causality

I have started a new project called “delta-quadrant”. It is a repository of java applications wich should help developing on web applications. I have started developing these tools to make it easier for me to test OAuth protected REST based APIs and to make security tests for them. Probably you know why I have called this project “delta-quadrant” but for the not so scifi users … the “delta-quadrant” is the place where the borgs of star trek live. More informations at the project page at http://code.google.com/p/delta-quadrant.

I have renamed the content managment system “psx cms” to “amun”. “amun” is a social content managment system wich helps to build social websites. More informations on the offical website. You can reach the project under the following locations:

• Website (http://amun.phpsx.org)
• Google project (http://code.google.com/p/amun)
• Freshmeat (http://freshmeat.net/projects/amun)

Facebook has announced on the F8 a new protocoll called Open Graph. Zuckerberg says:

Today the web exists mostly as a series of unstructured links between pages. This has been a powerful model, but it’s really just the start. The open graph puts people at the center of the web. It means that the web can become a set of personally and semantically meaningful connections between people and things.

In general a great idea butthere are some things why I dont like the protocol. First you must have an facebook account second it is bound to a company and third its to easy to implement ^^. To give you a short overview I will explain how the protocol works.

To implement the Open Graph into your website you have to add some meta tags to your website. I.e. if you want set a title for the website you have to add the tag <meta property="og:title" content="The Rock" />. There are a bunch of other tags to add informations like lat/long-itude, street-address, etc. more informations at opengraphprotocol.org. But why dont use a format wich already exists like DublinCore. Instead of writing <meta property="og:title" content="The Rock" /> we should use <meta name="OG.title" content="The Rock" />. From my opinion its better to read for both human and robots and we dont create another format.

At least I have to say something good about facebook they have announce that they user OAuth for their API and this is a good decision.

As of PHP 5.3 php supports now anonymous function. With this post I will give you a short introduction how you could use them. As the name said anonymous function doesnt have a name they are assigned to a variable. To call the function you have to write i.e. $foo();. You can use them also as argument in a function wich is really useful for callbacks. Here some examples how you can use them:

$foo = function(){

	echo 'bar';

};

$foo();

$arr = range('A', 'E');

array_walk($arr, function($v, $k){

	echo $v;

});

An anonymous function is automatically an object from the class “Closure” so if you want accept as argument an callback function you can check via type hinting whether it is a valid callback i.e.:

class foo
{
	private $callback;

	public function register(Closure $callback)
	{
		$this->callback = $callback;
	}

	public function run()
	{
		$func = $this->callback;

		$func();
	}
}

This example leads me direct to the next point. Probably you ask yourself why I dont write $this->callback(); in the method run(). The answer is simple because it won’t work you have to assign the property first to a local variable and then you can call the function.

These are the points wich I have learned so far from anonymous functions … so have fun using them.

Probably you have on your website scripts wich must be called every x minuted todo a specific task i.e. delete old logs, thumbnails etc. Normally you would use a cronjob for such tasks and the cronjob automatically calls every x minutes your script. But if you havent access to a cronjob I have found an alternative way howto call your script. You must insert a script tag in your page wich points as source to your cronjob script. You should add the attribute defer wich causes that the script will loaded at the end if the content is already shown to the user. In example:
<script src="[url_to_script]” type=”text/javascript” defer=”defer”></script>

The problem is that you can only insert the tag if a user visits the page and because your users doesnt come in an symmetric way you can use this method only if its not important when the script is called. You can say i.e (3 % visit == 0) ? "insert script tag" : "do nothing". In addition you can keep track when the script was inserted last time and depend on that you decide whether to insert the tag or not.

If the script takes some time your script should ignore if the user has cancled the connection i.e. if you use php you should call the function ignore_user_abort(true).

The advantage of this technique is it doesnt disturbs the user because the browser makes the http request in the background. The only disadvantage is that the loading bar doesnt finish if the script takes a long time.

I like to announce the new version of psx cms 0.1.8 beta. From now psx cms is an opensocial API container and uses OAuth to protect the API. You can login either with an OpenID or with your email (in this case we send you an activation mail). More informations at http://cms.phpsx.org.

best regards

k42b3

Iam one of the happy starcraft2 beta tester … after waiting more then one year … today I have received in my inbox from blizzard the mail that I have been choosen as a beta tester. If I have played the demo I will write here a short review about the game with some screenshots. regards

Google has started a new web service called “Google buzz“. This service will compete against Facebook and Twitter and is a service where you can post messages and status updates with multimedia content. Its integrated in gmail so all gmail user become buzz users. I havent tried it yet because its not available on my account.

Sourceforge has blocked access from countries wich are in this list here. This is because they see opensource code wich is served from the US servers as “export” and according to the US law you cant “export” things in counrties or to entities wich/who are in the list. To name the famous countires wich are Syria, Sudan, Iran, N. Korea & Cuba. So the question of all opensource users in those countries is know ho do I get a IP address from another country. We in germany have the same problems “in small” on youtube because we cant view most of the videos from the US because of some german laws. So I think there is really a need for an service wich offers highspeed proxies with that you can surf and download with a different IP. But beside I think this law dont stop the most people from using sourceforge.

While Iam implementing an OpenID login for psx cms I came over the problem that with delegation a malicious user can login with any OpenID they like. You can solve this problem by filter the OpenID provider against a whitelist. Because of that I have setup a little project wich tries to create such a list of trusted OpenID providers. You can visit the project at http://trusted-openid.k42b3.com.

regards

k42b3