So searching for “Plumber Costume” revealed this. Al that “Select” stuff – That’s SQL – or the query language used to look up things from Databases. This isn’t great because I can deduce some of the storage architecture – but it doesn’t seem to be pasting the term Plumber Costume into the SQL that’s executed. If it did include that then there is the possibility that this site would be vulnerable to something called a SQL injection attack. It’s a bit worrying that the content passed in the search bar is printed – which may be a different vulnerability…
Not sure I should be seeing all that juicy SQL Smiffy…
Whoops – looks like I broke youtube… somehow.
Launching Instagram and authenticating using Facebook I get this message.
Instagram wants a Checkpoint… Just wish I knew how to provide one.
So Instagram, how am I going to look see Nathan Fillion’s photos now!!
A subtle error in the wild
I popped onto the Lloyds Bank site to download a form relating to a future change of address and I spotted this issue…. Can you see it?… So I reckon some people are probably having a bit of a knowing chuckle while the rest are probably scratching their heads and wondering what all the fuss was about.
I’ve highlighted the error in yellow – and here’s a close up
Please wait…If this message is not eventually replaced by the proper contents of the document, your PDF viewer may not…. what? be working?
Ok – so what’s going on here?
Lloyds would seem to have a library of PDF documents. These seem to be in 2 different version of the PDF standard. The first line of a PDF document contains the version number – which suggests that it’s version 1.7
Failing PDF
Whereas a working document from the site seems to be in version 1.4
Extract from a working document – PDF 1.4
Loading a version 1.7 document into Chrome gives us this :
Which looks surprisingly similar to the content extract Lloyds presented on their search screen. So it seems that the PDF file content is indexed using a PDF viewer, and rather than indexing the real content of these documents, it has used this incompatibility message as the description for the PDF content. We can further confirm this by searching for words from this document that are unlikely to appear in typical banking systems – so searching for the term “Linux” gives 12 results, all of which feature the first part of the Linux sentence.
Searching for “Please Wait” gives 126 documents that are equally badly indexed – some don’t even have a document title.
Ok – hands up who knows what document 1721 is all about? Any ideas?
As to why some have titles and some don’t I would have to guess that documents are uploaded through some form of content management system – and that these document may originally been in an older version of PDF (say – 1.4). These documents have since been updated – possibly with new interactive form filling features, and been re-indexed. The indexing system uses a version of PDF viewing which doesn’t support version 1.7 – and therefore indexes the incompatibility message as if it were document content (after all the viewer wouldn’t know whether it is showing content, or a message).
Other documents may have been created in a newer version of PDF, and the title attributes may not have been accessible when the document was indexed.
Update – I’ve tweeted this bug information to Lloyds.
By Prayitno [CC BY 2.0 (http://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons
Well, it seems that yet again the Oscars are incapable of giving away 24 gold-plated statues to a load of rich actors in designer gear without some kind of controversy. This year Bonnie and Clyde – Faye Dunnaway and Warren Beaty managed to inadvertently inject anarchy into the awards do by opening the wrong envelope. resulting in La La Land winning best picture when it should have been Moonlight. It transpired, Beaty had been handed the envelope for the previous award for Best Actress, won by Emma Stone for La La Land. The Academy have announced an inquiry but here are the basic facts
apparently, there are 2 people backstage responsible for handing the envelopes from one of 2 sets of envelopes to the presenters. You have to assume the envelopes were marked with the award on there and yet 2 people failed to give an envelope to someone who didn’t even bother to check he had the right envelope. It seems that the problem can be summed up as follows. unused envelopes had contaminated the award pool. either the old envelope opened by Leonardo Di Caprio had somehow made its way to Beaty, or the alternative Best actress awards had been handed out in error. Now I didn’t watch the awards but I would assume there would be some stage directions managing where presenters and winners would enter and exit the stage. Here’s a brief intro to stage direction terms
Areas of a standard proscenium stage; plan view This file is licensed under the Creative Commons Attribution-Share Alike 3.0 Unported license.
in this diagram, we can see that stage left (SL) and stage right(SR) is relative to an actor standing on stage and facing the audience that forestage (FS) is closer to the audience and backstage(BS) is further away. Now a lot of these awards will also have an elevated staircase that the presenters enter sometimes from SL some time from SR but always from an elevated position, meeting in the center and walking down a shared staircase to centre forestage. Once at the podium the presenters ad-lib and read the autocue to announce the nominees for the award, the envelope is opened, the winner is read, the winner receives the awards, talks for 30 seconds then returns to their seat, the presenters then also leave. Because the next presenters should already be in position, ready to come on it is doubtful the presenters will exit the stage the same way they came in. so here are our stage direction options:
- presenters walk in either from stage right
- presenters walk in either from stage left
- presenters walk in either from a central staircase
once they have given out the awards they exit
- If presenters entered Stage Right, then exit Stage left
- If presenters entered Stage Left then exit Stage Right
- If presenters entered from central staircase, then exit either Stage left or stage right
If there are 2 people handing out the envelopes, then I suggest that 1 of them hand out the envelope at the start, once the envelope has been handed to the presenter, the matching envelope from the alternate set is destroyed. The other person waits for the actors to exit, takes the envelope and card from the, rips them in half and places them in a bin before ticking them off a list.there should be no contamination of envelopes and if the envelopes are in order then the person handing out the envelopes merely has to hand the next available envelope to the presenters, something a robot could do.
