Archive for November, 2007

30
Nov

on the fly decoding of winmail.dat in felamimail

By Cornelius Weiss Comment
Categories: eGroupWare and php

We all know these ugly mails in our mailboxes with an attachement called winmail.dat.

While we all are quite serious that people using a software constellation which produces this kind of attachements should be arrested, (Where is Mr. Scheuble when we really need him?) this attitude doesn’t help our users who just want to read their fu*ing emails.

A while ago I developed an enhancement for felamimail which decodes winmail.dat archives on the fly and just displayes the embedded files to the user. It’s based on the ytnef library which on debian system could easily be installed by a simple apt-get install ytnef.

As I can’t estimate the security related isues of this extension yet, I don’t dare to commit this into trunk. If you are a security guru, please comment the code!

19
Nov

Safari 3 solves AltName issue

By Cornelius Weiss Comments
Categories: Internet security, my favorite fruit and rootStuff

Today Nils Toedtmann published a grave security issue. In Firefox, Konqueror and Opera an attacker could fake SSL secured sites.Thus, its possible that your browser shows a faked site https://mybank.com without a certificate warning.

The good news for Mac users is, that in Leopard and the latest updates to Tiger ( I just checked this), this problem is resolved. However, with my old notebook (not updated, safari 2.0.0.9) this kind of attackers is possible.

Use this site to check if your Bother is vulnerable.

18
Nov

eGroupWare WebDAV on Mac OSX

By Cornelius Weiss Comments
Categories: eGroupWare and rootStuff

eGroupWare’s filemanager content could be accessed by WebDAV for quite a while now by the URL

http(s)://myegroupware/filemanager/webdav.php/home

While this works quite OK for Linux and Windows, the build in WebDAV client of Mac OS X doesn’t talk with the eGroupWare server. The reason behind this is the fact, that the eGroupWare server only supports a rather simple version of WebDAV without locking. Locking prevents the so called “lose update” problem, when two clients try to work on the same file.

Today I found the time to resolve this problem and add locking support for the eGroupWare WebDAV client. This is a quick hack for me which only works with MySql as DBRM. Also locking is only implemented for the WebDAV server and not for the filemanager web-frontend.

To get it working you need to add a table to your database and patch your phpgwapi/inc/class.webdav_server.inc.php with the attached patch.There is still a charset problem (as always) to be resolved which seems to lay deeper in the the WebDAV code. This will get resolved in eGroupWare 2.0.

09
Nov

flood in storehouse-town

By Cornelius Weiss Comment
Categories: personal

Flood warnings for the area of Hamburg city and port are given cause the water level reaches 5.00m (the normal level is 2.00m).

With this news today we tried to document what happens out our window. Unforunally only my collegue had a cam in his mobile phone.

 

flood 10:28flood 12:57flood 13:51flood 14:22flood 15:30

This green Cadillac is parking in front our window for more than a week now. It’s owner had extreame luck.

09112007101.jpg09112007102.jpg09112007109.jpg09112007118.jpg09112007120.jpg

 

08
Nov

Javacript hint: ‘var’ ist your friend!

By Cornelius Weiss Comments
Categories: Javascript

A few times I came across a surprising habit of Javascript which is a bit confusing for PHP developers.

Javascript places properties into the global scope (the window object in case of a website) if you declare a variable without the ‘var’ keyword.

function f() {
localvar = local;
}
f();
alert(localvar);

will result in local.

If you replace the line
localvar = local by
var localvar = local

the script results in undefined

This can lead to really interesting effects when having nested loops like this:

for(i=0; i<somvar.length; i++) {
dosomemagic();
}

In this case i is placed in global scope and gets overwritten by a nested loop with the same construction. Make sure that you always use the correct version:

for(var i=0; i<somvar.length; i++) {
dosomemagic();
}

In this context it’s worth a note that Javascript does not have a blockscope. Thus the variable i defined the example, continues to live when the loop is finished!

07
Nov

Is the iPhone expensive?

By Cornelius Weiss Comment
Categories: personal

I was about to write a post “Buried my iPhone plans” and tell the world that this device is far too expensive for me.

At the end of this post I just wanted to paste together how cheep one can have the same service with another mobile device. Really really surprised I noticed, that I was not able to find a suitable offer.

If you want to have ‘a little Internet’ on your mobile device you have to pay fees about 50 EUR per month. If you try to compose the service t-mobile offers with the iPhone contract out of the standard fees you even have to pay about 65 EUR.

So I said to myself: “I don’t need a contract with Internet flat and 100 free minutes a month”. “I use my mobile so rarely that I would have to pay far too much with such a contract, no thanks!”

To convince myself of how much I save when not having the iPhone, I grabbed my last 12 O2 bills and summed them up. Confused to see that I payed in total more than 800 EUR. On no single bill I have more than 100 minutes of phone time, and in total I consumed about 10MB of GPRS traffic.

With the current iPhone contract I would have paid 600 EUR. Is the iPhone expensive? I don’t know. But for sure I have not the right contract at the moment. As first action I buried my article about “Buried my iPhone plans”.

