Dec 30, 2011
Dec 27, 2011
Dec 13, 2011
There are lots of instructions on the web how to make it. For my drive, Google leads me to two pages: one and two. They are all ok except that they require a Matshita Flasher application, which does not work in Lion (PPC applications are not supported). However, this application is only a wrapper around the real flasher, so you can flash your Macbook under Lion too. Notice: I did not tell you to do it! I am just providing the information.
Dec 5, 2011
When I got a new iPhone 4S, it came with iOS 5.0. I upgraded to iOS 5.0.1. The phone did not survie a day of charge. Now it survives 3 days with using e-mail, twitter, facebook + location services. How did I do that?
Dec 4, 2011
Atos made a step towards better efficiency in business communication. This is a great and clever decision.
I agree that e-mail channels often become a major distraction way. While it is possible to filter out spam effectively with relatively simple measures, other e-mail message often remain inefficient. Many mails come with extra words, long disclaimers, polite but needless "how are you"s, etc. I believe that business correspondence should be strictly about business. This position may seem extreme to some readers. We all know that business often grows due to personal relations. But it is a good thing to separate personal and business when you want to talk about tasks. Time is extremely valuable, so loosing it for inefficient e-mails is not a good thing. If it is a business e-mail, it is about business, so let's get straight to business without personal stuff. Personal stuff is ok in personal e-mails but if person A needs person B to do something, just ask for it. The clearer A does it, the more chances that he will get it.
Here is an example of a great e-mail I got recently:
for our XYZ customer, we have a new request to extend RealURL. It sounds quite simply. Could you please check if this is possible an how much effort it takes you to do the changes with RealURL?
With RealURL it is possible to ...
Dec 2, 2011
When tools do not matterWhen I was in school, I went to a photography class after official lessons. It was not like a school class, it was more like a community of pupil with an adult teaching us how to make photos. He owned a very good camera (6x6 cm) and we all complained that he can do good photos with his good equipment, while we can't do it with our cheap cameras.
Once he became annoyed by our complaints and took us to the outside for a three hour training in the forst. We were to photograph freely what we see and like. Some went do their work alone, our followed our teacher trying to make the same photos as he did. He gave everybody the cheapest possible camera (we had a stock of them in the class) and took one of them too.
Nov 30, 2011
PhpStorm 3.0 is now available and introduces the Smart Duplicated Code Detector to help you quickly find similar blocks through your entire code base and securely get rid of them without losing the intended functionality.
Also a new integrated UML tool allows you to quickly get a bird’s-eye-view of your project structure, or even a semantic view of the changes in the recent VCS commits made by your colleagues.
Furthermore, to ensure that your code works fast and doesn’t cause any performance bottlenecks, the IDE now includes a profiler, a new PHPUnit test runner and JSTestDriver.
The new key functionality in PhpStorm 3.0 includes:
- Smart Duplicated Code Detector
- PHP UML roundtrip diagrams
- Profiling results browser for Xdebug and Zend Debugger engines
- PhpUnit 3.6 integration
- CoffeeScript support
- Significant improvements to FTP/SFTP Sync
- TFS support and revision graph for GIT
- Streamlined UI across all operating systems
<f:form action="register" method="post" id="tx_myext" noCacheHash="true">
When TYPO3 renders a page, it has to do a lot of stuff. What happens when you request a page under /profile/details/ URL? Firsts, TYPO3 has to resolve the URL to a page id. It calls RealURL to do that. RealURL makes a lot of stuff internally. In the happiest case it makes at least one database query. In the worst case number of database queries will be more than a number of tree levels to the page. TYPO3 page tree implementation is not optimised for performance at all, so you start loosing speed already here. Did anybody thought “nested set”? Nope, no such thing in TYPO3.
Nov 29, 2011
Team developersTeam developers work well in a team. They need other players. They can work on their assigned tasks but only if those tasks are a part of a whole. Team developers do not like to assume a complete responsibility on the project.
Typically team developers usually communicate well with others, they like to communicate and socialize. They can do the assigned work of any kind but they generally do not have or strive to leran new stuff. They are not entrepreneurs at heart. However they work great in the team. So they are especially useful in big projects when management needs "resources" to fulfil the task.
Team developers can become good team leaders because they understand the environment they work in.
- I do not want to maintain the infrastructure. The blog ran on my own server, so I had to watch logs, do updates, etc. I rather not to do that because this blog is a hobby and not a real project.
