BC TECH
Saved by @jacobhtml

A long time ago I coded up a feature for SocialCoder which converts a link - any link - to a short URL. I use it all the time for sharing links to volunteer profiles and to volunteer opportunity listings.

 The feature doesn't care what the link contains, it just hashes the URL, including any query params, and returns a shortened code.
More recently, around Christmas time, I added another feature where I can click a button to send a template notification to a charity that their new listing has been reviewed and published. I call it a next-steps email.
For the past few weeks, its all been working well. Its nice to keep automating things that previously were done by hand.
Fast forward to today.

A new opportunity listing is posted by a charity.

I review and publish it, tweet about it, then click a button to send the charity an emailed notification of next steps.
All very much business as usual, except that I normally tweet about it *after* sending that next-steps email to the charity. I don't know why I deviated from my normal routine, not that its a big deviation, nor should it matter.
But, oh, what a difference that slight deviation from my normal workflow did make.
Turns out I accidentally tweeted out a shortened link that results in the site sending a next-steps email to the charity. Anyone following that link will result in another email being sent.
Almost immediately my inbox gets spammed with flying in as people click on that link, also spamming the poor charity, and proper flustering me I can tell you.
At this point I had no idea what was going on.

Could it be a mail provider problem? Unlikely.

Maybe a bug, an infinite loop or recursion in my code? More likely.
I restarted the site, but the emails kept coming.

I changed the notification email address so that it would only spam me, and not the charity.
And still the emails came.

But now that it was just me being spammed, and not the charity rep, I was able to calm down enough to see what had happened.
A relatively easy fix, and a forehead-slapping moment.

You could say it was a learning moment. So what did I learn?
Lesson 1.

Don't use HTTP GET when a POST is more appropriate. If the request parameters were in the body of the request, and not in the URL, the link would have been fine to share.
Lesson 2.

The feature that sends email should not have been available to anonymous users.

In coding terms, the controller action was missing an [Authorize] attribute. yeah ...oops.
Lesson 3.

Although the consequences of this mistake were relatively minor, affecting only me and the charity rep's Inbox, I still needed to calm down before I could see the problem clearly enough to effectively trouble-shoot. Maybe I'm drinking too much coffee. Maybe.
Lesson 4.

Being able to code a fix, run unit tests, and deploy that fix, all within within minutes is such a valuable thing.

Thank you to the @Azure team who made this so easy.
- end for now -

More from Tech

ashkan soltani
ashkan soltani
@ashk4n
BREAKING: @CommonsCMS @DamianCollins just released previously sealed #Six4Three @Facebook documents:

Some random interesting tidbits:

1) Zuck approves shutting down platform API access for Twitter's when Vine is released #competition


2) Facebook engineered ways to access user's call history w/o alerting users:

Team considered access to call history considered 'high PR risk' but 'growth team will charge ahead'. @Facebook created upgrade path to access data w/o subjecting users to Android permissions dialogue.


3) The above also confirms @kashhill and other's suspicion that call history was used to improve PYMK (People You May Know) suggestions and newsfeed rankings.

4) Docs also shed more light into @dseetharaman's story on @Facebook monitoring users' @Onavo VPN activity to determine what competitors to mimic or acquire in 2013.

https://t.co/PwiRIL3v9x
TECH
Zen Black
Zen Black
@z3nblack
1/ Thread: "A Silicon Valley Ponzi Scheme"

Thanks to @chamath for laying this out in Social Capital's 2018 annual letter.

I've always appreciated his outspokenness.

2/ The hardest thing for most startups today is the path to market: first finding product-market fit & a way to reach customers, then building a ruthless machine to acquire, monetize & retain them.

3/ Because of this, when the VC industry invests capital into fast growing startups today, the plurality (if not majority) of invested capital will go into user acquisition and ad spending, for better or worse— usually worse.

4/ Todays massive venture-backed advertising, sales, and user acquisition playbook has morphed into one that champions growth at any cost.

This is creating a big bill that will soon come due...

5/ Ad impressions and click-throughs are bid up to outrageous prices by startups flush with venture money, and prospective users demand more and more subsidized products to gain their initial attention.
TECH , STARTUPS , {TEST FOLDER}
Advertisement
Laurie Voss
Laurie Voss
@seldo
The 2018 State of JavaScript survey is out. They got 20,000 responses and have some delicious, delicious data. I'mma thread in some highlights:

First up: JavaScript flavors. There's TypeScript at 47% adoption, a tad higher than npm's own survey results (which said 46%). npm's survey is coming up again soon and will ask about TypeScript in a lot more detail.


I really, *really* like SoJ's "would not use again" question, which lets people who've abandoned a tech self-identify. This is noticeable in the graph above with Flow users -- 41% of people who've used Flow say they wouldn't use it again.

Now JavaScript frameworks. It's been a full year since npm's survey, so these numbers differ from ours in the directions I expected:
React 65% (vs. 60%)
Vue 29% (vs. 24%)
Ember 5% (vs 4%, I was expecting a bigger rise)

But there's a shocker in here: Angular.


npm's survey had Angular at 40% last year and SoJ has it at either:
- 58% (if you include those who don't want to use it again)
- 24% (if you count only those who like it)
Since npm's question didn't ask if they intend to *continue* using it I think that might explain this.
TECH
Jen \u26a1
Jen ⚡
@leoniedelt
Been reading up a lot about these jabs, esp as I know they are going to be a condition of a return to normality

Was on a zoom call last evening with a testing company that had some fascinating evidence on protection etc.

I have more reading to do.

I do not want to be coerced into something I don't want, BUT i want normal back as soon as possible.

Basically i'm at the point in my isolation and thinking that I'll take whatever just so this bullshit can end.

