Category: Software development

JQuery AJAX POST Sending Only Partial Data? Try URL Encoding. 7

JQuery AJAX POST Sending Only Partial Data? Try URL Encoding.


JQuery is a great JavaScript framework that makes web developer life much easier. But like all framework, you need to learn its gotchas in order to work effectively with it. Here is one of those gotchas –

Jquery POST method lets you create Ajax HTTP POST request to the server. It is actually a shorthand to the JQuery Ajax method:


$.ajax({
  type: "POST",url: "save.php",
  data: "param1="+paramValue1
  +"&param2=paramValue2",
  complete: function(){ }, //manage the complete if needed
  success: function(){}}//get some data back to the screen if needed
});  
How to: Automatic User Login in CakePHP 1

How to: Automatic User Login in CakePHP

Sometimes you need to enable silent (implicit) login for your users. A good example of this would be this – after a registration process, you would want to automatically login the user, rather then having him retype the user name and password.

In CakePHP there is a simple method in the Auth components that lets you login on the user’s behave.

Here is how it is done:

img_wysiwyg_editor 0

IPWEditor – In-Place WYSIWYG Editor 1.2.1 Released with TinyMCE bug fix and more


IPWEditor provides easy in-place editing for Web pages with a layer of WYSIWYG. It allows you to seamlessly replace text on Web pages with inputs for on-the-spot editing.

Up until now IPWEditor did not support TinyMCE advance settings, due to a minor bug found and resolved by the community.
This release incorporates this bug fix and adds additional documentation around the ‘cancel’ functionality.

Security issue in CakePHP code documentation 5

Security issue in CakePHP code documentation

I have been using CakePHP for a long time now and enjoy every second. It provides a productive, easy to use and well document platform for PHP application. The key advantages for me are – transparent OR mapping, a strong Model View Controller framework, and tons of extra utilities that make your life better.

I have came across a possible security issue in one of cakePHP code examples. This section of code is responsible to authorize or un-authorize clients access to a certain action (MVC flow)

action == 'delete') {
            if ($this->Auth->user('role') == 'admin') {
                return true;
            } else {
                return false;
            }
        }

        return true;
    }
?>

The major security rule this code is breaking is – never ever have ‘return true’ as a default for an authorization method.

Forget About Software Configuration, Settings and Options – Choose the Right Defaults 0

Forget About Software Configuration, Settings and Options – Choose the Right Defaults

Common pitfall – “I am not sure what to do…. let’s make it configurable”

You hear this all the time in software companies – Some business analysts, developer or product manager trying to solve a dilemma in software development by pushing the decision to the end user side. “Let’s make it configurable” seems like a get-out-of-jail free card if you can’t make you mind about colors, screen layout and many other hard choices we have to make many time when designing our software.

CakeOTP 1.0 – Secure, Expirable, Table-less One Time Password for CakePHP Released 0

CakeOTP 1.0 – Secure, Expirable, Table-less One Time Password for CakePHP Released

CakeOTP is a secure, table-less and expirable implementation of One Time Password for the popular CakePHP development framework.

A one-time password (OTP) is a password that is only valid for a single login session or transaction. It is commonly used in the internet for registration and password reminder process in which OTPs are provides to the user in a form of a link that the user uses to access in order to create/reset his password.

The problem is that most one-time password implementation involve maintaining additional database tables and batch process that handle the persistence and expire date of the one time password. This adds complexity and reduces performance.

CakeOTP is a simple and clean implementation of one time password. It reduces complexity by removing the redundant SQL calls and DB batch maintenance while still keeping the one time password secure and expirable.

Download this release here.

Checkout the Online Demo, project page and getting started page.

Google to present at the Wellington Architect forum 0

Google to present at the Wellington Architect forum


Our speaker will be James Tarquin, Enterprise Architect with Google.
He’ll be speaking about the “Key challenges with cloud services”, specifically security, change management and reliability.

Get copies of the flyer here both a thumbnail and a high-res copy are available here.

When: 2nd-Feb-2010 (Networking from 12 noon, formal session from 12:30 till 1:30pm)
Venue: Optimation Boardroom, 1 Grey Street, Wellington (New Zealand)

Morphfolia – A New Open Source CMS is Born. 0

Morphfolia – A New Open Source CMS is Born.

My friends, Adrian Kearns, finally released his excellent CMS, Morphfolia, as an open source project.

Morphfolia is two things:

  • A Content Management System (CMS)
  • A web application framework (for the typical Microsoft ASP.NET stack)

Morphfolia provides a suite of tools and capabilities that make website development and management flexible and easy.

This is achieved by a mature architecture and good design principles; the pages, content, page-layout and look & feel are all separated.

Content is served by HTTP Handlers, and APIs exist to support “standard” ASP.NET WebForm development so that your custom forms are consistent with the other content.

It provides (amongst other things) a built-in search engine, auto-generating site map, content indexes, web traffic monitoring, centralized system and audit logging.