Categories
Technical

You know when you’ve been Twango’d

You take one Django app (this monstrosity, which I mockingly label “my blog”), you take one completely exhausted Ruby On Rails app with a nice simple API but as much stability as a menstruating Dr Jekyll (in this case, Twitter) and what do you get?

Well I kinda ruined it with my hilarious entry-title, but yeah – Twango.

Why I love Twitter

Twitter could very well be my illicit lover, I only have like three “friends” – but that matters none. I still feel the need to tell them what I’m cooking, reading, programming, and why I hate Gillian McKeith (she’s a pretend doctor who dissects people’s poo on TV – who needs any more excuses?) along with stuff that I find to be funny in the empty landscape that is my head (so yes, I am a sadist).

The downside is, of course, that this goes both ways – you get the doings of the people you have subscribed to (it’s only nice to return the favour, isn’t it?) broadcast live to your phone via text message. This has led to some people finding the service “intrusive” and turning the alerts off. I quite like it – generally people on my list have been pretty sensible with their updates and it keeps the (non-salacious) voyeur in me happy. But you know – horses for courses and all that.

But it’s not really all that useful, is it?

That’s what my girlfriend said. (BUH-DUM..TSH!) No really – she did. Only for her to sign up and send this twitter the VERY next day. She’s not used it since, but it’s served as something to sling in her face if she ever moans about my incessant Twittering. “You’re always on your phone!” “Well you lost yours!” – that’ll show her.

Anyway, what we have here is a very nice alerting tool for absolutely nothing. We can use its aforementioned “intrusiveness” for many many things: This guy hooked up his doorbell, Gareth Rushgrove has mentioned the idea at work of hooking it into CruiseControl to tell us when a build has gone awry, and now I’ve hacked together a little something which alerts me whenever somebody posts something on my blog.

So THAT’S where Django comes in…

Django makes such alerting a breeze. All you need to do is override the model in question’s save method so that it sends a Twitter to your twitterbot anytime it is called. Then as long as you are subscribed to your twitterbot’s feed, you’ll get a twitter to your phone shortly after.

It’s proper simple, and the code is pretty straight forward too. There are a bunch of python APIs out there already, but I used the simple posting function released by Matthew Boedicker, I only need that posting functionality, and this seemed ideal – just a couple of URLlib calls and you’re sorted. Just stick that somewhere (I’ve got a nice customised helpers file) and call it a bit like this in your model:


class Comment(models.Model):
   ultra hot model code
   def save(self):
      super(Comment,self).save()
      twitter_update("comment posted to " + self.blog_entry.slug + ": " + self.content)

And it should work nicely.

But couldn’t it all go bits up?

Yeah, there’s every chance that this is open to abuse. Twitter’s far from safe with the whole SMS spoofing thing, and even then people could totally kill your phone if you’re not careful – so obviously use it while acknowledging the risks involved. Luckily, Twitter makes it relatively simple to silence – everything arrives at your phone from one source, so you could easily shut it up – and there’s no stopping you implementing spam-protecting measures such as Askimet and Captchas (the first is definitely next on my BDT todo-list).

Feel free to tell me why I’m wrong, add me on twitter (I’d really liked to be added by people not trying to spam me for a change) or just plain ignore me – thanks for making it this far.

Categories
Technical

the elusive commenting system

BDT (yeah, third post in, already acronym-ising this thing) finally has one of them there commenting systems. Check it out below if you don’t believe me.

The delay

The reason I was holding back was because I wanted to “hand-roll” my system for maximum control. Yeah, this is a gross violation of “don’t reinvent the wheel” (Django has a comments module), but sometimes invention is fun even if you’re contributing nothing new to anything. My main motivation for spitting in the face of Django was because at some stage I want to play with Akismet. There are tutorials out there for adding Akismet using the existing comments system, however they all involve altering core Django code and I sorta felt that this could be a bit messy – particularly in terms of maintenance further down the line.

The problem

The Django API makes it a breeze to add a comment, the big problem comes in escaping stray html / javascript etc. I could write my own sanitiser – it probably wouldn’t be all that hard, but I would never want to reinvent the wheel (I’m banking on 90% of readers skimming the last paragraph). The only method out there in Django seems to be that in the template system – and that’s only going to be directly useful in sanitising the main blog page, and only then if I explicitly tell it to on every template. It won’t stop somebody from submitting some code and it messing about with my admin page, for example. But the method itself is useful, it is powerful and in one command it can strip a string of any potential offensiveness (by offensiveness I mean XSS etc, not the word, “dick” – we wouldn’t want to prevent people from commenting about their favourite British pudding now, would we?).

The solution

PS I have stumbled upon this idea in surfing, but cannot remember where, if you were the originator, tell me and I’ll give due credit.

