## 歐付寶有 < 跟 & 就會認證失敗

<input id="TradeDesc" name="TradeDesc" type="hidden" value="&lt;&amp;" />

THX.

API 文件並沒有標明不能特別限制特殊符號，經過測試其他特殊符號都可以使用。但是就只有 <& 不行。是說這兩個符號也沒有特殊到哪裡去，要是英文商店用個 & 字元也是很正常的吧。

THX.

## ActiveMerchant / offsite_payments gem needs to improve

ActiveMerchant is a very useful library for connecting to payment gateways. However it is also quite dated, with many flaws, and lack of proper documentation in one part (offsite-payment). In my experience, I feel it can be improved in the following ways:

The name "integration" in confusing, and makes it diffcult to search online. The gem should be split into two, one for on-site payment (gateway/billing module), and one for off-site payment (integration/Billing::Integration module). This is because the two are very different ways of paying. It can be confusing when you search for solutions but it turns out to be not what you want. Seems Shopify is alreadying doing that, splitting the offsite-payment module into its own gem. Good move!

The semantic of common fields in form helper need to be defined. Otherwise implementors will choose different names for the same concept, greatly reducing the interchangeability between gateways. Some consistency issues should also be fixed. For example in Paypal we pass our order id as the "order" field, and Paypal notification will return that as item_id attribute. This mismatch is confusing.

The gross() currently does not specify a return type. Paypal returns a string. Base class says it should "the money amount we received in X.2 decimal". Though there is a amount() method for returning a money object, the gross() method should still specify the return type to avoid inconsistencies when switching gateways.

The base framework code should be separated from gateway implementations. Users usually just want two or three gateways out of the 50 implementations. Having a separate repository per gateway also makes it easier to document gateway specific changes and settings in separate readme files.

There should be a check() method in the notification. It acts as the central method to check if the notification is valid. Currently there are many which implemented the acknowledge() function. However not all providers provide an API to verify the notification. With the generalized check() method it can call acknowledge() if it is implemented.

Adding hooks for form helper would be helpful. Many gateways require post-processing such as adding a checksum field. A hook would allow the interface to automatically call these post-processing instead of the developer having to remember calling them in view.

## Markdown 或是 LATEX

Ｍarkdown 跟 LATEX 其實要解決的是不同的問題，也就是你要產生需要排版有頁數的實體文件，還是就只是一長串的文件？

LATEX 要解決的一個核心問題就是必須解決分頁時放置圖片或是表格的問題。如果沒有分頁，那麼這些東西自然依照文字排放往下排即可，可是因為這些東西要是正好排在分頁邊緣時，不能腰斬只顯示一半。此外，因為分頁所以排版上也冒出許多限制，這些都是 LATEX 的強項。

over 3 years ago

## TrueCrypt 官網突然說自己不安全

TrueCrypt 是一個開源免費的加密軟體，能製作加密過的虛擬硬碟，供使用者存放資料。

TrueCrypt 本身雖然是開源軟體，不過似乎沒人知道後面的作者到底是誰。所以也引來許多陰謀論，比如說 TrueCrypt 本身是就是美國政府旗下製作的陷阱。或者這是作者跟NSA妥協下的結果。到目前為止似乎沒人能證明這不是網站被駭客修改。不過由於這次的改變十分細緻，比如說程式碼換了授權，而且還做了修正變成只能解碼。所以感覺不像是外來駭客會作的事情。

over 3 years ago

## chef, sunspot solr 與正體中文分詞

--

Solr 4.3.1 也跟 2.0.1 不相容。

solr_schema （與sunspot搭配所以直接修改 text fieldType）:

solr_solrconfig 添加:

hipsnip-solr cookbook 也要用新一點的，才會自動幫你把 logger lib裝好。

sudo ufw allow 8983

over 3 years ago

## RubyConf Taiwan 2014 感想

• 投影主螢幕太暗，尤其是跟旁邊的推特牆比的時候，要看很吃力。
• 講台上的人很少打光，常常處在背光面，我想攝影師應該也很辛苦才拍的出清楚又光線夠的講師演講照。
• 講台下不想聽的人要寫程式也因為沒有光線很容易眼睛酸痛。
• 無法轉換氣氛，導致會場有點悶悶的，也容易想睡。

over 3 years ago

## 使用 sequel pro 連遠端 mysql

MySQL Host: 127.0.0.1
SSH Host: 你 server 的地址
SSH User: 你的 ssh user id

over 3 years ago

## 台灣相關 ActiveMerchant 實作清單

https://github.com/Shopify/active_merchant/
ActiveMerchant 本身有內建以下介面：
HiTrust（安心付）跟 Paypal

https://github.com/xwaynec/active_merchant_allpay

https://github.com/GoodLife/active_merchant-smile_pay
SmilePay 訊航科技介面

over 3 years ago

## Yahoo Mail Spam Button Broken

Yahoo Mail redesigned its web interface on October 8, 2013. The new interface relies heavily on AJAX techniques, which improved its response time a lot. However the new interface also has several bugs, and Yahoo seems to remain oblivious from them. Here I describe the spam button bug, and how ineffective the customer support system is.

