RadianT tutorials, tips and tricks

Why I'll never buy a Ford again!

I purchased a Ford Ranger 4 years ago which came with 3 years of warranty, the first three service checks for free and a lot of extras for free due to a promotion. All fine, no problems. Two years ago I bought a 2nd car and well Ford had a good model for the same price as all competitors and again I purchased a Ford, the Ford C-Max this time.

The car is ok (not great) and came with only 2 years of warranty (a bit short for a $40,000 car), and within the first year the gearbox already had problems in reverse. It burns if there is a little bit of a slope. The dealer checked it with the first service and said there was no problem. Well, I don't agree, but what can you do.

Now after two years and only 34000 kilometers on the counter, I brought it to the dealer for the 2nd service check. Note that neither service checks were free. In the 2nd year one of the rear seat belts stopped working (that's quick!) and the curtain of the glass rooftop does not close anymore. So I mentioned these two things to the dealer and expected them to be under warranty. Wrong!

Since the service check was one month and 12 days after the warranty expiry date they want me to pay for these two repairs which I kindly refused.

I will file a complaint with Ford about this and see what they have to say about it. Before I had a Jaguar for 15 years and guess what, the safety belt mechanisms were fine even after 15 years (so was the rest of the car btw).

In short, because of the low quality and the terrible service on top of that, I will never buy a Ford again!

About Bar Codes

Bar codes first appeared in the 1970s to automate the process of pricing grocery items. Nowadays they are widely used to automate business processes as to increase productivity and reduce the chance of human error. The type of barcode used depends upon the implementation, the data to be encoded and how the data needs to be printed.

There are different types of barcode standards for different purposes called symbologies. Each symbology or barcode type is a standard that defines the printed symbol and how a scanning device reads and decodes the symbol. Several industry standards have been established and depending on the type of industry a standard needs to be implemented.

Here is an overview of some industry standards and their typical use:

Standard	To identify	Symbology
EAN-8, EAN-13	items for sale worldwide	UPC/EAN
EAN-14	shipping cartons, boxes	Interleaved 25, Code 128
ISBN, ISSN, Booklan	books, magazines, periodicals	EAN-13 with UPC/EAN
MICR	bank checks	MICR E-13B, CMC-7
SCC-14, SSCC-18	shipping cartons, boxes	Interleaved 25, Code 128
SISAC, SICI	serial numbers for serial publications	Code 128
POSTNET	US Postal Service mail addresses	POSTNET
UCC-128, EAN-128, SSCC-18	shipping cartons, boxes	Code 128
UPC	products for sale in USA and Canada	UPC/EAN

Some bar code characteristics:

CODE128: a continuous multilevel full ASCII code with three character sets.
CODE39: an alphanumeric barcode that can encode numbers, upper case letters and a few special symbols.
CODE39Ext: encodes the complete 128 character ASCII character set.
DataMatrix: a high density bar code that can encode text, numbers, files and data bytes.
EAN-13: encodes 13 digits whereby the first 2/3 digits are the country code, the next 9/10 digits are the data characters and the last digit is a checksum digit.
EAN-8: encodes 8 digits whereby the first 2/3 digits are the country code, the next 4/5 digits are the data characters and the last digit is a checksum digit.
Interleaved 25: a numeric only bar code.
UPC-A: encodes a 12 digits whereby the first digit is the system character, the next 10 digits are the data characters, and the last digit is the checksum digit.
UPC-E: a compressed bar code version which squeezes out the zeros.

Bar code scanning

Reading bar codes can easily be done with a handheld barcode scanner. A good choide is a bar code scanner that has a built-in decoders and can read several different bar code types. Most bar code scanners do not need an external power supply since they get their power from the keyboard or the USB port.

Bar code printing

Barcode fonts allow you to print barcodes from MS Windows, Mac, UNIX, AS/400 and other operating systems. You can use TrueType, OpenType, BDF, FON, PCL, PostScript (type 1) Binary and ASCII versions for most symbologies. Self-checking fonts are the easiest to use and can be entered directly from the keyboard. All barcodes require a start and stop character. You can print bar codes using bar code fonts, bar code servers, ActiveX controls, DLLs, Java beans, applets or servlets, or from within PDF documents. Optionally you can use a bar code label printer.

Bar code resources

Popular Image File Formats

Images are stored in a variety of file formats. Many different image file formats have been developed over the years for specific applications and hardware. Most applications support a large number of commonly used file formats.

WHAT TO USE

For:	Photos	Line graphics
Common properties	Continuous tones, 24/48 bit color or 8 bit grayscale	Solid colors, 16 to 256 colors
Best quality	TIF, PNG	PNG or GIF or TIF
Smallest size	JPG, PNG	TIF LZW, GIF or PNG
Max compatibility	TIF, JPG	TIF or GIF
Best for Web	JPG, PNG	GIF, PNG
Worst choice	GIF	JPG

MOST POPULAR FORMATS

BMP - Windows Bitmap

The Windows Bitmap file format is the standard file format used by Microsoft Windows. Bitmap files can contain either 2 (black and white), 16, 256 or 16.7 million colors. Most Windows Bitmap files are not compressed. It is possible to save 16 and 256 color images in a compressed format (See Run-Length Encoded below) but some applications are not able to read the compressed files. The default file extension for Windows Bitmap files is “.BMP”. Occasionally you may see bitmap files with the extension “.DIB”.