- Better blogging capabilities. As a wrote already, TYPO3 is not really good for blogging at the moment. Blogger gives far more power tools
- RTE is much better. When I prepared posts in the past, I always had to fight the TYPO3 RTE. It inserted &nsbp; all over the place, it changed markup all the time, added new paragraphs. So I sent at least 20∞ of time reformatting the article after it was published. Now I simply type and it works.
- Better spam handling. There is one guy from India, who regularly tries to abuse my blog by posting offensive words in his language together with phrases like "TYPO3 is great". Other Indians (for whom I have a great respect as a nation), would come here and see all that junk and turn away. This abuser is filtered away automatically now. Never could understand why would people do such destructive things...
About RSSThe side effect of changing the blog is that everybody, who subscribed to my RSS feed, got a lot of old articles marked as unread. I apologize for that. It happens when the blog platform changes. Just mark them as read.
After using Blogger for a day I feel excited. It is very convenient. I think I'll blog more now. I have ideas for the whole set of articles on TYPO3, better coding, doing stuff in a right way. So stay tuned :)
Nov 28, 2011
Suppose you have a module, which creates database records. The module has an integer field with a set of flags (each flag is a single bit in the integer). Flags 2 and 4 mean thing X. Flags 2 and 6 mean thing Y. Flag 1 must be used only together with flag 3 or flag 5. The module knows how to manage those flags and what to make of them. Let's name it “module 1”.
Now imagine another module (“module two”). It needs to get information from the first module, that matches certain criteria. Module one would be able to provide that information by matching flags.
Here is the tricky part. The most obvious solution would be simply to query the database directly from module two. Proper solution for module two would be to ask module one for the information. Querying module one's tables using a combination of flags is wrong. Such query uses the internal knowledge of module one outside of the module one. Thus, the implementation of module two becomes dependent on the implementation of module one.
Do you see potential problems here? If module one changes, module two breaks. This "solution spread" introduces unnecessary dependencies between logically separate modules, which is neither necessary, nor good.
A proper way would be to create an API in the module one that returns records, required by module two. If the internal implementation of module one changes, module two will work because all internal proceedings happen inside a single place.
Next time, when you are about to introduce cross-module dependencies, think of minimising them in favor of API usage.
This article was inspired by a http://forge.typo3.org/issues/32136 in TYPO3.
Nov 27, 2011
- When the plugin is inserted as a content element, it does not appear on the page. The reason is that it does not add itself to TypoScript anymore (to tt_content.list.20). I had to investigate and add it manually.
- New page browser in tt_news does not replace certain markers out of the box. Why couldn't the developer simply use a pagebrowse extension instead of doing a complex thing himself?
- The formatting is changed too much.
People, when you write your code, remember a gold rule: the less problems people have with your creation, the more they will like it. Upgrade should be smooth. Behavior should be compatible!
I hate tt_news. (Georg, yes, I know about news2 but I am not ready to migrate to it. I am out of time.)
No productivity blog post for today because my productivity for today is out of order, thanks to tt_news.
Nov 18, 2011
This is beautifully rendered video but... it is fully Microsoft video :) Microsoft is different from many other companies in the way that they never invented much. They worked on inventions of others. For example, almost everything in this vide is either multitouch, or iPad-like or a 3D monitor from a science fiction. Nothing of this is new, everything was seen in movies already (take "V", for example for interfaces).
The other thing that bothered me, is that Microsoft believes it is the future, while most of it is present. HUDs (head-up displays) are quite common. BWM has them in cars, there are even eyeglasses with HUDs now (you can read e-mail with them or see geographical pointers). Multitouch exists for years in all Apple products. Gestures without touching was recently patented, which means implementation is is the labs already. 3D holograms exist for years. You can read news with phones, which are getting very slim, donate, set appointments and send instructions. Nothing of that is new! So where is the future in this video?
The kitchen has the same microwave (which makes your products less healthy for you). It is all present, nothing is from the future.
Pumps? In future??? Nuh.
If Microsoft wanted to show more of the future, they would not look to pumps or luxury cars. They would show holographic meetings (like in "Resident Evil: Extinction"), all green energy, voice controlled equipment ("Hi, Siri!"), less traveling and more time with family. That would the future.
But that's Microsoft: shiny outside, no new ideas inside.
