In all my life coding in PHP and reading error messages I have yet to come across this weird and frightening message

Parse error: syntax

error, unexpected ;, expecting T_PAAMAYIM_NEKUDOTAYIM

At first glance I just noted the line number and took a look there. Seeing nothing unusual I went to read the error message.

(Yes we actually try to understand error messages because they really help in your debugging.)

It was then I got a shock. What in the world is a “T_PAAMAYIM_NEKUDOTAYIM“??!! Heck I can’t even pronounce it.

My first thought is that my PHP complier screwed up but then I decided the Google will hold the answer.

So copying and pasting almost the whole of the error message into Google, it was discovered that T_PAAMAYIM_NEKUDOTAYIM is actually Hebrew for “::”, the double colon token.

Further probing showed that

T - stands for Token
PAAMAYIM - means double
NEKUDOTAYIM - means dots, or colon

in Hebrew.

I first thought that the programmers a having some humour but it turns out PHP was written by Israelis. Probably started development in their native tongue, it’s more likely they just missed this in translation.

A quick look at http://www.php.net/manual/en/tokens.php shows that even though an alias T_DOUBLE_COLON has been assigned, this phrase is embedded in PHP history.

How amusing.

Upgraded Wordpress to version 2 finally, after all that procrastination and worry about broken plugins.

Not sure if anything is broken so bear with me if things aren&undefined;t functioning properly for now. So far I&undefined;ve fixed all that I notice so do feedback any problems. (=

Had a bad bout of comment spam some time ago which even fooled WP Hashcash which I have been using then. Unwilling to make everyone fill in some unreadable Captcha image, I installed Spam Karma 2.

And all was well… until now.

My shoutbox just got spammed with 300+ entries! And that’s after passing it through the normal WP filters, which admittedly isn’t very stong.

So what’s a programmer to do?

Simple. Just recode the shoutbox to tap into Spam Karma’s rather efficient anti-spam system. But that is not without first looking (for my first time) at how Spam Karma actually works. It is a really neat design but doesn’t really have the API to just ‘tap’ into it, so I did the next best thing: Enter each shout entry as a new comment, let Spam Karma do its job, then take out the comment and put it into the shoutbox. With that it should work for most anti-spam plugin that works off the WP comment posting process.

As much as I know, this is the only shoutbox which integrates with your WP anti-spam plugin. =)

So no more spam! The same spammer tried again when I was testing the new version and it works perfectly. But if you’re somehow unable to tag, just drop a comment and I’ll look to it.

Oh and thanks Kerwee for notifying me so soon.

If you have this

and this

then you will need this:

Just don’t try to get it from here as you are required to make a “donation” to get it. Last time I checked donation implied voluntarily.

Of course iTunes will not work on Windows 98 but there are other free and better alternatives you can find on the internet, like YamiPod and EphPod.

So after spending over two hours searching for and downloading the drivers, trying to install and replace the existing USB drivers by trial and error, and we all know how “plug and play” Windows 98 is, the two devices could finally communicate. But what was fun was seeing how the once completely unresponsive iPod when plugged in slowly became more connected in stages.

At first we couldn’t even get the iPod to charge. Rewiring the USB connections and installing some other drivers got enough power to get the iPod to its charging state with the battery icon. More driver replacing brought it to the “Do not disconnect” state with Windows detecting a new hardware but refusing to install the iPod drivers. Manual intervention was required to replace the existing driver.

Finally “Apple iPod” and “USB Mass Storage Device” appeared on the Device Manager and all is well. Why must they make something so simple so hard?

Ok I don’t think anybody would be attempting to solve the little quiz I had so I’m just going to post my solution here.

switch ($usertype)
{
case "Administrator" :
if ($priv == "Administrator") return true;
case "Manager" :
if ($priv == "Manager") return true;
case "Registered" :
if ($priv == "Registered") return true;
case "Anonymous" :
if ($priv == "Anonymous") return true;
}
return false;

In case you’re wondering, this technique makes use of the “fall-through” condition of swtich statements, which is common in languages like PHP, Java and C. Note the missing break statement.

On efficency wise, switch statements are syntactic sugar for a couple of if statements and gotos (jumps), thus I would say it’s quite efficient. Readabiliy wise, it’s very clear to me. Easy to modify and understand I hope.

Comments?

Here’s a pop quiz for all you l33t c0d3rz out there, so if you’re not one then this post is not for you.

I was modding a component for a web application written in PHP and came upon this little problem. The application stores user access levels not in an enumerated type but as a plain string say $usertype. The user levels are in fact supposed to be enumerated say 5 levels: “Administrator”, “Manager”, “Editor”, “Registered”, “Anonymous”, where of course privileges of the higher level would encompass the lower ones.

Now I have to modify a function called has_priv($priv, $usertype) which takes in two strings and return true if the given $usertype does indeed have privileges under the given $priv and false otherwise.

For example, has_priv(’Editor’, ‘Manager’) will return true as Manager is above Editor, and has_priv(’Manager’, ‘Registered’) will return false.

Come up with a quick and easy way to implement such a function and post it in the comments. My purpose is to investigate how different people will solve this simple problem, and to find any cleaner solution than mine. I’ll be posting my solution after I gathered a few feedbacks.

This is coded in PHP but pseudo code with standard functions will suffice. Let’s see your l33t 5k!llz!!!

With reference to Securing the Assignment Submission Protocol (Koh, Nov 05) which propose a way of securing the ASP against the attack highlighed in An Attack on Assignment Submission System (Teo, Nov 05), the author would like to comment on a possible weakness in the securing mechanisim, namely by questioning the validity of an assumptom made.

While the protocol goes to great length to ensure that k would be completely random and assumes to be hard to reproduce, the weak link is in the verification of the correctness of the signature.

The verification process is done my visually comparing a photograph of a swath of k against the actual colour of the signature. The human eye is easily tricked as can be seen in this example. Also taking a photograph quantizes k to one of about 65 million possible values. Coupled with the fact that lighting would corrupt the phototaking process, the validation key given the to students is not accurate given such a large threshold of error.

Therefore someone with malicious intent, Mallory does not have to reproduce the exact k which George picked but produce something close to the original which still lies within the large threshold of error. Furthermore, none of the students, including Bob has a record of the pattern created by Ah Meng thus Mallory can simply erase the existing signature with turpentine, and create a new pattern with his fake but undetectable k on a different mailbox, as in an adaptation to the attack described by Teo.

One reason why I don’t find Minesweeper a fun game is that oftentimes it’s just a game of chance. After working so hard to uncover 98 mines I usually come to a point where the last mine is hidden under a few tiles of equal probabilty. What difference is this than rolling a dice or tossing a coin?

Well here’s a new way to play Minesweeper.

Instead of trying to uncover the mines, we shall verify that a given state of the game is possible. In other words I present to you a “freeze-frame” of a Minesweeper game, with some tiles uncovered, some flagged as mines, and the rest covered and you tell me if that is a possible scenario.

Now the game is actually solvable without any element of luck like the Sudoku puzzle. Idea was from an interesting way to present the P=NP? problem with Minesweeper, which by the way is NP-Complete.

We need more lecturers who can present ideas in such fun and creative ways.