That is a desperate mindset, but so is 12 months of being cut off from the world.

All i have is what goes round and round in my head.

There's no one else to help balance it.

So i'm in group 6, and my surgery are doing group 6 right now. And i am at the point i want to do it to get it DONE.

And also to study what happens. Because i have that kind of mind.

I remember Pandemrix.

But we live with risk every day.

I risk my life climbing walls with only a harness around my waist to catch me as i lean back and fall off

And rational risk assessment is at the heart of everything going wrong these last 12 months
TECH
Tagir Valeev
Tagir Valeev
@tagir_valeev
Ever wondered how the JVM debugger 'Evaluate' feature works in IDEs? Long ago I thought that the Java debug interface (JDI) actually allows you to specify the expression and get back its value.


However, this is not quite possible: there's no Java language compiler inside the JVM. When the process is paused JDI allows you to read or write any variables and fields or even execute an existing method with given arguments. But nothing like addition or multiplication.

On the other hand, #IntelliJIDEA debugger allows you to evaluate even statements! You can write there `for`, `if`, `while`, `switch` - whatever. You can even declare local variables. So how this works?


The answer is simple: IDEA debugger has a built-in interpreter for Java! If you access an existing variable or a field, call a method or instantiate an object, it queries JDI. Otherwise, IDE itself does all the calculations.

The amusing thing is that debugger authors didn't bother to make it as strict as Java itself, so the language inside the interpreter is a much more permissive version of Java. For example, you don't need to initialize variables there! Default values like 0 are used automatically.
TECH

You May Also Like

Michael King \U0001f1fa\U0001f1f8
Michael King 🇺🇸...
@8MichaelKing
Ever notice how the top niches are centered around health, wealth, and relationships?

There's a deep-rooted psychological (and biological) reason why.

And today, I'm gonna to explain all of it so you can start profiting off of this knowledge 💰💰

*Now, this thread is going to be long and in depth. Make sure to favorite the top tweet now so you can come back to it later.

So. Down to the very core of every living being (humans, dolphins, bacteria, aliens), there are only two drivers:
1. To survive
2. To reproduce

Right off the bat, we know that sex is a primary driver to human behavior.

This would also mean that each gender has its own insecurities regarding sex.

Men have a subconscious fear that their woman will leave them for someone more successful

Women have a fear that their man will leave them for someone younger & better-looking

We can conclude that men are attracted to looks, and women are attracted to status.

This is human nature down to its very core.

Crazy, blue-haired feminists will try to argue and say otherwise.

But, 50 years of feminism DOES NOT OVERRIDE millions of years of evolutionary biology.

Here's a quick visualization exercise so you can see how true all this is...
STARTUPS
Numberonepal
Numberonepal
@numberonepal
1/ Stolen from the greatawakening(DOT)win...

I will only be making one post here. Do not ask who I am. Do with this information as you please.

The Trump Card is being played. It's much simpler than you all realize. Some of you have gotten it right.
TRUMP , THE LAST DAYS IF THE REVOLUTION
Advertisement
Kelly Ellis
Kelly Ellis
@justkelly_ok
So, I want to talk about how sexual harassment and fair pay are linked at Google (and beyond), because I think that's an angle that isn't being highlighted enough in the coverage of these walk-outs. I'm going to frame it largely around my personal experience there. Thread.

When I was sexually harassed by the director of the area I was working in, I was afraid to report it because I was worried that "getting him in trouble" would result in the subtle retaliation of missed leadership opportunities.

I wanted to continue working on the team I was on, because I'd gained a lot of very deep knowledge and expertise in that area, as well as reputation and camaraderie with the other folks working in that area. I didn't want to make the situation more "difficult."

To get promoted at Google, several need to happen: 1. you need opportunities for ownership and leadership above your current level (basically, opportunities to show you're working at the next level you're trying to get promoted to). The work you're "assigned" has a big impact.

2. You need glowing reviews from peers, *at or particularly above the level you're hoping to get promoted to.* Basically, you need people a lot more senior than you to say you're doing awesome work.
TECH , SOCIETY
Jig's Patel
Jig's Patel
@jigspatel1988
How to trade on Expiry day with Nifty straddle?
(System trading on Expiry)

Triple straddle is one of the best and accurate methods for expiry day

If nifty trading at 15720 then will sell three straddles above 50 points from ATM, below 50 points and ATM.

Ex.
Sell straddle 15700(ATM), 15650(ATM-50), 15750 (ATM+50)

Stoploss of 80% on every leg and run your trade till 3 PM

Once SL hit in any Leg just keep holding other leg till expiry with SL (Never or less chance to hit both SL on expiry day)

Trading timing at 9:20 the Morning
ALL , STRADDLE BACKTEST , STRADDLE
Ryan Caldbeck
Ryan Caldbeck
@ryan_caldbeck
1/ I am seeing more and more founder secondary in venture rounds (Secondary = founders selling some of their shares before some other shareholders are able). Series B-D. I see both as an investor and through entrepreneur circles.

2/ I like secondary for entrepreneurs. Moderation is key but in a lot of situations I think it helps accelerate the co. Lots of very smart investors disagree. Here are my thoughts.

3/ Magnitude: My basic rule of thumb from what I see is market is 4+ yrs and up to 10% of founder’s equity stake with some $ cap that makes sense given stage etc. (typically <$10m)

4/ The entrepreneurial journey is brutally hard. Giving some financial relief helps remove one piece of pressure. I don’t think that secondary in the magnitude mentioned impacts the drive/persistence of great entrepreneurs.

5/ That secondary means they will be able to just sleep knowing they can pay their kids’ tuition. Secondary will make most founders better at their jobs, thus accelerating the co.
ALL