Programming, life, oddities http://blog.tel-cor.com/ Fri, 04 Jul 2008 20:12:51 +0100 FeedCreator 1.7.2-ppt (info@mypapit.net) [p]For two years now my testing platform has consisted of half a dozen physical machines (running a mixture of [url=http://centos.org]CentOS[/url] Linux and [url=http://freebsd.org]FreeBSD[/url]) and two powerful servers running [url=http://www.vmware.com/products/server/]VMware server[/url]. During that time I've had a couple instances to introduce [url=http://xen.org]Xen[/url] into the mix, but never on a permanent basis, usually due to time constraints. With two people my department now, I've had the opportunity to setup a more permanent Xen server. The Host itself is modest: AMD 3800+, 3 GiB RAM and A few hundred GB of Drive space.[/p] [p]The VMware server experience has soured me on the OS-in-a-loop-back-file method. Yes it can support [url=http://tldp.org/HOWTO/LVM-HOWTO/]LVM[/url] partitions, but only with some trickery, which I don't want to do. Xen, however, needs no trickery.[/p] [p]With the help of LVM and images from jailme.org, I've been working out a nice routine which I will eventually automate. The process itself is rather simple:[/p] [list=1] [*] Create a new LVM partition for the OS ( e.g. lvcreate --size 20G -l OsName GroupName ) [*] Create a new LVM partition for swap ( e.g. lvcreate --size 1G -l OsSwap GroupName ) [*] Format the OS partition ( e.g. mkfs.ext3 -L OsPart /dev/GroupName/OsName ) [*] Format the Swap partition ( e.g. mkswap /dev/GroupName/OsSwap ) [*] Mount the Jailme.org image ( e.g. mount -o loop image.img /mnt ) [*] Mount the OS Partition ( e.g. mount /dev/GroupName/OsName /xen ) [*] Use rsync to copy the image contents to the OS Partition ( e.g. rsync -aP /mnt/* /xen ) [*] Make changes to some configuration files on the OS Partition [*] Unmount the image and OS Partition [*] Customize the Xen configuration file [*] Start the image [/list] [p]My requirements only necessitate having a few setups like the above. My goal in automating the process is not just to remove the tedium, but to improve the speed. With a rough estimate, I think the above could be automated to occur in less than 10 minutes (accounting for load on the system).[/p] [p]Once that is automated, my next goal is to tackle taking 'snapshots' of the Xen guest. I'm still undecided as to the exact method, although I am currently leaning toward creating a tarball of the partition.[/p] [p]After a very long hiatus, I'm working on Loquacity development again. This past year has taught me something: don't shoot for the stars. Having a road map is very useful, but it must be realistic according to the resources at hand.[/p] Since there is only one developer, myself, I need to restructure my goals and the road map to reflect that. Hence, many features I've planned for Loquacity 1.0 will not be. What I am considering is:[/p] [list] [*] cleaning the current code [*] fix known bugs [*] removing code/features that don't work [*] make the installer work near flawless [*] release [/list] [p] Along with the above, I need to remove people from the project that never did anything. This is more a management type thing, only on Berlios.[/p] [p] To start, I've fixed a nasty bug in the Comment admin interface. The SQL statement to retrieve the comments was very broken; a junior level mistake that caused a match of [b]LIKE "%"[/b]. Of course, that won't work.[/p] [p]Deleting comments is much faster now, as some redundant queries were removed.[/p] [p]In the interests of improving the speed of Loquacity, I've begin keeping a list of Database tables that need indexes added. These changes will be implemented in the Upgrader and base Database schema.[/p] [p]One of the problems inherent to using an Apache Module in a shared web hosting environment is the fact Apache modules gain all the permissions of Apache. Hence, using something like PHP as an Apache module can create serious security vulnerabilities. Since the PHP scripts run in the Apache context, users can easily cause problems (e.g. peeking in other users' directories, overwritting other peoples files, etc). The easy way to solve this issue is to run PHP as CGI only. This means a user's scripts will run in the context of the user's permissions, rather than Apache's.[/p] [p]Running as a CGI presents other problems. For example, the majority of 3rdparty PHP Applications assume one is running PHP as an Apache module. To use a script via CGI, one has to use something called a she-bang. The first line in the script is a special line that points to the binary that actually executes the script. Thus, if the PHP CGI binary is /usr/bin/php, then the first line in the script must be:[/p] [code] #!