Code Snippets – Page 2

Securing Web Applications – Best Practices

Finding your web site hacked and defaced one fine moring would be a nightmare for any web application developer. For securing from the same there are some recommendations. Through out the past years, we have summarized our strategy on the expectation that this would help others to build applications that are difficult to penetrate. Mostly the content of the article would be refering to PHP scripting language, and most others should not be any different.

Continue reading “Securing Web Applications – Best Practices”

Just activated bz2url with WP to Twitter

We just activated our url compressor WP to Twitter. Trying to enable the WP to Twitter to work with the bz2 compressor. In fact this is a test post for the same. The WP to Twitter is simply superb, thankyou Doleson.
Continue reading “Just activated bz2url with WP to Twitter”

bz2url – a very simple url compressor for wordpress

Its been over a year since we started bz2.in url compression for inhouse projects at Saturn and is being in use for Asianet India and this blog. Recently for a new project we absolutely needed an integrated url shortner, which finally gave shape to the initial version.
Continue reading “bz2url – a very simple url compressor for wordpress”

Class DumpIO – Inspired by Apache mod_dumpio but reluctant to restart webserver

Though there are far and wide systems for live debugging, and the sort, for forensic or load analysis, our php-extjs framework did not have anything pre planned, other than some query loggers, and background processing systems to log into db etc. While recently the Master MySQL server started showing variations in the cacti patterns (normal was about 4 to 20 in working window, but was steady between 35 and 40 in the tantrum period), we started to worry and could not identify the situation. Also restarting all application servers and clearing the session store would immediately drop the MySQL fsync graph to a standard pattern. This is the time when I looked for a input logger for Apache, and found about the dumpio, but needed the webserver to be restarted. Actually the time was ripe that the application was in a tantrum, and the MySQL graphs showing about 35 fsyncs average.

Revisiting Importance of event logging in server side scripting and other articles on the net, the out come was a class with a single static method. This was designed to pick and log any input. This was later moved as the lite version, and a full version capable of capturing the output also was built.
Continue reading “Class DumpIO – Inspired by Apache mod_dumpio but reluctant to restart webserver”

Linux CPU usage and montioring using shell memcache and jquery

Recently in a project where the application was deployed across multiple servers, the Client QA as well as Support Team wanted a better monitoring of all the servers in the production. It was too much to provide everybody with shell access and ask them to monitor using top. Well after a lot of digging through the wonderful search index of Google. And with insights from Paul Colby vide his article Calculating CPU Usage from /proc/stat, and various comments of Memcache usage through telnet along with the /dev/tcp socket connections it was just a matter of using some nifty shell processing before I could store each machine cpu values, loadavg, and running tasks as a json encoded string into memcache on one of the hosts with hostname as the key.
Continue reading “Linux CPU usage and montioring using shell memcache and jquery”

PHP Sessions in Memcache – Locking Issues

Actually it is ages since I sat down to scribble something. Well this one could not be avoided. Hence here it is.

In one of our FTE projects, we had faced a complication that Memcached on one node was using 100% cpu and php-cgi was complainging that the same node was not permitting any more memcached connections. The configuration was as what all says, session.save_handler = memcache, session.save_path = “tcp://:11211,tcp://:11211,tcp://:11211″. It was giving jitters to the night support, that this used to happen at the worse time when most of the clients are using the application. And eventually that memcached needed to be restarted, kicking all users out and every one has to login back from the login page. Now during the past weeks it was so horrible that we marked a portion of the ramdisk from one least loaded nodes and used nfs to export this to all the nodes for a file based sessions store.
Continue reading “PHP Sessions in Memcache – Locking Issues”

php memcache simulate using file system

Recently we were facing some difficulties, where we had facilitate implementing a copy of an application on a development environment with our client. The most difficult part was that though we could coax php to load libraries, we could not install any system services. We were supposed to install only a web application to a pre-configured virtual host. Since we had enjoyed the facility of having Memcache at our own development environment, some core part of the application which was required only when users are logged in, was using the Memcache. Also our database abstraction layer was heavily depending on the memcache library. We immediately identified that the requirements were not met and specified that the environment was not as we required. But the support people were so adamant that they insisted us to proceed by commenting out all references to the class. Well I can also be tough.
Continue reading “php memcache simulate using file system”

url shortening script using MariaFramework

Just as a proof of concept, we had tried to port or even rework the whole of asianetindia.com using MariaFramework. The task of migrating the wordpress admin side, being herculian, this was delayed in pushing to production and it is still in poc stage. Now to nail down the fact that MariaFramework is production ready, we need to show off some generic applications. Here comes one, though the commenting in the main application is poor, I hope one can implement this and get running with out much headache.

Download the full script Download

Submit all your comments and views as posts to MariaFramework

Compressing php source files for embedded applications

Compressing php code is not been a tough task, and this is not for the purpose of obfuscating or encoding to make closed source distribution. But to create compact files which can be distributed by pasting into inline text, or into email without the need for attaching. The size will be drastically reduced. Actually at Saturn we did this to help us achieve to load a whole application on to a very space constrained flash disk. We were the least bothered about the process cycles taken to evaluate the php files since they will happen only once in a blue moon when the embedded system restarts. I am pretty sure that for closing source, there are other solutions.
Continue reading “Compressing php source files for embedded applications”

php smtp email direct to mail box delivery

For sending status mails, with varying from addresses, for several of our projects at Saturn, we were using the phpmailer which uses our smtp server with authentication. Well our smtp host had a limitation of 250 emails per day. When our requirements grew out of this limit, mails started to pile up. Sure I could install exim4 or sendmail on my boxes, and that is what I did for immediate resolution. But here comes a new requirement, that the mails sent should be marked as such, and those which failed should be marked with the exact response of the receiving end mailserver.

At this point I thought about an SMTP direct to mail box Delivery system. My favorite language being PHP, and primary library being Google, I tried all possible ways, according to me, and they were not the right ones as I came to know later. All these did not get me in the right direction. And finally thought about writing one. Here too, being lazy, wanted to have the code from some ones work to ignite me. Okay I found the phpbb’s smtp.php referred on the net, and the function smtpmail from the same was the right choice.
Continue reading “php smtp email direct to mail box delivery”