot of time, but he's recovering well. A few bits still missing, but they're low priority. Somehow, while it's still unmistakably Alan, his personality changed just a bit. Actually, I think I like him better now. :) Alan is responsible for the Research and Development department, has a bunch of development tools, and also runs the development web server (Grace is too busy for that). When I'm travelling, Alan can go with me (depending on where I go, of course) and then take over email and some RSS feeds from Grace. I just replaced Alan's counterpart for my camera phone, which is why you can now see portraits of my assistants (well, I had to test that, didn't I?). Like Grace, Alan also works on SETI@home and Einstein@home when he's idle: he likes space as well, and is proud of his screen saver that shows the actual moon phases.
Update: Alan actually needed another operation after that HD crash - this time he got both his motherboard and his HD replaced. Of course it took a lot of time to get him back in working condition after such a heavy operation, but he seems a lot happier now.

computer Christiaan
Christiaan
Christiaan is the newest crew member. He had another job before (I got him 2nd hand), but here he's learning how to be a server, taking care of a bunch of peripherals. As a backup for Grace's broadband connection he has an external modem; he should be able to send faxes as well but hasn't tried that yet. He's also taking care of the printer, a flatbed scanner, and a nice CD burner. He's replacing old Albert who died a year ago - and was going to take over Albert's internal SCSI drive and external SCSI JAZ drive but it seems the SCSI card died with Albert... I'm looking for a replacement. He would like a couple of USB 2 ports as well (he only has 2 USB 1s now) so he can take care of the external 160G drive that's now attached to Alan. Well, Christiaan may not be young, but he looks healthy, and is eager to learn how to do more server work - hoping to progress to Win2K Advanced Server soon. Christiaan of course has always loved space, and when he's not busy he helps Grace and Alan with SETI@home calculations.
Update: Christiaan just acquired an external harddisk that's going to serve as backup for all of my crew members (including Donald - see below). It took a bit of fiddling to get Christiaan to accept the new HD, but he's happy now. A while ago he also got the USB 2 ports that made this possible, as well as an extra parallel port so he could take over the ZIP drive from Grace. A new internal HD is next; no firm plans for the SCSI drives yet.

And those names?
At the point when I had more than one working computer at the same time, I started to name them. Like many other people and organizations who name their computers, there is a theme. Mine is people from science - including (of course) computer science. The oldest computer to have a name (acquired after I had him for a number of years) is Archimedes - he's probably still operational (theoretically), but I haven't booted him up for a long time. I do want him to pass some of his knowledge to the current crew members though (when I have the time to guide him through that).
Here's a complete list of my past and current "computer persons":

A little about myself

I've been working in I(C)T since the 1980's although at present I'm unemployed. I live in Amsterdam, the Netherlands, and run a couple of websites (won't mention them all here unless you want me to). My main hobbies are traveling and photography. (You can now tell the world whether you like my travel blog.)

If you google for "javawoman" you might find a little more (including sites that have nothing to do with me, of course). :)



Oh, and you may also encounter me here as IamBack (which matches one of my domains, of course). I like having a lot of clones, so I can share out my work. ;-). Actually, I've just created this clone so I can (still) look at this site through the eyes of a non-Admin - the power of an Admin can be deceptive...

Contact
,My,Page
ACLsWithUserGroups
ActiveDirectory
AdminBadWords
AdminDevelopmentDiscussions
AdminIRC
AdminSpamLog
AdminWatchList
AdrianB
AdvancedFormatter
AdvancedFormOpen
AdvancedReferrersHandler
AnchorAction
AutomaticUserPageCreation
BaGus
Book1
CalendarActionInfo
CalendarLinkActionInfo
CategorySystemOverhaul
CloneAction
CloneHandler
CodeContributions
CodingGuidelinesHowto
ConvertingToAndFromWikkaMarkup
CreditsPage
DateAndTimeFormat
DescribeActions
DotMGTextSearchExpanded
DynamicPageGeneration
EditHandler
FileManagerHack
FilesAction
FilesActionHillar
FilesManagementSolution
ForeachBugInPhp4dot3dot10
FpdfIntegration
FreeLinks
GmBowen
GmBowenCalendar
GmBowenWikkaAsPIM
GraphMaker
HandlingUTF8
HandlingWikkaConfig
HelpWanted
HierarchiesAndInheritance
HighlighterAction
HtmlSpecialChars
IamBack
ImprovedRecentChanges
IncludeRemote
InheritACL
InitializeSessionWorkaround
InstallingLycos
InvisibleWiki
JavaWoman
JenniferSalamon
JwRssTest
KeepHistory
KoG
LighttpdConfig
LinkRewriting
ListfilesAction
Mod023fCategories
Mod024fHighScores
Mod025fOwnedPages
Mod039fMindMapMod
MyChangesAction
MySkin
NewpageActionInfo
NiallB
NickK
NonObjectMemberFunction
NonWikiUserNames
OnegWRTree
OneYearOld
PageAdminAction
PageAndCategoryDivisionInACategory
PluginsInDevelopment
ProgrammingHelp
RecentChangesAction
RegisterAction
RemovingUsers
RichardBerg
RSSAutoDiscovery
SimpleMathFormula
SpreadTheWord
StayingLoggedIn
SteveB
SuggestionBox
SuggestionsArchive
TableActionInfo
TemplateSystem
TestActionNewpage
TheBrandNewPage
TheLounge
ThomasSalomon
TomSpilman
UserGroupWikkaCrew
UserMap
UserMenus
UserSettingsAndPasswords
UserSettingsPanel
ValidPageNames
WantedFormatters
WikiBreadcrumb
WikiLost
WikiPing
WikiPingDevelopment
WikiTemplate
Wikka1164Development
WikkaAccessibility
WikkaAndEmail
WikkaBetaFeatures
WikkaBugs
WikkaBugsResolved
WikkaCodeStructure
WikkaCSS
WikkaEmailToolkit
WikkaExtensibleMarkup
WikkaFolksonomy
WikkaLogicalDataModel
WikkaMenulets
WikkaOptimization
WikkaPhysicalDataModel
WikkaReleaseNotes
WikkaReleaseNotesDiscussion
WikkaSkinOptimization
WikkaSpamFighting
WikkaTables
WikkaToPDF
WikkaWithMobileDevices

CategoryUsers


rss test

Wikka - recently changed pages

There are 15 comments on this page. [Show comments]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki