The calendar
October 2014
« Sep    

You have heard about Shellshock Bash bug, right? It affects the machines running Linux and / or Mac OS X (including your PC's, web servers, your smartphones, some of your devices at home) by making them vulnerable via the Unix command shell Bash, which happens to be one of the most common applications in those operating systems. The shell or command prompt is a piece of software that allows a computer to interact with the humans by interpreting text typed via the keyboard. A malicious user can get access to your input and inject code to the system, taking control or damaging it and its data.

This bug was baptized Shellshock by Security Researchers and you can find more information about it over here. This issue is not critical, but it can create severe problems. Keep yourself informed and watch for updates… then updated your computer / server / smatphone and other devices as quickly as you can.

Let's start with your computer. If you have a Mac OS X or Linux system, open the Terminal and run this line of code:

env x='() { :;}; echo Shellshock Bash makes you vulnerable' bash -c 'echo this is a test'

If you see the text "Shellshock Bash makes you vulnerable" as an answer, your system is, well… vulnerable. Three of the most popular Linux distributions, Fedora, Red Hat and Ubuntu already have patches available, probably Apple will soon release its fix.

Somebody asked me yesterday what have to be done in order to disable copy/paste function and to stop the visitors (or, at least, most of them) to copy the content of her articles. Well, I prepared the answer, but you can learn from it as well… So I am posting it here, hoping it will help.

Apply this code in your html document inside the <body> tag in order to disable drag and select (and copy/paste using the Ctrl+C/Ctrl+V keys).

ondragstart=’return false’ onselectstart=’return false’

Practically, the tag should look like this (considering there is no onLoad or other stuff like that already added):

<body ondragstart=’return false’ onselectstart=’return false’>

Apply this script in your html document before closing after the starting and before the closing the <head> tag:

<script type="text/javascript">var message=FunctionDisabled!;function clickIE4()
{     if(event.button==2) { alert(message);returnfalse;}}function clickNS4(e)
          {if(e.which==2 || e.which==3) { alert(message);returnfalse;}}}if(document.layers)
     document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4;}elseif(document.all&&!document.getElementById)
    { document.onmousedown=clickIE4;} 

Add some necessary security CSS elements to the <body> tag.

For example, add in the CSS file

body {
    user-select: none;
    -moz-user-select: none;
    -webkit-user-select: none;
    -o-user-select: none;

In case you want to place them as CSS style in the html document, the <body> tag will look like this:

<body ondragstart=’return false’ onselectstart=’return false’ style=’user-select: none; -moz-user-select: none; -webkit-user-select: none; -o-user-select: none;>

This is basic protection only! That will help you in most of the cases, but advanced users will bypass it with ease by disabling JavaScript on their browser or using firebug to see the html source.

A few months ago I wrote about this error that appears when someone is trying to install a module, extension or template design for previous Joomla versions. It’s not the single time when this warning appears when trying you’re trying to install or upgrade something. Let’s take for example the following code:
<?xml version=”1.0″ encoding=”UTF-8″?> <extension type=”module” version=”3.0″ method=”install”> <name>Joomla SlideShow</name> <creationDate>2013-11-15</creationDate> <author>Supravirtual SRL</author> <copyright>(C) 2013 This module is released under the GNU/GPL v2 License</copyright> <authorEmail></authorEmail> <authorUrl></authorUrl> <version>1.0</version> <description>Joomla horizontal and vertical Slideshow</description> <license> GNU/GPL</license> <files>….
The  XML file continue with the rest of the necessary code for a module. The error what I am referring to appears when one is changing the “and” from description to “&”. Everything else is OK, the code is OK, but you can’t install or upgrade your Joomla extension as long as you are using & in the file.
It was about time to add the new content versioning... Wordpress has it since like forever. It something necessary for people that do not exactly know what they are doing, and it's a lot of this kind of fellows. Read the rest of this entry »
Some months ago, when it was released, Joomla 3.1 brought some good and not so few modification in ths use interface... The lateste version, Joomla 3.2 brings some new improvements. Some of them reminds me of Wordpress admin interface... but that's another story. Read the rest of this entry »
A presentation you may be interested in about the latest Joomla version, 3.2, and the Rapid Application Development (RAD) Framework. Read the rest of this entry »
[ It's been a while since I've posted here, but it's time to return and post some more. Especially useful information for beginner webdesifners... just watch the video and you will understand why. Read the rest of this entry »
community builder advanced search error not installed When you buy a Joomla component that works as an add-on for other component (for example, the Community Builder Advanced search allows you to find CB users according to the field they filled in) it’s obvious that you should have the both components installed in order the add-on to work. Right? It should be obvious that you should get the Community Builder in order the search to work… Well… This does not happen every time. Today I had a good laugh when some client asked about the error triggered, as in the image… He had the search component, but not the CB… Wwhyyyy?!?!

One of the errors triggered by the usage of extensions created for previous Joomla versions looks like this:

Joomla Fatal error: Class classname cannot extend from interface JController

The reason: It looks like the interface JController has been removed, and now you have to specify which controller you’re using.

So, the following code

$controller = JController::getInstance('classname');

will become

$controller = JControllerAdmin::getInstance('classname');

Also, there is one thing you should change:

class ClassnameController extends JController

will become

class ClassnameController extends JControllerAdmin { }