correct me if i’m wrong

I recently had to password-protect a subdirectory of my site and found existing documentation on this to be wholly inadequate -- at least applied to sites utilizing Apache and Django. The problem is that to password-protect a subdirectory, one must write rules in an .htaccess file residing in the parent directory. Since Django projects use a hand-written URL dispatcher, the directory structure of the resulting Web site doesn't reflect the structure of the internal storage system.

Fortunately, the solution is simple. Instead of writing your Apache directives in an .htaccess site, write them where your Django configuration resides. This will typically be your httpd.conf or site-specific configuration files you've created in your Apache sites-available/ directory.

I made a copy of my existing configuration under the location "/subdirectory," and added the following directives.

 <Location "/subdirectory">
    AuthType Basic
    AuthName "My Secret Site"
    AuthUserFile "/path/to/.htpasswd"
    Require user username
    ... 
</Location>

Be sure to use the "htpasswd" command on Unix to make an .htpasswd file in a directory on your server. Change the path in my sample above to where you store the file. Be sure that "username" matches the username you create using htpasswd.

That's it. If you know how to do this without duplicating my existing configuration, please post how to do so in the comments. That would be much appreciated.

Loading mentions Retweet

(This is the third in a three-part series for programmers with tips on making the leap from Web to the iPhone)

Your interface and business logic need to be connected manually

Experienced Web developers can traverse up and down the DOM tree like wild monkeys. The iPhone SDK utilizes .xib files that are XML-based as well for the UI, but the Web model doesn't quite carry over. Imagine, instead, that for each DOM element that you access in your JavaScript code, you have to write special instructions indicating you want to access them. There are two steps for writing these instructions:

1. Define a property in your header file that serves as an "outlet." Here is an example:

   @property (nonatomic, retain) IBOutlet TextField *myTextField;
   

   (be sure to define this property under @interface in the header and file and to @synthesize it in your implementation file)

2. Open up your .xib file in Interface Builder, and make the connection. You can right-click on the view you want to become an outlet or on the File's Owner to accomplish this.

   Carefully remembering to do this will save you a lot of grief.

Do you have other relevant tips? Please post them!

Loading mentions Retweet

(This is the second in a three-part series for programmers with tips on making the leap from Web to the iPhone)

As Web developers move from building static pages to rich Web apps, our browsers begin to buckle under the weight of heavy JavaScript. There's not a lot we can do about this beyond high-level optimizations aside from praying that V8 gains more market share rapidly. For those that haven't written production code in C, it can seem quite daunting. It shouldn't be. There's a fundamental rule that iPhone owners can follow from the time they write their first app (from the Apple Objective-C Memory Management Rules):

You take ownership of an object if you create it using a method whose name begins with “alloc” or “new” or contains “copy” (for example, alloc, newObject, or mutableCopy), or if you send it a retain message. You are responsible for relinquishing ownership of objects you own using release or autorelease. Any other time you receive an object, you must not release it.

This explains why many constructors for Foundation classes have a class method "counterpart." One example is NSString:

+ string
– init
+ stringWithCharacters:length:
– initWithCharacters:length:
+ stringWithString:
– initWithString:
+ stringWithCString:encoding:
– initWithCString:encoding:

The difference between the class methods and the traditional constructors is how memory is managed. For all classes prefixed with init, the caller is the owner. For all class methods, the callee determines ownership. This materializes like so in your code for the two types of constructors:

- (void)manipulateString:(NSString *)_string {
    NSString *newString = [[NSString alloc] 
        initWithString:@"Sample String"];
    // do stuff...
    [newString release];
 }
 

- (void)manipulateString:(NSString *)_string {
    NSString *newString = [NSString 
        stringWithString:@"Sample String"];
    // do stuff...
}
 

Additionally, if you are creating objects and returning them, use "autorelease":

- (NSString *)returnString {
    NSString *newString = [[[NSString alloc] 
        initWithString:@"Sample String"] autorelease];
    // can't release the string before returning it!
    return newString;
 }
 

I recommend reading the Memory Management Rules before beginning your first serious project. It will most certainly be a problem for amateur Objective-C developers. Practice makes perfect.

(Continue to part III...)

Loading mentions Retweet

Having recently forayed into the world of iPhone development, I've had to adjust to the unique software stack that comprises the iPhone SDK. My first love is and always will be Web development, but the Apple platform is well-architected and produces beautiful software quite easily. Here are a few tips for new developers that come from the Web world. The followings tips should help guide you over the bumps of jumping from the world of Javascript and CSS to Objective-C and Cocoa.

