Archive for March, 2008

Spry Email Validation

Posted by Brian in Programming on March 31st, 2008

First you have to include the js and css files for the spry framework. In this example taken from the spry demos we have two files. Both are designed for text fields.

<link href="../../widgets/textfieldvalidation/SpryValidationTextField.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="../../widgets/textfieldvalidation/SpryValidationTextField.js">

The actual form field will be wrapped in a div or span tag with an id. Any messaging then gets its own span class within the div.

<div id="theTitle">
<input name="movieName" type="text" id="theMovieTitle">
<span class="textfieldRequiredMsg">Please enter a title.</span>
</div>

Below the form on the page, the following scripting is added. This will validate that there is a correct email typed into the text field. Validating on change checks the field on each character entered. For emails it would be better to validate on blur. The user will not get constant reminders as they type.

<script type="text/javascript">
var theTitle = new Spry.Widget.ValidationTextField("theTitle", "email", {useCharacterMasking:true, validateOn:["blur","change"]});
</script>

Notice that there's no Regex on the screen. I didn't need any, the Spry framework took care of it.

email, Spry, validation

1 Comment

iWoz Review

Posted by Brian in books on March 29th, 2008

iWoz was an interesting read. He basically spoke the book and his co-author put his ramblings into print. The book reads like he talks, so the style took a few pages to get used to.

It is a very good insight to the beginning days of computers. Before reading the book, I really had no idea what it was like 30+ years ago.

I had an Atari in the 70’s. I remember the Pong and Breakout games. I’ve never linked those games and systems to what would become the personal computers of today. The book details the journey from hand drawing the chips on paper, through games like Breakout to the Apple I and II.

Steve Wozniak is a gifted engineer and visionary. I recommend reading this book to get a better insight on the man and process behind the first personal computer.

Apple, books

No Comments

Photoshop Express

Posted by Brian in Image Editing, Software on March 28th, 2008

Adobe released Photoshop Express.

Looks like a very slick flex application. Similar interface to the share site that Adobe has to share documents.

I have limited photos at work, but I’ll continue to play with this over the weekend. It seems to have improved photo editing capabilities and it can login into Picasa/Facebook/Photobucket and get pics from those apps.

Nice job adobe.

Adobe, Photoshop, Photoshop Express

1 Comment

Hacker Super Bowl

Posted by Eric in security on March 27th, 2008

At this year’s CanSecWest, there are three computers set up for open hacking, one running Vista, one running OSX, and one running Ubuntu Linux. Hacks must be done with a new zero-day exploit (that is, it can’t be an already known-about crack).

Organizers have worked to make the attack surface area the same on each system. That’s important because each OS comes with a different amount of pre-installed software — from Vista’s “it’s up to you to install anything useful” to OSX’s “We’ll give you a common set of simple tools” to Ubuntu’s “What do you want to do today? It’s already installed or available with a click.”

Day 1, the cracks must only be done over the network in non-user-interactive mode, and the prize is $20,000
Day 2, the cracks must only be done against software which is already installed, but it can involve tricking the user. Prize is $10,000
Day 3, the cracks can be done against a suite of commonly installed software, but the prize is only $5,000.

Update: Two minutes into day two, the Macbook Air was the first of the three systems to fall, due to an exploit against Safari.
Update 2: Late into the third day, the Vista laptop fell to a exploit against Adobe Flash. Ubuntu wins the contest.

Linux, OSX, security, Windows

2 Comments

Regular Expression for Validating Email Addresses

Posted by Eric in Programming, Regular Expressions on March 27th, 2008

This is the regular expression I use to validate email addresses:

^[&'*+\/=?^_{}~a-z0-9.-]+@([a-z0-9-]+\.)+[a-z0-9]+$

Thought it might be useful to some folks. Most email validation regular expressions fail to allow all the valid characters before the @ sign (for example, you can have a +, an & slashes, a single quote, =, ?, ^, _, {, }, ~, *).

In ColdFusion, you can test an address with:

<cfif ReFindNoCase("^[&'*+\/=?^_{}~a-z0-9.-]+@([a-z0-9-]+\.)+[a-z0-9]+$", emailAddress)>

In Javascript, you can test with:

if (emailAddress.match(/^[&'*+\\/=?^_{}~a-z0-9.-]+@([a-z0-9-]+\.)+[a-z0-9]+$/i))

In PHP, you can test with:

if (preg_match("/^[&'*+\\\/=?^_{}~a-z0-9.-]+@([a-z0-9-]+\\.)+[a-z0-9]+$/i", $emailAddress))

email, regular expressions (regexp)

2 Comments

Real Time Command Execution Feedback

Posted by Eric in ColdFusion, Programming on March 27th, 2008

Did you ever write a utility ColdFusion script which uses <cfexecute> to run a command and send output back to the browser? It makes for convenient and monitorable remote execution of certain repetitive tasks. My most common use for this sort of thing is for example an rsync process which can be invoked from anywhere in the world, and most recently I’ve been working with Selenium-RC to set up regression test scenarios which can be initiated by business users and business analysts without having to have Selenium IDE installed or know how to use it.

I’ve always found it frustrating though when the task is long-running, and potentially error-prone to not know the success or failure, until the entire command has been executed, and even more frustrating not knowing if it has hung up for some reason today, or does it just have a lot more work to do today than normal?

This little snippet will use Java runtime to capture and pipe the output of the program back to the browser in real time. There’s a couple of caveats surrounding needing to not be used inside a forced-buffer area (like <cfsavecontent>), but otherwise this should work just fine. That means you can’t really use it inside most modern CF frameworks which depend heavily on <cfsavecontent> and the like.

Standard input (stdin) is shut down right at the start of execution; if you wanted to interact with the program in some way (such as to script some responses to prompts), you could undo that and write to it. Standard output (stdout) and standard error (stderr) are sent to the browser and flushed in nearly real time (stderr outputs in red to boot). I use a non-busy sleep via a Java thread to check in on the running program once a second for new output. Return value is a structure containing the elements exitValue, stdOut, and stdErr, so you can do further processing with it after the fact.

Anyway, enough blather, here is the code. This is not hyper-efficient (too many string concatenations and HTMLEditFormats), so I don’t recommend you use it in any high volume situations, especially if there’s a lot of output expected from your command, but it’s been sufficient for my needs.

<cfscript>
function executeRealTime(script) {
var runtime = CreateObject("java","java.lang.Runtime").getRuntime();
var thread = CreateObject("java", "java.lang.Thread");
var process = runtime.exec(script);

var inputStream = process.getInputStream(); // Std Out
var errorStream = process.getErrorStream(); // Std Err
var outputStream = process.getOutputStream(); // Std In

var continueLoop = true;
var count = 0;
var x = 0;
var char = 0;
var outputReceived = false;
var result = StructNew();

// We are not passing any std in, close it in case this process is waiting for user input
outputStream.close();

result.stdOut = '';
result.stdErr = '';
result.exitValue = -1;

writeOutput("
<pre>");
	while(continueLoop){

		try {
			//this will throw an exception if the process hasn't exited yet.
			process.exitValue();
			continueLoop=false;
		}catch (Any e){}

		outputReceived = false;

		while(inputStream.available() gt 0){
			outputReceived = true;
			for (x = 1; x lte inputStream.available(); x=x+1){
				char = inputStream.read();
				if (char gte 0){
					char = chr(char);
					result.stdOut = result.stdOut &amp; char;
					writeOutput(HTMLEditFormat(char));
				}else{
					continueLoop = false;
				}
			}
		}
		while (errorStream.available() gt 0){
			outputReceived = true;
			writeOutput("<span style="color: red;">");
			for (x = 1; x lte errorStream.available(); x=x+1){
				char = errorStream.read();
				if (char gte 0){
					char = chr(char);
					result.stdErr = result.stdErr &amp; char;
					writeOutput(HTMLEditFormat(char));
				}else{
					continueLoop = false;
				}
			}
			writeOutput("</span>");
		}
		if (outputReceived) {
			thread.sleep(10);
		} else {
			thread.sleep(1000);
		}
		flush();

	}
	result.exitValue = process.exitValue();
	WriteOutput("</pre>

Done (#result.exitValue#).
");
flush();
thread.sleep(1000);

return result;
}
</cfscript>
<cffunction name="flush"><cfflush></cffunction>

Example usage:

<cfset result = executeRealTime("rsync -rtv ""#SourceDir#"" ""#DestDir#"" ")>

ColdFusion, Java, threads

1 Comment

Book Review: Mastering Regular Expressions, 2nd Ed

Posted by Eric in Regular Expressions, books on March 26th, 2008

Mastering Regular Expressions, 2nd Edition
Author: Jeffrey E. F. Friedl
Publisher: O’Reilly
ISBN: 0-596-0289-0
Pages: 432

This book is one of those books that absolutely every developer of almost any language should own a copy of. If you were to take every technical book away from me but one, this is the one I would choose to keep.

