By default, the root account is disabled in OS X. If you are a developer new to the platform, you will be needing to access many things that are available only with root access. This tutorial walks you through the process of enabling the root account in Snow Leopard (OS X 10.6).

NOTE: This guide is specific to enabling root access on Snow Leopard, (10.6). To learn how to enable root access on Tiger (10.4), follow these instructions instead. To learn how to enable root access in Leopard (10.5), follow these instructions.

Enabling Root in Snow Leopard 10.6:

1. Choose Apple menu > System Preferences and click Accounts
2. Click Login Options
3. Click either Edit or Join in the Network Account Server section
4. Click Open Directory Utility
5. Click the lock icon to unlock it, and then enter your administrator name and password
6. Choose Edit > Enable Root User, and then enter a root password in the Password and Verify fields

Now, you are set to access protected areas of the system via the terminal.

If you have any dynamic sites that can display the same information through a variety of URLs (e.g. “somepage.php?category=cats&story=123″ vs. “somepage.php?story=123&category=cats”), Google has provided a way for you to avoid the duplicate content issue by providing a “preferred link.”

Basically, you add a special link tag to the head of your page:

When Google finds duplicate content, it will transfer the page ranks and index data to your preferred link.

Clap your hands and say yeah. You’re done.

Head on over to the Google Webmasters Central Blog for details on this tip.

Recommended reading:

This article provides a solid overview of the relatively new vector for attack that hijacks your open redirect URLs.

Official Google Webmaster Central Blog: Open redirect URLs: Is your site being abused?

No one wants malware or spammy URLs inserted onto their domain, which is why we all try to follow good security practices. But what if there were a way for spammers to take advantage of your site, without ever setting a virtual foot in your server?

There is, by abusing open redirect URLs.

(via @goatlady’s tweet:) For the next 14 days, one of SitePoint’s most popular books, “The Art & Science Of CSS,” is available to download for FREE.

The promotion is designed to get you to follow SitePoint on Twitter, but you can enter your favorite spam catching email address to get the download for free, too.

Click here: Twitaway Free Offer

[NOTE:] In fact, at the moment, the email signup is the only way to get the download link. Twitter spanked SitePoint for sending too many DMs with links, so following them won’t do you any good at this point (unless you just want good karma points).

The venerable and invaluable rent a car bulgariaphpMyAdmin has turned 3.0! Cosmetically, the tool looks pretty similar to 2.x, although some refinements have been made.

Under the hood, phpMyAdmin now requires PHP 5.2+ and MySQL 5.0+. A new range of features are largely esoteric (IMHO) and are enumerated here.

Download phpMyAdmin 3.x from the phpMyAdmin Project home page.

Google have announced the release of a free, open source browser called Chrome.

The good news is that it’s based on Webkit, so, in theory, this means that support will come easily for Web Developers.

Rather than regurgitate the details of Google’s announcement here, head on over and read it for yourself. I, for one, am intrigued.

Link: Google’s Chrome Browser Announcement

The Dreamweaver team has been hard at work since the launch of CS3 to bring you…drum roll please…CS4!

That’s right! A bright and shiny new version is available as a public beta. Also available are the Bridge CS4, Fireworks CS4, and Soundbooth betas.

The biggest changes are in the interface. The OWL interface that you’ve come to know and love in Photoshop are now in Dreamweaver, as are a host of other refinements and improvements. My favorite UI enhancements by far are the Vertical Split View and Split Code View–the combination of which finally lets you work on the header and body of a document at the same time the way God intended. After all, why would she give us wide-screen monitors if she didn’t want us to see two pages side by side?

Also notable in the new Dreamweaver CS4 are the following:

• Javascript Extractor – provides an easy to make your JavaScript unobtrusive by externalizing it and tying it to watcher events. This is very cool. (Note: Read all about Unobtrusive JavaScript in this post.)
• Integrated Subversion Client – ties an SVN client into the site functionality.
• Related Documents – provides instant access to any file that is immediately linked from the document you’re working in
• New Spry Validation & Widgets – new and improved are the Spry validation widgets for passwords and radio groups, along with integrated support for the latest version of Spry.

Click the links below to get your copy hot off the digital presses:

• The Adobe Labs Dreanweaver Beta home

Please direct any feedback, bug reports, and feature requests to the Dreamweaver Public Beta Forums.

Here’s a scenario: your client is hosted on a shared or dedicated server and is running their domain’s email through Postfix and Spam Assassin or, worse, the built-in email provided by the host. Your client complains constantly about the amount of spam that they get even though you put all that gee-whiz email address obfuscation code on their site.

What’s a neck-bearded web developer to do? Well, did you know you can run your domain’s email through Gmail for free? That’s free as in beer, kids.

