davej

I would suggest avoiding the inline style unless it is really needed to style a specific item. For tables the only feature I don't think you can style is the border attribute. The table defaults to border="0" <style type="text/css">table {width: 100%;padding: 10px;}td.cent {text-align: center;}td.wide {text-align: justify;padding-left: 10px;padding-right: 10px;}</style></head> <body><table><tr><td class="cent">FAQs</td><td class="wide"><p>Advanced/professional users .....</p></td>

Why bother? If the webpage contains even one image that image file is probably vastly larger than the html file.

Servers go down. That is why they like to claim 99.x% uptime. That still leaves some downtime. 99.9% implies downtime of as much as 525 minutes per year.99.99% implies downtime of as much as 52 minutes per year.99.999% implies downtime of as much as 5 minutes per year.

Anyone here work with Drupal regularly? I'm trying to understand their module selection. I don't like the standard forum and would like to know if they have an improved forum module?

Ok, but now I see people who have various items such as titles, styles, and metatags floating above <body> with no <head>. I don't see any practicality in recommending anything other than... <!DOCTYPE html><html><head><title>MyTitle</title></head><body>Hello World</body></html>

I noticed that the W3Schools HTML tutorial now omits <head> until you reach the "Advanced" section I think this is stupid. http://www.w3schools.com/html/default.asp. <!DOCTYPE html><html><body><h1>My First Heading</h1><p>My first paragraph.</p></body></html>

Yeah, I saw a question come up on Yahoo asking about recommended website development tools and someone suggested this thing, but when I looked I couldn't even find a respectable review of it. It was website after website of hype. I hate affiliate-driven marketing.

What the heck is this thing? There is so much bogus looking blather out there it must be an affiliate-driven product.

http://www.forbes.com/sites/andygreenberg/2012/08/31/oracles-java-security-woes-mount-as-researchers-spot-a-bug-in-its-critical-bug-fix/ http://www.informationweek.com/security/vulnerabilities/java-zero-day-attack-second-bug-found/240006431

Seems close to dialup at a price close to dialup.

$35US/month gets you 12mb down/1mb up but this may test as high as 20mb down/3mb up depending on time of day. What disappoints me is that browsing from page to page is still just as slow as my old 700kb DSL connection. The speed only helps when you are downloading large files.

Certificates seems to be dependent on fixed IP addresses. I think they also require installation assistance from the hosting company for users of shared hosting. That is two strikes against them.

As I understand it an SSL certificate which is signed by an appropriate authority provides a securely encrypted link that eliminates the chance of a "man-in-the-middle" attack. Without an SSL certificate each end of the link has a public and private encryption key but no way to know if they are talking to each other through a "man-in-the-middle" -- however this doesn't seem like an insolvable problem. Particularly it seems solvable for a predefined set of users. If I want to establish a secure link to my webpage all I need to do is eliminate the step where the public keys are exchanged in plain-text and potentially stolen by a "man-in-the-middle." It's my webpage and I'm uploading all kinds of inaccessible code. I can include the table of public keys for the admins or periodically refresh a table of one-use-only discardable passwords. Also what if there was a public server that did have an SSL certificate. That server could then reliably distribute the public keys for other non-SSL websites. A user could then obtain the public key for a particular non-SSL website and encrypt his own public key with the website key and then send it to the desired website. Only the legitimate website could decrypt the key and respond.

Interesting. I was unaware that W3Schools had produced any books. They seem to be rather lacking. http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Dstripbooks&field-keywords=w3schools

I admit I have not used Flash Actionscript either. I don't like the fact that it is just an Adobe thing. Java is at least open source. EDIT -- How many other technologies fall into this category? Java applets, Flash Actionscript, Microsoft Silverlight?

I'm not sure I understand what you are doing. Is the form read and then applied to a SQL search? I guess you could do a split() on the city field and then see if the last "word" in that string matches any legal state abbreviation (switch/case statement).

I've written some Java desktop code and some server-side code -- but I've never written any of this "applet" stuff that I guess gets downloaded like Javascript and then executed? How does that work? Anyone here familiar with the use, pros, cons, advantages, or limitations of applets? Thanks. Edit -- I'm now reading this: http://docs.oracle.com/javase/tutorial/deployment/applet/index.html

Well, let's say I have a login form and yet I don't have SSL and I don't want the username and password to cross the internet in plain text. That is a good example of the situation under consideration. Because SSL adds cost I think a very worthy project would be a browser plug-in that would provide some alternative to plain-text transfers for non-SSL websites. Another possibility would be to put the secure code in a Java Applet.

I guess the topic is really low cost security. The article at the link is complaining about the idea of using Javascript to provide an additional layer of security without actually using SSL. To me that is a complaint worthy of consideration -- but I would still like to have a layer of security that does not depend on SSL. I don't think that anything that isn't SSL should be clear text. To me that is absolutely silly. So the question is -- what reasonable non-SSL approaches can be used?

Yes, although it might just be used by admins or just by me. The goal is to avoid passing this code across the internet where it might be seen by outside observers. The approved users would have little motivation to break the code since they have it, and properly obfuscated it would be unpleasant to untangle.

There is an argument against using Javascript for anything related to security, but that would not be an issue if the JS could be executed locally like a plug-in. http://www.matasano.com/articles/javascript-cryptography/

What if I wanted to go to my webpage and execute a JS file that resides not on the webpage but on my own pc? Is there any way to do that? Sort of like executing a browser plug-in.

Oh, is this the JSON format? I never got around to that.

Oh. So where do you learn this? I don't see it here... https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/Object

I am only familiar with the colon being used for CSS such as...a:hover { background-color: white;} The usage in the above snipped JQuery code seems to define aliases? I don't see that described here... https://developer.mo...cript/Reference