- 10 Usability Crimes You Really Shouldn’t Commit – Nice and easy list to follow. I fixed a silly problem on my site this morning courtesy of the reminder.
- Clients From Hell : The client calls around 9 PM on a Saturday… – “[very angry] I am reading your email in disbelief. You are the webmaster – how can there be an aspect of our website that you have no control over?”
- Why You Can’t Work at Work | Jason Fried | Big Think – This is a great video on office workspaces. As an aside, Jason Fried's voice and style of talking remind me a whole lot of Dane Cook.
- Cupid’s Hunt, 2010: Love Me On The One – EJ Flavors – So what if I'm three weeks late to the Valentine's Day party? It's a very nice mix of music. I really liked Jose James's "Love Conversation".
- Slaying relational dragons – Great piece on an appropriate use of document DBs. I really could have used this about a year ago for a ground-up project I did at work that had ridunkulous queries. The comments have great discussion of OLTP vs OLAP vs. Doc DB and whether Ayende's approach is an anti-pattern.
Monthly Archives: March 2010
I’ll be damned – more WP trouble
I was fixing a webcomic issue on Greg’s blog, and I’ll be damned if from one minute to the next, it didn’t suffer from an index.php injection, too. This is weird as hell. A bunch of spurious content appeared on his homepage, although clicking through to those posts showed the correct content.
It may be time to look for alternative blagging software. Unfortunately, there are a lot of nice features that I use in WP.
They Might Be Giants. Maybe.
I got to see them last weekend in Hotlanta, GA. Pretty good show, although it had a more “indie” feel than I was expecting. I guess Greg‘s idolization of them leads me to think of them as a fairly major/big-label group, which they aren’t.
They put on a good show, even though I’m never a fan of a performer looking bored as a way to look “cool”, which the accordion guy pulled. Dude, get crunk. You play an accordion.
Greg and I missed JoCo‘s opening act due to some stupid traffic in South Carolina, but I should get to see him when I go to the Charlotte version of the concert this Wednesday with Nathan and Michael.
While Greg’s off gallivanting around in San Fran, I’m going to be seeing two of his favorite musicians perform.
WordPress PHP injection?
I just found a creepy case of injection in my index.php file. I noticed this morning that my homepage was throwing a “headers already sent” message pointing to index.php, line 10 when it wasn’t cached by Supercache. A reload of the page cleaned it up. But my RSS feed (which currently goes through Feedburner) was also trashed, and /feed wasn’t redirecting. All with the same error. Disabling Supercache fixed the homepage warning, but not the feed.
Being PHP awesome, I checked index.php for trailing whitespace, and found this snippet of code above the standard WordPress code:
That’s a problem. That forum file is, as you might expect, a crap ton of links and some JavaScript.
A few things to note:
- My SSH/bash history is complete and untouched. That is, I can see back for weeks, and all the commands are mine. So it doesn’t seem to be that sort of break-in.
- I just upgraded to WP 2.9.2 yesterday through the admin console. Likely culprit? Probably.
Can’t say for sure what it was, since I didn’t do more than a cursory check after I upgraded. The homepage would have been cached, so I wouldn’t have seen the warning there.
I suppose I should report this.
Dreamworlds
A snippet of what seems to be a really good video on the “dreamworld” of modern music videos: