Last November, there was a bug report in JSON Table Editor‘s support page. The person note that the table editor unable to load non-linear JSON. If he loaded the following JSON, the table is only showing two columns:

[{ "name" : "gggg", "desc" : "gggg"},
 { "text" : "gggg" },
 { "text" :"gggg" },
 { "text" : "gggg" }]

So today I finally have the time to look at this problem. After a quick look, I realized that it’s a simple problem. Previously, the ExtJS Store is initialized with the first object in the JSON array. Now, we must iterate all items inside the array and combining all of their attributes.

We do it as follows:

	// ...... CODE SNIP ......
	
	//obj is the JSON array
	var initObj = obj[0];
	
	//copy all properties' name into initObj
	Ext.each(obj, function(item){
		for (var key in item)
		{
			if (initObj[key] == undefined)
			{
				if (typeof(item[key]) == "number")
					initObj[key] = 0;
				else
					initObj[key] = "";
			}
		}
	});
	
	//initialize the ExtJS Store with initObj
	initStoreWithObject(initObj);
	
	// ...... CODE SNIP ......

And it works:

Happy holidays all!

Cheers,
Hardono

It’s either I’m too dumb to understand it, or I simply underestimate it for being very easy. Yes, I am talking about jQuery’s methods in retrieving elements property/attribute.

Today was the nth time i was bitten by this error. Instead of using attr(), I used prop(). A few times I left scratching my head as my Ajax post message in Firebug’s Net Inspector shown with missing key.

So I write this post hoping that I can put rest this recurring mistakes for good (which almost immediately happened as I look at the problem deeper).

What is element’s property? What is an attribute? I found it quite difficult to answer if I based on jQuery’s documentation page on this subject. But when I look at Firebug, I immediately understand.

Just look at the DOM Inspector:

It’s crystal clear baby! It’s kinda embarrassing to have this simple fact overlooked! Oh, I just want to add that the reason why my Ajax backend-post missing key(s) is because prop() will return undefined if the property is not found. As for attr(), it will return empty text for missing attributes.

That’s all, cheers!

Meanwhile in Singapore, the Ministry of Manpower (MOM) has recently lodged police report on websites that look like MOM’s website. The correct URL for MOM is http://www.mom.gov.sg. The copycat websites URL are:

1. http://www.movgov.sg
2. http://www.momgov.sg

I can’t believe that someone would foolish enough to carry phishing attack against Singapore Government. Isn’t this violates Singapore’s Law? According to Prof. Warren Chik, it does violate the law.

For now, let’s try to find the motive of this phishing attack. Unfortunately, since both websites is now no longer accessible, I can’t really find out how deep they imitates the MOM’s website. I can only speculates on their goals:

1. Spread misinformation. I’m not sure how someone can directly profit from this.
2. Stole SingPass credentials. There are areas in MOM’s website that requires you to login using SingPass. SingPass is used to access all public services provided by Government. Any financial transactions on these services will go through payment gateway like E-NETS/Bank. So I don’t think anyone can directly profit from stolen SingPass.
3. It’s a test website. It’s possible, but very unlikely. Who would careless enough to develop website in open internet? If you look at MOM’s website HTML source, you can tell that it’s using SharePoint. If the copycat websites also using SharePoint, then very likely they really are test website.

The interesting point is that these websites uses .sg domain. Dot-SG domain is an exclusive domain managed by SGNIC. According to their rules, anyone (locals or foreigners) can register .sg domain as long as they have local Singapore postal address.

On one of SGNIC’s accredited registrar (IP-Mirror), I found a more detailed restriction which states that the domain contact person must have a valid SingPass ID. Hmm.. do you think this is the motive? Harvest as many SingPass ID you can get, use them to register .sg domains which later be used for fraud/scam.

These are the WHOIS result for the copycat websites:

http://www.sgnic.sg/whois/node/?u=movgov.sg&r=2048889785

----------------------------------------------------------------------  
 SGNIC WHOIS Server
---------------------------------------------------------------------- 

The following data is provided for information purposes only.

Registrar:   INSTRA CORPORATION PTY. LTD.

    Domain Name:		MOVGOV.SG 
    Creation Date:		16-May-2013 03:15:01
    Modified Date:		01-Dec-2013 22:36:12
    Expiration Date:		16-May-2014 03:15:01
    Domain Status:		DELETED
    Domain Status:		VerifiedID@SG-Mandatory
    Domain Status:		VerifiedID@SG-OK (VERIFIED BY ADMIN CONTACT) 


    Registrant:

        Name:           VS (SGNIC-ORG1302261)        
        


    Administrative Contact:
          
        Name:           INSTRA CORPORATION PTE. LTD. (SGNIC-ORGIN282886)        
        


    Technical Contact:
        
        Name:           VS (SGNIC-ORG1302262)        
        Email:          vs48087@gmail.com
        


    Name Servers:
        NS1.NOADS.BIZ  
        NS2.NOADS.BIZ  

http://www.sgnic.sg/whois/node/?u=momgov.sg&r=2079318309

----------------------------------------------------------------------  
 SGNIC WHOIS Server
---------------------------------------------------------------------- 

The following data is provided for information purposes only.

Registrar:   IP MIRROR PTE LTD

    Domain Name:		MOMGOV.SG 
    Creation Date:		11-Nov-2013 21:19:20
    Modified Date:		29-Nov-2013 23:36:37
    Expiration Date:		11-Nov-2014 21:19:20
    Domain Status:		DELETED
    Domain Status:		CLIENT TRANSFER PROHIBITED
    Domain Status:		VerifiedID@SG-Mandatory
    Domain Status:		VerifiedID@SG-OK (VERIFIED BY ADMIN CONTACT) 


    Registrant:

        Name:           MARIN PLACEMENT (SGNIC-PER20045392)        
        


    Administrative Contact:
          
        Name:           IP MIRROR PTE. LTD. (SGNIC-ORGIP243488)        
        


    Technical Contact:
        
        Name:           MARIN PLACEMENT (SGNIC-PER20045392)        
        Email:          sglobestar@gmail.com
        


    Name Servers:
        NS74.DOMAINCONTROL.COM  
        NS73.DOMAINCONTROL.COM 

I am particularly interested with the domain’s status: VerifiedID@SG-OK (VERIFIED BY ADMIN CONTACT). According to SGNIC FAQ, it only requires two simple steps to have this status:

1. login to SingPass
2. click on a ‘Verify Identity’ button.

With this, I am sure it will be very easy for SPF (Singapore Police Force) to find out the individual who registered these two domains. After all, these two domains were verified using SingPass ID. Unless, it was already a stolen SingPass used to register. Whoever own the compromised SingPass ID will have the burden to proof that they were not the one validating these two domains.