I’ve come up with a problem recently returning data via an XML feed using AJAX. In my case I was returning a list of images each having several links to perform various tasks (e.g. set as main image, add as thumbnail, add full image, etc).
The first load would go through fine and all images and their links would appear as I’d expect. There was also no problems in IE7, Safari (on Windows), or Opera 9+. When it came to Firefox 2 the image list would be cut short! Editing the javascript it basically seems that the returned data would be cut off at 4096 characters.
It took a while to track down the result. I thought initially this might of been a javascript maximum string length problem, but that other browsers just let the issue slip. Not that either. Anyway it turns out that text nodes are split at 4096 characters.
It’s quite simple to fix you simply need to normalise() your returned data in your AJAX script. Simply add the second line once you’ve gathered your XML data:
xmlResponse = xmlHttp.responseXML;
xmlResponse.normalize();
This will solve the 4096 character limit when using Firefox 2 or any other browser I haven’t checked that doesn’t normalise the data automatically.
Posted in Articles, Web Programming | No Comments »
A quick and easy way to protect yourself from mySQL injection attacks in PHP is to use…
$sql = "insert into table set ";
foreach ($_POST as $key => $data)
{
$sql .= $key." = '".strip_tags(htmlentities(addslashes($data)))."',";
}
$sql .= mysql_query(rtrim($sql,',').";") or die(mysql_error());
What this script does is to take your $_POST data and remove anything malicious from it. Looping over the $_POST data we build up an SQL statement. At the end then we simply execute using with mysql_query.
NOTE: This does not validate your data, it just helps prevent malicious attacks.
Another version of this that I use to to grab all my form information into variables to to place the following code within the foreach loop instead…
eval("$".$key." = '".strip_tags(htmlentities(addslashes($data)))."';");
This makes up a list of variables following your forms field names and strips malicious code from them. This method then allows you to do some form validation before inserting data into your tables 
Posted in Articles, Web Programming | No Comments »
So today was it, my first half marathon. Training had gone fairly well, I’d managed to do my over the mountain half training several times my best time on that being 1 hour 57 mins roughly. A few days of tapering, which generally meant I felt rubbish and there I was standing on the start line at 8:30am. I finished in 1 hour 48 mins 44 seconds. Continue Reading »
Posted in Races, Running | 1 Comment »
Dive Signs required a low cost solution due to being a start up company. Dive Signs are a family run business based in Essex they sell highly reflective vinyl stickers for the scuba diving industry. The solution for Dive Signs was a customised install of Zen Cart, the entire site took less than one week to get up and running and they are already expanding their online catalogue.
Divesigns.com - Highly reflective vinyl signs for scuba diving
Posted in Portfolio | No Comments »
I’ve used my RSS feed generator on a few sites now, so I figure it’s about time I share. The final output validates and conforms to RSS2.0 standards so it will import into most things. I’ve even got mine linked to my facebook profile. The full code is at the bottom of the page.
Basically I use my RSS script to generate news feeds for the sites that I write. Examples can be seen on these sites,
But generally you can use the feed generator to serve any information you wish. For example would be the results of a search query where the query variables can be picked up from $_GET[]’s $_POST[]’s.
Anyway a question a friend asked me was “What’s the Point in RSS” good question! Click on the link to find out 
Right anyway onto the script. Firstly we need to tell the browser or news-aggregator that it’s looking at a rss:xml feed,
-
// Write the RSS header
-
header("Content-Type: text/xml;charset=utf-8");
It’s at this point that I usually set up my database connection and link to the information I require so usually it’ll be something like,
-
include_once( "./connect.php" );
-
$sql =
mysql_query("select * from news order by ‘datePosted’ desc LIMIT 50;" );
I limit to 50 as no one wants to see 1000’s of posts going back years and years unless they specifically ask for it Then we start writing out the ‘introduction’ part of the feed,
-
echo "<!–l version=\"1.0\" encoding=\"utf-8\"–>";
-
echo "<rss version="\
"></rss>";
-
echo "<channel></channel>";
-
-
echo "<description>YOUR SITE/FEED DESCRIPTION</description>";
-
echo "<link>".
$_SERVER[‘HTTP_SERVER’].
"</link>";
Then we loop through our items (in this case news articles) printing the data out to our xml file,
-
// loop through the array pulling database fields for each item
-
-
{
-
$title = textFormat($newsItem[‘news_title’]);
-
$link = $_SERVER[‘HTTP_SERVER’]."news.php#news".$newsItem[‘id’];
-
$description = textFormat($newsItem[‘news_item’]);
-
$uid = "tag:".$_SERVER[‘HTTP_SERVER’].",2007-09-26:rss.".$newsItem[‘id’];
-
$pubDate =
date("D, d M Y H:i:s O",
strtotime($newsItem[‘date_posted’]));
-
-
-
echo "<link>".
