Posted By : Dan Wilson     January 8, 2010 7:08 AM

A Side Effect of ySlow and Firebug

I spent a number of hours researching a bug in a Model-Glue application. Each time a form was submitted successfully, a duplicate record showed up in the database. This application uses a number of frameworks and it wasn't very clear which layer was causing the problem.

I started to dig into the issue, looking for any rhyme or reason and pinged my good buddy Ezra Parker for some sanity checks. After some intense debugging, we found out that the second record in the database showed up after the ColdFusion request ended. I tried all sorts of programmer sorcery to find out why this second request happened and did not get much useful information. This duplicate request problem defied all logic!

Through the course of working through the information and issues, we explored many potential causes and questions like:

• Was Model-Glue possibly adding a second redirect somewhere?
• Was there a CFThread buried in Model-Glue, ColdSpring, Transfer or CFUniform that caused this?
• Was there some javascript call being fired off, and replicating the request?
• Were space hackers infiltrating my computer?
• Am I on Candid Camera?
• Should I just quit programming and open a Bakery?

[More]

Posted By : Dan Wilson     November 17, 2009 5:05 PM

My wife and I just returned from our honeymoon. We spent 2 weeks in Australia and really loved it. I've got a few gigs of photos and a bunch of interesting stories, but for the sake of this blog I'll just post a few of each.

Qantas Airlines

We flew on Qantas Airlines the whole way and really loved them. Qantas was on time, organized and the flight crew constantly was bringing snacks, meals, drinks, socks (yes, socks), free headsets and pretty much anything possible to make us comfortable. Qantas even did a full meal service on a 1 hour domestic flight. Rather striking considering the weak, mealy-mouthed offerings from US based carriers... If you plan to visit, get the Aussie Air Pass, a package where you can visit a number of cities all for a single price.

Brisbane

Our first stop was Brisbane. Brisbane is located on a river system and is a really nice city with lots of nice things to do.

Where to Stay

We stayed at The Marque a neat hotel centrally located to the docs and the Queen Street Mall area, a center of eating and shopping. The staff was great and they had our room ready at 9AM when we checked in. I can't tell you how nice it was to have travelled so much the previous 2 days and actually be able to check in to a hotel room at 9AM.

Lone Pine Koala Reserve

We only had a few days here and visited the Lone Pine reserve, one of the few places in the world where you can cuddle a Koala. The best part of Lone Pine was the Kangaroo and Wallaby open area where you can touch and interact with these animals without restraint. Here is Shannon petting a Kangaroo. If you go to Lone Pine, catch a 10 AM ferry from the downtown docks. You get a great view of the many interesting houses on the river banks as well as a running historical commentary. The south bank of Brisbane is rather interesting, having a man made beach which was very lovely to dip into on a warm spring day.

[More]

Posted By : Dan Wilson     October 22, 2009 9:29 AM

I'm from Florida, as you know. Florida is home to Alligators, a much maligned animal that generally doesn't deserve such an awful reputation. My brother wrote me to tell me of a recent gator encounter on the beach last night. I'll let him tell the story:

---

So the kids and I decide to go for a quick walk on the beach last night before homework and dinner...

As we are walking down the beach we see some commotion up ahead and decide to walk down there and see what's going on. As we get close I can see a 7 foot alligator and a guy with a cast net on the freaking beach! This is my second encounter with gators on the beach, the first was surfing on Vilano and a gator swam by outside the line up. This one is equally as weird!

We get up to this gator and you can tell it is very tired from swimming in the ocean, the wind and waves have just beat his butt cause he wants nothing to do with us unless we grab his tail, then he lets us know without question that he is pissed. Tail thrashing, hissing, chomping of the jaws, the whole bit. So a lifeguard comes up to us and while talking to him he says he has to call a trapper who will come and likely kill the gator because it will be seen as a nuisance to humans. So my kids and this other fellas kids start talking about how we should save the gator. So between the kids, tourists and hippy residents down on the beach this guy (Paul) and I become the "gator savers". It's at about this time my kids decide I'm freaking nutz for the plan we hatch.

[More]

Posted By : Dan Wilson     September 25, 2009 8:25 AM

Welcome to So You Wanna Learn Regex? Part 3.

In our last exercise, we looked at a simple way to wrap a function argument inside a new function. This was accomplished by making a pattern, defining a group and using a back reference. This time we will look at how to clean some strings.

Say for example, that you run a website called The Health Challenge and say for example, you wanted to use some of your fine tax dollar funded research to deliver motivating messages to the members.

Well, you could just happen across Small Steps and just use their content. After all, it is in the public domain. So you happily cut a LARGE chunk of these from the web site, but now you have to clean them.

