webhosting

Drupal stuff

The Poorhouse uses a content management framework called Drupal. Drupal is great. It may be a bit complex to get your head around at first, but it is ultra flexible, modular, decent user community and so on.

This page will contain links to a few notes the Poorhouse has made during the adventure into Drupal, mostly so the Poorhouse can remember what he did if it needs doing it again, but maybe, just maybe, it'll be of interest to other avid readers.

Converting Drupal Acidfree module to mySQL 3.x

See here for an explanation. Basically, this is how thepoorhouse.org.uk converted the Drupal module "Acidfree" which is designed for mySQL 4 and above to run on mySQL 3.

Converting Drupal Workspace module to mySQL 3.x

See here for an explanation. Basically, this is how thepoorhouse.org.uk converted the Drupal module "Workspace" which is designed for mySQL 4 and above to run on mySQL 3.

Drupal modules on mySQL 3

The Poorhouse tends to use cheap hosting...which whilst bargainous, means you don't get the latest and greatest software. Most importantly here, it only has mySQL 3.x. mySQL 3 is missing a few features, including the UNION sql operator. Whilst this is fine for Drupal core, some of the modules rely on its existence. Which is fair enough all considered - but annoying for us.

Two such modules are Workspace and AcidFree. Both very useful, but required some faffing around to transform into something mySQL 3 compatible. In case anyone is in a similar situation, here's what was done to make them work to an acceptable standard.

Faking your web browser headers

When you go cruising the web bit of information superhighway with your magic Internet Explorer (or something else if you have better taste), your browser often spills out bits of information about your setup which is then accessible to website authors if they so wish. This is how sites such as this one can tell you things about what browser you are using amongst other kind-of-private information.

This is because behind the scenes your web browser transmits various textual headers to the server hosting the webpage. At a minimum it has to transmit the name of the webpage it wants to download. This command looks something like:

GET /mydirectory/mypage.html HTTP/1.0

Webform spam again - stop injecting

Non-medical injections are rarely a good idea; even when they're fun. This general life-rule is upheld in the domain of email headers too. Nefarious webform spammers are now abusing forms to not only (or necessarily) annoy the webmaster concerned, but rather use them to transmit email elsewhere. The Poorhouse imagines this will only increase as more and more people realise the need to lock down their mail servers from being an open relay and hence spammers need turn elsewhere to continue their evil.

The technique discussed here is known as email header injection as it consists of the spam-menace adding extra headers to the email that your webform will send to make it behave in ways that it really shouldn't; the obvious candidate being to send the form's "feedback" to a million innocent recipients rather than the single person that the webform designer had in mind.

Cut down on webform spam

Spam...the curse of the modern webmaster - and everyone else. Long gone are the days when replacing any email addresses on your website with lovely looking contact forms would prevent spam. Now the Evil Empire of email abusers have invented ways of clicking the "send" button a million times, and worse.

So how to reduce the onslaught? It's not hard to write code that says "don't send a message", but the problem is differentiating between messages that should be sent and those that shouldn't.

If the spam isn't out of hand, one idea is to try and analyse the patterns of the spam you are getting via your webforms. To do this, there are several "server variables" you can play with. These include things like what web browser your potentially nefarious site visitor is using, what their IP address is and what webpage sent them to the current page. Sadly for this application, most of this info can be faked or not given out by especially evil and/or privacy concerned people, but it may help stem the flow nonetheless.

SERP (hic)

Whilst the Poorhouse likes to conserve bandwidth costs by ensuring no-one ever locates this "treasure trove" of information, apparently some crazy webheads care whereabouts in the search engine results their website comes. As a gesture to those who do, there is an interesting tool from 1-hit.com, a search engine optimisation type company, that allows you to see your site as a search engine does.

This is useful to ensure all your l33t code isn't making things hard for the poor hardworking googlebot. The tool also checks your links are working and offers various random-but-targeted bits of advice. It also shows you what your entry might look like should someone stumble on your site on the big boys' search engine.

How to enhance your trial-and-error webdev experience

An exCSSively useful menuAn exCSSively useful menuIn recent times, the Poorhouse has gained a new favourite extension for Firefox. The Web Developer extension, which works on Firefox, Flock, Mozilla and Seamonkey web browsers contains far-too-numerous to list that aid the creation of one's own pages, and dare it be suggested the deconstruction of other people's pages - all in the name of research naturally.

A few favourite features include the ability to immediately disable various features of pages such as redirects, Javascript etc., validate any code under various standards, manipulate forms and images, resize the browser window to standard screen-size resolutions and a whole host of information gathering / layout visualising options.

Frozen FTP - be less active

In recent times, the Poorhouse has experienced trouble with FTP transfers that appear to freeze, not even letting you see what is on the remote server. In its usual graceful form, slightly old versions of Windows we had the pleasure of using just froze when trying to use Internet Explorer or the command line "ftp" to access a certain ftp site for a swift transfer. Of course, not a useful error message in sight. The problem wasn't even solved by using a proper FTP program per se goddamnit.

Syndicate content