A simple check to the truncated string, whether it ends with a face-blushing word or not, should be sufficient.

It is interesting that it end-up blocked by Akismet, even though it doesn’t mention any product, or linking to a questionable website, it simply links to Kelli’s Wikipedia page. Earlier discussion mentioned that it was the email address that causing the block.

Who will benefit from such action? Will Kelli Garner became more famous by gaining notoriety as a spammer? One could not forget how Paris Hilton become everyday conversations because of her sex tape leaked. So yeah, you can become famous by gaining notoriety. The more notorious you are, the more publicity you’ll get. Bad publicity, good publicity, all kinds of publicity, there is no such thing as bad publicity.

Or could it be someone else profited? If yes, in what way? Or is it just someone who is trying to be her biggest fan by dedicating her/his life promoting Kelli?

Another possible explanation is someone actually have planted something malicious at her Wiki page, which will be triggered whenever a person visit that page? Which is to me, a very likely explanation. Is this a Zero Day attack?

Anyway, the spam origin was from server which is apparently located at Prague, Czech Republic.

PS: This post is now officially unintentionally became part of the publicity machine.

My current theme is Pyrmont V2. I look at the header.php, I found out this:

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js" type="text/javascript"></script>
<script src="<?php bloginfo('stylesheet_directory'); ?>/scripts/basic.js" type="text/javascript"></script>

So this is the reason why I found two jQuery source code being loaded (shown below).

But what about Wordpress? In which file does the jQuery listed to be automatically loaded? After asked Windows to scour Wordpress’wp-includes folder, I found the answer:
script-loader.php

   //...
   $scripts->add( 'cropper', '/wp-includes/js/crop/cropper.js', array('scriptaculous-dragdrop'), '20070118');
   $scripts->add( 'jquery', '/wp-includes/js/jquery/jquery.js', false, '1.3.2');
   $scripts->add( 'jquery-ui-core', '/wp-includes/js/jquery/ui.core.js', array('jquery'), '1.7.1' );
   //...

I found it interesting that Wordpress is loading jQuery from localhost (sodeve.net), but Pyrmont is loading it from Google. There must be a reason for this. Dave Ward at Encosia teaches us that the reasons are:

1. Decreased Latency. Because Google is using Content Delivery Network (CDN). Therefore, it is much faster than your server
2. Increased Parallelism. Because it reduces the number of connections made to a single server. Browser usually has limit on the number of connection to a single server
3. Better Caching. Since the script is obtained from Google, it is very likely the script is already cached when visited any Google’s website that uses jQuery

Anyway, I’m sold to Dave’s idea. I replaced the line in script-loader.php, using http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js instead of /wp-includes/js/jquery/jquery.js. Then I observed the performance using Firebug.

Hmm.. Wordpress added the “ver” parameter in the script request. This invalidated Dave’s point no. 3. What can we do to make Wordpress not to add “ver” parameter in the script request?

How to Make Wordpress Load Script without Ver Parameter

Open class.wp-script.php inside folder wp-includes of Wordpress

//.....

$src = add_query_arg('ver', $ver, $src);

//.....

Comment the line shown above (line 117).

I believe things load faster now (At least for Google, sodeve.net server is a shared hosting, so its performance is difficult to expect )

If you do, you might want to use my enhancement. First let’s display the original:

<?php
/*
Plugin Name: Google Syntax Highlighter for WordPress
Plugin URI: http://wordpress.org/extend/plugins/google-syntax-highlighter
Description: 100% JavaScript syntax highlighter This plugin makes using the <a href="http://code.google.com/p/syntaxhighlighter">Google Syntax highlighter</a> to highlight code snippets within WordPress simple. Supports C++, C#, CSS, Delphi, Java, JavaScript, PHP, Python, Ruby, SQL, VB, XML, and HTML. Read  <a href="http://code.google.com/p/syntaxhighlighter/wiki/Usage">usage directions.</a>
Version: 1.5.1
Author: Peter Ryan
Author URI: http://www.peterryan.net
*/

function insert_header() {
	$current_path = get_option('siteurl') .'/wp-content/plugins/' . basename(dirname(__FILE__)) .'/';
	?>
	<link href="<?php echo $current_path; ?>Styles/SyntaxHighlighter.css" type="text/css" rel="stylesheet" />
	<?php
}

function insert_footer(){
$current_path = get_option('siteurl') .'/wp-content/plugins/' . basename(dirname(__FILE__)) .'/';
	?>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shCore.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shLegacy.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushCSharp.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushPhp.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushJScript.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushJava.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushVb.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushSql.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushXml.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushDelphi.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushPython.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushRuby.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushCss.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shBrushCpp.js"></script>
<link type="text/css" rel="stylesheet" href="<?php echo $current_path; ?>Styles/shCore.css"/>
<link type="text/css" rel="stylesheet" href="<?php echo $current_path; ?>Styles/shThemeDefault.css"/>
<script class="javascript">
SyntaxHighlighter.defaults['wrap-lines'] = false;
dp.SyntaxHighlighter.ClipboardSwf = '<?php echo $current_path; ?>Scripts/clipboard.swf';
SyntaxHighlighter.all();
dp.SyntaxHighlighter.HighlightAll('code');
</script>
<?php
}
add_action('wp_head','insert_header');
add_action('wp_footer','insert_footer');
?>

