Web Dev Questions That Don't Need Their Own Thread v4
5,001 replies, posted
[QUOTE=Moofy;46485980]Floating does not add spacing between the elements unless you give it margin.
The comments work indeed, but for my part it seems like a bigger mess in the code.[/QUOTE]
You're correct, floating does not add spacing between elements. Hey, a good example of when inline-block would be better than float:left is if you need to center your elements. Sure, there's ways you can center floats of variable width, but there's also other ways to get rid of that spacing in-between inline-blocks... I just prefer the comments method because it requires no extra properties. Also no extra style for centering them either, text-align:center; does the trick. Wouldn't be able to do that with floats. Plus you might need to clear the floats too.
[editline]14th November 2014[/editline]
Further reading, inline-block vs float:left
[url]http://stackoverflow.com/questions/15172520/drawback-of-css-displayinline-block-vs-floatleft[/url]
Simple question:
Does my site give a warning when you visit via https? Thanks.
[QUOTE=josm;46492035]Simple question:
Does my site give a warning when you visit via https? Thanks.[/QUOTE]
Not for me.
[QUOTE=PortalGod;46485596]what's the best way to handle realtime searching?
before I was using a filter on ng-repeat, but since that's all frontend the server has to send everything that I'm trying to search through, which seems really bad, so now I'm sending a request to the server in my search field's ng-change and only giving the client the results (and even then only one page at a time). is sending that many requests gonna be bad? is there a better way to do it?[/QUOTE]
You should be fine sending that many requests. I've got sites where I rerun the search every time a character is entered (debounced so it doesn't happen more than once every 200ms or so though)
[QUOTE=josm;46492035]Simple question:
Does my site give a warning when you visit via https? Thanks.[/QUOTE]
Disable SSLv3, your server is vulnerable to the poodle attack.
Also, upgrade your SSL certificate from SHA1 to SHA256.
You should also generate a better dhparam, which takes about 10-20 minutes depending on your server specs.
What web-server do you use?
If you use nginx, run this command:
[code]cd /etc/ssl/certs && openssl dhparam -out dhparam.pem 2048[/code]
and configure with this setup to really harden your web-server's SSL protocols:
[code]
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers On;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# If your certificate allows OCSP stapling, uncomment these lines:
#ssl_stapling on;
#ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s; #Google DNS resolver, uncomment this if you want, but Google DNS is really good.
resolver_timeout 10s;
add_header Strict-Transport-Security max-age=63072000;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
[/code]
[QUOTE=Svenskunganka;46492253]Disable SSLv3, your server is vulnerable to the poodle attack.
Also, upgrade your SSL certificate from SHA1 to SHA256.
You should also generate a better dhparam, which takes about 10-20 minutes depending on your server specs.
What web-server do you use?
If you use nginx, run this command:
[code]cd /etc/ssl/certs && openssl dhparam -out dhparam.pem 2048[/code]
and configure with this setup to really harden your web-server's SSL protocols:
[code]
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers On;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# If your certificate allows OCSP stapling, uncomment these lines:
#ssl_stapling on;
#ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s; #Google DNS resolver, uncomment this if you want, but Google DNS is really good.
resolver_timeout 10s;
add_header Strict-Transport-Security max-age=63072000;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
[/code][/QUOTE]
Disable SSLv3, your server is vulnerable to the poodle attack. [b]No idea how.[/b]
Also, upgrade your SSL certificate from SHA1 to SHA256. [b]Will be soon.[/b]
You should also generate a better dhparam, which takes about 10-20 minutes depending on your server specs. [b]I assume this is the same for Apache?[/b]
What web-server do you use? [b]Apache. Debian 7.[/b]
[img]http://cl.ly/image/1p0C3X0X022m/Image%202014-11-14%20at%208.24.37%20PM.png[/img]
any ideas how come this is only displays 62x21px of the image as opposed to it showing fully on retina displays
whoops that min-res is supposed to be 326dpi. didn't fix it tho
[QUOTE=KmartSqrl;46492191]You should be fine sending that many requests. I've got sites where I rerun the search every time a character is entered (debounced so it doesn't happen more than once every 200ms or so though)[/QUOTE]
Can you tell me what you mean by debouncing? Cause what I'd do if I was triggering AJAX requests on input change, is abort any currently loading requests before triggering a new one. Is debouncing some kind of cleverer way?
