Link: JSESSIONID considered harmful
Thursday, April 16th, 2009Craig Condit makes a strong case against JSESSIONID in JSESSIONID considered harmful. And I just learned that it is disabled by default in Grails 1.1.
Archive for the 'Code' Category
uHOWTO: Recover stuck modified keys from VMware Player or Workstation
Thursday, January 15th, 2009If you use VMware Player or VMware workstation under Linux and you’re an alt-tab fan like me, you might end up with stuck modifier keys, so you can’t use keys like Ctrl, Alt or Shift outside of VMware. Xiao Feng has written a nice script to recover from this annoying condition without having to reboot, and I tought I’d share it with everyone out there:
#!/bin/sh
# Xiao Feng’s "Recovering from stuck modifier keys caused by VMware"
# http://bitubique.com/tutorials/recovering-from-stuck-modifier-keys
/usr/bin/xmodmap – << fixme
clear shift
add shift = Shift_L Shift_R
clear lock
add lock = Caps_Lock
clear control
add control = Control_L Control_R
clear mod1
add mod1 = Alt_L Alt_R
clear mod2
add mod2 = Num_Lock
clear mod3
clear mod4
add mod4 = Super_L Super_R
clear mod5
add mod5 = Scroll_Lock
fixme
xset r on
xset m 3.5 4
xset b off
xset s off
# Xiao Feng’s "Recovering from stuck modifier keys caused by VMware"
# http://bitubique.com/tutorials/recovering-from-stuck-modifier-keys
/usr/bin/xmodmap – << fixme
clear shift
add shift = Shift_L Shift_R
clear lock
add lock = Caps_Lock
clear control
add control = Control_L Control_R
clear mod1
add mod1 = Alt_L Alt_R
clear mod2
add mod2 = Num_Lock
clear mod3
clear mod4
add mod4 = Super_L Super_R
clear mod5
add mod5 = Scroll_Lock
fixme
xset r on
xset m 3.5 4
xset b off
xset s off
update…where id in (select…) and mySQL ERROR 1093
Tuesday, August 26th, 2008What’s wrong with this picture?
mysql> UPDATE IGNORE flight SET intl=1 WHERE id IN (SELECT f.id AS id FROM flight f LEFT JOIN airport a ON a.id=f.origin WHERE a.country<>‘mx’ FOR UPDATE);
ERROR 1093 (HY000): You can‘t specify target table ‘flight‘ for update in FROM clause
ERROR 1093 (HY000): You can‘t specify target table ‘flight‘ for update in FROM clause
This construct is invalid in mySQL
According to the manual,
You can use a subquery for assignment within an UPDATE statement because subqueries are legal in UPDATE and DELETE statements as well as in SELECT statements. However, you cannot use the same table (in this case, table t1) for both the subquery’s FROM clause and the update target.
The equivalent multi-table update does the same and works as intended:
UPDATE flight f LEFT JOIN airport a ON a.id=f.origin SET f.intl=1 WHERE a.country<>‘mx’;
Bourne Shell Server Pages
Thursday, November 22nd, 2007Easy. Portable. Buzzword-compliant. Ingenuous. Elegant. Right-out wicked cool: Bourne Shell Server Pages. As I write this I’m looking for a excuse to use this revolutionary technology in my next project!
Behold the simplicity of ASP and the power of sh:
Interface21: please take note. I expect a Spring.sh implementation before the year ends. ;-)
Whitespace Matters
Friday, August 31st, 2007Mark Jason Dominus just released SuperPython 0.91, “a Perl source filter for the SuperPython language, allowing SuperPython code to be embedded into Perl programs”.
In terms of language, it goes way beyond python itself to give proper semantics to whitespace. For instance, here is the Hello World program written in SuperPython:
#!/usr/bin/perl
use SuperPython;
use SuperPython;
Ain’t it neat? Naturally, the result is
$ ./hello.spy
Hello, world.
