Jump to content

gushort

gushort

Member Since 05 Jan 2011
Offline Last Active Jul 30 2016 10:14 PM

#147744 Handling simple HTTPS POST form submits on static sites?

Posted by gushort on 30 July 2016 - 08:45 PM

I've started using Surge.sh to quickly publish one page websites with a simple one email field form (action='https://signup.web.site'method='POST'), and I was just wondering how I can handle the POST response code returned, without resorting to using Ajax. I just want to let the user know whether their form submit was accepted, or not.

 

Thanks




#143646 Anybody here actually written an Android/iOS app?

Posted by gushort on 26 July 2014 - 05:25 AM

I'd like to know how hard it would be to create an app that would basically emulate Twitter basics, without the public part. Basically messaging a photo taken by the device, along with some short text (twitter sized), really nothing more I think. And, no just reverting to email is not an option because I want to make it as simple as possible for the end-user (one of the contributing factors to Twitters success I'd say :) ). I thought about SMS, but since its just playing around I don't really want to pay for bulk SMS.

 

Anyone know how hard or what options, native app or maybe just mobile web app (but how would using the devices features be done)?

 

Not sure if the above makes sense, because as usual I'm doing this at 6am and haven't been to bed yet :D




#142700 URGENT: Heartbleed

Posted by gushort on 19 April 2014 - 06:01 PM

Not sure if anyone else posted this, but the best way I found to see if any of my VPSes were still vulnerable or whether they had bee patched successfully was to run (no need for root or sudo):

openssl version -a

and verify that, at the very minimum, the built on line shows a date on or after: 

Mon Apr  7 20:31:43 UTC 2014

NOTE: If you happen to be running a Ubuntu version (say 13.04) whose sources.list file will not point to a repo with up-to-date OpenSSL builds, be sure to follow the instruction in this gist (I had two 13.04 servers, and spent hours trying to figure out why they did not update OpenSSL :(  now I know the reason to stick with LTS builds :D )

 

IMPORTANT: When rebuilding/issuing your certificaes, DO NOT use the same passwords for your cert key files

 

Then after you have verified OpenSSL has been updated be sure to revoke, then re-issue, all your:

  • website certs (check Nginx/Apache conf files for references)
  • email certs (TLS/Dovecot/etc)
  • and have a look in /etc/ssl/certs for cert file names, it may remind you of something you have forgotten
  • if possible, reboot your system, or at the very least be sure to restart any service that depends uses OpenSSL (ie. Nginx)



#138124 Thinking of signing up for a CloudServer...

Posted by gushort on 04 September 2013 - 09:01 PM

Just a quick update.

 

So, I initially just signed up for the AWS EC2 free one year trial to get 'my feet wet' setting up and using a VPS for some testing websites, but moved on to other quickly...

 

Luckily, my home system and laptop have been OSX based for the past few years, which meant I had some very minimal experience with Unix (OSX Terminal) but was quite comfortable with a command prompt due to my DOS origins. Since I'm really just doing this in my spare time (which fortunately I seem to have had a lot of these past couple of years  :P ), it did take a little while to get a good grasp working in a purely Unix/Linux environment and getting to know it base utilities and terms. But, at this point, I am quite comfortable installing, securing (all though I do realize there is still a lot more to do in this area), and maintaining an Ubuntu server, with either Apache or Nginx as its web server. I have my Ruby/Sinatra/Static site publishing system, using Git/Passenger/RVM, working great.

 

I've got about five VPSes on the go right now, and have pretty much abandoned the AWS EC2 option. I started with BlueVM, but stopped using them after finding BuyVM, which has been my main 'stable' VPS and favourite due to their $1/mth MySQL server service and great support with continual upgrades to their services. I then picked up a cheap BitAccel VPS ($38/year for 1GB 1 3.4CPU, 1TB BW, 30GB HD) which has been quite responsive so far but has a lousy control panel, next was a chea RamNode server ($30/yr 256MB 90GB HD 1TB blah blah blah ) that I use to test anything before adding to my main install script.

