CGI Trailing Path Information

Another one I couldn’t search up information on, so putting it here for posterity.

I was playing with an elderly blogging platform called Blosxom. It’s really simple to use, although that, combined with its age, means it’s not up to the current status quo. Regardless, I found it fun to play with. Plus, it’s written in Perl, and everything else is PHP these days, so it was a nice novelty.

Now, one of the things it expects (as does the rest of the internet, apparently), is that the CGI file may be treated as an application, folder, or directory on the web. Like this:

Now, the script itself is the cgi file, a file called blosxom.cgi in the root of my server. As you can see, it looks like a directory in that location, and according to the Internet, that feature should work, passing any “trailing pathname information” (as Apache calls it) to the script via the PATH_INFO environment variable.

Apache didn’t think so.

Now, attempts to google for “apache trailing slashes” or “apache cgi trailing slashes” or anything like that ended up fruitless. It shames me to say I spent over an hour investigating things like ExecCGI, mod-rewrite stuff, and all manner of other things to try to find out why that feature wasn’t working for me.

Eventually, I did what I probably should’ve done an hour before, and looked at the server error logs. Yes, they existed and were visible. I didn’t think that particular host would let me see them — it’s a free host — but I was wrong, and they surprised me yet again.

So, here’s the key: the host had switched off the AcceptPathInfo directive. Ordinarily, that’s left to the handler concerned (CGI, PHP etc.) to decide, which explains the ubiquity of the “on” setting, and the lack of anyone complaining when it’s switched off in various places I looked.

So there you have it, folks. If your CGI scripts don’t work when you have trailing slashes or trailing path info after the script’s name, don’t get lost in RewriteRules – have a look for AcceptPathInfo.

SIPDroid Locking up Audio

When running SIPDroid on my XPeria X10 (although I’ve heard of other Android phones doing the same), it appears to make one call, then after hanging up, it, well, doesn’t hang up. In short, SIPDroid seems to lock the call in place, where it continues even though it’s ended.

Not only that, but the rest of the audio on the phone stops too, until a reboot of the phone.

Here’s how I fixed it:

  • Make a call.
  • Note the codec it uses (shown under the call box). It will be something like “PCMA (64kbit)” or “PCMU (64kbit)” or something else technical looking[1].
  • Assuming the call fails (which is, after all, why you’re here!) go into the settings, choose “Audio Codecs”, and disable the codec you just noted. In my case, I set “PCMU (64kbit)” to “Never”
  • This is the annoying bit. You’ll probably have to reboot the phone if SIPDroid won’t let you make another call.
  • Once you’re back in, make another call, and note the codec. If you’re lucky, you’ll have a successful call, and no lockup. Success!
  • …on the other hand, if you’re like me, you’ll have to repeat this process until it works. For me, I hit GSM before it worked.

Of course, there are other known issues at the moment, including one-way audio, issues with registering with the VOIP server, and so on. I didn’t have these issues, so if you are, you’ll have to look elsewhere I’m afraid!

[1] …where “technical looking” means stuff like G722 HD Voice (64kbit), silk24, silk16, silk8, speex, GSM, BV16, or other supported audio codecs.

(Writing this here because I haven’t seen anything similar after much googling. Hopefully it’ll help someone!)

Programmers or Project Managers?

Some programmers are happy to do as asked, following the spec, and building useful code that does what it’s supposed to do, and no more.

Other programmers are happy to question the spec, to discover business functionality that may not have been known, and to engage more in design.

Sometimes, and ideally, these functions are separated; you have a programmer who solves problems made clear in the spec, and you have a software project manager/domain expert who designs the solution to be implemented by a programmer.

Having said that, it’s not unusual to find the two functions in a single person, particularly a developer with more experience within the problem domain (in fact, it’s hard to find a project manager who’s experienced enough to design a good solution, who isn’t an experienced programmer).

Standard project management technique would suggest you start with the scoping, and the environment (the “why” and the “what”), and only when you get to identifying the work, to get down to the “how”.

Frequently, the guys involved in organising the scope are not the guys doing the actual nitty-gritty work, so by the time they’re involved, the “why” and “what” should ideally have been specced out.

With software development, particularly with iterative methods, the “what” is usually figured out as part of each iteration, which lets the “why” leak in, and should ideally involve lots of two-way communication between the developers and the client.

This isn’t always how it works though. As I said above, it’s an ideal world that can separate the functions, and often a programmer with enough experience to connect business analysis with programming will already be filling that role in any given project.

Inserting a batch of random numbers

Let’s say you want to insert (or, for our example, update) a whole set of random numbers into a table.

You may try this:

UPDATE table SET rnum = RAND()

…only you find, to your amazement, that SQL Server has put the same number into each row.


In SQL Server, when rand() is called multiple times in the same query (e.g. for multiple rows in an update statement), it usually returns the same number.

Two problems:

* Firstly, the rand() function returns a number between 0 and 1.
* Secondly, when rand() is called multiple times in the same query (e.g. for multiple rows in an update statement), it usually returns the same number (which I suspect your algorithm above is trying to solve, by splitting it into multiple calls)

My favourite way around this problem is to use a function that’s guaranteed to return a unique value each time, like NEWID(), convert it to binary, and use it as the seed.

UPDATE table SET rnum = RAND(convert(binary(16),NEWID()))

This works because NEWID() is guaranteed to return a new GUID (a globally unique 16-byte number) each time it’s invoked. We must convert this to binary before using it, as RAND() won’t accept GUIDs as its seed.

So, although RAND() ordinarily gives the same random value for each row in an update, we get over the problem with RAND by giving it a different seed for each row using a function that gives a different result for each row.

MySQL: Mass email change

It’s not unheard of for a company to change e-mail domain in mid-thrust; maybe it’s been bought out, or rebranded, or the parent company has spun it off to its own brand.

Only you’ve got hundreds of employees, each one with their own email address, and your MySQL database is in dire need of updating to reflect this.

To get around this, you’ll need to replace the relevant part of each email string within an update statement, grabbing the hostname substring (after the ‘@’) with a REPLACE, and replacing it.

UPDATE table SET email=REPLACE(email,'', '');

Note: REPLACE() is case-sensitive, so if needs be, you can use LOWER(email) inside the REPLACE function if you need to catch all case possibilities, as below:

UPDATE table SET email=REPLACE(LOWER(email),'', '');

This will also convert all your email addresses to lowercase, so be aware of that.

Accessibility: HTML Keyboard Shortcuts with "accesskey"

Accessibility is a hot topic on the web, and there are many emerging standards to help move in an accessible direction. We have CSS media types, alternative web pages with simpler navigation and high-contrast styling, alt and title tags, and the general move away from mixing style with substance.

Along with all of this, we have the relatively old standard of using the accesskey attribute on invokeable elements such as hyperlinks and form inputs. This allows us to attach a keyboard shortcut to elements in our webpage.

Unfortunately, this isn’t a widely used, or easily implemented standard. Although the accesskey attribute is widely supported, only one commonly-used browser (Opera) at the time of writing provides an easy way for users to see what accesskeys are enabled on a given site, and there is no widely-accepted standard for choosing which accesskeys perform which function.

However, with a little jiggery-pokery we can implement a simple way to show accesskeys on demand:

This link
will bring you to this post’s permalink, and can be actuated with the accesskey “9”; in Firefox, you hold alt-shift and press 9.

The code for the above is pretty simple. First, the button:

The hyperlink itself (abbreviated):

<a href="" title="Link to this post">This link</a>
will bring you...

Finally, the javascript:

function showKeys() {
	if (document.styleSheets) {
		var sheet = document.styleSheets[0];
		var len = sheet.cssRules.length;
                // reformatted to fit
		sheet.insertRule("[accesskey]:after {" +
                        "font-weight: 700; " +
                        "border-bottom: 1px blue dotted; " +
                        "content: '[' attr(accesskey) ']';}" , len);

Clicking on the button calls the “showKeys()” function in the Javascript script block, which adds a style to the current stylesheet. The style automatically styles elements with the “accesskey” attribute, adding the value of that attribute after the element itself.

Put simply, it adds a styled [9] after the hyperlink, because (1) it has the “accesskey” attribute, and secondly, the “9” is the value of that attribute, as calculated by the attr() function.

Note: The above Javascript won’t currently work in Internet Explorer; for that, you’d need Microsoft’s addRule function rather than the standards-compliant insertRule I’ve used.

Feature requests: discuss, implement, or reject/deny?

I work in another publicly accessible community, where bug reports and feature requests are happily solicited from the userbase.

We have thousands of open idea requests (the codebase is nearing 20 years old), and close only a sizeable fraction of those opened regularly.

From our perspective, the idea requests are welcome, but not all of them are actionable; some are brilliant, and are implemented immediately because they work well with our vision; some are entirely incompatible and are closed/denied.

The majority fit in between; they’re ideas that would work with a bit of tweaking, or a bit of thought, but aren’t necessarily on the primary development roadmap, so don’t get our attention immediately. Nor do they warrant closing, because they are relevant, merely not timely or important.

Because our developers have their own ideas, their own neverending todo lists, we treat the open idea pile more as inspiration than as a roadmap. There’s very much a feeling of “we’ll get to it when we’ve run out of other things to do”, but this never happens in practice.

I know it’s a cop-out not to choose one or the other, but I think it’s a normal thing to have to choose between two equally bad things in a public forum like this: either responding to most feature requests with a “denied”, and so risk upsetting the folk who love the community enough to contribute with their own ideas; or leave some of them dangling because they’re not immediately and obviously wrong, but to do something worthwhile with them takes more time and effort than the idea deserves right now.