Hello, world.
just as would be expected.
If you want to try this program yourself you might be surprised to find out that copy+paste won’t work, but that’s a small price to pay in exchange or the benefits of the richness of syntax and expresiveness of the language, and anyway you may download the source code for hello.spy right here.
Mark is very optimist in contributing the new features of SuperPython back to python itself, and has kindly offered to work closely with the Python community to see this happen.
Congrats Mark, and keep up the good work!
Moving from MyISAM to InnoDB: bulk table conversion
Tuesday, May 1st, 2007A couple of years ago Ludovico Magnocavallo tackled the issue of bulk conversion of MySQL tables from MyISAM to InnoDB with an elegant bash snippet.
for t in $(mysql –batch –column-names=false -e “show tables” mydbname); do
mysql -e “alter table $t type=InnoDB” mydbname;
done
mysql -e “alter table $t type=InnoDB” mydbname;
done
The original post also suggests using grep to limit the scope of the conversion to just a few tables.
(It seems that now Google *does* yield practical answers to this question ;-)
md5pass
Sunday, July 2nd, 2006This snippet is a simple wrapper around Digest::MD5’s md5_base64() builds unsalted MD5 digests encoded in base64, very useful for LDAP management and LDIF file processing.
Use it as such:
$ bin/md5pass
> password
{md5}X03MO1qnZdYdgyfeuILPmQ==
Some lovely ASCII Art
Wednesday, June 28th, 2006Andrew Savige’s Bottles of Beer have been found by the Python pundits (and by some gutless Perl defectors ;-) ) and are being waved as a textbook executable-line-noise example. There’s people that can’t stand beauty when they see it.
(That code is now an image -see below- but you can always get the original source code).
Yup, it is a Perl program. Yes, it *does* run, with interesting results. There’s even a CPAN module — Acme::EyeDrops — that turns your own Perl programs into purposely unmaintainable yet beautiful works of art that can make the entire Python Party cringe in disgust. You have to admit that there’s certain merit in making grown men cry. Automatically, no less. Go and read how it’s done.
So the Obfuscated Python Contest is incredibly boring. I couldn’t care less.
Via Carlos de la Guardia/Marc Abramowitz/Chris Petrilli.
Update 20060916: Replaced the code with a graphical version because WordPress 2.0 doesn’t play well with the text hightlight plugin.
Demo for Luhn algorithm in PHP
Friday, February 24th, 2006If you have a number that adheres to the Luhn algorithm for validation, you may check it easily with this short PHP snippet.
<?php
function luhn($str) {
$odd = !strlen($str)%2;
$sum = 0;
for($i=0;$i<strlen($str);++$i) {
$n=0+$str[$i];
$odd=!$odd;
if($odd) {
$sum+=$n;
} else {
$x=2*$n;
$sum+=$x>9?$x-9:$x;
}
}
return(($sum%10)==0);
}
$num = $_GET[‘number’];
?>
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”>
<html>
<head>
<title>Online Luhn algorithm test</title>
<meta http-equiv=“Content-Type” content=“text/html; charset=ISO-8859-1″>
</head>
<body>
<?php if($num) { ?>
<?php if(luhn($num)) { ?>
<div style=“background:#ddffdd;border:1px solid #004400;”>
<?=htmlspecialchars($num)?> is valid
</div>
<?php } else { ?>
<div style=“background:#ffdddd;border:1px solid #880000;”>
<?=htmlspecialchars($num)?> is NOT valid
</div>
<?php } ?>
<?php } ?>
<form action=“luhn.php” method=“GET”>
<div>
Number: <input type=“text” name=“number” value=“<?=urlencode($num)?>” size=“40″/>
<input type=“button” name=“btSend” value=“Check”/>
</div>
</form>
</body>
function luhn($str) {
$odd = !strlen($str)%2;
$sum = 0;
for($i=0;$i<strlen($str);++$i) {
$n=0+$str[$i];
$odd=!$odd;
if($odd) {
$sum+=$n;
} else {
$x=2*$n;
$sum+=$x>9?$x-9:$x;
}
}
return(($sum%10)==0);
}
$num = $_GET[‘number’];
?>
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”>
<html>
<head>
<title>Online Luhn algorithm test</title>
<meta http-equiv=“Content-Type” content=“text/html; charset=ISO-8859-1″>
</head>
<body>
<?php if($num) { ?>
<?php if(luhn($num)) { ?>
<div style=“background:#ddffdd;border:1px solid #004400;”>
<?=htmlspecialchars($num)?> is valid
</div>
<?php } else { ?>
<div style=“background:#ffdddd;border:1px solid #880000;”>
<?=htmlspecialchars($num)?> is NOT valid
</div>
<?php } ?>
<?php } ?>
<form action=“luhn.php” method=“GET”>
<div>
Number: <input type=“text” name=“number” value=“<?=urlencode($num)?>” size=“40″/>
<input type=“button” name=“btSend” value=“Check”/>
</div>
</form>
</body>
(Download)
You may test this script at http://javier.rodriguez.org.mx/code/luhn-test.php.