 

After playing around with those for a while, I came across WeLoveServers, and picked up a couple of their $20/year (1GB RAM 1TB 30GB HD) anniversary specials. I love the WLS control panel which includes easy DNS setup. I may pick up another one before they run out, just to see the difference in speed/response from various locations (they include West coast, East coast US, and London). I also grabbed a DigitalOcean account with an unused $20 balance, that I will give a try one day, just to test out their droplet and backup system.

 

Using Bash scripting and Expect, I've pretty much automated all my installs/re-installs and reboot/shutdown/status  API calls (only BitAccel didn't have an API), so all VPSes have a consistent environment across the board.  I've set it up so that I just copy a VPS config file (named provider_name-server_name.cf) from the /available directory to a /process directory to make them available to the scripts setup menu and chose to either install all at once or one at a time (from selecting the profile to rebooting the hardened VPS, no interaction is needed and each install takes about 15 minutes), upon completion each config file is stripped of its passwords and API keys and moved to either the /done or /error directories, depending upon messages received. Along with removing password auth and disabling root, plus changing SSH port numbers (among other security tweaks) it also generates unique SSL certificates, on the server during the automated setup, for https connections. After I have polished it up, and have some more time, I will upload it to github and post the link here.

 

The journey would have been a lot harder, and much more frustrating, without the help from the members here, so I just wanted to thank everyone :)




#135738 cPanel VPS Adding Domain using BuyVM Free DNS addon

Posted by gushort on 01 May 2013 - 06:35 PM

So BuyVM.net offers a Free DNS hosting addon that uses cPanel for DNS management. You have to set the name servers at your domain's registrar to
ns1..ns4.buyvm.net
, which I did. Then you use the Domain Addons widget to add your domains.

Whenever I try to add a domain with the Domain Addons widget, I get the following:

Using nameservers with the following IPs: 199.195.255.66,69.46.65.245,198.98.48.66,205.185.112.66 Sorry, the domain is already pointed to an IP address that does not appear to use DNS servers associated with this server. Please transfer the domain to this servers nameservers or have your administrator add one of its nameservers to /etc/ips.remotedns and make the proper A entries on that remote nameserver.

I checked the whois info for the domain I'm trying to add, and it shows [c]ns1..ns4.buyvm.net[/c\ as the nameservers.

Anyone have experience with this BuyVM addon, or have an idea on what's happening?

UPDATE: I found a couple of threads on other forums mentioning this issue, and they say to wait a few days for the DNS to propagate. So I'll do that and see what happens...


#134556 Malware friendly Android

Posted by gushort on 09 March 2013 - 02:43 PM

The solution should be quite simple, 'out of the box' your SmartPhone's OS should be like iOS (sandboxed, restricted, etc.). However, the OS should also offer the phone OWNER an option/setting, that is not very simple to change (maybe a reset holding down various buttons or a system password protected setting), that will make app installation more like Android.

Note: I don't actually have an Android, so I'm not sure what you have to do to install and use an app, but I would assume it should just be a clear end-user confirmation of intent to install a new app.

I feel that Apple has been moving towards taking more control of the OS, and apps running on it, so that ultimately they will be able to ensure no app will be able to play/view/whatever data from unverified sources (ie copyright enforced). Google isn't forcing their end users to move in that direction because they don't have as much invested in selling you copyrighted material. Of course, that's just my opinion :)


#132071 How to merge two live databases to make one?

Posted by gushort on 15 December 2012 - 07:39 PM

First determine what each database system is (MySQL, PostgreSQL, others ... maybe even dBase or Access), the type of system you want to end up using, and the structures of each database.

Next, before you look into combining them, go over all their structures and decide what tables, relationships, indices you will have in the final combined database.

If your final db will be an SQL type system, you should read up on SQL commands. You should be able to create your final model and populate it all using SQL.

After you've done the first two, post here again with your progress..


#132070 UTF-8 encoding and international character sets.

Posted by gushort on 15 December 2012 - 07:27 PM

All my SQL databases use UTF-8, and I thought that would be fine for international character sets, is it?