To harness the escape method, first you need to hook into the django.template module – specifically looking for the Parser class (I was stumbling about aimlessly in the python shell when I finally cracked this one, there is probably a better way of doing this). From an instance of the Parser class you execute the find_filter method to return the escape function, which you can then use at will. So, sticking this in your “add a comment” view-method-thing would look a little like this:


from django.template import Parser

...ace django code goes here...

p = Parser("you could probably put anything in here, I should probably try looking for a static class or something more efficient")
esc = p.find_filter("escape")
new_comment.content = esc(new_comment.content)
new_comment.save()

...more ace django code...

note to self: find / implement a “code” template module. Preferably with syntax highlighting built in.

obviously, you’ll want to do some content checks and the like, but you get the general idea. I am of the opinion that if you are not super paranoid about what you let into an effectively open database then you are asking for trouble. If you need further proof (beyond common sense), look at all of the trouble myspace have had over the years.

Still to come…

hmmmm, somehow this has formed itself into BDT’s first “proper” entry, I should probably have planned it better. Anyway, next on my list are per-category feeds, a bit of an “about” section and then some playing with Django vs Jabber interactivity. Should be fun, yay!

Categories
Technical

keeping this thing updated

…is a royal pain in the bollock. Figure I should give a small checklist of what Si has been working on:

XML Feed

I have just finished implementing an Atom feed for this mofo. It was ridiculously simple using Django – create a feed class, point the url file at it and you’re away. I think I will have to stick some per-category feeds in because that was waaaay too easy

Comments System

I am working on getting a comments system sorted ASAP, I think the power of blogging is in the dialogue – without it you have a glorified ego-wank. The aforementioned feed will not be going live until this is all cleared and working.

Super hyper mega WEB APP!!!

Hayley and me – we had one of them $5 ideas* that she swears is gonna make her us a million. I am not so sure. I just want to be able to say that I have successfully deployed a working web application, rather than being a dumb simpleton who has no idea of the rigeurs involved. The app itself is pretty useless to anyone not of the myspace generation and it took me just 45 minutes to manufacture a proof of concept (again – thanks to my boyfriend, Django) – but there is always a chance that Fox will give me £50 for it within the next 10 months, therefore making me a profit on my hosting. Wooyay.

* ok, it’s probably closer to 50p.

So yeah – still plenty on my plate, next post will hopefully about this mysterious wAPP (saying it aloud like that is strangely satisfying), if not inviting you – my non-readers – to leave a comment.

Categories
Technical

And so it begins

Yup – a pretty uninspired first post title, and what’s probably going to be an equally uninspired first post – but what the heck, I don’t see people reading this for a while now anyway. Basically I have been pissing about with various development tools on my own boxes for about 9 months now, I’ve gone through everything – PHP, Python, Ruby, Codeigniter, CakePHP, Dotnet, Visual Studio, Eclipse, VIM, Aptana… I’ve experimented with lots of different types of programming – AI, GUI, Linux, Win32, server-side, client-side, IM bots, games… and I’ve decided it’s about time I started putting stuff out there myself instead of leeching off of others’ hard sweat. With stuff being, “mistakes I have made that others may not have to”.

Python, Django Vim…I choose you!

Having battled through, I have finally achieved my desired set-up – or at least the one I am going to pursue for personal development in the forseeable future. My lingo of choice is Python – I have selected it because it feels like I can simply imagine code and it works. I like that. I’m not arsed about speed or any of those BS metrics, I just want to see stuff happen. (Although I have never had any troubles with Python regarding those sorts of things either.)

I planned on trying all of the Python frameworks (Turbogears, CherryPy, Zope etc.) but with Django it was love at first sight. It was so easy that it felt like cheating, and I am not one to feel guilty for living an easier life. If PHP was my only choice then Codeigniter would have been my way forward, but Python / Django seems to be gaining more acceptance with hosts and that looks to further pick up as it reaches that magical 1.0 release.

I have been really perservering with VIM for a while now and am now seeing the results. I wanted an editor which I could customise in any way I want, and having upgraded to version 7 I really don’t see anything it won’t let me do….Expect some scripts of beyond-dubious quality to be published on here as I start scripting stuff which I haven’t just ripped off some innocent French dude.

And finally…

Posts will inevitably stray off topic so don’t subscribe if you want pure technical writing (HAHAHAHA!!!!). Fanboyism is a disease – I consider myself OS-agnostic (they’re all quite pretty now, it all comes down to what I can afford / steal easily). I’m not big on memes – if there are 5 things you don’t know about me it is simply because I don’t want you to. The design of this blog will improve / change / mutate incrementally (with emphasis on the third, fourth and fifth syllables of that word) as I add features, currently I have just stuck in the bare bones. There’s not even an RSS feed yet let alone any sort of commenting. I won’t start pushing this / linking back until at LEAST those two features are implemented.

Last night I: signed up for hosting with webfaction.