?

Log in

No account? Create an account
Magicians of Chaos
 
[Most Recent Entries] [Calendar View] [Friends]

Below are the 5 most recent journal entries recorded in Creating Order from Chaos' LiveJournal:

Monday, March 28th, 2005
9:04 pm
[draci]
Some thoughts about ASCII
Hrm, s'been quiet in here lately. I think I'll say something.

So another site (which I won't name) is down again today, with a nice "we've been hacked, we're looking into it" banner on the front page. And it got me thinking, again--why does this stuff happen? Well, I think I can tell you. Briefly, they're not escaping HTML input, a fact I have creatively used to "spice up" my profile page. But what if I'd been malicious? What if I'd had JavaScript to steal session cookies? (The settings page does no confirmation, so given that I could even have changed user passwords! Gasp!) At any rate if they aren't escaping HTML they probably aren't escaping some SQL values, either. That would explain the quote problems... >..<

EDIT: Ironically it had more to do with the example in the bottom paragraph--word is that someone got too curious and registered "." as a username, causing the front page to display their profile. Worse, when that account was deleted, so was index.php. :) (Profile HTML, of course, remains unescaped.)

"OMG!!@#" you say. "Stupid admins! How could anyone not KNOW that?"

The real problem.Collapse )

Current Mood: curious
Monday, December 20th, 2004
10:19 am
[xb95]
A strange construct, perhaps...
So, I hate typing things like this (and pardon the Perl):

my $variable = undef;
my $init1 = primary_assistant();
my $init2 = primary_check_function();
if ($init1 / $init2 > 1) {
	$variable = 1;
}

unless ($variable1) {
    my $init3 = other_fallback_function();
    my $init4 = long_running_function();
    if ($init3 / $init4 > 1) {
        $variable = 1;
    }
}

unless ($variable1) {
    my $init5 = ...;
    if ($init5 ...) {
        $variable1 = 1;
    }
}


I hate typing the unless ($variable1) { ... } and wrapping my code in 20 of them because I don't want all of the checks to run if one succeeds.

If the checks were simple one line things, I'd just construct a large logical statement and rely on short circuit boolean evaluation to make sure the long running functions didn't run unless necessary. However, since I have to do a ton of initialization, that doesn't work so well without doing all of the big blocks.

I don't know of a cleaner way to do this without creating a language feature that applies only to this one exact problem (which I'm kinda against doing, it pollutes it too much).

Thoughts?
Monday, August 2nd, 2004
6:22 pm
[xb95]
Operators
Just dreaming up operators... one thing that I like the thought of (something that kfk2 pointed out) is having operators that function on both sides, so to speak... so something like this:

if ($x < 5 < $y) {

That is the logical equivalent of:

if ($x < 5 && 5 < $y) {

It'd just be shorthand. This is done in C/C++, but isn't done in Perl. I definitely want to see it in anything that we do. Then, that gives us the ability to do something like what Kenny suggested:

switch {
   case 1 <= $x <= 5:
      break;
   case 6 <= $x <= 10:
      break;
   default:
      break;
}


This syntax brings up something I thought of, too. The ability to have the equivalent of a set of if..elseif..elseif..elseif..else without having to do all of that typing. Why not have switch without a condition be treated as nothing other than a set of sequential conditionals to evaluate for trueness? You stop when you hit a break.

Of course, perhaps before we do any of this sort of thinking we should think up the actual format of the language at the base level--what constitutes identifiers, how blocks are denoted, etc.
Tuesday, July 27th, 2004
3:31 pm
[xb95]
Initial Thoughts
I'm going to list here some of the strengths of the languages I know and what I'm thinking of 'stealing' from them, or, what I'd like to see be used in another language.

C/C++
- ternary syntax (the ?: thing, that's ternary right?)
- strong class typing system

Perl
- variable conventions for base classes ($, %, @, etc)
- expressiveness (everything can be written in one line!)
- especially functions like map, grep, etc

Ruby
- blocks blocks blocks
- everything's an object

Gotta run, but those are some thoughts.
11:31 am
[xb95]
Introduction
Hello folks. Welcome to chaoticians, where our goal is to make order out of chaos! Or something.

What I'm interested in doing is designing a lightweight specification for a language that combines many elements of Perl, Ruby, C, Python, and everything else out there. In particular, I'm looking for a flexible language that can be used for a variety of purposes and compiled or interpreted depending on the situation. (Although the goal of this project isn't to create a compiler/interpreter.)

More posts will come later if people are interested.
About LiveJournal.com