When I picked up this book a few years back in Borders, I figured I’d glance through it and see if it had any syntax tables. I felt pretty confident in my regular expression skills, figured I knew most of what there is to know, but sometimes stumbled on syntax. More importantly periodically I encountered a bizarre construct in someone else’s regular expression, and these things are incredibly difficult to Google. Have you ever searched for (?<!? It doesn’t work out so well.

What I found inside when I first opened it was a well-explained, easy to follow, and fairly in-depth discussion of various regular expression engine types, and the relative strengths and weaknesses of each. Digging further, I found that Friedl went into substantial depth on each engine type, giving examples of the sorts of regular expression which would trip it up, and explaining the performance of that regular expression in this engine compared to that engine. This was Chapter 2.

So in reality, are you going to need to know that sort of detail on a day-to-day basis while working with regular expressions? It’s not very likely. You’ll test your regular expression in the engine available to you and discover that it’s fast or that it’s slow, and tune it accordingly. Usually you don’t get the chance to choose which regexp engine you’re going to use. However it demonstrates the absolutely astounding level of knowledge and detail that Friedl gets into with this book.

This sort of background knowledge helps assimilate the concepts he communicates in later chapters, though he’s such an excellent communicator that you can easily understand what he says in later chapters, even if you don’t understand the background of why it is so.

This is the first technology book I ever sat and just read. I can’t profess to have retained all or maybe even most of what I read, the information is simply too dense, but it fundamentally changed my understanding of regular expressions.

Snippet

Lookahead (?=•••), (?!•••); Lookbehind, (?<=•••), (?<!•••)
Lookahead and lookbehind constructs (collectively, lookaround) are discussed with an extended example in the previous chapter’s “Adding Commas to a Number with Lookaround” (p 59). One important issue not discussed there relates to what kind of expression can appear within either of the lookbehind constructs. Most implementations have restrictions about the length of the text matchable within lookbehind (but not within lookahead, which is unrestricted).

The most restrictive rule exists in Perl and Python, where the lookbehind can match only fixed-length strings. For example, (?<!\w) and (?<!this|that) are allowed, but (?<!books?) and (?<!^\w+:) are not, as they can match a variable amount of text. In some cases, such as with (?<!books?), you can accomplish the same thing by rewriting the expression, as with (?<!book)(?<!books), although that’s certainly not easy to read at first glance.

The next level of support allows alternatives of different lengths within the lookbehind, so (?<!books?) can be written as (?<!book|books). PCRE (and the pcre routines in PHP) allow this.

The next level allows for regular expressions that match a variable amount of text, but only if it’s of a finite length. This allows (?<!books?) directly, but still disallows (?<!^\w+:) since the \w+ is open-ended. Sun’s Java regex package supports this level.

When it comes down to it, these first three levels of support are really equivalent, since they can all be expressed, although perhaps somewhat clumsily, with the most restrictive fixed-length matching level of support. The intermediate levels are just “syntactic sugar” to allow you to express the same thing in a more pleasing way. The fourth level, however, allows the subexpression within lookbehind to match any amount of text, including the (?<!^\w+:) example. This level, supported by Microsoft’s .NET languages, is truly superior to the others, but does carry a potentially huge efficiency penalty if used unwisely. (When faced with lookbehind that can match any amount of text, the engine is forced to check the look-behind subexpression from the start of the string, which may mean a lot of wasted effort when requested from near the end of a long string.)

books, regular expressions (regexp)

4 Comments

S	M	T	W	T	F	S
				Apr »
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

B and E Blog

Archive for March, 2008

Spry Email Validation

iWoz Review

Photoshop Express

Hacker Super Bowl

Regular Expression for Validating Email Addresses

Real Time Command Execution Feedback

Book Review: Mastering Regular Expressions, 2nd Ed

Recent Comments

Categories

Archive for March, 2008

Recent Comments

Categories

Tags