AlexKing’s Twitter tools is a great wordpress-twitter mashup plugin:

Twitter Tools

This plugin creates an integration between your WordPress blog and your Twitter account. Pull your tweets into your blog and create new tweets on blog posts and from within WordPress.

Download | README | SVN Repository

Latest Release: Version 1.0, 2007-05-07.

However this version TwitterTools have some problem in my Chinese blog, all Chinese characters are displayed as “???”, that should be an encoding problem.

After I investigate this problem, I found it because my MySQL database’s character set is not UTF-8 unicode, so TwitterTools created a table as default charset,  that cause the problem.  Why wordpress’s posts show correct encoding? I looked through wordpress’s code, and found that they will force create tables in correct encoding and won’t just use default one.

After I pull some code from wordpress’s wp-admin/upgrade-schema.php and plugin TwitterTools.php, problem gone! (All previous data in the table remained problem, I just delete that table and re-activate Twitter tool again. NOTE: Deactivate TwitterTools seemed not delete that table, so you need to delete yourself. )

I will email Alexking the update and he may put this changes to his next version, but before he change it, I release an non-official version here:

Download Twitter Tools with better internationalization support.

Popularity: 17% [?]

Share This

I spent some time on XSS (Cross Site Scripting) Vulnerabilities  scan and problem solving last month, here is some links when I used, if I have time I will write more on this topic.

A detail presentation on how a google desktop’s security hole was used by XSS to perform a “perfect attack”: http://download.watchfire.com/googledesktopdemo/index.htm

A good slides explain what’s XSS and how it attack in action: http://www.sven.de/xsss/wth_xsss_slides.pdf

XSS explained and free scan service: http://www.acunetix.com/websitesecurity/cross-site-scripting.htm

Scripts for XSS hack (don’t use it do bad things…): http://ha.ckers.org/xss.html

Step by step hack a site with XSS (don’t use it do bad things, again…): http://ha.ckers.org/deathby1000cuts/

A very good article: http://www.milw0rm.com/papers/162

Popularity: 11% [?]

Share This

(originally written on Apr 15 when I am evaluation some IoC framework)

Just some basic ideas: Some IoC/DI framework can be introduced into tako framework and related projects to make the code cleaner and easier to be maintained. Since there are so many IoC frameworks now day, I spend sometime on evaluation them and reading the tako codes to see if there are any synergy of adopt some IoC inside.

Spring framework is very popular and is the only IoC framework I worked on before, however Google’s Guice became very hot these days.

IoC: Invert Of Control DI: Dependency Injection. Means the same.
Spring framework

Pros:

* Matured, well documented
* Not just an IoC, many other useful modules

Cons:

* XML hells ? (but can use Spring Java config or Spring Annotation to override this problem)
* Slow ? (Juice anounced that it’s 100x faster than Spring)

Spring has JavaConfig sub project which enable using Java code instead of XML file to config the modules. Spring Annotation is a 3rd party project which use a lot of annotation to reduce the requirement of XML.

Guice

http://code.google.com/p/google-guice/

Pros:

* lightweight
* no XML, simpler, less lines of codes
* 100X times faster than Spring IoC? (That compare may not really valuable for a real product after all)

Cons:

* intrusive design ( at least I think it is… bad smell of code… xxx.google.xxx everywhere. )
* new, less document, no successful project other than google’s

Tapestry IoC

http://tapestry.apache.org/tapestry5/tapestry-ioc/

Tapestry is something I think could be introduced to the view layer of Tako to replace JSP/Velocity. Tapestry have so many advantages esp. in make web development easier.

Tapestry 5 is still under construction, the latest matured version is 4. Tapestry includes an IoC framework inside.

Tapestry’s author said he was impressed by Guice, and had learn some from Guice and adopted into Tapestry IoC.

Hivemind

Tapestry 4’s IoC. Even Tapstry 5 giveup hivemind, so we don’t need to consider after all?

Pico

Too lightweight to useful? Not at all, I feel it’s lightweight but yet powerful. Need more time to test and play around with it.

Spring VS Guice

Compare: http://code.google.com/p/google-guice/wiki/SpringComparison
Guice better?: http://stuffthathappens.com/blog/2007/03/09/guicy-good/

Popularity: 7% [?]

Share This

CoC(Convention over Configuration) is an mantra in modern software development.  CoC rescued programmer by making life easier.

