CakePHP Auth component, Flash and Internet Explorer… a deadly combination

OK, it’s not really deadly at all… other than that it will kill your CakePHP session and log you out.

My CakePHP-based CMS uses YUI Uploader, a Flash-based file uploader utility. It’s much better than the default HTML file uploader, because it supports a fully CSS-customizable progress bar and multiple file uploads.

It’s pretty slick, even though I did tear some hair out earlier in the year trying to get it integrated into the CMS. All went well for several months, until one particular client, using Windows Vista and Internet Explorer 8, discovered a showstopper of a problem: whenever you uploaded a file, all would seem well until you went to save your changes and you’d get kicked back to the login screen, without the changes being saved. Bad news!

I did some diagnostics and determined that, yes indeed, the CakePHP session was in fact being dropped as soon as the Flash process finished queuing the file uploads (an AJAX-based process), before you actually click the “Save” button… but since there’s nothing else happening dynamically on the page, it wasn’t obvious that the session had been killed in the background.

Anyway, some research led me to a perfect explanation of the problem, and an equally perfect solution: Flash is sending a different user agent string, which was resetting the CakePHP session. I’m still not sure why it was only affecting Internet Explorer, but at any rate, a simple change to the app/config/core.php file solved the problem in a snap. The critical line:

Configure::write('Session.checkAgent', false);

I suppose by removing this line, the application is ever-so-slightly less secure, but there should be enough other precautions in place that removing the user agent check as part of the process of validating a session should not pose a significant security risk.

Ubuntu hits the big time, for real this time

Ubuntu LinuxI just finished installing Ubuntu Linux 9.04 on my MacBook under Parallels Desktop. In the past, I’ve ventured boldly into the realm of triple-boot configurations to allow my Mac to run Mac OS X, Windows XP and Ubuntu Linux. But that involves modifying firmware and overriding the standard boot process, plus splitting your drive into 3 partitions and reciting dark incantations by the light of the full moon whilst drinking the blood of a calf slain with a silver blade.

Well OK, not that last bit. I’m not sure where that comes from (oh right, that was the part about installing Windows on the Mac). But suffice to say, while it certainly could be done, setting up triple-boot was not for the faint of heart, and once it was working, the question of whether it was all worth it loomed large. And no, I cannot think in non-clichés tonight.

When I got my new MacBook a couple months ago, I decided my days of triple boot were over. I was just going to go by the book (see what I mean?) and use Boot Camp. Well, sort of by the book. Never one to take the easy road, I wasn’t just using Boot Camp, but also running Parallels Desktop. And while you certainly can run a valid Boot Camp installation of Windows XP with an OEM license (the cheapest way to go, courtesy of Newegg.com) both directly via Boot Camp and also with Parallels, Microsoft doesn’t make it easy for you. It involves calling an automated Microsoft support line, and reciting dark incantations by the light of the full moon — I mean reciting a 48-digit number displayed on your screen, answering four simple questions asserting that you have only installed Windows on one computer and you would never, ever, ever, ever lie to Microsoft or Steve Ballmer will bite the head off a live goat and put it in your bed while you sleep, and then typing in a new 48-digit number the automated system recites back to you, while it slays a calf with a silver blade, yadda yadda.

Now where was I?

Oh yeah, Ubuntu. A new version of Ubuntu Linux is released every six months, the latest version, 9.04 (so named for being released in April 2009, get it?), having arrived on the world’s virtual doorstep earlier this week. Ubuntu releases all have clever, alliterative codenames too. This one is Jaunty Jackalope. I’ve been following Ubuntu (via the triple-boot ritual) since Gutsy Gibbon (7.10), through last year’s releases of Hardy Heron (8.04) and Intrepid Ibex (8.10), the latter of which powers this website, thanks to Slicehost.

I’ve been more and more impressed with each release of Ubuntu, as the Ubuntu development team has polished the user experience — especially the once-nightmarish installation process — and as the GNOME team has simultaneously polished the desktop software most Ubuntu users live in day-to-day. While I’m still a die-hard Mac lover, I’ll admit Microsoft has been making major improvements with its GUI design (despite other notorious issues) with Vista, and Ubuntu/GNOME has been getting better and better with each new release as well. But I really feel like 9.04, Jaunty Jackalope, has finally crossed the line where Ubuntu Linux now feels to me every bit as polished, professional, usable and pleasing as a commercial OS. The installation process is far easier, and faster, than a Windows installation, and the overall experience of the interface is clean, intuitive, and responsive.

So it occurs to me, even in this age of netbooks and Microsoft’s (and to a much lesser extent, Apple’s, at least where the Mac is concerned — iPhone is definitely their top focus these days) recent floundering, while Linux, Ubuntu in particular, is making inroads, it’s still just not going to be embraced wholeheartedly as a viable desktop alternative.

Why is that? Well, obviously Microsoft doesn’t want that to happen. Linux really much more of a threat to Microsoft than it is to Apple. Even though all three OSes can run on Macs, people as a rule just aren’t buying Macs to not run Mac OS X. I’m sure it happens but… really… why? So the major hit to commercial OS developers comes when a user buys a non-Apple computer and decides to install and use Linux (Ubuntu or otherwise) as their primary/sole OS instead of Windows. So even as Linux, and the world of free, high-quality software that comes with it, reaches maturity, and Microsoft gives us an OS that is best known as the butt of jokes (not to mention viruses and malware of all sorts), why aren’t more people switching?

