Modify it...?

If setPassword is changing the password to plain text, then hash the password before giving it to setPassword.

If you don't see anything, add it and I don't see any built in password change in their repo.
https://github.com/saintedlama/passport-local-mongoose

Its not using bcrypt, so I suggested you pull out their crypto and replace it because its more secure for user passwords.

Method to hash password:
Method to compare non hashed password with db hashed password:

https://github.com/saintedlama/passp...ongoose.js#L83

maybe your config is wrong, this method doesn't even set a password field. it sets the hash and salt field.

You guys like my call screen?

Does anyone have any good resources or suggestions for moving to Android development with some background in iOS development? I have an idea for an app, but it would require a functional iOS and Android version from day one to have any chance of being a success.

So far I'm just writing the backend in Rails and creating the iOS version of my app, but I'm getting to the point where I need to start thinking about Android. I've never owned an Android phone or tablet though, so I'm not immersed at all in that ecosystem. Compared to iOS, there's a million different phones and tablets to develop for. I'm sure optimally, I'd have a wide selection of devices to test on, but as a sole dev, I'm not going to rush out and buy a dozen devices to test on. So is it possible to get by just by buying a single device and the Android simulator/emulator, and if so, which one should I get if my goal is to target the widest possible selection of Android devices, not the latest and greatest? And does anyone know of any resources to introduce someone to Java/Android who isn't a total novice, but does have some iOS experience?

The android emulator is pretty good for testing simple stuff and the android compatibility libs make supporting older versions pretty easy. Though if you're trying to make a pixel perfect ui I could see that being kind of challenging.

Clowntable recommended the big nerd ranch book a while back and I've found that pretty solid.

I actually think android development is much better than iOS. Easier to use tooling, a more opinionated framework, and the api is just better. I frequently find myself needing to get down to the developer unfriendly lower levels in iOS to do things that on android are part of an easy high level api.

Hi, daveT!

Thanks for your interest in XYZ Corp! I'd like to set up a phone interview for our web designer position...

Does anyone have any insight on this one? If someone applies for a database position, why would you want to talk to them about web design?

Off the top of my head, two possibilities:

1. Somebody did a copy/paste/typo error related to filling out the form email template.
2. You're talking to a recruiter or someone that is happy to do lots of low probability interviews.

Sounds like it could be a combination of both possibilities.

The email is short and full of explanation points, so it is possible this was a mistaken canned response. Also, the company in question builds this kind of software.

I looked up the person online. In-house recruiter.

I wrote back saying I'd love to talk, but I didn't apply for web design because I'm terrible at it. We'll see...

Lost about 3 hours today due to JavaScript caching issue. Added a function to a js file, replaced that js file on the server and restarted the server. I get a 'the value of the property xxx is null of undefined, not a function object', I figure it is still looking at the old JavaScript file, so I do a ctrl+f5 to refresh the cache and restart the server again, then do a ctrl+f5 again, and still the same issue. After trying about a million different things and wasting an afternoon what finally fixed it was doing an f12 ---> clear browser cache. Apparently ctrl+f5 does not clear the JavaScript cache in IE9, you have to clear the cache through the developer tools.

I'm going to take a wild guess that the replacement file had an older timestamp than the original file. That will confuse the hell out of caches.

CTRL + SHIFT + DLT, whack ok on the dialog that pops up. Boom cache cleared.

better yet, set your browser to do zero caching. I'm kind of surprised everyone in tech doesn't do this.

Heck, most of the software I've had to use at work didn't work with caching turned on.

hmm I just noticed I have a github follower, creepy. Wonder if he's enjoying watching me pushing endless todo apps in different frameworks.

Well this is totally infuriating. #TabLivesMatter

https://github.com/npm/npm/issues/4718

My chrome appears to be displaying broken mobile versions of sites. Latest version 44.0.2403.125 (64-bit) anyone else know of this?

Chrome is seriously starting to suck balls, guess its time to switch.

Bobo has good things to say about opera I think. Fastest draw in the west.

https://news.ycombinator.com/item?id=9994963

On the topic of ad blockers generally and iOS 9's specifically.

I've always been fascinated with the arms race between advertisers and ad blockers. Definitely see both sides of the issue. But something is going to have to change in the very near future.

People hate ads. All of them. The alternatives typically don't work well, such as paywalls to content. So what options are left?

Will there be a future in web browsing where you pay, say, a monthly fee for the ad-free version of chrome or Firefox? Google can act like a cable provider and have certain packages, like $12/year to get ad-free news sites, $5/month for ad-free YouTube, etc.

What sort of alternatives do y'all envision? Or do you think this is really an issue that needs solving?

I imagine whoever comes up with a good alternative to modern-day ads will make quite a pretty penny.

I actually have no issue with ads in general. It's just that there are too many sites out there with abusive ads doing any or all of the following:

Autoplaying videos
Modals that only appear once you start reading
Modals where the close button doesn't appear for several seconds
Ads inserted into the page dynamically as you're reading
Full screen animations

I'm happy to have banner ads and the below the fold type, but those types listed above are too disruptive to my experience.

Banner ads are easy to block and must not get that many intentional clicks. At least, that's my assumption for the move to more aggressive ads.

Btw, the battle is not between advertisers and ad blockers but publishers/ad-networks and blockers. The publishers have the ammunition to win this easily - they can simply detect ad blocking, which is very easy, and not serve content. They don't because they rely on social media driven link-sharing to drive the pageviews and the marginal cost of delivery is so low. If all publishers got together and denied access to blockers, they'd better off, but no one wants to be the one publisher that doesn't allow blockers because you just lose pageviews without having much impact on the behavior of the users. You need a lot of momentum - once it gets to a critical threshold where it's either inconvenient to use the blocking software or the users get used to turning off the blocker for specific sites, almost every major publisher will block the blockers. Ad blockers will still remain useful for blocking ads on sites that have other ways of monetizing users (paid sites, e-commerce sites, personal blogs, etc) or low-quality sites.

Know one news site that blocks video content from playing if it detects a blocker. Not sure why sites like youtube doesn't implement such stuff.

Many ads nowadays are masked as articles, can't block those either!

Chiefsplanet.com allows you to create thread tags if you turn off ad-blockers. I think thread tags are pretty stupid. But you could see how sites could say unlock some new fun feature for non-ad-blockers only.



You can use tags to create fun situations like this:



Donger is a particularly annoying politics poster.

I'll never understand why forum software development apparently ended in 2004. Every vBulletin site looks and acts exactly the same in a crappy way. No one felt like giving this a better effort this decade? Kinda surprised.

http://try.discourse.org/ has been in development for a while.

vBulletin got very popular with some large forums. Then the company was sold and the new owners created a new version that wasn't well received so the old versions of vBulletin were still very popular. After a series of lawsuits, the old creators of vBulletin were finally able to release Xenforo which is becoming popular with some of the old webmasters, but this is 10 years later.

The bottom line I guess is that it is easy to select new software for your site when it's just starting out, but once you have 10,000 users theres a lot of momentum behind the old software and it's a difficult balance to strike between upgrading and pissing off a bunch of users to the point they don't come back.