Let's see the problematic code:
$resource = $GLOBALS['TYPO3_DB']->exec_SELECTquery(...);
How this can be prevented? Code:
$resource = $GLOBALS['TYPO3_DB']->exec_SELECTquery(...);
$row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($resource);
[Note: of course, for a single result you can use exec_SELECTgetSingle but the point of this article was to show the problem and the solution]
Nov 17, 2011
Me and my wife have a project in our country. The project has started in January 2001 as a set of static pages and grew to a large family portal with elements of a social network.
In 2001 it was just a diary, which my wife made online. Blogging was not a hot area at that time but she was blogging. People came and read, they were interested. So she asked me to make a forum on the site. So there was a forum. People asked for more: they wanted more articles, more information. The amount of information grew.
In 2003 we had our own rudimentary CMS. It allowed to manage pages and connect them to menu items. So menu structure was separate and pages were separate. Menu could be two levels deep maximum. The CMS was simple and fast, it could run on inexpensive shared hosting with a very limited CPU power, memory and disk space.
Number of articles grew and navigation became harder because we needed more nesting levels and greater editing capabilities. I worked full time on my daily job, so I could not create a “full force” CMS. I started to look around. I went to the opensourcecms.com and tried several CMSes there. At that time there was only one CMS there, which I more or less liked: Mambo (now it is called Joomla). TYPO3 also was there but the text said something like “the system is too heavy and complex to be installed as demo”.
Nov 15, 2011
Nov 7, 2011
Recently I discovered one interesting blog and made a comment on one post. There was a checkbox to subscribe to updates of comments. I ticked that because I was interested in the topic. When comments started to come to my e-mail, I noticed that they were sent from the e-mail address of people, who commented. E-mails were hidden in the blog but as soon as you subscribe to comments, you get e-mail addresses of all commenters. That would help spammers a lot if the blog uses Gravatar service for user pictures. Gravatar binds e-mail addresses to pictures. Blogs can show pictures of users if the user provided a valid e-mail address. Thus, if the blog is known to use Gravatar, many users will supply a real valid e-mail. Here you get spammers subscribing and catching a lot of valid e-mails. Update/clarification: this is not a problem of Gravatar! This is your blogging software that can send such e-mails. Gravatar only shows pictures and it is not vulnerable at all.
There is another view on this problem: the blog says that e-mail address will not be revealed but, in fact, it reveals the address. So it may have legal privacy implications. I notified blog's owner about the issue.
Conclusion: never use user's e-mail to send anything from the web site.
Oct 24, 2011
The enhancement I mean is an improvement of the Backend search. What was wrong with the old search? The old search worked like this:
- Take all numeric fields and add them to the list of searchable fields (including uid and date/time fields)
- Take all input and text fields and add them to the list (including, for example TSConfig field)
- Use LIKE %...%
- Search every table in the database if the table is in $TCA
- Search 4 levels deep maximum but never say it to anybody. So people would wonder why can't they find results deep in the tree.
What was changed? The search was adjusted to work like this:
- Use only specially configured fields for search (i.e. we can search "bodytext" field but generally there is no need to search "TSConfig" or i18n_diffsource field)
- Use numeric fields in search only if search phrase is numeric
- Skip tables that are not configured in $TCA
- Search regardless of pid unless searching "current page only" from the List module.
Oct 23, 2011
Oct 13, 2011
That message appeared each time after I restarted my MacBook Pro. It looks like a flag was written somewhere that this message should be displayed. While it takes a simple click to get rid of the message, I wanted to get rid of it once and forever. After a small search in Terminal I found how to fix it:
- Open Terminal (use Spotlight to find it)
- Type sudo rm /var/db/PanicReporter/current.panic
That's all. You can now reboot without errors.
Oct 6, 2011
Steve Jobs, the former Apple CEO, the inventor of iPhone, the most innovative man in the world and the world's best CEO, died tonight.
I met Steve Jobs in 2008. Not personally, of course. I saw an old colorful iMac in 2001 and liked that. But I did not buy it and did not become an Apple fan. Next I got in touch with Apple products at TYPO3 developer days in 2006. There I really liked MacBook Pros and OS X. They were fantastic compared to my Windows notebook (I had a new good looking Fujitsu-Siemens). In the end of 2007 I bought my own MacBook Pro. And soon I heard about iPhone. "Nothing special", - thought I - "just another phone". Then I saw it and wanted it very much.
