So, there is one great free resource (and a few paid resources) to get browser screen shots. One of my favorite is browsershots.org. It’s free, until you can wait in a line a few minutes. But it get’s annoying to wait after small css fix and after waiting to find out that this fix didn’t worked.

So I’ve found a great solution: there is http://www.spoon.net who gives availability to run all major windows browsers from browser. Just install little plugin and go to http://www.spoon.net/Browsers/. Here you can run Internet Explorer 8, Internet Explorer 7, and Internet Explorer 6,  Firefox 3.5, Firefox 3 and Firefox 2,  Safari 4, Safari 3, Chrome, Opera 10 and Opera 9 without installing them to your PC.

Oh, ant spoon.net gives app integration to other websites. Look, you can run Google Chrome from my blog ;)

(somehow it does not work from my blog. And I cannot find support contact. Well at least it works in their page :)
How all spoon stuff works you can read in their info page.

Wish you a painless css hacking!

Every programmer makes mistakes. It especially hurts when security hole was found and used. So it is important to test security before launching a project.

There is really nice and open web security resource on the web. It is called OWASP. It is open, not affiliated with any commercial structure, so its cool and free :)

You can jump and start reading whole security guide here: OWASP Testing Guide. Have a lucky testing ;)

As you can see there are list of allready uploaded images, a file upload form fields and a remove buttons. So, If you hit Save button, you get uploaded new images, replaced old images if there are specified files and removed unneeded images. It looks like ease to use interface, but there is one bug: you have as many file uploads as files are uploaded. So after client added 20 images, all upload stuff stopped working. Why? Because PHP limits not only file size, but even a file count. In current server  max_file_uploads option was set to 20. So it is possible to upload 20 files at once.

Fast decision was to remove file input fields from uploaded images. It will not be able to replace current image with a new one, but it is not necessary in my case.

But sometimes even these are not enough. So what to do? I suggest you to give a chance to a framework. There are a bunch of these: CodeIgniter, CakePHP, Kohana, Symfony, Yii, Zend and much more! I think http://www.phpframeworks.com/ will help you to choose framework for your taste.

Personally I have tried two of them:  CakePHP and Kohana. CakePHP was “first date” with a MVC framework. As I was young and inexperienced, it didn’t give me a very good impression. Even sample given with documentation didn’t work. Oh, I even didn’t understood why I need it. :)

But time passed, and I started to understand – using MVC is great option building bigger webapps or websites. So I gave another chance to a framework called Kohana.

Kohana is a PHP 5 framework that uses the Model View Controller architectural pattern. It is Originally based on CodeIgniter.

Why MVC? Well About MVC you can read here: Model-View-Controller. Usually in Model you write database queries, return them to a Controller which handles given data and returns it to a View. In a View goes all data layout or simply – template. But that’s not a limit, you even don’t need to use database sometimes to use MVC and so on. That’s great when application logic is separated from layout!

So, if you choose to start learning KohanaPHP, begin from great tutorial – Kohana 101. It is tutorial written by Oscar Bajner and shows how to write basic webapp using Kohana PHP framework. You can read it here: kohana 101 or Download it here: kohana101.

After reading and completing your first web site by yourself, go straight to Kohana documentation page, here you will get all needed help, also they have informative and helpful forum.

Okay, Kohanians, off we go… ;)

As I’ve changed CMS from etomite to wordpress, friendly url’s are changed a bit. Essentially  shortened URL and removed “.html” from the end.

But what to do  with old links? I had two options:

1. Create redirects to updated URLs
2. Make use of 404 error page

I’ve chosen 2nd option, as it is more elegant and requires a few work – more automation.

So, I was thinking: how can I redirect users comming from old URLs to new ones? And here I thought – if link is old one, I get 404. Here I can get that old link and redirect to a new one. Of course that idea is not new, so I’ve googled a bit and found ready made solution:  Adding Search results to Wordpress 404 pages

This is more better than moving automatically, because not all 404’s would be from old links and if someone mistypes address – he/she will get search results.

At last I had some free time from my job plus origami plus freelance web projects and renewed this blog. At last I’ve migrated from etomite to wordpress. It was very painful migration as I was importing from RSS feed, so if you find some mistakes in blog – inform me ;)

And talking about this blog – It was almost dead in recent days. I hope it will arise like phoenix from ashes :) Expect some more web experience articles.

Btw, all RSS subscribers – I’ve moves RSS feed to Google feedburner, so please update URL in your feed readers.

NEW RSS

Ninite is very cool soft preinstaller. You can select from bunch of apps and simply download installer. This installer will install your selected apps and do it quietly, no “next’s”, no questions, just download and installs. Very useful online resource, when you need to reinstall windows from scratch.

Go to ninite website and start selecting your soft ;)

SURBL and URIBL
These two checks url block lists, mentioned in message body.

It seemed a bit unclear configuration for me, so here I will write a little tutorial how to enable these tests to spamassassin, and how to test new configuration. Tested on production server, using spamassassin v 3.x.

First, check for init.pre file in spamassassin’s config directory. The plugin URIDNSBL should be uncommented. Like this:

And ensure, that plugin really exists. It is file named URIDNSBL.pm in SA plugins directory.

If everything ok – add to local.cf spamassassin rules:

You can adjust scores, to fit your server’s needs. With such scores, as shown below, in my server simple URL spam messages gets A BIG score (about 20 points).

If you interested what kind of URLs checks these rules – there is a list on SURBL website

Checking config

To check for typos or other config related errors use lint parameter in SA

To check newly written rules – get a spam mail with URL, save it as TXT or EML file and execute SA with parameters:

At the end of output you should see something like this:

Content preview:  If diseases show themselves, it is time to click on our
site http://xxx.xxxx.xxx/ If diseases show themselves, it is time
to click on our site http://xxx.xxxx.xxx/ [...]

Content analysis details:   (22.5 points, 4.7 required)

pts rule name              description

0.1 FORGED_RCVD_HELO       Received: contains a forged HELO
0.5 HTML_40_50             BODY: Message is 40% to 50% HTML
0.0 HTML_MESSAGE           BODY: HTML included in message
3.5 BAYES_99               BODY: Bayesian spam probability is 99 to 100%
[score: 1.0000]
1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see ]
3.9 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
[201.235.56.232 listed in zen.spamhaus.org]
0.0 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
[201.235.56.232 listed in zen.spamhaus.org]
2.0 URIBL_BLACK            Contains an URL listed in the URIBL blacklist
[URIs: xxxx.xxx]
0.5 URIBL_SC_SURBL         Contains a URL listed in the SC SURBL list
[URIs: xxxx.xxx]
1.9 URIBL_AB_SURBL         Contains a URL listed in the AB SURBL list
[URIs: xxxx.xxx]
1.5 URIBL_JP_SURBL         Contains a URL listed in the JP SURBL list
[URIs: xxxx.xxx]
1.5 URIBL_WS_SURBL         Contains a URL listed in the WS SURBL list
[URIs: xxxx.xxx]
1.5 URIBL_OB_SURBL         Contains a URL listed in the OB SURBL list
[URIs: xxxx.xxx]
4.0 AWL                    AWL: From: address is in the auto white-list

Also you can read my erlier article about writing custom rulesets on spamassassin

Creating a hard drive backup directly to another hard drive

Also, very useful boot cd with live linux and utility partimage: System rescue CD

In my experience to-do list one of points are “To know regular expressions better”. But until I can write regexp with my closed eyes, I use very useful resource on web:

RegExr

P.S. Sorry comments does not work. Something changed in new etomite cms. In a future I should migrate to wordpress I assume :)
Update: Wordpres is here ;)