Time

My how time flies! I only have three weeks left until I have to head off to RPI. I am no doubt excited about this, but there are some things that I wish to accomplish first.

Firstly, and probably most importantly, I want to finish off my work on the NHS web site. The work that remains to be done consists mostly of completing the system for updating the site via a web interface. I have done virtually no work on it so far this summer.

The next thing my queue of things to complete is a Beowulf cluster that my friend and I have been working on over the summer. We have been gathering older computers, and are attempting to get them to work together in parallel to perform computing-intensive tasks. We are doing it as mainly a proof-of-concept and to gain some additional experience.

Less importantly, but possibly unwisely high on my list, I am re-reading the first six Harry Potter books. As I type this, I am paused at the end of the fourteenth chapter of the third book, Harry Potter and the Prisoner of Azkaban. I am re-reading the first six books so that the story line will be fresh in my mind when the seventh and final book, Harry Potter and the Deathly Hallows comes out tomorrow. I have ordered a boxed set of the entire series in hardcover, but it won't arrive until October according to Amazon.

Getting back on topic, I have recently noticed that there is too little time. There are all of the things mentioned above that I want to do, and more, but time seems to be flying. It is already Friday, and it feels as if Monday were yesterday. I notice that I am probably about a quarter of the way through my life, supposing I live to be seventy-six years old. There are several other things to be done this summer. For one, I need to start getting in shape for next month when I will go up to Rensselaer for the ROTC program. I also want to, some time in the future, watch the entire series of Star Trek Voyager. I watched an episode of it the other day on television, and it reminded me of how good the show is. I have watched the entire series of the following shows: Stargate SG-1, Stargate Atlantis, 24, and Smallville.

Anyway, back to reading Harry Potter -- if I don't fall asleep first, that is.

Graduation

A little over a week ago, I graduated from Mountain View High School. My final GPA was 4.32. If only my senior year were considered, I would have a 4.625 on a 4.5 scale. Here are my final grades for my senior classes:

Class Name	Grade	Grade Points
DE English Composition	B+	4.5
AP Statistics	A	5.0
Introduction to Engineering	A+	4.5
Principles of Technology	A+	4.5
Spanish IV	A	4.0
Chemistry	A+	4.5
DE Calculus	A	5.0
DE Physics	A	5.0

I graduated Summa Cum Laude, and had both an honor stole for that and a National Honor Society honor stole. It was surprising to me how many seniors put in too little effort in the end, and did not receive their NHS honor stole.

I am, as I have stated previously, excited about attending Rensselaer in the fall. It did not hit me, however, that I would not see many of my high school friends for a very long time until recently. I think it hit me after I attended a graduation party, and said goodbye to many of my friends there. I felt similar to how I felt when I had to come back home from the National Youth Leadership Forum on Technology (NYLF/Tech), though I was more saddened then than now. I will very likely never see the people I met at NYLF/Tech again, but will very likely see many of my high school friends again at future reunions.

NHS Link

My school's web site finally linked to the National Honor Society site. After the sponsor teacher told me that she didn't think that it would ever be linked to, I decided to something about it. On Friday, I looked up the whois information on mountainviewhs.net. I sent an e-mail to the address listed under the administrative contact information. I pointed out that both the MVHS band and the Technology Student Association had links to their respective sites, and asked that a similar link to the NHS site be added.

This morning, I received a confirmation e-mail from the person to whom I had sent this request. There is now a link. One thing that slightly annoys me, however, is that the link points to "http://mvnhs.com" instead of "http://www.mvnhs.com" (note the "www"). This means that anyone who clicks the link has to make two requests to my server. Once to mvnhs.com, which will tell them to go to www.mvnhs.com; and one to www.mvnhs.com, which will return the actual page.

End of Classes at Community College

This past school year, I took two semesters each of calculus and physics. I took calculus at Germanna Community College, and physics at Northern Virginia Community College. I went to class for the final time this week. I ended up with A's in all of them, and am pretty happy about this. I am taking a Dual-Enrollment English class at my high school in conjunction with Germanna Community. For the first semester, I received a B+, which according to Germanna's grading scale should've been an A (Germanna is on a 10-point scale; my high school is on a 6-point scale). My grade shown in the records at Germanna is in fact, a B rather than an A. If I had taken the class physically at Germanna as I had done with calculus, I believe that I would've earned an A.

Anyway, It's nice to have free time after school. I am still working on the NHS site. I spoke to one of the teacher sponsors today about getting a link to the NHS site from the Mountain View site. She said that she didn't think it was going to happen. I intend to ask her whom I should speak to in order for this to happen.

Current Work on NHS Site

Over the past week, I have been working on a web-based management system for the NHS site. I am trying to make it as easy as possible to update and add pages to the site for whoever will maintain it when I am not there next year. To be completely honest, I don't know if anyone actually visits the site besides me; it has been very useful to me in that I can easily keep up with NHS activities.

I am going to store page data as XML. I was going to use SimpleXML to read back the data, but I don't have access to PHP 5. I am essentially building my own XML parser. It should not be too difficult; I plan to store everything opaquely by running it through PHP's htmlspecialchars() function before storing it in the XML file.

The first thing that I am working on (before implementing the code that writes the XML file) is validating user input. Since the site is served as "application/xhtml+xml" to browsers that support it, I need to make sure that the input is well formed, and properly nested to avoid a draconian XML error (these are good in that they force authors to produce well formed code). Checking for well-formedness was quite a challenge. I eventually came up with a slow, recursive function that checks the input. It isn't fool-proof, but is good enough for my purposes because I am encoding all HTML special characters to their corresponding entities for markup that I don't recognize. I only recognize a pre-defined list of markup elements.

I do hope that this site that I have spent much time on is actually used and appreciated.

In case anyone is interested, here is the function that I came up with to check if the input is well formed:

function validateInput($content) {
 $content = preg_replace('/<!--.*?-->/s','',$content);
 if (strpos($content,'<')===false)
  return true;
 $fullElements = preg_match_all(
'/<([a-z][a-z0-9]*)(\\s+[a-z][a-z0-9]*="[^"]*")*\\s*>(.*?)<\/\1>/is',
$content, $matches,PREG_PATTERN_ORDER);
 if ($fullElements == 0)
  return false;
 $valid = true;
 foreach($matches[3] as $key => $value)
  $valid &= validateInput($value);
 return $valid;
}

Edit 27 May 2007 23:59:38 EDT: there is a problem with this function that incorrectly identifies proper markup such as: "<div>text<div>text</div>text</div>" as invalid. I am working on this problem.

RSS Feed for NHS Site

After completing most of the work on the contact form for the NHS site, I decided to start work on something else I'd had in mind. I decided to learn RSS. Initially, I read that there was no "standard" for RSS. This put me off and I kind of trashed the idea. The other day, I came across the RSS 2.0 Specification. Since the contact form is functional, and I couldn't finish it until I had the approval of the NHS sponsors, I decided to start working on an RSS feed for the site.

RSS is relatively simple to learn and use. I can personally make the content already on the site available on the RSS feed with relative ease. I am concerned, however, that whoever will maintain the site after I am gone will have some trouble. I need to design some sort of implementation where the information can be added to the site in one place, and will appear in both the feed and in the proper place on the site. I will probably do something similar to what I did with the navigation and contact pages: write a function that takes several parameters, and puts that information where it needs to go. In doing this, the RSS feed will no longer be a static file, but will rather be a dynamically created file like the other pages on the site. Implementing this will involve some mod_rewrite directives in my .htaccess file.

