Site Notes

New RTH Website

RTH looks mostly the same, but under the covers it's running an entirely new code base. We took advantage of the cutover to add some badly-needed features.

By Ryan McGreal
Published December 14, 2009

Well, it looks like the RTH website cutover was successful! Aside from a few minor hiccups (and thanks to the RTH readers who pointed them out to me), the site seems to be up and running on the new web server.

The site still looks pretty much the same, but it has some new features that I'd like to point out:

Comment Formatting

Registered RTH users can now employ Markdown syntax to format their comments. You can read our Guide to Comment Formatting for more details. (Markdown for RTH is provided by the Python-Markdown2 library.)

Edit/Delete Comments

A common problem in website commenting is to post a comment and then notice that it contains a typo or other error. For a five minute window after posting a comment on RTH, you can now edit or delete it. At the bottom of your comment next to the "Permalink", you will see an "Edit" and a "Delete" link.

Faster Comment Voting

Now, when you vote on a comment the vote is sent to the server and recorded without having to refresh the entire web page. It uses a javascript method called Ajax, provided using the awesome jQuery javascript library.

Note: if you have javascript disabled, comment voting still works the old-fashioned way, with a full page refresh.

Event Notice Formatting

For some time, RTH has allowed registered users to post upcoming events to our event listing. You can now format the event details using the same Markdown syntax as for comments. (See "Comment Formatting", above, for details.)

Edit Posted Events

A glaring omission in RTH event posting has been the inability to edit events after posting them. We've finally fixed this as part of the website cutover. Click on the page for your event, and you will see an "Edit this Event" link at the bottom. Note: you can only edit an event that you posted.

Improved User Login

When you visit the site, the menu under the header includes a username/password form for you to log in, or a Register link if you don't already have a user account. Once you log in, the login form is replaced with a Manage Profile link containing your username.

Note: the first time you visit the site after the cutover, you will likely be prompted to log in again.

From your Profile page, you can still update your user profile as before. The only change is that the change password function is now in a separate form. More on passwords in the next section.

Better Security

Your user account password is now encrypted (with a salted MD4 hash, if you're interested in that sort of thing). If someone manages to hack into the RTH database, it will be difficult to obtain user passwords in plain text.

Why this matters: Passwords are hard to remember, and website users are notorious for using the same password for several different user accounts - including, sometimes, sensitive accounts like webmail and even online banking. The obvious weakness here is that by cracking someone's user account on a 'weak' application, it becomes possible to obtain the same password used on a more important, critical application.

At the same time, the site uses SQLAlchemy to manage data access, so the database is protected against SQL injection attacks (obligatory link), like the attack that recently compromised RockYou.

Finally, user-input forms on the site are protected against cross-site scripting attacks, in which a user to inject arbitrary code (like client-side javascript) into a page to change its behaviour.

Comments Page Options

On the comments page, you can now view the highest voted comments and most commented articles from the past day, past 7 days, past 30 days or overall.

Old URLs Still Work

It's frustrating to re-visit a previously saved link only to see a message reading, "This site was recently redesigned and the link you followed no longer works." With the RTH site redesign, the old legacy URLs (e.g. "index.asp?id=200") should all still work (with an HTTP 301 permanent redirect to the new URL).

If you notice any problems with the new site or think of any other features you'd really like to see included, please feel free either to email me or post an issue on the RTH issue tracker. RTH reader Ryan Danks has kindly posted a guide to bug reporting so you have a better idea of what information to include.

Ryan McGreal, the editor of Raise the Hammer, lives in Hamilton with his family and works as a programmer, writer and consultant. Ryan volunteers with Hamilton Light Rail, a citizen group dedicated to bringing light rail transit to Hamilton. Ryan writes a city affairs column in Hamilton Magazine, and several of his articles have been published in the Hamilton Spectator. He also maintains a personal website, has been known to share passing thoughts on Twitter and Facebook, and posts the occasional cat photo on Instagram.