Assume this set of declarations:

(# 11)  	Avoid food portions larger than your fist.
(# 12) 	Mow lawn with push mower.
(# 13) 	Increase the fiber in your diet.
(# 17) 	Join an exercise group.
(# 20) 	Do yard work.
(# 24) 	Skip seconds.
(# 25) 	Work around the house.
(# 26) 	Skip buffets.
(# 29) 	Take dog to the park.
(# 30) 	Ask your doctor about taking a multi-vitamin.
....( 700 more lines)

What we want, is to turn: (# 11) Avoid food portions larger than your fist. into: Avoid food portions larger than your fist. See, we like the content, we don't like the parentheticals nor the whitespace. Do we flex our forearms in preparation for a copy/paste session? Do we call KeyboardsAreUs.com and have 2 fresh keyboards airdropped, knowing we'll wear out some keys? (if you said yes, please delete your hard drive and apply at KFC.) Regular expressions are our friends. A Regex is a pattern matcher, and it can do stuff. We can see our code is repetitive and the pattern we want is: Get rid of the parentheticals and the extra whitespace. (Same stuff we'd do over and over via cut/paste/etc, isn't it? Though in a copy paste, you are talking about 5 keystrokes per line times 700 lines. That is 3500 keystrokes, unless you type like me, in which case it would be nearly 4 million.)

So as you know, we define this pattern in the gobbledegook of regular expressions. When read one chunk at a time, these actually make sense. We'll go through the exercise, then look at why it worked.

In Eclipse, perform the following:

[More]

Posted By : Dan Wilson     September 9, 2009 8:01 AM

Wayne Sutton, local entrepreneur and master of all things social, presented at Ignite Raleigh on 19 reasons why the Research Triangle of North Carolina is better than Silicon Valley. The presentation was a hoot and a must see. Wayne left out #20, which is the CFinNC conference.

CFinNC is a free web development conference held in Raleigh, North Carolina during the weekend of October 17th and 18th with an International line-up of speakers presenting on timely and relevant topics on web development. Thanks to the generosity of our sponsors and the creativity of the planning committee, registration for the event will be free and includes entry to the weekend event and to all presentations.

CFinNC is held in the Research Triangle area of North Carolina, not Silicon Valley... which we believe would've made #20 on Wayne's list.

Posted By : Dan Wilson     August 4, 2009 1:18 PM

CFUnited is right around the corner. I can close my eyes and clearly remember last year's CFUnited like it was a month ago. "Where does the time go?", they say?

I remember in High School watching the second hand slow dance across the dial. Each minute broken up into 60 equally agonizing seconds each in turn taking it's own eternity.

One way I mark time is by looking at my blogging habits. My blogging habits have been abysmal. I partially blame twitter, the ultra-time-suck-in-140-characters or less, since twitter serves as an outlet to the world for me. I also blame Facebook to a lesser degree, though I've long since removed any vestige of twitter or facebook from my work computers in an attempt to control my distractions.

I can also say that Model-Glue has taken it's share of time as well. Thankfully there is a large community of active contributors willing to put in time to keep the framework moving so it is certainly a manageable workload. ( though depending on who you ask, manageable might be debatable). Shepherding Model-Glue to the final 3.0 release is one of my recent professional accomplishments I'm most proud of.

I've also recently gotten married. June 6th to be exact. As proof, I stuck a picture in this post. Don't worry, I won't bore you with more.

We've also combined houses, and bought a new house, and are in the process of closing on the new house and selling the old house. This is a tremendous amount of work and I never thought I'd ever spend 14 hours spreading mulch, but I can chalk it off to one of my professional accomplishments I'd like not to repeat too often :).

I'm also involved, along with most members of the best CFUG on the face of the planet in planning the CF in NC conference. If you are new to this idea, we are holding a really great Adobe Platform in the Research Triangle Area of North Carolina. Thanks to the dedication and cleverness of the members of the planning committee, and the generosity of our sponsors, we've managed to remove the cost of the registration fee. Our unofficial slogan is "The Economy Sucks, We Don't. Come to CFinNC!"

I've missed a few things along the way. I missed the chance to really get down and dirty with CF9 once it hit public beta. I missed the rescheduling of Flex 4 for 2010. Heck, I even missed the chance to spew my own brand of bullpoop in the last Great OO Is Dead blog war.

I think things will settle down a little after CFUnited. I'll be able to really get into CF9 and learn how to make the best use of the newest, hottest features. I'll have time to work on my SuperSecretAIRApplication. I'll even have time to blog more, which I dearly miss.