RLE - Windows Run-Length Encoded

The RLE format is a variation of the Windows BMP format that offers a modest degree of image compression. It has two primary uses under Windows. It can be used to create compressed wallpaper files and it can be used to replace the opening Windows logo screen with a file of your own choosing. RLE files are always either 16 or 256 color image files.

GIF - CompuServe Graphics Interchange Format - Indexed color 1 to 8 bits

The GIF file format was developed by CompuServe Inc. for use on their online service and became the number one choice for Web pages until royalty claims were introduced. GIF files are color-mapped files that can have anywhere from 2 to 256 colors. Most applications support both the 87a and 89a versions of the GIF standard. GIF files are always compressed and offer an efficient way to store large images.

JPG - Joint Photographic Experts Group - RGB 24, grayscale 8 bits

The JPEG format uses a method of compression that reduces image file size by selectively reducing the amount of detail contained in the image and by transforming the image data into a format that is better suited for compression. Images with fewer details compress extremely well, while pictures with a high degree of random detail do not compress as well, or suffer some degree of image degradation. The relative amount of detail removed can be specified in most applications. At the default value of 75, relatively little picture degradation will take place, but a significant amount of compression will be obtained. At lower values you will experience still better compression, but with a marked loss of image quality. JPEG images are either true color or grayscale (256 shades of gray).

PCD - Kodak Photo CD

The Photo CD format is a proprietary format developed by Eastman Kodak to store digitized photographic images on CD-ROM disks. These images are always converted to true color (24-bit) images when loaded into MGI PhotoSuite. Photo CD CD-ROM disks produced according to Kodak specifications include one or more Photo CD images as well as an overview file containing small “thumbnail” versions of each image on the disk. The Photo CD image files always reside in a directory named d:\PHOTO_CD\IMAGES on a Photo CD disk. However, you may also encounter Photo CD image files on networks, bulletin boards and other types of CD-ROM disks which lack the overview file.

Each Photo CD file contains a number of scans of the same image at a number of different resolutions. Many applications support the following Photo CD resolutions: 192x128 pixels, 384x256 pixels, 768x512 pixels, 1536x1024 pixels and 3072x2048 pixels. If you only have four megabytes of memory installed in your computer, you may not have sufficient free memory to edit the 1536x1024 or 3072x2048 pixel Photo CD formats.

TGA - Truevision Targa

The Truevision Targa format was originally developed by Truevision Inc. for use with their line of graphic display cards. The Targa format is used by several high-end paint and CAD programs. Color resolutions range from 256 color, 32768 (16-bit) color, 24-bit true color and 32-bit true color formats. The 32-bit Targa format contains 24 bits of color data as well as 8 bits of transparency (overlay) data. Targa images exist in both compressed and uncompressed formats.

PCX - PC Paintbrush

PCX files were originally developed for Z-Soft’s PC Paintbrush package. These files come in monochrome, 16 color, 256 color and true color (24-bit) varieties. PCX files are compressed using a method that offers a modest degree of compression compared to other compression formats.

TIF - Tagged Image File Format - RGB 24 or 48 bits, grayscale 8 or 16 bits, indexed color 1 to 8 bits, line art (bilevel) 1 bit

The TIFF format was developed by Microsoft and Aldus Corporations as a portable method of storing bitmap images. TIFF files come in monochrome, 16-color, 256-color, 16-color grayscale, 256-color grayscale and true color (24-bit) varieties. TIFF files exist in both compressed and uncompressed formats. The compression format offers a high degree of compression. TIFF image files use LZW lossless compression which means there is no quality loss due to compression. However, certain older paint programs that use an early version of the TIFF format may have difficulty reading compressed TIFF files. If you find that a program will not read the compressed files, try saving the file in the uncompressed format. The default file extension for TIFF files is “.TIF”.

CTF - MGI Catalog File

The CTF format was developed by MGI as a means to store thumbnails for cataloging images and multimedia files. Thumbnails of images can be either 256- or 16-million colors and one of any nine sizes, allowing great flexibility in size vs. quality vs. performance.

PNG - Portable Network Graphics - RGB 24 or 48 bits, grayscale 8 or 16 bits, indexed color 1 to 8 bits, line art (bilevel) 1 bit

The original purpose of PNG was to be a royalty-free GIF and LZW replacement. PNG supports a large set of technical features, including superior lossless compression from LZ77. Compression in PNG is called the ZIP method, and is like the 'deflate" method in PKZIP (royalty free). PNG incorporates special pre-processing filters that greatly improve the lossless compression efficiency, especially for gradient data found in 24-bit photos. PNG has additional unique features, f.e. an Alpha channel for a variable transparency mask (partial transparency can be used for many things such as fades and anti-aliasing of text), and an embedded Gamma value so image brightness can be viewed properly on Windows and Mac screens. PNG has a much smaller file size than TIF LZW. PNG is an excellent replacement for GIF and 24-bit TIFF LZW files. PNG is superior to GIF. It produces smaller files and allows more colors.

About cookies

A "cookie" is a small piece of information sent by a web server to store on the hard disk of a web browser client so it can later be read back from that browser client. This is useful for keeping specific information. An example is when a browser stores your passwords and user IDs. They are also used to store preferences of start pages.

A server, when returning an HTTP object to a client, may also send a piece of state information which the client will store. Included in that state object is a description of the range of URLs for which that state is valid. Any future HTTP requests made by the client which fall in that range will include a transmittal of the current value of the state object from the client back to the server. The state object is called a cookie.

