Posts by Dani

Do what you want with your own personal website. It's yours to do what you want with. If people want to visit because they like what you offer, then fine. If they don't like it, they don't have to come back.

There's been some confusion about the flow, so here goes:

• Send the end user to /api/oauth and receive a code
• The code is one-time use; Exchange the code for a refresh token and an access token
• All access tokens always last for only 24 hours
• Store the refresh token on your end, and at any time, you can exchange it for a new access token

Nothing should be breaking the flow of existing apps, where you send the end user to /api/oauth, receive a code, and exchange it for an access token. If you keep sending the user to /api/oauth and getting a new code and a new first-use access token, then fine, that works for web-based apps.

The new advantage here is that, once receiving authorization from the end-user, the refresh token->access token exchange does not do any browser redirects or require anything on behalf of the end-user, you can have a perpetually working access token that can do things via cron jobs, etc.

This was posted in a behind-the-scenes forum yesterday, but here it is for everyone today:

There have been a LOT of changes so far, and more to come. Most of what's happened so far has dealt with OAuth. A lot more security on the backend and more in line with standards.

For the most part, the changes have been transparent, but there are a few things I'll bring to your attention.

Firstly, as you know, the end user authorizes the application and gives you a code. You can then exchange that code for an access_token. One of the changes is that in the past you could store the code and keep exchanging it for new access_tokens when they expire. Not anymore.

Keeping in line with standards, when you exchange a code, you're now given both an access_token and a refresh_token. You can only exchange the same code once, and then it stops working, but you can use the refresh_token to acquire new access_tokens when they expire. Unlike with the OAuth flow used to exchange code for an access_token, using your refresh_token to retrieve an access_token can be done offline (i.e. via your own backend script at any time without end-user intervention or browser access). This opens up lots more possibilities since you now have the ability to authenticate as the end-user without the end-user being near their browser.

The second big change, thanks to Sanjay, is that the serverside OAuth implementation now allows for a desktop flow, which should make …

We now have a new flow that allows for desktop applications!! :) Simply specify oob as the redirect_uri.

P.S. Different personalities is what makes the world go 'round. I think that's what makes for the best community ... that there's always the super arrogant one, and the super funny one, and the smart one, and the egotistical one, and the extra helpful one, ...

It seems from your post that you took offense to iamthwee's personality, but yet you found members such as ddanbe and Ancient Dragon very helpful and pleasant. Well ... we're a community of over one million members. Like any community in the world, there are going to be people you like, and people that rub you the wrong way. When you say you're going to leave the site due to a poor interaction with one of our members, I can't help but think that it's near synonymous to you wanting to move out of your otherwise pleasant neighborhood, with neighbors you're friendly with, because someone cut you off and directed a serious case of road rage towards you on your way to the local supermarket.

Iamthwee is known for needing an attitude adjustment from time to time. That's why when you look at his member profile, he only has a 59% Post Quality Score, as opposed to 85% for Ancient Dragon or 93% for ddanbe. The community, as a whole, via member profiles, tend to be pretty good at weeding out the best from the worst. But that's like any real world community too. Only, in the real world, the more arrogant of the bunch don't wear a scarlet letter.

Same reason you just accidentally created a link.

Bad markdown syntax ;)

Just want to point out that it works. I'm just confused why it works :)

Instead of sending the entire document to the web browser as soon as it's ready, I am trying to flush the output right after generating the HEAD portion of the HTML document, so that all of the external css/javascript files can be fetched by the client at the same time as php is still processing the bulk of the page.

Well Steve Jobs died and if it wasn't proprietary software, they wouldn't have much to sell, now would they? :)

I've tried absolutely everything!! How can I flush the output buffer in CodeIgniter from within either my controller or my view?? They use some weird double/fake output buffer or something. Grrr!

The professor mentioned he is already taking action against the students in his class. However, and this is just speculation, but my best guess is that he wants the question/answer removed from the forum so that he can reuse the same assignments in the future. I think he feels forums are making his life more difficult because he can't recycle as much.

I don't want to publicly post his side of the conversation without permission, but the main points he presents are (paraphrased):

• Cheating is a huge problem, and I understand it's not your problem, but you should reconsider your policies to help prevent it
• Other websites I've contacted in the past were able to, and did, delete the content immediately

As often happens, a professor emailed me last month asking that we delete a forum thread because it contains an assignment from his course, with the student asking for assistance, which violates his department's honor code. As always, I responded saying that we have a strict policy where we do not delete any content that does not violate any of our rules. However, for some unexplainable reason -- perhaps because I've simply become fed up with repeatedly responding the same way all these years, and it's actually something I strongly believe in -- I felt a strong urge to go into intricate detail and explain my position on the matter to the poor unsuspecting fella. Below are my emails to him (I am only posting my half of the conversation). I'm posting this just for those who might be interested or wanted to offer their own insight into the problem.

