Recent additions

Going to make some changes

May 14th, 2008 Posted in General | No Comments »

My blog has been stalling lately, but it’s doesn’t mean I’ve given up or have been burnt out from stuff to write about. I just have too much to do at work and trying to set a good schedule to organize it. Nonetheless, the site needs a good kick in the pants to get it going again. Soon there will be more content related to blogging tools and developing them, but I will continue writing tips and tricks for any bloggers out there. Aside from this there will be two major changes, which I will go over here:

I’ve been getting tired of the domain issues that GoDaddy has not completely resolved, and for the sake of trying a new company, I will have to move my domain name to NameCheap and see how it works out. I’m positive I will have a better experience with them, though. This is the most pressing issue I have with this site right now.

A new design. It will be the most visible change, and help make the content easier to read and more appealing to look at. This will also reflect the somewhat new direction I want my website to take, and  carrying a common theme with other ideas I would like to carry out in the future.

As for when these changes will happen, I will try to get them worked out within the week. The new design is near completion and I’m giving a day or two for the domain transfer to take effect. It won’t be necessary for me to move to a new host (remember, I’m just having domain redirection problems). So remember to watch this space, and return for the new Zero Dominance website!

NoScript: A Javascript developer’s nightmare?

May 1st, 2008 Posted in Development, Websites | No Comments »

Recently at another forum there was a user was hacking other user’s accounts and causing them to get banned. Out of fear of being attacked, someone suggested installing NoScript extension if you’re using Firefox, since the hacker works by using XSS (Cross-Side Scripting) to pass on your private information. The extension effectively discriminates JavaScript and Flash files to prevent such attacks.

NoScript isn’t new to me, and I’m aware of what it is used for, but I never really felt the need to have it installed until now, since I wouldn’t want to risk an account that might be impossible to recover. With that said I installed it yesterday and then realized it’s annoying as it is secure.

Almost every major site uses some JavaScript these days and more than often uses scripts from multiple domains. The first time I went back to visit YouTube, FaceBook, or just about any site that uses Flash or fancy scripting tricks, the NoScript bar appears on the bottom of the window. It will let you know if you want to allow scripts from that site and ever single other site it’s pulling in. And you have to select them for every single site you visit. And I do mean every single site. “Allow scripts from www.google-analytics.com”… that’s gonna look bad for anybody using Google for stat tracking! I suppose this is why a lot of websites’ Analytics numbers are conservative when compared to other systems like AWStats or Webalizer. You only have to this checking the first time you visit a site, but if you’re like me and like blog hopping and social network jumping, the nagging NoScript bar will get on your nerves.

As a developer, it makes me wonder about potential NoScript visitors coming to your sites. Will many of them leave your site if they see the annoying bar appear at the bottom? You’d be quite surprised at how many elitist web junkies turn down a site because it’s not compatible with NoScript. You say you won’t use Flash anyways? This isn’t 1998…every major browser comes packed with a Flash player. Personally, I can live without developing any Flash content, but not JavaScript. JavaScript makes so many subtle tasks easier to accomplish for the end user, and some are near impossible or impractical without it.

I like NoScript as an idea, but its execution needs to be less invasive and more flexible. If you already know the malicious script sources, it would be better to create a blacklist for those websites, rather than whitelisting sites as you browse along. Personally I have never gotten a XSS attack from any website or forum I’ve visited, and most of the time you can avoid them if you know how to avoid phishing scams.

If you want to use NoScript, you also have to know what kinds of sites are most unsafe to visitors. These websites would be ones where anyone is allowed to upload any type of content. Any place that lets you freely inject Javascript into webpages will be a big red flag, so yeah, that means you, MySpace. I know some message boards that are very strict on text output and don’t even allow hyperlinks. But even if one tag is allowed, if not validated properly it can be modified with attributes to produce unwanted results.