/usr/bin/php [/code] [p]Another (mainly superficial) problem is often CGI scripts must be placed in a cgi-bin directory. This means the URI to your blog won't be www.example.com or blog.example.com but www.example.com/cgi-bin/blog.php or blog.example.com/cgi-bin/ Not exactly pretty. There are ways around that particular problem. There are still bigger problems, even running PHP as a CGI binary: how to lock down the user? You are essentially giving the user a lot of system access (the same is true when running Perl, bash, Ruby and other Scripting languages), how can we prevent a user from stomping all over the system? Even as CGI, the scripts are still executed as the Apache user.[/p] [p]Two common ways are [url=http://httpd.apache.org/docs/1.3/suexec.html]PHPSuExec[/url](*) and [url=http://www.suphp.org/Home.html]SuPHP[/url]. Both provide means of changing the UID/GID of the executing process to that of the end user, and many, many other safeguards. However, they both fail on one common problem with PHP: by default, PHP allows users to place their own php.ini file in their Document Root, which will be used to the exclusion of the system php.ini Thus if you have disabled various functions (e.g. dl, system, passthru, etc), a user can easily override it by dropping a blank php.ini file in his Document Root (typically ~/public_html)[/p] [size=15]Disabling user php.ini files[/size] [p]There are several ways to disable user php.ini files.[/p] [list] [*] Configure php with [b]--with-config-file-path=/usr/local/lib --with-config-file-scan-dir=/usr/local/lib[/b] [*] ([b] Won't work with PHP 4.4.x[/b]) Install the Zend Optimizer [*] ([b] Won't work with PHP 4.4.x[/b]) Create a wrapper script [/list] [p]As noted, only the first option works for all modern versions of PHP. The directory path provided should match where your system php.ini file is located. Once compiled with these options, PHP is essentially "jailed" into using a php.ini file where configure stipulated. One odd thing to note with this, [i]phpinfo()[/i] will lie. Try the following in a user account:[/p] [list] [*] In your user Document Root directory, create an empty file named php.ini\ [*] In a separate file, place [b]&lt;?php phpinfo(); ?&gt;[/b] [*] Access the [b]phpinfo[/b] file via your web browser [*] Note that [b]phpinfo()[/b] reports it is using the php.ini file located in your Document Root [/list] [p]An easy way to verify which is being used is to disable a function in the system php.ini file (such as ini_get). In the user php.ini, override that (disable_functions=). Create a short script that tries to use the disabled function. You'll receive an error stating the function is disabled for security purposes.[/p] [p]What about the other methods? In PHP 5.2.x, installing the Zend Optimizer forces PHP to use the one stipulated in the Zend configuration, thus overriding the user php.ini file. And the wrapper script?[/p] [p]Locate your PHP CGI binary (we'll use /usr/bin/php as an example) and rename it to php-cgi (thus /usr/bin/php-cgi). In the same directory, create a file named php. Give it the same permissions as php-cgi and insert the following contents:[/p] <pre> #!/bin/sh /usr/bin/php-cgi -c /usr/local/lib/php.ini </pre> [p]The -c parameter instructs PHP to use the configuration file stipulated and ignore all others. Astute readers/users will notice this doesn't filter out the possiblility of a user passing -c/path/to/user/php.ini If you are concerned with that, a script similar to the following will work (as contents of /usr/bin/php):[/p] <pre> #!/usr/bin/perl -- use strict; use warnings; die '-c not allowed' if grep { $_ } map { $_ eq '-c' } @ARGV; exec( qw(/usr/bin/php-cgi -c /usr/local/lib/php.ini), @ARGV ); </pre> [p]Now, if a user attemps to pass -c/path/to/user/php.ini to the script, it will die. If done via a web-accessible script, Apache will return a 500 error and the die message will be in the error_log The use of Perl is just an example, you could do something in BASH, Python, C or whatever. Unfortunately, PHP 4.4.x ignores -c when compiled as a CGI binary, hence this trick only works on PHP 5.[/p] My First Program [p]Back in 1998 I took my first job in "the industry": an EDI Clerk/IT Assistant. Being completly self-taught, from the corner or nowhere, I was extremely happy to have the job. It offered potential to learn about the IT field and would give me real-world experience, not only in solving problems, but dealing with users in a manufacturing environment.