----------

Hi,

Unfortunately, we have a strict policy where we do not delete any content that does not violate any of our Rules (http://www.daniweb.com/community/rules).

By deleting the content, not only are we hurting the person who took the time to ask the question, but we’re REALLY hurting all of the people who took the time out of their day to help someone else. THEY did nothing wrong, and it would really be offensive to them to have their posts removed from the site just for being helpful.

You also have to understand that we receive requests on an …

Sorry, not me, but you might want to fix your forum signature. It's kinda unreadable. Honestly, though, I think Photoshop is one of those things where your graphic design portfolio should speak for itself.

Sitepoint has really great tutorials and their community has a lot of php do-it-yourself'ers. However, even their PHP forum, which is the largest forum they have by a magnitude of 10X, is not as active as our PHP forum is ... and PHP isn't even our biggest forum! The thing with their tutorials is that they self-publish them into for-profit eBooks and even print publications which contributes to a good revenue stream for them, so they can afford to hire top notch authors to write the tutorials because there's a direct return on their investment there. Their forums are a different beast entirely.

For those not in the know, we have live chat now :)

www.daniweb.com/chat/

StackOverflow dominates the search results because Google wants them to :) Google sends them more traffic than any other programming/IT site. Just the sheer volume of traffic they get from Google means more people around to answer questions, even if a smaller percentage of their audience participates. Other than SO, I don't know any other development forums that are more popular than DaniWeb.

Thanks so much for all the birthday wishes everyone!!!!! :)

In trying to become more mobile-friendly, what features currently don't work in mobile?

I know you can't vote on posts, right?

Not showing the last post timestamp or the navigation menu dropdown menus are by design.

Oh, hold on a moment. I just didn't get my email either, and I got another complaint that email isn't coming through. Might be an issue on our end.

I don't know why you're not getting your email. We're definitely sending it to you. You're not on our blacklist and your preferences are set to receive email.

do me a favor. send me a mail from these forum, for test please

Log out of the site and request a password reset.

That's odd. Looks like some type of e-reader stripped away all the CSS.

I don't get it. If the fox is allowed to say anything that I feel like, then why can't he say Wa-pa-pa-pa-pa-pa-pow? What if I feel like having him say that?

A PHP array is stored in memory and only exists for the duration that it takes for the individual web page to render. If you want to keep adding to it, and not have that information be volatile (but actually retained), you're going to want to be storing it in a database, not just in RAM.

However, there is one way to do it, and that's to have a hidden form element that includes everything in the array up until that point.

In other words, not only will we be collecting Name and Age from text boxes, but we'll also have two hidden form elements for all of the previous Names and Ages up until this point.

Then, when doing hte form processing, we'll be adding the latest Name and Age to the list of all the previous ones, which we'll be passing back as yet another form element when the form loads up again.

And then repeat the cycle.

This will allow you to have a form that you can continuously submit to, and it will show the values from all of the previous form submissions immediately prior, but all the data will be lost as soon as you navigate your web browser away from the page. If you want the information to be retained, you need to store it in a database like MySQL.

At first I thought it was just me. I restarted my DNS server after noticing intermittent connection issues. But nope! It looks like Facebook, Twitter and a handful of other sites are currently down in parts of the United States. At least here with Time Warner in NYC, and according to DownWhere.com and DownForEveryoneOrJustMe.

How on earth are we expected to tweet our frustrations with Twitter being down?! It's been quite an extended period of time so far, too. At least a half hour ago since I first came onto the computer and noticed, so we're not talking about a 30 second blurp here.

If you're able to type this, then you're already logged in.

Why am I seeing the Meet Fred banner on the home page if i am logged in? I thought it only shows if your logged out?

I'm trying an experiment to see what members think of him.

Diafol, that's very mean of you to say. Didn't anyone ever tell you not to call people names? Luckily, no one can see your genitals when you're wearing clothes either. And YOU'RE the one with the weird abdomen!! Personally, I think Fred is incredibly handsome.

Sorry, you looked at it while it was broken. I was working on having it only put members who were active over the past 90 days in the top list but it didn't work so I reverted it.

Got ya back!!!!!!!

Gah, I'm going to have to figure something out here because I can't revert your account. The system won't let me edit the account of a deleted member. Hold on while I figure something out?

Oh, awesome! I noticed that you had deleted your account last night with no explanation, and there was a very long thread in the moderators' forum about how ethical it would be to manually dig into the database, pull out your email address, and email you asking what happened!!

I'll go ahead and undelete your account.

If you come from the graphic design / web content side of things, I would focus on Javascript and jQuery. jQuery is growing increasing popular these days, and knowing it intimately will make you a rockstar when it comes to client-side development. IMHO, it's also a good transition from the clientside stuff to the serverside stuff.

I'm going to work on a mobile-friendly design for the site.

