Southern Bread Blog

Maxwell was a mathematician, philosopher and physicist who lived from 1831-1879. He developed a set of mathmatical formulas that every electrical engineer knows as “Maxwell’s Equations”. His work with electromagnetism is considered one of the greatest works of physics in the 19th century. His deductions about light were groundbreaking as well:

Maxwell was homeschooled as a young boy by his mother. His father was Presbyterian and his mother was Anglican. His mother died when he was 8 years old. His Christian faith only deepened as he went through his life. Here are a few quotes that I found from him:

When I read about people like Maxwell it makes me sad that modern science holds religion in such contempt. Maxwell saw perfect cohesion between his creator and the world around him. So much good is left on the table when one or the other is villified. He could confidently write a paper about the true structure of Saturn’s rings being made up of small solid objects(he was right by the way) and turn around and write a hymn like this:

For further reading about Maxwell, one of the best online resources can be found here. You can also check out his full biography here.

This is a recipe that my mom has made for a long time. It definitely rivals chili as an absolute gameday must. I just can’t call it football season without having this at least once.

We have lately been cooking the ham with brown sugar and butter and then dumping the whole thing into the pot. The brown sugar/butter flavor really makes it good. Seriously, you have to try this recipe this season. It’s great.

This is not some crazy new take on chili, but it’s easy, and it’s good. I just pieced together a few good sounding chili recipes and ended up with this one. The only twist here is the inclusion of Molasses(instead of the brown sugar that some recipes call for) and the use of Smoked Paprika. You should probably make it a day in advance and just heat it back up. Chili is one of those foods that just taste better after a night in the fridge.

Just garnish with a blob of sour cream and some shredded cheddar cheese to serve.

I want to do a couple of posts on SQL injection attack prevention. I
am going to show some of the techniques I use to ward them off. For example,
we use a three pronged approach at
the authentication point: variable binding, row counting, and syntax
detection. When a username and password are entered on the login form
we check to make sure that there is nothing obviously wrong with the
input, like password being of acceptable length and such. The next
thing we do is check to make sure there is no known SQL syntax within
the username or password. For example, if someone inputs a password
like this:

’ OR 1=1

it will get rejected at this step. All of the SQL keywords are
stored in big lookup table and checked against. The next step then is
to bind the variables instead of passing them in as plain strings. This
is a crucial step to avoid SQL injection. So instead of:

$sql="SELECT * FROM users WHERE username="$username" AND 
password="$password" LIMIT 1

we use:

$sql="SELECT * FROM users WHERE username=? AND password=? LIMIT 1
$sth=$dbh->prepare($sql);
$sth->execute($username,$password);

The final thing we do is check the row count of the result set. Even
though we used “LIMIT 1″, if there is an injection going on then we must
assume that it has been changed. Be sure and check that you have a row
count that is sane for the operation you are performing. If you are
logging someone in then you should return an error if the result count
is 0 or greater than 1, like this:

die unless($sth->rows() eq 1);

Next time I’ll focus on SQL injection that happens beyond the front
gate. Sometimes you can’t be so strict on row counts and syntax checks
once a user is inside.

There is a very good article on Engadget today about DRM. The issue addressed is why consumers seem to have a different set of rules about the acqusition of digital content vs. tangible goods like groceries. You could say that consumers have one set of rules about buying a DVD player and another set about the purchase of the DVD’s they play on them. I’ll quote from the article:

I don’t think that’s the point of the debate any longer. Anyone who would argue that it’s ok to download the .mp3’s of an album off Pirate Bay instead of buying that album is a wacko. Even the people who do that know it’s wrong. The debate these days isn’t over whether or not to pay for digital content (everyone knows it’s the law, and the right thing to do) but whether or not it’s legal or moral to place absurd restrictions on it’s use once it’s been paid for. At this point the metaphor breaks down.

Here’s a more appropriate metaphor for the same debate. Imagine that you go to that same overpriced restaraunt and order a meal. When you are done eating, you pay for the meal and tell the waiter that you need a carryout box because you couldn’t finish all of it. He says “Sure” and asks for your home address. When you ask him why he would need that just for a carryout box, he tells you that all of their carryout boxes come with GPS-enabled locking mechanisms on them that will only allow you to open them while inside your house. He says that this is in order to keep you from giving the food to one of their competitors for analysis.

