Technology

Considering that my main blog is already all over the map, topic-wise, I though it better to create another place to put the really technical stuff. This way it's off the main page and you really have to be looking for it.

Shortly after the release of "Joomla!" 1.5.8, I found myself in this release announcement on techcebu.net. It appears to be a bad case of double-translation, from English to Italian (or perhaps Hebrew) and back to English again. The text was just too hilarious to not repost.

11Nov JOOMLA 1.5.8 RELEASED

Joomla 1.5.8 Released

The Joomla Project is entertained to foretell the unmediated availability of Joomla 1.5.8 [Wohnaiki]. This promulgation contains a sort of fault fixes and digit moderate-level section fixes. It has been around digit months since Joomla 1.5.7 was liberated on Sept 9, 2008. The Development Working Group’s content is to move to wage regular, regular updates to the Joomla community.
Download
Click here to download Joomla 1.5.8 (Full package) »
Click here to encounter an update package. »


Instructions

New installation and technical requirements
Upgrade from an existing Joomla 1.5 version
Migration from Joomla! 1.0.x

Want to effort intend Joomla? Try the online demo. Documentation is acquirable for beginners.
Release Notes

Check the Joomla 1.5.8 Post-Release Notes to wager if there are essential items and adjuvant hints unconcealed after the release.

View instance release notes for Joomla 1.5.7 or release notes for Joomla 1.5.6.
Security

Two moderate-level section issues were immobile in this release:
o Default filtering for content
o Filtering for Web Link descriptions

For additional information, visit the Joomla Security Center.
Components

Articles: Remove brackets around Last Updated fellow and time, Start Publishing fellow corrections for another than UT1 00:00, impact counts precise for Articles, adding a expanse after a draped telecommunicate address
E-mail addresses: Correctly draped when presented in Section and Category descriptions
Categories: Edit picture aright shows for Articles without Title links, Print picture precise today on prototypal tender for Blog Layout

Sections: Plural and signifier modify correction, Category unification right ended, Router changes reverted to edition 1.5.6 so Article ID does not attach to the Article slug
Frontpage: Article naming correction, rectified sort of Links
Contacts: Image pass rebuke when Image Directory is configured
RSS Feed: Corrected spelling of Category in Category feed
User: Added isInternal checking on referer values
Weblinks: Language strings

Modules


Feed: Target concept validation, module progress correction
Login: ItemID is cured on redirect
Menu: Changing Menu Link Type today functions properly, Section Language string, Article Reset fix working
Related Items: Keyword matched functions aright and filters characters appropriately
Stats: Corrected Time
Sections: No dominance constant entireness correctly
Search: Form validates aright for Transitional xHTML

Legacy

Return evidence additional for Legacy Menu Check

Templates

Beez: Lengthened E-mail Content Popup, Search fix today entireness when pressed, countersign set entireness correctly, corrections to Beez HTML folders, User info tender corrected
JA_Purity: Added absent module strings

Administrator

Console: Added “Welcome to Joomla!” aggregation and Joomla Security RSS feeds to Administrator Console
Installation: Proper redaction of factor directories, choice entries for Templates and Languages are today precise for uninstall
Media Manager: Changed choice for newborn sites to alter Flash multi-file uploader cod to contradictoriness with Flash 10
Installation: Remove unclear nonachievement communication most module files for spreading installations, Administrator Modules today aright uninstall INI files
Sample data: Updated programme feeds to saucer to liberated code accord sites, comprehensive corrections and updates to distribution content

System

API: JFolder::files and JFolder::folders corrections for Search, absent Method additional to JRecordSet, Database Class aright quotes obloquy not using extend notation, JTableUser matches using the precise sort of fields
Cache: Correct undefinable uncertain in Cache Class
Language file: Corrected wording, precise artefact of PDF fonts autarkical of module choices, individual module progress corrections in en-GB.ini
Menu: Performance improvements for sites with some schedule items
Users: Temporary Users are today healthy to logout, bonded prescript crapper today be utilised when redaction statement details
Added PHP 4 sympathy for isInternal checking

Statistics

Statistics for the 1.5.8 promulgation period:

Joomla 1.5.8 contains:
o 71 issues immobile in SVN
o 26 commits
Tracker state resulted in a gain modification of 4 astir issues:
o 65 newborn reports
o 130 closed
o 66 immobile in SVN
* At the instance the 1.5.8 promulgation was packaged, the tracker had 114 astir issues:
o 44 open
o 44 confirmed
o 24 pending

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their sacred efforts work reports, sterilisation problems, and applying patches to Joomla. If you encounter a fault with Joomla, find discover more aggregation here on how to inform the bug.