And now the enhanced version:
ENHANCED

<?php
/*
Plugin Name: Google Syntax Highlighter for WordPress
Plugin URI: http://wordpress.org/extend/plugins/google-syntax-highlighter
Description: 100% JavaScript syntax highlighter This plugin makes using the <a href="http://code.google.com/p/syntaxhighlighter">Google Syntax highlighter</a> to highlight code snippets within WordPress simple. Supports C++, C#, CSS, Delphi, Java, JavaScript, PHP, Python, Ruby, SQL, VB, XML, and HTML. Read  <a href="http://code.google.com/p/syntaxhighlighter/wiki/Usage">usage directions.</a>
Version: 1.5.1
Author: Peter Ryan
Author URI: http://www.peterryan.net
*/
function insert_header() {
	$current_path = get_option('siteurl') .'/wp-content/plugins/' . basename(dirname(__FILE__)) .'/';
	?>
	<link href="<?php echo $current_path; ?>Styles/SyntaxHighlighter.css" type="text/css" rel="stylesheet" />
	<link type="text/css" rel="stylesheet" href="<?php echo $current_path; ?>Styles/shCore.css"/>
	<link type="text/css" rel="stylesheet" href="<?php echo $current_path; ?>Styles/shThemeDefault.css"/>
	<?php
}
function insert_footer(){
$current_path = get_option('siteurl') .'/wp-content/plugins/' . basename(dirname(__FILE__)) .'/';
	?>

<script class="javascript" src="<?php echo $current_path; ?>Scripts/shCore.js"></script>
<script class="javascript" src="<?php echo $current_path; ?>Scripts/shLegacy.js"></script>
<script class="javascript">
var arLanguages = new Array();
var arLangCounts = 0;
var arAliases = [
	{key:'shBrushCSharp.js', val:['c#','c-sharp','csharp']}
	,{key:'shBrushCpp.js', val:['cpp','c']}
	,{key:'shBrushBash.js', val:['bash','shell']}
	,{key:'shBrushAS3.js', val:['actionscript3','as3']}
	,{key:'shBrushXml.js', val:['xml','xhtml','html','xslt']}
	,{key:'shBrushVb.js', val:['vb','vbnet']}
	,{key:'shBrushSql.js', val:['sql']}
	,{key:'shBrushScala.js', val:['scala']}
	,{key:'shBrushRuby.js', val:['ruby','rails','ror']}
	,{key:'shBrushPython.js', val:['py','python']}
	,{key:'shBrushPowerShell.js', val:['powershell','ps']}
	,{key:'shBrushPlain.js', val:['text','plain']}
	,{key:'shBrushPhp.js', val:['php']}
	,{key:'shBrushJScript.js', val:['js','jscript','javascript']}
	,{key:'shBrushJavaFX.js', val:['jfx','javafx']}
	,{key:'shBrushJava.js', val:['java']}
	,{key:'shBrushGroovy.js', val:['groovy']}
	,{key:'shBrushDiff.js', val:['diff','patch']}
	,{key:'shBrushDelphi.js', val:['delphi','pascal']}
	,{key:'shBrushCss.js', val:['css']}
	,{key:'shBrushPerl.js', val:['pl','perl','Perl']}
				];
function getScriptName(alias){
	var i = 0;
	for (i=0; i < arAliases.length; i++)
	{
		if (arLanguages.indexOf(arAliases[i].key)<0)
		{
			if (arAliases[i].val.indexOf(alias)>=0)
				arLanguages.push(arAliases[i].key);
		}
	}
}
if (jQuery)
{
	$sdv = jQuery.noConflict();
	$sdv(document).ready(function(){
		$sdv("pre").each(function(i){
			getScriptName(this.className);
		});
		$sdv.each(arLanguages, function(){
			var scrName = '<?php echo $current_path; ?>Scripts/' + this;
			$sdv.ajax({
			  type: 'GET',
			  url: scrName,
			  cache: true,
			  success: function(){
					++arLangCounts;
					if (arLangCounts == arLanguages.length)
					{
						SyntaxHighlighter.defaults['wrap-lines'] = false;
						dp.SyntaxHighlighter.ClipboardSwf = '<?php echo $current_path; ?>Scripts/clipboard.swf';
						SyntaxHighlighter.all();
						dp.SyntaxHighlighter.HighlightAll('code');
					}
				},
			  dataType: 'script',
			  data: null
			});
		});
	});
}
</script>
<?php
}
add_action('wp_head','insert_header');
add_action('wp_footer','insert_footer');
?>

So instead of loading all the brushes, we will dynamically load it using jQuery. I hope it’s useful for you

A person/machine, which by the way call him/her/itself as ’support center’ open our eyes to website in which we can purchase Tramadol with a very competitive price.