This mechanism provides a tool which enables a host of types of applications to be written for web-based environments. Shopping applications can store information about the currently selected items, fee services can send back registration information and free the client from retyping a user-id on next connection, sites can store per-user preferences on the client and have the client supply those preferences every time the site is connected to. More specifically, uses are varied:

Online ordering systems
An online ordering system using cookies remembers what a person wants to buy even if the visit gets terminated.

Site personalization
This allows people to select an option, and from then on (until the cookie expires) the site guides them in viewing their chosen option.

Web site tracking
Site tracking can show you dead end paths, places in your website that people go to and get lost so to speak. It can also give you more accurate counts of how many people have been to pages on your site. You could differentiate 50 unique people seeing your site from one person hitting the reload button 50 times.

Targeted marketing
This is probably one of the main uses of cookies, they can be used to build up a profile of where you go, what adverts you click on and this information is then used to target adverts at you. Cookies can also be used to store which adverts have been displayed so the same advert does not get displayed twice.

User IDs
In Internet Explorer the first part of the cookie is your win95 log-in name. User IDs can also be remembered, such as IE5.0+ uses.

How cookies work

A command line in the HTML of a document tells the browser to set a cookie of a certain name or value. Here is an example of some script used to set a cookie. A cookie is introduced to the client by including a Set-Cookie header as part of an HTTP response, typically this will be generated by a CGI script.

Syntax of the Set-Cookie HTTP Response Header

This is the format a CGI script would use to add to the HTTP headers a new piece of data which is to be stored by the client for later retrieval.

Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure

NAME=VALUE

This string is a sequence of characters excluding semi-colon, comma and white space. This is the only required attribute on the Set-Cookie header.

expires=DATE

The expires attribute specifies a date string that defines the valid life time of that cookie. Once the expiration date has been reached, the cookie will no longer be stored or given out.

The date string is formatted as:

Wdy, DD-Mon-YYYY HH:MM:SS GMT

This is based on RFC 822, RFC 850, RFC 1036, and RFC 1123, with the variations that the only legal time zone is GMT and the separators between the elements of the date must be dashes.

expires is an optional attribute. If not specified, the cookie will expire when the user's session ends.

domain=DOMAIN_NAME

When searching the cookie list for valid cookies, a comparison of the domain attributes of the cookie is made with the Internet domain name of the host from which the URL will be fetched. If there is a tail match, then the cookie will go through path matching to see if it should be sent. "Tail matching" means that domain attribute is matched against the tail of the fully qualified domain name of the host. A domain attribute of "me.com" would match host names "yes.me.com" as well as "yes.no.me.com".

Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "va.us". Any domain that fails within one of the seven special top level domains listed below only require two periods. Any other domain requires at least three. The seven special top level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL" and "INT". The default value of domain is the host name of the server which generated the cookie response.

path=PATH

The path attribute is used to specify the subset of URLs in a domain for which the cookie is valid. If a cookie has already passed domain matching, then the pathname component of the URL is compared with the path attribute, and if there is a match, the cookie is considered valid and is sent along with the URL request. The path "/" is the most general path. If the path is not specified, it as assumed to be the same path as the document being described by the header which contains the cookie.

secure

If a cookie is marked secure, it will only be transmitted if the communications channel with the host is a secure one. Currently this means that secure cookies will only be sent to HTTPS (HTTP over SSL) servers. If secure is not specified, a cookie is considered safe to be sent in the clear over unsecured channels.

Syntax of the Cookie HTTP Request Header

When requesting a URL from an HTTP server, the browser will match the URL against all cookies and if any of them match, a line containing the name/value pairs of all matching cookies will be included in the HTTP request.

Cookie: NAME1=OPAQUE_STRING1; NAME2=OPAQUE_STRING2 ...

Security

An HTTP Cookie cannot be used to get data from your hard drive, get your email address or steal sensitive information about your person. Early implementations of Java and JavaScript could allow people to do this but for the most part these security leaks have been plugged. But HTTP Cookie can be used to track where you travel over a particular site. This site tracking can be done without using cookies as well. You can disallow cookies with the latest browsers. Some database driven shopping sites and informational sites do need cookies to run.

Set cookies

The SetCookie function and the SetC functions are functions that define the cookie. They allow you to take user input from a form and convert it into 'cookie' format. This code is meant as an experimental base for you to work with.

1) Insert the following code in the <HEAD> section of the page.

2) You then insert the form code for sending the data to the SetCookie and SetC functions. Experiment with onChange, onClick, onFocus, onBlur depending on whether you are using a button, text box, radio or button.

TO VIEW THE RESULTS OF THE COOKIE

3) Paste into your page where you want the cookie results to be displayed. The GetCookieVal function and the GetCookie function find the cookies you created and display them on the page.

then copy!

var nam1=GetCookie("msg1") <script> document.linkColor=GetCookie("linkColor"); document.alinkColor=GetCookie("linkColor"); document.vlinkColor=GetCookie("linkColor"); document.bgColor=GetCookie("backColor"); </script>

EXPLAINED

SetCookie: save to a cookie

function setCookie (name, value, expires) {
if (!expires) expires = new Date();
document.cookie = name + "=" + escape (value) + <-- save cookie value
"; expires=" + expires.toGMTString() + "; path=/"; <-- set expiration date and path
}

If you want to save someone's first name (such as Peter) to a cookie called "_fname", this is what you would need:

var expdate = new Date ();
expdate.setTime (expdate.getTime() + (1000 * 60 * 60 * 24 * 31));
setCookie ("_fname", "Peter", expdate);

This function gives the cookie an expiration date of one month. The one month is set by multiplying 1000 milliseconds by 60 seconds by 60 minutes by 24 hours by 31 days. If you want to save the cookie for a year change the 31 to a 365. All cookies must have an expiration date. If you specify no expiration date the cookie will last through the current browser session. When setCookie() is run, it creates a cookie called "_fname", sets the value of the cookie to "Peter" and sets the expiration date to 31 days.

