Category: internet

Simple Way of Fighting WordPress SPAM

As I am one of the developers of tag2find, I am also writing in the tag2find developer blog from time to time. This blog is a WordPress blog. One of our main problems there is fighting SPAM. We get literally dozens of SPAM comments a day. To limit the amount of SPAM visible on the blog itself, I found a very simple solution, which up to now did not produce any false positive: if a posting contains more than zero links, it will be held in the moderation queue.

WordPress offers this possibility out of the box, but the default is set to more than 2 links. I tried to limit it down to one, but this still missed to many SPAM attempts. Therefore I now have set it to zero. This works remarkably well. No SPAM postings anymore and we had just one or two false positives, which are not so bad as the comments are not deleted but just held for moderation.

I know, this is a very low-tech approach and puts some work on the maintainer of the blog, but it works almost out of the nature of SPAM, which most of the time wants to deliver links to pages to influence Google PageRank and/or lure people onto the website.

RSS Reading Online: Google Reader

I have been using JetBrain‘s Omea Reader for quite some time and I was very happy with it. While this worked quite well as long as I was working just on one PC, I soon got trouble when I switched from the notebook to a dedicated desktop PC at home and a dedicated desktop PC at the office, while still keeping the notebook for the time in between. Omea Reader was no option any longer, as I have Linux at home and Windows in its various flavors in the office and on my notebook.

I tried several Java-based applications and tried to keep their databases in-sync between the PCs, but this work soon got boring and it happened to annoy me. So I thought I’d switch to an online alternative.

My choice soon fell for Google Reader, as I already had a Google account. Despite the privacy issues with giving my reading-habits away to big G, I am really happy with this reader. It features everything I need and is intuitive to use. I am most happy that there seem to be very knowledgeable people at Google, as they also provide a keyboard interface for navigating the feeds. This is something I really appreciate as I favor the keyboard over the mouse.

So anyone required to keep their RSS-feeds in sync between various PCs, I just can recommend giving Google Reader a try. I know there are others and I know Google Reader is not particularly new, but I just tried it out now (as I had the need for a service like this).

Google Reader is also one of the first applications to utilize Google Gears for offline functionality. This is particularly interesting for me as notebook user without a wireless broadband connection available all the time. Up to now I had no time to test it, but I will give it a try soon. I will write about my experiences then.

Note: I had this article prepared since a long time, but I forgot to publish it… This article of erik just reminded me to do so.

phpMyAdmin with mod_fcgid

I am currently migrating my server configuration away from mod_php towards mod_fcgid (the successor of mod_fastcgi), as this allows me to use different users for executing scripts in different directories. I use this to have every hosted virtual domain using its own system user. This should (in theory) prevent one buggy application to take over all other hosted domains as well.

I though faced one problem: I could not get phpMyAdmin working and this was a requirement of one of my clients. phpMyAdmin kept popping up the authentication dialog over and over again when using HTTP Basic Authentication.

After searching some time, I noticed that, when using PHP in CGI mode, the authentication data is not passed over to the script by default. A FAQ entry of phpMyAdmin brought the solution to this issue: a ReWrite Rule was needed for the directory containing phpMyAdmin:

RewriteEngine On
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]

Suddenly phpMyAdmin worked 😉

A Small “Patch” for Scuttle

Yesterday I realized, that our internal office installation of Scuttle (SF project page) suffered a minor bug: it kept on sorting all bookmarks by date, but in ascending order, i.e. the oldest bookmark was displayed first.

After doing some research, I quickly found out that this seems to be a “bug” (well the devs say it isn’t but one can argue…) of MySQL, caused by an optimization of a SELECT DISTINCT queries.

So I patched services/bookmarkservice.php and removed the DISTINCT keyword in the SQL-query of getBookmarks() (line 249, version 0.7.2).

Up to now, I did not experience any duplicate lines caused by this. I think, I’m going to report this minor issue upstream.

Update: hmm, ups, when searching, you will most certainly get duplicate results… I’ll check in the evening.

Update 2: Ok, so I wrote a litte more extensive patch, by wrapping the original SELECT DISTINCT statement as a subselect and ordering the result as such. This now really works. The patch for 0.7.2 can be downloaded here. You have to apply it to services/bookmarkservice.php.

