Matthew1471's ASP BlogX

Many months after the initial idea was concieved, PalmBlogX has now been successfully programmed, so successfully programmed (you could argue) that this is the reason you can currently view this entry...

Heres' a breakdown of development..

1. The idea was concieved, after researching many products and programming languages I short listed it down to PDAT (PDA Toolbox) and NSBASIC.. To really get into Palm programming you need to know C

2. Found PDAT to just not be the one (The textbox limit really didn't go down well with me) Tried NSBASIC and noticed it offered a TCP/IP library..For time reasons I abandoned multiple record storage.. I was going to create a simple WinBlogX equivallant (Palm must be connected directly to the internet) but decided after my new Palm and WiFi purchases I needed to tackle the basics first as I was anxious to do little programming to reap the benefits..

3. Researched encoded HTML form data so PalmBlogX could directly connect to the BlogX server....Programmed almost all the core functionality in

4. Kept recieving "BUS errors" in POSE everytime I tried to use a MSGBOX (But Palm read it fine).. Learnt more NSBASIC and added an auto "Save" ability using Palm DataBase (PDB) files... Found out I could "hide" the BUS errors by using POSEs' retail rom rather than the debug rom (I know i'll go to programmer hell for this), but I really had no way to alter the memory allocation in NSBASIC so it was pointless POSE complaining about it

5. Noted although i'd programmed 99.9 of the code needed to directly communicate with the webserver and submit POST form data, NSBASIC lacked a "Replace" function (Although it supports InStr, Left, Right and nearly all the other Visual Basic commands I can think of, it just lacks that).. Typical I thought.. I e-mailed the NSBASIC developers asking them what gives (I'd searched the help doc several times for *something* that was equivallant)..In the end I thought "sod it"..In hindsight I probably could have created my own "Replace" with InStr, Left & Right, but i'm not sure how intensive it would be on a 333Mhz (I think that's the spec of it, maybe wrong) processer..

6. Reprogrammed it after a lack of response from the NSBASIC team and having practically read the helpfile in its entirity & after having had WiFi for many weeks now I was becoming desperate for a solution.. I decided to write another proxy (like I havn't over used that phrase enough already!) the Palm sends the unencoded data to the server, which then encodes the data and relays it.. Programming it was simple but the development felt like it'd dragged on beyond its time due to the complete abandonment of direct communication with the web server

7. Programmed a server side "proof of concept".. PalmBlogX would create a connection and send the data, the server side then displayed it in a textbox.. This was brilliant proof of concept, I sat 20 meters away typing in sentences to then zap them over WiFi to the server.

8. Next I revamped the code so it would accept any BlogURL, then I added a debugging feature so I could track people trying to abuse the proxy to try and crack a site.. With this in mind I eventually decided not to make the server-side open source.. I hardcoded my URL into the Palm device.. I added a check for update feature..I noted that validation on the serverside meant any username and password made the "Check for password" button report everything as fine..So I fixed that

9. I thought I was done then, POSE was submitting entries fine, I woke up the next morning and tried to slam in my first entry, I checked the blog and it had only posted half the entry, I was gutted and irritated because POSE gave me the impression evrything was working.. When I came home from school I investigated and found the Palm (Or WiFi) was actually fragmenting the packets.. So I chucked on a "Send Post" finishing tag (I can't type it here or we'll get this entry truncated)..

10. I hit "Send" again and we were still getting nowhere, this time the Palm was timing out waiting for a response..Day by day my computing coursework deadline was edging closer and I couldn't afford to spend many more evenings on this, I printed off my coding and dumped it in my bag, I'd take a look at it next time I had some time to kill at school.. At school I really couldn't see what was wrong, the code read fine, the only problem I could see was it was looping waiting for a response until the serverside hung up on it or gave it a ""' or timedout.. I removed those lines when I got home and now the code disconnected quicker than ever but we were still getting half the entry being sent.. After a bit of google surfing I found out NSBASIC has a relativly unknown limit of only being able to send x number of bytes to a shared library (e.g. TCP/IP) I read this on a commercial site for a TCP/IP library for NSBASIC which was very novel in the way that 90 of the functions they mentioned were already in the free NSBASIC TCP/IP library (that comes with source code) they bypassed the limit by adding some form of buffer, the solution immediatly became apparant, only send chunks of text at a time..I started with only sending one character at a time and it worked (10 minute posting process anyone?) I later upped the number of characters to 50 and all was well, I now had the perfect blogging solution.. I might try and up the character rate again, but I don't know whether the limit depends on the connection rate, WIFi might out perform dialup, possibly making the character limit less.

11. I added a timeout to the server side and a hadcoded serial number.. If you wish to purchase PalmBlogX (and support the entire BlogX effort) you may get in touch. I'm hoping to sell unlimited versions of PalmBlogX for £10.

For your convienence a fully functional time limited version is available here

16/03/05 Update : If only i'd found this page http://www.nsbasic.com/palm/info/technotes/TN15.htm .. oh well, it would have meant an extra library to install anyway

Ok I admit it, I am now addicted to Hannah and any days that don't involve her in someway drag on like being executed by a savage bamboo stick beating.

A few days ago my parents and brother crossed the welsh border for the traditional family holiday, they told me I was more than welcome to go but I told them i'd "take a raincheck" and get back to them.. I need not even explain why I might traditionally choose an empty house, lack of rules/guidelines and orders, a freezer full of Pizzas' and sole usage of the internet in comparison to a crowded holiday in england within constant range of my family and no excuse to escape to solitude.. This year's family holiday event also is the first holiday occuring while dating Hannah, the thought i'd not see Hannah for most of the half term if I went killed me (I felt tortured the entire 5 days when Hannah last went away)... And If you still disagree with my decision to stay home I suggest you try spending time with my family!