[QUOTE=ifaux;46492629][IMG]http://cl.ly/image/1p0C3X0X022m/Image 2014-11-14 at 8.24.37 PM.png[/IMG]
any ideas how come this is only displays 62x21px of the image as opposed to it showing fully on retina displays
[/QUOTE]
[img]http://cl.ly/image/3j412K2g1X2b/Image%202014-11-14%20at%209.37.06%20PM.png[/img]
[code]#button { font-size: 10px;
text-align: center;
width: 62px;
height: 21px;
background-image: url("img/button.png"); /* @1x */
background-position: top;
border:none !important;
margin-left: 7px;
display: inline-block;
vertical-align: middle;
}
@media
only screen and (-webkit-min-device-pixel-ratio: 2),
only screen and ( min--moz-device-pixel-ratio: 2),
only screen and ( -o-min-device-pixel-ratio: 2/1),
only screen and ( min-device-pixel-ratio: 2),
only screen and ( min-resolution: dpi),
only screen and ( min-resolution: 2dppx) {
#button {
background-position: top;
background-image: url("img/button@2x.png"); /* @2x */
background-size: 62px 21px;
display: inline-block;
}
}
[/code]
this is what i'm at now only on retina/high dpi devices. any ideas?
[QUOTE=ifaux;46492629][img]http://cl.ly/image/1p0C3X0X022m/Image%202014-11-14%20at%208.24.37%20PM.png[/img]
any ideas how come this is only displays 62x21px of the image as opposed to it showing fully on retina displays
whoops that min-res is supposed to be 326dpi. didn't fix it tho[/QUOTE]
can you separate media queries like that?
[editline]14th November 2014[/editline]
[QUOTE=ifaux;46493106]this is what i'm at now only on retina/high dpi devices. any ideas?[/QUOTE]
thumb pls [t]
[QUOTE=atomiku;46492646]Can you tell me what you mean by debouncing? Cause what I'd do if I was triggering AJAX requests on input change, is abort any currently loading requests before triggering a new one. Is debouncing some kind of cleverer way?[/QUOTE]
Debounce is a method in underscore to only run a function after it hasn't been called for some time.
It's one of many very useful functions in the Underscore library.
[QUOTE=jung3o;46493108]can you separate media queries like that?
[/QUOTE]
well it seems to work at recognizing that it needs to switch out the @1x image for the @2x one so i guess so
[editline]15th November 2014[/editline]
wow this is really fucking annoying
Would anybody be willing to make me a website like this [url]http://www.mathiasobdrup.dk/[/url] ? That also features my videos (youtube.com/viksko) and my images ([url]https://www.flickr.com/photos/67870310@N07/[/url]). I won't be able to pay, but i would really appreciate it if someone would give it a try.
[QUOTE=chill_dude;46495611]Would anybody be willing to make me a website like this [url]http://www.mathiasobdrup.dk/[/url] ? That also features my videos (youtube.com/viksko) and my images ([url]https://www.flickr.com/photos/67870310@N07/[/url]). I won't be able to pay, but i would really appreciate it if someone would give it a try.[/QUOTE]
I just messaged you to tell you that I can do this for you, then realised you said you can't pay... lol no web developer is going to spent that much of their time building a website for free, dude.
[editline]15th November 2014[/editline]
freeloaders!
[QUOTE=atomiku;46495672]I just messaged you to tell you that I can do this for you, then realised you said you can't pay... lol no web developer is going to spent that much of their time building a website for free, dude.
