Posted by Charlie Mon, 10 Mar 2008 20:52:00 GMT
We are happy to announce that we are working with NTEN to support their 2008 conference in New Orleans. We've created an NTEN community, and started a map that shows where attendees are travelling from. If you're going to the conference, make sure to add yourself to the map. Directions can be found at the NTEN blog.
In the coming days, we'll also add maps of conference events and parties, so stay tuned.
Posted by Charlie Sat, 01 Mar 2008 00:08:00 GMT
Taking advantage of the extra leap day this year, we've launched a significant update to the MapBuzz home page. The new home page includes a number of enhancements, including:
Our goal with all of these changes is to give a better overview of what's going on in the MapBuzz community - easier navigation to topics of interest, what maps and features are popular, what new content has been created, etc. Let us know what you think!
Posted by Charlie Sat, 23 Feb 2008 00:44:00 GMT
We are happy to announce a partneship with the Colorado Mountain Club (CMC), the premier hiking club in Colorado. More details can be found in the press release, but the basic idea is to combine CMC's large catalog of hikes with MapBuzz's social mapping features. We'll be running seminars next week at CMC's headquarters in Golden, and look forward to building the best online collection of outdoor trips in Colorado over the coming months.
To get started, you can visit our new, online Colorado Mountain Club community.
Posted by Charlie Thu, 14 Feb 2008 06:44:00 GMT
<p>Its always embarrassing when critical bugs slip through our testing and get deployed to production. Over the weekend we deployed an update the broke our reset password functionality. Thus if you didn't remember your password, then there was no way to get it back. Luckily a couple of users quickly alerted us to the problem.</p>
<p>The reset password functionality is some of the oldest code in the system and has full functional test coverage, but not selenium test coverage. The difference is that functional tests are run from a command line while selenium tests are run from a browser.</p>
<p>So what happened? Of course all of the functional tests passed, otherwise the deployment would have failed. What happened was the tests were wrong. A few weeks ago we made a couple of changes to better protect passwords to prevent them being logged to our bug database. Those changes caused the reset password interface to change slightly, but the old one was left in place by mistake. So the functional tests were exercising the older interface, while clients started using the newer untested interface. And thus the problem slipped through.</p>
<p>Looking back, we made two obvious mistakes. First, the older interface should have been immediately removed. Second, we did not have adequate Selenium test coverage. Both issues are now fixed, so I feel pretty confident that bug won't create back into the system again.</p>
Posted by Charlie Thu, 31 Jan 2008 22:45:00 GMT
One look at the log files of any computer online will quickly show the Internet is a nasty place. People are constantly try to break in - they'll scan your machine to find any holes in your firewall, try to use your email system to send spam to other people, attempt to login thousands of times a day using randomly generated passwords, etc.
Web applications face their own set of problems. A common one is for hackers to try and embed their own JavaScript onto your page. How can that happen? Well anytime you allow users to upload data, by filling out a form for example, instead of entering real data they'll have bots enter carefully crafted data that when redisplayed on a page runs their own code. Thus the first, and most important, security maxim for any web site is to validate absolutely every piece of submitted data. I wrote about how we do it last year.
Over the last few weeks, we've been probed by a bot that likes to add a URL into various form fields. If you follow the URL, it return some text that looks like this:
<?php echo md5("just_a_test");?>
I have to admit I don't get this hack - since it seem impaulsible that a system would go to a random URL, read in its content, and then execute the content on its site. Or maybe this just marks sites that have been hacked?
Update - Seems like there are systems stupid enough to go grab some random content on the Internet. Take a look at the 2nd comment on the discussion about this bot from The DailyWTF (very appropriately named in this case).
Posted by Charlie Tue, 29 Jan 2008 02:31:00 GMT
We use a popular open source program called Trac to manage bugs, feature requests, release schedules, etc. Unfortunately, in recent months our database was getting overwhelmed by spam and cleaning it out was becoming a tedious, daily chore.
I'm glad to report that the problem is fixed - no more wading through cheap drugs, free software and other annoyances to find or update a bug report. What a relief!
If you're interested in all the gory technical details, I wrote them up on my personal blog.
Posted by Charlie Mon, 28 Jan 2008 09:28:00 GMT
As I've blogged about before, we've had trouble getting Safari to work with MapBuzz due to bugs in Safari. When setting up a test case to submit a bug, I read someone's passing comment that Safari 3.0.5 is available through Apple's developer network. Curious, I logged in and downloaded it. And lo and behold - the bug was fixed! Which means that next generally available Safari release will work perfectly with MapBuzz. Finally!
Posted by Charlie Fri, 25 Jan 2008 00:19:00 GMT
We've been able to import data, such as GPS tracks and ESRI shapefiles, into MapBuzz for quite some time now. And we provide access to our content via Atom feeds. But some of our users have asked us to support exporting our content to good old-fashioned shape files. Always wanting to please, we are happy to announce that we now support exporting data to shape files.
To see it in action let's export the Lunch Near CU map. If you follow the link to the map you'll see an Export button. When you click it, you'll download a Zip archive that contains a shape file for each type of geometry shown on the map (in this case points and lines).
You can use almost any GIS product to view the files. Free options include:
Here is a screenshot from uDig:
Its not very pretty without the base map or any stylinging information, is it?
Posted by Charlie Wed, 23 Jan 2008 19:41:00 GMT
While at Smallworld, a lesson drilled into my head time and time again was the importance of printing. By far the most common use case - someone logs into an online mapping system, zooms to address, turns on the features they want to see, and creates a printout. Its nice to dream that the web will change this, perhaps once we all have Blackberries and iPhones in our pockets, but today is not that day.
Unfortunately, browsers have a reputation of being lousy at printing, partly due to their poor typography support, differences between print preview and the actual printed pages and of course random differences between browsers.
On the bright side, browser support printing-specific CSS stylesheets, which is an amazingly powerful feature. With a lot of patience, experimentation and perservence, its actually possible to make a good looking printout from a browser. To see what I mean, take a look:
http://www.mapbuzz.com/map/print/1686
Not bad, is it? In fact, we are quite proud of our accomplishment 
Posted by Charlie Mon, 14 Jan 2008 18:48:00 GMT
Last summer, we talked about our difficulties in supporting Safari 3. At the time, Safari's SVG support was fairly buggy. It didn't correctly recognize mouseover events on features when a map was offset from the top left corner of the page. It also would "lose" features as you dragged a map - they flash in and out of existence.
The good news is that both these issues are fixed in Safari 3.0.4. The bad news is there is one major flaw left - if you drag a map you'll see that once you are finished the features snap back to their original location. The reason for this is that Safari is not correctly updating the SVG transform that we use. It is possible to work around it, but it equires having a separate code base for Safari verus Firefox and Opera. However, Safari's market share is now large enough that its worth doing. And of course we'll submit a bug to the WebKit project to let them know about the problem.
