Adding a shortcut to a favorite site on an iPhone (or iPod Touch) is as easy as tapping the “+” sign at the bottom of the Safari browser on the phone and selecting “Add to Homepage” - but the icon is not so appealing. In fact, the iPhone defaults to a tiny, cropped screenshot of the site unless it finds a 57×57 pixel png file in the site root. This is similar to the concept of the favicon.ico for web browsers. The file needs to be named apple-touch-icon.png.

The iPhone (or iPod Touch) will round the corners and overlay the glass look to make it blend in to the overall look and feel of the “Springboard” (their name for the desktop on these devices.)

Mine looks like this (before the modifications which take place on the device itself):

And this is what it looks like on the iPhone:

While trying to work through the issues I mentioned in the last post I started doing some serious digging and testing. Here is what I have found.

PHP seems to use == for determining equivalance when performing array_search, in_array and switch, while using either === or strcmp when doing array_key_exists.

The result of this is that array_search and in_array will return improper results when used on an array with mixed string and integer values. (Another thing I found, that may or may not be related, is that array keys will be cast from strings to integers when those strings are valid integer values.)

array_search() with mixed types

$one = array (
  'abc',
  'abc1',
  111,
  '111b',
  2,
  '2xyz',
  '123a',
  123
);
$two = $one;
for ($i = 0; $i < count($one); $i++) {
  $xkey = array_search($one[$i], $two);
  if(strcmp(strval($one[$i]), strval($two[$xkey])) != 0) {
    // This should NEVER be reached, but it is, often!
    $eq = 'FALSE';
  } else {
    $eq = 'true';
  }
}

array_search() with all strings

$one = array (
  'abc',
  'abc1',
  '111',
  '111b',
  '2',
  '2xyz',
  '123a',
  '123'
);
$two = $one;
for ($i = 0; $i < count($one); $i++) {
  $xkey = array_search($one[$i], $two);
  if(strcmp(strval($one[$i]), strval($two[$xkey])) != 0) {
    // This should NEVER be reached, and with all strings it isn't.
    $eq = 'FALSE';
  } else {
    $eq = 'true';
  }
}

in_array() and array_key_exists()

$array = array('111'=>'111', '11b'=>'11b', '222b'=>'222b','2x22'=>'2x22');
$keys = array_keys($array);
$searches = array('111b',222,11,'222b',2);
foreach ($searches as $search) {
  $ia = (in_array($search, $array))?'true':'false';
  $ake = (array_key_exists($search, $array))?'true':'false';
  if ($search === '222b') {
    // This is the only place where either should return true
    $iaf = ($ia == 'true')?" class=\"$true\"":" class=\"$false\"";
    $akef = ($ake == 'true')?" class=\"$true\"":" class=\"$false\"";
    $notes = "** Both should be true **";
  } else {
    $iaf = ($ia == 'false')?" class=\"$true\"":" class=\"$false\"";
    $akef = ($ake == 'false')?" class=\"$true\"":" class=\"$false\"";
    $notes = "Both should be false";
  }
}

Notice how the array keys are cast to type int in both the original array and in array_keys.

array(4) {
  [111]=>
  string(3) "111"
  ["11b"]=>
  string(3) "11b"
  ["222b"]=>
  string(4) "222b"
  ["2x22"]=>
  string(4) "2x22"
}

array(4) {
  [0]=>
  int(111)
  [1]=>
  string(3) "11b"
  [2]=>
  string(4) "222b"
  [3]=>
  string(4) "2x22"
}

So, it appears that array_key_exists() uses either or === strcmp() while in_array() uses ==

NOTE: Calling array_key_exists() with a string value ‘111′ will return true for an item with a key of int 111. This is not the same behavior as ===, but is the same behavior as strcmp() which must be what is used internally for array_key_exists().

The difference between the 3 operations is clear:

Another area where this becomes an issue is in switch statements. Take the following, for example:

switch()

$array = array(111,'222b');
foreach($array as $val)
{
  $row = ($row == 'row')?'offset_row':'row';
  $false = ($false == 'false')?'offset_false':'false';
  $true = ($true == 'true')?'offset_true':'true';
  switch($val)
  {
    case '111b': // this displays
      $match = '111b';
      $f = " class=\"$false\"";
      $notes = "Incorrect: should have fallen through to next case";
      break;
    case 111: // never makes it here even tho this is correct
      $match = 111;
      $f = " class=\"$true\"";
      $notes = "** Correct **";
      break;
    case 222: // this displays
      $match = 222;
      $f = " class=\"$false\"";
      $notes = "Incorrect: should have fallen through to next case";
      break;
    case '222b': // never makes it here even tho this is correct
      $match = '222b';
      $f = " class=\"$true\"";
      $notes = "** Correct **";
      break;
    default:
      $match = 'no match';
      $f = " class=\"$false\"";
      $notes = "Incorrect: should have matched";
      break;
  }
}

There is an error in the values that array_search returns when searching on an array that has a mix of numeric values (123) and alpha-numeric mixed strings that start with the same and follow with alpha characters (’123a’).

The results are actually kind of bizarre, but explainable by a bug in PHP’s equivalence test. When testing for equivalence (using ==) PHP determines that 123 == ‘123xyz’. PHP casts the string to an integer when doing the comparison (so ‘123xyz’ becomes 123). This is documented in bugs.php.net (http://bugs.php.net/bug.php?id=23110) - but this leads to problems: both switch and array_search use == for comparison.