The reason people think DRM is not a legitimate business practice is because in the past, music was a physical good. When you bought music, you bought a CD, or an 8-track, or an album, or a cassette tape. Once your 8-tracks started to get old and degrade, you might have dubbed them over to cassette tape to preserve your investment. I recognize that the content industry never liked this, but nobody would consider it to be wrong in any way. The supreme court affirmed as much with the Betamax decision. DRM is equivelant to going in everyone’s house and ripping the record button off of their VCR’s and tape decks.

If Napster has a song that iTunes doesn’t have, I should be able to buy it from Napster and convert it to play on my iPod. If it takes ripping it to a CD and back to mp3 to get the DRM out of it then so be it. What is the big deal. It’s been paid for, and it isn’t being redistributed. Case closed. This brings up another quote:

I would have to say that torrenting “clean” copies is not a very good idea. I can see the legal aspects against it as being legit. The movie thing is different though. If ripping DVD’s you already paid for to an iPod is illegal, then the term “fair use” should be absolutely removed from the English language. Here again we see the “different set of rules” played out not by the consumer but by the seller. Imagine going to a grocery store and having to buy one box of “car only” pop-tarts that you can eat on the way to work, and another box of “house only” pop-tarts that can only be eaten at home. That is the absurdity of DRM. And that is why people not only hate it, but don’t take it very seriously either.

If last Saturday was “Separation” Saturday, then this week it was “Letdown” Saturday or maybe “Oh Crap!” Saturday. Evidently letdown isn’t just the stuff of legends. Just take a gander at some of these halftime scores from yesterday:

Wow! At least they all survived.

One of the most annoying things with mp3’s (other than DRM of course) is consecutive numbering. The sort algorithm on Windows and most mp3 players sorts as it goes through the filename one character at a time. So if you have 12 files named “file-1.mp3 … file-12.mp3″, they will sort like this:

file-1.mp3
file-10.mp3
file-11.mp3
file-12.mp3
file-2.mp3
file-3.mp3
file-4.mp3
file-5.mp3
file-6.mp3
file-7.mp3
file-8.mp3
file-9.mp3

That is obviously not what anybody wants. To correct this, consecutively numbered files must be zero-padded in order to sort correctly. So the previous list would need to look like this:

file-01.mp3
file-02.mp3
file-03.mp3
file-04.mp3
file-05.mp3
file-06.mp3
file-07.mp3
file-08.mp3
file-09.mp3
file-10.mp3
file-11.mp3
file-12.mp3

I run into this problem often enough that I started looking around for software that would pad the numbers in filenames automatically for me. I couldn’t find anything out there that would do it in an automated fashion so I wrote a perl script to do it. I wrote it in Perl so that I could run it under Linux as well. I frequently need to have jpeg’s consecutively numbered as well so that was important. Here is the script:

#!/usr/bin/perl

use strict;
use warnings;

my $dirname = $ARGV[0] || "";
my $change  = $ARGV[1] || "no";
my $ext     = $ARGV[2] || ".mp3";
my $padsize = $ARGV[3] || 4;

##: Give usage if no arguments are defined
if ($dirname eq "") {
  print STDOUT "Usage: numpad.pl "directory" [change?] [.ext] [padsize]n";
  print STDOUT "  [change?] - default is "no" - should I actually rename the filen";  
  print STDOUT "  [.ext] - default is ".mp3" - what files should be acted uponn";
  print STDOUT "  [padsize] - default is "4" - how many digits should I pad ton";
  print STDOUT "n";
  print STDOUT "Example:n";
  print STDOUT "  numpad.pl "c:\mp3\album" yes .wav 5n";
  exit(1);
}

##: Change to the directory asked for
chdir($dirname) or die "Couldn’t change to directory ’$dirname’: $!";

##: Open and read in the directory based on the fileglob given
opendir(DIR, "$dirname") or die "Couldn’t open directory ’$dirname’: $!";
my @files = grep { /.*$ext/ } readdir(DIR);
closedir DIR;

##: Loop through the file entries and mod them
foreach my $file (@files) {
  my $newfilename="";

  ##: Cut off the extension, to be put back on later
  $file =~ s/$ext//g;

  ##: Split the filename into an array using any number as a separator
  my @fnparts = split(/([0-9]*)/, $file);

  ##: Loop through the array and pad any numerical elements
  foreach (@fnparts) {
    my $result = $_;
    my $number = 0;
    if($result =~ m/[0-9]+/) {
      $number = sprintf("%0".$padsize."d", $result);
      $newfilename.=$number;
    } else {
      $newfilename.=$result;
    }
  }
  $newfilename.=$ext;
  $file.=$ext;
  print STDOUT "$filen  -> $newfilenamen";
  if($change eq "yes") {
    rename($file, $newfilename);
  }
}