[editline]15th November 2014[/editline]
freeloaders![/QUOTE]
I mean I sometimes do for small open source projects, but I don't offer support and generally once I give them a design, I'm not gonna fuck with it anymore.
And I don't do it if they ask first.
everything was good til I screwed something up and dropped my database and created it again.
[img]http://i.imgur.com/AI7Y8Dv.png[/img]
uhh what..
Anyone got any advice or know anyone seeking a Rails developer?
Basically I've got around 10 years experience with PHP, the last 5 of which have been actual work. The trouble is, I suffer from epilepsy and getting to and from places is a bitch. Sure I can use public transport but right now my epilepsy is in a state of flux. One day it's good, the next it's shit.
I've been looking for jobs on many sites, even tried recruitment agencies but from what I've seen they're all office based and that's not really good for me right now. I'm trying to find remote jobs but I've been having great difficulty.
My PHP is a tad rusty, not used it in at least a year as I made the move from PHP to Ruby w/ Rails in February and it's probably one of the best decisions I've made in a long time, minus the fact I can't find a job for it.
Does anyone have any advice at all?
-snip-
[editline]17th November 2014[/editline]
[QUOTE=jung3o;46499996]everything was good til I screwed something up and dropped my database and created it again.
[IMG]http://i.imgur.com/AI7Y8Dv.png[/IMG]
uhh what..[/QUOTE]
Have you tried rolling back the migration before running it again?
[QUOTE=Moofy;46508838]-snip-
[editline]17th November 2014[/editline]
Have you tried rolling back the migration before running it again?[/QUOTE]
I found out it had to do with my environment. I set mine as local and forgot that laravel comes with different folder containing different config for local ([url]https://github.com/laravel/laravel/tree/master/app/config/local[/url]) :v:
so I just deleted it.
I have a VPS with VestaCP installed, I've pointed my domain against it and it sort of works except that on the normal SSL port 443 it serves the right page located in "public_html", but when I try to connect on port 80 it gives me a Bad Request since it's apparently sending plain HTTP to a SLL-enabled server port. And on port 8080 it serves a completely different directory at "var/www".
I have checked pretty much every apache and nginx config file on the system and I can't find out what the ever fuck is going on, if anyone has any idea, holla.
I have a chatbox that I'm working on, using this function as a way to add new elements:
[code]
<script>
function create(htmlStr) {
var frag = document.createDocumentFragment(),
temp = document.createElement('div');
temp.innerHTML = htmlStr;
while (temp.firstChild) {
frag.appendChild(temp.firstChild);
}
return frag;
}
</script>[/code]
I'm calling the function above like so:
[code]
var fragment = create('line');
document.body.insertBefore(fragment, document.body.childNodes);
document.body.scrollTop = document.body.scrollHeight;
[/code]
I understand I should be using temp.textContent however I'm not sure how I'd change within the same line my strings font etc.
[QUOTE=josm;46492621]Disable SSLv3, your server is vulnerable to the poodle attack. [b]No idea how.[/b][/QUOTE]
In all honesty, if you're unable to google that, you're not ready to operate a server connected to the Internet.
This is likely something so stupidly simple that I'm overlooking it, though here it goes.
I have a Flask webapp that accepts user comments. As soon as they come in, they're run through Flask's escape function which escapes the usual potentially-harmful characters, then dumps them into a database.
The Javascript (Mostly JQuery) grabs the comments as JSON and are appended to a div on the page. However, instead of "what's up?" displaying as "what's up?", it's being displayed as "what's up?". Is there some option I have to use with JQuery's append function in order for the text to be rendered correctly?
it's probably coming out as
[code]&#39;[/code]
check somewhere that you might be double escaping
[QUOTE=jung3o;46530487]it's probably coming out as
[code]&#39;[/code]
check somewhere that you might be double escaping[/QUOTE]
I looked at the raw JSON:
[IMG]http://i.imgur.com/d51S5O5.png[/IMG]
YEP! That's it! I had a couple bits in my code where I escaped only the output, though as I was adding parts I decided that it would be better if I escaped input just in case I left an output unescaped. Works great now!
