zerosleeps

Seth Godin has some good tips for dealing with random-but-usable-by-humans strings and codes. It’s something I spent a bit of time on when building our wedding website: the codes needed to be mildly secure, but easy to enter.

The final solution, which doesn’t seem to have caused any issues, was a random selection of 6 characters from upper-case A–Z, minus “I” and “O”, plus digits 2–9:

choices = ('A'..'Z').to_a - ['I', 'O'] + ('2'..'9').to_a

When shown to humans, the codes are displayed as two groups of three characters:

A5D 8FU

But, the codes can be entered with or without the space, and will be accepted whether they’re entered upper-case or not:

Invitation.find_by rsvp_code: params[:rsvp_code].upcase.gsub(/\s/, '')

So the example above could be entered as “a5d8fu”.

I do disagree with Seth’s last comment about saying “please” in forms though. I don’t think this fools anyone - users know they’re looking at a form and not having a conversation with a human. No need to beg.

I’ve never been a huge fan of the datetime module in Python, but listening to one of the core developers of Python on “Talk Python To Me” episode 271 has changed that.

I’d encourage anyone who stores dates and times in a database to listen to this. The guy does a really good job of explaining when we should use naive datetimes, aware datetimes, and why simply using UTC and converting as needed isn’t always the right choice.

I love this stuff.

Hell yes to everything on this list. My favourites:

The web is built around server-side rendering

Not everyone has (or can use) a mouse

Code to the standard, and test everywhere.

Advice for any web developer.

This is fantastic, including and especially:

Don’t trust all-purpose glue

Another grumble about Atlassian’s Confluence. This time it’s the result of trying to view a page that requires authentication when you’re not already logged in to Confluence. Look at the state of this:

Confluence obviously knows I’m not logged in, and it definitely knows the page is restricted - it says so right there on the right. So what’s with all the angry messages and red warning icons?

If you hit the little login icon at the bottom left (yep, that’s how you get to a login page from here) and sign in, the bloody thing does take you to the right page as well! It knows what I wanted all along, just forced this this hostile page on you first.