Active members of the Joomla Bug Squad during this terminal promulgation wheel include: Ian MacLennan and Mark Dexter co-leads; Airton Torres, river Zijlstra, Akarawuth Tamrareang, Alan Langford, suffragist Ferrara, Amy Stephen, saint Eddie, Elin Waring, Ercan Ozkaya, Charl camper Niekerk, Gergo Erdosi, Hannes Papenberg, Jennifer Marriott, Jens-Christian Skibakk, Jonah Braun, carpenter LeBlanc, Kevin Devine, Marijke Stuivenberg, Mati Kochen, Mickael Maison, Robin Muilwijk, prophet Moffatt, Shantanu Bala, Toby Patterson, and Wilco Jansen.

A hearty recognize to the newest members of the Joomla Bug Squad: Dan Walker, Eduardo Diaz, and Tibor Toth.

Some days I wonder about the entire field of journalism. The quoted phrase above is from an article headline in the Wall Street Journal (September 23, 2008, they don't deserve an actual link). The headline is not inaccurate, but it is close to the most ludicrously sensational interpretation of the facts that is possible.

This is what the actual IBM press release has to say on the point: "The tenets of IBM's new policy are to: Begin or end participation in standards bodies based on the quality and openness of their processes, membership rules, and intellectual property policies."

Thus an equally useless headline might be "IBM May Join Technology Standards Bodies." I thought Journalism was supposed to add value for the reader, but it seems that even for otherwise reputable organizations, it's really all about sensational headlines that add value to the advertising department. "Reputable" in this context is now officially meaningless. Sad.

I've noticed a lot of general criticism of standards processes over the past few weeks, and I think this release from IBM is largely responsible for firing up the discussion. For the most part, the criticism is justified. It seems that standards processes are either needlessly academic and somewhat out of touch with reality, or deeply buried in corporate politics and patent complications, which has a tendency to result in crappy standards. IBM's policy release sort of touches on this with another tenet: "Collaborate with standards bodies and developer communities to ensure that open software interoperability standards are freely available and implementable." The problem with this is that IBM seems to want to set itself up as some benign intermediary between the standards process and the people who need to use the standards. Call me silly, but it seems more appropriate that the developer communities should be an integral part of the standards process, not some second-hand "collaborative resource".

The essence of the problem is funding. Participation in the standards process isn't cheap. Not only does membership cost, but participants typically absorb the costs of time, travel, and communications. Standards bodies need a funding model that ensures accessibility based on merit and relevance, rather than dollars. I don't know what that model is, but is can't be based on revenue from selling standards documents, either. The prospect of having to pay real money in order to ensure compliance with a standard is, in most cases, equally ridiculous and stupid.

Lately I've been thinking about starting yet another project. This one needs a rich GUI that runs as a thin client, as well as more limited support for a web browser (or so I thought initially). I've gone through a bit of an eye-opening exercise while looking at the implementation, and I thought I'd record the line of exploration just in case someone else is looking at the same sort of problem. Maybe this will save a little time.

The original idea was to replace an interesting but quirky application that will remain nameless. It's a fairly large project that implements its own thin client. As I started looking at it, I realized that a lot of what it does is more related to providing the application framework than the application itself. Sometimes I still suffer from the closed-source way of thinking, and I soon began listing requirements for my own framework. A few minutes into defining my XML markup for laying out simple interfaces, I remembered that there is already a pretty good standard for that: XUL.

At the time I was thinking of using GTK+ for the GUI. I've grown somewhat fond of various GTK+ applications that I've installed over the years. These applications have offered nice rich interfaces and have been pretty reliable. A lot of them are written in Python, and the bridge between GTK+ and Python, PHP-GTK is the way to go.

The search is for something that lets me bridge XUL and GTK, be it in PHP or Python. This leads me to Gul, a fairly complete implementation of XUL for PHP-GTK.

Let's try adding the GTK to PHP. I go to the PHP-GTK site and try to figure out whether to download the binary package or the binary extensions package, read confusing and incomplete install notes, search about a bit, and as best I can tell, the easiest way to run PHP-GTK on Windows is to install a complete copy of PHP with the GTK extensions. This truly fails the cross-platform and easy-to-install tests — I can manage it, but an end user? No way. Then I take a look at Gul 2.0: lots of procedural code that relies on passing things through obscure globals with two characters. Next!