06
Nov

Fun with Gravis part III

By Cornelius Weiss Comments
Categories: Beware of customer and personal

This is the last part of my story about fun with Gravis, as I will never again buy something in a Gravis store!

The short version: It took exactly 30 minutes and I had my money back. As I couldn’t believe that I hadalready spent so much time on my little “keyboard and power-cord” project , today I exactly tracked the time in the store. I went in at 13:32 and stepped out at 14:02.

gravis consolationThe long version of the story is no fun to tell, so just notice that in the end 4 Gravis coworkers were involved in the process.

As consolation they gave me a little aluminium box of with about 15 Tic-Tacs inside (see picture on the left). Thanks for this.

The lucky part of my visit there was, that I had the opportunity to take a look at the new ‘iPod touch‘. This device has the same user-interface as the iPhone and I was curious to see it at work. It took me a few seconds to get familiar with the screen keyboard, but the overall impression was: WOW I’m impressed. Most surprisingly I noticed that the speed of the UI is really as fast as in the demos in the commercials.

The rest of the time I wasted to bring up my Gravis story up to the various demo computers in the store. Just to keep potential customers informed about the superior service of the store they are in :-)

04
Nov

Tour in Hamburg

By Cornelius Weiss Comment
Categories: personal

Today we made a little tour in Hamburg. I just realized, that I can take my family with me in all trains and Elbe ferry boats with my HVV ticket on weekends. We just sat on the ferry and it took about 90 minutes till the boat came back again to the place where we started. During the last part of the journey it was a bit crowded, but hey – it was for free! For the normal tourist boats we would have had to pay 25 EUR for 60 minutes.

As it was really cold on deck we sat inside and I was not able to make more pictures from the water. But also the illuminated storehouse-town on our way back was worth it to be held on my digicam.

Hamburg tour 2007/11/04Hamburg tour 2007/11/04Hamburg tour 2007/11/04

02
Nov

Fun with Gravis part II

By Cornelius Weiss Comments
Categories: Beware of customer and personal

As promised, I continue to tell my story with Gravis. 4 weeks ago I ordered a keyboard and a power-cord at Gravis’. After a real odyssey I’m now proud user of a new international mac keyboard.

After waiting 4 weeks for the power-cord I decided, that I won’t continue to crawl under my desk every morning to plug in my power-adapter, so I had the bright idea to try if another non mac power-cord fits in my power-adapter, and it does!

Happy me, I don’t need the new 12 EUR power-cord any more. So I phoned Gravis to reject my order after 4 weeks of waiting for a simple power-cord. On the other side of the phone someone told me, that it was not possible to reject personalised orders. After a short introduction into the German law about buying and rejecting the guy was happy to tell me that in my special case they could make an exception, cause the cord was not even delivered yet.

Happily, cause I thought that the call is over in half a minute, I requested that they just send the money back to my bank account. But than I was told that they could only give me back the money cash. I should come over, show the bill of the advance fee and than they rollback the order.

Really confused (remember the cash stories of the first part) I complained that I wanted to cancel the order right now, cause I can’t come over right now and it might take a few days till I find the time to fetch my money there. And if the cord arrives in between they won’t accept the rejection.

The man told me, that he doesn’t think that this is possible, but after I expressed my impatience with their store a bit harsh he gave me the opportunity to listen to their ‘hold the line’ music.

A few minutes later he picked up the call again and told me that in my special case he can for sure guarantee, that the cord won’t arrive before I came over and reject my order. A bit curious I asked:

“Oh how are you so sure if we don’t cancel the order right now?”

“Well Mr. Weiss, we made a little mistake. Somehow we missed to order this single power-cord. You have to understand that we normally only sell the whole power-adapter and not single cables”

Oh yes, I understood that life is hard inside of Gravis stores! I’ll try to go to Gravis next week. Let’s see what happens.

For me it’s more than sure, that I will never ever go into a Gravis store after this last visit. And personally I won’t go in any other store managed by these clowns any more.

01
Nov

MAMP and Xdebug

By Cornelius Weiss Comments
Categories: eGroupWare, php and rootStuff

MAMP is an extremely easy to install and use web-server with php and mysql for mac.

Once, your projects become bigger, you’ll definitely feel the need for a php debugger. Xdebug is a powerful open-source php debugger i prefer over the other mostly closed source once. There is a powerful KDE tool for analysing Xdebug output, see this example.

But as for now, i had no Xdebug extension for my mac development system, cause i didn’t want to recompile the web-server stuff. Today i found, that Komodo has a dynamic Xdebug extension bundled with there commercial IDE.

As i use Eclipse, i don’t need this IDE, but i downloaded the IDE trial and extracted the xdebug.so for me.

If you have this xdebug.so, all you need to do is to place this into
/Applications/MAMP/Library/share/php/xdebug.so
and then edit your /Applications/MAMP/conf/php5/php.ini like this:

; xdebug config Mac OS X
zend_extension=/Applications/MAMP/Library/share/php/xdebug.so
xdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_mode=req
xdebug.remote_host=127.0.0.1
xdebug.remote_port=9000
xdebug.idekey=

« Previous Entries