Update 3: Ok, I somehow managed to delete the patch file. I am sorry. I will look if I can find it in any of the old backups, but I am not too convinced about this.

DWR – Easy AJAX for Java

DWR is a really fantastic library for Java: it allows to write JavaScript applications in web browsers that will directly and almost transparently call Java-methods of objects that live in the Java-Servlet-Container (e.g. Tomcat) as part of the web-application.

Continue reading “DWR – Easy AJAX for Java”

Scuttle: Your Own Server-Side Bookmarks the del.icio.us’ Way

I have been using del.icio.us since I first heard about it (by reading an announcement of its acquirement by Yahoo!) and I have to confess I was taken by the approach. The only thing I didn’t like was the fact that I didn’t have my bookmarks and the service under control.

Thanks to a note by Erik I found out about Scuttle, an open source clone of del.icio.us which everyone can host on his/her own server. (Please note: scuttle.org only offers their public bookmarking service, the software can only be located at their SourceForge page.) Scuttle is written in PHP and requires MySQL as database backend.

Scuttle offers most of the features of del.icio.us and can even import your bookmarks from there. Some minor usability-issues still arise, but I can live with them. Their API is compatible to del.icio.us so most external del.icio.us applications will work with Scuttle, as long as the tools allow you to specify the URL of the service. Additionally, Scuttle provides three levels of visibility for your bookmarks: public bookmarks, shared with your watchlist (= your friends/colleagues), and private bookmarks.

I installed Scuttle at my company and everyone is busy using it and is happy to now having a central place to store their bookmarks. Del.icio.us was no option for us because all bookmarks are public there.

I can strongly recommend using this software to everyone who wants to have a centralized way for storing their bookmarks without giving away all controls over their bookmarks.

NewsForge has published a nice review of the software.

Gentoo: MySQL and PHP Charset Problems

At the moment, Gentoo is experiencing several inconsistency and problems with character sets between MySQL and PHP. This is primarely based on MySQL-4.1 now updating from 4.0 without warning and user interaction which most of the times breaks existing extended characters as MySQL now stores every dump from former databases as UTF-8, which is still badly supported by PHP.

For many PHP web applications which experience problems with extended characters (like umlauts, accents, …), the following hack might help.

  1. Locate the file where the mysql database connection is opened.
  2. Add the following commands after opening the database connection:
    mysql_query('SET character_set_client=latin1');
    mysql_query('SET character_set_results=latin1');
    mysql_query('SET character_set_connection=latin1');

This will resume using latin1 instead of UTF-8 for the connection and the result set. For performance reasons, the data in the database should then be stored as latin1 as well.

According to messages in the Gentoo Forum, the developers have now released an ebuild for PHP (both 5.x and 4.4.2) that will regard character-set settings in my.cnf in a section especially for php (still in unstable). You should use the section [php-cli], [php-cgi] and/or [php-apache2handler]. Unfortunately I have not yet had time to test this out.

Apache: Force SSL for a Directory Using .htaccess and mod_rewrite

To force SSL on a given directory using .htaccess, use the following code. It requires mod_rewrite enabled in Apache. Adjust the path in the RewriteRule to match the full qualified URL of the HTTPS-domain.


RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Bugzilla: Active Directory Integration

As you might have guessed from previous posts, I’m currently in the process of implementing a single-sign-on scenario within our network. Or, at least, I’m trying to have at least one single username/password combo for all internal services. Authentication is therefore realized against an Active Directory, based on a Microsoft Windows 2003 Server.

For integration of Bugzilla into the Active Directory, see this link (Update: Link is broken, for an archived version, use this link, thanks to the commenter!).

TikiWiki and Active Directory Integration

If you want to authenticate TikiWiki agaist Microsoft Active Directory, have a look at this article.

The most interesting part in this posting is that if you are using a Windows 2003 Server, you need to patch the LDAP.php in the PEAR authentication module, as Win2k3 by default does not allow any anonymous queries against the directory.

In <tikiroot>/lib/pear/Auth/Container/LDAP.php search for the following line in function _connect():

if ((@ldap_bind($this->conn_id)) == false) {

and replace it with

if ((@ldap_bind($this->conn_id,"someuser","somepassword")) == false) {

Note, that someuser is in the form of user@domain.tld.

I also recommend to choose to authenticate your admin user against the internal database and not the LDAP (AD) container, otherwise you will lock yourself out easily.