Please consider that this is a demo, so please do not use this to check credit card numbers unless you send me an expiry date. CCV2 has taken over as the preferred method for credit card number validation anyway.
Find out LDAP client IPs
Monday, January 23rd, 2006ips.pl is a simple perl filter that processes SunONE Directory Server 5.2 access logs to find out the IP addresses that queries are coming from. It’s very useful to evaluate the impact for migrating LDAP infrastructures. Most comments and variable names are in spanish but the code should be clear enough to any SODS sysadmin. Or drop me a line if you absolutely need an all-english version.
#!/usr/bin/perl
# ips.pl $Revision: 1.1 $
# Analiza archivos access de Sun ONE Directory Server 5.2 para generar
# reporte de IPs de clientes y servidores
# Copyright (C) 2005 Javier Arturo Rodriguez
use strict;
my($acceso);
my $filename = shift @ARGV;
die(“Usage:\t$0 <filename>\n\tbunzip2 -c <filename.bz2> | $0 -\n“) unless $file
name;
open(FILE,“<$filename”);
while(<FILE>) {
chomp;
if($_=~m,^\[(.*?)\].*?connection from ([\d\.]+) to ([\d\.]+),) {
$acceso->{$3}->{$2}->{TS}=$1;
++$acceso->{$3}->{$2}->{CNT};
}
}
close(FILE);
foreach my $dst (sort keys %{$acceso||{}}) {
print “Acceden a traves de $dst\n“;
foreach my $src (
reverse sort { $acceso->{$dst}->{$a}->{CNT} <=> $acceso->{$dst}
->{$b}->{CNT} }
keys %{$acceso->{$dst}||{}}
) {
printf(“ %-15s (last seen on %s; %d hit%s)\n“,
$src,
$acceso->{$dst}->{$src}->{TS},
$acceso->{$dst}->{$src}->{CNT},
$acceso->{$dst}->{$src}->{CNT}==1?”:’s’,
);
}
}
# ips.pl $Revision: 1.1 $
# Analiza archivos access de Sun ONE Directory Server 5.2 para generar
# reporte de IPs de clientes y servidores
# Copyright (C) 2005 Javier Arturo Rodriguez
use strict;
my($acceso);
my $filename = shift @ARGV;
die(“Usage:\t$0 <filename>\n\tbunzip2 -c <filename.bz2> | $0 -\n“) unless $file
name;
open(FILE,“<$filename”);
while(<FILE>) {
chomp;
if($_=~m,^\[(.*?)\].*?connection from ([\d\.]+) to ([\d\.]+),) {
$acceso->{$3}->{$2}->{TS}=$1;
++$acceso->{$3}->{$2}->{CNT};
}
}
close(FILE);
foreach my $dst (sort keys %{$acceso||{}}) {
print “Acceden a traves de $dst\n“;
foreach my $src (
reverse sort { $acceso->{$dst}->{$a}->{CNT} <=> $acceso->{$dst}
->{$b}->{CNT} }
keys %{$acceso->{$dst}||{}}
) {
printf(“ %-15s (last seen on %s; %d hit%s)\n“,
$src,
$acceso->{$dst}->{$src}->{TS},
$acceso->{$dst}->{$src}->{CNT},
$acceso->{$dst}->{$src}->{CNT}==1?”:’s’,
);
}
}
(Download)
Get stock quotes into a spreadsheet
Wednesday, January 4th, 2006This code stnippet grabs a .CSV file from Yahoo! Finance with selected quotes. This is very useful to keep an eye in your portfolio from within OpenOffice.org Calc, Gnumeric, Kspread,Microsoft Excel or similar program using your very own models.