On to Python. Searches for XUL and Python lead, at best, to half-developed projects dating from 2004. Not good. Now the thinking is that maybe a fairly basic XUL module for Python won't be that much work. I look more deeply into XUL. Obviously, it's pretty capable, after all it's the base for Firefox and Thunderbird. But this makes the scope of a full implementation quite a lot bigger than I'd like.

Maybe there's something in XULRunner. Wow. It doesn't take much looking around to realize that XULRunner is pretty compelling. It's obviously got the GUI with a full XUL implementation. It's got scripting in Javascript, Python, even Java. It has network interfaces and support for XML-RPC and SOAP. It's extensible: all the features that make it easy to plug extensions into Firefox are part of XULRunner. It's got localization and custom skins. It's got an integrated web browser. That's about 90% of the core requirements and several bonuses right there.

Now the kicker: if you have Firefox 3.x installed, then you have XULRunner installed. Firefox knows how to do its own updates, which means the framework updates seamlessly too. Perfect.

So that's it. Forget GTK+, nice as it is. XULRunner is a fantastic way to do GUI application development.

Now all I need is a good way to map objects back to a relational database...

Every user of an application has run into small but irritating characteristics of that application. Most of the time, they can be easily ignored. But sometimes they are part of a repetitive task, and then they become problematic. They have a disproportionate effect on both productivity and the user's overall impression of the application.

Just about every enterprise makes nice noises about how they listen to their customers and how customer service is important to them, but the odds are very low that comments about small irritations will result in code changes. This is partially because most companies don't actually care as much about customer service as they pretend to, and partially because tracking these small things and then sorting through them, removing duplicates, and distilling them down to something that can be easily understood is a very complex and expensive task. Most of the time the effort involved simply doesn't justify the results.

This is something that always attracted me to open source. As a developer, the odds are pretty good that I can find a fix for that thing that irritates me. Then I can change the code to fix my version. If the irritation is idiosyncratic — basically if I'm the only one who doesn't like it the way it is — then that's where the process ends, and I'm happy.

The first credo of open source is that you try to give back to the community. So even as a non-developer there is an incentive to find the bug tracker or support forum for the project and to suggest a change. Sometimes that works[1], but a lot of the time good comments and patches simply fall through the cracks. After all, if tracking details like this is difficult for a for-profit corporation, it's not going to be any easier for a project run by volunteers!

What is really satisfying is getting sufficiently involved in a project to be able to have a direct influence on it, as I am with "Joomla!". It's great to be able to identify a minor irritation, to fix it, and to get it to a production release. This has been my experience twice in recent weeks. I've implemented small changes to the system that make it just a little easier to use[2, 3]. Not only will I enjoy the product more as a result, I'll have the satisfaction of knowing that thousands of systems administrators out there might think just for a moment, "oh, they fixed that – great!"

It is an interesting experience. These small tweaks and fixes that I get to make aren't the biggest contribution I make to the project in terms of lines of code or hours of work, but they're tangible and real. The direct impact on the user is visible and easy to understand. Implementing unit testing and contributing to the building of a "Culture of Quality" in the project are more complex and significant contributions, but they're also more abstract. The small tweaks are actually kind of fun, and it's nice to know that here and there, they is me.

Notes:

1. If you're an Eclipse user and noticed that v3.1 puts the entire file path in the window title... that was my suggestion. In the web development world where you can have many files called "index.php" open, this helps you quickly figure out where you are.
   
2. Add a new module to a "Joomla!" site from version 1.5.4 onward, and the list of available modules is now sorted alphabetically down the columns, rather than split across rows. We still have an issue to sort out with international characters, but it's an improvement.
   
3. Starting in version 1.5.5, all panes in the parameters block can be collapsed. Before this change, if you had a long list of parameters that ran off the screen, you would need to scroll down to the bottom in order to expand a panel below. Now you can collapse the long block, which lets you see the panels below, and then expand the one you want.
   

I'm busy working on my first major web site using "Joomla!" 1.5. One of the things I did for the site was to install a simple component that provides an index of articles in a side panel. Simple enough, you click on the index link and it fetches the page with that article.

The problem is that it's quite a page. There's a nice graphics-rich template that wraps the site, then there's the Javascript. A full copy of mootools comes with every page. Sure the browser has most of this stuff cached, and Joomla has the actual page content cached, but still the browser has to do a lot of work to reload the page and recompile mootools, just to change a relatively small portion of the page. The user gets to watch as everything is (re)displayed, most of it exactly the same as it was before the request.

