Category: Web development

Down the ramp with a big splash

Posted on by chris

It’s been a long time coming (in fact the bulk of the work was completed nearly a year ago), but the new Computers Unlimited website is finally live. Among the fresh features is a special offers page for toner, printer ribbons and ink cartridges, a printer consumable search and even a blog.

The website has been written using my e-commerce system, called TwistShop for reasons which shall become clear soon. Eventually I hope to offer this as an easily-deployed application to my clients, along with my content management system TwistCMS and the projectGenie project management system. The fact that these three cornerstones of my website development services have been built for real websites doing real business, not just on a whim, means that when someone approaches me to help them get the best from the web I have the tools available to do so.

So, if you’re looking for Brother toner and ink, Panasonic printer ribbons or Xerox fax supplies you now know where to go.

Securely storing passwords

Posted on by chris

I’ve been doing a bit of reading lately about the correct way to store passwords, normally in a database. Obviously keeping passwords in plain text (i.e. no encryption) is A Bad Thing for obvious reasons. We’ve all done it at some point, but now is the time to stop.

The secret to getting over the “dunce” level of securing passwords is to use more than just a hash of a password, and instead throw a little salt into the recipe. A salt is basically an extra ingredient that mixes up your hashes and makes them bitter to crackers. Am I taking the analogy too far? Yes, yes I am.

So, I suggest the following (this is in PHP):

md5(md5("password") . "password");

Why? Well, it’s really easy to understand and implement. It means you don’t have to store the salt for your hashes anywhere – the password generates it’s own. Plus every salt is different. Plus it’s a constant length.

I’m not pretending it’s the most secure way in the world to store passwords, but for a better-than-average method it’s pretty good. Or I think so, at least. Any comments?

Proto-Proto-Former

Posted on by chris

Everyone knows I’m a fan of the Prototype JavaScript framework. But even I realise that for a novice getting the best out of it can be a daunting task. So I wrote a simple library called Performer to allow you to use some of the Prototype features without writing a single line of javaScript, instead using CSS rules.

There’s now another way for people to get started with Prototype using Protoscript, a simplified language that gives you lots of nifty features such as fading, drag-and-drop, toggling and much more. It looks good, although it like many JavaScript libraries (except mine, fnar fnar) it doesn’t provide you a way to separate JavaScript from HTML without some extra work. Still, the drag and drop thing is cool.

Unique content for your WordPress blog – automatically

Posted on by chris

I’m undecided whether to hail this as a breakthrough: the new WordPress Rewriter Plugin. In a nutshell it takes content and using "a thesaurus database of more than 40000 words" will rewrite the content to be completely unique. That supposedly leads to better search engine results, just as duplicate content leads to penalties.

So, will we now have thousands of quick-buck cowboys ripping off articles left , right and centre? Probably, especially as the $9 price tag is more than low enough for people to give it a try.

Apparently it also has a little trick that will increase traffic by a power of 3. Maybe it’s something to do with page titles (they are one of the most important bits of information that a search engine looks at) but they are coy on the matter. One thing I do know – there will be a lot of people trying this plugin.