To use it edit the paths and the symbols in the script, run it periodically from cron(8) to get $DEST/quotes.csv, import the file once and reference it from your own spreadsheet.
#!/bin/sh
TMP=/home/user/tmp
DEST=/home/user/prj/mba/dinero/portafolio
wget -q -O $TMP/quotes.csv ‘http://finance.yahoo.com/d/quotes.csv?s=^MXX+^DJI+^IXIC+MXN=X+AMXL.MX+ARA.MX+BIMBOA.MX+CIEB.MX+FEMSAUBD.MX+GFBBB.MX+GMODELOC.MX+TELMEXL.MX+TLEVISACPO.M+WALMEXV.MX&f=sl1d1t1c1ohgv&e=.csv’
echo ‘”SYMBOL”,”VALUE”,”A”,”B”,”C”,”D”,”E”,”F”,”G”,”H”‘ > $DEST/quotes.csv
cat $TMP/quotes.csv >> $DEST/quotes.csv
TMP=/home/user/tmp
DEST=/home/user/prj/mba/dinero/portafolio
wget -q -O $TMP/quotes.csv ‘http://finance.yahoo.com/d/quotes.csv?s=^MXX+^DJI+^IXIC+MXN=X+AMXL.MX+ARA.MX+BIMBOA.MX+CIEB.MX+FEMSAUBD.MX+GFBBB.MX+GMODELOC.MX+TELMEXL.MX+TLEVISACPO.M+WALMEXV.MX&f=sl1d1t1c1ohgv&e=.csv’
echo ‘”SYMBOL”,”VALUE”,”A”,”B”,”C”,”D”,”E”,”F”,”G”,”H”‘ > $DEST/quotes.csv
cat $TMP/quotes.csv >> $DEST/quotes.csv
countdown
Friday, December 30th, 2005This small script is an alternative to sleep(1) that gives a visual clue to the user about the remaining seconds in the delay
(Download)
There are numerous instances where you might want your shell scripts to sleep(1) giving the user a clue about what’s going on, but just to relate to a previous example, let’s see how this can be used to throttle file leeching:
$ for i in `count 1 10 %02d`; do wget http://…./file-$i.pdf; countdown 30; done
count
Wednesday, December 28th, 2005count is a minimalist perl script in the spirit of seq(1) but with a simpler syntax. It only counts in increments of 1, but -on the other hand- it knows how to count down.
(Download)
For instance, “count 10 1 %03d” will count down from 10 to 0 padding with zeroes to three digits. “count 0 15 %x” will count in hex. If you omit the format string it will default to “%d” (decimal, no padding).
count is very useful -among other things- for file leeching:
$ for i in `count 1 10 %02d`; do wget http://…./file-$i.pdf; done
de64
Tuesday, December 27th, 2005Base64 is used to encode binary data in printable ASCII form. de64 is a trivial perl script to decode such strings:
(Download)
One application of de64 is decoding UTF8 LDAP attributes inside LDIF files. For instance, “cn:: Um9iZXJ0byBNYXJ0w61uZXo=” may be decoded with
$ de64 Um9iZXJ0byBNYXJ0w61uZXo=
Roberto Martínez
Roberto Martínez
(Look Randal! I’m using a CPAN module this time! ;-) ) Of course, all the heavy lifting is done by MIME::Base64 from CPAN.
