Today's post is about a nifty little trick that I have seen done with search text boxes on sites over the years and I decided that it had to be in my toolbox too.

What we are going for is a search box that looks like this when the page loads:

...and looks like this when the user clicks into it:

This technique seems to mostly be applied to search boxes, and I can see the benefit in that.

The post that follows is the amalgum of many VS-A's

To get this done, it is a bit of CSS to style up the inactive and active state for the text box, and a tiny bit of Javascript to tie it together.  I'm using the term active and inactive not in any technical sense, just to describe the two styles that are applied to our text box in response to the user activity.

(assuming the rest of the page is a drab #f0f0f0 in colour...)  These are the two style rules that we are using in the images above:

.inactiveSearchBox
{
    background-color: #f0f0f0;
    border: solid 1px #ffffff;
}

.activeSearchBox
{
    border: groove 1px #d9d9d9;
    background-color: #ffffff;
}

The markup for the input box is then as follows:

<input type="text" class="inactiveSearchBox" id="SearchStrng" 
   value=" Search Here"
   onFocus="this.className='activeSearchBox'; if(this.value==' Search Here')this.value='';" 
   onBlur="if(this.value=='')this.value=' Search Here';this.className='inactiveSearchBox';" />

As you can see it all happens in the onFocus and onBlur events of the textbox.  When the text box gets the focus it sets the class to be our activeSearchBox style and clears our standard text.  The onBlur event restores the default value if the user did not enter anything and sets our style back to the inactiveSearchBox style.

Glossary:

VS-A, n. View Source, followd by an "Ah!". 
See also: VS-****.

Listening to:  Former co-workers

You can do this today, like in 10 minutes...

OpenSearch is a format for describing how your site is searched, and optionally for adding Search elements to other formats like RSS. 

Auto-discovery of OpenSearch description documents is done via a link in your HTML head like so:

<link rel="search" type="application/opensearchdescription+xml" title="My Site" href="http://www.mysite.com/open-search.xml" />

The OpenSearch xml document is interpreted in the browser to add extra search providers in the integrated search function as so:

The contents of the file can be short or it can be long.  A bare bones example may be as simple as this:

<?xml version=”1.0” encoding=”UTF-8”?>
<OpenSearchDescription>
   <ShortName>My Site</ShortName>
   <Description>Search My Site</Description>
   <Url type="text/html" template="http://www.mysite.com/search.aspx?terms={searchTerms}"/>
</OpenSearchDescription>

The spec gives another simple, and one much more detailed example document.  The IE blog also goes into some detail... but in true internet fashion, View Source is the quickest path to an example

Security?

The bad news is, as of current browsers at time of writing (IE 7.0.6000.16473, Firefox 2.0.0.4) it seems controls are quite lax around what search template you can include, I had no problems setting the URL in the search template as being a completely different site!   

While it would be completely hilarious to posion someone's search bar as a prank with the following three facts...

• IE stores the search settings here: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
• FireFox stores them in the filesystem: C:\Documents and Settings\<winprofile>\Application Data\Mozilla\Firefox\Profiles\<mozprofile>\searchplugins
• (sounds like google, not work safe)

I would ultimately like some control here.  I can't see anything in Group Policy for enforcing/allowing/denying new search providers.  I'd like to add one to all PCs for my internal Sharepoint site for example.

DasBlog

Tangentally, If you are looking for the file to edit to add a new link url to a dasBlog site it is:

\dasblogce\themes\*\homeTemplate.blogtemplate

Listening To:  Sonic Youth, Daydream Nation

OK, let me lay it out for you a la the Lost secret clues...

• Frank was interviewed on CSharpZealot.com. So was I.
• Frank is going to Play!  A Video Game Symphony tonight, as am I.

Thinkaboudit people, when have you seen us both in the same room?

The similaraties (*caugh* both of them) are really just too numerious to ignore!

Yes I have better things to do but no I could not help making more LolCats - this time no Tech.Ed

 

Linkage: ICanHasCheezburger & Teh Cats

I am going to be talking the Lolcat speek for the rest of the day and that is final.

This is the second post on Group Policy for web developers.  Part 1 was about managing the local Intranet Zone for your AD network.  This post will be based on a similar scenario.  Specifically, when issuing certificates from a local Certification Authority, like Microsoft Certificate Services that ships in Windows Server 2003.

Modern browsers give you a more pretty warning system than they did last year when you view a site that do not chain back to a Trusted Root CA.  This is still an important warning and we don't want to condition people into just clicking yes every time they see it.

The first thing you will need to do (and like the last post, a certain degree of domain administrative Godness is required...) is get the CA's certificate from the CA.  Using Microsoft Certificate Services, you want to choose the option highlighted below:

This will prompt you to save the certificate file.  Do this, then delete it when you are done. 