CoC is a term often bandied around by Ruby on Rails:

    “Convention over Configuration” means a developer only needs to specify unconventional aspects of their application. For example, if there’s a class Sale in the model, the corresponding table in the database is called sales by default. It is only if someone deviates from this convention, such as calling the table “products_sold”, that they need to write code regarding these names.
from: http://en.wikipedia.org/wiki/Ruby_on_rails

Even frameworks like Spring, Struts are begin to adopt CoC ideas inside. From Struts 2, it will support a “Zero Configuration” mode, which is a CoC design.(http://struts.apache.org/2.x/index.html) In Spring 2, we can also see many CoC improvements. (http://www.memestorm.com/blog/convention-over-configuration-in-springs-mvc/)

Popularity: 5% [?]

Share This

This is from: http://evolutionarygoo.com/blog/?p=54

    When to use annotations:

1. You despise XML and are looking for new ways to express your metadata.
2. Your metadata is related to a single class or method.
3. Your metadata is fairly static and will not need to change at runtime.
4. You want to see your metadata encapsulated inside of your objects.
5. You are looking to take advantage of special annotation features supported by the JVM.
6. You are looking for ways to access metadata within your Java code using native language commands.
7. For specifying default metadata.
8. Several of the popular frameworks are using annotations and you want try them out yourself.

When to use XML:

1. You are happy with XML and are not looking for a new way to express metadata.
2. You think that the addition of intelligent defaults to many of the most popular frameworks is good enough to warrant the continued use of XML.
3. Your metadata is related to multiple classes.
4. Your metadata is not related to a class or a method at all, but to a higher level of the application and therefore aren’t a good solution for what you are doing.
5. Your metadata will change often. Configuration data is a good example of this.
6. Your metadata needs multiple implementations.
7. You want to see all of your metadata defined in one location.
8. Your metadata needs to change at runtime.

A comment for that post is also vauleable:

    one of the key things is how frequently you change the metadata and/or how flexible you need it to be at runtime. Since annotations are compiled into the classes, it cannot be changed at run time without recompilation. So, annotations are best used for things that are declarative and describe unchanging (or very infrequently changing) properties of the software. For example, I’ve used them for describing constraints or adapters that should be used with a particular property within a framework. That’s how the software is constructed, not a runtime modification attribute.

If you want to change the software at runtime, you shouldn’t put it in annotations, since it won’t work. So, that could drive you towards XML. Although given the enormous uptake in scripting language support in the JDK, it might even better drive you towards adding scripting support via JRuby, Rhino, Jython, Groovy, Beanshell, etc.

Some other good articles talking about this:
Annotation, friend or foo? :http://java.sys-con.com/read/163245.htm
Notes on XML vs annotation: http://linuxintegrators.com/acoliver/code/2006/02/26/x-0195.html

Popularity: 14% [?]

Share This

I wrote A wordpress plugin to fix the invalid UTF-8 data inside the feed, in that plugin the core purpose is to  fix invalid UTF-8 data inside a string.

It’s pretty simple to do so in PHP, I learned from here:

the following iconv line gets rid of all invalid UTF-8 characters.

 $t = iconv("UTF-8","UTF-8//IGNORE",$t);

Problem solved

Popularity: 7% [?]

Share This

Yesterday, I decided to host my feeds with FeedBurner like many bloggers do. There is no problem to create a feed of this blog, however when i tried to create a feed for my Chinese blog, FeedBurner refuse to continue because it said that my feed can’t be validated:

http://feedvalidator.org/check.cgi?url=http%3a%2f%2frobertmao.com%2ffeed

Sorry

This feed does not validate.

line 167, column 77: ‘utf8′ codec can’t decode bytes in position 10676-10678: invalid data (maybe a high-bit character?) [help]

…

In addition, this feed has issues that may cause problems for some users.
We recommend fixing these issues.

line 115, column 21: description contains bad characters [help]

…

After I check the error message, it seemed that the problem is from my blog post content, I did copy/paste some text from some other website in some of my posts, but how could I know those text may contain invalid UTF-8 char? It seemed to be a serious problem.

I can’t believe that why FeedBurner can’t handle this, since my feed can be read correctly in Firefox, Google Reader, Bloglines, and a bunch of other RSS readers, aggregators. But since it can’t handle, and my feed did have problem to pass validation, it’s my job to fix it.

I wrote a very simple wordpress plugin to fix this problem, it will correct all possible invalid UTF-8 data inside the feed content. After I activate my plugin, my feed can pass the validation correctly, so I have no problem to use FeedBurner any more.

