I have just noticed that I have passed the monumental 1GB mark of email stored in my GMail account. I was invited to join the beta in August 2004 when this was the limit, and way more than other webmail services. Not long after it was upped to 2GB storage, and now with the Infinity+1 and other increases my available storage has risen to over 6.3GB. :-)

I have been working on a pet PHP project that will be maintained by others who are not professional developers. They are intelligent people but are probably unaware of code and SQL injection, never mind know how to avoid it. As a result I have been encapsulating all the client interaction and a set of easy to understand libraries. It was while working on this I came across a scenario that I would not otherwise have come across, that being problems caused by a trailing backslash in an edit field.

Although a training backslash is rarely a problem nowadays as we have magic_quotes_gpc enabled by default on most new servers, there are occasions when you need to strip the slashes and encode as HTML using htmlspecialchars or the like. The problem is that if the last character is a backslash, and a string is appended to another (like when building an SQL query), then it will cause the first character in the appended string to be escaped.

Although the risk of attach is small as it would rely on two sets of data from the user being fed through, and the user knowing the order, it is still a risk, and an easy way to screw with a site.

As an experiment I decided to try screwing with some popular open source projects by ending my field values with a backslash, and guess what, on a small few it caused chaos. The common problem is that the server goes in to overdrive until it times out, that or you get back an interesting error message. If I have time I will look at the potability of using this as a way to inject my SQL, and then look at easy ways to fix it.

So, if you ever use stripslashes remember to think about the trailing backslash.

You may have noticed that I am have a search option on my site for a while now. This searches my blog and other sites, and has been powered by Google. This used the Google AJAX Search API and although did an okay job, it did not give me the control I wanted.

Today, after leaving it until later many times, I decided to have a play with the Yahoo Search API and it does everything I want it to.

Now when you search from something on my site it constructs a REST query and submits it to Yahoo. The result is retuned (I am using JSON) and then I parse the data how I want it. The search is restricted to my sites alone and I also add a little icon that identifies what site the data was found on. I am keeping the layout simple and not overloading the user with information, but if you hover over the logo and title you should see the URL.

So why not give it a go and search my stuff.

I have just linked together some PHP code that allows me to update my Twitter, Jaiku and Facebook status messages from just one screen.

Originally I did not get Twitter and only updated my status when I posted something on my blog, but as I started to read what my friends were doing it kind of clicked and I started using it properly. Later I started the save on Facebook where I have other friends, but this started the annoyance of using two services to do one thing.

Before this I was using Twitter to update my Facebook status via the Twitter Facebook application. Originally this was far from ideal as it could not change the real status message, and once that was fixed it started to put an “is Twittering: ” prefix that was rather annoying. I also keep my status updates for friends only and that prevented me propagating the changes to Jaiku.

My solution was to use the various APIs to to create a service that updates all of these services from one web page. The Twitter API was the easiest, although I don’t much like having my Twitter password stored on the web server and will be changing it regularly now. Jaiku would have been just as easy but I used Jon Kossmann‘s PHP neat little library to save me the effort. Originally I started by trying to use Steve Marshal‘s code to update Facebook, but my server was having none of it, so after a lot of playing with the Facebook API I managed to get my own solution working by creating a Facebook application.

So what next? I intend to add a location field that will update Jaiku and Fire Eagle. I also want to update Pownce when the API is available, and also intend to show a summery of Twitter updates from friends. I am also looking at a visual authentication procedure that will be more secure on public terminals, and possibly turning this in to an OpenID server for me in the field.

Will I make it public? Well, it will take a little time to create a a public service and I am not planning on doing this. That being said please let me know if you wan to do this and I may change my mind.

Update: A quick update following some checking on possible message lengths. Twitter uses 140 characters (but 160 can be posted), Jaiku accepts 140 and Facebook 160.

Update: I have just added support for Pownce. Currently it does not message all users, just those who ask to be added to the set.

For BarCampLondon3 I decided to do something a little different and run a session for people to show off there favourite websites. This was built on Natalie’s show and tell from BarCampBrighton, but with the twist of showing the best and most useful new sites, and not just what we have created. Naturally these should be the same sites. ;-)

First I demonstrated Profilactic. This is a site that I found a while ago. It aggregates many of my public feeds in to one “Stalker” feed. I most like it because it is simple to use, looks good, and as it only works with public feeds you do not need to trust it with all your passwords. I also mentioned MeeCard that is in alfa and demonstrated at BarCampSheffiled.

Next we had a look at Vector Magic. With this service you can upload an image and it converts it to a vector format. This allows pixelated images to be smoothed out and allow you to blow them larger without it looking blocky.

The web site Icon Finder was recommended as a search utility to find icons. Most are free, but do check the licencing before using them. The site I could not remember was famfamfam.com that has a lot of useful icons available.

Tom Scott then had a go at demonstrating his App in a Box, a simple application generator for Facebook. Some work is still needed but it is now working.

To close I mentioned a site called Calls may be recorded that you can upload your best and worst phone calls and listen to everyone else’s. It is better that it sounds, honest.

Lastly Sound Snap was recommended as site to find royalty free audio clips for whatever you want them for.

Finally I tend to post links to anything interesting I find to my Tumblelog, so if you want to see more sites like this then keep an eye on this.

I am seriously considering buying a Eee PC 701 ultra portable PC. I have been interested in this style of low cost but functional computer and never quite understood why project such at the one laptop per child project was only focusing on the stereotypically third world communities. Making a computer more affordable to everyone including those in the West with luxuries like running water and electricity but are still disadvantaged in today’s society by the the lack of connectivity seems equally rewarding, increases production, and reduces costs and prince.

Anyway, while I was looking at these I did not expect to realise that outside of the day job and Windows programming, these basic machines are all I need. They also have the advantage of being light weight and having a good battery life in addition to being low cost. Okay I can not run games or watch DVDs, but I don’t do that anyway. Okay I will need to use another machine for programming, audio editing and web development, but I will still have the Windows PC for that. The real advantage is that this light weight device is small enough for me to grab and carry with me most of the time.

The device runs on a custom build of Linux, but can have Windows installed. It uses a 4GB flash drive instead of a traditional HDD that reduces weight and increases battery life. The best bit is that it boots in 15 seconds. :-)

The device has had many good reviews and the machines listed on Ebuyer were quickly sold out. So should I get one?

Today I have added a “Subscribe to audio read” option to my blogg’s right hand side menu. This is using a new service form Odiogo that takes an RSS feed and converts it in to a podcast.

I have only just started running this as an experiment, but it is looking (or should that be sounding) good. I am also liking some of the inflection the digital voice. Because of the custom way my blog is configured the standard Blogger plug-in does not work, and as Odiogo is currently limited to select blogging tools customisation is not easy. That being said I have managed to get the feed to go through Feedburner and if I had not customised my blog as much I could have a listen to this post feature.

So please have a listen and let me know your thoughts on the service.