Jory's blog

Changing hosts

Jory — Sun, 15 Jun 2008 21:06:03 +0000

While I am perfectly happy with my current host, A Small Orange, I have decided to switch to a local host ran by a friend of mine called Huizinga Hosting & Webdesign (If you’re Dutch, reading this and looking for hosting: consider this company. Reasonable rates by any standards with great uptime, low loads and a phonenumber that is awnsered by somebody who actually knows what he’s doing, not some €5 an hour muppet who doesn’t know much more then how to pickup the phone and then get you to hang up asap. )

I make a backup of my cPanel user account at ASO a few days ago and, with the help of Bas, the previously mentioned friend, converted it into Direct Admin format and “restored” the account. After the almost flawless conversion (it lost my email forwarders) I changed the MX records at ASO and have been sending and receiving emails using my new host’s server ever since.

After a bit of checking, it seems my website got converted perfectly as well. (Heck, wordpress even remembers I am logged in.)

A registar transfer request was filed for my domain name and it should begin the 17th. (Bleh, first you have to ask your host for some code, then you have to click some link in an email to say you want to move, then you have to not click a link in another email and wait for that to expire.) So, starting the 17th~18th, everybody should be getting my website as it is served by my new host. Not that you’ll notice much, as it will look exactly the same.

Anybody still reading is probally wondering by now what the point of this entry is. Its OK if you can’t figure it out, because I don’t really know what the point of it is, either. I’m gonna hit “publish” regardless, though.

New theme: Big Blue 0.1

Jory — Tue, 27 May 2008 10:40:16 +0000

As you can see, I’m using a new theme. It is Big Blue 0.1. I was kinda getting tired of the previous theme and still suck at making my own, so giving the WP Theme Viewer a try was my best (read: easiest) option. I’ll probally try to tweak it a little, as right now, about 40% of my screen isn’t being used. Chances of increasing the width being an improvement are only so so, but thats what the undo button is for.

Oh, and those wondering whats up with changing the theme of an unused blog: I do plan to blog more. I’m just rather busy doing all sorts of things, none of which are blog worthy. :/

Tricking browsers that are storing passwords

Jory — Sat, 09 Feb 2008 15:55:53 +0000

For a system that I’m working on that I plan to, at some point, release as open source product, I am going to implement a system so that, to get the specific pages, you need to enter your password even if you are logged in. If you do, you will remain “super-authed” untill you close the browser. This would prevent, ie, my little sister to use my laptop, go to my website and have full power because I’m still logged in. But as I was working on it, a question arose: How good is this, taking into account that most people will just end up storing the password in their browser. Obviously, there are ways around that. (Using a random name for the password field each time is probally enough.) But, by doing that, I will be breaking browser functionalities. Do I really want to do that?

Error reporting

Jory — Sat, 29 Dec 2007 20:30:45 +0000

This has been a draft for a while, so things are probally outdated but I’m still wondering about this, so here goes…

I have been doing a lot more PHP lately then I have in a long while and that, plus the prospect of a pretty big project I will hopefully start on during the summer, made me think a bit about error reporting. I’m not talking about E_ALL vs E_, err, 0. I’m talking about what to tell the user when either (s)he or the application screws up.

As explaining is easier by example, here’s one: your application has a login section which grants access to who knows what. A user wants to log in, has the correct username but the wrong password. Do you simple tell them “invalid credentials” or is it something along the lines of “Sorry, $prettyusername, but the password you provided does not match the one in our database. You may try again[link to #login]. You can also recover your password[link to password recovery]“?
From where I stand, both have there up- and downsides. Just telling them they didn’t enter valid credentials isn’t anywhere near userfriendly, but if the user is someone who is trying to break into the application I don’t want to tell them anything.

So, what is more important, being friendly to your users or giving people that try to break in as little help as possible?