Ultimately there must be some software that users are relying on for Windows that they just can’t get for Linux. It’s the same argument often leveled against Macs: “not enough software.” It’s a straw man argument. Sure there is vastly more software written for Windows than for the other OSes, but 99.9% of that Windows-only software is: a) highly specialized tools for specific industries, b) utter crap, or usually c) both. Especially when we’re talking about consumer software, whatever it is you want to do can be done just as easily on Windows, Mac or Linux. The software exists. Often between Macs and Windows it’s the same software, ported from one OS to the other or developed concurrently. With Linux it’s usually open source alternatives that are every bit as feature-rich as their commercial counterparts.

Linux has decent free options for managing photos, listening to MP3s, editing video, and all of the office tasks covered by iLife and iWork on the Mac, or by Microsoft Office and the parade of unimaginatively named Microsoft tools or OEM add-on crapware that generally comes preinstalled on Windows PCs.

Except one.

No disrespect to the developers of GIMP, but the one software program Linux absolutely needs in order to be taken seriously as a desktop OS is Photoshop. That’s it. Once Adobe stops wasting its time writing terrible custom installers and decides instead to devote those resources to porting Creative Suite to Linux, it will be all over. Windows will never go away, I’m sure, but it will be reduced to a niche OS: it will live on mainly to support legacy point-of-sale systems and industrial fabrication applications and the other arcane and ugly commercial applications that companies generally deployed in huge numbers back in the Windows NT 3.51 era and have left untouched for more than a decade.

Adobe, it’s all up to you. You owe the world a karmic debt after Bridge.

OK, this is how John Gruber makes $1750 a week on Daring Fireball

I’ve been reading Daring Fireball for a while now (long enough to have noticed and be relieved at the eventual removal of the questionable tagline, “Gay for Macs”), and I’ve enjoyed John Gruber’s pithy insights and diligent distillation of the daily deluge of Mac (and other stuff he’s, apparently, “gay for”) related news into a single useful stream of relevant information.

I’ve also been reading it long enough to know that its primary source of revenue is via a single weekly sponsorship, which culminates in a post touting the greatness of whatever it is you’re promoting via the sponsorship, and a link in his sponsorship archive. And for this he charges $1750 a week. That works out to $91,000 a year. Just for hawking someone else’s wares once a week. Not bad work if you can get it. But how can you get it? Well certainly not by describing your own writing as “blather” and then justifying that description by indiscriminately posting whatever prose crawled out of the dank, cobwebbed recesses of your brain. Trust me, I know.

I get it though. His insights are often brilliant. Case in point, today’s dismantling of my dreams of Flash for the iPhone. OK, I haven’t really dreamed of it. It would be nice, I suppose, but it’s been clear for a while that Apple had reasons beyond their spurious claims of poor performance for keeping Flash off the iPhone.

If you doubt that assessment, please do yourself a favor. Read Daring Fireball and then shut the hell up. I will now heed my own advice.

Mac does Windows…

It’s old news that Apple‘s new computers all run the Intel Core Duo processor (or the unimaginatively — yet redundantly — named Core 2 Duo), and that thanks to Boot Camp, or a third-party app called Parallels (which I didn’t bother to buy, so I’m also not going to bother to track down the link), Apple’s computers can now run Windows natively.

Ultimately for no other reason than that it can be done, I naturally had to install Windows on my new MacBook. Tonight the “dream” (and I use that term without implying any positive connotations) became reality.

Sure, it’s great to have Windows, I guess. It benefits me mainly in that I can test my work in that most unpredictable of environments, Internet Explorer. I suppose it would also be handy for running Windows-only software, if there were any Windows-only software I actually wanted or needed to run.

The most striking characteristic I’ve noted so far is how obnoxious Windows software installers are. Installing a new application on Windows feels a bit like forcing your way through a crowded flea market, with aggressive hawkers pushing their wares on you. (In fact, come to think of it, that’s basically what it is.)

So far I’ve only installed 3 programs, aside from the OS itself (a harrowing experience in its own right), those being Adobe Reader, Firefox, and AOL Instant Messenger. I tried to install the latest version of Flash Player as well, but for some reason the installer just starts and then vanishes mysteriously. Ah, Windows.

Among those 3 installed programs, only Firefox did not accost me with multiple offers to install other, unwanted programs… or that perennial favorite, the browser toolbar. No thanks! I’m just coming for Adobe Reader. I really don’t care to also litter my hard drive (and desktop… and Start menu… and taskbar) with the likes of a 30-day trial of a watered-down version of Photoshop. And I definitely am not interested in the Adobe Yahoo! toolbar, nor can I even imagine what purpose it could possibly serve, other than to surreptitiously alert Adobe to the fact that I’ve surfed on over to my own website, wherein I’ve then proceeded to write and post a rant on the topic of invasive spyware.

It doesn’t have to be like this, people! (In fact, I am writing this once again having returned to the comfort of an operating system that just gets the hell out of the way and lets me do what I want to do thank you very much!)