The reason I as, is that I had a CSV file in MacRoman, which I converted to UTF-8, and ended up with all international (ie French accented) characters turning into unreadable characters (diamonds with question marks and square root symbols, etc).


#129857 Any good jquery/js Google Maps plugins out there?

Posted by gushort on 14 September 2012 - 11:23 PM

But jQuery is JS o.O I'll have to read this thread when I'm not tired I guess. There could be some better syntax and some nice wrappers for google API but they're great developers and I wouldn't want to abstract it. It generally only takes a few lines. Unless you're talking about the modal in which case that is pretty much just CSS.


As stated above, initially (before I started this thread) I didn't see the "Directions" part of the Maps API in their documentation. So I wasn't aware of its existence ... now that I am, I am no longer looking for a substitute. All is well in the directions department :P .... now I'm working in the "responsive map_canvas resize" department :blink:


#125020 Site "Splash Screen/Curtain" CSS problem.

Posted by gushort on 11 July 2012 - 11:42 AM

I found your problem, you're creating a useless and annoying page. Think, what purpose does this serve? It just makes the user click a link/button before they even get to the content.


How very helpful of you.

If you had actually read the post, you may have noticed this part: "and was asked to integrate a splash/curtain screen for the site". He wanted it, even though I recommended against it.


#123635 Reliable Rabbit

Posted by gushort on 20 June 2012 - 11:46 AM

If I were looking for a software developer, I'd care more about who they are than what tools they use. You are targeting a very technical audience here - which might be exactly what you're trying to do, but don't expect any "regular" clients by mentioning Redmine in the third sentence of your introduction ;-)


I agree. Who is your target audience?

Mentioning things like Rspec, Redmine, and Cucumber, especially in the first few paragraphs of your main site page, may just confuse a potential client. The client doesn't usually care what tools you use - if they do, they'll tell you up front about their project's tech requirements. Talk more about how you will help the client turn their vision into a functioning web application, how you will "hold their hand" from start to finish, help with getting their staff up and running with the app, and how you won't abandon them once they've gone "live". Mention how well you work with others, and how familiar you are with all the latest trends and technologies, but also aware that they may not be necessary for their project, and you can point out why.

I also think your header could be slimmed down a bit, it takes up too much space as is. The layout would look better if it adapted (read responsive) to various browser window sizes. When I opened up your site there was a lot of empty space on the left and right sides, plus the "Client portfolio" content was out of view - with the size of my window, and small amount of actual content, I should have been able to see it all without having to scroll down.

And I still think those asteroids look like flying turds :P


#122412 Load flash via javascript

Posted by gushort on 30 May 2012 - 06:20 PM

Doesn't anyone use swfObject anymore?


#122357 Vexxhost.com - anyone been using them long term?

Posted by gushort on 29 May 2012 - 10:37 AM

Thanks for that. After reading it, I think I'll just sign up for a month-to-month plan, and not transfer anything critical from my regular host provider. :)


#118605 Who would like to improve a JS-Bootstrap live form validator?

Posted by gushort on 07 April 2012 - 01:07 AM

Hmm, just took a quick look at the code, and it doesn't look that complex. Seems all that would be needed is to add a function that checks if the "expression" option was passed by the user; if not, parse the input tag for the expression attribute and assign its value to "expression" (and strips the attribute from the tag) if it exists; if no expression attribute exists, then assign the default value of "return true;" to "expression". This would also allow using the expression attribute in browsers that don't support it, I think.

The first part declares the function and assigns default values to the options.

(function(jQuery){
    var ValidationErrors = new Array();
    jQuery.fn.validate = function(options){
        options = jQuery.extend({
            expression: "return true;",
            message: "",
            error_message_class: "help-inline",
            error_container_class: "control-group",
            live: true
        }, options);

The following assigns a unique ID to each field being validated and creates an array to hold the field's ValidationErrors .. I think

var SelfID = jQuery(this).attr("id");
        var unix_time = new Date();
        unix_time = parseInt(unix_time.getTime() / 1000);
        if (!jQuery(this).parents('form:first').attr("id")) {
            jQuery(this).parents('form:first').attr("id", "Form_" + unix_time);
        }
        var FormID = jQuery(this).parents('form:first').attr("id");
        if (!((typeof(ValidationErrors[FormID]) == 'object') && (ValidationErrors[FormID] instanceof Array))) {
            ValidationErrors[FormID] = new Array();
        }

