Annyang — Control your site using voice commands

<script type="text/javascript" src="annyang.min.js"></script> <script type="text/javascript"> if (annyang) { // Let’s define our first command. First the text we expect, and then the function it should call var commands = { ‘show tps report’: function() { $(‘#tpsreport’).animate({bottom: ‘-100px’}); } }; // Initialize annyang with our commands annyang.init(commands); // Start listening. You can call this here, or …

WordPress < 3.6.1 PHP Object Injection

WordPress 3.6.1 contains a PHP Object Injection Vulnerability Fix, detected by one of my former students. He also made an extensive writeup about it: Let’s recap: maybe_serialized(‘i:1;<funkycharacterhere>’) is inserted to the database. As WordPress does not see this as a serialized string (because it doesn’t end in ; or }), this will result in i:1;. …

Live filter using CSS selectors

Using data- attributes for indexation, and a dynamic stylesheet with a CSS3 selector for search, it is straightforward to implement a client-side full-text search in CSS rather than JavaScript. Clever use of data-* attributes. A shame though the title of the original post, namely Client-side full-text search in CSS, is poorly chosen though, as it’s …