[QUOTE=benjgvps;46530675]I looked at the raw JSON:
[IMG]http://i.imgur.com/d51S5O5.png[/IMG]
YEP! That's it! I had a couple bits in my code where I escaped only the output, though as I was adding parts I decided that it would be better if I escaped input just in case I left an output unescaped. Works great now![/QUOTE]
FWIW jinja2 & jsonify automatically escape strings iirc.
Standard file structure for a class based php site?
p.s. thoughts on Phalcon?
[QUOTE=Neophyte;46534701]Standard file structure for a class based php site?
p.s. thoughts on Phalcon?[/QUOTE]
You mean MVC?
Basically something like most framework does, I personally like Laravel's approach.
what's the best way to handle chunked responses in angular?
on my server, I have a route to /api/objects/:id, that returns a single object, and a route to /api/objects/, that returns all objects (with a limit of 10 per request). the problem is that before I respond with an object, I have to check if it needs to be updated, which is done asynchronously and could be instant or it could time out after a couple of seconds. rather than wait for each one to get updated, I send each one as json in its own chunk. in angular, I'm using $http.get to get /api/objects/, but $http only has .success, which is only called after the response fully loads. I'm trying to show each chunk as I receive it.
what's the best way to handle the chunked response? would it be best to use sockets? or an $http interceptor? or should I make /api/objects respond with a list of ids and then request each one individually?
[QUOTE=Neophyte;46534701]Standard file structure for a class based php site?
p.s. thoughts on Phalcon?[/QUOTE]
I haven't used Phalcon and don't know what it is, I'll assume it's a PHP framework... MVC perhaps? Anyway, as for file structure, I'll show you mine. It's the file/directory structure my MVC framework uses, but its similar to most other PHP MVC frameworks:
app/ - All files directly related the website are to go in here. Framework files that are global to all projects are to be separated in another folder.
app/config/config.php - Main config + defines in here
app/config/database.php - MySQL database config, with different config depending on the environment (production, testing or development)
app/config/routes.php - By default, atoMVC will route like this: [url]http://domain/controller/action/param1/param2/[/url] - But you might want to route /login/ to /account/login/
app/controllers/ - Controllers to go in here. Unlike CodeIgniter and others, I don't like to put all the actions inside one controller class. Each action is a separate file and the controller is just a directory
app/controllers/account/login.php - the _login() function is called
app/controllers/account/logout.php - the _logout() function is called
app/models/User.php - User model
app/views/account/login.php - Login page, which is placed inside the layouts/main.php
app/views/layouts/main.php - Main layout
app/views/includes/navbar.php - Any view bits that are reused and included in various places tend to go in the includes folder
app/views/errors/404.php
app/views/errors/500.php
css/
img/
js/
system/ - Where the atoMVC files reside
system/core/atomvc.php - The Controller, Model and View parent classes are defined here, along with some other stuff
system/core/main.php - I do some stuff here like set error reporting based on environment, set autoloading for business classes, etc. Might merge it into atomvc.php
system/fonts/times_new_yorker.ttf - Used by the captcha library
system/helpers/ - Helpers are classes that might sometimes be used as singletons. They have many uses
system/helpers/auth.php - Handling of sessions, logging in, out, checking if user is authed etc
system/helpers/image.php - Resizing etc etc
system/helpers/... - More helpers here
system/libraries/ - Libraries are files that contain single functions and no class. I'm not really sure if there should be a difference between 'libraries' and 'helpers' in atoMVC though. They're both includes that provide functionality, so maybe all libraries should be switched to helpers instead. (I think I'll do that)
system/libraries/captcha.php
system/libraries/phpmailer.php - SMTP mailer
Hope this helps or gives you ideas or something. Any input on my file structure, guys?
Sorry, you need to Log In to post a reply to this thread.