[/p] [p]Soon after being hired I was introduced to "Sears day." This referred to every Wednesday when the Company shipped the orders to Sears, and only Sears. At that time, and still today, Sears has some of the worst Shipping requirements of the large retailers. It was nothing for them to generate 300+ 2 line orders, with a total value of ~USD$50 per order. To process the orders, from receiving them to closing the door on the truck, was very taxing. True, part of the processing was like ever other order, but there were aspects of the Sears orders that were unique.[/p] [p]For example, the Bill of Lading required a manifest, which was merely a list the cross-indexed each order with the Distribution Center (DC) that would receive the order. The stack of orders needed verified with the Manifest to be certain each was routed properly. This was done by comparing the order number and DC number as printed on the order, with the same information printed on the Manifest. The comparison was needed because the manifest was keyed to the Bill of Lading number. The Bill of Lading number was not known at time of order, but rather generated (read: invented by the Shipping Supervisor using a consistent pattern) when scheduling the pickup with the Carrier.[/p] [p]That was not the only comparison, two additional reports were generated, each needing data matched with the order, all to ensure correctness. To make matters worse, the entire cross-referencing was performed manually. It would take four people, myself, the shipping clerk, the IT Manager and the Assistant Plant Manager, the full ten hour work day, at minimum, to perform the entire process. Something needed done, the entire process was error prone, highly repetitive and consumed too many resources.[/p] [p]Taking stock of the situation, I considered the tools available. My workstation used DOS 6 and Windows 3.11. Our ERP (Enterprise Resource Planning) system was accessed via a Terminal application. Joy of joys, the Terminal application, [url=http://www-306.ibm.com/software/data/u2/wintegrate/]wIntegrate[/url] could be scripted. The script file was a simple text file containing the raw text commands one would actually perform when using the ERP System. All I needed to do was find a way to take the order numbers and generate the necessary script.[/p] [p]The problem was there were no development tools available, save two: DOS Batch and MS Word. Being young, green really, I chose the lesser of two evils: MS Word. On reason I chose it was for the eroneous view 'If someone else needs to use this program, they will be more comfortable using MS Word than typing a command on the commandline.' A noble thought in a sense, but ultimately wrong[*] Thus in the end I use MS Word to generate the necessary script. It was simple really using built in [url=http://msdn.microsoft.com/vba/]VBA[/url] to process information in a loop and generate a plain text file.[/p] [p]Given:[/p] [list=1] [*] A list of order numbers, newline separated (\r\n on DOS/Windows) [*] The Bill of Lading number [*] The Carrier [url=http://nmfta.org/StandardCarrierAlphaCode/tabid/59/Default.aspx]SCAC[/url] [*] Quantity shipped on the order (this was simple as all orders had the same quantity) [/list] [p]the "program" generated a script which processed every order and generated the necessary reports. With that automated, the cross-referencing could happen sooner since the majority of resource consumption was in the data-entry.[/p] [p]After performing a few test runs, I was ready for the next Sears Day. Wednesday came, I took the stack of orders and went to my workstation. Earlier in the week I had generated the text file with the order numbers. Using a variation of my VBA Program, I had created a script that automated the generation of the shipping labels. Its successful execution told me my Program was capable of creating wIntegrator capable scripts. As everyone bustled around beginning their work day, my work station was busy feeding the script to wIntegrator.[/p] [p]Within 10 minutes every order was processed and the reports were generated. Printing all the reports took another hour, cross-referencing, another hour (you can really tell now what took the bulk of time: order-entry). By first break (9:30), the entire process was done. Around the same time my boss came rushing into my office. She had just remembered it was Sears Day. One can easily image the surprise she experienced when I told her everything was done. After a few minutes of checking everything herself, she left.[/p] [p]We continued using that system the rest of the shipping season. The following year they replaced the old Unix-based ERP with a newer system, one that was far more data-intensive and not scriptable. Plus different routing requirements caused further disruption to the previous flow rendering my continued automation worthless.