Well, it seems like this site doesnt get “refreshed” on Technorati for at least 26 minutes (that is the fastest I have managed to get a post to show up there.)

Does anyone know if this is normal?

Short one – the summer 2006 copy of .net has an interesting article on how to secure PHP scripts used in e-commerce (and generally to be honest).

While overall the article is very well written there is one glaring thing I think is way off the mark. Given that this is not a beginners topic and that on the third page the Author (Paul Hudson) talks about editing the httpd.conf file to restrict the X-Powered-By header PHP adds, it is strange that the advice about PHP includes is simply to rename them all from .inc to .php.

First oddity, it has been quite some time since the standard for php includes was filename.inc but this is minor. Now Mr Hudson’s concern is that people can access the .inc directly and view it as plain text (if they know the name of your .inc file), which is obviously a problem if all your DB logon data is in one.

Now the solution is massive overkill. If you had a site with (say) ten pages calling the same 10 *.inc files it would be a bit of a pain to change the files to .php and the include() to the new name. Now what if your site was ten times that size? Drama to say the least – even with good old grep.

Surely the simplest, most common sense solution is to (like mentioned on p84) alter the way the server handles the file? In apache this works – AddType x-mapp-php5 .inc as does AddType application/x-httpd-php .inc.

One change and everything is resolved.

Is this easier or am I mad?

Well hubris aside, that is the title of a pull out box in the Summer 2006 .net Magazine (p 11 for the spotters). This pull out box is on the letters page and highlights the happy comments people have submitted.

Now, the .net redesign is pretty good. The content has improved a bit. There are still mountains of typos and some pretty pointless bits but overall it is good.

However, and this is a big however, by the time someone has got to a quarter height box on page 11 of the magazine, they have probably bought it. What value is there to any one who has bought the magazine to know that “Stormfx” says “Best..net.ever. Absolutely love it. Rock on!” (I blame comic book guy for the new writing style….)

Now, I may be mistaken but in things like magazines the space is important. There is only a limited amount and the main priorities are advertisments (to bring in profits and keep prices down) and content (to make people buy copies and sell more advertisments). It is actually quite easy, the hard part is finding the happy medium.

Why on Earth did anyone sanction this use of space to simply say “I like your new style?” (six times)

What is the purpose of printing this sort of message? Is it to convince the casual browser to buy the magazine (in which case, why 1/4 height box on page 11)? Obviously this implies that the casual browser is not going to be tempted by the actual quality or quantity of the “real content” but is going to be swayed by the raves of total strangers.

Is it to convince people who arent’ happy with the new style that they are in a minority? This happens a lot in corporate communications: Often as a result of disgruntled employees causing problems and inefficient managers bringing in PR companies to convince everyone they are happy. It doesnt work. If people aren’t happy, listen to their problems and try to fix them, or at least explain why you cant/wont fix them. Simply telling everyone they are in a minority does not improve worker morale, and does not improve reader satisfaction. (George Orwell has a LOT to answer for).

One, possibly more likely, reason could simply be that in the typical chain of a company telling each other how well you have done is better than doing something (well or otherwise). This could just be the new editor showing his chain of command what a great thing his changes have been.

Personally I think it stinks and the space would have been much better employed with more letters, even an advert would have been better if they have so much space….

I know it has been mentioned before, but why doesn’t technorati update their records when a Ping is sent? WordPress automatically “pings” (informs them there is an update) technorati when each new post is made, yet it seems to take about 12 hours for this to get through. Now, when some one else pings this blog, or posts ping other posts, the update is instant – yet technorati cant seem to manage this.

Does technorati have a system where the most popular blogs get the most frequent updates (or similar)? If so, then this reinforces my opinions about an already two tier internet.

Quick one – sorry about the recent lack of posts. Its is blindingly how and sunny here so, as you can imagine, sitting at a PC is far from anyones mind 🙂

We plan to write more soon.

Well, the year continues to hurtle past. It seems like only yesterday I was discussing the “Latest issue” of .net magazine and its structural overhaul, when all of a sudden the next one lands on my doormat.

Loathe though I am to admit it, things are getting better. Miraculously, .net has dragged itself out of the slump it has been living in over the last few months and is once more a good, readable, magazine.

Still…. nothing is perfect…. 🙂