So with XSS becoming the latest web security concern and rise in popularity of NoScript, where will that leave Javascript developers? The ones that aren’t “evil”, that is. We should not let some bad seeds ruin the experience for everyone. With any development tool, you will have your share of abusers. Not too long ago Flash was being used inappropriately by creating awkward user experiences, and we have seen a backlash towards it. But Javascript goes beyond mere annoying effects and can be used to corrupt or steal important data. The most effective counter-measure developers can take is to improve their input validation techniques. I think Javascript can have a good future. If Javascript is the new Flash for user interaction, I hope it will be supported for years to come.

GoDaddy domain hiccups!

April 24th, 2008 Posted in Domains/Hosting, General | 1 Comment »

Recently, my domain name seller, GoDaddy, has been acting a bit odd with my domain. Last week, my blog was inaccessible for a couple hours, and instead I would be greeted with a GoDaddy domain parking page. This corrected itself, though. But yesterday, it’s been doing it again and for almost a full two days now. What’s up with GoDaddy, and how can they not keep my domain forwarding straight? I have not changed my nameservers since signing up to my web host (HostGator, by the way), and when I went to double check my nameserver settings, everything looks normal there.

Well, I don’t want to take anymore chances with it going down. From what I’ve heard in other complaints, this is a usual problem with some of GoDaddy’s domains. Every time my blog doesn’t show up, I could be losing potential visitors. I plan to transfer this domain to a different company soon, which would likely be more reliable than what I’m experiencing right now. In the meantime, I would like to know whether NameCheap is a good alternative, since some people I talked to mentioned it. Or, do you have other suggestions?

Fresh News Theme: keeping the magazine layout fresh

April 19th, 2008 Posted in Wordpress, design | No Comments »

Fresh News Theme

In case you didn’t know, I’m a big fan of the Premium News Theme, and it’s always nice to see some websites that use it. Premium News Theme is busting out another item to their theme catalog. Called Fresh News Theme, this has all of the qualities that make the Premium News Theme worth having. This theme comes in 5 different colors, in addition to the default black-on-silver color scheme. These themes are known for their streamline magazine look, but Fresh News does have the option to look like a standard blog. An additional template makes it possible to easily switch to this look.

Testing offline websites? How to cut the online widgets

April 15th, 2008 Posted in Development, General, Websites | No Comments »

This tip is for web developers that have a server set up with PHP and MySQL. This setup is required to test many dynamic websites, including blogging systems such as Wordpress.

In your website, you may have any myriad of add-on scripts and widgets that rely on an internet connection to work. If you have affiliate banner ads, use Google Analytics, or use a link exchange service like Entrecard, then you will need a persistent internet connection for them to work well. This could be an issue if you don’t always have a guaranteed connection. But even when broadband is commonplace almost everywhere, you don’t want online tools to interfere with your local development process. They may break a layout, load erratically, or they might cause some unexpected behavior. For instance, if you’re pulling in the same stat tracking code from two different locations.

What I used to do before to solve this problem was to make an offline copy of the page without these scripts. But it’s repetitive going back to save it under the original name and paste your scripts again when you’re going to upload the page. The better solution is elegant and simple. Instead you need just the original page, and insert this small piece of code wherever you need to use scripts that need to access the interwebs. Simply add the scripts inside the block:

<?php if (@$_SERVER['REMOTE_ADDR'] != "127.0.0.1") { ?>
<!-- Add your various online scripts here -->
<?php } ?>

This would display whatever’s between the curly braces, only if the remote IP address is NOT 127.0.0.1. I escaped the PHP code so that it can literally display as HTML or Javascript. Since you would only get this address if you’re running it on your own server, your online scripts won’t run locally. Otherwise, it will usually get the IP address that’s given by your internet service provider, and your scripts will run.

Not-so recent but still...

WassUp plugin makes reading stats more fun

April 13th, 2008 Posted in Plugins, Wordpress | No Comments »

Scratchback and Entrecard: Good….for a little while

April 13th, 2008 Posted in Blogs, Websites | 1 Comment »

A preview of GameLib - a plugin for organizing video games

April 12th, 2008 Posted in Development, Plugins, Wordpress | No Comments »

Don’t overdesign your websites

April 9th, 2008 Posted in Websites, design | No Comments »

Two websites that use the Premium News theme

April 7th, 2008 Posted in Blogs, Wordpress | 1 Comment »
« Previous Entries