Another simple example:

function setCookie(name, value, expires) {
document.cookie = name + "=" + escape(value) + "; path=/" + ((expires == null) ? "" : ";
expires=" + expires.toGMTString());
}

getCookie: read from a cookie

This function searches through the cookie until it finds the cookie name that you specify. Then it finds the value of the cookie and returns it. To get the cookie that was saved with "Peter's" name in it, you use:

document.write(getCookie("_fname"));

This prints out the value of the "_fname" cookie, which was set to "Peter". If you wanted to print out the value of some other cookie, you would just use its name instead of "_fname". You can give the value of a cookie to a variable, allowing you to manipulate the values and create programs that can save and load information. You always need to include both functions: setCookie() and getCookie().

Another example of getCookie:

function getCookie(name){
var cname = name + "=";
var dc = document.cookie;
if (dc.length > 0) {
begin = dc.indexOf(cname);
if (begin != -1) {
begin += cname.length;
end = dc.indexOf(";", begin);
if (end == -1) end = dc.length;
return unescape(dc.substring(begin, end));
}
return null;
}

DelCookie: delete data from a cookie

If you wish to erase a cookie, use this function.

function delCookie (fname) {
var expireNow = new Date();
document.cookie = name + "=" +
"; expires=Wed, 03-Jan-90 00:00:01 GMT" + "; path=/";
}

or more simple:

function delCookie(name) {
document.cookie = name + "=; expires=Wed, 03-Jan-90 00:00:01 GMT" + "; path=/";
}

Retrieve function

Function to retrieve an element's value from a form:

function getValue(element) {
var value = getCookie(element.name);
if (value != null) element.value = value;
}

Save function

Function to save an element's value from a form:

function setValue(element) {
setCookie(element.name, element.value, exp);
}

Example of a form

<form action="/cgi-bin/your_cgi_script.cgi"> <p>Enter name: <input type="text" name="your_name" onFocus="getValue(this)" onBlur="setValue(this)"> <p>Enter ID: <input type="text" name="id" onFocus="getValue(this)" onBlur="setValue(this)"> <p>Enter password: <input type="text" name="password" onFocus="getValue(this)" onBlur="setValue(this)"> </form>

Web camera sites

Castles

• Austria - Castle Hochosterwitz 1
• Austria - Salzberg Castle
• Belgium - Ghent, Castle of the Counts
• Czech Republic - Karlstejn Castle
• Czech Republic - Prague Castle
• England - Carlisle Castle
• Ireland - Malahide Castle
• Scotland - Edinburgh Castle
• Scotland - Inverness Castle

Cities

• Anchorage webcams
• Auckland NZ port view
• Bangkok
• Belfast
• Bruxelles
• Chicago View
• Florence
• Geneva
• Hong Kong
• Hong Kong Causeway Bay
• Hong Kong Victoria harbor
• Hong Kong Victoria park
• Illinois. Milby Clock tower
• INDIA - Connaught Place in New Delhi
• Jerusalem
• Las Vegas view Polo towers
• Liechtenstein, Malbun
• Lincoln, Nebraska
• London
• London: Big Ben
• London: Trafalgar Square
• London: Trafalgar Square
• L.A. Avenue live cam
• Melbourne, Australia
• Millennium Dome, London
• Moscow
• Moscow Red Square
• Naples, Italy
• New Orleans, Bourbon Street
• New York
• New York, The Statue of Liberty
• Paris
• Rome
• St. Petersburg
• Tokyo Tower
• Turin, Italy

Panoramas

• Africam - djuma
• Animal cams Discovery
• Antarctica
• Pennsylvania Seasons
• San Francisco Bay
• Scotland
• World - Satellite View with zoom

Places & People

• Alaska webcams
• Alberta, Canada
• Brooklyn Bridge
• Canary Island beaches
• Europe webcams
• Hong Kong - Airport
• Honolulu - Waikiki Beach
• Japan webcams
• Loch Ness
• New York - Fifth Avenue
• Niagara Falls
• Niagara Falls
• North America webcams
• Panama Canal
• Pearl Harbor
• Rio de Janeiro
• Russia
• Tahiti

Scientific

• Bradford Telescope
• Comet Watching
• Electron Microscope
• NASA
• North Pole Environmental Observatory
• Telerobot
• Telescopes in education

Mountains

• 24Hours Mt. Fuji Live
• Coronet Peak, New Zealand
• Haleakala volcano, Hawaii
• Mount Etna, Sicily
• Mount Etna, Sicily
• Mt. Everest
• Mt. Fuji, Japan
• Mt. Miyake, Japan
• Mt. Shasta, California
• Mt. St. Helens, Washington
• Mt. Jungfrau, Switzerland
• Oro Valley, Arizona
• Pikes Peak, Colorado
• Popocatepetl volcano, Mexico
• Mt. Ruapehu volcano, New Zealand
• San Salvador volcano, San Salvador
• Smoky Mountains, Tennessee
• The Black Glacier, Antarctica

