and I'm thinking wtf, the pro-collusion bent of American law is really getting out of hand here; now they're forcing people to buy overpriced ink cartridges?
My girlfriend and I argue about this type of thing from time to time. I know you were just poking good-natured fun at the OP's typo, but I feel it is important in this discussion to distinguish between excusable errors due to transient mistakes (e.g. typos by someone who can spell), vs. consistent errors due to ignorance (e.g. mangled words and grammar from someone who can barely handle their native language).
Yeah. I would raise more hell about this and actually try to get involved in pursuing a solution, except that I don't have much expertise with UNIX system-level development, coupled with the fact that as a one-man shop I'm already too busy doing too much (even to read things like webhostingtalk).:/
Nonetheless I would be interested in maybe getting a few of us in this thread together in a conversation (by e-mail or whatever) to share our best practices and see what we can come up with insofar as solutions.
You have raised some crucial points. I have been running PHP on my production servers for several years now, but I have always wanted answers to these questions. As time goes on I am amazed at the total silence, and actually the fact that more people are not asking the same questions. Or else, maybe I am an idiot and I am not understanding some fundamentals.
1. why is magic_quotes_gpc on by default? Every time I install PHP somewhere I need to go into the global php.ini and turn this off. Even worse, when I am deploying code on someone else's machine where php_admin_flag is ignored in htaccess, I have to do a bunch of nested stripslashes crap to undo this. It is a fucking nuisance to have my form input contaminated in a way that PHP decides I might like. Can't we put the onus on developers to actually write secure database code, and stop creating headaches for those of us who can?
2. why oh why can we not invoke PHP via mod_php as specific users? This is a no-brainer for a shared (read: any) system. Otherwise we are forced to use the CGI version in order to have any semblance of security, which completely negates the wholesome goodness of mod_php. Admittedly, my system is small enough that so far I have still been running mod_php with the kind of "weird things to ensure security" that you note. It is half-assed though!
(Bonus question not related to PHP: why can we use server-wide CustomLogs which pipe to a command in order to split up logs by host, but not do the same for ErrorLogs? I am wasting a file descriptor for every virtual host just for its own ErrorLog, while I am absolved of this for the access logs. What am I missing here?)
That's even worse than having it INSIDE the box. At least the current way, you have a paper copy in hand that you can take into court. A web site can change or vanish at any time.
This company has a great name! I can't wait to buy my next lawnmower from Centimetre, or some concrete mix from Kilogram -- not to mention a new stopwatch from Hour Minute Second. Thanks for the inspiration, Gigabyte!
I'm not sure we're talking about the same thing here.
I've just checked calculator on my Powerbook (which has only official release versions of Panther installed), and the results are the same.
What I'm talking about is under the View menu, there are additional options (besides Basic and Advanced) that can be enabled by opening up the app bundle and moving several ".calcview" bundles from the Resources folder into the PlugIns folder. After doing this they will also show up in the finder Get Info window.
Are you saying that you have these enabled, and they work?
Do any of the other modes work for you, besides "basic" and "advanced", e.g. the hexadecimal, expression sheet or graphing views? For me, the window resizes and goes blank.
Maybe this is related to having installed various pre-release builds on this system in the past, but...
The spammers can reasonably assume that you don't want their message to begin with, yet they send it anyway. So what basis is there to speculate that they might even consider heeding an unsubscribe request? None, to me.
I know the popular opinion here is typically pro-Apple/iTMS/iPod but honestly I just don't see why we can be pro-reverse engineering on everything else and not this.
Who said anybody is against reverse-engineering?
Way to go Real for reverse-engineering. Way to go Apple for changing their application at their leisure in a manner that is reasonable and fully expected. Up next: way to go Real for reverse-engineering. (repeat)
If you want to depend on Real's hackery to make your music play, then that's a risk you are fully entitled to take. However, there is no obvious reason why Apple should suddenly have to change their plans to support you.
(If you are one of the guys who replaced the iPod's icon set using the firmware hack discussed here a few days ago, are you also going to be offended as soon as the next Apple update wipes out your custom stuff?)
Oh goodie, Microsoft and their revolutionary visionary ideas to the rescue! Thankfully I will now be able to use my legacy fish.NET while playing on a beach equipped with a volleyball.NET, after calculating my profits.NET from the day's sales.
Without Microsoft, fish, volleys and accounting would be doomed!