[/p] [p][url=http://www.joelonsoftware.com]Joel[/url] presents a very fine analysis of the situation: should highly visible bloggers accept gifts?[/p] [p]His conclusion? No, because such gifts amount to a bribe. With this I agree. Afterall, the same metric is often applied against other people in 'positions' of trust. Public Officials, for example must follow explicit, detailed guidlines when accepting gifts, especially gifts that are intended to sway the opinion of the receiver, or those the receiver has dealings with.[/p] [p]However, one scenario makes me wonder? What if the [url=http://www.microsoft.com]Microsoft[/url] laptop arrived on Mr. Spolsky's doorstep unannounced, without accompanying instructions. To me at least, this is a different dynamic, a gift without strings, if you will. Under such circumstances, I could see acceptance as being ethically valid. Of course, who could expect a [url=http://www.edelman.com]Public Relations[/url] to do something like that?[/p] [p]A new feature available in [url=http://www.loquacity.info]Loquacity[/url] alpha2 is automatic backups. The data in your database, along with your configuration file, will be archived:[/p] [list=1] [*] During software upgrades [*] Periodically [/list] [p] That should provide plenty of safeguards for a person's data, as long as the backup is downloaded.[/p] [p] Later I want to extend the backup management to allow 3rd parties to provide plugins that allow a person to backup other items. For example, if a 3rd party creates a photo album plugin, part of the plugin could be a module that causes the backup to also include the photo albums.[/p] [p]My workplace recently bequeathed a G5 Mac to me, my first "real" Apple computer. With it came two mice:[/p] [list] [*] A mighty mouse [*] A wireless mighty mouse [/list] [p]After using the Mighty Mouse for a couple months, I can honestly say this is the worst mouse design I've ever used. Oh, don't get me wrong, aesthetically, the mice are very appealing. My Microsoft and Logitech mice cannot compete with the smooth curves and the simple lines of the Mighty Mouse. The Mighty Mouse is somewhat comfortable, albeit a little on the small side However, the Mighty Mouse is a very poor performer. What do I mean by this?[/p] [p] The Mighty Mouse is not designed to be functional. Consider the buttons. It has a total of four buttons:[/p] [list=1] [*] Left Mouse Button (LMB) [*] Center Mouse Button (CMB) [*] Right Mouse Button (RMB) [*] Side "Squeezable" Button (SSB) [/list] [p] The first three require precise placement of the fingers inorder to work properly, except for the left mouse button (note: I'm using the mouse right-handed). More often then not, when I attempt a RMB Click, the mouse produces a LMB Click. Only after several attempts do I obtain a RMB Click. This also happens, although with less frequency, when I attempt a CMB Click. It's always the LMB Click the mouse generates. It happens with both mice. The SSBs are merely a joke. Attempting to use them is an exercise in finger contortions that usually result in generating LMB or RMB Clicks before a SSB Click.[/p] [p]After more than two months of this, I'm returning to my Logitech mouse, which never gave me such issues. Please Apple, make your hardware functional as well as aesthetic.[/p] [p]Wow. I just experienced a major bug with Loquacity and it cost me a post. Apparently the Edit Post function is seriously broken. It destroyed all the record data in the database.[/p] [p][i]--edited November 6, 2006 06:10 PM[/i][/p] [p]Just a quick note that this blog is now using the pre-release version of Loquacity-alpha2. The only items needed accomplished to release -alpha2 are:[/p] [list=1] [*] Timezone handling [*] OpenID client [*] TypeKey [/list] [p] Items 2 and 3 will appear as plugins while item 1 will be integral to Loquacity.[/p] [p]During the past few weeks, I've had opportunity to install more than my fair share of GNU/Linux distributions. Indeed, likely I installed more distributions the last three months than the prior 10+ years of using GNU/Linux. The distributions installed are:[/p] [list] [*] cAos i386, x86_64 [*] CentOS 3 i386, x86_64 [*] CentOS 4 i386, x86_64 [*] Fedora Core 1,2,3,4,5 i386, x86_64 (for 3,4,5 only) [*] Debian 3.1 [*] Debian 4-testing [*] Mandrake <=2005 [*] Mandriva 2006 i386, x86_64 [*] WhiteBox 3 i386 [*] Trustix 2 i386 [*] Trustix 3 i386, x86_64 [*] RedHat 7.3 [*] RedHat 9 [*] RHEL 2.1, 3, 4 i386 [*] RHEL 3, 4 x86_64 [*] SuSE 10 i386, x86_64 [*] SLES 9, 10 i386, x86_64 [/list] [p] Also, I've installed:[/p] [list] [*] FreeBSd 4.11 [*] FreeBSD 5.4 i386, x86_64 [*] FreeBSD 6, 6.1 i386, x86_64 [/list] [p]Each I installed at minimum