Currently this service is buried under “Google Apps” found via an obscure link in the footer of your Gmail login page titled, “Google for Organizations.”

The free edition offers just about everything you’d need: IMAP (!), calendar, docs, and chat. The paid edition offers 25 gb (up from 6+ gb) and support for third party apps, 24/7 assistance, etc. A feature comparison chart can be found here.

Setting up my domain was pretty simple.

1. office furniture in BulgariaI signed up for the service
2. I validated ownership of my domain
3. I updated my MX records for my domain to point to Google’s servers
4. I set up my users
5. I turned on IMAP for my account just as I would normally through Gmail
6. I configured my Gmail filters (being sure to turn off my client-side rules)
7. I sat back and witnessed a spam-free inbox for the first time in ages.

An optional step that Google recommends is to update your SPF records to help prevent outgoing spam. To do this, I had my host (the most excellent A2 Hosting, fwiw) update my SPF record to the following:

v=spf1 include:aspmx.googlemail.com ~all

[UPDATE]
If you are currently using Postfix, you will need to ensure that it is not circumventing the MX records on your server because it is set to handle the email for certain domains under your control. To do this, open a shell and type the following as root:

nano /etc/postfix/mydomains

Delete any domains that conflict with Google’s mail service.
Next, type:

/usr/sbin/postmap /etc/postfix/mydomains

This rebuilds your postfix database. To verify the fix, type:

cd /etc/postfix
ls -lrt

Make sure mydomains.db has a later timestamp than mydomains.

That’s it. In all, it took about two hours to set up and get everything humming.

Now, Gmail takes some getting used to. For one, you have to get used to their use of labels instead of folders. This renders your main inbox as a sort of dumping ground for every piece of email–both incoming and outgoing–when you’re using a email client via IMAP. This notion of conversations makes a lot more sense when you’re using the web interface for Gmail, or if your email client supports a View by Thread mode.

But the benefit to Gmail is that they have somehow managed to trap 100% of my spam, whereas SpamAssassin was batting about 50-70% on a good day. If you’re using an iPhone or WAP enabled phone, you’re in luck, too, as Gmails mobile platform is extraordinary.

Check it out. This may not be right for every situation, but it’s saved my, uh, bacon. Oh, I slay myself…

Update: As of Mar. 21, 2008, Google has rolled out a fix to this problem. If you see the “Older Version” hyperlink in the upper-right corner of your Gmail window, you are using v2 of the Gmail app and should no longer experience the Shift Key problem on Safari 3.1.

Safari 3.1 and Gmail do not appear to be working and playing well together. This widely reported problem [link 1, link 2, link 3] seems to have reared its ugly head with the release of Safari 3.1 on Tuesday, and affects users who are using either v1 of Gmail or the version of Gmail that is hosted with Google Apps (when you host your domain on Google Apps [read my previous post on this useful and free-as-in-beer service]).

If you are one of The Affected, you probably have a nice dent in your desk where you’ve been banging your forehead repeatedly. Specifically, the symptom is that hitting a modifier key like Shift, Cmd, Option, etc. will jump you to the “to” field or will otherwise try to activate some keyboard shortcut even if keyboard shortcuts are disabled. This bug is enough to drive any normal human being to murder.

The Work-Around

If you’re on the standard version of Gmail, ensure that you have the “newer version” selected. This is a hyperlink that appears in the upper-right corner of your Gmail screen. If you see the link “older version,” you’re theoretically are good to go.

If you’re using the version of Gmail hosted by Google apps, the only published work-around I’ve come across is provided by the Gmail team itself: switch to plain-text formatting; the problem is specific to rich-text editing.

Of course, you can always type like ee cummings and avoid the use of capitals or punctuation. Oh, and the obvious solution is to slum it over in Firefox for the interim.

Safari 3.1 has been released for both the Mac and the Windows. The update is available via the automatic Software Update on the Mac, or via a manual update on Windows. Of course, you can download a fresh clean install here.

Included in the update is a new Develop menu which contains various web development features, allows access to the web inspector and the network time line, allows CSS editing in the web inspector, and allows user agent spoofing.

On the standards side, Safari 3.1 adds support for CSS 3 web fonts, CSS transforms and transitions, HTML 5 <video> and <audio> elements, offline storage for Web applications in SQL databases, SVG images in <img> elements and CSS images, and SVG advanced text. (Ironically, none of these things are standards yet, but whatever.)

The full release notes can be read here.

Since the launch of Leopard and Safari 3, I’ve been using Safari as my primary development browser. The only thing I miss from firefox is the ability to view the source code on selected text. Other than that, Safari 3 with the debug menu enabled has been the best browser for development on the market, hands-down. With 3.1’s update, this will only improve.