The new RTL Hrvatska website has been redesigned recently. And re-coded. It’s looking fresh and whatnot, but I’m not gonna talk about the site’s design. Well, not visual design anyway.

I’d like to talk about the importance of knowing what the f**k you’re doing if you’re getting paid to do it.

Why? Here’s why: http://www.rtl.hr/data/zyt.was.here.html

Big deal, eh? Well, here’s another gem:

total 84
drwxrwxr-x  14 trikoder trikoder 4096 Nov 13 12:23 .
drwxrwxr-x   5 trikoder trikoder 4096 Sep  3 13:49 ..
-rw-rw-r--   1 trikoder trikoder  266 Nov 13 12:23 .htaccess
drwxrwxr-x  17 trikoder trikoder 4096 Sep 12 17:13 _templates
drwxrwxr-x   2 trikoder trikoder 4096 Sep  8 12:42 admin
...

That’s the begging of rtl.hr’s public_html directory listing in case you’re wondering. No, I don’t have FTP access. Yes, I did manage to run a remote code execution exploit. With nothing else but a web browser.

Takeaway lessons for the Trikoder crew (the guys responsible for the new site):

• disable register_globals
• keep your external libraries up to date!

Good luck and Godspeed, you’ll need it!

P.S.
The Trikoder crew has been contacted with full details on what’s wrong, how to fix it etc.

Just a quick braindump of my first impressions using Google Chrome.

Download and install went smoothly. It tried importing Firefox settings, but required closing all Firefox instances to do so. So I skipped the import through a dialog or two.

The installer automatically set all the language and regional settings to Croatian. Since croatian interface freaks me out, that had to be changed. The wrench icon is your friend here.

The UI is spiffy and smooth. Transitions occur (try pressing “ctrl + b”, show/hide the bookmarks bar). It’s probably a safe bet it’ll be skinnable at least to some extent.

The home button is hidden by default. Wierd. A trip to the options menu and that’s fixed:

The home page is obviously going to be able to integrate google gadgets at some point. If it’s not already available…

I don’t see any “feed indicators” for pages that have RSS autodiscovery enabled. That sucks. No integrated feed reader either…
Navigating to an RSS or XML feed produces raw unstyled feed contents. I’m suspecting Google Reader integration (or something to that effect) is in the works…

Once you start the app, two chrome.exe processes spawn, I’m guessing one is the master, and the other one is responsible for handling your first open tab. As soon as you type in an address, a third process spawns. Which is sweet, you can check each site’s memory usage separately, and this is gonna be useful.

If you maximize the chrome window, the small google logo (which is otherwise placed right next to the min/max/close window controls) disappears, and the window bar shrinks a bit vertically.

Flash works. Cool.
Something is fishy with it, though. Noticing CPU usage spikes when hovering over flash content, gotta test more. Preliminary tests show it might be wmode=”transparent” related…

Since it’s based on Webkit, all the developer goodies are there: js debugger, dom inspector, resource inspector etc.)

Umm… double click on the window title bar maximizes the window. That’s expected. The problem is in my developed habit of double clicking right next to the current tab to create a new empty one.
“Ctrl + t” keyboard shortcut works out of the box though.

The way that the domain name is differently colored is cool:

And the https:// red thingy on invalid or non-trusted certificates is also nice:

The task manager (Shift + esc) shows highly useful stuff:

With a much detailed breakdown of memory usage available — either click “stats for nerds” in the lower left corner of the task manager, or type in “about:memory” in the address bar.

The About window reveals the User-Agent string, and also automatically checks for updates:

All in all, it looks & feels promising. A definite sign of interesting times ahead for everyone involved.

The whole web is buzzing about Google Chrome, the comic is full of sweet-talk and promises of great user (and developer) experience, and other stuff that makes devs wet their pants a little.

All the goodness will, of course, be available only to some countries… The google blog post mentions 100 countries. Which ones, though, is still a mistery. Can’t find any info at the moment. The chrome site was cached by Google itself, but I’m not able to get to the cached pages (at least from google.hr or google.com).

The Windows beta is to be released today, the press conference is at 18:00 GMT according to the Wikipedia page… Fingers crossed that Croatia makes the 100 countries list…

UPDATE: Weee, it’s available for download!

