a kindly visitor recently pointed out that the source code viewer could be used to launch XSS attacks. "egads!" i responded "that sounds terrible! wait...what does that mean?"

"they can steal your cookies!" the protector of bakery goodness replied. that's when i knew i had to take action. "NOBODY STEALS MY COOKIES!!" i shouted as i edited a few lines of code to prevent XSS attacks. and thus it was that the great cookie thievery of ought four was prevented.


if you've ever considered getting some recording software, i highly recommend you get tracktion while it's free (was $80). i've been testing it for the past week or so and it's the easiest fully-functional recording software i've ever used. it comes in both mac and windows versions. and now it's free.


some people - okay, one person - had pointed out that my virtual tom coates script tended to time out in it's attempt to spit out twenty words. i've made some improvements, and now it can spit out hundreds of words without timing out. it still has a lot of room for improvement, but even if i can't make it any better, i should still be able to make a 50,000 word novel by the end of the month.


hey look: i'm a google scholar. other than that, it looks like a useful tool.


a google search for "phpsessionid valid xhtml" currently returns 13 results, none of which explain how to produce valid xhtml with php's automatic phpsessionid. it took me a while to figure it out, so hopefully this post will show up in those results soon and help someone else out. what you need to do is put this at the beginning of your script:

ini_set( 'arg_separator.output' , '&' );
ini_set( 'url_rewriter.tags' , 'a=href,area=href,frame=src,input=src,fieldset=' );

the first part will make the automatic URL rewriting for sessions use the HTML entity &amp; rather than the default &, which is invalid XHTML. the next line will add the hidden form input (which is valid XHTML) inside a <fieldset> rather than the default, immediately after the <form> tag, which is invalid XHTML. if you don't already have them, you need to put <fieldset> tags inside all <form> tags to get forms to work with PHP sessions. this will change the appearance of your forms, but you can change it back with some CSS styling.


it's national novel writing month again. you may recall last year i entered the fray, with the intent of composing an entire novel from strings of text found on google. i kept running into problems and after exhausting my daily limit of searches on the google API, i had to wait until the next day to start work again. as i tend to hit my unpaid web development in binges, this didn't produce a novel within the month.

a couple weeks ago, tom coates posted five years worth of his writing on plasticbag.org in the hopes that someone would create visualizations of it, and so it was that i gained the source material for my second attempt at a computer-generated novel. what i have so far is "virtual tom coates," though currently it would probably be better titled "virtual drunk tom coates" as it tends to speak in incomplete and/or incoherent sentences -- though i must admit i have never even met tom coates, much less experienced him inebriated. every two adjacent words it spits out are found together somewhere on plasticbag, but that's the current extent of the similarities between tom coates and virtual tom coates. here's an example of the output, which is different every time the page is loaded:

Of work on is finally my hair cut suits my stride the short-lived before the best project I'm going to

there's obviously a lot of room for improvement. since i have no significant limits on my work, i will only have myself to blame for any failure to produce a 50,000 word novel based loosely on the last five years of writing by tom coates. and if all goes well, i should have a system i can then apply to any text source to produce similar text.


if you'll direct your attention over to the music section, you'll notice everything is free. i'm still taking donations, which will hopefully help pay for the cost of hosting the music. music by people who aren't me has been removed until i can okay the new pricing with them. i'm uploading more music as i type. enjoy.


i have made the links searchable, which isn't especially useful given the current links, but will be more useful (for me, at least) when i start syncing my del.icio.us links to randomchaos. the search is quite nice, if i do say so myself. here's how it works:

it does full word matching, so if you search for "men" it won't find results with words like "entertainment." leaving a space between two words will find results that contain both words. so far, this is how del.ico.us works. here's where it goes further:

if you put a pipe "|" between two words, it will find results that contain either word. if you put a minus sign before a word, it will return results without that word. for example a search for "entertainment -humor" will find everything that is entertaining, but not funny (according to the assigned tags). if you put parenthesis around words, it will do that part of the search together before combining it with the rest. for example, a search for "(entertainment -humor)|interesting" will find results that are entertaining and not funny or results that are interesting. you can combine all of these options to create just about any search you might want.

i expect i'll probably use the same technique to improve the weblog search, but first i'll need to add the ability to search for whole phrases in addition to individual words.