$link.
"</link>";
-
echo "<description>".
$description.
"</description>";
-
-
<pubdate>".$pubDate."</pubdate>";
-
echo "<guid isPermaLink="\
">".
$uid.
"</guid>";
-
-
}
Remember for our RSS feed all text should be UTF-8 encoded so we include a little function to do this,
Then it’s just a simple case of closing down our xml tree and we’re all done,
Pretty painless wasn’t it And you can use these feeds to output anything of use. If someone is returning to your site to check for updated information should it be course dates, news items, forum posts, blog entries, even property searches it can all be done using RSS feeds.
Here’s the entire script:
-
<!—->//==========================================
-
// Author: Steven Lloyd Watkin
-
// Company: Evilprofessor Designs
-
// Website: http://www.ep-projects.co.uk
-
// Date: June 2007
-
// Feel free to use and modify, but please
-
// include reference to my site somewhere
-
//==========================================
-
-
-
-
header("Content-Type: text/xml;charset=utf-8");
-
echo "<!–l version=\"1.0\" encoding=\"utf-8\"–>";
-
echo "<rss version="\
"></rss>";
-
echo "<channel></channel>";
-
-
// retrieve database records
-
include(‘connect.php’);
-
$sql =
mysql_query("select * from ‘news’ order by ‘datePosted’ desc");
-
-
-
echo "<description>YOUR SITE/FEED DESCRIPTION</description>";
-
echo "<link>".
$_SERVER[‘HTTP_SERVER’].
"</link>";
-
-
// loop through the array pulling database fields for each item
-
-
{
-
$title = textFormat($newsItem[‘news_title’]);
-
$link = $_SERVER[‘HTTP_SERVER’]."news.php#news".$newsItem[‘id’];
-
$description = textFormat($newsItem[‘news_item’]);
-
$uid = "tag:".$_SERVER[‘HTTP_SERVER’].",2007-09-26:rss.".$newsItem[‘id’];
-
$pubDate =
date("D, d M Y H:i:s O",
strtotime($newsItem[‘date_posted’]));
-
-
-
echo "<link>".
$link.
"</link>";
-
echo "<description>".
$description.
"</description>";
-
echo "<pubdate>".
$pubDate.
"</pubdate>";
-
echo "<guid isPermaLink="\
">".
$uid.
"</guid>";
-
-
}
-
-
?>
Posted in Articles, Web Programming | No Comments »
Evilprofessor Designs have completed several small contracts for Legal & General and continue to provide last-minute solutions as and when required. All work has been well received and we continue to maintain good relationships with Legal & General.
Legal and General
Posted in Portfolio | No Comments »
A sneaky mid-week dive trip to Plymouth diving off Venture. As most of my trips these days it was organised through YD. Bizarrely, I was diving without Old Man Taylor, but Cat managed to keep me out of trouble in the water instead… Continue Reading »
Posted in Dive Trips, Scuba Diving | No Comments »
Simon and my latest jaunt is on an introduction to DIR diving organised by some guys from YD. A really good time has had, lots was learned Simon started the weekend coming along for the ride as it’s me who’s really interested in this stuff. The guy who left Vobster was “DIR Old Man Taylor“… Continue Reading »
Posted in Dive Trips, Scuba Diving | No Comments »
We are currently creating a huge bespoke website application for Seraph Estates. It is designed to control all aspects of their business which includes property rental, sales, serviced lets and holiday cottage rental. This is a long term on-going project with frequent updates. Website relies heavily on AJAX/Web2.0 technologies to provide a responsive web application for the company.
Seraph Estates - Quality Lettings, Sales, and Serviced Lets in and around the Cardiff area
Posted in Portfolio | No Comments »
Today I ran in the BUPA Great Wales 10k run around Cardiff Bay. It’s the first year the event has happened and must say it all seemed to run pretty smoothly. Before the day I was hoping to get around in 54′ish but I’ve been training hard with lots of climbs on my route so when I was 4km in and realised I was putting in 5 minute kilometers I figured I was going to get in under 50′. Unfortunately towards the end I started to slow and crossed the line in 50′24″. Still did better than expected so I can’t complain! Continue Reading »
Posted in Races, Running | 1 Comment »
