As you may remember, I wrote a piece about why I do not sign any NDAs here. I’ve had some time to reflect on that entry, and I want to move forward. I want to give any client I work with my new “promise” - the Non Disclosure Promise. Let me tell you a bit more why I choose not to sign NDAs, and what I can offer you instead. (more…)

Where was this book 4 years ago? Or even 2 years ago? (Uh - it was published in 4/2010… so… just in the author’s head apparently). (more…)

Normally, I’ve been trying to release a new blog entry every Tuesday. I took this last week off to celebrate my birthday. Tomorrow should restart the grind. :) (more…)

Do you use Git to manage your repository? If so, do you use it to check out code onto the server as well? If you do, you really should restrict access to your .git directory if it’s in your public root. (If you’re using things like Zend Framework, chances are your root directory is not your public directory, so you have less to worry about.) (more…)

I did a presentation at Web414 this last Thursday. You can find the PDF of the presentation here. (more…)

I just profiled some of my code and found out that the biggest chunk of my processing time was used by uniqid(). I use this to generate form tokens to prevent cross site request forgeries. On one page, I have 6 forms each with its own unique uniqid(). (more…)

I love ApacheTop. I love Cronolog. After I installed cronolog and used it in my apache configuration, however, I found it more and more difficult to use apachetop. I stopped using it. Well, I finally came up with a bash script that eases my frustration with calling the proper path names for apachetop. Check it out: (more…)

The error log can be fun to parse through and figure out what happened. Ok, so if you just read that and agreed, you need to move on. This is not for you. That’s not fun. However, you CAN make error gathering easier on yourself by including the right information in the error log. To top it off, you can present your users with something that is a bit more ‘friendly’ than the standard error... (more…)

On the rest of my site, I load jQuery from the google cdn. However, wordpress likes to load it from the local cache using wp_enqueue_script(). I didn’t want to delete the jQuery file it was loading because a) that would be wrong, b) it would still have to make a 404 call to the server, and c) the admin section uses it I’m sure. (more…)

First off, let me just remind you to not be an idiot like I was. I simply found the documentation here and here and went to town. After hours of trying to figure out exactly what was going on, I stumbled across some very interesting comments in the news group: The @anywhere api is not in chirp_preview anymore - but its not done either. So some of the stuff won’t work - and that wasn’t... (more…)