I started getting some spam comments on my blog a couple of weeks ago, at a steady increasing rate, which was getting very annoying. Fortunately, I found a very simple way to add captcha validation to the add comments form. Unfortunately, Glen's solution involved patching the original pebble source and redeploying pebble. There is a better way, as I commented on his blog, which is to modify the  addComment property inside the WEB-INF/classes/action.properties file to point to a new class where you add the captcha functionality. The main advantage of doing this is that you don't need to redeploy pebble, as you are only adding a new library.

To make things even simpler, I'm making the 'plugin' (which is only the new class) available for download. You only need to put this jar in the WEB-INF/lib folder of your pebble deployment, and modify the above property to look like this:

addComment=org.javageek.pebble.controller.action.AddCommentAction

Then restart pebble, and enjoy a spam-free blog, at least until the damn spammers figure out how to deal with captchas.

UPDATE: I forgot to mention that you also need to modify common/jsp/commentsForm.jspf to add the captcha validation:

<tr>
   <td valign="top"><b>Math Quiz
     <% java.util.Random rnd = new java.util.Random(); %>
       <c:set var="captcha1" scope="session">
         <%= rnd.nextInt(10) + 1 %>
       </c:set>
       <c:set var="captcha2" scope="session">
         <%= rnd.nextInt(10) + 1 %>
       </c:set>
       <c:out value="${captcha1}"/> + <c:out value="${captcha2}"/> =
       </b>
   </td>
   <td><input type="text" name="captcha" size="2"/> (Helps stop blog spam)</td>
</tr>

I love food. In general. I can enjoy a good Prime Rib as much as I can enjoy a BigMac (well, maybe not as much, but you get the idea). I try to eat new things whenever I have the chance. Since I was a kid, my parents taught me that there are so many different types of food out there, and each one carries its own distinct flavors and aromas (I first ate caviar when I was 5 or 6, although I think it wasn't the expensive variety).

One type of food that I really like is Sushi. It's funny how different Sushi is prepared in different countries. I've haven't been to Japan, but I'm sure Sushi is prepared in a different way than in the United States. Where I live (Monterrey, Mexico), "Sushi" usually means buying a Roll (Makisushi), and there are few places where they serve the traditional one (Nigirisushi). I think there's a "real" Japanese sushi bar around, but I haven't been there. And when I travel, sometimes it's difficult to find a good place.

If you also like Japanese food, and want to really immerse in the experience of eating Sushi "the Japanese way", a friend of mine has put together a very good reference on how to eat sushi (which has gotten a lot of attention lately). It explains the different kinds of sushi you can order, how to order them and how to behave yourself.

Yes, I'm hungry and thinking about food right now. So sue me.

I just finished a 4-day training course entitled Optimizing Oracle SQL, imparted by Karen Morton from Hotsos. I must say I was really impressed with the course, as it gives you a very detailed account of how Oracle works, thus enabling you to analyze what's going on with your queries and, if needed, rewrite them (or even your database schema, if possible) to take maximum advantage of Oracle.

Being mostly a Java developer, one tends to view sql queries as simply a means to get data out and into the database. And this is logical, in a sense, since you can't possibly learn about all the different technologies there are. You try to at least be aware of how your sql statement will work, but your focus is in the other layers.

I, for instance, sometimes use sub-queries to get complex results from multiple tables. Now, this isn't bad per-se, but the real interesting part is that you don't really know (or care) what Oracle is really doing to your query and the sub-queries involved. You see (in case you weren't aware), Oracle has an optimization engine that processes every query you send to it, and then tries to determine which path is the best one to fulfill your query (should I use an index, should I load the whole table, should I loop over the results, should I do a join, etc). And that sometimes means rewriting your query internally, so that for example, instead of the sub-queries you have on your query, Oracle uses table joins. And all of this is being done "under the covers". I'm sure some developers aren't aware this is happening, or if they are, they trust that Oracle will do what's best. The problem is that this isn't sometimes the case.

So, the course really goes into explaining how Oracle does this, and most important, how you can see what Oracle is doing so you can verify that what Oracle is doing is really what you want it to do. The course also lets you watch your query to see what resources are being used, so that you understand why your query takes so long to run, or why adding rows can affect the performance drastically, or why some indexes might be better than other.

The course also talks about what different combinations to the database structure, table configurations, database parameters, etc. can affect the overall performance, and how you can analyze the information Oracle gives you so that you can change your database (and your queries) to improve performance and/or stability.