That's wonderful... why don't you go complain to Toshiba then, since not only do they not make the iPod but the article clearly indicated that they didn't even mention Apple in the announcement.
Maybe I'll post a reply to this article talking about the zoom quality on my digital camera (hey you could stick a microdrive in it, so it's just as on-topic, right?)
Ah, thanks, I get it now. (I was thinking along the wrong line -- in that the word conformed to being both without NT and without Intel, as opposed to being a combination of same.)
One interviewer checked my site before I came in (and I knew it) and he said that they didn't hire pot smokers. He assumed I was a pot smoker because I was a Grateful Dead fan.
Did you respond that it was fine since you never work for people who beat their wives anyway?
We are allowed to 'share' our music with friends in exchange for a small tax on CDRs and MP3 players.
First of all it's not a tax, it's a levy. Second of all, it's rashly unjust since most artists won't see a cent from it. Third, it applies to equipment despite its end use (whether it has anything to do with music playback at all). Fourthly, what do you mean "small"? It worked out to about 7% of the cost of my iPod, pre-tax.
I work for myself, and have my domain and email inbox provided by a hosting company. When working from my home office I connect to the net using a local broadband ISP and I have to use their SMTP server for sending mail. I can't use my hosting company's server cos I'm outside their network.
I work for myself too and I have the same problem, except I don't, because I can relay from anywhere thanks to authenticated SMTP.
Actually, I was alluding more to the outcome of his handling of the presidency, rather than the legitimacy of obtaining it. For example, say Bush continues to invade countries at random, strip away freedoms of the citizenry and garner more disgust from the global community. If it begins to don on Americans at large that this is a problem, can they do anything about it?
Say something REALLY starts going wrong, such that a majority of Americans wake up and smell the coffee... is there a provision in your governing system for a non-confidence vote, or otherwise some means by which to force a new president or an immediate election?
Slashdot Mirror
and I'm thinking wtf, the pro-collusion bent of American law is really getting out of hand here; now they're forcing people to buy overpriced ink cartridges?
...oops.
-b
My girlfriend and I argue about this type of thing from time to time. I know you were just poking good-natured fun at the OP's typo, but I feel it is important in this discussion to distinguish between excusable errors due to transient mistakes (e.g. typos by someone who can spell), vs. consistent errors due to ignorance (e.g. mangled words and grammar from someone who can barely handle their native language).
-b
Yeah. I would raise more hell about this and actually try to get involved in pursuing a solution, except that I don't have much expertise with UNIX system-level development, coupled with the fact that as a one-man shop I'm already too busy doing too much (even to read things like webhostingtalk). :/
Nonetheless I would be interested in maybe getting a few of us in this thread together in a conversation (by e-mail or whatever) to share our best practices and see what we can come up with insofar as solutions.
-ben
You have raised some crucial points. I have been running PHP on my production servers for several years now, but I have always wanted answers to these questions. As time goes on I am amazed at the total silence, and actually the fact that more people are not asking the same questions. Or else, maybe I am an idiot and I am not understanding some fundamentals.
1. why is magic_quotes_gpc on by default? Every time I install PHP somewhere I need to go into the global php.ini and turn this off. Even worse, when I am deploying code on someone else's machine where php_admin_flag is ignored in htaccess, I have to do a bunch of nested stripslashes crap to undo this. It is a fucking nuisance to have my form input contaminated in a way that PHP decides I might like. Can't we put the onus on developers to actually write secure database code, and stop creating headaches for those of us who can?
2. why oh why can we not invoke PHP via mod_php as specific users? This is a no-brainer for a shared (read: any) system. Otherwise we are forced to use the CGI version in order to have any semblance of security, which completely negates the wholesome goodness of mod_php. Admittedly, my system is small enough that so far I have still been running mod_php with the kind of "weird things to ensure security" that you note. It is half-assed though!
(Bonus question not related to PHP: why can we use server-wide CustomLogs which pipe to a command in order to split up logs by host, but not do the same for ErrorLogs? I am wasting a file descriptor for every virtual host just for its own ErrorLog, while I am absolved of this for the access logs. What am I missing here?)
-ben
Send your resume in PDF, if the rendering (vs. simply-formatted content) is of such utmost importance?
-b
That's even worse than having it INSIDE the box. At least the current way, you have a paper copy in hand that you can take into court. A web site can change or vanish at any time.
-ben
This company has a great name! I can't wait to buy my next lawnmower from Centimetre, or some concrete mix from Kilogram -- not to mention a new stopwatch from Hour Minute Second. Thanks for the inspiration, Gigabyte!
-b
I'm not sure we're talking about the same thing here.
I've just checked calculator on my Powerbook (which has only official release versions of Panther installed), and the results are the same.
What I'm talking about is under the View menu, there are additional options (besides Basic and Advanced) that can be enabled by opening up the app bundle and moving several ".calcview" bundles from the Resources folder into the PlugIns folder. After doing this they will also show up in the finder Get Info window.
Are you saying that you have these enabled, and they work?
-b
Do any of the other modes work for you, besides "basic" and "advanced", e.g. the hexadecimal, expression sheet or graphing views? For me, the window resizes and goes blank.
Maybe this is related to having installed various pre-release builds on this system in the past, but...
-b
The spammers can reasonably assume that you don't want their message to begin with, yet they send it anyway. So what basis is there to speculate that they might even consider heeding an unsubscribe request? None, to me.
-b
That may only work properly if she's into scat...
-b
I know the popular opinion here is typically pro-Apple/iTMS/iPod but honestly I just don't see why we can be pro-reverse engineering on everything else and not this.
Who said anybody is against reverse-engineering?
Way to go Real for reverse-engineering.
Way to go Apple for changing their application at their leisure in a manner that is reasonable and fully expected.
Up next: way to go Real for reverse-engineering.
(repeat)
If you want to depend on Real's hackery to make your music play, then that's a risk you are fully entitled to take. However, there is no obvious reason why Apple should suddenly have to change their plans to support you.
(If you are one of the guys who replaced the iPod's icon set using the firmware hack discussed here a few days ago, are you also going to be offended as soon as the next Apple update wipes out your custom stuff?)
-b
Oh goodie, Microsoft and their revolutionary visionary ideas to the rescue! Thankfully I will now be able to use my legacy fish.NET while playing on a beach equipped with a volleyball.NET, after calculating my profits.NET from the day's sales.
Without Microsoft, fish, volleys and accounting would be doomed!
-b
That's wonderful... why don't you go complain to Toshiba then, since not only do they not make the iPod but the article clearly indicated that they didn't even mention Apple in the announcement.
Maybe I'll post a reply to this article talking about the zoom quality on my digital camera (hey you could stick a microdrive in it, so it's just as on-topic, right?)
-b
http://www.wiktionary.org/ [wiktionary.org] has been doing this for a long time, what's wrong with them?
The ridiculous name?
-b
Ah, thanks, I get it now. (I was thinking along the wrong line -- in that the word conformed to being both without NT and without Intel, as opposed to being a combination of same.)
-b
I don't get it. "Taligent" obviously contains the letters NT. What am I missing? (The Intel bit is amusing, though.)
-b
One interviewer checked my site before I came in (and I knew it) and he said that they didn't hire pot smokers. He assumed I was a pot smoker because I was a Grateful Dead fan.
Did you respond that it was fine since you never work for people who beat their wives anyway?
-ben
First of all it's not a tax, it's a levy. Second of all, it's rashly unjust since most artists won't see a cent from it. Third, it applies to equipment despite its end use (whether it has anything to do with music playback at all). Fourthly, what do you mean "small"? It worked out to about 7% of the cost of my iPod, pre-tax.
-bIs this a /. joke about "like a virgin"?
-b
Every home that's used a dial-up modem has used broadband.
-b
I work for myself, and have my domain and email inbox provided by a hosting company. When working from my home office I connect to the net using a local broadband ISP and I have to use their SMTP server for sending mail. I can't use my hosting company's server cos I'm outside their network.
I work for myself too and I have the same problem, except I don't, because I can relay from anywhere thanks to authenticated SMTP.
This is what they invented it for.
-ben
Do we need to cyberinvent new cyberterms whenever an event occurs that has to do with computers?
-b
Actually, I was alluding more to the outcome of his handling of the presidency, rather than the legitimacy of obtaining it. For example, say Bush continues to invade countries at random, strip away freedoms of the citizenry and garner more disgust from the global community. If it begins to don on Americans at large that this is a problem, can they do anything about it?
-b
Say something REALLY starts going wrong, such that a majority of Americans wake up and smell the coffee... is there a provision in your governing system for a non-confidence vote, or otherwise some means by which to force a new president or an immediate election?
-b