once, some two or more times. The goal for each install was a workable server, with minimal software, absolutely no Vendor packaged server applications (Apache, PHP, Exim, etc). Developer tools were installed. No GUI, graphical stuff like X.org was installed. Each had the same partition/slice arrangement:[/p] <pre> sda ----- +--tmp sda1 | +-swap sda2 | +-- sda3 </pre> [p]These servers are for testing purposes only, thus the somewhat strange requirements. Following are observations on some of the installers:[/p] <h2>CentOS/Fedora/RHEL</h2> [p] Easy to use. Nothing hidden. Great for installing whether using the graphical or text mode installer. Allows near full control over everything installed, including disabling the Firewall and SELinux, which is great if you have your own configuration/preference for such things.[/p] [p]The update tool was almost fully configured at installation end. GPG keys needed imported and anything handled by the Legacy project needed reconfigured.[/p] <h2>Mandrake/Mandriva</h2> [p] Likes to hide as much as possible. The Text mode installer is abysmal. When partitioning a disk, when finished tehre was no obvious means of progressing to the next step. If you don't have a floppy drive (or handy floppy), don't try to save the partition information as the installer blindy tries to write to the floppy and throws continual errors requiring a restart of the system.[/p] [p] Their security stuff (msec) is impossible to disable during install. You have to do it after the first boot (msec 0). The Corporate Server does not include the ability to install Developer Tools during installation (the Developer Tools package only installs LSB), requiring a manual install after first boot). The Graphical installer tells you little information about partitions. The partition creation tool uses a slider to change the partition size. This is extremely inaccurate and slow.[/p] [p]The update tool, urpmi, requires configuration after first boot in order to download updates.[/p] <h2>Debian</h2> [p] Allows control over nearly every aspect of the installation. I'm slightly biased because Debian is my preferred distribution. The installer is easy to use and keeps getting better and more flexible. One annoyance, the installer [b]requires[/b] a user be created. It will not progress unless that criteria is met.[/p] [p] The update tool was fully configured after install, ready to use.[/p] <h2>cAos</h2> [p] Very easy to install, despite their unique installer: sidekick. No complaints here. Adequate control over everything during installation. The update system was ready to use by the end of install.[/p] <h2>FreeBSD</h2> [p] The install is very easy to use, but very fragile. The slightest thing, such as inability to access an FTP site, placed the installer in a broken state, requiring a reboot and restart of the process. It seems the newer version of FreeBSD (5.5, 6.0, 6.1) have this problem. Other than that, one has full control over the process, enabling and disabling what one wishes.[/p] [p] The package management system sometimes needs configuration after install. Ports often need upgraded.[/p] <h2>WhiteBox 3</h2> [p] The oddest of the odd. It is based on RedHat, so should work the same as CentOS, Fedora Core, etc. But it has issues. I counted a minimum of 10 times the installer had me switch between CD 1 and CD 2, for a minimal install. I stopped counting after 10.[/p] [p] After those notes, I leave you with this: the Mandriva installer should be scrapped. It is terrible. It's one thing to hide functionality to make the process smooth, its another for the functionality to not exist (why can't I disable msec during install? why is urmpi not configured? No, configuring to use the CDs is not adequate).SuSE is not better in that regard (aside from SLES) as [i]you[/i] is configured to use the CDs. Bad, very bad.[/p] [p]And that is my opinion, after umpteen installs.[/p] [p]Recently, [url=http://www.borland.com]Borland[/url] [url=http://www.eweek.com/article2/0,1895,2000205,00.asp]announced[/url] the revival of their "Turbo" line of products. This was the line of products that made the company famous, in the day. TurboPascal, then TurboC, TurboBasic and other languages. Inexpensive, powerful development environments and toolkits.[/p] [p]Anyway, you can find more details elsewhere. What struck me is how humorous their [url=http://www.turboexplorer.com]TuborExplorer[/url] website is. Each product page is obviously made from a template. I don't mean just the layout and color scheme, which is expected. I'm talking about the content. Go ahead, look for yourself. Compare the [url=http://www.turboexplorer.com/delphihome.htm]TurboDelphi[/url] page with the [url=http://www.turboexplorer.com/cpphome.htm]TurboC++[/url] page. Only the products names are different. Nice. Makes the entire site feel like one giant press release.