If you've stuck around this long, thanks. Sometimes we all need to reflect a little and remember where we've come from, so we know where we're headed. Best wishes to you in the last half of 2009.

--Dan

Posted By : Dan Wilson     July 20, 2009 7:20 PM

I don't post too many jobs on my blog, but this specific job is with a really cool company and (more importantly) working for a really cool manager named Isaac. I used to work for Isaac and he is a really good manager who knows how to let technical people be superstars.

This position is full-time, full benefits and on-site so please keep that in mind when you apply. You'd be right in the thick of Research Triangle Park, Raleigh, Durham, Chapel Hill, which is a great area, even ranked in the top 10 by Rolling Stone for the music scene. Oh, and Hey! We'd be neighbors.

If you are interested in applying for the position, simply drop me a quick note and let me know. I'll make arrangements to get your resume. No agencies please.

Here is the information for the company:

Digitalsmiths provides the industry's only studio-grade, video monetization solution with an advanced metadata framework that empowers digital media companies to distribute and publish video content across multiple screens, open up new revenue streams for film and TV assets, build audience, increase viewer consumption and boost audience engagement.

Digitalsmiths full time employees receive comprehensive benefits including stock options, vacation time, sick time, paid holidays, Blue Cross and Blue Shield health insurance, life insurance, disability insurance and retirement program. We have a relaxed, open and collaborative work environment where both achievement and fun are valued and everyone plays a key role.

The Research Triangle Park area is a great place to live, work, raise a family, and enjoy life. The area is within a couple hours drive to both the Blue Ridge Mountains and the Atlantic Ocean. Our natural beauty is a boon for the outdoor enthusiast. There are typically 220 days of sunshine per year with rain being well distributed throughout the year. There are award winning restaurants, as well as, a good variety of art, music and entertainment. Please visit http://www.digitalsmiths.com to learn more about the company.

Here is the information for the position and desired skills:

The Senior Software Engineer position reports to an Engineering Team Lead or directly to Engineering Management and is responsible for designing and implementing software products and services. Candidates should have a Bachelors Degree in Computer Science related technical field of study plus at least three years of work experience using Flex/ActionScript. Five years experience with software engineering and familiarity and desire to work with Flex/ActionScript may be accepted in lieu of three years of experience with Flex/ActionScript.

All candidates must be comfortable working in a fast paced early stage environment with tight deadlines.

The main duties of this position are as follows:

• Deliver engaging, state-of-the-art, high quality products.
• Design and implement product initiatives under general supervision.
• Produce accurate estimates and participate in daily task tracking activities.
• Adhere to core design, development and testing principles set by team and group leadership.
• Produce clear and thorough technical documentation.
• Other duties as needed.

Job Requirements and Qualifications include the following:

• Demonstrated expertise in AS3, Flex, MXML, and the Flash runtime.
• Demonstrated competence in at least one programming language other than ActionScript.
• Experience with Object-Oriented Programming and Design.
• Excellent written and oral communication skills.

Other Skills and Technologies that are desirable include:

• Experience with MVC (e.g. Cairngorm, Mate, PureMVC, Spring).
• Knowledge of software design patterns and architecture.
• Experience writing Flex custom components.
• Experience with Web service development using AMF, SOAP, REST, XML-RPC, and XML.
• Experience with Unit Testing and Continuous Integration using Flex in a team environment.
• Experience with media player design using Flash and ActionScript.
• Experience with Digital media (FFMPEG, FLV, MPEG4, MP3, AAC, WMV, 3GP, etc.)
• Experience with source control (SVN is a plus).
• Experience with bug tracking/defect management (Bugzilla is a plus).
• Exposure to agile development (SCRUM, Lean).

Posted By : Dan Wilson     January 12, 2009 1:47 AM

A word on SQL Injection

SQL Injection is a pervasive problem in the Web Application World. A quick search for URLS that use raw SQL brings up hundreds of thousands of dangerously formed URLS. Any developer worth his salt knows to clean user input before using it.

Defend Against SQL Injection in ColdFusion

CFQueryparam is a recommended tag that helps to keep your queries safe from SQL Injection. Any ColdFusion worth his salt uses CFQueryparam to help keep malicious parameters from being executed by the database engine. I ran across some code today that used CFQueryparam in most cases, but there was a particular, recurring use case that used raw parameters.

Example 1

Note the use of the list. It is a common paradigm to pass a delimited list of data to an SQL statement. In this case, the developer chose not to use CFQueryparam because he/she was under the impression that the result would be a single parameter, not a chain of parameters.

