About a year ago when gas prices in Canada have started to rise rapidly my friend and I were trying to guess when they will exceed the $1 per liter mark. After some discussion we've mostly agreed it would not happen till 2006 at the earliest. Alas our predictions were proven false, as the picture below shows today, August 13, 2005 the $1 mark has been surpassed. Given that $1 for a liter is a physiological marker for many people, it would be interesting to see what impact it would have on the quantity and type of cars seen on the road. Perhaps it would finally reduce the need for city dwellers to purchase giant fuel guzzling SUVs and similar type vehicles, but only time will tell. One thing's certain however, fuelling up your car will be much more of a hit on your wallet, just a month ago I could relatively easily fuel up for mere “0.80” cents a liter. A 20% increase in such a short time is highly noticeable and most unwelcome. NOTE For those of you who don't use the metric system or don't know late...

Spent the entire Sunday at the Molson Indy in Toronto, here is the photographic evidence. For the most part it was a rather enjoyable show, the main regret is the fact that this year another layer of netting was put up keeping the regular folk like me even further from the track, a closer look, costs $160+ a pop. Interestingly enough the best spot to see the most difficult track is from a non-paying zone on a little hill. Some of the latter photos were taken from there.

A few days ago a friend of mine sent me a URL to an online store with a product he found interesting. When I went to the site, aside from the aforementioned product I saw a nice "Hacker Safe" logo, with the date (current date) which was supposed to assure me as a consumer that this site is "safe". Clicking on this logo took me to a page of a security company specializing in "helping sites protect you (the customer) from identity theft and credit card fraud", sounds good, I feel much safer already. Curios about the truth of the site's hacker-safe claims, I decided to do a very basic test for Cross Site Scripting (XSS) by adding a small HTML string in the place of one of the parameter values in the get query. Imagine my surprise when rather then rejecting the clearly bogus value (number was expected, but non-numeric string was supplied), my input and the HTML tags found within were displayed verbatim. This little oversight would allow anyone to inject arbitrary content to be displayed as part of the store’s f...

A few days ago I read an interesting blog entry on Chris Shifflet's blog about Google Web Accelerator (GWA) and how it affects PHP applications. The purpose of the GWA is to accelerate the web page loading speed and thus improve user experience. This is done through a series of techniques which involve different caching mechanisms, periodically downloading copies of frequently accessed pages and prefetching. The prefetching works on a basis of a premise that when you load a web page you will not view just this page, but also click of a few links from that page. So, rather then waiting for you to click those links, while you are reading the current page, the browser is prefetching the content of the linked pages in the background. By the time you decide to click on the next link, its content is already sitting in browsers cache and can be loaded instantly. Pretty neat trick, right? While it is a neat trick, it does present several serious problem that affect both the webmasters and the users themselves....

Finally got of my ass and installed phpMyGallery, so my amazing photography can be shared with the world ;-). The first "vicitim" is the PHP|Tropics conference.