Kirby CMS & Plugins

For many years I’ve been playing around with various PHP-based content management systems (CMS). From self-made to well-known ones like Drupal, I’ve seen quite a range and yet they all never really could provide enough flexibility for the developer and easy of use for the website maintainer at the same time. I don’t want to go into much details here, but the goal should simply be, that as a developer you want to create a site and as a website maintainer you want to edit all parts of the websites without developer involvement. Getting to that goal while not having to invest huge amounts of time into learning all ins and outs of a CMS is hard to reach.

Continue Reading “Kirby CMS & Plugins”

When VLC Doesn’t Update Anymore

Most of us probably ran into a bug in some application at one point. Sometimes it’s not very obvious, e.g. a random crash, while other times you may know that, if you for example perform certain five steps it will crash. But what do you do when you find an issue? Do you just avoid the crashing steps? Do you restart the app and keep working? Or do you put in some time and try and report the issue to the developer?

As a developer myself, detailed bug reports and active involvement in the bug report have been among the most valuable things in fixing bugs. As such, I can only highly recommend to send in bug reports whenever possible! Here is just some bug hunting story from last weeks.

Last week I opened the great video player VLC to playback some Opus audio file. Shortly after opening the application, it reported that there was a software update. I vaguely remembered that it already previously mentioned that, so I was a bit confused why I didn’t update then. Of course I accepted to download the new version and after 22% through the download process, VLC simply crashed. Aha! That’s why I didn’t update VLC last time. And indeed whenever you try to update VLC it would simply crash.

VLC Crash

I remembered back when ShareX didn’t update when you clicked on the auto-update message and also remembered that they put up a notice on their website to manually update it. Certainly a broken update function in a quite popular media player would have been reported by now and thus I checked the website. To my surprise however there was no notice and searching a bit further I couldn’t find a report either. So I took things to the VideoLAN IRC channel and quickly found some active user.

After some digging we found the debug nightly builds. With that in hand, I thought it would be very easy to get a stack trace of the crash, but because this was a nightly build, the update feature points to a test server and while it actually triggered an update to be run, the build to update to wasn’t available anymore and thus nothing happened.

My next idea was to simply spoof the update server and change the update information. Having Python installed on my system I could just run python -m http.server 80 and it would launch a web server that served the files in the working directory. Then I added the update server to my hosts file, placed the update text file in the web server’s directory and … VLC’s update feature now simply threw an error. Luckily the debug build also output a lot of useful information in the console, so I saw that the update tests a signature file. This security feature prevents exactly this kind of “attack” where the DNS is spoofed and the fake server serves a malicious update. Having a file with a PGP signature ensures that only the ones with the private key can provide binaries with matching signatures.

So the new plan was to simply take the update file for the latest release version and its signature file. Finally, VLC crashed and I could get the stack trace. With an impressive list of 1637 entries, it became clear that the crash must be some sort of infinite recursion, which fills up the stack and finally leads to the crash. Since the problem seems to occur around lots of Qt functions, it may end up being less of an VLC issue and more one of Qt. A report was filed and now the waiting game beings.

Critique

In my books having a broken update function seems quite critical, as your users won’t get any security updates anymore, but need to go to the website and manually update VLC and many will probably just disable auto-update to not receive that message anymore. As such the reaction so far have been too low for my liking and I’m surprised that nobody else has experienced this issue. Then again VLC is an open source software maintained by developers in their free time, so it’s not a surprise that things take a bit longer.

The fact that the update feature doesn’t work due to outdated files in the nightly/development builds is a bit concerning. If it can’t be tested easily, then it simply won’t be tested at all and bugs like the one mentioned won’t be found during development.

VLC’s automatic reporting system doesn’t work (anymore). The FTP server the reports gets send to, doesn’t seem to exist anymore. In the consumer market direct reports to the team like mine are quite rare, so an automatic crash report system should work, so you actually see in case VLC suddenly keeps crashing all around the world.

Summary

As a software user, report bugs whenever you can and include as much information as possible!

As a software developer, make sure your features can be tested and that debug builds/symbols are available to get more detailed information.

I wanted to write some more on how to report bugs, but this post has already turned into a longer one, so I’ll reserve that for a dedicated entry.

