MooTools Tips extension: Tips.Glossary

This is just a little something I whipped up because I found it useful. Tips.Glossary is used for helpful tool-tips that gracefully degrade when JavaScript is not available for whatever reason. The basic idea is that you include an HTML glossary in the page, and if Tips.Glossary is available, the tips will come up however you specify, if not, they are simply anchors to their entries in the HTML.

This probably works with most MooTools stuff post 1.2, you are smart and will figure it out.

Check it out here.

Download the example.

or have a look at the code:

Selectors.Pseudo.hash = function(hash){
	if(!$chk(hash))
		return this.get('href').contains('#');
	var currentHash = this.get('href').split('#')[1];
	return currentHash === hash;
}
 
 
Tips.Glossary = new Class({
 
	Extends: Tips,
 
	options: {
		'anchorClass':	false,
		'hideGlossary':	true
	},
 
	initialize: function(glossary, options){
		this.parent(options);
		this.glossary = $(glossary);
		if(!$chk(this.glossary))
			throw "Glossary not found / defined, quitting";
		if(this.options.hideGlossary)
			this.glossary.setStyle('display', 'none');
		this.indexGlossary();
		return this;
	},
 
	indexGlossary: function(){
		this.items = this.glossary.getElements('*[id]');
		this.anchors = new Elements();
		this.items.each(function(e){
			var anchor = $(document.body).getElement('a:hash('+e.get('id')+')');
			if($chk(anchor)){
				if(this.options.hideGlossary);
				anchor.addEvent('click', function(event){
					new Event(event).stop();
				});
				this.setTipContent(anchor, e);
				this.anchors.push(anchor);
			}
			if(this.options.anchorClass)
				this.anchors.addClass(this.options.anchorClass);
			this.attach(this.anchors);
		}, this);
	},
 
	setTipContent: function(anchor, target){
		anchor.store('tip:title', target.get('title'));
		anchor.store('tip:text', target.get('html'));
		this.fireEvent('settingContent', [anchor, target]);
	}
 
});

On a side note, notice the psuedo selector being added. This has been added because for whatever reason, the following CSS3 selector is goofy:

$(document.body).getElements('a[href="http://trickeries.com"]'); // works
$(document.body).getElements('a[href="#glossary-username"]');    // does not work

Anyone have any idea why?

WPMU, why you gotta be like that?

I have a long and tension filled past with WPMU (Wordpress multi-user).

My first major beef was that they forcibly eliminated ‘www’ from your site url. It was hard coded in the source to tear it out and redirect, even if you went well out of your way to define it with the ‘www’. This was part of their general participation in the following bullshit: http://no-www.org/

I had an ssl certificate on www. Lots of stuff blew up, and there were a few infinite loop redirects. I wasn’t happy, and this eventually led to some core edits. This has since been changed, you can read some of the complaints here: http://mu.wordpress.org/forums/topic.php?id=7593

My next problem was that lots of language shit was hardcoded, including emails. This is generally improving over time, however I still have problems translating everything, as there are now emails stored in the database as options, which leaves me with difficult translations. More core edits to sort this out.

The next issue that I encountered was that my term id’s were very quickly getting larger and larger, with no reasonable explanation. This is still the case, and I have no idea why. Refer to the following forum thread (with no replies or acknowledgement), which explains this issue in more detail: http://mu.wordpress.org/forums/topic.php?id=3308 and my solution: http://mu.wordpress.org/forums/topic.php?id=6759

The next issue is that the admin does not gracefully handle many users. For pages where it is displaying users, no pagination is used. So if you get a few thousand subscribers, you better believe your browser is in for a crash when even attempting to load any of those pages.

The most recent issue I have experienced is that you can no longer register subpages to the plugins.php page, unless you don’t want anyone but the admin to be able to use them. I have no problem with this in theory, but historically this has never been the case. Now you have to be an admin to even load the plugins page, so if you have a tool you want editors to use, it better be somewhere else. This is because the variables that handle the menu generation declare that you need to be able to install plugins, edit plugins, or activate plugins in order to see the page, which only admins are capable of doing. This was also a hell of a thing to figure out. I had to crawl through include after include with ‘die(’made it here!’);’

I still very much appreciate the software. It is a huge piece of impressive, and its not something that they needed to share or support (It was developed for use with wordpress.com). I am sure is a bear and a half to work on and test.

I just need to vent sometimes.

tagged with: , ,

1 Comment

trickyInc: a dynamic css / javascript php library

I am very pleased to introduce trickyInc, a flexible and extensible dynamic css / javascript library written in php.

Download

Documentation

I won’t go into detail here about what it does, because the google code project covers that pretty well. If you have any interest in dynamic css and/or javascript, I urge you to check it out. I have been using it on all of my projects lately, and I am enjoying the hell out of it.

I would love some developer feedback on this, so if anyone finds this interesting enough to use, please let me know about your experience, and open issues in the google code project as necessary. I would also love any feedback regarding making it faster / safer / better / whatever.

codeigniter, xss cleaning, and form output

If you are a codeigniter user please use caution when outputting any user input into your views, even after it has been passed through xss_clean, or you have global xss filtering on. This will not prepare output for form field use. In order to safely output user input in a form field, you will need to load the form helper class as well and use the form_prep() function. The form_prep function is not available in the input class.

This is something I have discussed with the codeigniter developers, and they do not feel it is necessary to change:

“All global_xss_filtering does is run the Input::xss_clean() filter on user input for you automatically. It does not make assumptions about where or how that data will be used, and it would be improper to always format the content as needed for use in a form field.”

I do not feel that it is adequately documented that you need to make further alterations to input after the xss_clean, especially when it includes loading a helper file. This is not mentioned in the documentation for the input class.

