Whilst it is nearly October 2016 (how time flies), I will be launching a new video on to my website and YouTube most likely in September.
This video aims to explain two of my Web Independently Styled Project, namely BalfBlog and BalfBar. BalfBlog has been getting a lot of updates, but that's not to say that BalfBar hasn't been getting that TLC.
As you may have noticed I have moved my website to a slideout side menu recently. This is a new feature of BalfBar and it's easy to switch. Since BalfBar is written in SASS instead of pure CSS, switching between enabling or disabling Dark Mode and switching between Dropdown and Sidebar mode is easy because all you do is change a variable or two. The main focus of BalfBar recently has been on this new type of menu and bringing it to it was not difficult at all. By doing this, users have the choice between two types of mobile menu with few changes, making BalfBar one of the lightest mulitple menu typed menu systems available.
BalfBlog has become even more powerful in the last few months with a focus on cleanliness and a move to a more streamlined interface. BalfBlog 2.2 which will be out later this year will focus on adding more server support so that the IIS servers out there can have just as pleasant a time as Apache has with BalfBlog. It will also focus on more tools and remove some of the older tools. BalfBlog also focuses on a much stricter system that ensures that all posts have an introduction, regardless of the mode. The reasoning behind this is to ensure that subscribers' RSS and emails are more concise.
I'm also looking to integrate infinite scrolling through posts (i.e. Ajax loaded posts) to BalfBlog and hoping that this will be an easy to integrate option. Whilst BalfBlog is solely a backend blogging system, I will provide source code to allow you to perform an Ajax request (you could simply write your own now, it's not going to be all that difficult). Next I will focus on integration with new modes, particularly the page CMS mode. I will also be making a new and fresh installer application for BalfBlog. This powerful new installer will integrate into the existing dashboard and for users who have yet to configure a data.php file it will help them generate the settings for them.
Both BalfBlog and BalfBar rely on community support, so if you are using either, please let me know what you think through the contact forms on my website.
A minor update has come to BalfBlog. This post will explain it in more detail.
The main updates are as follows:
- Deployment has been simplified.
- Settings tool now fully works, allowing you to change settings straight from the blog admin
- New directives in Settings tool
- Improved the way in which Blog Mode, Introduction Mode and Journal mode are switched, now selected from a single dropdown in the Settings tool.
- More friendly URL rewriting on Apache
- Simplified and lightweight user interface for the backend on mobile devices
- Removed some of the older JBlogs features that were unusable due to major changes
As always, I am commited to ensuring that the latest version is fully compatible with all older versions with very little effort. I also suggest if you wish to try this version out that you run the Flush tool and update your settings (data.php) file using the built in Settings tool.
Very important note for all, since this version does rely on the new Settings tool, it is not recommended you edit the data.php file any more since BalfBlog handles this.
I don't make enough of these writing tips it would seem. But for those who want to know the difference between discrete and discreet, here's a little attempt from me to explain it to you.
So we talk about several discrete things like a discrete graphics card or in my case discrete mathematics. We use the discrete with a t between the two es. This is because the meaning of discrete is totally different from discreet. This form of discrete means for something to be individual or disconnected, detached or distinct. In terms of our graphics card you can see how this the case since integrated graphics are a physical part of the system (and nowadays included in nearly every system) and cannot be added after. Discrete graphics on the other is distinct and disconnected or individual from the rest of the system, in fact it's actually a whole system on it own that has all the parts to be able to operate on its own.
Discreet on the other hand is associated with being unnoticed or concealed. For instance, during a talk you may be told to go and find someone but to make it discreet.
Both of these words are totally different but knowing when to use the correct form is very important.
Since beginning my PhD, which will mainly use qualitative research methods, I have taken a much bigger interest in this form of research. My honours dissertation was mainly based on quantitative research involving Lickert scales, but it did have one or two qualatitive based parts of the research.
Qualitative research focuses on subjective answers to the original problem. As a result, it tends to be based on opinion and it's an exploratory research method. Qualitative research aims to discover underlying reasons, motivations and opinions. It is less structured than quantative research. Research that takes place can be done using focus groups and/or interviews, using small groups of people.