Underwater

• Lobster Cam
• Monterey Bay Aquarium
• Titanic cam

Various

• Ant cam
• Bee cam
• Chicken cam
• Fish webcam
• Turtle webcam
• Weather cams

Web camera resources

• Earthcam
• Camcentral
• Comfm
• Webcamania
• Wildwebcams

Bookmarking - How and Where

There are more and more places on the Web where one can add bookmarks. We have shortlisted some of the main spots and include a list here of what to place on your Web page to have it easily bookmarked in these places. Simply replace the The_Page_URL, The_Page_Title, and The_Page_Description to reflect your data, and add one or more bookmark icons to your Web page.

	http://simplythebest.net/submitnews.php?url=The_Page_URL&title=The_Page_Title&descr=The_Page_description
	http://myweb2.search.yahoo.com/myresults/bookmarklet?u=The_Page_URL&t=The_Page_Title
	http://www.facebook.com/sharer.php?u=The_Page_URL&t=The_Page_Title
	http://www.google.com/bookmarks/mark?op=edit&bkmk=The_Page_URL&title=The_Page_Title
	http://digg.com/submit?phase=2&url=The_Page_URL&title=The_Page_Title
	http://del.icio.us/post?url=The_Page_URL&title=The_Page_Title
	https://favorites.live.com/quickadd.aspx?url=The_Page_URL&title=The_Page_Title
	http://slashdot.org/bookmark.pl?url=The_Page_URL&title=The_Page_Title
	http://www.squidoo.com/lensmaster/bookmark?The_Page_URL
	http://www.newsvine.com/_wine/save?u=The_Page_URL&h=The_Page_Title
	http://myjeeves.ask.com/mysearch/BookmarkIt?v=1.2&t=webpages&url=The_Page_URL&title=The_Page_Title
	http://www.stumbleupon.com/submit?url=The_Page_URL&title=The_Page_Title
	http://reddit.com/submit?url=The_Page_URL&title=The_Page_Title
	http://www.netscape.com/submit/?U=The_Page_URL&T=The_Page_Title
	http://furl.net/storeIt.jsp?u=The_Page_URL&t=The_Page_Title
	http://www.technorati.com/faves?add=The_Page_URL

Javascript reference

SERVER-SIDE JAVASCRIPT 1.4 DOCUMENTATION

Server-Side JavaScript Guide
This guide describes object-based scripting language for client and server applications. JavaScript lets you create applications that run over the Internet. Client applications run in a browser, such as Netscape Navigator, and server applications run on a server, such as Netscape Enterprise Server. Using JavaScript, you can create dynamic HTML pages that process user input and maintain persistent data using special objects, files and relational databases. From JavaScript you can instantiate Java objects and access their public methods and fields. From Java you can access JavaScript objects, properties and methods. Last Updated: September 1999.
View PDF | Download HTML | Download PDF

SERVER-SIDE JAVASCRIPT 1.2 DOCUMENTATION

Server-Side JavaScript Guide - Describes the core JavaScript language and also extensions to that language for use with the Netscape Enterprise Server. Last updated 11/17/98.
Download PDF file (7.0MB) | Download zipped HTML
Server-Side JavaScript Reference - A reference manual for the server-side JavaScript language, including both the core JavaScript language and also extensions to that language for use with the Netscape Enterprise Server. Last updated 11/17/98.
Download PDF file (3.5MB) | Download zipped HTML

CORE JAVASCRIPT 1.4 DOCUMENTATION

The core language includes a basic set of objects, such as Array, Date, and Math, and a basic set of language elements, such as operators, control structures and statements. You can extend core JavaScript for a variety of purposes by supplementing it with additional objects.

Core JavaScript Guide - A description of the core JavaScript language. Last updated 11/17/98.
Download PDF file (1.9MB) | Download zipped HTML
Core JavaScript Reference - A reference manual for the core JavaScript language. Last updated 11/17/98.
Download PDF file (3.4MB) | Download zipped HTML

Server control panels

Most web servers are nowadays equipped with a control panel which makes the life of any webmaster a lot easier. The most popular control panels are Ensim, Plesk and Cpanel. The control panel controls domain creation, domain updating, DNS binding, FTP server configuration, Web server configuration, MySQL or other db configuration and maintenance, and a lot more.

ENSIM

Sophisticated software that transforms a server into a professional Webhosting business. Available for both Linux and Windows, Ensim Pro hosting automation software includes all the tools and features service providers need to build professional hosting plans for their shared, reseller and small business customers.

Ensim Pro

Ensim Webppliance for Linux

Ensim Pro for Windows

Ensim Pro datasheet for Linux (PDF)

Ensim Pro datasheet for Windows (PDF)

Ensim DNS Config Guide (PDF)

Ensim VPS

PLESK

Comprehensive server management to manage thousands of virtual hosts on a single machine. Server management, domain management, reseller management, service plans, and more all available via a web browser interface.

Plesk 7.5 Reloaded for Linux/Unix

Plesk 7 for Windows

Plesk Expand is an add-on to Plesk 7 that combines multiple Plesk 7 servers into an integrated hosting platform.