Luhn algorithm in PHP
Monday, December 26th, 2005As I mentioned before, the Luhn algorithm is used to validate some interesting numbers, most notably GSM IMEIs and credit card numbers. Here’s another implementation I wrote, this time in PHP.
function luhn($str) {
$odd = !strlen($str)%2;
$sum = 0;
for($i=0;$i<strlen($str);++$i) {
$n=0+$str[$i];
$odd=!$odd;
if($odd) {
$sum+=$n;
} else {
$x=2*$n;
$sum+=$x>9?$x-9:$x;
}
}
return(($sum%10)==0);
}
$odd = !strlen($str)%2;
$sum = 0;
for($i=0;$i<strlen($str);++$i) {
$n=0+$str[$i];
$odd=!$odd;
if($odd) {
$sum+=$n;
} else {
$x=2*$n;
$sum+=$x>9?$x-9:$x;
}
}
return(($sum%10)==0);
}
(Download)
perlwhich
Saturday, December 24th, 2005Are you wondering where the heck does some arcane module come from? Wonder no more, perlwhich comes to the rescue:
(Download)
Next time you need to know some module’s path just run it like this:
$ perlwhich Data::Dumper
/usr/lib/perl/5.8/Data/Dumper.pm
/usr/lib/perl/5.8/Data/Dumper.pm
If a module resides in multiple locations under @INC, perlwhich will let you know as well:
$ perlwhich Salesforce
/usr/local/lib/site_perl/Salesforce.pm
/usr/local/share/perl/5.8.4/Salesforce.pm
/usr/local/lib/site_perl/Salesforce.pm
/usr/local/share/perl/5.8.4/Salesforce.pm
Luhn algorithm in Perl
Friday, December 23rd, 2005Here’s an implementation of the Luhn algorithm in perl.
(Download)
This program was designed for shell scripting, using something like
$ if ./luhn 457623486; then echo “ok”; else echo “error”; fi
ok
ok
but it should be trivial to modify it for other purposes.
I’m using this algorithm to validate GSM IMEI numbers, but the Luhn algorithm is also behind credit card numbers.
Phonetize
Wednesday, December 21st, 2005A small filter to phonetize STDIN into the NATO phonetic alphabet. It’s very useful to spell passwords over the phone.
#!/usr/bin/perl
use strict;
my %ALPHA = map {uc(substr($_,0,1))=>$_} qw( Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India Juliett Kilo Lima Mike November Oscar Papa Quebec Romeo Sierra Tango Uniform Victor Whiskey X-ray Yankee Zulu );
while(<STDIN>) {
chomp;
print $_, “\n“;
print join(‘ ‘,map {$ALPHA{uc($_)}||$_} (split(//,$_))),“\n“;
}
use strict;
my %ALPHA = map {uc(substr($_,0,1))=>$_} qw( Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India Juliett Kilo Lima Mike November Oscar Papa Quebec Romeo Sierra Tango Uniform Victor Whiskey X-ray Yankee Zulu );
while(<STDIN>) {
chomp;
print $_, “\n“;
print join(‘ ‘,map {$ALPHA{uc($_)}||$_} (split(//,$_))),“\n“;
}
Here’s the source code.
Yup, I know about Lingua::Alphabet::Phonetic::NATO but I needed a quick script without module dependencies. Yes, I haven’t been able to learn the NATO phonetic alphabet yet -unlike some geeks with too much time in their hands (you know who you are)- and yes, I know I’m lazy, but that’s why I am a perl fan anyway ;-) .
There’s more information about this alphabet atWikipedia. You migth want to donate a few bucks while you’re there.
