Category Archives: blog

Output CSV from PHP

I’d rather call it “an example for why developers do not like Microsoft”, actually.. After 3 days of struggling, I have now non-English csv file, which opens correctly in MS Office. No, standards are not important here; creating a valid file won’t help. It will open in Open and Libre Office, and probably even in notepad and wordpad. But not in MS Excel, which is used by all those people we create reports for.. Keeping the long story short, this is the code that worked: header ( ‘HTTP/1.1 200 OK’ ); header ( ‘Date: ‘ . date ( ‘D M j G:i:s T Y’ ) ); header ( ‘Last-Modified: ‘ . date ( ‘D M j G:i:s T Y’ ) ); header ( ‘Content-Type: application/’) ; header ( ‘Content-Disposition: attachment;filename=report.csv’ ); print chr(255) . chr(254) . mb_convert_encoding($csv, ‘UTF-16LE’, ‘UTF-8′); exit; (found here) It is about 50th sample of code I tried. I’ve encoded it as ISO, and as Windows-1252 (yes, it’s hebrew), and what not… Hope it would help someone.

Signing your email

When creating a website, one will most likely want to send emails from the code. It can be contact request, response to the user or anything else. Many of these emails are better to be signed, as otherwise email clients will show them in a strange (for regular user) or suspicious (for a bit more experience user) way, or send them to spam. For example, Gmail adds a “via” part to From field. So, how would we sign the outgoing emails? 1. SPF SPF is Sender Policy Framework, an open standard specifying a technical method to prevent sender address forgery. You can read about it more here to find out what and why it is, I will focus only on how would you use it. You need to create a DNS TXT record with string, saying whom do you allow to send emails by your name. Here is the syntax; if you want to allow anyone from your domain (works perfect for mails sent from the code, but is not too much secure), you can use the string “v=spf1 +a +mx -all”. To be sure your string is correct, you can use the validator. At the end, you Zonefile will have something like this: @ IN TXT “v=spf1 +a +mx -all” After your DNS had updated, you can check the record from the same validator. However, the best check is in your mail client; for Gmail, validated SPF looks like this: Received-SPF: pass ( domain of designates *.*.*.* as permitted sender) client-ip=*.*.*.*; Authentication-Results:; spf=pass ( domain of designates *.*.*.* as permitted sender) 2. DKIM DKIM states for DomainKeys Identified Mail, which attaches a new domain name identifier to a message and uses cryptographic techniques to validate authorization for its presence. The identifier is independent of any other identifier in the message, such in the author’s From: field. More on it here. This one is a bit more complex. You need to generate keys, add one of them to your emails’ header and the second one to you DNS records. There are rather many implementations of DKIM, I use the simplest for me, PHP-DKIM. Here are the steps: 1. Create the keys. For

When your Google Tasks are gone…

One may call me addicted or whatever, but I use many Google Services, and use them a lot. Orijinn’s calendar contains all my ongoing projects, planning what I do and when, and Tasks. In other words, there’s all my work data. So you can imagine, what did I feel yesterday, when the Tasks panel has suddenly gone! Digging Google (the search, I mean..) shows there are tons complaints on the net, starting from several months ago, and tons of solutions, which do not work. To save your time: the problem is still unknown to Google, but it seems to pop up only on Non-english interfaces. Now, the catch is that the fact your Calendar is in English does not say your interface is (WAT?). To solve this somewhat weird issue: 1. Goto your Calendar settings and ensure the language is set to English 2. Goto to here: (being logged in) and set the first option to be English. 3. Refresh the calendar and enjoy your tasks panel. Actually, I’m rather mad on Google for changing my language preferences all the time.. But well, everything cannot be ideal 🙂

Iframe and ‘Back’ browser button

Iframes had became very important part of web development. I bet there aren’t many serious sites without any iframe inserted: analytics, some widget, ads or anything else.. I use them often, too, and I’ve encountered an annoying problem: ‘back’ browser button won’t trigger iframe refresh. Actually, it is the same with the parent page, but there we always may catch this and do something. Iframe cannot handle this event. We also don’t want to refresh our iframe explicitly each time it is loaded. The solution is what you might think it is, but it took me some time to figure it out. Actually, I received a great help, so I own no credit here. However, as I couldn’t find any mention of this issue on the web, I’m posting it here for the future reference. We’d like to create our iframe on each window.load event, as this one is fired also when user hits ‘back’ button. We’ll create it dynamically, using two tricks: 1. set iframe.src to about:blank before the append, and after the append change it to actual data 2. add some random value among the iframe.src parameters Like this: window.onload = function(){ var ifr = document.createElement(“iframe”); ifr.width = ‘100%’; ifr.height = ‘500px’; ifr.frameBorder = ‘0’; ifr.marginHeight = ‘0’; ifr.marginWidth = ‘0’; ifr.scrolling = ‘no’; = ‘myIframe’; ifr.src = ‘about:blank’; var elt = document.getElementById(‘eltToAppend’); elt.appendChild(ifr); ifr.src = [‘’,’&r=’,Math.random()].join(”); }

HTML form and “Enter” key

Do you think that any form on a web-page may be submitted by pressing “Enter”? I was surprised to discover, that this fact is true only for the forms having a submit button or the single input field. It appears that the form more than one input but without “submit” won’t submit if you press the “Enter” key. You are welcome to check: the first form submits (and alert a message), while the second one does nothing. After a quick search this problem appears to be a known and rather old one. People on the web say this bug is known since Netscape times; also they say that there is an open bug on it for IE – I cannot check, as Microsoft does not allow unregistered users to see its bugs. Where does this issue come from? This is what we see in W3C HTML specifications: “When there is only one single-line text input field in a form, the user agent should accept Enter in that field as a request to submit the form.” Does it mean that otherwise UA should not accept it? Obviously, our browsers think so. I’ve checked in all my browser zoo (all the latest browsers on Linux and Windows (XP and 7), plus IE7, IE6, and Safari on Mac) – the behavior is equal in all of them except Safari, which nicely submits both of the forms. So, though we most likely won’t use the input of a type button, we still must add it, being hidden, to any form with more than one input field: With display:none it works in Firefox and Opera, but won’t work in Chrome, so I stopped checking. The example above has visibility:hidden on the button; it is ok in all the browsers I have except IE8 and below (surprising, indeed). Setting width and height to zero leaves us with ugly rectangle; setting a JS event to catch “Enter” is bad for all users who has their JS off. I think, from here any site has to make its own decision. Or maybe someone knows the ultimate cross-platform solution?

a kind of hello

Ok, it seems for me that finally there is too much stuff I need to remember – these small quirks you might need some day. Moreover, there have been too many places I used to write these down.. so this is the time to start a blog. Probably there is someone except me who will find these points interesting, too. And, as we all know, you always remember better something you’ve got to write down. Two articles coming soon. Way to go! (..and I cannot stay and will say it: I finally put this site on, found the time for it, hooray!)