CPANEL

cPanel & WebHost Manager (WHM) is a web server control panel system. cPanel & WHM include an easy to use web based interface (GUI). WHM allows you to administering individual accounts, reseller accounts & performing basic system and control panel maintenance via a secure interface. cPanel is designed for the end users of your system and allows them to control everything from adding / removing email accounts to administering MySQL databases.

cPanel homepage

cPanel forum

cPanel documentation

WHM documentation

cPanel installation guide

cPanel modules How-to

DNS clustering quick-start guide

Using remote access keys PERL

Using remote access keys PHP

AJAX Technology - An Introduction

About AJAX

AJAX is used to develop rich Web applications that dynamically update content using asynchronous JavaScript and XML, embedded into a HTML, PHP or other dynamic page, without having to refresh entire Web pages with each user click. It is a cross-platform technique that can be applied on most operating systems, computer architectures, and Web browsers. It is based on open standards such as JavaScript and XML with open source implementations of other technologies.

The JavaScript code is used to send requests to the server. Some processing is then required to handle the request, find the and/or store the data. The framework used always includes a JavaScript part, and sometimes a server side part in PHP, ASP, CFM or other scripting language.

Elements of Ajax include:

XHTML and CSS for the presentation
JavaScript for local processing
DOM to access data in the page or XML/XSLT elements read on the server
asynchronous data retrieval using the XMLHttpRequest class

Many Ajax frameworks and libraries rely solely upon JavaScript and contain no server components and therefore server technology dependencies. They use XML, JSON, or another textual data format. A JavaScript library is loaded with a simple tag:

This tag loads the "ascript" library into the page and it becomes usable to the browser. The .js file will hold the several components that are needed. Typically:

1. create a XMLHttpRequest or ActiveXObject object (see below browser compatibility).
2. send the request using the open method.
3. monitor the state of the request.
4. get the response.
5. use the response received in your Web page or application.

The XMLHttpRequest class

Attributes

readyState	the code successively changes value from 0 to 4 for ready state. 0 = request is not initialized 1 = request has been set up 2 = request has been sent 3 = request is being processed 4 = request is completed
status	the status of the HTTP request. 200 = no error 400 = bad request 401 = unauthorized 403 = forbidden 404 = not found 500 = internal server error and so forth.
responseText	holds the loaded data as a string of characters.
responseXml	holds an XML loaded file, DOM method allows to extract data.
onreadystatechange	property that takes a function as the value that is invoked when the readystatechange event is sent. For example: myrequest.onreadystatechange = function() { if (myrequest.readyState == 4 && myrequest.status == 200) { var myresponse = myrequest.responseText; } }

Methods

open (mode, url, boolean)	mode= the request type, either GET or POST. url= the location of the file, with/without a path. boolean= true (asynchronous) / false (synchronous). A username and a password may be added to the arguments.
send ("string")	for POST commands, always null when a GET command is used.
Example: myrequest.open("GET","mydata.php",true); myrequest.send(null);

Browser compatibility

Internet Explorer uses an ActiveXObject, while other browsers use the built-in JavaScript object called XMLHttpRequest. This means you will always have to check which browser is being used. This is usually done using the try and catch functions.

try {
// your code
}
catch(e) {
// handle errors
}

Standard browser checking using try and catch:

try {
xmlHttp=new XMLHttpRequest();   // Firefox, Opera, Safari
}
catch (e) {
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");      // Internet Explorer 6+
}
catch (e) {
try {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");      // Internet Explorer 5+
}
catch (e) {
alert('Your browser is old');
}
}
}

Another method:

var myrequest;
if (window.XMLHttpRequest){ // Firefox, Safari, Opera
myrequest = new XMLHttpRequest();
}
else if (window.ActiveXObject){ // IE 5
myrequest = new ActiveXObject("Microsoft.XMLHTTP");
}
else if (window.ActiveXObject){ // IE 6+
myrequest = new ActiveXObject("Msxml2.XMLHTTP");
}
else { // Error for old browser
alert ('Your browser is too old!');
}

AJAX FRAMEWORKS & LIBRARIES

Extensive Ajax libraries and frameworks that greatly simplify the writing of Ajax applications can be found here: Ajax libraries.

PHP

Server side, the programmer may use PHP to process requests from the browser. PHP deals with the database, the data, page generation or parts of a page and publish or update the page with any return data to the XMLHttpRequest object. PHP 5 specifically, thanks to its SimpleXML class, is able to create XML files that can be returned to the object. All these tasks require many functions, and the good news is that many libraries and frameworks already exist for the would-be Ajax programmer.

Sajax is an open source tool to make Ajax programming easier, using PHP, Perl or Python functions via JavaScript without needing a browser refresh. Visit Sajax .

Xajax is an open source PHP class library that allows you to easily create Web based Ajax applications using HTML, CSS, JavaScript, and PHP. Applications developed with xajax can asynchronously call server-side PHP functions and update content without reloading the page. Visit xajax .

Cake PHP is a rapid development framework for PHP that uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. It enables PHP users at all levels to rapidly develop robust web applications. Visit Cake PHP.

Saja is a lightweight, open-source AJAX scripting engine for PHP 4/5, with optional secured data transfer. It is designed for the fast creation of simple, secure, and maintainable Ajax applications, without having to write any JavaScript. Visit Saja.

Ajason is a PHP 5 library and JavaScript client for Ajax applications. Fetch data asynchronously and develop interactive GUI-like Web applications. Call PHP functions and object methods from JavaScript and exchange complex data types between client and server. Visit ajason.