The obvious solution would be to have the index link send an AJAX request for the relevant content and then to simply repaint the area that needs to change, but that only works in this specific case and it deprives the CMS of the ability to update other parts of the page in response to the request or to other events at the server.

I'm big on generalizing ideas like this, so why not make the entire site a single page? The first time the browser requests something from the site, send the structure of the template, and most of the Javascript needed to run the site down to the browser. Then make every internal site link send an AJAX request. The server can respond with a list of the areas of the template that need to be updated, along with either the HTML or the data needed to perform the update.

Now my index request could respond with a new menu, any updated news items, the content I requested, or even a completely new page layout. The client-side application then applies these updates, possibly issuing secondary requests. Only the data that's changed comes back from the server, and most of the Javascript loads just once with the first request, so the page updates much faster than it did before. Best of all, the user doesn't have to watch the template being regenerated, which is visually disturbing no matter how quick it is.

Now the page is an application in itself, and the browser is playing the role of the operating system. The user gets a platform independent, end-device sensitive interface that can be rich, intuitive, and more interactive.

It's an idea worth implementing. Not for this particular site, but it would be nice to build this capability right into Joomla!

Normally I'm no fan of the "blog by repeating news" style, but in this case I have to make an exception. The headline above is from a Computerworld Security article dated June 20, 2008. Discussing a recent upgrade to Microsoft's Malicious Software Removal Tool, this excerpt caught my attention:

One password stealer, called Taterf, was detected on 700,000 computers in the first day after the update. That's twice as many infections as were spotted during the entire month after Microsoft began detecting the notorious Storm Worm malware last September.

"These are ridiculous numbers of infections my friends, absolutely mind-boggling," wrote Matt McCormack, a spokesman with Microsoft's Malware Response Center, in a Friday blog posting.

This may be mind-boggling to someone who lives deep in Microsoft culture, but to everyone else, it's barely a surprise. The missing part of McCormack's quote should have been "The Linux/Unix guys are right, Windows security still sucks at a deep structural level." Good thing regular doses of Microsoft Cool-Aid prevents that.

The good news is that Firefox 3, one of the best web browsers available, is set to release version 3 in a few days.

The weird news is that it's shipping with Bug 183689 fully intact. Under mysterious (or at least elusive) circumstances, Firefox fails to close a file that the user uploads to a web site. The file is locked and unusable until Firefox is restarted.

This has the ring of familiarity. Any user of Firefox 2.x who has lots of extensions installed will have noticed that it tends to get more and more sluggish over time. A quick look at the process will reveal that memory consumption continuously rises until the best thing to do is restart it.

That's not really a problem that the Firefox developers had a lot of control over. If an extension is leaking memory, there's not much the core can do to stop it. In fact this is one of the major improvements in Firefox 3. A new, sophisticated memory manager now finds a lot of these unreferenced data structures and cleans them up. On my system, the memory footprint for Firefox 3 is nearly 200Mib smaller at start up, and if it grows, it doesn't grow very fast. That alone is reason to upgrade on June 17, 2008 – Firefox Download Day.

The point of this digression is that I've become used to Firefox losing track of resources. But losing a file handle? Really. Can that be too hard to find? Apparently the answer is "yes", since Bug 183689 has been open since December, 2002! There are some good reasons why the browser needs to keep track of the file, for example if you refresh the resulting page, the file is part of the Post data that needs to be re-sent.

But eliminating memory leaks is hard, and it's easy to just rely on increasingly sophisticated garbage collection tools instead of finding the cause. Unfortunately, a garbage collector has no way of knowing that something it's cleaning up represents an open file, so the memory leak is fixed, but the file handle leak remains.

Five-plus years is far too long for a major bug to remain open, even for an open source project. But don't go updating that bug! Despite the fact that there's no explanation that the issue is independent of the user's specific circumstances, any provision of additional information will be considered spam by Jonas Sicking, the fellow who has been assigned the bug. Considering that the bug seems difficult to reproduce, the contradiction is obvious. One would think that more examples might lead to the discovery of a pattern, but that seems to not be the case as far as Mr. Sicking is concerned.

Hopefully he was just feeling a little stressed with a major release coming up so quickly, and his comment will be clarified or withdrawn. If not, I'm guessing this one is going to remain open for quite some time to come.

[Note: it has since been determined that an extension, LiveHTTPHeaders, is the culprit for this bug. My "duh" is withdrawn. My disdain for Mr. Sickling's response remains unchanged, however.]