The very talented Kathy Kelly from Katabatic Illustration & Design, Sibagraphic’s print graphics associate, has produced some fantastic brochures and flyers for Twin Waters Golf Club. Kathy has a stellar career creating graphics for Australian and international companies.
With a fresh, innovative eye Kathy can offer a bundle of great ideas for effective print business promotions.
During our holiday break in Stanthorpe, I took a couple of photos which have been turned into new desktop wallpaper - a view from the top of Bald Rock at the Bald Rock National Park, Ballandean from the scenic Sundown Road and some climbing tea roses from ‘Jireh’, the bed and breakfast at which we stayed.
Enjoy!
The font size checker suite is now complete, with a percentage vs. points font size checker added in addition to the percentage vs. pixels font size checker and pixels vs. points font size checker.
These tools are useful for calculating comparative font sizes when designing web pages.
dbPoweramp converts just about anything to anything:
http://www.dbpoweramp.com/dmc.htm
with codecs from:
Equivalent fonts:
http://nwalsh.com/comp.fonts/FAQ/cf_33.htm
Fonts that work together:
http://www.will-harris.com/fontpair-a-c.htm
Commonly used fonts:
Place this code in a .js file and link it in the head of your document:
function FlashInstalled()
{
result = false;
if (navigator.mimeTypes && navigator.mimeTypes[”application/x-shockwave-flash”])
{
result = navigator.mimeTypes[”application/x-shockwave-flash”].enabledPlugin;
}
else if (document.all && (navigator.appVersion.indexOf(”Mac”)==-1))
{
eval (’try {var xObj = new ActiveXObject(”ShockwaveFlash.ShockwaveFlash”);if (xObj) result = true; xObj = null; } catch (e) {}’);
}
return result;
}
function FlashWrite(url,width,height)
{
document.write(’<OBJECT classid=”clsid:D27CDB6E-AE6D-11cf-96B8-444553540000″‘);
document.write(’ codebase=”http://active.macromedia.com/flash4/cabs/swflash.cab#version=4,0,0,0″ ‘);
document.write(’ WIDTH=’ + width + ‘ HEIGHT=’ + height + ‘>’);
document.write(’ <PARAM NAME=movie VALUE=”‘ + url + ‘”> <PARAM NAME=loop VALUE=false> <PARAM NAME=quality VALUE=best> <PARAM NAME=scale value=exactfit> <PARAM NAME=bgcolor VALUE=#CCFFFF> <PARAM NAME=menu value=false> ‘);
document.write(’ <EMBED xsrc=”‘ + url + ‘” quality=best bgcolor=#CCFFFF loop=false scale=exactfit menu=false ‘);
document.write(’ swLiveConnect=FALSE WIDTH=’ + width + ‘ HEIGHT=’ + height);
document.write(’ TYPE=”application/x-shockwave-flash” PLUGINSPAGE=”http://www.macromedia.com/shockwave/download/index.cgi?
P1_Prod_Version=ShockwaveFlash”>’);
document.write(’ </EMBED></OBJECT>’);
}
You can call the above code flash.js file and link it in the head of your document like this:
<script language="JavaScript1.2" xsrc="flash.js" mce_src="flash.js" type="text/javascript"></script>
Then where you want your flash file to appear, place this code:
<script Language = "JavaScript" type="text/javascript">
if (FlashInstalled())
{
FlashWrite(’images/flash/yourflashfile.swf’,468,240);
}
else
{
var url = “linkyourflatimagetosomefile.php”
var image = “<img alt=’Name of your flat image’ xsrc=’images/flash/yourstillimage.jpg’ height=240 width=468 border=0>”
document.write(image.link(url));}</script>
<noscript><a xhref=’linkyourflatimagetosomefile.php’><img alt=’Name of your flat image’ xsrc=’images/flash/yourstillimage.jpg’ height=240 width=468 border=0></a>
</noscript>
If the browser doesn’t have flash installed or doesn’t have java turned on, they will see yourstillimage.jpg instead of the flash file. Change the file width and height to match your .swf and image files.
How to stop people stealing your images/bandwidth remotely:
(1) Make an image called dontsteal.gif and place it in a directory below the directory in which you are going to put the .htaccess file.
(2) Open notepad and copy this code … no hard carriage returns between lines.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://whateverdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.whateverdomain.com/.*$ [NC]
RewriteRule .*\.(gif|GIF|jpg|JPG|zip|ZIP|png|PNG|swf|SWF)$ http://www.whateverdomain.com/dontsteal.gif [R,L]
(3) Change whateverdomain.com to whatever your domain is called.
(4) This code works with apache servers with mod_rewrite.
Here’s how to use an image and a .js script to disguise your email address from spam bot email collectors. This method splits the email address server side.
(1) Make an image of the email address you wish to use in .jpg, .gif or .png form.
(2) Creat a .js script as follows*:
var sb_domain = "yourdomain.com"
var sb_user = “whatever”
var sb_recipient = sb_user + “@” + sb_domain
var image = “<img alt=’Contact Me’ xsrc=’images/e.png’ height=’11′ width=’166′ style=’margin-top:2px;border:0′ />”
var sb_url = “mailto:” + sb_recipient
document.write(image.link(sb_url));
If you want to include a subject, use this code:
var sb_domain = "yourdomain.com"
var sb_user = “whatever”
var subject = “Whatever you like”
var sb_recipient = sb_user + “@” + sb_domain
var image = “<img alt=’Contact Me’ xsrc=’images/e.png’ height=’13′ width=’187′ style=’vertical-align:bottom;border:0′ />”
var sb_url = “mailto:” + sb_recipient + “?subject=” + escape(subject)
document.write(image.link(sb_url));
* The ‘/’ at the end of the image is for XHTML - if you are using HTML doctypes, leave it out.
(3) Save the file as whateveryoulike.js in your js includes directory or wherever you wish.
(4) Link to your .js script in the body of the page where you want it to appear as follows:
<script language="JavaScript" xsrc="directorywhereyousavedthescript/whateveryoulike.js" mce_src="directorywhereyousavedthescript/whateveryoulike.js" type="text/javascript"></script><noscript>Email Me</noscript>
Good luck in thwarting spammers!
Some ideas to tighten up form script security … more specifically to counter form spoofing and cross browser attacks.
(1) Check for extra _POST variables, and disallow any _GET variables.
{
$limit_post=count($_POST);
$limit_get=count($_GET);
if ($limit_post>8||$limit_get>0)
{
include (”formhead.php”);
echo “Submission failed.”;
include (”form2.php”);
exit;
}
}
(2) Prevent the exceeding of maximum field length from the server side in the script - setting form field maximum length inputs is not sufficient.
{
$length = strlen($_POST[’Name’] || $_POST[’Email’] || $_POST[’Address’] || etc);
if($length>30)
{
include (”formhead.php”);
echo “Too many characters.”;
include (”form2.php”);
exit;
}
}
(3) Check for legal use of characters (white list approach).
{
if (eregi(”[^-a-z]+$”, $_POST[’Name’]) || eregi(”[^-/\.a-z0-9]+$”, $_POST[’Address’]) || eregi(”[^-a-z]+$”, $_POST[’City’]) etc)
{
include (”formhead.php”);
echo “Invalid characters.”;
include (”form2.php”);
exit;
}
}
(4) Check for well-formed email address.
{
if (!eregi(”^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*$”, $_POST[’Email’]))
{
include (”formhead.php”);
echo “Please enter a valid email.”;
$_POST[’Email’]=”";
include (”form2.php”);
exit;
}
}
(5) Use quotemeta to filter output (note that quotemeta doesn’t filter the pipe character - hence the productiveness of using the previous eregi function).
(6) Use the Session token method described at http://shiflett.org/archive/96 to further prevent XSS attacks.
eg.
In the document head:
<?php $token = md5(uniqid(rand(), true));
$_SESSION[’token’] = $token; ?>
In the form:
<input type="hidden" name="sekret" value="<?php echo $token; ?>" />
In the script:
{
if ($_SESSION[’token’] != $_POST[’token’])
{
echo “Invalid submission.”;
//go to error page
exit;
}
}
References:
http://phpsec.org/projects/guide/2.html
http://www.devshed.com/c/a/PHP/Reconsidering-PHP-variables/
http://au.php.net/manual/en/function.quotemeta.php
http://shiflett.org/
Spammers, the dregs of the internet, are now using automated bots to explore form security.
The bot completes the form to test for possible usage as a spam relay, attempting to inject extra headers which, if successful, will send the response to the bot owner.
To counter their tactics, fields like the mailto, from and subject fields can be checked server side (all user input should be checked server side).
eg.
mailto:
$to=$mailTo;
if ($to !== “youraddy@yourdomain.com”)
{
die(”Getawoollyoneupyah, spammer!”);
}
from and subject fields:
if ((preg_match(' /[\r\n,;\'"]/ ', $_POST['Email'])) || (preg_match(' /[\r\n,;\'"]/ ', $mailSubject)))
{
die(”Go away, spammer!”);
}
Then, to prevent the bot filling in the form at all, the contact name field for example, can be checked as the bot attempts to fill in all fields with an email address.
elseif (eregi("[^-a-z ]", $_POST[Name]))
{
echo “Characters in name field are invalid.”;
$_POST[Name] =”";
}
More information about the relevant email injection exploit can be found here:
http://computerbookshelf.com/email_injection/
http://securephp.damonkohler.com/index.php/Email_Injection
There’s a form testing script linked here as well as an explanation re asp scripts:
http://www.twologs.com/en/services/test/spamrelay.asp
and a script to ban known spam bots here:
During the holidays, I have had time to collect some of my art work and digital experiments of 2005 and put them up on the Sibagraphics Art Gallery.
Some of the digital art is inspired by natural features and plants growing in the gardens here and others are purely imaginative.
There are also some e-cards for you to send to your friends on various occasions. Enjoy!
Some more new wallpaper for download - a kookaburra and a magpie, photographed at Lake Baroon near Montville on the Blackall Range, where we were lucky enough to enjoy our Christmas lunch with good friends.
In between margaritas, strawberry champagne, turkey breast, prawns, peach melba and chocolate, we cooled off in the dam.
To celebrate the summer season, new desktop wallpaper of roses and cattleya orchids have been added.
Our garden is an exotic explosion of colour and beauty during summer, with irises flowering first, followed by roses and finally the orchids reveal themselves for their yearly display.
Two of the featured roses however are from a friend’s garden - they are classical old english roses.
For efficient internet telephony, all that is needed is the free program from http://www.skype.com, either a mike and speakers or preferably a headset mike, available from your nearest electronics store. Plug in the headset mike to one of the speaker outs and the mike out with similar colours connecting and you’re set.
Search for friends, and add me too 
For my birthday, Miyuki and Aki from Ninderry Manor Luxury Bed and Breakfast Retreat gave me a lovely Phalaenopsis orchid which I quickly photographed to share as desktop wallpaper.
Our new Jessika rose has proved prolific this spring and its sumptious blooms are also available for download.
| Valid XHTML 1.0 / Valid CSS | Copyright | Privacy | Disclaimer Copyright © 1998 - 2008 Sibagraphics |
Page last modified October 11, 2007. |