.NET frameworks

Microsoft Ajax Library (formerly ATLAS) is made of a client side part, the Microsoft AJAX Library, and a server side part, theASP.NET 2.0 Ajax Extensions. Includes a component library with graphical widgets, the ASP.NET Ajax Control Toolkit.
Ajax.NET Professional serializes (converts and stores) .NET data in the JSON format.

ColdFusion frameworks

AjaxCFC is aAn object oriented framework that provides developers seamless integration between JavaScript and ColdFusion, with built-in security and debugging functions. Visit AjaxCFC.
CFAjax implements Ajax in such a way that ColdFusion method calls on the server get executed using JavaScript. Visit CFAjax.
JSMX, its API runs entirely on the client and has no server side components. Extended to support also ColdFusion, XML, JSON, and WDDX or JavaScript on the server side from JavaScript requests on the client side. Visit JSMX.

RESOURCES

AJAX, Getting Started
Ajax Tutorial
JSON - a data format that is part of the JavaScript standard.
Yahoo's framework
Ajax, XUL and Flash
The JavaScript language - directory of resources and tutorials.
A survey about frameworks
Remote scripting with Ajax

Many Ajax applications and scripts can be downloaded from SimplytheBest Scripts.

Firewall security

A firewall is a program or hardware device that filters the information coming in through the Internet connection into your local network or standalone computer system. If an incoming packet of information is flagged by the filters that are in place it is not allowed to pass. Without a firewall all your computers are directly accessible to anyone on the Internet, while you are connected. Usually a firewall will allow to set filters for all your servers, such as FTP, mail, Telnet, and so forth.

Firewalls typically use one or more of these methods to control traffic flowing in and out of the network:

Packet filtering
Packets are analyzed. Only packets that make it through the filters are forwarded to the requesting system.
Outbound filtering
Some firewalls only work in one direction. They examine packets your computer is receiving, not the ones it sends. Hostile applications such as trojan horses, worms and viruses can use your Internet connection to send sensitive information from your system. So your firewall should at least have a mechanism for filtering outbound traffic.
Proxy service
Information from the Internet is retrieved by the firewall and then forwarded to the requesting system and vice versa.
Stateful inspection
A method that compares certain key parts of a packet to a database of trusted information. If the comparison yields a reasonable match, the information is allowed through, otherwise it is blocked.

Implementing a firewall

There are a few ways of implementing a firewall, whereby in all methods the location of your servers and workstations play a major role in optimized security.

1. the safest method is to use a dedicated system with a built-in firewall for all your Internet server services and not to attach that system to your LAN. This method is very safe, but no system on the LAN has Internet access.

2. you can place the server/firewall on the same LAN as your systems but restrict the flow of traffic through the server. In this case local systems can go through the server/firewall to access Internet services, but no one can come in from the Internet to the local LAN. Unless someone reconfigures the firewall to support two-way traffic.

3. if you use multiple servers you should separate the servers/firewalls from your local systems. Set up your Internet server/firewall to handle the routing for the local systems and the local Internet servers separately. Local systems need one-way access to the Internet, while the local Internet servers need two-way access. You do run the risk of someone penetrating your firewall and changing router tables to get access to your LAN.

4. a second firewall can be added. This provides a backup to the first firewall in the event its router tables are compromised. In this way even if someone gets through the first firewall, the second one will stop or at least slow down the intruder.

Firewalls alone are no longer sufficient protection, because they're static devices. This means that intruders can use valid, legal packets to attack your network and compromise your security. You should use additional tools for complete protection, especially for Windows NT and the TCP/IP protocol. To spot potential problems before intruders exploit them from inside or outside your network, you can implement security tools such as port scanners, vulnerability testers, log analyzers or intrusion detectors.

Possible firewall protection

Backdoors
Some programs have features that allow for remote access.
Denial of service
The hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable requests, a hacker causes a server to slow down or even crash.
E-mail bombs
Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. That's an e-mail bomb.
Macros
To simplify procedures applications may allow you to create a script of commands. This is known as a macro. Hackers create their own macros that, depending on the application, can destroy your data or crash your computer.
Operating system bugs
Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that a hacker can take advantage of.
Redirect bombs
Hackers can change (redirect) the path information takes, by sending it to a different router.
Remote login
When someone is able to login to your computer and control it somehow. This can be from accessing your files to running programs on your computer.
SMTP session hijacking
SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited e-mail (spam). This is done by redirecting the e-mail through the SMTP server of an unsuspecting host, making the sender of the e-mail difficult to trace.
Spam
Be careful of clicking on unknown links in e-mails, because you may accidentally accept a cookie that provides a backdoor to your computer.
Source routing
In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network.
Viruses
For more details see: Anti-virus information.

NCSA Certification

NCSA has a certification program that tests firewall products against a standardized suite of attacks while still letting authorized users accomplish business functions. NCSA certification provides an objective way for you to evaluate the level of security a firewall provides.

Setting filters for a firewall

You can set filters based on various conditions. Some of these are:

IP addresses
Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four octets in a dotted decimal number. (f.e.: 202.62.24.124). Any IP address can be blocked.

Domain names
All servers on the Internet have readable names, called domain names, beside their IP address. These two are linked using a DNS (domain name server) server. A firewall can be setup to block access to certain domain names, or allow access to specific domain names only.

