or maybe something uplifting…

The SVG Open is shaping up fast. The call for papers has been out there for a while now but if you’re quick you can still present a paper or run a workshop but the deadline to submit for papers and courses is April 18 and that’ll be here before you know it. The SVG Open is the conference for people doing SVG. The SVG Open has been running since at least 2002 and seems to get a little broader appeal every year it runs. Look at the broad areas to cover: client-side Javascript toolkits, map overlays like Google’s, widgets in Opera, cell phones and other embedded applications, UI elements in Gnome and KDE, desktop tools like Inkscape. Those are just off the top of my head, that kind of a list just didn’t exist 5 years ago - not for mainstream applications like these. SVG is growing in adoption and I don’t see that slowing down anytime soon.

I’ve been out of the scene for a while but things have really come a long way all of a sudden. There’s some great support across the latest browsers - compare that half-green Firefox 3 to the qualified “about half of the tests passed that test features supported by Firefox” from a few years ago. There are solid, supported tools that make SVG creation accessible to anyone. Inkscape may only consider their release 0.46 less than a 1.0 but it’s a real practical tool that’s adding features in leaps and bounds. Want some graphics to work with? The Open Clip Art Library has piles of subjects covered.

There are more and more compelling reasons to choose SVG every day. If you’re someone who’s been applying SVG already then share what you know and go present it at the Open.

On Pavlov.net talking about some improvements in memory handling on Firefox 3:

It isn’t reasonable to expect all those authors to write code to manually break the cycles themselves.

This reminded me immediately of an MSDN article that took a decidedly different stance on pretty much the same problem in Internet Explorer:

The good news is that memory leak patterns can be easily spotted if you know what to look for.

The fact that the MSDN article is from 2005 really drives home just how stunned I was when I first read it. The page goes on to describe how web developers should analyze their Javascript and write their code to work around bugs in garbage collection. I understand the idea that sometimes users have to work around bugs in a program but that’s definitely not the message I got looking at the MSDN article. It read a lot more to me like “we sent out IE 6 SP2 about a year ago and we have no intentions on fixing this any time soon.”

Then look at the audiences that these two very different standpoints are aimed at. The Mozilla post is about extension developers, a relatively small and advanced group compared to the number of web developers - the ones most likely to understand the issue if anyone does. The MSDN post talks to “every web developer” and says to “Use defensive coding practices and assume that you’ll need to clean up all your own memory.” While this may be practical advice for advanced coders, in this context it says to me that there’s no intention from Microsoft to really fix this problem.

Kudos to Mozilla for working to improve efficiency and close leaks instead of blaming web developers.

Here’s a quick tip for PHP error reporting and display in development.

When a project is in the early stages of development you want to see all the error information you can. You probably want E_STRICT on especially when you’re starting from scratch, to help avoid relying on deprecated behaviour. The E_STRICT flag is only available as of PHP 5 and is not included in E_ALL until PHP 5.2 (there’s a little disagreement on php.net between the definition of E_ALL in this table and the earlier note about error_reporting on the same page).

In an early development project you also don’t want to have to keep tailing log files to see the error messages. That’s a pretty sure way to miss errors. So you want to set the display_errors flag on. You also want to control this on a per-project basis, since some projects will have legacy bugs that you’re not fixing right now and those can be left spouting errors to logs until someday in the future when you decide to fix them.
Read the rest of “Displaying PHP Errors in Development”…

At the risk of turning this into an Apache fan blog, I have to mention the handy directive I found today. Many webmasters run in to mod_rewrite at one time or another and every one of them will have at least a little trouble with it. I just came across the RewriteLog Directive and corresponding RewriteLogLevel Directive. You’re not going to be able to turn these on with shared hosting, they can’t be used in .htaccess. To set up a debugging log for mod_rewrite, you need to add them to your httpd.conf somewhere. In my case I’m working on a server at home so I added
Read the rest of “A Couple Ways to Debug mod_rewrite”…

Motivation

Now that I’ve got an LDAP server up and running I’m trying to get my personal web server set up so it has a blanket authentication for my personal applications, static content and development stuff. The web applications I’m talking about aren’t meant to be exposed to the public at large, they’re not what you find here on Late Night PC Service or any of my other sites. These are things like PHP Calendar, Task Freak, SugarCRM, a bunch of development versions of apps I’m working on and some static content that might be a single html file or an image.

I currently have a server that’s accessible through DynDNS and I use basic HTTP authentication on it. The server runs Apache HTTPD 2.2 and has whatever modules I want on it. My next server is roughly the same but I want to make things a little more secure and a little simpler (at the same time no less). So my idea was to move to LDAP as the Authentication Provider and Digest as the Authentication Type.
Read the rest of “No AuthType Digest with LDAP Authentication Provider for Apache today”…

I can think of three things I really want from my email: it should be easy to use, fast, and private. SquirrelMail gets me pretty close to those goals. It just got better today with the release of version 1.4.10. Somewhere between the last version I last installed and this one they’ve added support for multiple identities - that is to say that you can have more than one return address.

If you want to set it up on a site you host at 1and1, there’s an FAQ at 1and1 on how to do exactly that. Unfortunately they haven’t updated it since they changed their outgoing (SMTP) mailservers to require authentication. I got the hint because it’s mentioned for other email clients. Since SquirrelMail is really just an IMAP email client written in PHP, the same rules apply.

What worked for me was this change in SquirrelMail’s config/config.php:
$smtp_auth_mech = 'login';
The default was none.

So overall all you need to change in the default config file to make SquirrelMail work with mail at 1and1 are the $domain, $smtpServerAddress (smtp.1and1.com) and $imapServerAddress (imap.1and1.com).

The other interesting thing is that since SquirrelMail is just an email client, you don’t have to run it on your 1and1 web server to get your 1and1 mail. If you have a home server or one hosted somewhere else, you could use the same configuration file and SquirrelMail will go get your mail just like any other client would. Depending on how you use your mail you might find this a little more convenient and possibly faster than using your web server.

Konsole is a nice little shell for KDE. I usually keep a few tabs open in it for the different shells that I use. Some are just me, under my normal user id. This should be generally the one for almost all tasks that don’t affect the computer as a whole or other users on the system. It can be hard to get in the habit of using a limited user id but it’s well worth the saved headaches of breaking things because you have too much access.

I keep another shell or two open on the other Linux server in my house. It used to also be my primary desktop but now it’s serving as an Asterisk and part time MythTV box. It still runs Suse 10.1 and X. Maybe one day I’ll rebuild it and strip it down so it’s better suited to the new role. Asterisk expects to run as root (hopefully this will be fixed in a future version), so I need a shell open there as root to get an Asterisk console. I use an SSH shell for that, but logging in every time is a nuisance.

The other shell that I often keep open over SSH is a connection to my web server at 1and1. SSH access on the server makes many things far easier, including backups and quick tweaks to PHP code. Again, logging in repeatedly is a nuisance but I refuse to set a weak password.

My solution on my old computer was to use host keys. Host keys make things easy and still maintain a pretty high level of security. I only put host keys on computers that I have control of, like the ones in my home. My rationale is that if someone can get at the computer in my house then I’ve got bigger problems.

So, with a new computer and a fresh Linux install, I have to remember how to make a host key. I could probably reuse the ones from my old computer but a host key should be tied to a particular host, right? Read the rest of “Making Keys and Simplifying SSH from one Linux box to another”…