geeks/nerds

Never trust data, no matter what the source is

xss in the zoen boerland.com
Drupal is becoming increasingly a backend CMS. For editers so they can easy manage their content while for example AngularJSis delivering the content. Or as a backend hup combining content from multiple sources, databases and systems.

Drupal evolved towards this from a blog alike system 10 years ago, a content type with user generated comments below. Back then everybody knew that you should filter User Generated Content and stripe the HTML if you cared about the site. Many other systems up to today however do not filter UGC good enough; user signups, search input and many other ways a user can give input ot the system.

Now Drupal is talking to other systems, combining data from multiple sources, devs still need to understand that one should ***never*** trust input data, no matter if the source is another database or a user.

Because, what could possibly go wrong with just displaying this data directly or injecting it in the database? Why should you "checkplain" the TXT fields in zone of a domain? Why?

Making Film and Art with the Xbox Kinect - An Exist Elsewhere Behind the Scenes Featurette

See how we used the Xbox Kinect, projectors, and other technology to make the music video for Exist Elsewhere's song 'Tokyo.' Also, see how the Kinect and other technology is paving new ways in interactive art and film.

Leap userinterface with Flickr, Minority Report User Interface is here (well sort of :-)

I recently gave a presentation about Natural User Interface and dived again in my old (?) leapmotion.

It can do minority style user interface within a webapp:

Drupal Predictions for 2014

x-posted from d.o:

"4877. That is where the tradition within the Drupal community of making predictions for the year ahead with regards to our software, our community and broader, the web, started. Node 4877, written at the end of the year 2003. We have come a long way since then.

This year we would like to know what you think the year ahead will bring for Drupal and, as a bonus, we would like to know what was the best prediction you found in the past. Where did we shine when it comes to vision or humor.

See older entries from 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 and 2013. Read them.

And now predict for 2014 and reflect the last decade in this thread."

Oh, and happy Bday Drupal :-)


Delcious links from bertboerland in 2013


I have been using delicous (a social bookmark service) since 2005. See http://2013.delicious.com/bertboerland for some great data visualisation on how I used the service this year.

XML feed