Eye Test

I went to an optometrist a few days ago for an eye test.

I was pretty confident. I’ve always had 20/20 vision.

They sat me down in front of an eye chart. You know the sort – it starts with a really big letter at the top and progressively gets smaller.

I quickly scanned down…

And realised I couldn’t get as far as I used to.

So I said in a huff: “What are you trying to do to me?! I’m dyslexic!”

;-P

Accessibility: the last consideration of software developers

Accessibility is often the last consideration of software developers.

Not because we don’t want to do it – we would if we could.

It’s for one simple reason:

Building non-accessible software is already bloody difficult!

We’re taxed to the limit as it is. Accessibility is just another layer that, I’m sorry to say, means an 80+ work hour week instead of a 60 hour week.

And business – unless they are specifically designed for or required to provide accessibility – is not interested in paying for that extra consideration.

PHP: “Fatal error: Can’t use function return value in write context in …”

I just received the following PHP error.

Fatal error: Can’t use function return value in write context in /path/to/file.php on line 595

And I had no fucking idea what the problem was. I had a “sense” of it, but I didn’t understand the “in write context” part (that’s what happens when you get geeks to write error messages).

The line causing the error was this:

if (strtolower($append_value) = strtolower($base_value))

It’s one of those classic programmer errors that is in your face but is easily lost in the code.

Here’s the fixed line

if (strtolower($append_value) == strtolower($base_value))

Yeap – I missed an equals sign to make it an equality expression rather than an assignment (i.e. “=” changed to “==”).

 

Interestingly, this error was thrown without actually being executed. It must have been while the script was being parsed. I’m using PHP 7.3 in WordPress in the Codeanywhere online IDE.

“Exposure” is not a valid form of currency

This comic from The Oatmeal says it all:

Exposure
Source: https://theoatmeal.com/comics/exposure

Sorry folks, but “exposure” is not a valid form of currency.

If someone is good enough to do the work for you,
and what they produce is good enough for you to use,
then it’s good enough to pay them with real currency.

Simple as that.

And a pro-tip for all you “creative” types (artist, designers, developers, engineers, and even trades peoples) – usually when someone says to you “it will be good for exposure”, they are the last person to spread the word offer referrals.
Ask me how I know.

Whether you have been doing your work for 2 months, 2 years or 20 years, your time, effort and skills are worth real money if someone is prepared to use what you produce.

The Best Practice Fallacy

I consider “Best Practice” in software development to be a fallacy.

Why?

Yesterday’s best practice is replaced by something new today.
And today’s best practice will be replace by something else tomorrow.

I don’t have a problem with setting good guidelines and habits, but let’s not call it “best” – that implies one right way (and there are enough knuckleheads in our industry who latch onto ideas with zeal that I really don’t want to encourage further).

Instead, let’s think of it as:

A “good” approach for what we are trying to achieve today.

Any way you cut it, any practice is just someone’s opinion of how things should be done, and it’s not necessarily based on varied experience or hard lessons.

In my own business I sometimes dictate how things should be done. A decision needs to be made, a pattern set in place and direction set. But I’m flexible and often review, improve and adjust.
(I also pay the bills so in absence of a better option what I say goes.)
But in no way are the decisions I make “best practice” or based on what others consider to be best.

I regularly make decisions contrary to current belief but are still valid and appropriate for the situation. I do analysis, consider options and put a lot of thought into decisions (other time there’s not much thought but a desire to learn through experimentation).

The reality is, in software there are very few things you need to adhere to. Create code and systems others can understand and maintain. Expect change. Don’t be an asshole.

Apart from that our industry is so young, so fast moving, and has so many possibilities and facets it’s impossible to define “best”.

So let’s just drop the bullshit, call a spade a spade, and admit we’re all learning and making this up as we go.

White Sauce

Serves: 4

Ingredients

  • 2 cups milk
  • 40g butter
  • 3 tbsp flour
  • salt & pepper

or

  • 1 cup milk
  • 2 tablespoons butter
  • 2 tablespoons flour

 

Method

  1. Mix flour, milk, salt & pepper with whisk very well.
  2. Heat the butter in a frying-pan. Add the mixture; Stir until the sauce is smooth and thickens. Not too thick. (Do not burn the mixture!)

 


Other sources:

http://www.bestrecipes.com.au/recipe/bechamel-or-white-sauce-L12448.html (!)

http://allrecipes.com.au/m/recipe/11305/easiest-white-sauce.aspx

Creamy pumpkin soup

Original Source: http://www.taste.com.au/recipes/33375/creamy+pumpkin+soup

(Reproduced here for easy access because I use this recipe often.)