However, CFQueryparam can be used successfully in this case by setting the optional attribute 'list' to true. This is a supported attribute on all database engines.

Example 2

The resulting query will be parametrized in such a way as to render the list as a list and the results of the second query are equal to the first. Except for the case of an SQL Injection attack.

In the case of an SQL Injection attack, the developer of the first code sample would have a lot of explaining to do...

Posted By : Dan Wilson     December 13, 2008 12:41 PM

Last night we had dinner with some dear friends, Jessica, Kyle and their baby Hunter. (Remind me one day to tell you about the fun I had feeding lemons to Hunter).

We had dinner at Sitar Palace, an Indian restaurant in North Durham. Of course, all the items on their buffet were awesome, but the standout was a dish cryptically called Chicken 65. Move over Chicken Makhani, make room for my new favorite chicken dish, Chicken 65.

Shannon and I searched the Internet for a good recipe and found some rather interesting descriptions for this dish. Apparently, no one can be sure of the origin of the name.

Wikipedia on Chicken 65:

The number 65 is variously said to be the number of days taken to prepare the marinade or the year of the dish's creation. One account claims that the dish emerged as a simple meal solution for Indian soldiers in 1965. Others accounts claim that an "enterprising hotelier" targeted macho diners with a 65-chilli recipe and named the dish accordingly. It is generally acknowledged that no one knows which (if any) of these anecdotal theories are true.

Enter Vah Chef

Vah Chef is apparently an Indian Celebrity chef from Chennai who is absolutely hillarious. He is infectious with his energy and has a simple cooking style. Anyone who has ever tried to make Indian food knows it can be involved and require WAY more ingrediants than typical American food. Vah Chef has a very popular website with videos and recipes of popular dishes. If you like Indian foods and like to cook, Vah Chef is a must-see website.

Where's the video you promised us?

Vah Chef has a video on Chicken 65 where he demonstrates step by step how to make the delicious dish. While preparing, he enterains by going through the history and misconceptions of the dish as well.

Do you cook Indian food? Do you have good resources you'd like to share? What is your favorite dish?

Posted By : Dan Wilson     December 5, 2008 8:10 AM

As I've gotten older, and gotten into the habit of working more hours, I'd become somewhat used to a pain in my back. This specific pain, inflammation rather, was located just under my right shoulder blade and would surface around mid-day. As I normally work 10-12 hours a day, the back pain impacted my ability to focus and to enjoy my work fully. I ended up casting a naughty glance at my office chair (Office Depot 79$ special), thinking it could possibly be contributing to the problem. After poking around at the Herman Miller Aeron chairs, I couldn't bring myself to spend over $1,000 for a chair that might or might not help me out.

After even more research, I found a chair called Ergohuman ME7ERG Mesh High Back Chair. Since it was half the price of the Aeron and was listed on a site claiming to have "Chairs professionally selected by certified Ergonomists", I simply had to have one.

And what did you think about it?

To be blunt, this chair cleared up my back problems. Within less than a week of having it, I had less pain, better focus and was more comfortable working than I had ever been. Quite possibly, the $500 I spent has delivered the most bang for the buck of ANYTHING I have in my home office.

Where did you by it?

I bought this chair from http://www.ergonomicchairpro.com, mostly because they had an eBay special for $500 with free shipping. They offer similar deals on their website right now, so don't worry about searching around.

How long did it take to receive?

The chair showed up in a few days. Considering how large the package is, and the Free shipping, I thought it would take much longer.

How was the Installation?

Putting the chair together took me about 15 minutes. All the necessary tools were provided in the package for me. They even included some extra screws, which I kept.

How was the Quality?

This chair is seriously built. Some chairs are cheap plastic and will wear out soon. The Ergohuman ME7ERG is built with a heavy steel base and composite frame. I've used this chair every day for a year now and there is no sign of wear. It is very comfortable and adjusts in a number of manners for the best fit.

Seriously? No Back Pain?

I have not had a recurrence of the back pain at all since I've been working in this chair. Even when working in lengthy spurts of 60-80 hours, no back pain.

How much money do you get from selling these chairs?

I don't make a single nickel from selling these chairs. Frankly, at DataCurl, we do just fine providing high-quality consulting and applications to the Health and Wellness industry that we don't need to shill chairs for pennies. You don't see any ads on this blog do you?

In closing, if you have back pain from working at a computer all day long, you owe it to yourself to invest in a proper chair. Most people have vehicles that cost between $10-50k which are driven less than an hour a day. A quality work chair is used between 6-12 hours a day, so it is worth the extra money to get a quality chair designed around human beings. If you want one of these chairs, go check out Ergonomic Chair Pro and get one today.