Schinckel.net

For some time, since the XMLRPC file was updated, posting to Blogsome via the XMLRPC interface has been broken. It works, but extraneous slashes are inserted before quotes and apostrophes. I’ve been lucky enough to get my dirty little mitts on the source code, on a test server, and have come up with what may be a fix. The good folks at Blogsome (I think) replaced the dodgy, broken version of XMLRPC.php with one that prevented some problems with a security hole. However, this version of the file came from a more recent WordPress installation. The version of WP-µ that Blogsome uses may not have actually been vulnerable to the problem that the XMLRPC file could have caused, because of this code:

1         // Do some escapes for safety
2         $post_title = $wpdb->escape($post_title);
3         $post_name = sanitize_title($post_title);
4         $post_excerpt = $wpdb->escape($post_excerpt);
5         $post_content = $wpdb->escape($post_content);
6         $post_author = (int) $post_author;

However, the new XMLRPC file also escapes everything. So everything gets escaped twice, causing the quotes to be double-escaped. So, I replaced the above code with the code from the new version:

1         // Get the basics.
2         $post_content    = apply_filters('content_save_pre',   $post_content);
3         $post_excerpt    = apply_filters('excerpt_save_pre',   $post_excerpt);
4         $post_title      = apply_filters('title_save_pre',     $post_title);
5         $post_category   = apply_filters('category_save_pre',  $post_category);
6         $post_status     = apply_filters('status_save_pre',    $post_status);
7         $post_name       = apply_filters('name_save_pre',      $post_name);
8         $comment_status  = apply_filters('comment_status_pre', $comment_status);
9         $ping_status     = apply_filters('ping_status_pre',    $ping_status);

My test blog (which isn’t available to the public, as it’s on another server) seems to be coping well with this, I think I’ll publish a heap of entries to it and see how it holds up. I’m hoping that Ronan will be able to have a look over these changes, and hopefully we’ll see the Quote Escape bug gone, for good, very soon! Update: Apparently I didn’t do enough checking. The filters that are called don’t actually exist, so no escaping is done. That will teach me for going off half cocked. I will try to implement the new filters used by this version of the code, but we’ll see.

This isn’t really a full review or comparison, just a few quick notes. I downloaded the demo version of iMediaView Pro, and ran it. I let it import all of my iPhoto library, and was fairly disappointed it didn’t automatically albumize them according to my iPhoto albums. I must say I don’t like the interface nearly as much as iPhoto’s. iPhoto is pretty much a great program, except it’s dog slow whenever you try to do anything. But it’s simple to use, and really has all of the cataloguing features I need right now. I just use a Smart Playlist to list every photo that doesn’t have an album, and create a new album each time I import photos, and add them all to that. Now that iPhoto has folders, I can have a level of hierarchical organisation. And iPhoto has built-in capabilities to view photos by date of creation. If only it wasn’t so. damn. slow.

iTunes Music Store Australia is here. Since you need to sign up to even get access to the free music, I had to enter my Credit Card Number. It didn’t work. Three times. Apparently you need to actually have money in there for it to work.

Apparently, it’s possible to use JavaScript to preload images. checked = new Image(); checked.src = "/images/true.gif"; unchecked = new Image(); unchecked.src = "/images/false.gif"; This is better than doing the CSS trick display:none;, as this doesn’t always preload in every browser.

Click Restart to finish installing the software.

Why the hell do installers still insist on me restarting my computer after I install some software. I want to shut down, as it’s 11:30 at night, and I don’t want to have to wait for it to start up. Yet, when I installed the latest update to Missing Sync, it tried to force me to restart. Doesn’t it realise that at shut down is like a restart with a rest in between? Fuck crappy installer software… I’m going to bed. Thank god for Force Quit. • Oh, and while I’m ranting: Fuck Opera for thinking that having a custom menu appear when you double-click on some text is a good idea. Nothing ever did that before. How is a user supposed to know that? How am I supposed to be able to override this so I can have my own action happening on a double-click? It makes little sense for me to limit a user to my auto-select on a single-click, as they may not want all of my code at once. However, the only way for me (other than to implement a link or button that can be clicked on) to allow for auto-select is by double-click. Which doesn’t work on Opera. I hope they go out of business. Just for this. Bastards. Which reminds me of the old “Bastards Incorporated.” sketches on the Comedy Company. Ahh, funny 1980s Aussie Sketch Comedy. “Guddayandhowareyoutoday?” • Oh, and OmniWeb doesn’t play like the other browsers, it won’t run all of my nice toolbox scripts. Yet. Oh, yes it does – I just hadn’t logged in. Fuck being tired.

I’ve put the current contents of my template files up on this page. You’ll always be able to find the latest version of my templates there.

I’ve got an interesting little challenge. I need to be able to programmatically change the document selection, as in the text that is selected, not a select box or anything like that, using JavaScript. Basically, I want to repeat the effect that appears on the Google Adsense site, where selecting in a textarea selects the contents of that text area. But I want to do it with just a random element. It’s easy with a TextArea, but I want my element to maintain it’s lovely formatting. I’m not actually sure I can do it. With IE, I can set it up to copy the text to the clipboard, but not select it.

This one tickled my fancy, so to speak. See more on PostSecret. For Jason: No Panties

Here are some interesting Smarty equivalents of WordPress functions I hadn’t come across before:

• {get_lastpostdate} or {get_lastpostmodified} – returns a timestamp, such as 2005-10-16 07:10:51 that contains the last post date. {get_lastcommentmodified} is identical, but for the last comment.
• {human_time_diff from=n to=n} – similar to a script I wrote about, and implemented. Limited in that it only does days, not any larger unit. Advantage: done by the server, doesn’t ‘flash’ changing text via JavaScript, neater than my Smarty version.
• {get_day_link} – much neater than the version I was using! Generates the URI as described. Also {get_page_link}, {get_year_link}, {get_month_link} and {get_feed_link}.
• {globalvar var=varname value=value} – makes a value a global PHP variable. Very interesting…

This looks promising. Shark is a tool that can be used to profile code. I haven’t done any serious profiling since some python script I was working on years ago on BeOS. Daniel Jalkut has a nice post, Shark Bites Script up on his blog, on how to use Shark to profile AppleScript code. Since I’ve been doing a bit of AppleScripting lately, and I have some code that is in serious need of optimisation, this might be worth a second look.