Elliott C. Back: In Aere Aedificare

So I came across this book (adult) on Amazon.com that contained some interesting sexually explicit exerpts automatically pulled from the book’s contents. It’s probably all automatic–but would/could you police something like this?

(more…)

OK, I don’t mean to slam the product. See, what it does is popup a pretty, dynamic list of XML subscription programs and options and so forth that let the user select the right one for him:

Unfortunately, that’s a bit of a bad thing. People create standards, like the feed:// protocol, so that readers don’t have to ever see this–they just click a feed:// link and their favorite program opens it, because it’s registered itself as an official protocol handler. Standards!!! They make the user experience seamless.

So I was looking at this one Fidelity Energy fund that is a great performer:

money.cnn.com/quote/mutualfund/mutualfund.html?symb=FSENX

It has a 4-star morningstar rating, and really good returns. There’s another fund of theirs I like, too:

money.cnn.com/quote/mutualfund/mutualfund.html?showpage=overview&osymb=FLSAX&sid=440152

It’s a 5-star high risk fund, but it seems pretty cool, and fairly diverse. Fidelity also seems like a great mutual fund company:

personal.fidelity.com/products/funds/?refhp=pr

Any thoughts, guys? I might take a 10-15% cut off my paychecks and auto-deposit it into a fund I set up, but I certainly could use some advice! ^_~

Are you curious as to what changed from release 1.5.1.2 to 1.5.1.3 of Wordpress (WP)? I was, so I did a recursive diff of all the files. Here are the interesting additions:

diff -r wordpress\wp-admin\post.php wordpress-old\wp-admin\post.php

> $comment = $_GET[’comment’];
> $p = $_GET[’p'];
644,645c644,645
< $comment_ID = (int) $_POST[’comment_ID’];
< $comment_post_ID = (int) $_POST[’comment_post_ID’];

Post identifiers are now protected with an explicit cast from XSS attacks

diff -r wordpress\wp-includes\functions-post.php wordpress-old\wp-includes\functions-post.php

113a118,122
>
> // Do some escapes for safety
> $post_title = $wpdb->escape($post_title);
> $post_excerpt = $wpdb->escape($post_excerpt);
> $post_content = $wpdb->escape($post_content);

Important variables are now escaped first.

diff -r wordpress\wp-includes\version.php wordpress-old\wp-includes\version.php

5c5
< $wp_version = ‘1.5.1.3′;
—
> $wp_version = ‘1.5.1.2′;

The version has been updated, of course.

diff -r wordpress\xmlrpc.php wordpress-old\xmlrpc.php

132,141c131
< foreach ($array as $k => $v) {
< if (is_array($v)) {
< $this->escape($array[$k]);
< } else if (is_object($v)) {
< //skip
< } else {
< $array[$k] = $wpdb->escape($v);
< }
< }
< }

$args are now escaped with php, not some “special” function.

565,567c530,532
< } else if ( !empty($catnames) ) {
< $post_category = array(get_cat_ID($catnames));
< }
—
> } else {
> $post_category[] = 1;
> }

If an XML ping comes in with no category, we use a default of 1 instead.

1270a1218,1222
> $pingstatus = $wpdb->get_var("SELECT ping_status FROM $wpdb->posts WHERE ID = $post_ID");
>
> if (’open’ != $pingstatus)
> die(’Sorry, pingbacks are closed for this item.’);
>

A lot of XML ping checking and validation to make sure the ping is “good.”

That about sums it up!

When GCC and C++ don’t play fair, you get error messages like this:

MyCoolProgram.cpp: In method`void MyCoolProgram::main_thing(const Parameter *)’:
MyCoolProgram.cpp:48: No match for`Logging<one , Two, Three>::make(const std::string&, int)’
MyCoolProgram.cpp:50: switch quantity not an integer
MyCoolProgram.cpp:51: case label `”thing.test.”‘ does not reduce to an integer constant
MyCoolProgram.cpp:53: confused by earlier errors, bailing out

I really find that error message too humane for a compiler. Error messages should be terse, informative, and technical. They should have razor-edge clarity, and not contain human babble that explains if they are “confused.” Wouldn’t you rather see something like, “Error recovery failed: no possible immediate 4-substitutions allow parsing?”