Functional NHS Contact Form

This afternoon, I finished some code to make a test version of the contact form I have been working on operational. As of now, all received feedback goes to a test account, but Duplicate copies will be sent to users if requested. If anyone wants to pound on it, the address of the test site is: test.mvnhs.com/contact/ . I'm not hyperlinking it for fear that Google might index it, and I don't trust 'rel=nofollow'. As I've said previously, I want to know about vulnerabilities sooner rather than later.

NHS Site Maintenance

I just completed moving everything from mvnhs.us to mvnhs.com. Previously, I had everything pointing to mvnhs.us because I didn't own mvnhs.com. The move was tedious, but I have rigged it so that anyone looking at the old address is automatically redirected to the new address.

I have been continuing work on the NHS Contact page. It is nearly complete. As of now, the system sends out an e-mail after verifying that all of the user input is acceptable. All that is left is to write a success page that is returned to the user. Once it is complete, I will probably ask for people to stress test it. I would like to know about any vulnerabilities in my code sooner rather than later.

One thing that is getting on my nerves, thought not a critical problem, is the fact that PHP adds an X-PHP-Script header that has the file name of my page generator. I would rather that people didn't know what my underlying code looks like. I do know that security through obscurity isn't really security, but I still don't want people being able to see such information.

Implementing a Contact Form on the MVNHS Site

I've been working on a contact form for the NHS site. It has proven to be much more challenging than I first anticipated. While I could just throw together a simple implementation in an hour or so, that would not serve my purposes. I have read that this type of page is often the target of an attack. I am coding very carefully, attempting to avoid any exploitable code. For example, the other night, I spent probably four hours just importing the user's name. It took so long because I had to do a lot of research, read several specifications of similar length to and including this one: Uniform Resource Identifiers (URI): Generic Syntax. So far, my work-in-progress form will take the user's name, and the user's choice from a radio button, and return back to him/her the form as it was submitted. It is going to take some time to get the whole thing done. Another reason that I want to do it correctly is because I will be graduating from Mountain View High School this year, and someone else will have to maintain it.

Another thing I worked on this past three-day weekend was a Maintenance Guide for whoever will maintain the site when I'm gone. I have uploaded my current very rough draft of the guide. It still needs a lot of work, some of which will have to wait until the site is completed.

Life Since School Started

Well, school has started, and I have been going to my classes at NOVA and Germanna. My schedule worked out pretty nicely. My school has block scheduling. There are four blocks in the day, each lasting 85 minutes. Some classes are a semester long, and other classes are year-long. The year-long classes meet every other day. The days are divided up into X-days and Y-days. On X-days, I have Dual Enrollment English first block and AP Statistics second block. On Y-days, I have my internship with the Technology Department of the school system. I have Introduction to Engineering third block, and I have Principles of Technology fourth block every day for the first semester. After school, I have Cross Country practice. I then have Physics or Calculus in the evenings, depending on the day.

My internship is going well, and as far as I can tell, I'm doing a good job. Since school started, my job has changed slightly from doing some large task to helping people out with their individual computer problems. I have been able to fix most of the problems I have come across.

Cross Country is fun as always, but unfortunately I'm not as fast as I was last year. This is because I had been working in the last few weeks of summer, and didn't go to the practices that were held, as I had done last summer. As an example, yesterday, I ran 9:22 in a race that I ran in 9 minutes flat last year. I hope that I can work up to where I was last year. I'm considering doing winter track, and not swimming because I don't want to have to start all over when spring track comes around.

I have begun work on a web site for my school's National Honor Society. I bought two domains: mvnhs.us and mvnhs.net, as .com and .org were already taken. For now, I'm using the design of my site, as I don't yet have one for the NHS site. This will be my first web site for an organization, and I hope that they will like it, and use it, even after I am graduated and gone from the school. I'm going to try a CSS-powered pop-up navigation implementation developed by Steve Gibson, author of SpinRite software. It does work in Internet Explorer; something that few or no other CSS menus do. The current NHS design is destroyed by Internet Explorer, but that will have to be fixed, as it is the prominent browser.