At first I thought I was making undue assumptions, but a few quick injection attempts on other codeigniter run sites / projects, I realize that I am not the only one assuming.

To the makers of VMWare 2.0 for Linux: wtf, go to hell.

vmware_server_hurrrrrrrrrrrrrr

The following is an account of my attempt to install and use some software.

In the past, I liked VMWare and recommended it to people frequently. Now I am confused and frightened.

  1. I go to download the file, and am prompted to login.
  2. I don’t know my password, so I reset it.
  3. I get my password via email, plain text of course.
  4. I login.
  5. I download the tar and extract it.
  6. I run the perl script and start the installation.
  7. I answer a tedious series of questions that I don’t have the proper knowledge to answer, in the command line. Luckily, they have defaults which I choose every time. There are a bunch of questions, I slap away at the enter key. I am thankful for the defaults, however I wish they didn’t ask unless prompted to, but whatever.
  8. I get to the part where I need enter my serial. This is free, why the hell do I have to enter a serial.
  9. I have no idea what my serial is.
  10. I check my email, to see if I got anything from them after downloading, which I did.
  11. The email does not contain a serial, rather, it has an invitation to go ahead and activate my license and download VMWare server. I think “wtf? I already downloaded this.”
  12. I click the link, perhaps once activated, they will give me this serial.
  13. I am prompted to login. I am already logged in, I can even access my account. Again, my thoughts go to “wtf?”
  14. While in my account, I notice a “Find Serial Number” link. I think “goody”
  15. I receive a “No Matching records found. Please refine your search.” error.
  16. I fiddle with their search form to no avail.
  17. I say fuck it, go back to my email, and click the activate and download link, and login using the form provided.
  18. I receive a 404. Based on the URL, they appear to be trying to make me take some sort of survey. I’m pissed.
  19. I drop my cookies, and try the form again, hoping it was just some random survey that I perhaps might avoid. It 404’s again.
  20. I hit their knowledge base. I search for “serial”. The first result is: Locating VMware Serial Number online (1005509)
  21. They tell me where to go and that my serial will be there. I am hopeful, but already suspicious.
  22. I go there, there is a table there for serials, but there doesn’t appear to be anything in it. I suspect idiocy, so I look at the HTML, still nothing there.
  23. There other option is to register a new account. I again say “fuck it”, use a different email and register a new account.
  24. I get logged in and get the 404 again. PISSED.
  25. I try again, and it works, sweet gravy I have a serial.
  26. I slap the serial into the terminal and finish the installation.
  27. I save the output, just in case I missed some useful information.
  28. I want to start the application. I check my menus, there is nothing new, anywhere. “Thats annoying, oh well” I think.
  29. I head back to the terminal, and enter “vmware”.
  30. Its doing something, awesome.
  31. Its opening firefox, wtf…
  32. URL is https://127.0.0.1:8333/ui/, wtf…
  33. “What is this for?” I think. I try logging in with my login information for their site. No dice. I try logging in with my system user information (thinking it was retarded but worth a shot), again, no dice.
  34. I give up on that thing. I assume I am missing the actual application.
  35. I head back to their knowledge base, trying to think of something less retarded to search for than “how do I start it?”
  36. I dig around a bit. I am disappointed once again.
  37. I glance over the log I saved, paying special attention to the end, where I assume there might be a clue of how to start it. Nothing useful.
  38. I dig around in my system looking in the bins and find nothing useful again.
  39. Just to relieve myself I google how the fuck do i start vmware server 2, I find someone else who doesnt like it (but managed to use it!), however nothing useful.
  40. I figure this has to be that stupid localhost login, I head back to the terminal, run “vmware” and look at the login
  41. I google wtf vmware infrastrucutre web access
  42. First result is a pdf user guide for this thing, I don’t click because I no longer trust these fuckers. A few results down is “What’s the Login User Name and Password for VMWare Server 2.0 …”, I click it.
  43. read… read… quote from page:
    What login user name and password to use? This probably your first installation of VMWare Server 2.0, and even if you have installed VMWare Server 1.0 before, it never ask for creation of any user account or its user ID or password during installation of whatever versions. And searching up and down in Start Menu’s VMWare Server program folder doesn’t reveal any program to create or manage user’s login name for VMWare console too.

    . Amen.

  44. Turns out you need to login as the system administrator. Wait, didn’t I already assume that that was retarded but try it anyways because I was desperate? Yes I did.
  45. After some more googling, I determine that I must login as root. Immediately after reading this I say to myself, “Wait a minute…. ubuntu doesn’t have a root login….”
  46. I can’t login because it requires a user that doesn’t exist in any meaningful sense. God damnit.
  47. I try it anyways, It doesn’t work.
  48. After more googling I find this which quotes this:
    Because Ubuntu does not use the root user account we also need to setup access for your main user. Replace root with your username on line 10 of: /etc/vmware/hostd/authorization.xml (ACEDataUser).

  49. I think “Ain’t that some shit.” and do what it says.
  50. The guide recommends restarting. This is a *nix, I shouldn’t have to restart for this bullshit.
  51. ..but i have no idea what needs needs stopped/started so I log out and back in, hoping it will work.
  52. It doesn’t. I curse. I restart.
  53. I try to login. It works. I am angry and relieved.

Closing thoughts.

  1. I haven’t even used it yet, and probably won’t. If my install was any indication, they didn’t just take a step back, they tripped over a stump and fell down a well with this one.
  2. I don’t want to use a shabby web interface for something I used to have a reasonable application for.
  3. I am already logged on to my system. wtf am I logging in to?
  4. This is apparently not a beta at this point.
  5. I am starting to feel like they intentionally fucked over VMWare server so people would buy VMWare Workstation.
  6. Hello VirtualBox, please don’t abuse me.