the singularity of being and nothingness
Archive for July, 2008
Not Getting SQL Injected is a Good Thing
Jul 28th
Some people on the internet are jerks. They like to write scripts that roam the interblog, trying to muck with people's sites for their own gain. A common tactic is SQL injection, and it can suck out loud if you get hit with it.
Over the last week and a half, I've been attacked 5 times by the same malicious code which tries to use SQL injection to modify my database.
Wait, what is SQL injection? Basically, it's when someone takes an "in" to a query you're already running and adds their own SQL into it that executes an additional SQL command on your database. So for example, let's say you have a query that runs based off of a URL parameter, like this: http://css-imagine.com/gallery.cfm?siteID=12. In this method, my page looks to see if the URL parameter "siteID" exists, and if it does, it runs a query that looks for and retrieves information that equals the value of the argument "siteID" (here, it's '12').
What SQL injection would try to do with this, then, is to add some additional SQL to the end of my query string, hoping to find a hole to exploit and execute its own commands.
So how do More >
On Becoming a Better Web Designer, 6(b)
Jul 16th
Pop Quiz!!! What's the worst possible thing that can happen to your freelance project? Okay, besides not getting paid for all your hard work, what's the worst thing that can happen?
I know there's some out there that will say the answer is that they will not get enough inspiration for the project, and will burn out on an only marginally interesting design. Others might swear that the answer is that they'll overbid the project and feel guilt about over-charging their client. These people are crazy, by the way.
Seriously, though, the real answer is scope creep. What, exactly, am I talking about?
First, let's lay down a definition. While I'm sure many will disagree, this is how I define scope: "A description of all deliverable products, including their requirements and features." Pretty simple, really–it's an outline of the project, from start to finish, that defines what things are going to be produced for the client, down to the level of specific product features and functionality.
So yeah, this seems simple enough, but the truth is far from that. Why? Well, there are a few reasons. First, alot of inquiries to my site look like this: "I need a blog. How much do you More >
On Becoming a Better Web Designer, 6(a)
Jul 13th
So you've refined your HTML and CSS skills. Excellent. You've become a master of all things Adobe. Perfect. You can code a custom blog in your sleep (and have the code snippets to prove it). Good for you.
So what's next? Well, unless you code only for the sheer enjoyment and self-actualization of it, you're going to want to make money. And making money will require clients, and clients require BEING EXTREMELY CAREFUL!
What do I mean? Well, when I started freelancing, I was incredibly naive about customer relations and managing my projects. I quoted low (had to get the deal, right?) then killed myself to get the under-bidded job done on the ridiculously tight timeframe that I agreed to.
I have learned some hard lessons about customer and project management, but they are crucial to becoming a more professional web designer AND getting what you're worth as a designer for the work you do. So over the next few installments of this series, I'm going to be reflecting on some of the lessons I have learned–and am still learning!–that will hopefully help you in your customer managment.
Tip #1: Realistic Bidding
Okay, so it's common for those just starting out with freelancing More >
On Becoming a Better Web Designer: Default CSS
Jul 5th
When I got into web design, table-based design was already anathema. So for me, CSS was the most natural thing–it was the ONLY thing I knew. CSS made sense to me, and I really liked how I could granularly control the behavior of everything that I slapped on a web page.
One downside to this, however, is that I went a bit overboard. To get this control, I went with what I thought was the best route–uniquely class EVERYTHING. This, of course, led to bloated stylesheets and difficult to maintain code.
My problem? I failed to take advantage of default element CSS behavior. What do I mean? Well, consider the <h1> tag. By default, this tag is a block level element which means it will take its own "line" and force content which follows it to appear below. The same is true with the <p> tag. So what's the point? Well, let's say we use good semantics and have our page title be wrapped in <h1> tags. If we simply use the default behavior, the title of the page will be separated from any content that follows it–that makes sense, so why not use it?
And <p> tags? As most are aware, More >
Getting Into Skype
Jul 3rd
So I finally moved into this century last week by downloading and installing Skype on my computer. Notwithstanding the $15.00 I paid for my headphones, I really like what I see so far.
My primary motivation for getting Skype is my freelance work. While I love talking to clients, it is incredibly taxing on my cellphone minutes to try to manage weekly calls with several clients. I'm hoping that Skype will enable to reduce–or eliminate–this issue altogether, while also providing a way for me to be able to work with both hands while chatting on the line.
So here's some initial thoughts: Skype seems to provide pretty good call quality on my cable connection. In the few calls I've done, I've not had terrible difficulty hearing the other person, and the connection never broke up. Plus, I like that Skype provides a built in contact manager and internal chat client for quick catch-ups with clients that do necessitate a full-blown call.
Negatives: I've noticed that in Firefox 3, Skype recognizes phone-numbers (or at least phone-number formatted strings…) and applies some functionality to them. At first blush, this is cool–but it does get annoying, and can seriously break an otherwise consistent design flow. But More >