Accidentally I came across a Macworld 2007 keynote, where Steve Jobs introduced the iPhone. I had no idea about Steve Jobs at that time. I never heard his name before. So I was not pre-engaged. But the man hook me from first minutes. The power was radiating from him. I watched it again and again. This is the first time when I saw such an inspiring and energetic man. He did not jump like Steve Balmer. He did not speak in high voice like many politicians do. He spoke with love. Love and that feeling of "changing the world" really hooked me. I became a great fan of Steve Jobs and Apple.
Many say he is a paranoid dictator, who engages patent wars and secrecy. But this means nothing to me. To me, Steve Jobs will be always a man, who revolutionized the world of music, computers and mobile phones. He is the one, who inspired others. He is the man, who thought that highest quality is the top priority. He is the man, who wanted to leave a dent in the world. And he definitely did it.
Steve Jobs principles, as I saw them, were quite simple:
- do original
- do it best
- love what you do
That's the goal to success and happiness. You can't do great stuff by mediocre copying. You can get money with this but money do not give happiness. The feeling that you made a good change in the world, makes you happy. And I think Steve was happy in the end.
Good luck to you, Steve Jobs, wherever you are now. Thanks for the lessons given. Your principles will live in many people's minds.
Sep 22, 2011
Some time ago I wrote an article about recreating a Lion recovery partition. The way described in hat article was very technical, complicated and risky.
While any way of adjusting partitions is risky, I found a safer way to recreate recovery partition after my Mac crashed again (looks like its life time is coming to an end). Here is how I did it the second time.
Sep 20, 2011
Sep 14, 2011
Recently my old (42 months) Macbook Pro had a problem and I had to restore it completely from the Apple Time Machine backup. This Macbook is my primary instrument, so I do everything to keep its information safe and alive.
As a part of being "safe", I always encrypt my hard drive. Before Lion I used PGP Whole Disk Encryption. It was a bad experience (2x slower, troubles after each OS X update, etc) but it worked. With Lion I happily threw away PGP without being sorry at all and encrypted my hard disk with new shiny FileVault2. FileVault2 also encrypts the whole disk and requires a pre-boot authentication to unlock the drive. Information cannot be recovered without a proper password.
After recent crash and recovery from a Time Machine, I went to encrypt my drive again. But now Lion showed me a message that my disk cannot be encrypted because it does not meet the requirements for FileVault2. I knew what was the problem. FileVault2 requires a hidden "recovery" partition that Apple creates on the disk. It seems like I did not have that. Searching the Internet revealed that if I install a clean system, recovery partition is silently created. However, if I restore from a Time Machine Backup, it is not created.
This is bad news. I need FileVault2. So I have to make that recovery partition in some way.
Aug 28, 2011
1. Never follow guidelines from the TYPO3 security cookbook
2. Do not hire TYPO3 professionals
3. Use some ancient TYPO3 version
Also never update extensions, especially if security vulnerabilities are fixed there.
4. Do not subscribe to TYPO3 security announcements
TYPO3 security announcements inform users when security issues are fixed. Ignore them. If you need an insecure web site, you do not need these announcements.
5. Do not protect directories
Make sure you have directory listing enabled. This will allow anyone to see what you keep in fileadmin/.
6. Do not use salted passwords
Salted passwords (through a TYPO3 system extension) make it much harder to discovere your passwords for hackers. Do not use salted passwords!
7. Make a database dump and put it to your web server (in fileadmin/)
If you enable directory listing and put a dump of your database to fileadmin/, anybody will be able to find it and hack into your computer. If your site has user registration, hackers will be able to get passwords and contact data of all your users. They will be able to use this data to login to other services that you users use.
8. Use FTP to transfer data to your site
FTP is a very insecure protocol. It transmits passwords in clear text. Thus anybody on the network will be able to get your password and login to the site. Makie sure you use FTP from your laptop in hotels, cafe or airport.
9. Make sure files are writable by anyone
Adjust permissions on file so, that anybody can modify files. In some time you will have your files modified, spam links appear on your web sites and PHP shells installed.
This post is a joke. Of course, I do not want anybody to make their web sites insecure. But the information presented here is very typical for sites that suffered a security breach. So see it as a security checklist. If you find anything from the list above on your web site, you are in danger. Go and fix. If you do not know how, contact TYPO3 security team.