Default "live" validation acts on each keypress (this section looks like it could definitely be tidied up) and calls the validate_field function to test inputted data. Depending upon result, strips Bootstrap CSS error classes.

if (options['live']) {
            if (jQuery(this).find('input').length > 0) {
                jQuery(this).find('input').bind('blur', function(){
                    if (validate_field("#" + SelfID, options)) {
                        if (options.callback_success) 
                            options.callback_success(this);
                    }
                    else {
                        if (options.callback_failure) 
                            options.callback_failure(this);
                    }
                });
                jQuery(this).find('input').bind('focus keypress click', function(){
                    jQuery("#" + SelfID).next('.' + options['error_message_class']).remove();
                    jQuery("#" + SelfID).parents("." + options['error_container_class']).removeClass('error');
                });
            }

Otherwise user only wants to validate upon form submission ...

else {
                jQuery(this).bind('blur', function(){
                    validate_field(this);
                });
                jQuery(this).bind('focus keypress', function(){
                    jQuery(this).next('.' + options['error_message_class']).fadeOut("fast", function(){
                        jQuery(this).remove();
                    });
    				jQuery(this).parents("." + options['error_container_class']).removeClass('error');
                });
            }
        }
        jQuery(this).parents("form").submit(function(){

            if (validate_field('#' + SelfID)) {
				
				jQuery('.' + options['error_message_class']).remove();
				jQuery('.' + options['error_container_class']).removeClass('error');
			
                return true;
			}
            else 
                return false;
        });

Function used to test for valid content. If user didn't include regex for testing then just return TRUE, otherwise add Bootstrap error classes when appropriate along with optional message.

function validate_field(id){
            var self = jQuery(id).attr("id");
            var expression = 'function Validate(){' + options['expression'].replace(/VAL/g, 'jQuery(\'#' + self + '\').val()') + '} Validate()';
            var validation_state = eval(expression);
            if (!validation_state) {
                if (jQuery(id).next('.' + options['error_message_class']).length == 0) {
                    jQuery(id).after('<span class="' + options['error_message_class'] + '">' + options['message'] + '</span>');
					jQuery(id).parents("div ." + options['error_container_class']).addClass("error")
                }
                if (ValidationErrors[FormID].join("|").search(id) == -1) 
                    ValidationErrors[FormID].push(id);
                return false;
            }
            else {
                for (var i = 0; i < ValidationErrors[FormID].length; i++) {
                    if (ValidationErrors[FormID][i] == id) 
                        ValidationErrors[FormID].splice(i, 1);
                }
                return true;
            }
        }
    };

After validating all input fields on current form submit.

jQuery.fn.validated = function(callback){
        jQuery(this).each(function(){
            if (this.tagName == "FORM") {
                jQuery(this).submit(function(){
                    if (ValidationErrors[jQuery(this).attr("id")].length == 0) 
                        callback();
					return false;
                });
            }
        });
    };
})(jQuery);

Of course I missed a few things, but don't forget I don't know javascript. I seem to be trying to talk myself into picking up a JS manual :P


#116900 People Dying.

Posted by gushort on 17 March 2012 - 06:06 PM

I'm with your dad on this one, probably because I'm around his age :D

You say millions die everyday so why get melodramatic over seeing one die, or even just get severely hurt, on the tele? Why? Well because the more you tell yourself " its sad, but why you so worked up. its not like you knew him...", the more de-sensitised you will be towards tragedy in general and, even worse, the feeling that something should be done about it. That is, until something tragic happens to someone close to you.

As for " people who get worked up over someone who dies that they never knew/didn't have an impact on their life, i just don't understand them", personally, i don't understand people who just accept, or ignore, something, just because they feel it won't have an immpact on their life. They should start thinking less about themselves and more about others.

:)