Here’s some more links:

• A Reaction from John Lilly, Mozilla CEO
• Google chrome screenshots
• Wikipedia: Google Chrome
• CNET coverage

From Devshop: An ode to developers everywhere. We feel your pain… Awesome.

Imagine the horror of regular users having this nicely designed modal dialog shoved to their face upon arriving to a website:

Those fortunate enough to know better go for the cancel button immediately.
But Zango takes care of them! Upon hitting cancel, the unsuspecting masses are presented with this lovely confirm dialog box:

The confirm dialog states:

Are you sure you want to cancel? Zango content on this and other websites is free if you install Zango programs. You can easily uninstall Zango via Add/Remove Programs. Click “OK” to cancel, or click “Cancel” to continue the installation and get free access to Zango premium content and websites.

Brilliant.

I’ve finally had it with all the bullshit they tried to push into it over the years… And it used to be such an awesome piece of software, back in the days. Uninstalled. For good.

It seems inevitable — (almost) every good piece of software starts sucking once it gets bought by the big guys — the marketing beast starts creeping in…

Can anyone recommend a good non-bloated multimedia player (for music pleasure mostly), other than iTunes or Windows Media Player?

Calling all designers, developers, information architects, project managers, writers, editors, marketers, and everyone else who makes websites. It is time once again to pool our information so as to begin sketching a true picture of the way our profession is practiced worldwide.

A List Apart: The Survey, 2008

Photo taken from Sasa Lazic’s portfolio on Art Limited

wake up son o’ mine
momma got somethin’ to tell you

changes come
life will have its way
with your pride, son
take it like a man

hang on son o’ mine
a storm is blowin’ up your horizon

changes come
keep your dignity
take the high road
take it like a man

listen up son o’ mine
momma got something to tell you
all about growin’ pains
life will pound away
where the light don’t shine, son
take it like a man

suck it up son o’ mine
thunder blowin’ up your horizon

changes come (changes come)
keep your dignity (keep your dignity)
take the high road (take the high road)
take it like a man (take it like a man)

momma said like the rain
(this too shall pass)
like a kidney stone
(this too shall pass)
it’s just a broken heart, son
this pain will pass away

Alternating with the original is the version from V is for Viagra - The Remixes: Momma Sed (Tandimonium Mix)… Can’t decide which is better.

Disclaimer: It’s a hack, but it worked :) You’re doing this at your own risk! Copying raw Mysql database files may corrupt your data to the point of no return!

First, a little background information: we’ve been using OpenAds / OpenX even back in the days when it was called phpAdsNew.

Last fall (septmeber to be exact) we’ve launched a new website, that ran OpenAds, a Vbulletin forum, and a custom CMS / application for other parts of the site.

At the beginning a single server was able to handle it all. Recently, however, the site usage grew, and the OpenX database grew to around 1.5GB in size, serving around 7 million ad impressions per month.

A new server appeared and it was decided we’re gonna move OpenX to its own dedicated machine.

Trying to dump the database contents to .sql files was proven to not be doable (without taking the server down for maintenance, which we felt was not good for our users). We wanted to migrate it without taking the server down and users noticing anything (if possible).

So, another solution was to be found, and here’s how we hacked it, in case someone else finds themselves in a similar situation:

• create a new empty database on the new server
• scp the raw *.frm, *.myd and *.myi files from your old server’s mysql data dir to the newly created db’s data dir on the new server
• chown the newly copied files to the appropriate user/group under which mysql is running on the new server (if different from the old one)
• run mysqlrepair –database new_server_db_name –repair (see http://dev.mysql.com/doc/refman/5.1/en/mysqlcheck.html for more info and options)
• scp the OpenX files over to the new server and chown/chmod appropriately
• modify the OpenX config file in var/ if you’re changing the server’s public address and stuff like that

And that’s it. Everything worked after that.

After seeing that it all works, we upgraded to the latest OpenX release (2.4.7 at the time of writing) by just following the upgrade docs from the manual.

Once again, keep in mind that copying raw db files might cause MAJOR PROBLEMS, incompatibility issues, data inconsistencies etc.

You’re doing this at your own risk. Make sure that the Mysql versions are the same on both servers.