titaniumbunker.com

Evil geniuses and world domination are 2 of our goals... we also like Dr Who

Archive for the ‘ Technology ’ Category

Error Messages in the Wild

no comment

Error in the wild

no comment

looks like a problem @screwfix

no comment

Error when trying to log into ScrewFix website :

Error code 500 – Internal Server Error.

Erm – something’s wrong here @smiffysuk

no comment

So searching for “Plumber Costume” revealed this.  Al that “Select” stuff – That’s SQL – or the query language used to look up things from Databases.  This isn’t great because I can deduce some of the storage architecture – but it doesn’t seem to be pasting the term Plumber Costume into the SQL that’s executed.  If it did include that then there is the possibility that this site would be vulnerable to something called a SQL injection attack.  It’s a bit worrying that the content passed in the search bar is printed – which may be a different vulnerability…

Not sure I should be seeing all that juicy SQL Smiffy…

I broke youtube

no comment

Whoops – looks like I broke youtube… somehow.

Instagram needs a Checkpoint.

no comment

Launching Instagram and authenticating using Facebook I get this message.

Instagram wants a Checkpoint… Just wish I knew how to provide one.

So Instagram, how am I going to look see Nathan Fillion’s photos now!!

Lloyds Bank error in the wild

no comment

A subtle error in the wild

I popped onto the Lloyds Bank site to download a form relating to a future change of address and I spotted this issue…. Can you see it?…  So I reckon some people are probably having a bit of a knowing chuckle while the rest are probably scratching their heads and wondering what all the fuss was about.

I’ve highlighted the error in yellow – and here’s a close up

Please wait…If this message is not eventually replaced by the proper contents of the document, your PDF viewer may not…. what? be working?

 Ok – so what’s going on here?

Lloyds would seem to have a library of PDF documents.  These seem to be in 2 different version of the PDF standard.  The first line of a PDF document contains the version number – which suggests that it’s version 1.7

Failing PDF

Whereas a working document from the site seems to be in version 1.4

Extract from a working document – PDF 1.4

Loading a version 1.7 document into Chrome gives us this :

Which looks surprisingly similar to the content extract Lloyds presented on their search screen.  So it seems that the PDF file content is indexed using a PDF viewer, and rather than indexing the real content of these documents, it has used this incompatibility message as the description for the PDF content.  We can further confirm this by searching for words from this document that are unlikely to appear in typical banking systems – so searching for the term “Linux” gives 12 results, all of which feature the first part of the Linux sentence.

 

Searching for “Please Wait” gives 126 documents that are equally badly indexed – some don’t even have a document title.

Ok – hands up who knows what document 1721 is all about? Any ideas?

As to why some have titles and some don’t I would have to guess that documents are uploaded through some form of content management system – and that these document may originally been in an older version of PDF (say – 1.4). These documents have since been updated – possibly with new interactive form filling features, and been re-indexed. The indexing system uses a version of PDF viewing which doesn’t support version 1.7 – and therefore indexes the incompatibility message as if it were document content (after all the viewer wouldn’t know whether it is showing content, or a message).

Other documents may have been created in a newer version of PDF, and the title attributes may not have been accessible when the document was indexed.

Update – I’ve tweeted this bug information to Lloyds.

Null null available for my tumble dryer from @espares

no comment

Espares has a Null null. for my tumble dryer… It may be Null, but it costs 6.75

And here’s the details for this Null.

@tesco cashpoint error in the wild

no comment

An error on a Tesco cashpoint – Warndon

The file c:\VLOGDIR\ATMFIX.LOG could not be opened. The process cannot access the file because it is being used by another process.

Who needs to log stuff anyway…I wonder what that other process is?

How good is your code

no comment

In the last post about making the magic work I discussed how to get continuous integration working with the selfietorium project, and getting it building and deploying a deb file.

This time I’m talking about measuring code quality through SonarQube and Codacy.

At (real) work, we’re planning on using SonarQube to measure code statistics – its a tool that will tell you whether your variable names match coding standards, or whether your code is duplicated, or has unused references etc.  But I found out that SonarSource host an instance of SonarQube that can be used to analyse open source projects.  As selfietorium is an open source project, I signed up.

For those looking to a more private solution, then it is possible to run your own sonarqube server, and that might be a topic for a future post – but for now I’m going to set up SonarQube.com to analyse selfietorium.

Logging on to SonarQube :

SonarQube uses github authentication, so connecting is easy. Once you are logged in you’ll need to create a security token.  SonarQube works by having code pushed to it – so in the previous blogpost we used Travis CI to push the code to SonarQube.  To make this happen we need a security token.

To create a security token :

Once you have authenticated with SonarQube and logged on, click your name in the top right of the page, and select “My Account”.

  • From here click “Security”
  • Click Generate to generate a token – give your token a suitable name.  Once your token is generated make a note of it – you are going to need it later.

Back in Travis CI, the sonar-scanner line instructs a plug in to push the code to sonarqube using the configuration section and a new file that needs to be added to the project root:

sonar-project.properties

Selfietorium’s configuration file can be found here.  SonarQube does have documentation about setting up the properties file, and it isn’t hard to set up.

We can now use the token we got from SonarQube to tell Travis-CI what to authenticate itself as.  This is stored in the environment variables section, using the techniques I touched on in previous post, in particular the section on “Keeping Secrets”

Next time you build your project, it will be pushed to SonaqQube (along with the sonar-project.properties), and analysis performed against the code.

SonarQube is a great tool, but it doesn’t give us what we really want – a nice graphic we can add to our project read me – after all, that’s what’s important right?

Using Codacy

Ggenerating the markup for the all important badge.

Like SonarQube, Codacy uses github for authentication.  To set up a project for analysis, it’ just a case of clicking your project and clicking go.  It’s a much simpler setup that SonarQube.  Getting that all important badge is also a breeze.  Click on the Settings button from the dashboard.
From here you can generate markup for different documentation systems including html, rst, and markdown.  Just copy the Markdown and paste it into the appropriate document on your github repository and now you’ll get a badge rewarding you for making the code better.

 

Categories

Archives

Tags