playing with the web
DESCRIPTION
My second talk at geekmeet sweden talking about the tools you can use to hack and remix the web.TRANSCRIPT
Playing with the web
Christian Heilmann | http://wait-till-i.com | http://twitter.com/codepo8
Geek Meet Stockholm, December 2008
or “The geek shall inherit the earth”
The web is an awesome opportunity and media.
I learnt that pretty early and left an old media to work for
the new one.
One thing that keeps amazing me about it is how simple the
technologies driving it are.
You don’t need to be a rocket scientist to wreak havoc on the web.
I am not talking about malicious intent here.
I am talking about ethical hacking.
So today I am going to show some tools I love to use to
play and mess with the web.
Disrupting the process to foster and drive innovation.
Mr. Buzzwordwill see you now!
Let’s start with the first one – a true Swedish product!
Their product?
cURL
cURL allows you to get raw text data from any server.
You can create the full range of HTTP requests from a script
or the shell.
Including POST requests, simulating cookies and all the
other goodies :)
Which gives you an amazing amount of power
Say you want to build an API that doesn’t exist.
At Mashed08 I got bored.
http://www.flickr.com/photos/37996583811@N01/2600265124/
Someone came to me and asked if I knew of a currency
conversion API.
And I didn’t as there is none.(everybody pays good money for that data)
So I went to Yahoo Finance.
http://finance.yahoo.com/currency/convert?amt=1&from=USD&to=JPY&submit=Convert
Simple, predictable URL :)
I found the location of the result by viewing the source
of the page.
http://www.wait-till-i.com/2008/06/21/currency-conversion-api/
function convert($from,$to){ $url= 'http://finance.yahoo.com/currency/convert?amt=1&from='.$from.'&to='.$to.'&submit=Convert'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $feed = curl_exec($ch); curl_close($ch); preg_match_all("/tabledata1\">([^<]+)<\/td>/", $feed,$cells); return $cells[1][1];}echo convert(’USD’,'GBP’);
Turning this into an API was easy:
header('Content-type:text/javascript');$from = $_GET['from'];$to = $_GET['to'];$callback = $_GET['callback'];if(preg_match("/[A-Z|a-z]{3}/",$to) && preg_match("/[A-Z|a-z]{3}/",$from)){ $to = strToUpper($to); $from = strToUpper($from); $url= ‘http://finance.yahoo.com/currency/convert?’ . ‘amt=1&from=’.$from.’&to=’.$to.’&submit=Convert’; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $feed = curl_exec($ch); curl_close($ch);
preg_match_all("/tabledata1\">([^<]+)<\/td>/",$feed,$cells); if(is_numeric($cells[1][1])){ $out = ‘{"from":"’.$from.’","to":"’.$to.’","factor":"’.$cells[1][1].’"}’; } else { $out = ‘{"error":"Could not convert currencies, are you sure about the names?"}’; }} else { $out = ‘{"error":"Invalid Currency format, must be three letters"}’;}if(isset($callback)){ if(preg_match("/[a-z|A-Z|_|-|\$|0-9|\.]/",$callback)){ $out = $callback.’(’.$out.’)';
} else { $out = ‘{"error":"Invalid callback method name"}’; }}echo $out;
Using the API is as easy...
<script type="text/javascript"> function converted(obj){ if(obj.error){ alert(obj.error); } else { alert('one ' + obj.from + ' is ' + obj.factor + ' ' + obj.to); } }</script><script type="text/javascript" src="convert.php?from=gbp&to=usd&callback=converted"></script>
View Source is a good start.
However, much more win is Firebug.
It has never been easier to find things to get with cURL.
Say twitter information...
How about showing this as a cool chart?
We all like to show off what we do on the web.
Charts can be tricky...
Good thing that there’s Google Charts.