I release this simple wordpress plugin here, just in case someone else have similar problem as I had.

Download: wordpress plugin to fix the invalid UTF-8 data inside the feed

Version: 1.0

Install: Download and unzip the file in your wp-content/plugins directory, and then “activate” the plugin in your admin panel’s “plugins” menu.

Popularity: 17% [?]

Share This

I wrote a new simple wordpress plugin for my own use, but I guess maybe someone else may need it, so I release it here.

This plugin is very simple, it put a google search box right behind your blog post, and it fill this post’s title in the search box for you.  With this search box, you and your reader can search the related information easier, they no longer need to open a window, browse to google and type in some words… now all they need is click the button.

The search box will only show up in single post display, it will not show in front page,  category,  search results, …

This version I  only add standard google search form, in the future, if required, it can be configured to support site search, or google co-op search, and use user’s Adsense account to make some money from the search result.   If anyone think such feature is important, let me know I may add it.

Download Here: Wordpress Plugin - Add Google Search box to blog posts

Version : 0.1

Install:  uncompress it in your wordpress plugin directory, and activate this plugin.

Popularity: 100% [?]

Share This

Rockch left a comment on “lesson learned on synchronized method“:

rockch | July 15th, 2007 at 8:16 pm e
synchronized is so heavy for your code,you can use volatile.
http://www.ibm.com/developerworks/cn/java/j-jtp06197.html?S_TACT=105AGX52&S_CMP=techcsdn

The article is a Chinese translation, the original English version is here. After I read the article, though i though volatile variable actually can’t help me in my code (cause the init() did quite a few dirty and time costing works, so I still need synchronized method lock on other object to provide thread safe), I still learned more on volatile variables.

Frankly speaking, I never really care about “volatile variables” before, all I know before is, “volatile” tell compiler DO NOT optimized on it and it related code, and generally will be used in threads shared variables.

I copied some from original articles for my own reference.

Patterns to use volatile variables:

1. Using a volatile variable as a status flag

2.Using a volatile variable for safe one-time publication

public class BackgroundFloobleLoader {

    public volatile Flooble theFlooble;    public void initInBackground() {

        // do lots of stuff

        theFlooble = new Flooble();  // this is the only write to theFlooble

    }

}

public class SomeOtherClass {

    public void doWork() {

        while (true) {

            // do some stuff...

            // use the Flooble, but only if it is ready

            if (floobleLoader.theFlooble != null)

                doSomething(floobleLoader.theFlooble);

        }

    }

}

3.Using a volatile variable for multiple publications of independent observations

public class UserManager {

    public volatile String lastUser;    public boolean authenticate(String user, String password) {

        boolean valid = passwordIsValid(user, password);

        if (valid) {

            User u = new User();

            activeUsers.add(u);

            lastUser = user;

        }

        return valid;

    }

}

4.volatile bean pattern

@ThreadSafe

public class Person {

    private volatile String firstName;

    private volatile String lastName;

    private volatile int age;    public String getFirstName() { return firstName; }

    public String getLastName() { return lastName; }

    public int getAge() { return age; }

public void setFirstName(String firstName) {

        this.firstName = firstName;

    }

public void setLastName(String lastName) {

        this.lastName = lastName;

    }

public void setAge(int age) {

        this.age = age;

    }

}

5. “cheap read-write lock”

@ThreadSafe

public class CheesyCounter {

    // Employs the cheap read-write lock trick

    // All mutative operations MUST be done with the 'this' lock held

    @GuardedBy("this") private volatile int value;    public int getValue() { return value; }

public synchronized int increment() {

        return value++;

    }

}

The reason this technique is called the “cheap read-write lock” is that you are using different synchronization mechanisms for reads and writes. Because the writes in this case violate the first condition for using volatile, you cannot use volatile to safely implement the counter — you must use locking

—

That article also gave some valuable links, which worth to read on…

• Java Concurrency in Practice : The how-to manual for developing concurrent programs in Java code, including constructing and composing thread-safe classes and programs, avoiding liveness hazards, managing performance, and testing concurrent applications.
• Going Atomic: Describes the atomic variable classes added in Java 5.0, which extend the concept of volatile variables to support atomic state transitions.
• An introduction to nonblocking algorithms: Describes how concurrent algorithms can be implemented without locks, using atomic variables.
• Volatiles: More about volatile variables from Wikipedia.
• The Java technology zone: Hundreds of articles about every aspect of Java programming.

Popularity: 8% [?]

Share This