Style vs. Substance

The previous form submit issues with IE post has generated some conversation in the post comments. In the original post I looked at the situation where you have a form with just a single text input and a submit button. The conversation developed to look at the situation where you have a form just with a single text field, no submit button at all. I did some hacking and came up with a fix which I thought warranted a new post.

To lay things out, single text field, no submit button. Type into the field and simply hit ‘enter’ is what we’re going for… in IE

Read the rest of this entry »

Ran into an (other) interesting Internet Explorer bug. Seems that if you have a form with only a single text input, hitting the enter button will not submit the form in IE.

Read the rest of this entry »

Just put up the new version of my php calendar class (version 2.7).

Read the rest of this entry »

A couple of calendar class users have noticed a problem with the first day of the month when using the class with versions of PHP earlier than 5.1.0. The issue was introduced with the last upgrade when I switched to date(”N”) for calculating the day that the first of the month falls on. date(”N”) was added in PHP at version 5.1.0 so earlier versions will have this problem. The quick remedy appears to be switching things back to use date(”w”) for this calculation.

Sorry for any inconvenience this may have caused people. I’ll have a fix in the next couple of days to address the issue fully.

So I spent a few days last week helping a client locate the source of a server compromise. The point of attack turned out to be a very poorly written php script. Apparently miffed by the initiative to turn register globals off, and yet too lazy to directly call only the variables that were supposed to be passed legitimately, the author of this script used a method I’ve seen a few times before. Basically you loop thru either GET or POST and use PHP’s variable variables to assign anything there to a local variable. Anytime you’re using variable variables you need to be extremely careful, even more so when you are creating variables from user submitted values.

Read the rest of this entry »