The entire 2 weeks before they went away, they literally (and I mean literally) lectured me every day about not having any house parties, to get out if theres' a fire (like no shit, I was just going to stay in there and voluntarily get cremated) and not to have unprotected sex (Really insulting that they felt they had to lecture me daily on this, like now they're going away they feel we'll act so irresponsibly.. We've already had plenty of time alone without any lectures so I thought they'd genuinlly just trusted me)... 3 days before they left I was contemplating holding a tally system about their boringly repetitive lectures.. "Been warned about sex"..."Party lecture" in hindsight that would have been a laugh, could have blogged it too.

The Sunday before they left I found out they were only going for 5 days (i'd assumed they were going for a week) I was disappointed even then to be honest. They dragged out leaving and eventually left 12pm Monday (Why they just have to stay for lunch too!)..

First reaction was the music went up, I reached down to the Subwoofer on the floor and the volume for that was also raised..The novelty of throwing a private techno rave faded quickly and the volume was eventually restored to a low volume. Monday was almost a Hannah-less day, until she text me inviting me round for tea (Which I thought was awesome) Hannah had almost disappeared off the face of the earth on Sunday, Her mum had recently gone to hospital over something to do with the baby and I got quite worried because it was unusual to go for so many hours without hearing from her either on MSN or from a text.. It turned out her grandma was staying over and her (meaning Hannahs') friend came over by surprise... Even if I didn't spend the entire day with her, just spending 8pm-10pm doing nothing other than hugging her on Valentines day was special enough.

Annoyingly my parents kept texting me every 2/3 hours (from 4pm until 10pm) they was usually filled with rubbish "What did you do for tea?"... "Are u out 2nite"..."Don't be late!!"..."Are you back yet!?" if only you kept picking up a beeping and flashing phone to read those, you'd know how warmly they were recieved.

I spent Monday night, Tuesday night and Wednesday morning (She had a show to go to and needed to spend time with her Grandma) with my princess..but not Thursday as she had a pile of school work and revision for a driving theory test (Which i'm pleased to say she passed )

Tuesday I pretty much accepted that she really needed to spend some time with her Grandma, I couldn't really challange that.. So it was really nice to get invited to dinner again with her. As Mark and her mum were giving me a lift home Mark jokingly mentioned a houseparty while my parents were gone, I told Mark he wouldn't be joking if he only knew how much i'd been lectured on it.

Wednesday evening I get a text from parental control informing me they decided not to come back Friday lunchtime and will be back even earlier, Thursday 9pm, great I thought, I spent 3 weeks getting rid of them for just 5 measley days and now they want to come back even earlier.. On Thursday at 1pm I get another text telling me they've left and will be home at 4pm... I was just speechless.. 3 measly days they were gone for.

I transferred my small amount of washing I did have from the washing basket into the washing machine, it was barely worth putting the washing machine on for, The energy saving campaign flashed through my head "Don't put the washingmachine on for small loads". However, If I'd left *any* washing for them they'd have played hell with me... So I shrugged off my "Green" enviroment saving conscience (Sorry enviroment), lets live a little I thought... The next problem I had was with washing powder, the box read something like 200ml for slightly soiled items and up to 600ml for heavily.. I shrugged, how much was I to pour? The clothes weren't even dirty, They were only in the wash basket because I automatically change T-Shirts and other items of clothing each day regardless of their condition. I thought i'd improvise so I checked to make sure no-one was looking and poured a large amount into the machine and said "That looks a nice amount" I wasn't too sure which drawer to pour it in... nor which program to run, so more guesswork..
It was quite an achievement just getting the clothes washed, I had one other problem that the program appeared to stop but it refused to let me release the door, What was program 13 I wondered? "Slow Spin" .."why not" I thought

Pegged it up, Did my brothers paper round (1hour) and vaccumed the whole house...on vaccuming the last 2 rooms they pulled up the drive.. I rushed the last 2 (but still did them thoughroughly) and dumped the vaccum cleaner at the top of the stairs I then loaded up my Delphi coursework and carried on with that.. Do I rush downstairs and put on a perfect act and tell them I missed them truely madly deeply or do I just be honest, they've lectured for 2 weeks, gone for three days and harrassed me with text messages..

They were a little disappointed I didnt kick up a huge fuss over their arrival back... It turns out the beds were too uncomfertable in the place they stayed in and Adam just found it a little all too boring (Though he assured me it had nothing to do with me not going) Looks like I didn't miss much.... They were impressed with how tidy I kept the place

Overall did I have a nice half term? In some places I very much enjoyed it, cuddling Hannah without hearing people walk up and down the stairs, running around etc. was nice... but the half term still had its downs and we did spend quite a bit of time away from eachother.

IMPORTANT : The Matthew1471 BlogX Version "V1.0.5.01 (10th July 2004) and above" contained a potential security vulnerability..

Technical Details : Due to a mistake made on my part, a potential security breach could occur if

A. The Comments.asp was injected with an SQL exploit in a particular field

All users are advised to receive the latest source code from http://blogx.co.uk/Download.asp or http://freewebs.com/matthew1471/

Version "V1.0.5.10 (Only Todays ZIP)" and up are unaffected.
Matthew1471 yet again apologizes for any trouble this may have caused.

The extent of damage that could be caused by this vulnerability is relatively unknown, without a specifically and maliciously crafted HTML form, the SQL exploitation would be limited to 50 characters

This is an incredibly embaressing situtation for me, but may I assure you that the last vulnerability we had hasn't been since last year.

I hope you feel I have made the right decision by bringing this problem to your attention

Note : Mailing List (http://blogx.co.uk/MailingList.asp) members have been notified and as of yet no-one has reported their blog being hacked via this vulnerability.. This vulnerability also existed in the BETA code