## Not-Spam buttom marks something as spam

If you view a mail inside the spam folder, try hovering the cursor over the "not spam" button, you will see the tooltip message "Move selected conversation to Spam folder".

Note that this only happens in mail view page, not in the spam folder listing page.

Once you clicked on the "Not Spam" button, we get transferred back to the spam listing page. After a few seconds, a blue popup will appear at the buttom of the page, saying "Your message has been placed in the Spam folder and sent to Yahoo! for further investigation".

And refreshing the listing page, you see that unspammed email is still there.

Once again, this only happens in the mail view page, not the listing page.

## Why do I care?

I am a web app programmer. I see that 90% of the spam reports come from Yahoo Mail, and most of the reports are from new user registration confirmation emails. I asked some users, and they said that they merely clicked "not spam" button in the registration email.

The faux spam reports is troublesome for us, because we use Sendgrid emailing service. It has a reputation score. If a spam report is received by them, our reputation drops. When the reputation drop too much, we will be blocked by Sendgrid from sending emails.

The 'Not Spam' bug is bad, because once a user clicks it, Yahoo believes deeper that we are spammers, and our emails will more likely land in their spam folder, which results in more users clicking on the 'no spam' button. It is a snowball effect.

## Unusable customer support

I tried to report this issue, but I couldn't find a way to contact to a real person from Yahoo. I found this bug report at Yahoo Feedback. It was reported on October 14th 2013. However the admin closed the issue because:

Because this forum is intended to gather feedback/suggestions for Yahoo! Mail, if you continue experiencing this problem, please contact Customer Care by going to:
https://io.help.yahoo.com/contact/index?y=PROD_wieuowiuero&locale=en_US&page=contact&srcContact=acct_care#comm-form
Thank you for using Yahoo! Mail!

I went to that suggested link, which is a Yahoo Help page regarding Yahoo Account issues. I was given two choices: by email or by community.

I choose the email, filled up my questions.

I later received an automatic feedback email, however its title seems to suggest the category used is incorrect:

Title: Hacked accounts : spam is being sent from my account [Incident:140108-069640]
Content:
Thanks for contacting Yahoo Customer Care.
If you're reporting abuse, thanks for improving our community (it means a lot to us). We'll dig in to your report and take care of this. We may contact you if we need more information to complete our investigation.
If you aren't reporting abuse but are trying to ask a question or get help, we'll get back to you as soon as possible.

Later a second email came:

The first step to resolving issues with your internet browser is to make sure you are using the current version. You can download and install the latest versions of Firefox, Safari, or Internet Explorer at the following links:
If updating to the latest browser version does not resolve your issue, try clearing the cache and cookies in your browser. If you do not know how to do this, please visit the Clear Cache and Cookies Wizard.

This is not related to my bug report at all. Also I missed 72 hours deadline to reply back because I was busy, so the issue was closed.

The second option is to ask for help from the "Community". However no one seems to be using it, as the last post was posted in 2012.

In the email interface, there is a Help link in the config menu. It direct us to the FAQ page. I clicked "Contact Customer Care". There I choose "Errors" -> "My issue does not appear in the list", and I am given the outdated "Community" link again, this time redirected to Yahoo Answers. I don't think bug reports goes there.

## Conclusion

Hopefully someone in Yahoo can see this, and fix this problem. We see that the web interface is broken. We also see that the dev/testing team is broken too, not able to discover/fix the bug for more than 3 months. Lastly Yahoo really need to improve its customer support system.

## Update 2014/2/12

I resend an email to Yahoo Customer Care, and after a few replies, the Taiwanese branch managed to understand the bug. They told me on 2014/01/23 that they have reported this to the team, and I am still waiting for their reply.

## Update 2014/2/24

This morning I checked and found out that the bug has been fixed. The "Not Spam" button is no longer acting as the "Spam" button. Thanks.

Eager loading 是 Rails 解決 N+1 問題的方法，用 includes 方法就能在讀取資料庫資料時順便把 association 也讀進來。