What I’ve been up to

Where are the SFML News? Where are the Nightlybuilds? Where is eXpl0it3r? Those or other question might some have asked themselves or even me. Of course all the awesome people at the SFML IRC channel know that I never left. There have been quite a few changes in my personal life as well as in my “digital” one. After failing the base exam for computer science at the well-known ETH Zürich, I’m currently aiming for a more practical university, but to get in, I’m doing an internship at the moment. Luckily I’m able to do the internship for a company as a programmer, unfortunately it’s web development thus no C++. With that change my focus in programming shifted slightly away from SFML and C++ itself and I started to dig deeper into the world of PHP. Yes, I can hear all you all scream back there, but I’ve never been an anti-PHP guy and while I see the flaws, it’s still a simple and effective language to work with. I won’t go further into detail what I’m currently working on for my internship, but many things that do there, start to bubble up in other web projects that finally get some more attention (again).

SFML Projects

Some might know that there has already been attempts on this in the past and as a fact, the domain itself has been registered over a year now. I’m talking about this domain: http://sfmlprojects.org/
Currently there’s not much to see, but I’ve decided to go the open source way and not try to hide as much as possible. I’ve already gotten a bit of help by zsbzsb and a few pointers by veltas, other than that the project is still in my hands. The only thing I can do, is to encourage people to look at the current development state and open tickets as well as creating pull requests on the official GitHub repository.

For those that still haven’t look at it: The main idea behind it came from the fact, that there are so many nice projects that simply die in the depth of the SFML forum project section and if that happens, chances are high that the linked binaries will sooner or later get lost as well. To prevent all of this, SFML Projects should enable users to create projects and add various types of content that won’t get taken down after a few days. Next to that the site will automatically promote SFML itself, by showcasing what people have created already with it.

It is and will the longer the more be an interesting journey, thus if you like to help in anyway, don’t hesitate to contact me or tweet us @SFMLProjects.

Kohana & Modules

For the things at work and for SFML Projects, I’m currently using the very light PHP framework called Kohana. Coming from some rather basic PHP background, all this new stuff was and still is slightly overwhelming, but it’s slowly starting to grow on me. Kohana if I remember correctly was originally a clone or rewrite of CodeIgniter and when looking at the basics, the similarities reveal themselves rather quickly.

While starting a few times over with the whole project, I noticed, that it would be easier to create a repository with all the “normal” and boring setup things included and thus KOstart was born. KOstart is basically Kohana with only the needed and additional modules and already includes Bootstrap.

Since the latest Kohana version lacks a non-ORM auth driver, I’ve started to write one and create a module repository just today, which you can find on my GitHub page as well. It currently misses role management, but that should get added pretty soon.

Firefall & RAWR

Quite a big chunk of my free-time, I’ve spent with an MMO FPS called Firefall, which is currently still in its Beta phase. The game is awesome and pulls you in quickly, unfortunately recent changes to the basic systems in combination with the lack of new content, made it a bit less fun for me.

After some ups and downs I’ve been “elected” as the commander of the RAWR army, for which I’ve been creating and maintaining the Live Resource Feed. For RAWR I’m currently also working on a fresh website, but it’s based on Drupal for simplicity reasons. Things are still in development and I feel a bit bad to not having worked on for a while now.

Firefall is not only fun, because of the game content, but because their whole UI is written in Lua and thus moddable. Thus I ended up combining the game with my C++ knowledge and we ended up with SecondaryMap, which as its name says, is a map for your secondary monitor, so you can keep track of your own position and the position of events around you. It’s pretty awesome that this small application uses SFML, Thor and SFNUL – all very nice projects.

SFML Game Jam 2

Before I close this blog post, I just want to mention that the second SFML Game Jam has been held a few weeks ago and as last time, we’ve gotten quite a few awesome games. Originally Jebbs wanted to create a website, but then he had some time issues and zsbzsb took over that burden and create this awesome little site where you can also find all the games of the jam.

Also don’t forget to checkout the game A Temporary Outbreak Nexus and I did for the jam, while both being on quite some time constraint.

Final Thoughts

With that said, I hope to be post a bit more here once again, but if you want to stay updated more often, you might want to follow my Twitter account @DarkCisum. Ever since Grimshaw created that one forum thread, Twitter started to be a very interesting place for getting information. I hope to get some more time at some point for all the nice things like SFML News, but currently I’m just too busy with all my other projects. However as always, don’t hesitate to contact me if you have any questions.