Next we need to install the certificate into our client machines.  We will need a GPO.  You may use the one from the previous example or make a new one. Again the place in your AD to create this will vary.  For smaller sites adding at the the top level is fine, but hands off the default policy.

Navigate to Security Settings -> PK policies ->Trusted Root CA's as in the screen below:

Right-click on the Trusted Root CA's container and choose Import.  Here, browse for the cert file saved in step one and you are done!

Finally, here is some linkage to much more detail about Certificates in AD.

OK, not a big cats person, but the lolcats meme has made it to Tech.Ed.

Frank Arrigo's post seems to be the epicenter, Brian has had a go too,  Plus more linkage here.

May I offer my contribution:

(And mad props to Frostdesign blog for the wholy unauthorized boosted image)

Seems that as a programmer, I'm a DHTB

What are you? 

Some sites that you may have on your internal network, such as Virtual Server console, Sharepoint, ASP.NET sites of your own creation, and so on, can require your AD credentials to log you on.  Typically the browser will prompt you for them unless you add the site to the Local Intranet zone. 

This quickly becomes cumbersome as the number of users grows.  Everyone will have to add the URL to their Local Intranet zone manually and that spells work.

Internet Explorer

All the IE Zones, including Local Intranet, can be administered by Group Policy.  Where in your AD you create your GPO will depend on the scale of your operation, for smaller sites a GPO at the domain level is not a bad choice.  I'd caution against editing your default domain policy, consider creating a new GPO just under it.

Edit the GPO and browse to the Site To Zone Assignment List, inside the Internet Control Panel \ Security Page settings:

  

The UI will let you add IP addresses, FQDN's or http/https addresses, and which zone they will belong to.

One nice side effect of this to watch for is the users can now not change their zones via the IE settings.

FireFox

For FireFox, you are going to have to create/maintain an all.js in the %installdir%\defaults\pref\ directory.

This is just a plain text file that can contain settings in the FireFox Javascript format.  For Integrated Authentication you will need to add the following line:

pref("network.negotiate-auth.trusted-uris", "comma seperated site list");

Listening To: Kruder and Dorfmeister, the K&D Sessions, part 1

c'mon, it's still the 5th in someone's timezone ;)

With a tip of the hat to the fine people at Make, I present you with...

A solar powered Prius.  Now that is environmental.  White paper here.  Shame it still looks like a Prius.

I was just surprised to work out that I have been on Windows Vista for about a year now nbsp; I joined the club with Beta 2 which was released in May '06   I also toyed with an earlier WinHEC Longhorn release but not in any substantial way.

From day one I’ve had UAC on.

Unfortunately one of the last guys to join the compatibility club was Visual Studio 2005 with the Vista Update patch

But just tonight I found the rare case of an MSI from Microsoft that failed with a cryptic message if not run as Admin: The Composite UI Application Block.

So I've put together a little grab bag of Vista UAC links and tips that I'm calling Strategies for life with UAC:

• First and foremost, know what has changed.  I wasn’t shocked when Buzz, which despite not having a substantial update since whoknowswhen, wouldn’t run out of the box.  The Audio subsystem had a major overhaul in Vista.  AppCompat came to the rescue here.
• Launch a cmd.exe shell as an admin, then run msiexec, regedit, or whatever from there.  This way you only have to elevate once at the start of your session.
• Use Compatibility, part I.  Choose XP SP2 from the Compatibility tab of the EXE File Properties page.  Raymond Chen referred to this as a Combo Meal of AppCompat settings.  Various degrees of slight of hand he said. 
• Use Compatibility, part II. You can also launch the Compatibility wizard from the Use an older program with this version of Windows link inside the Programs group in Control Panel.  This is the same set of options as is on the Properties page, however the UI is more suited to trial and error for troublesome programs, and you have the option to submit your results to Microsoft.
• Use Compatibility, part III. I am aware that there is an application compatibility toolkit available for ISV's, but haven’t had cause to look too much further.
• Use Virtualization.  Grab VPC 2007 (freebie)  I use VPC for application and installation testing with the Undo Disks feature, but it would be just as valid to run a VPC of XP or earlier if you had some app that would only run on a specific OS.

Just a note on Virtualization, I have not been able to find an authorative souce on the question of:  If I put Vista on my PC, is it legit to use my old OEM XP CAL in a VPC.  The rumours around the web seem to settle on:  a) depends on your license agreement, but I suspect it is an edge case and they are playing that card close to their chest.

If you can find an authoritive, public link on the above question please post a comment and there will be a prize.  You know I'm good for it people!

A couple of extra resources:

• Aaron Margosis' Blog
• The Non-Admin Wiki
• The UAC blog, not current but the archives have some gold.

Listening To:  Boards of Canada, Music has the right to children