[/p] [p]The last few weeks, I've observed my blog, waiting for comment spam to occur. It finally did. My blog software is [url=http://www.loquacity.info]Loquacity-alpha1[/url], which is a continuation of [url=http://www.bblog.com]bBlog[/url] as mentioned earlier.[/p] [p]At this point I'm not certain if spammers are able to bypass the captcha or whether its due to a coding error (for example, not actually checkign the captcha). My guess though is spammers are using the well known work around for captchas: bribe "innocent" people to type the captcha for the spambot. An easy way to test this is to:[/p] [list=1] [*] View the web service log for captcha requests [*] Use leech protection to prevent captcha linking [/list] [p]This will let me know if they are simply using the circumvention, plus will prevent it.[/p] [p]At work, I'm in charge of putting together two "massive" [url=http://www.vmware.com]VMWare[/url] servers for developers, QA and tech support. These servers will be duplicates of each other and are using the free version of VMWare server.[/p] [p]Each server will have 5 VMWare guest installations of every operating system we support, not counting MS Windows. That's about 15 - 20 different *nix operating systems, multiplied by 5. Each install consists of the following:[/p] [list] [*] A [b]clean[/b] install - only the os [*] [b]CURRENT[/b] release of our software [*] [b]RELEASE[/b] version of our software [*] [b]EDGE[/b] version of our software [*] [b]BETA[/b] version of our software [/list] [p]Now, VMWare images are comprised of text and binary files. The text files contain primarily configuration data. This means, after a [b]clean[/b] install, I copy the files to a new directory, modify the config data, and fire up the guest to isntall our software. Stil, this is very repetitive.[/p] [p]The past few days, I put together a script, now working, to automate this. It does the copying and the config modification. However, I knew I could go further so I altered it to generate a new blank guest image a configure it to use an iso file for the CD. For [url=http://www.redhat.com]RedHat[/url] based systems, it maps a floppy image with a kickstart file to the floppy drive.[/p] [p]My goal is to automate 80-95% of the process and make it so an entire new image can be created with a click of a button. Once I get that done, I'll make a web interface.[/p] [p]Just fixed a bug with my installation of -alpha1, totally my mistake. I never populated the character set range for the Captcha. This caused the captcha to never randomize, giving the same "phrase" on every visit.[/p] [p]Now, visiting my blog, I notice my categories are not displaying. This could be one of two matters, or both:[/p] [list=1] [*] Caused by the change in data passing from the database to the plugins and templates [*] I'm using the incorrect call in my template to access the data [/list] [p] This should be rather easy to decipher[/p] [p]On a different note, the [url=http://loquacity.info]Loquacity[/url] project is functioning, however we are in a severe pinch for helping hands. Developers, testers, forum moderators, documentation writers and more, we needed all who can help. If you have ever been interested in working with an Open Source project, we are waiting for you. The code base is mall, easy to understand and we aim to keep it that way. The current team is friendly and willing to accept new help. Come and join us at the [url=http://forums.loquacity.info]forums[/url][/p] [p]Wow, a lot of stuff has happened in the few weeks since my last post:[/p] [list] [*] The [url=http://www.loquacity.info]Loquacity[/url] is up and running (we need more help) [*] The first release of [url=http://www.loquacity.info]Loquacity[/url] occured: [url=http://developer.berlios.de/project/shownotes.php?release_id=10163]alpha1[/url] [*] Work became busy, busy, busy. Due in part by me being the only person in QA now [*] I had to do a lot of work to organize and launch [url=http://www.loquacity.info]Loquacity[/url]. This is my first time as a project manager. Fun so far, but hard work [/list] [p]We are currently under way toward an alpha2 release, just the major features from the [url=http://forum.loquacity.info/viewtopic.php?t=3]roadmap[/url] and fixes for bugs introduced in [url=https://developer.berlios.de/project/shownotes.php?release_id=10163]alpha1[/url]. [/p] [p]One of my goals for Loquacity (ne: [url=http://www.bblog.com]bBlog[/url]) is to improve comment security. Meaning, put as many tools in the hands of blog authors/owners as I can so they can secure their commenting against spam. usually this involves things like captchas.