Protocols
Protocols are usually in text format, and describe how client and server are to establish communication. Some protocols that you can set firewall filters for:

IP (Internet Protocol) - the main delivery system for information over the Internet
TCP (Transport Control Protocol) - used to break apart and rebuild information that travels over the Internet
HTTP (Hyper Text Transfer Protocol) - used for Web pages
FTP (File Transfer Protocol) - used to download and upload files
UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
ICMP (Internet Control Message Protocol) - used by a router to exchange information with other routers
SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
Telnet - used to perform commands on a remote computer

Ports
Any server machine makes its services available to the Internet using ports, one for each service that is available on the server. A Web server is typically available on port 80, or port 8080, while the FTP server is usually available on port 21. Any port can be filtered.

Specific words and phrases
The firewall will search through each packet of information for an exact match of the text listed in the filter. You can include as many words, phrases and variations as you need to setup a correct filter.

Ping

A method for determining whether a system is connected to the Internet at a particular address. You ping a system by sending an Echo Request packet. If the target is connected, you'll receive a 'pong' in response. Most operating systems have this program. Try entering the command:

ping domain.com (any domain name or IP address)

Operating System Fingerprinting

By sending or receiving a special packet, one can determine whether a system is connected to an IP address and which operating system it is running.

Port scanners

TCP and UDP use port numbers to identify higher layer services. Systems administrators use port scanners to determine what TCP/UDP services are available on a server. A basic rule of server security is to disable any service that the system isn't using because any open TCP/UDP service offers intruders a possible entry into your system. You can use a port scanner to ensure that only the desired TCP/UDP services are running.

Port numbers 0 through 1023 are well-known ports that systems administrators usually use for system processes or for programs that privileged users are running. If attackers exploit a well-known port, they can potentially gain control of a server. Attackers use several generic schemes to scan ports.

TCP connect() scanning
is the most basic form of TCP scanning. An attacker's host issues a connect() system call to every interesting port on the target machine. If the port is listening, connect() will succeed; otherwise, the port is unreachable and the service is unavailable. This scheme is fast and doesn't require any special privileges.

TCP SYN scanning
attempts to set up a TCP virtual connection. Establishing a TCP virtual connection requires a three-way handshake, in which one host sends a TCP segment with the synchronize (SYN) flag set, the other host responds with a segment that has the acknowledge valid (ACK) and SYN flags set, and the first host responds with a segment that has only the ACK flag set. In SYN scanning, a querying host sends a SYN segment to every port. If the server responds with a SYN-ACK segment the service is available. If the server responds with a reset (RST) segment the service is unavailable.

TCP FIN scanning
the attacker's querying host skips the three-way handshake and sends a finish (FIN) segment to all interested TCP ports. Sending a FIN segment closes an open TCP connection. If the port is open, the system is supposed to ignore the FIN because there is no existing connection; if the port is closed, the system generates an RST segment. Lack of a response identifies an active port to an attacker. This method doesn't work well on most Windows systems because Microsoft's TCP implementation always sends a RST in response to a FIN.

FTP bouncing
uses the FTP PORT command and the upload capability at an FTP server behind the firewall. This attack lets a client connect with other systems that otherwise wouldn't be accessible.

UDP Internet Control Message Protocol (ICMP) port unreachable scanning
is one of the few UDP scans. UDP is a connectionless protocol, so it's harder to scan than TCP because UDP ports aren't required to respond to probes. Most implementations generate an ICMP port_unreachable error when a user (or intruder) sends a packet to a closed UDP port.

You can perform port scans by using several tools that employ a combination of methods to detect attacks. The FTP and HTTP services are vulnerabilities simply because they're always running. The medium risk vulnerability FTP service is susceptible because it has anonymous access enabled, and the HTTP service is high risk because attackers can exploit the $DATA hole in Microsoft's Internet Information Server (IIS). This vulnerability affects many IIS installations because an attacker can download the Active Server Pages (ASP) source by appending a ::$DATA string to the URL. This action can expose usernames and passwords that systems administrators have hard-coded within scripts.

Many port scanners suggest possible fixes, such as shutting down the service or installing a hotfix. Although shutting off the service might not be an option, knowing that a vulnerability exists helps you balance the risk exposure with the benefit.

Vulnerability testing

Vulnerability testing is similar to port scanning, but you use vulnerability testing for specific Operating Systems rather than TCP/IP communications protocols. Many security vulnerabilities are OS specific, so a good rule of secure management is to avoid advertising your servers' OS. However, clues such as .asp file extensions, use of .htm rather than .html, and home pages named default.htm usually identify an IIS server to an attacker. In addition, many tools help attackers determine a system's OS, and to use these tools attackers need only the server's IP address. Systems administrators are well advised to use software to examine their systems for OS vulnerabilities. Most vulnerability testers will also tell you where you can get more information, such as pointers to Microsoft articles and links to hot fixes and service packs, and suggest corrective measures, such as instructions for updating the Registry to secure your systems. New OS vulnerabilities appear all the time. You need to do scan security frequently with an up-to-date database of OS vulnerabilities.

Hardware firewalls

Hardware firewalls are secure and not expensive anymore. The router is connected to a cable or a DSL modem and functions as gateway, DHCP server, virtual server and applications server. You configure the router via a browser interface that resides on your computer by entering its local IP address. You can set many filters for each of the functions of the router.

Software firewalls

A software firewall can be installed on a standalone computer with an Internet connection. This computer is considered a gateway because it provides the main or only point of access between your computer and the Internet. Firewall programs can be found in SimplytheBest Software.