I finally found some time to work on the website and have added the captcha support I talked about in my last post. While it is a lot more annoying right now, the real use for it will come when I add the ability to enter comments / feedback from the main page itself. That would be a real powerful feature as the user can not only read previous comments but also add their own, and just move on to the next post without going back and forth between pages. Just better user experience.
I am planning to add CAPTCHA support to the blogging engine. For those who don't know what CAPTCHA is, remember those web sites that ask you to enter the text displayed in a distorted image before submitting the page? That's what CAPTCHA is. You can read more about it over here.
It is very easy to write code that would programmatically post hundreds of comments within a couple of seconds and bring your web site down. This has been the problem for many forums / blog sites, hence most blog sites do not allow anonymous comments anymore. Not many people know about my site and hence I don't have that threat, but I want to implement a feature where you don't have to leave the main page to add a comment or read existing comments. Having to navigate back and forth between pages breaks the reading experience. In order to implement the ability to add / read comments from the main page, I will have to use AJAX. I plan to use webservices that would add / retrieve comments. This website being open for anonymous users, anyone can add comments, which means that if someone gets the path to my webservice (which is easy, just "view source" to get it) they can easily post thousands of comments through the webservice as it would not be authenticated. The best protection against it is to add CAPTCHA support.
Here's my plan:
Phase I: Add captcha support to the existing feedback page, see how it goes. I am in no hurry to get this done, will plan and get it out in the next couple of weeks. To create the CAPTCHA distorted images, I would be using the code from the DotNetNuke project instead of re-inventing the wheel.
Phase II: Once all hurdles from Phase I are overcome, add webservices that would create / retrieve comments from the main page on the fly.
This was complete negligence on my part. In the past any time I added new features I used to test it in both IE and Firefox. This time around I completely forgot to do so. Thanks to Lilly for pointing this out. I am happy to tell you that my site now works on Firefox as well. I think I need to create a checklist to avoid such messups in the future. Let me know of any other problems you come across.
Thanks and Enjoy!
I visited the local Best Buy store to check out the new PS3 and Zune. I was completely blown away by the quality output of the PS3 all HD quality. The 360 looks old technology in front of it. It may be that Sony has installed it's best in those demo consoles, but that's what marketing is all about. The games on 360 look pale. The console business is a multi-year business. Given this fact I think that even thought the PS3 is a year late compared to the 360, it has plenty of time to catch up. My gut feeling is that it will win this time around also until Microsoft does some magic. Time will tell.
As for the Zune, don't even get me started. The look and feel is so bad that it looks worse than a prototype. I can't believe this is the same team that designed the 360. There is no way that people would buy this piece of crap. I don't care that it has WiFi or some cool feature that the iPod doesn't. First impression is what matters, you should get attracted towards the product the moment you see it. iPod vs Zune, there is no comparison.
I have been trying to find material reading on the Virtual Path Provider (VPP) feature of ASP.NET 2.0. So far I haven't found a lot. The whole concept is supercool. If you visit the new MSDN website, it is built on VPP. The cool thing about VPP is that all those pages that you see are not actual physical ASP.NET files, instead they are all coming from a backend database. The most important feature from a user stand point is that you can query a website through the url. Yes you heard me right. Type https://msdn2.microsoft.com/system.net and you will be redirected to the .NET libary's System.Net namespace homepage. You can do the same with any class in the framework. Try https://msdn2.microsoft.com/System.String. That is simply awesome.
I have a new look and feel for the website. All the code behind the scene is the same. the only thing that is different is the skin. I have used the Glue Ideas theme and applied to the site. Some of the other sites that use the same theme are DunanMackenzie.net and AdamKinney.com. Note however that the only thing I have used is the outer skin, the content layout and color combinations are my own.
I have been working on this for the past two evenings and it was a breeze. I wanted to use ASP.NET 2.0 theming before going live, but I was so excited to show this to you that I just decided to release it. The next big thing for me is to get the business logic and data access layer changed. There is nothing wrong with those layers, just that I want to redesign them using the MVC pattern.
I have added a couple of features to the blog. You would now see the previous and next links on both top and bottom parts of the page. Also when you click on an archive month, you would see a label "Archies for month year". This new label would make it easier to understand whether the paging is enabled for all entries or only for that month.
I have been really drawn towards subversion (svn) for the past couple of days and have been reading documentation on it like crazy. There are two ways in which you can install subversion, one with Berkley DB (BDB) and the other with Fast Secure File System (FSFS). From all the reading I have done I figured that FSFS is a better option than BDB. The problem is that most blogs and forums I have read talk about svn 1.3, whereas with 1.4 they have made some big changes. In any case I will stick with FSFS until I hear otherwise.
The two big questions I had coming from a VSS background was how do we add new users to the source control system. I could not find an answer anywhere on the Internet, so I assumed that the default was windows authentication. The other question I had was how svn handled versioning. I found answers to both questions in a free book on subversion. The versioning answer is a bit long so I would suggest you read chapter 4 in the book. I didn't like the authentication answer but you can read it in chapter 6 of the book. Basically there is a file named svnserve.conf in the conf folder of your repository in this file you can set the password-db attribute to the name of the file that holds usernames and passwords. The content of the file is clear text so anyone that has access to the server can see your password. I also came across another material that shows how to enable windows authentication, but all that is through Apache, so IIS users are out of luck.
On a different note, I am really getting pissed at not being able to add new tags on the fly when I am writing blog entries. When I designed and implemented the blogging engine, I left that ability to phase II which never came (sounds familiar eh!). Anyways, I will fix it in the coming days, that will give me the oppurtunity to play with Atlas a little more heh!
Bookmarks for future reference
Continuous Integration writeup
Continuous Integration Server
Subversion popular open source version control software
Perforce fairly popular paid version control software