14 Comments

View Comments: Nested | Flat

Read Comments

[ - ]

By Wiccan (anonymous) | Posted December 14, 2009 at 13:20:58

Comments with a score below -5 are hidden by default.

You can change or disable this comment score threshold by registering an RTH user account.

Permalink | Context

[ - ]

By z jones (registered) | Posted December 14, 2009 at 13:38:27

^^ BUG REPORT: I still see comments below my comment cutoff threshold.

Permalink | Context

[ - ]

By six pack (anonymous) | Posted December 14, 2009 at 16:24:15

Comments with a score below -5 are hidden by default.

You can change or disable this comment score threshold by registering an RTH user account.

Permalink | Context

[ - ]

By z jones (registered) | Posted December 14, 2009 at 16:27:43

Re comments^^ it's like the site suddenly got indexed by googlasshole or something.

Permalink | Context

[ - ]

By Happychance (anonymous) | Posted December 14, 2009 at 18:05:28

Comments with a score below -5 are hidden by default.

You can change or disable this comment score threshold by registering an RTH user account.

Permalink | Context

[ - ]

By six pack (anonymous) | Posted December 14, 2009 at 20:35:44

Comments with a score below -5 are hidden by default.

You can change or disable this comment score threshold by registering an RTH user account.

Permalink | Context

[ - ]

By WRCU2 (registered) - website | Posted December 14, 2009 at 22:21:40

Great work Ryan and Team RTH!

I am sorry to see so many sandpaper people posting useless information but I am glad there is an option to remove them from view as a registered user.

Ryan, if you don't mind my asking, why don't you ban specific IP addresses or whole IP blocks of addresses that have proven themselves to be incidental irritants?

I am not familiar with nginx or Microsoft IIS6.0 but I'm sure there is a way to deny these 40 grit through the server's access control list or in an .htaccess file if not at the network perimeter.

Your site is gonna lose too much value if you don't do something about it soon.

Permalink | Context

[ - ]

By WRCU2 (registered) - website | Posted December 14, 2009 at 22:36:21

Thanks for the reply Ryan. Too bad you aren't using a nix with iptables netfilter. I've work out some interesting solutions for trolls.

In any event, I trust you know what you're doing.

Permalink | Context

[ - ]

By Michelle Martin (registered) - website | Posted December 14, 2009 at 23:05:56

Wow. I am looking forward to the day when I can also insert a table of contents: get working, Ryan!

Kidding aside-- thanks for the time and trouble you take to keep civilized discussion going, and to help us say what we mean to say clearly.

Speaking of civilized:

RTH = Real Tit-Heads

Can't you do better than that? Why not aim a little higher?

Permalink | Context

[ - ]

By brodiec (registered) | Posted December 15, 2009 at 14:17:41

Wow I know this is probably a lot of work! Thanks so much.

Permalink | Context

[ - ]

By getalife (anonymous) | Posted December 15, 2009 at 20:05:39

Hey six pack – So you actually take the time to make bets on the response you might receive to insults on community blogs? That’s really, really, really pathetic. Did you make the bet with yourself as well?

Permalink | Context

[ - ]

By synxer (registered) | Posted December 15, 2009 at 21:44:04

Ryan,

RTH rocks, but rocks even more now.

Thanks for your dedication to community content and taking time to make a great experience greater.

Permalink | Context

[ - ]

By seancb (registered) - website | Posted December 17, 2009 at 10:24:41

One more request - a "mark as spam" button next to the voting buttons?

Permalink | Context

[ - ]

By Locke (registered) | Posted December 18, 2009 at 10:15:27

Great work Ryan. Great use of jQuery, thanks for adding comment/event editing (I really needed that, and just had to try it out) and for the added security. But most of all, thanks for your dedication to this community!

[Comment edited by Locke on 2009-12-18 09:16:39]

Permalink | Context

View Comments: Nested | Flat

Post a Comment

You must be logged in to comment.

Events Calendar

There are no upcoming events right now.
Why not post one?

Recent Articles

Article Archives

Blog Archives

Site Tools

Feeds