 

Ingredients

  • 2 tablespoons olive oil, plus extra to serve
  • 1 onion roughly chopped
  • 2 garlic cloves, roughly chopped
  • 600g peeled, chopped pumpkin
  • 1 potato, chopped
  • 2 carrots, chopped
  • 1 leek (white part only), chopped
  • 1/2 teaspoon ground nutmeg
  • 3 cups (750ml) chicken stock
  • 1/2 cup (125ml) pure (thin) cream
  • 1 tablespoon pumpkin seeds (pepitas), toasted
  • Dried cranberries and finely chopped flat-leaf parsley leaves, to serve

 

Process

Step 1

  • Heat oil in a large saucepan over medium heat.
  • Add onion and cook for 2-3 minutes until soft.
  • Add garlic, vegetables and nutmeg, then toss to coat.
  • Add stock and 2 cups (500ml) water, then bring to the boil.
  • Reduce heat to low, cover and cook for 25 minutes or until the vegetables are tender.
  • Cool slightly.

Step 2

  • In batches, transfer to a blender and whiz until smooth.
  • Return soup to the saucepan and place over low heat.
  • Stir in cream, then season.
  • To serve, ladle into bowls and top with seeds, cranberries and parsley, then drizzle with extra oil.

Zucchini Slice

Ingredients

  • 550g zucchini
  • 1 medium (about 160g) onion, peeled and finely chopped
  • 130g bacon
  • 75g (1 cup, lightly packed) grated tasty cheddar cheese
  • 112g (3/4 cup) self-raising flour
  • Salt and pepper, to taste
  • 4 large eggs (we use eggs with a minimum weight of 59g)
  • 83ml (1/3 cup) oil (we use a mild-flavoured oil, such as sunflower)

Process

Preheat oven to 180 degrees Celsius.

Line a 18cm by 28cm baking dish or slice pan with baking paper.

Oven rack to the middle of the oven.

 

Finely chop bacon. Heat a heavy-based nonstick frying pan over medium-high heat.

Fry for about six minutes, stirring occasionally, until onion has softened but not browned.

  • bacon: 130g bacon
  • onion: 1 medium (about 160g) onion, peeled and finely chopped

Set aside to cool.

 

Zucchini – finely grate. Squeeze handfuls of grated zucchini over sink to remove excess liquid.

 

Combine in a large bowl:

  • zucchini (2-3, 550g zucchini)
  • cooled onion
  • bacon mixture
  • cheese (1 cup, lightly packed)
  • flour (3/4 cup)
  • salt and pepper

 

Use a fork to mix together in a small bowl:

  • eggs (4 large)
  • oil (1/3 cup)

Add egg and oil mixture to the other ingredients and stir to combine.

 

Pour mixture into baking dish and spread evenly.

Bake for about 45 minutes, or until slice is golden brown and firm to the touch.

Set aside for five to ten minutes before slicing.

Application Security: Validate uploaded files before processing them

This is not a “how to” but a “what to”.

If you’re a software developer working on a system that allows file uploads, before you allow any code to process the file (i.e.  the file has uploaded, now you want to do something with it), you first need to check the file extension matches the “content” of the actual file.

A simple example: A user may upload a file with an “.ico” file extension, but it’s actually an image file with EXIF data, and your system has an EXIF data vulnerability. You can’t trust the underlying software libraries you use will first validate the file extension matches the actual data embedded in the file.

What this means is the software libraries you use may see the .ico extension, think that it’s OK (just an icon), not run any checks that would ordinarily be run to verify the file on file extensions containing EXIF data, but while processing the file it will still executes EXIF functions and processes the vulnerability.

You think that won’t happen? Think again. That’s an attack vector Black hat hackers use. And it works.

As a software developer, when you think about security you have to assume all the things that are “not likely” to happen are going to be the most likely attack vectors for hackers.

 

Our job as software developers is harder than ever. We have to think every “not likely to happen” scenario is going to be a step in an attack by someone malicious.

Predictable Links to Multiple GSuite/GMail Accounts

I run multiple personal and business domains with Google mail accounts.

I want to create links (both synced in Chrome bookmark bar and in a web page) to each mail account that I know will always take me to the account I want, even when accessing from different devices (I have a minimum of 2 primary laptop devices I login from regularly).

There is a URL schema Google uses to generated each logged-in account – e.g. https://mail.google.com/mail/u/0/#inbox (then increment the number for each inbox) – but if don’t login to each account in the exact same order on each device, then they get out of sync.

 

Today I found a solution.

To access the desired mailbox via a predictable URL, use the following template: https://mail.google.com/mail/u/?authuser=user@gmail.com.

Change the user@gmail.com to the actual email address.

This also works for emails in custom GSuite domains (e.g. my jsnelders.com domain), because underneath all @gmail.com and GSuite domain emails redirect back to the same number based URL template I originally mentioned.

I also figured out the URL to link to a specific Google Calendar is: https://calendar.google.com/calendar/?authuser=user@gmail.com.

Again, the URL will cause a redirect.

 

I’ve only tried these with accounts I’m already logged into. I’m not sure what happens on a new system where you haven’t logged in yet, but I expect they should still work just fine.

 

Resources

I originally performed a search for “link url to multiple gmail account” which lead to to answers at:

 

Update (same day): I somehow logged myself out of all Google accounts in Chrome while trying to re-establish a sync between computers. So mail account links I setup started going to the same Gmail account (the account I setup for the sync). But after logging back into each of my GMail/GSuite accounts all the links worked fine again, so I reckon that’s a validation the permalinks work.