in future, the best way to do this possibly would be to announce all the nominees on the autocue and have just a blank piece of paper in the envelope. then there’s only one person responsible for messing up, namely the person who enters the text for the autocue. The text could be signed off by the awards committee either beforehand or in situ ( to be honest, I can’t believe there is no such thing as an autocue that reads from an external file )
This kind of falls into our examination of award ceremony structure. We did look into how an open source award ceremony could be made. our method removes the need for envelopes, mix-ups and incorrect nominees as the award ceremony is generated from the votes dynamically, the only thing you need is someone to press the buttons to switch slides and then bring up the winner at the end. its possible that the next slide preview could be piped to an autocue system or the text from each slide scraped into the autocue giving the announcer the text they merely have to read.
Espares has a Null null. for my tumble dryer… It may be Null, but it costs 6.75
And here’s the details for this Null.
An error on a Tesco cashpoint – Warndon
The file c:\VLOGDIR\ATMFIX.LOG could not be opened. The process cannot access the file because it is being used by another process.
Who needs to log stuff anyway…I wonder what that other process is?
Hi Everyone, I know its been a while since I last posted, but there are reasons – I will post more – promise
In the meantime, I was going through some of the draft blog posts I had started but not finished. and came across this one, So I dusted it off and finished it off. I don’t know if the proposed legislation has been implemented or if it’s been altered since I started it. In any case here it is:
3 cubes of sugar
On 16th March 2016 , the Chancellor of the exchequer, George Osbourne unveiled a new budget,chief among the new policy was a levy on sugary soft drinks – The nation is grip of an obesity epidemic and fizzy, sugary drinks have been identified as the culprit. according to other press agencies, Jamie Oliver did a little victory dance outside the Houses of Parliament as it was announced.
Read more..
In the last post about making the magic work I discussed how to get continuous integration working with the selfietorium project, and getting it building and deploying a deb file.
This time I’m talking about measuring code quality through SonarQube and Codacy.
At (real) work, we’re planning on using SonarQube to measure code statistics – its a tool that will tell you whether your variable names match coding standards, or whether your code is duplicated, or has unused references etc. But I found out that SonarSource host an instance of SonarQube that can be used to analyse open source projects. As selfietorium is an open source project, I signed up.
For those looking to a more private solution, then it is possible to run your own sonarqube server, and that might be a topic for a future post – but for now I’m going to set up SonarQube.com to analyse selfietorium.
Logging on to SonarQube :
SonarQube uses github authentication, so connecting is easy. Once you are logged in you’ll need to create a security token. SonarQube works by having code pushed to it – so in the previous blogpost we used Travis CI to push the code to SonarQube. To make this happen we need a security token.
To create a security token :
Once you have authenticated with SonarQube and logged on, click your name in the top right of the page, and select “My Account”.
- From here click “Security”
- Click Generate to generate a token – give your token a suitable name. Once your token is generated make a note of it – you are going to need it later.
Back in Travis CI, the sonar-scanner line instructs a plug in to push the code to sonarqube using the configuration section and a new file that needs to be added to the project root:
sonar-project.properties
Selfietorium’s configuration file can be found here. SonarQube does have documentation about setting up the properties file, and it isn’t hard to set up.
We can now use the token we got from SonarQube to tell Travis-CI what to authenticate itself as. This is stored in the environment variables section, using the techniques I touched on in previous post, in particular the section on “Keeping Secrets”
Next time you build your project, it will be pushed to SonaqQube (along with the sonar-project.properties), and analysis performed against the code.
SonarQube is a great tool, but it doesn’t give us what we really want – a nice graphic we can add to our project read me – after all, that’s what’s important right?
Using Codacy
Ggenerating the markup for the all important badge.
Like SonarQube, Codacy uses github for authentication. To set up a project for analysis, it’ just a case of clicking your project and clicking go. It’s a much simpler setup that SonarQube. Getting that all important badge is also a breeze. Click on the Settings button from the dashboard.
From here you can generate markup for different documentation systems including html, rst, and markdown. Just copy the Markdown and paste it into the appropriate document on your github repository and now you’ll get a badge rewarding you for making the code better.
Version 1 selfietorium enclosure presented by titaniumworkshop R&D engineer Alan Hingley
It has been bought to my attention that the initial version of this post incorrectly identified the titanium bunker department responsible for the development of the version 1 selfietorium enclosure as titanium shed. This was obviously incorrect, as titanium shed was the original project code for the department now known as titanium workshop. Accordingly the credit for this work should be titanium workshop.