[/p] [p]Some though prefer to use a login system to verify a commenter is legit. While researching this tonight I discover the [url=http://www.typekey.com]typekey[/url], a service provided by [url=http://www.sixapart.com]SixApart[/url], the makers of [url=http://www.moveabletype.com]Moveable Type[/url], one of the best known blog systems. Perusing their site, I noticed information about a professional network, which appears to give you what is needed to implement [url=http://www.typekey.com]typekey[/url] on your own site.[/p] [p]Hoping I could find a way to add it to Loquacity, I created a typekey account, went to the home page and tried to join the professional network. Several times. Using different browsers. Firefox brings me to a blank page, IE brings me to a 404 page. Nice.[/p] [p]My continuation of [url=http://www.bblog.com]bBlog[/url] I have renamed to Loquacity (from loquacious). I'm preparing to release version 0.8-alpha1, which includes these changes:[/p] [list] [*] Unified comment and trackback handling (both have same checks for example) [*] Captcha [*] Migration to [url=http://adodb.sf.net]ADODB[/url] for Database simplicity [*] Separate code into logical units (e.g. a commentHandler class that handles all things comment related) [*] Reorganization of the filesystem heirarchy [*] No HTML in the core engine [*] Newest version of Smarty [*] Easier to upgrade 3rd party libraries [*] Replacing Magpie with FeedCreator for feed generation [*] Bug fixes galor [/list] [p]I'll post here and the bBlog forums when the release is ready[/p] [p]Work is starting again on PowerBlog. Why the silence? Because I switched jobs and moved...again.[/p] [p]Anyway, I'm beginning work on PowerBlog again and may change the working name, because I don't want any thing associated with my name :)[/p] [p]Examining my logs show I still get a sizeable number of visitors from [url=http://www.bblog.com]bBlog[/url], which is one of the reasons I'm continuing this work. It fills a need.[/p] [p]One thing really needed in the Linux space is a corresponding setup like [url=http://www.microsoft.com/windowsserver2003/sbs/default.mspx]MS Small Business Server[/url]. For those unfamiliar with SBS, here are some quick bullets:[/p] [list] [*] Windows Server 2003 [*] Exchange [*] ISA [*] Easy remote access to desktop (Remote Web Workplace), Email (Outlook Web Access), Intranet files, and more [*] Inexpensive (USD$600 for 5 clients) [*] Very well integrated [*] SQL Server on t Premium version [/list] [p] Now, the various Linux distros can easily compete point by point, but not in an easily configured, integrated manner. The admin tools are excellent for small companies. By answering some 42 questions during install, the OS, email, firewall, DNS, Active Directory and remote access are configured. While 42 seems like a lot, this is targeted at companies and small IT departments, not the user that jumps into things without planning.[/p] [p]I would very much like to see a solution similar to SBS from the Linux world. Especially one that is inexpensive (note: I am not refering to support contracts. Such is not included in the SBS cost), and easy to setup (you can completely install and configure SBS in a couple hours).[/p] [p]After a long hiatis, a cross-country move and many other events, I decided two things:[/p] [list] [*] I could no longer be involved in a group development environment, as my schedule is to sporadic; this means I no longer am one of [url=http://bblog.com]bBlog[/url]'s developers [*] To keep my PHP skills honed, I'm developing a 'private' version of [url=http://bblog.com]bBlog[/url], which I call PowerBlog (because my last name is Power). [p]What have I accomplished so far? Well, only 2 hours of work :) seriously, the following changes:[/p] [p][b]Archive Admin[/b] The Interface for Archive administration is a bit more powerful. Each article in the list is a two-line entry, rather than the one line in current bBlog (0.7.6). The second line contains admin functionality for the article. Currently you can toggle the Comments allow/disallow for an article.[/p] [p][b]Comments Admin[/b] The number of select lists needed to filter comments are reduced to two: amount and specific articles.[/p] [size=18][b]Future[/b][/size] [p]For the future, my plans are:[/p] [list] [*] Make it easy to place the application data outside the document root [*] Migrate to ADODB for the DB layer [*] Simplify the bBlog class [*] Reduce/remove redundancy [*] Strengthen comment/trackback handling [*] ..whatever else comes to mind [/list]