Just save this code as a file named numpad.pl. If you run it on Windows, you will have to either install a perl interpereter first(get the MSI package from ActiveState) or download the native executable version below that was compiled with Perl2Exe. If you use the interpreter method you would need to execute perl and pass the script name to it as the first argument. Like this:

c:> perl numpad.pl "c:mp3album" yes .wav 5

That example would zero-pad all the files in the c:mp3album directory that end with .wav, making any number it finds in a filename at least 5 digits long. This script should handle any files you give it; not just mp3’s. You can also re-run it with a different padding amount and it will redo the padding if you put too many on the first time. If you tell it “no” as the second argument, it will just show you what it would do instead of actually doing it. As always, USE AT YOUR OWN RISK!

• Native Exe Version: numpad.exe
• Perl Source Version: numpad

Every webmaster that is concerned with standards compliance has to constantly keep their site validated. I strive to keep this site compliant with the XHTML 1.0 Strict specification and that means a trip to the W3C validator every time I make a change to the site. One of the constant annoyances with the XHTML Strict specs are character set issues and closing unary tags. I have eased my burden a little by putting in a plugin to my blog software to fix those problems right before the page is rendered. That means even if I mis-type something in a blog post it won’t keep the site from validating, because it gets fixed at display-time.

Here is what the meat of the plugin looks like:

  ##: Tag fixes
  $$body_ref =~ s/<br([^/]*?)>/<br$1/>/gi;
  $$body_ref =~ s/<hr([^/]*?)>/<hr$1/>/gi;
  
  ##: Character code fixes
  $$body_ref =~ s/&#8217;/&#8217;/gi;
  $$body_ref =~ s/x93/&#8220;/gi;
  $$body_ref =~ s/x94/&#8221;/gi;  
  $$body_ref =~ s/x92/&#8217;/gi;
  $$body_ref =~ s/x91/&#8217;/gi;
  $$body_ref =~ s/x85/.../gi;
  $$body_ref =~ s/x96/-/gi;

You can get the gist of it I hope. The $$body_ref variable just contains the contents of the current blog post that is being assembled. Each line performs a regex search/replace operation and corrects a potential markup problem. The top 2 lines fix the 2 most common problems I run into with unary tag closing. They add closing forward-slash’s to the br and hr html tags. Those are the ones I forget most often. You might need to include the img tag also if it’s a problem for you.

The character code fixes are needed to fix those “non SGML character number” messages that annoy the crap out of everybody. They usually sneak in when you do a copy/paste operation off of a webpage and stick it in your blog post. If you’re not familiar with regex syntax, the x00 in the search string is an octal notation. It means to replace every occurence of that character code with the appropriate html entity name that makes it compliant with XHTML. In my opinion, HTML entity names are the easiest and most readable route to take in this situation. The ones I listed above are the most common for me, but you can find a more complete list here.

This is not all just to make you feel better about being an open standards fanboy. It has a real purpose. For instance, if your site is listed on one of the standards compliance list sites like W3CSites, you don’t want to get delisted just because you forgot to close a br tag on one of your blog posts. This just adds another layer of protection against that happening.

The latest “astounding” evolutionary fossil find is the skeleton of a “3 year old female” version of Australopithecus Afarensis. As usual, the media is throwing everything at the wall and seeing what will stick. I get suspicious though whenever a claim is made about finding an “almost complete” skeleton, yet the only pictures you see in the article are of the skull. Turns out that the actual find, while very neat, was a lot less impressive than stated. Most of it is still encased in sandstone. Here is what was actually found:

The debate over “Lucy” has always been about whether or not it was just a mottled together ape skeleton, or some type of early hominid. This new find so far does almost nothing to change that debate. From the waist down, only a few fragments were found, so you can’t really say what they indicate. The upper body, on the other hand, strongly indicates ape-ness:

This line blows me away though:

Creationists have held for years that the fossil record clearly indicates a world-wide cataclysmic flood event. Call it Noah’s flood if you like. Every ancient culture has a world-wide flood myth, not just Christians and Jews, but for some reason nobody believes there was a world-wide flood. Many dinosaur sites around the world show signs of rapid flood burial. We have sedimentary fossils of fish schools 1000’s of feet up in the Sierra mountains, yet there was no flood?

More good stuff about this find can be found here.

Wow, those Bush tax cuts are really hurting the government aren’t they: