Archive for the ‘Web Dev’ Category
Posted on September 13, 2008 - by snipe
Web 2.0 in Six Easy Steps
This post, written by web designer James Paden of Xemion.Com, takes a snarky look at Web 2.0 and the cookie-cutter websites that seem to be popping up everywhere. Make with the clicky here.
Incidentally, this is a great web development blog, by the way, especially for freelance developers interested in taking a closer look at conversion rates and learning how to put together a powerful resume. Lots of great articles.
(1 votes, average: 5 out of 5)
Loading ...Posted on July 3, 2008 - by snipe
GUI Planning Made Easy with the Pencil Project
Designing a good GUI is arguably one of the most difficult - and critical - phases of application development. It’s absolutely one of the most overlooked, and part of the reason for that may be the fact that we haven’t had many tools that allow us to quickly and easily throw together a GUI design that can then be put through its paces. Photoshop mock-ups, although easy enough to do, can be time-consuming - and if you’re purely a developer, you may not even have access to Photoshop in the first place. Fortunately, your days of scratching out GUI designs in crayon on the TGIFriday’s placements (don’t laugh - I’ve done it) are over.
Five years ago, people used a specific piece of software because it did what they needed. Even if the interface was miserable, it was the only thing out there that did the job, so they learned to suck it up. These days, there are so many pieces of software that do the same - or virtually the same - things, that the user actually has a *choice* - and the winner will almost always be the one that’s easiest to use.
The Pencil Project is a Firefox addon that takes much of the hassle out of GUI development, with an easy-to-use drop-and-drop interface with text editing and a library of shapes and form widgets.
From the Pencil Project website:
The Pencil Project’s unique mission is to build a free and opensource tool for making diagrams and GUI prototyping that everyone can use.
Top features:
- Built-in stencils for diagraming and prototyping
- Multi-page document with background page
- On-screen text editing with rich-text supports
- PNG rasterizing
- Undo/redo supports
- Installing user-defined stencils
- Standard drawing operations: aligning, z-ordering, scaling, rotating…
- Cross-platforms
- Adding external objects
- And much more…
Pencil will always be free as it is released under the GPL version 2 and is available for virtually all platforms that Firefox 3 can run. The first version of Pencil is tested against GNU/Linux 2.6 with GTK+, Windows XP and Windows Vista.
Obviously, if you’re a crappy GUI designer, or if you don’t take the time to test your designs, The Pencil Project isn’t going to save your hide, but for developers who care about GUI design, it can shave quite a bit of time off that design process. Assuming you’re the latter instead of the former, visit the Pencil Project website to learn more and download it now.
(1 votes, average: 5 out of 5) Loading ...Posted on July 1, 2008 - by snipe
Identify and Fix SQL Injection Vulnerabilities in Web Applications
Scrawlr is a free software for scanning SQL injection vulnerabilities on your web applications, developed by HP Web Security Research Group in coordination with Microsoft Security Response Center.
Scrawlr crawls a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities.
After the scanning process, if it can find vulnerabilities, it will display your database table names as a proof of the possible SQL injection vulnerabilities.
From the HP Scrawlr website:
Technical details for Scrawlr
- Identify Verbose SQL Injection vulnerabilities in URL parameters
- Can be configured to use a Proxy to access the web site
- Will identify the type of SQL server in use
- Will extract table names (verbose only) to guarantee no false positives
Scrawlr does have some limitations versus our professional solutions and our fully functional SQL Injector tool
- Will only crawls up to 1500 pages
- Does not support sites requiring authentication
- Does not perform Blind SQL injection
- Cannot retrieve database contents
- Does not support JavaScript or flash parsing
- Will not test forms for SQL Injection (POST Parameters)
There are some limitations, as noted in the above bulleted list, however this is certainly a good start to help web developers find and correct vulnerabilities in their applications. Download Scrawlr now - Windows Only.
(1 votes, average: 4 out of 5) Loading ...Posted on January 20, 2007 - by snipe
Multiple IEs
This is handy for when you need to test a website out in multiple versions of Internet Explorer. And its free! Windows only, but then again, IE for Mac is out of development, so its less of an issue. Installation is a breeze, and I’ve set it up on several systems without so much as a single glitch. No promises for Vista tho - I refuse to install it, so I can’t vouch for anything running on it.
Get it free at tredoft.com.
(1 votes, average: 5 out of 5) Loading ...