I've reached an agreement with Dave Winer regarding the Share Your OPML web application. I destroyed his original code and user data along with everything that was built from it and gave up my claim to a one-third stake in feeds.scripting.com. He gave up the claim that he's owed $5,000. I originally hoped one of us would buy the other out and launch the application, but we found a much stronger basis for agreement in a mutual desire to stop working together as quickly as possible. If Share Your OPML was a Java ... read more

Earlier this week, Mozilla Firefox developer Darin Fisher announced that test builds of the browser include support for click pings, an experimental new HTML feature that makes it easier for web sites to track clicks on outgoing links: I'm sure this may raise some eye-brows among privacy conscious folks, but please know that this change is being considered with the utmost regard for user privacy. The point of this feature is to enable link tracking mechanisms commonly employed on the web to get out of the critical ... read more

A few weeks ago, I mistakenly believed that I had closed a PHP mail form vulnerability that let spammers use my web server to send mail. Another batch of penis enlargement and phentermine pitches were sent through my server last night, which I discovered when "rejected bulk e-mail" bounces found their way to me. A spammer exploited a mail script I had written that coded the recipient address like this: $recipient = "info@ekzemplo.com"; I thought the script was secure because users couldn't change the recipient. As ... read more

UserLand Software is discontinuing free Manila hosting, as I discovered last week when one of their users sought refuge on Buzzword.Com. Edit This Page shut free service on Dec. 1 and ManilaSites will do the same Dec. 31. I can offer free hosting on Buzzword, but webloggers who are committed to publishing with Manila should be advised that I'm migrating the server to new software by May 1, 2006. A better long-term option for those folks is to subscribe to Weblogger.Com or UserLand. (As an aside, if you're a fan of ... read more

I wrote a PHP script that accepts e-mail from web site visitors using a feedback form. The script works with different sites, routing mail to the right inbox with a hidden field on the form: The who field doesn't specify an e-mail address, because that would be easy pickings for spammers. They crawl the web looking for e-mail scripts that can be configured to send e-mail to any recipient they specify. Instead, my script was written to send mail only to accounts on my server: $recipient = $_REQUEST['who']; if ... read more

I've been running Weblogs.Com since June for Dave Winer, who wanted to see if service performance could be improved as he began to receive seven-digit inquiries about selling it. Weblogs.Com ran on Frontier for six years from its founding in 1999, handling the load reasonably well until the number of pings topped one million per day within the last year. In a frenzied weekend, I recoded the site as an Apache/MySQL/PHP web application running on a Linux server, writing all of the code from scratch except for ... read more

I recently finished writing Sams Teach Yourself Programming with Java in 24 Hours, the fourth edition of an introductory book for Java programmers, which comes out in around two weeks. I've been given wide editorial license with the book, so it contains unusual projects like Lottorobics, a lottery simulation applet that demonstrates why "Win the Lotto" is a terrible retirement plan. The new edition adds chapters on XML and XML-RPC that use XOM and Apache XML-RPC, two great open source class libraries for Java. ... read more