Good Web developers and designers advocate flexibility above all else. Flexibility can be a blessing and a curse. HTML and CSS provide an inherently restricted toolset, intended to accommodate a widespread number of unknown use cases, giving the user maximum control. While Web designers become increasingly sophisticated and can build designs that are both aesthetically and flexible (see the CSS Zen Garden* for examples), it is a rare gift. Fortunately, for the rest of us, the iPhone/iPod is a single interface, with the iPad coming to stores soon. Having a limited number of devices on which our iPhone app can be viewed means that we know exactly how the app is being visualizing. 

The limitation materializes into more feedback about the visual attributes of Strings, for instance. One of my favorite code snippets is the ability to check the text size:

 // Calculate the expected size based on the font and
 // linebreak mode of your label
 
 CGSize maximumLabelSize = CGSizeMake(280, 9999);

// Use default system font (Helvetica) at size 16 for
 //     programmatically created label
 CGSize expectedLabelSize = [((UILabel *)instruction).text
                 sizeWithFont:[UIFont systemFontOfSize:16.0]
                 constrainedToSize:maximumLabelSize
                 lineBreakMode:UILineBreakModeWordWrap];

 // Create my label programmatically...

CGRect newFrame = myLabel.frame;
newFrame.size.height = expectedLabelSize.height;
myLabel.frame = newFrame;

(originally pulled from Stack Overflow)

(Continue to part II...)

Loading mentions Retweet

Good companies pay you to learn.

Paul Buchheit, Startup School 2009

I made a broad generalization in last blog post, claiming that working at large companies will stifle the speed of your learning. This isn't necessarily true.

Industry experience at any company can provide a valuable educational experience.

I made that generalization, because, in my experience, I felt the bureaucracy of my employer was actually stifling my learning. Since I'm in the software business, a huge amount of resources are available at virtually no cost, through the Internet and open-source. Hence, a company better provide damn good resources for your education if they expect you to learn more effectively than self-education, which I would consider the alternative.

For certain individuals, the only way attain their educational goals is by working at a large company, like Google, Microsoft, Apple, or Amazon. Google, for instance, fosters a strong academic environment. There are projects that these companies are uniquely capable of producing. For individuals whose goals align very strongly with said companies, they will likely have good experiences there, in spite of the company's bureaucracy.

Loading mentions Retweet

A friend's e-mail found it's way to my inbox this morning. He was interested in getting his Master's degree paid for by Google, so he's going through the interview process right now.

While my initial thought was that this is a terrible idea, I replied to him explaining why, and took the liberty of elaborating on several other negatives to working for a large software company outside of contractual agreements like this. First off, don't make deals with corporations. This is one of the ways they force you to keep working for them. I agreed to work at IBM for one year in exchange for having them move me to the Bay Area. When I decided I didn't want to work there anymore, it was a long stretch to get to the one-year marker.

Agreements with corporations exist because they're good for the company. (ex: Moving, College). The cost of hiring an employee at Microsoft is approximately $30k (source: a recruiting manager I met during college). Microsoft is on the high-end of companies, because they go the extra mile. This includes recruiter pay, flying recruiters to colleges, hosting college events (prizes, food, etc.), flying interviewees to Washington, paying interviewers, moving expenses, etc. It is in a company's interest to keep you once they have you. In addition to the initial hiring cost, turnover costs them, since they have to train new employees, teach them the company's culture, and involve them in an existing team's development cycle.

Part-time Master's degree program are a bad idea, in my opinion. The joy and benefit of school is being immersed in a highly intellectual environment. This includes learning from other students, attending talks, participating in campus organizations and school events, taking classes, and doing research. Working full-time and attending night classes eliminates all but two of those, thereby cannibalizing the learning experience.

I recognize, however, that not all people have the option of being a full-time student. My Mom, for instance, attended night classes while raising my sister and I and couldn't have attended a degree program full-time. However, this message is addressed to å young software engineers without financial or familial restrictions.

Given the lack of (those) constraints, a part-time Master's degree will take four years, plus an additional two years that the company will force you to work for them. I estimate that the pay difference between a Bachelor's degree and a Master's degree is $20-$30k. That's a total of six years for an relatively diminutive pay raise.