(yeah and YUI charts)
http://www.wait-till-i.com/2008/11/23/show-the-world-your-twitter-type-using-php-and-google-charts/
<?php$user = $_GET['user'];$isjs = "/^[a-z|A-Z|_|-|\$|0-9|\.]+$/";if(preg_match($isjs,$user)){ $info = array(); $cont = get('http://twitter.com/'.$user); preg_match_all('/<span id="following_count" class="stats_count numeric">([^>]+)<\/span>/msi',$cont,$follow); $info['follower'] = convert($follow[1][0]); preg_match_all('/<span id="follower_count" class="stats_count numeric">([^>]+)<\/span>/msi',$cont,$follower); $info['followed'] = convert($follower[1][0]);
preg_match_all('/<span id="update_count" class="stats_count numeric">([^>]+)<\/span>/msi',$cont,$updates); $info['updater'] = convert($updates[1][0]); $max = max($info); $convert = 100 / $max ; foreach($info as $k=>$f){ if($f === $max){ $type = $k; } $disp[$k] = $f * $convert; } if($type === 'updater'){ $t = ' is an '; } if($type === 'follower'){ $t = ' is a ';
} if($type === 'followed'){ $t = ' is being '; } $title = $user . $t . $type; $out = array(); foreach($info as $k=>$i){ $out[] = $k.'+('.$i.')'; } $labels = join($out,'|'); $values = join($disp,','); header('location:http://chart.apis.google.com/chart?cht=p3&chco=336699&'. 'chtt='.urlencode($title).'&chd=t:'.$values. '&chs=350x100&chl='.$labels);}
function get($url){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $feed = curl_exec($ch); curl_close($ch); return $feed;}function convert($x){ $x = str_replace(',','',$x); $x = (int)$x; return $x;}?>
What if you need to mix and match and filter data?
http://www.wait-till-i.com/2008/09/28/useful-tweets-with-pipe/
https://pipes.yahoo.com/
https://pipes.yahoo.com/
And *dum de dum de*...
http://developer.yahoo.com/yql/console/
/* Useful tweets badge by Christian Heilmann*/var tweets = function(){ var x = document.getElementById('mytweet'); if(x){ var twitterUserId = x.className.replace('user-',''); var s = document.createElement('script'); s.type = 'text/javascript'; s.src = 'http://pipes.yahoo.com/pipes/pipe.run?' + '_id=f7229d01b79e508d543fb84e8a0abb0d&_render=json' + '&id=' + twitterUserId + '&_callback=tweets.tweet'; document.getElementsByTagName('head')[0].appendChild(s); }; function tweet(data){ if(data && data.value && data.value.items){ if(typeof data.value.items.length !== 'undefined'){ var ul = document.createElement('ul'); var all = data.value.items.length; var end = all > 5 ? 5 : all; for(var i=0;i < end;i++){
var now = data.value.items[i]; var li = document.createElement('li'); var a = document.createElement('a'); a.href = now.link; a.appendChild( document.createTextNode(now.title) ); li.appendChild(a); ul.appendChild(li); } x.appendChild(ul); } } }; return{ tweet:tweet }}();
One of my favourite toys:
Using GreaseMonkey you can change any web page out
there with DOM and JavaScript.
You can for example prototype an enhancement and show it to people with a
single link.
By playing with the web you can do jobs that until now
cost a lot of money.
Say you want to help your clients find good keywords to promote their product online.
You can do some research, surf all the competitors’ sites
and note down the descriptions, keywords and
titles.
Or you can be a man and use cURL to write a script to do
that.
Or you can be a clever man and keep your eyes open and
check if there is an API for that.
http://developer.yahoo.com/search/boss/
http://boss.yahooapis.com/ysearch/web/v1/donkeys?format=xml&appid=...
http://boss.yahooapis.com/ysearch/web/v1/donkeys?format=xml&view=keyterms&appid=...
All you need to do is getting the top 20, analyzing the keyword frequency and
create a top 20.
http://developer.yahoo.net/blog/archives/2008/11/boss_keywords.html
Then you take YUI CSS grids, and spend 30 minutes playing
with colours and fonts.
This is all cool, but does it bring us anywhere?
Yes, if you get excited about the web and its opportunities
you can move things.
It takes determination!
And the outcome can be rewarding beyond anything
you ever imagined.
http://www.youtube.com/watch?v=CwsDKaalgq8&
http://www.youtube.com/watch?v=QiuT0y0KR6I
So by all means, put all your wonderful products on the
web.
Especially when they cater a very specific need.
The prime number shitting bear...
http://alpha61.com/primenumbershittingbear/
And never stop to fiddle, tweak and poke at the things people offer you on the web.
So thank you for having me here and listening.
And I hope you will have an awesome Christmas!
Christian Heilmann http://scriptingenabled.org | http://wait-till-i.com
twitter/flickr: codepo8