Tag Archives: known

Posted on
by

Anyone who has done any development with PHP will be familiar with the infamous White Screen of Death; a blank browser window indicating that something horrible has gone wrong. A common cause, for me at least, is making a method call on a null object – easy to do in an object oriented architecture.

The exact reason as to why your script has gone splat will be reported in the log file, but from a UX standpoint, giving a blank screen to your customers is far from ideal. It is particularly problematic in complicated platforms like Elgg and Known, which use output buffering and have a plugin architecture.

Here’s a quick bit of code which can catch many (all?) of these fatal errors, and at least echo something. A variation of this is already in Known. Place the code somewhere towards the start of your script…

register_shutdown_function(function () {
        $error = error_get_last();
        if ($error["type"] == E_ERROR) {
            
            // If you use output buffering, chuck away any existing buffer
            ob_clean();

            // Set an appropriate HTTP error code
            http_response_code(500);

            // Construct your error message
            $error_message = "Fatal Error: {$error['file']}:{$error['line']} - \"{$error['message']}\", on page {$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";

            // Display a friendly message to your customers, giving them an option to email you about it!
            echo "
Sorry, FizzBuzz experienced a problem!
";
            echo "FizzBuzz experienced a problem with this page and couldn't continue. The technical details are as follows:
";
            echo "$error_message";
            echo "
If you like, you can email us for more information
.";

            // You'll also want to write the error to your log
            error_log($error_message);

            exit;
        }
});

Hope this is useful to you!

Posted on
by

So, Known lets you share links via a share API (and a toolbar bookmarklet). In the later versions of it, this action also calls a link shorten event hook which allows a plugin to shorten the shared URL.

Because I often share links, I wrote a quick plugin to hook into my bit.ly domain.

Using the plugin

Install and activate the plugin in the usual way, and then in your admin panel add your generic access token to the input box on the bitly page. Generate this token from your bitly settings page.

Currently you can only have one domain per Idno install, basically because I was short of time and so didn’t do the full OAuth thing.

So much to do, and so little time. Have fun!

» Visit the project on Github...

Posted on
by

I’ve submitted a pull request over on the Known project git repo that allows you to specify a CURL proxy connect string (which has since been merged).

If specified, this connection string will make all web service and web mention calls be sent via a proxy server.

This was a relatively small change, but is useful in many ways – for example, for communicating through a corporate firewall. It is also provides a way of routing Known to Known communication over TOR.

Why would you want to do this?

Well, this is part of an ongoing effort to harden Known against the new attack realities we face on the internet in the 21st century.

One of the things that the Snowden documents have revealed, is that the bad guys are particularly interested in harvesting everyone’s social graph – who knows who – so that they can, among other things, automate guilt by association.

Going to some lengths to hide this information from an attacker sitting on the wire, is therefore, a prudent thing to do.

Ok, how?

  • Install the TOR proxy on your server; this may just be as simple as typing apt-get install tor.
  • By default the tor package only installs the client, so you’ll need to modify the config to open up a SOCKS relay.
  • Next, tell your known site to use this relay; open your config.ini and set the proxy_string:
proxy_string = 'socks5://path.to.tor.proxy:9100'

Gotchas

Routing over TOR is only part of the solution of course. For the communication to be properly safe, you should also encrypt the communication using HTTPS.

Unfortunately, whether a connection is conducted over encrypted HTTPS or not is largely up to your friend’s webserver. But, you wouldn’t be silly enough to run unencrypted, right?

Given the numbers of nasty attacks that can be launched against an unencrypted web connection, the internet at large is now moving towards deprecating unencrypted port 80 HTTP. Google search results will now give preferential treatment to encrypted websites, so that’s another reason!

So, don’t be part of the problem. Have fun!