Quantitative research will be used with this project to ensure that we get the right opinions and the reasons behind why this project needs to be developed, as well as suggestions on what should be done. It will then be used to generate the specification and what needs to be done to improve the current situation.
On qualitative research, Filstead (Filstead, William J. (Ed.) Qualitative methodology). Chicago: Markham. 1970) said:
This in no way suggests that the researcher lacks the ability to be scientific while collecting data. On the contrary, it merely specifies that it is crucial for validity - and consequencely, for reliability - to try to picture the empirical social world as it actually exists to those under investigations, rather than as a researcher imagines it to be.
I'm planning to keep updating these posts with more information when I start to get it.
BalfBlog 2.1 is the next big iteration of BalfBlog and it will be released maybe by the end of the year.
In the meantime, BalfBlog's updates are still being rolled out weekly and the next update will focus on consistency. I've had some suggestions put forward about the RSS and emails, and in general notifications, that BalfBlog is producing. Suggestions mainly attack the fact that entries in the RSS are currently including the whole content of the post and that emails are including a length-limited strip of the content. If there was one way I could unify it we could look back to June's update in which the Introduction Mode came to BalfBlog.
This update enforces the use of introductions on all posts. As a result of the feedback that was received about emails particularly, I've decided that all future versions of BalfBlog will enforce this no matter what the mode.
Version 2.1 is going to focus on one BalfBlog dashboard for multiple BalfBlog powered blogs and sections - something that currently is needed for my website. It will also focus on management and administration of your blog, particularly with multiple users. If you have any further ideas and would like to see them integrated into version 2.1, please suggest them using the normal method of contact.
Since many of us, including myself, like a bit of customisation with every little thing we use, BalfBar's next update will bring more optional items to the table. The core has been designed to make it easy to bring new features to it very quickly and by the end of tomorrow the new sidebar mode will be in place on the latest version.
The sidebar option allows you to have a mobile sidebar menu as opposed to a dropdown menu. This fantastic option is already in place on my website, so resize the page to test it. I find that this option offers more accessibility options and it's much better for larger menus. I'm focusing on improving it in the next few days however, so please suggest any positive and negatives about this design using the usual contact page.
I pay quite a bit to host all of my websites, ranging from jamiebalfour.co.uk (the original), to jamiebalfour.me (an addon domain), jamiebalfour.scot (my personal website, now with HTTPS), clickit.education and finally, zenlang.net.
Since version 1.5 will rename the syntax of ZPE, zenlang will no longer be the valid name. On top of this, the website has received much less attention from myself and has been left a bit of a mess. As a result, zenlang.net will no longer remain online from next year when it goes up for renewal. I will leave it as a subdomain (which is always available too at http://zenlang.jamiebalfour.scot.) for the future and will probably work on it for a while before I relaunch it with the new name.
CloudFlare is a content delivery network (CDN) that makes delivery of your website much faster and much more secure. It's great and it definetly took a lot of the demand away from my shared server. On top of that, it meant that when the server my website is hosted on went down it was there to step in a display static content from the cached version of my website that it had.
I've enjoyed CloudFlare for the last two or three years and found it to be the most valuable tool used with my website. But now I've been contemplating it's use. For four or five months I've been trying to get SSL (TLS nowadays) to work on my website and to display that HTTPS padlock on the client's browser when they visit my website. I bought a certificate for £13 in February but due to unforeseen circumstances I did not manage to get round to installing it until about April or May. When it was installed it did not work so I went straight to my web host's customer service team to get them to investigate. After four or five times getting in touch and being told it was installed several times, I though that there must be something wrong with this. At first I assumed the dedicated IP was the problem. Then realised something else.
A little explanation of how CloudFlare works
How CloudFlare works
CloudFlare acts like the man in the middle, protecting your website and sending information to the people who are expecting it. It's a great idea and it works well. But one of the key concepts of SSL is this:
You are connecting to the website that holds the certificate and that you are not connecting to some other website instead.
In other words when you initiate a connection to jamiebalfour.scot, you are expecting jamiebalfour.scot. Not jamiebalfour.cloudflare.com or something. The man in the middle could be perceived by the browser as being a man in the middle attack but really it is just CloudFlare's CDN trying to send the data. So what happens next? The browser in turn says the SSL certificate is invalid or the website that is trying to be reached is not the one that is coming in to the browser (in this case it will be CloudFlare's website that is coming in). This in turn means that the browser dismisses the website claiming it to be fraudulent.
The result
You simply cannot have a HTTPS website and CloudFlare unless you pay for a custom certificate from them. This causes problems with my website which is now using HTTPS. I have decided to leave out CloudFlare, at least for the next few months and I will be trying to rectify this problem from time to time in the hope that I can fix it so from time to time you may get SSL errors. I will say that my website performs reasonably well under general use without CloudFlare's assistance, but it does add a lot of security improvements as well as taking a considerable chunk of the stress from my origin server, but for the next few months my website will continue without it.
ZPE for the last few months has been in the back-burner a bit, something I absolutely hate to have to admit, but it's been like this because of the fact that it's really such a complete language. This makes it hard to add new innovations to the compiler design and features to the interpreter.
For a long time, Typo has been under development and unfortunately has yet to be released. During the days of BRS, Typo was an easy system to implement but because of the fact that ZPE focuses on speed of compilation Typo has been difficult to implement.
The future of ZPE is not going to be about updating each version with new interpreter functionalities but focusing on tightly integrating the design so that it supports 'plugins' - but not plugins to add features but to add more built in functions. The standard library (stdLib) did this in a way that expanded ZPE using only the ZenLang code and in turn only used features that already existed to build a set of very useful tools.
ZPE's plugin system is powerful and efficient, so development of smaller functionalties is a good idea - it will also keep the size of the main executable file down to a minimum thus making it more portable for users who do not need all of the functionalities. I recently added a new function for testing if a built-in function exists so that applications can be independent of versions.
I hope you have enjoyed using ZPE to date and I'm looking for feedback. Version 1.4.4.3 includes the feedback command, so all you do is type into your code to leave feedback:
feedback();
A couple of months back I was the victim to a website (not to be named) that was hacked and ultimately gave the information of it's users away that ultimately included my information. The reason behind this was that passwords were not stored in a effective manner. This meant that the minute you have access to the database you have access to all of these passwords.
What this now meant for me was that they had my email address and my actual address and began to subscribe me to many things I would never sign up to whilst also sharing my user name and password details on the web. It's a cold and horrible thing for someone to contemplate doing because I had done nothing to them in the first place for them to launch an attack at me. And to be honest the website who was a website who's sole duty was to help others - so it's pretty cruel to do that. Anyway, storing details about people in a secure manner is an important factor of online security.
What an unsecure database may look like
In a world where security is not a thing, algorithms such as the SHA (secure hash algorithm) would not exist in the field of security. In fact, the field of security would not need to exist. But unfortunately, because there are people who want to either steal something or just for the sake of it damage something, we have to compensate for this by developing secure ways of storing information.
In the world without security however, passwords could be stored as plain text - simply as they were typed in to the text input. This means that anyone who has access to the database can then scroll down to the appropriate field and read their password. Unfortunately however, if a hacker gains access to this information, they have access to the raw password - that's the password they can use to login to the system. This is not good. So database designers and web developers and so on go a step further and use some kind of algorithm to conceal the password.
How to store sensitive data effectively
When data like a password is put into the database it should be encoded using some kind of algorithm.
The first way of storing passwords is to create or use an encryption algorithm to encode the password and a decryption algorithm to re-obtain the password from the cipher text. This method is uncommon because it means that there is at least one method to decrypt the password in the database, and therefore leaves open a security vulnerability (if someone obtains this decryption algorithm and the key needed to decrypt the passwords, they can simply decrypt every password and it's easy enough to figure the key out if you have a password and it's cipher text).
The most common algorithm is the SHA because it's been guaranteed to have a one-to-one mapping from the plain text to the cipher text - meaning that no two passwords generate the same cipher text. When this algorithm is applied it is designed to be irreversible, that is it is impossible (or at least near impossible) to figure out what the original text was (at least without going through each combination of characters and testing it against the cipher text). This method is more secure than the former since it does not offer a quick way to take a cipher text and turn it to a plain text.
These are just two ways of storing passwords but you can probably find other ways. I use a combination of both on my website (my own hashing algorithm and my own encryption algorithm on top).
