info.michael-simons.eu

Tired of all the powerpoint presentations…

Right now i’m in Wiesbaden, attending the JAX 2008 conference.

The mood is somewhat different compared to the DOAG i used to visit the last years. The people are more open minded, partially much younger and generally try to be much cooler. And for the sake of it, some are even more interesting and after all, there isn’t that ongoing whining about Oracle not engaging in Forms 6i Client Server any more (although, i must admit, i somewhat like Oracle Forms 6i, maybe it’s a love/hate relationship, trust me, i know both worlds, Java and Forms).

The sessions suffer from one big problem: Many of them just seem to play powerpoint karaoke: Throw in a bunch of crappy slides with a handfull code snippets and sing-a-long to that stuff which means basically: Hind behind the slides.

Let me tell you: This is so boring and pointless. In the past i tried to be polite and always stayed to the end of a session but the last 2 or 3 conferences i can’t stand it any more. I can read myself, thanks. If you haven’t got anything additionally to say, just pass me the slide and i’m fine.

The 3 most interesting sessions where the sessions spoken freely with the slides just illustrating the speech. I especially liked Brian Chans presentation of Liferay Portal, Rod Johnsons keynote on the future of J2EE and the most witty one, Ted Newards talk about the renaissance of languages. It was funny, included the audience, was well prepared and freely hold, not to forget the topic: It wasn’t about the nth framework around the corner but about the nearly philosophy topic about the “perfect programming language”.

I really wish that i’d be creative and intelligent enough to design a language that is not predestined to die an early death, but i ain’t. But i can distinguish a sharp tool from a spoon if i see one and i can adopt to it very easily. And in that sense i share Teds opinion that a discussion about abstracting things and about the tool itself is of much more value than implementing some arbitrary pattern (i.e. one be the GOF) in just another framework. For example, many implementations of some patterns in frameworks have been rendered obsolete by more powerful and more expressive languages and i’d like to see this trend go on.

Filed in Design, English posts, Java | Comments (0) »

Beyond all evil: Javas definition of an object

Some days i ago, i decided to revamp my ambitions to get the scjp thingy done. What exactly for, i don’t know. But working to the self tests, i found the following:

class Ring {
  final static int x2 = 7;
  final static Integer x4 = 8;
  public static void main(String[] args) {
    Integer x1 = 5;
    String s = "a";
    if(x1 < 9) s += "b";
    switch(x1) {
      case 5: s += "c";
      case x2: s += "d";
      case x4: s += "e";
    }
    System.out.println(s);
  }
}

Questions is: Some arbitrary output or a compilation error and if, on which line.

Answer: Compilation fails due an error on line 11. What the frag? The obviously totally retarded switch statement can only handle constant values in its branches. So what? x4 is declared final static, as constant as it can be in Java. But no… Because its a big difference between int and Integer and due to the auto boxing and unboxing in Java 5 and up, the object Integer isn’t constant opposed to the scalar int.

Summary: A big deal with the SCJP is to teach the contestants how to work around some brain dead things in Java. Don’t get me wrong, i actually like Java, but the more i do in Ruby and the likes, the more some concepts in Java seem and are just wrong, like the for example not being all things equally objects.

Filed in English posts, Java | Comments (0) »

Patching wp-cache for more security

I use wp-cache on all my blogs all the time. No need waiting for being slashdotted or heised.

But wp-cache comes with a security flaw. It requires the webserver to have write access on $WP_HOME/wp-content/cache and $WP_HOME/wp-content. The first part is perfectly reasonable, the second not.

wp-cache creates it’s wp-cache-config.php in that place and edits this file consequently while being configured.

wp-cache comes with a sample config you can put in place. After that, chmod this file to 660 or something else that allows your webserver to edit it. Please don’t give your webserver write access to $WP_HOME/wp-content, especially not facing the current attacks on wordpress bloggers as described here.

I assume you know what your doing in the next step. All recommendations are tested and working with wp-cache 2.1.2. Open the file file wp-cache.php in your favorite editor, navigate to line 471 in function wp_cache_verify_config_file and change the following code

if ( !is_writable($dir)) {
    echo "<b>Error:</b> wp-content directory (<b>$dir</b>) is not writable by the Web server.<br />Check its permissions.";
    return false;
}

to

/*
if ( !is_writable($dir)) {
    echo "<b>Error:</b> wp-content directory (<b>$dir</b>) is not writable by the Web server.<br />Check its permissions.";
    return false;
}
*/

Alternatively, you can use the file i prepared: wp-cache.php. Rename it from *.php.txt to *.php and replace the old file with it.

Read more about the attack on wp blogs here. It’s shown that the attackers create a subfolder in your wp-contents. So it’s essential to chmod this folder to 0755 or even better to 0555 if you’re paranoid and only change it if you upload updates.

Filed in English posts, Wordpress | Comments (0) »

JDBC: Autogenerated keys revisited.

Some months ago i wrote about retrieving auto generated values with JDBC from an Oracle Database: JDBC: Get autogenerated keys on a Oracle DB.

The solution i presented in the previous article doesn’t run in a Oracle Java Stored Procedure.

To accomplish this, use a callable statement like this:

final String sql = "BEGIN INSERT INTO foobar(id, b) VALUES (id.nextval, ?) RETURNING id INTO ?; END;";
CallableStatement cs = connection.prepareCall(sql);
stmt.setString(1, "bar");
stmt.registerOutParameter(2, Types.INTEGER);
stmt.executeUpdate();		
rv = rs.getInt(2);

This way you get the id generated by the sequence id without first selecting and then using it.

Filed in English posts, Java | Comments (0) »

WordPress 2.5 and http error codes

Am i the only one who’s annoyed that WordPress 2.5 sends a http 500 code if a commentor doesn’t fill in all required fields? Any Internet Explorer 6 or 7 user won’t see any error message but a “this page cannot be displayed!” page. Stupid decision.

Otherwise, the update went smooth as far as i can tell.

Edit: Oh dear… To me it seems that IE6 shows a browser default page everytime and IE7 sometimes displays the WP error page and sometimes not. If anyone can confirm this?

Edit 2: It’s silly. The Internet Explorer masks all 500 pages if their content is below a threshold of 512bytes with “User friendly messages”. User friendly your mom. The user can turn this off as described here but i don’t think that all IE users will do this just for the WP bloggers.

Summarizing it: It’s a plain stupid idea to use the http error 500 code for errors generated by user input as some users just cannot read them as the messages are not displayed to them.

Filed in English posts, Wordpress | Comments (6) »