I've made a handful of changes to member profiles tonight. One of the changes I made was to include little blurbs below Reputation, Post Quality Score, Endorsements and Solved Threads explaining what those statistics mean. Do you think that now member profiles are too wordy and redundant? Is it more confusing and cluttered now, or are the descriptions useful?? Feedback much appreciated!! :)

I'll give you my experience as well.

I studied a B.S. in Computer Science with a minor in Business Information Systems at a local University. I started DaniWeb as a sophomore, and it really started to take off. I switched to taking a light courseload (only 2 or 3 courses per semester) which gave me time to devote to DaniWeb.

I graduated from a four-year program after five and a half years with a B.S. degree and an established company. By the time I graduated, DaniWeb was making enough money that I was able to go into it fulltime, and I've never had another job since. My timeline is that I started my degree in September 2000. I started DaniWeb in February 2002. I graduated in December 2005.

What happens if you click in the textbox and press Ctrl+V?

Sweet, sounds reasonable. Can they be edited after publication?

No, but you have infinite time to review and edit them before you mark them as ready for publishing.

You would have better luck with the ISP than with the police / local authorities.

Last night, a friend mentioned to me that one day he was trying to fetch a random 5 rows from a MySQL database. He researched online, and was eventually presented with a working solution in which he would generate five random numbers. Then, he would query the database for items whose ID number matched the numbers. If an item didn't exist (because it had been deleted, etc.) then he would randomly generate a different number and fetch again. He would continuously do this in a loop until he had five unique rows fetched from the database.

I was caught off guard, to say the least, that this is the method he was told to use online. For anyone else having this problem, it can all be done from a very simple query:

SELECT *
FROM table
ORDER BY RAND()
LIMIT 5

The above query will randomly select five unique rows from the table. Of course, you can use WHERE clauses and such to narrow down the possibilities. You'll receive up to five rows but potentially less if there are fewer than 5 that match the criteria passed into the MySQL query.

Another interesting thing that you can do is order by multiple fields. For example, suppose you have a table of 120 students with columns for their name and grade: thirty 9th graders, thirty 10th graders, thirty 11th graders, and thirty 12th graders.

Suppose we were to execute the following query:

SELECT *
FROM students
ORDER BY …

The problem with that, Michael, is often things get lost in translation from the people requesting features and functionality and the people actually implementing it. Additionally, non-programmers might not realize that something is not feasable, or cannot be done a certain way. There definitely needs to be direct communication between the clients and the programmers IMHO.

Working on a new feature that will accept tutorial submissions. How many of you guys would actually contribute unique tutorials to DaniWeb? :) (Just trying to get a rough idea that will help guide me on how to set this thing up)

I somewhat disagree, deceptikon. I think that being now asked to travel for a week at a time once a month away is excessive, when you were explicitely hired as an in-house developer with no travel required.

If I was hired by a company to write code in their main office, with the expectation that I would have my evenings and weekends free, and am now suddenly being asked down the line to spend 25% of all my time traveling, I would find that very unfair. Especially if I am married, have children, have personal responsibilities that require me to be available during evenings or never more than a reasonable distance away for emergencies.

I think I know more than anyone about wearing many hats at a small company. I have a Computer Science degree but I spend the majority of my day selling advertising. I can also understand having to interact with clients now even though that wasn't in the job description.

But I do think it's unfair for the company to spring on you that suddenly you're going to be taking week-long business trips once a month, especially considering you were never hired for a position that would require frequent traveling. I also agree with you about how you don't see how travel is so necessary when there are lots of telecommuting tools available. I think that some sort of compromise needs to be struck here.

Still looking into the issue. However, I have just gone and removed the "feature" that marked an entire forum read if you viewed the last updated thread in the forum. So no more need to "work backwards" when browsing the list of threads to check out.

Color changed for the 'coming soon' images to suit Michael's suggestion. And we're pretty much all caught up now with the backlog of fetching thumbshots.

OK, member search functionality has been built into the main search now. (Moderators still have access to the more feature rich version)

Hi and welcome :)

Seems like you want the benefits of being a sponsor *hint hint*

Edit (5 minutes later): Oops, it is working fine now, just like before.

Yup, like I said, it should show up within 10 minutes of being requested one or two times. You visiting your profile was a request ;)

Over the past day and a half, I've worked on generating our own in-house thumbshots service, instead of relying on the commercial product at thumbshots.com for the website screenshots seen when hovering over links and in member profiles. Doing so will save us $500 a month, so that's good news :)

Unfortunately, the alternative to spending the money to outsource the service means a lot more stress and overhead on our own servers. We're currently working on building up a screenshot library, so please excuse the 'Thumbshot Coming Soon' messages that are quite prevalent now. It should be just another day or so before we have most websites captured.

In the meantime, it seems like on average once a particular website screenshot is requested at least 4 or 5 times (even refreshing the page works), it will be queued and ready about ten minutes later.