It appears to me, that ’support center’ somehow knows that developing NHibernate might requires you to consume analgesic medicine to help you to alleviate the pain. And being a good Samaritan, he/she/it shows us where to purchase it with the cheapest price.

This could also be simply viewed as a spam.

Short answer? Call your network administrator and report the incident. He did not pick up the phone? Send him email, cc his manager if you deem necessary .. Haha, I’m kidding.

If you had the same problem as I did, you could advise your Network Administrator, or whoever maintaining the InterScan Web Security Suite (IWSS) to make small changes to IWSS configuration. You could advise them to follow either of the following steps, depending on your circumstances:

1. Problem:You have set the action for the corrupted_zip parameter to “pass” in the [Scan-configuration] section in the intscan.ini file. However, IWSS continues to log the corrupted_zip_file events in the log file and send them to Control Manager (TMCM).

   Solution:
   To resolve this issue, please do the following:

   • Look for and open the intscan.ini file using a text editor.
   • Look for the “[http]” section and add the following parameter under it: “skipSpecificVirus=Corrupted_Zip_file”
   • Restart the IWSS daemon.

2. Problem: When IWSS is used as the HTTP proxy, access to websites is blocked and the Corrupted_Zip_File error appears even if compressed files are not being downloaded.

   Solution: Some Web-servers compress the requested content (HTML, images, etc) using the GZIP-algorithm to decrease the amount of traffic. If such content is sent in multiple chunks, and VSAPI only has one chunk, it will exit with an error indicating that the archive is corrupted (CORRUPTED_ZIP_ERROR). The web browsers can handle that as they are rebuilding it in there cache space on their side.
   To avoid such situations, IWSS 3.0 and 3.1 include a new feature that modifies the Accept-Encoding header of the HTTP request to exclude GZIP from the supported encodings. This feature is controlled in the intscan.ini file by the [http]/ disallow_gzip_encoding parameter and is enabled by default (yes).

   • Please make sure that the parameter “disallow_gzip_encoding” is set to “yes”.
     If you change the value, you will have to restart the http daemon for the change to take effect. Use the following commands:
     /opt/trend/iwss/bin/S99ISproxy stop
     /opt/trend/iwss/bin/S99ISproxy start
   • If you are using an ICAP implementation as well (like squid, ISA, etc..), you will have to change your ICAP client settings to “don’t send the header Accept-Encoding: gzip”.

   This will reduce the instances of the contents being blocked and may increase bandwidth usage. Some web servers may ignore this setting and still return the compressed content.

Source:
Configuring InterScan Web Security Suite (IWSS) 3.x for Linux to stop sending corrupted_zip_file notifications
Unable to access web sites using InterScan Web Security Suite (IWSS) due to Corrupted_Zip_File issue

I never tried Bing before, so today I gave it a try by visiting www.bing.com. Was tempted to search for my own name, but I settled for less narcissistic approach by searching for ‘Bing’ instead.

The following screenshots are the reason for the title of this post

IWSS bonked Bing’s Search Result

I was doing some small modification to Trainque’s Twitter Badge when I encounter this error message in Firebug:

Apparently this is a limit for API invocation. Does this mean if a website with twitter badge is visited by more than 100 people per hour, only the first 100 people will see the twitter badge content? After reading this documentation, I finally understand the meaning of this limitation. It means that an IP address cannot request more than 100 API requests per hour. Other way of saying this is, if you keep on refreshing this page for 100 times within 1 hour, you will not be able to see the Twitter Badge content on your 101st refresh. You need to wait until the next hour before you able to see the Twitter Badge Content.

What do you do when you are looking for a particular word, but you only know other word that somehow you know is related.

Say, you are looking for other words that associated with ‘denial, anger, ….etc’. You’ve read it somewhere, but you forget the URL. Thesaurus couldn’t help you. You totally don’t know that it is actually something called Stages of Grief

So what would you do?

Google Sets might be able to help you. Google Sets will return words related to the one you supplied. I submitted ‘valuair’, and interestingly Google Sets return almost all the names of airlines in South East Asia region.

I must admit there’s no way for user to submit suggestion to the result, so there is a high chance that the result is not what you expected. Unlike pageRank, Google is keeping the Google Sets’ formula secret, making few people intrigued with the idea (1, 2, 3).

What do you think?