Comments for Alf’s blog about geek stuffs

Comment on Wrapping text for Zend Pdf by greg

greg — Tue, 31 Mar 2009 13:12:14 +0000

You have an error in your widthForStringUsingFontSize function.

$glyphs = $font->glyphNumbersForCharacters($characters);

should be:

$glyphs = $font->cmap->glyphNumbersForCharacters($characters);

based on the referenced link you provided.

Comment on Demo of Wisss 0.2.0 by alf

alf — Mon, 16 Jun 2008 08:10:06 +0000

Bonjour Christophe,

je me rends compte que je n’ai jamais taggé la version 0.2 sur le svn :-/

Je suis actuellement en route pour la 0.3 et beaucoup de choses ont changé au niveau du metamodèle. Je t’invite à télécharger directement à partir du SVN, surtout que j’ai pas mal bossé dessus ce week end.

Je devrais sortir la 0.3 d’ici peu. Je commence à approcher des concepts de la 1.0. N’hésite pas à venir me poser des questions sur #wisss sur freenode.

Comment on Demo of Wisss 0.2.0 by Christophe Bresso

Christophe Bresso — Sun, 15 Jun 2008 22:35:21 +0000

Bonsoir,
J’ai vu votre démo impressionnant!
Par contre sur le site d’accéléo, je n’ai pu installer que la version 0.1. Où puis-je trouver la 0.2?
Merci

Comment on Zend Pdf and PNG transparency issue by alf

alf — Tue, 10 Jun 2008 02:06:16 +0000

Sorry, it was a hard day with 3h sleeping … of course you can generate image by yourself

Comment on Zend Pdf and PNG transparency issue by Alexander Veremyev

Alexander Veremyev — Mon, 09 Jun 2008 18:07:22 +0000

Aha, I’ll try to generate image by myself and test it.

Comment on Zend Pdf and PNG transparency issue by alf

alf — Mon, 09 Jun 2008 14:15:55 +0000

I can’t, it’s a copyrighted image of the customer but I think any A4 image with a lot of transparency may cause the problem. I’ll test during the week with an other (home made) image to check.

Comment on Zend Pdf and PNG transparency issue by Alexander Veremyev

Alexander Veremyev — Fri, 06 Jun 2008 11:58:16 +0000

Great thanks for the comment and registered issue!

Could I also ask you to attache the image to the issue for testing?

Comment on Secure authentication without SSL (part2) by pepe

pepe — Thu, 20 Mar 2008 21:39:17 +0000

State of the art pw authentication should provide *mutual* authentication. iIeally, it will also protect against offline bruteforce attacks, as passwords tend to be rather short. An example for such a protocol is SRP.

See srp.stanford.edu. The SRP authentication also produces a strong common secret that you can use to encrypt your session or at least authenticate it, to prevent hijacking/replay

There are some efforts to integrate SRP into SSL, see RFC5054. This should also help implementing SRP somewhere else.

Your last sentence on the other hand seems to imply that you want users to authenticate via browser. use htaccess in digest mode(not basic). Its also ch-resp. but much more standardized.

have fun

Comment on Secure authentication without SSL by Alf

Alf — Thu, 21 Feb 2008 09:07:22 +0000

Be careful, I’m writing a second post since we discovered a miss in this approach. Your proposition to let the javascript set up the type of authentication (plain text or hash) is a good point, I will add it later.

Comment on Secure authentication without SSL by Bram

Bram — Wed, 20 Feb 2008 20:35:33 +0000

I’ve been considering doing something similar for a project I’m working on. Only, if I were you, I’d include something like a hidden profile field to indicate whether you’re POSTing the password in cleartext or in the hashed format. That way, users without javascript can still log in, albeit less secure. Simply use a simple javascript to change the value of the hidden field for users who do have JS enabled.

Otherwise, I like it, and I’ll definitely borrow an idea or two from your setup for my project. Thanks!