So, using:

$one = array (
  'abc',
  'abc1',
  111,
  '111b',
  2,
  '2xyz',
  '123a',
  123
);
$two = $one;

foreach($one as $val)
{
  $key = array_search($val, $two);
  if ($key !== false) {
    echo "$val == {$two[$key]} \n";
    if (strcmp(strval($val), strval($two[$key])) == 0) {
      echo "strcmp returns true";
    } else {
      echo "strcmp returns false";
    }
  } else {
    echo "$val not found \n";
  }
}

results in:

abc == abc -- strcmp returns true
abc1 == abc1 -- strcmp returns true
111 == 111 -- strcmp returns true
111b == 111 -- strcmp returns false
2 == 2 -- strcmp returns true
2xyz == 2 -- strcmp returns false
123a == 123a -- strcmp returns true
123 == 123a -- strcmp returns false

This becomes a real problem when you can’t be sure that the values in an array are all of the same type. However, if you are sure that all the values in the array are of type string then array_search works flawlessly.

I am still unsure how to work around this, however, I think having a version of array_search that doesn’t do an implicit cast on the search value would be of great use.

While dangling pointers are a common coding error (especially in C++) there has previously been no way known to exploit them. In fact, they were generally considered a quality control issue rather than a security issue. That is all set to change. According to an article today from SearchSecurity Jonathan Afek and Adi Sharabani of Watchfire Inc have uncovered a way to exploit generic dangling pointers to run shell code on a server in much the same fashion as buffer overflows. According to Danny Allen (also of Watchfire) this technique can be used on any application with dangling pointers.

Afek will be giving a presentation on the technique in August at the Black Hat Briefings in Las Vegas.

Technorati Tags: security, dangling pointers

Sun is proposing an alternative to AJAX, called Project Flair, which is set for early release later this year. In an InfoWorld article, Sun engineer and principal investor Dan Ingalls describes it as being more like the old style of of desktop application programming (using a JavaScript programming kernel) that adds collaboration and web access.

How this actually ends up performing is anyone’s guess, but I’ll be keeping an eye out for it.

Technorati Tags: Project Flair, Sun, AJAX

George Papadopoulos has released BitFast - a linked list sorting algorithm with examples written in C and C++. He claims sort performance 10 times faster than the MergeSort Algorithm. (But where is the Big O notation?)

You can see the project site, which has a download link for the C and C++ source code. The explanation is fairly clear, although it seems a little sparse to me. The source code lacks in comments, and has been written as proof of concept only, but it will provide the experienced C or C++ developer with a better understanding of what he is doing.

Mostly, it looks like he is applying the Radix Sort Algorithm to linked lists of integers or floats. This does nothing for strings, and the proof-of-concept code is only set up to handle 32 bit number values only. Perhaps the only difference between Radix and BitFast, is that Papadopoulos claims that BitFast is an in-place algorithm and an online algorithm.

Technorati Tags: BitFast, algorithm, George Papadopoulos

Rosetta Code has put out a call for editors. The idea is ingenious in its simplicity: a Wiki that shows how to do the same tasks in a wide variety of languages. For anyone who learns best by example this is a no-brainer.

Stop by, create an account and help out!

Technorati Tags: Rosetta Code

A conversation with a coworker the other day got me thinking about ways to make our “noodling” a reality. We were trying to come up with a way to generate random music (defined by octave, step, and duration), while maintaining harmonic relevance. (In other words, we want to create music, not noise.)

We decided we should start with the following propositions:

• limiting the tones to a pentatonic scale
• limiting the octave range to that audible to humans
• limiting the duration of tones to a maximum of one or two whole notes

Beyond that, the discussion turned to how to generate the random values. Since I have been reading about the history of Nonlinear Dynamics (chaos) lately, my first thought was, of course, to generate the values for octave, step and duration by using a set of non-linear equations. So, of course, the first choice would have to be the Lorenz “butterfly” equations .

So, the plan is to calculate the values, convert them to MIDI values and write them out to a file using Python. Since the outcome of the equations relies on the starting conditions (Sensitive Dependence on Initial Conditions - also called the “Butterfly Effect” ) we thought that we could use starting values such as the current Temperature, Barometric Pressure and Humidity, or perhaps Date, Time and processs number, or counting Buicks, Chevys and Fords in the parking lot. Pretty much any 3 starting numbers.

Scott Sehlhorst (developer.*)has written a concise article on how to do smart software testing. While I have worked with non-technical people who wanted “full-coverage” testing of all builds, and have also worked with non-technical people who wanted to skip testing and just go live and “fix it in the field,” I have not previously had the numbers to say “yes, this has been tested and we are 99% confident that the application is 99% bug free.” Without having the numbers and formulae at hand the best I could previously say was “I am pretty confident that it is mostly bug-free.” Well, I know that the 99/99 numbers sound a lot more confident than that, and I am less likely to spend a week running tests to get as close to full coverage as possible now that I have this bit in my tool-belt.

I have a minor (or possibly major) problem with my favorite Java IDE, NetBeans. It seems that even though version 5.5 Q-build has been promoted to Build 1, I still have issues with using version 4.

I was much more comfortable with the workings of version 3 and earlier, where setting up projects and working within projects seemed much simpler. I still find myself frustrated with version 4 and the need to explicitly import the libraries I routinely use. With version 3 and earlier I imported those libraries generically for all projects. I still haven’t figured out how to do that in version 4 or 5. So now that the world is moving on what am I to do? I guess I will just have to upgrade and bite the bullet.