Now, some of the topics from the course seemed more geared towards a Database Administrator (mainly because only a DBA would have permissions to do that), but they're also important to a developer to know, so he can figure out why his/her queries are not behaving as expected.

I would recommend to any developer (and of course, any DBA) that works with Oracle databases to attend this course, as it really changes the way you view your queries, and how Oracle works.

My birthday is coming in less than one month, so I started thinking, what would be the ideal gift for geek guy like I? (There's already a special present coming my way, but that will take a little more time).

So, without further ado, here's the list of what I would consider the perfect birthday present for a Geek Guy, sorted in order of importance:

• MacBook Pro. The McBook (supersized) is, in my very humble opinion, the perfect laptop for a Java developer. It looks like it's fast, it has a reliable OS, has great Java support, and it comes with all the features that a developer wants/needs, like the MagSafe connector, or the integrated webcam for those remote meetings.
• iPod. OK, I give up. A year ago I was unsure if I wanted an iPod, and I ended up buying a Sony Minidisc player. At the time it looked like the best option, but after using it for a year, I really think the iPod would've been better. I chose the minidisc player because a) it had FM, b) it ran on AA batteries (which meant I could grab the minidisc, a dozen of batteries and be away from a power source for weeks) and c) I could use different discs for different type of music and switch easily (plus, I had 'unlimited' storage). Well, after a year of use, I hardly ever listen to FM, I'm always near a power source and having to convert my mp3 collection to Sony's propietary format is slow and painful. And the new iPods with video look great.
• PSP. For those long trips, there's nothing better than having a Playstation to make the hours go away. Do I need to say more?
  
• Palm LifeDrive. Would you believe I still use my Palm VX as my main PDA? I want a PDA that has wifi, so I can do a quick web search wherever I am (among all the other things I do with a PDA).
  

So there you have it. These are in my opinion the perfect gifts you could give to a geek like I.
 
Thinking about the presents also got me thinking, though... When gmail was the craze, many people (including myself) got an account by 'asking nicely' (begging) on their blogs about one. Could this work for something that required the reader to give money? It would be a nice experiment to have. Since I can't think of a clever idea like the guy who sold a million pixels on his homepage for $1 each, I have come up with the very lame alternative Buy a Birthday Present for a Geek fund.

There are several (easy ways) you can donate. You can, of course, use the link to the right to donate to my paypal account.

UPDATE: I have been politely asked by Google to remove my 'encouragement' to click on ads, even though I added a Disclaimer that it was a joke. I guess Google doesn't have a sense of humor. And no, I didn't see any difference in my google adsense stats, so I guess you people are smarter than Google (or at least understand what a joke is).

Why would you donate money to a complete stranger who wants some geek toys? I have absolutely no idea. But, as they say, it never hurts to ask.

Some time ago, I dediced to ditch Windows because I got a weird experience with it (unfortunately, I haven't imported my old postings yet). Basically, I left my laptop on during one night and when I looked at it the next day, the machine had cleanly rebooted after installing a patch from Microsoft. I didn't like that Microsoft had so much power over my laptop, so I switched to Linux.

I didn't got any denial/confirmation from other people, though, about what really happened to my laptop... until now. It appears Microsoft does have the power to enter your machine, install any software they like and reboot it, even though you told the Operating System not to do it.

I really think that with the MacBook Pro coming out, firefox users raising and all the problems malware is causing for Windows, 2006 will be the year Microsoft loses its monopoly. That's my out-of-the-hat prediction for 2006.

How much do you (or your business) rely on external applications to go about your everyday business? When something goes wrong, who do you blame, how do you get it fixed and what amount of leverage do you have to get your issues resolved?

It seems that one of the proposals for the new Web 2.0 standards is to rely more on third-party online services, like Gmail, flickr, del.icio.us, wikipedia, etc. But, since most of these services are offered for free (with advertising the main revenue), you are given no assurances as to the quality and uptime of the service. And while I think most of the services strive for 99.99% uptime, accidents do happen.

I think one of the main problems that we will face if/when web 2.0 is achieved is to make sure that the services we will be using are there to stay; but how do we do that if they're basically services offered by a single company? One way would be to encourage companies offering similar services to come up with a standard API so that the information can easily flow between them, and you can switch from one company to the other as needed. This is a benefit for the consumer, as it makes the uptime of a service a high priority, since any downtime could cause companies to lose its user share. But is this something we will ever see? One can only hope.