Gadgetopia

Aestiva sent me back what seemed to be an auto-response or “the email to send when we don’t know what else to send.” I’m curious if they even followed the link to this posting.

I have been a sysadmin dealing with the nightmare of HTML/OS for a while now. The reason you are not able to view the links above is because of the session information that HTML/OS uses to direct you to a page. HTML/OS is a poorly designed concept at best, especially given the session problem. For example, start a session that invloves logging in using a password. Then visit a website on which you can view the logs. Take the referer line out of your log, and IM it to a friend, they will then be able to click it and start where you left off. Aestiva denies this cross-site-scripting vulnerability. My 2 cents about using HTML/OS: don’t.

I’ve used HTML/OS for years now and there is indeed less code involved on average. A good coder will use less code anyway, but HTML/OS reduces it even more. The cross site scripting vulnerability is no issue one you understand how environment variables work with Aestiva applications. Deep linking can be enabled from its control panel so you can get back to the page after it expires. As for sharing a URL with a friend after you have logged in with a password and having them get into your session, there is a cookie security setting in the control panel to turn that off. HTML/OS is now back at about $800 where it used to be, and there is a free version called H2O, which limits databases to 500 records. There is also an intermediate version that allows 10,000 records.. Maybe sysadmins don’t like it, but as a long time end user I recommend it wole-heartedly.

I second the recommendation. Although Aestiva (the company) is sorely lacking in some areas, the software (HTML/OS) is fantastic. It’s easy to learn to develop dynamic sites with a much lower overall cost than many other solutions. Many of the criticisms leveled are overcomeable if you learn advanced features and program properly.

PHP5 includes integrated SQLLite support. It strikes me that’s getting pretty close to the HTML/OS model of putting the language and the database together.

Have also been developing website with HTML/OS and have never had a problem with it. have gotten into a few fixes but always found a workaround. Like the way it performs and with a little creativity, you can do very much with it. My customers like it too!

I have been using H2O, the free version of HTML/OS, for a couple of projects. That cross-site vulnerability is rumoured to have been solved by posts on some security sites. But it strikes me that only 500 records are allowed? I must check that.

The sites I developed.. were developed in 15 times less effort than with PHP. Like writing an online stock management system with backend in 1 day! without overtime!

It’s really worth it. And especially useful when you have small applications to develop within tight timeframes. However the lack of direct interactivity with mySQL is the reason my company refuses to adopt it as the main development platform (since all our databases are in mySQL).

would be nice to have a more recent in-depth review as lead to this product on this site..

I just came across HTML/OS and it has everything in it that a language like PHP is missing. For years I have fought to separate design from content and struggled with template engines.

The way HTML/OS overlays HTML cuts file clutter and makes code extremely clear and easy to read.

I approach this as a designer rather than a programmer, so I start with Dreamweaver and simply note where I want the HTML/OS to go, then work at adding it later.

For menus I use Rapidweaver and again just add the HTML/OS.

My only regret is that HTML/OS is not Opensource. I think it would have millions of users rather than a few thousand.

I have been using Aestiva’s HTMLOS for the last 3 or 4 years.

Here is my review:

Pros
It is a good platform for non-programmers to get started, like myself.

Integrates with HTML very well. It is simply a case of putting tags in the place where you want the code to run.

It is very easy to use, and can produce simple to very complex database driven software applications.

I like how it integrates everything you need in one package - such as a database engine and security.

Performs very quick searches/calculations/actions.

Cons
There are practically no resources on the net - only the Knowledge base on the Aestiva site, where you can also pay for answers to your problems! you cannot simply search the net for help.

Search engine placement - when creating a shop or a site with many dynamic pages, as they are created on-the-fly, it doesn’t seem to list these pages in search engines. I could be mistaken here, but this is how I understand it.

No-one else uses it. If you want to get a job as a programmer, learn one of the industry standard languages.

Conclusion
It costs $799 (?405) per domain, which does sound a lot, but if you consider the price of setting up .NET (or similar) with a suitable database engine, the costs could be much higher.

There is also a runtime edition ($249.00) which can install products created on the development version. It is used for deploying apps to different domains.

There is a free version called H20, which is limited in database size (500 rather than unlimited), but more significantly, the user limit is tiny. If you get more than 20 people visiting your site in an hour, forget it! It is designed as an introduction to HTMLOS, to show how easy it it to use, so you will hopefully upgrade to the ‘full’ version.

I would say it is perfect for creating web based applications and database driven/content managed sites. Not recommended if all you need it for is submitting forms, due to the price tag.

I would recommend installing one version on your web server, and let all your other sites access this installation.

Hope this helps some of you guys!

(P.S. I believe the security flaw mentioned above has been resolved)

Gaz

I was working on a peer support site as a shared resource for HTML/OS developers. (http://www.htmlos.info) I use a site activity tool that captures the referral link and noticed a link from Aestiva. I clicked on the referral and to my surprise I ended up sitting in Aestiva’s HTML/OS MailBase e-mail client for the company controller. (logged in) I decided not to continue on with building the site and posted a notice on the home page that Aestiva had a serious security risk (showing the actual screen capture of the message in MailBase). The president of the company, David Silverberg linked to the message I posted from his MailBase e-mail client exposing all his e-mail as well.

There is way to help prevent this from happening using cookie security (turned off by default in HTML/OS) but it seems the company that created the language and all it’s applications have ignored this issue and have exposed themselves and their customers to outside access of sensitive information.

To date there has been no comment from Aestiva about the security breach or warning their customers of the issue.

There has been a report that cookie security doesn’t work if SSL is enabled in the new Array (HTML/OS 4.15) version. This means that there is no solution to session hijacking if using SSL with your application. (like a shopping cart for example)

Stay tuned for the latest developments (or lack of) using HTML/OS as a server scripting language.

Other Aestiva news
Over the holiday, Aestiva disabled access to their knowledge base and customer login section of their site for non-current customers. The knowledge base has been the only real source of information as the user guide is so poorly done. (been this way for years) It almost looks as if Aestiva is making it as difficult as possible to use their scripting language which may signal a shift in Aestiva’s direction to being an applications provider rather then a language vendor.

If you use HTML/OS and these issues have you concerned, then send a e-mail to David Silverberg, president of Aestiva.

I love HTML/OS. I have minimum programming skills, but have no problem developing large comprehensive solutions in it. I read David Silverberg’s book “Advanced Websites Made Easy”. It comes with a free trial to HTML/OS, and it makes it easy to get started with your project. Both the book and Aestiva will give you tons of little scripts to get around about any obstacle. It’s really a fantastic product. And I’ve found that, although the book only gives you a free 2-month trial, if you email Aestiva asking for an extension, they’ll extend your trial to at least 6 months. So… program away, and buy after you’re certain. Oh, the other thing is; after buying HTML/OS, you get to ask nearly unlimited questions to their Help Desk for 90 days. So… ask away. I intend on using HTML/OS for all my projects in the future. If you’re a non-programmer who wants to program cool stuff, don’t listen to the critics. It’s a solid and flexible program.