Consider the benefit of attending full-time. You'll get the maximum educational experience, but it'll cost you up to $80k, and you won't be getting paid. However, you're saving 4 years of freedom and will be making $100k+ when you graduate. It seems like a worthy trade-off to me, but then again, I'm the type of person that values time above all else.

A large company has more bureaucracy and provides less personal freedom. Bureaucracy, in my opinion, is another large-company Evil. It exists for a good reason: once companies create highly visible, successful properties, they must maintain those properties. This includes defending it legally and keeping their user base happy. They must instill a set of rules to protect their properties and they become less willing to take risks because so many users rely on their products. Tthese rules lead to more slow-moving development; hence, your learning doesn't occur as fast, and generally, your freedoms are confined. It's a bit of a leap between my assumption and conclusion for this last point, but this is a topic I can discuss at length in another post.

Loading mentions Retweet

I'm sure this question can be asked at a general level, but I'm interested in how it applies to software tools. Notably, BASH, emacs, vi, and ipython. These valuable tools are loaded with features that few users will comprehensively learn. Applying the 80/20 rule, approximately 80% of users will utilize 20% of the featureset these programs offer.

I'm interested in how the adoption of the remaining 80% can be fostered. There are several problems that face users of this software today. On a personal level, a user must make a deep commitment to it. Learning an entire suite of features can take years of consistent use across a variety of projects each with unique specifications that open the doors to new things. Additionally, the user must consistently force herself to continue training. Until then, she simply does not know which features she is missing. How can we accelerate the learning process for this long tail of features?

Loading mentions Retweet

I've grown tried of WordPress' heavy feel and clunky posting mechanic. Composing each post requires me to switch between a slow-loading preview page and the post editor which consistently eats up my formatting. As a result, I dread writing new posts and haven't posted to my WordPress blog in months.

Posterous has a lot of hype, so I'm giving it a whirl. I've tried Tumblr, but it didn't feel as snappy as advertised.

I'm hoping Posterous will live up to the hype, but I'm afraid it hasn't so far, for several reasons:

1. The default theme is difficult to read. I've had fantastic vision all my life and don't wear glasses. Yet the default, 12px Arial font strains my eyes. The theme you are seeing now is a cleaned up version of the default. I changed the base font to Lucida Grande, which is acceptable at 12px.

I was initially attracted to Posterous because of it's advertised minimalism, which they do well in most respects. They even cross out one of the three setup steps on their home page; it's that simple. With a theme, I seek minimalism, yet elegance. I want no distractions from my content.

Using WordPress, this minimalism was difficult to achieve, because hosted WordPress themes are wildly abundant on the Web and hence feel cheap, and the ones that are attractive tend to have too much content. To solve this, I had to move to self-hosted WordPress, install and customize my own theme, and deal with the system administration nightmares of hosting a blog. I felt I wasn't getting bang for my buck. Fortunately, Posterous allows for fully customizable themes in your browser. However...

2. Theme selection is slow. For the pre-created themes (there are five of them), each one has a long delay in loading. I'm not sure why, since the only requirement for a preview page is dynamically replacing a style sheet. My guess it that because blog owners rarely modify their themes, they are delegating this process to cheaper servers. It appears they are re-loading the iframe containing your site's preview, as well, so maybe there are other technical constraints I'm not aware given my lack of knowledge with respect to the Posterous architecture.

3. There is no support for advanced commenting systems, IntenseDebate or Disqus. Since I didn't integrate advanced commenting from the start, I was hoping that switching blog platforms would alleviate this. No such luck. Posterous probably won't integrate these services any time soon, given that Garry Tan (Posterous founder) said they were "looking into it" over a year ago. Seeing as how Disqus and Posterous are YC alum and people are requesting the feature, there must be bad blood there or an overarching business strategy that renders integration an un-wise decision.

4. The Import feature doesn't work as advertised. None of my comments have been imported (understandable). A lot of the formatting was broken (admittedly, this could have been WordPress' fault, which always munged by formatting). All my drafts stored privately in my WordPress account were posted. I had to delete them one-by-one. Terrible user experience overall; partly Posterous' fault, partly WordPress.

My desire for the perfect blog platform is simple: speed, elegance and minimalism in design, and simplicity in writing posts. Although the set up process for Posterous was unpleasant, I'm hoping they can deliver on these points as a consistent user. I'll stick with them for the time being. They're also the newest popular platform, have a lot of momentum, and will hopefully resolve these issues with time.

Loading mentions Retweet