There is no right way; only wrong ways.

This post has a couple of intentions: for myself to better understand my own philosophies, and to encourage discourse around them. to convince junior-level developers, and perhaps those who suffer from Imposter Syndrome, to stop worrying and just do it. And like the title suggests, I’m wrong about all…

The Grave Accent and XSS

In JavaScript, the grave accent, `, aka the back-tick character, allows the use of Template Literals, a new feature first introduced in Firefox 34 in late 2014. Today, about 77% of browsers have native support for the feature. Template Literals allow the use of string interpolation and multi-line strings in JavaScript.…

About My Dead Side Project, Cashify

It's been well over a year since was Cashify shut down, so I'm way overdue for a postmortem. Cashify was an Android app that allowed users to exchange their Google Play credits for actual USD (sent to the user's Dwolla account). I've already written in detail about building it and…

When Sanitization Kills

Sorry about the dramatic title; I really doubt that input sanitization has killed anything. TL;DR: Don't sanitize password inputs. TL;RA*: Can you spot the bugs in the following code? /** * Sanitizes the given input by removing "<", and ">" characters. */ function sanitizeUserInput ( input ) { return input.replace( /</g, "&…

Remove Password from VBA Project

For XLSM files: Open the XLSM file with 7-Zip (right click -> 7-Zip -> Open archive). Copy the xl/vbaProject.bas file out of the file (you can drag and drop from 7-Zip), don't close 7-Zip Open the vbaProject.bas file with HexEdit Search for "DPB=" and replace it with…

The target principal name is incorrect. Cannot generate SSPI context.

The point of this post is so I don't forget how to solve this in the future. Every once in a while I receive the error message: "The target principal name is incorrect. Cannot generate SSPI context." when trying to connect to a SQL Server instance on another machine on…

Google Async Analytics using LocalStorage

Update: this project now has its own GitHub repo: https://github.com/davidmurdoch/ga-localstorage TL;DR: Click here to make the web faster. Oh, and share on Twitter, too! TL;RA: In 2010 I postulated on Stack Overflow that it may be possible to use Google Analytics without the baggage…

Cashify, An Android App Building Experience

I recently released my first android app, Cashify. This post is a reflection on my experience building an Android app for the first time. If you want to know what the app does visit its Google Play page (and download it). Android Studio Lately, my daily IDE has been Visual…

Non-onload-blocking Async JS with require.js

Stoyan Stefanov at phpied.com explained how to do non-onload-blocking async JS. TL;DR: window.onload can now fire before your async script loads and we don't trigger the browser's loading indicators (except in Opera). I loved the method; but thought we could take it a bit further. I…

How to move your Windows 7's User directory to your data drive

Use this at your own risk. If you try this and you break your system, I am not responsible. :-) I recently built a new computer and opted for an 120GB SSD for Windows 7 Pro and programs with a separate 1TB HDD for data. After installing the OS,…