Sometimes you need to automate some terminal commands within your web application. I personally prefer PHP over other server side languages, and in this case its ability to run such commands are fantastinominal. There are a bunch of built in functions for securing/escaping arguments and commands, and a bunch of methods for executing shell commands. The main differences between them are the way output is returned to php. For most cases you should be fine using escapeshellarg() and shell_exec() methods - assuming you're using variables posted to your server code as arguments. You should read up on the various program execution methods over at php.net, and research all the implications and security risks involved in using them.

This post doesn't focus on their use, but instead on how to give Apache(or whatever web server you're using) root access on your server. In fact what you need to do in order to simplify your scripts is allow the Apache process to run root commands without a password. That's RIGHT, without a password. This can be exceptionally dangerous so you may want to limit this root access specifically the no-password-necessary root access only to specific programs you need to run from your scripts. Otherwise a small programming error would let malicious people take full control of your web server with ease.

The main purpose of enabling no password root access here is so you can easily run programs with a single command and not worry about being challenged for a password or having to deal with that in your server code. It's potentially more dangerous to store your root password in a public facing script than giving it no-password-root-access to a single program. A fair amount of web software and tools will have versions of their commands that can be run on a single line for this purpose.

This is for Ubuntu, but should work on most other distros with little tweaking.

First add the following line to your php script:

echo shell_exec("whoami");

This will output the user that Apache, or whatever server is running your php file, is running as on the system. Typically Apache runs as www-data, but your system may be set up differently.

Now open a terminal and ssh into your web server. Run the following command:

sudo visudo

What this does is edit the /etc/sudoers file, however using the visudo command is necessary for changes to properly take effect. Go to the bottom and add the following line to enable the Apache user to sudo without a password:

www-data ALL=NOPASSWD: ALL

The first ALL refers to hosts, the second ALL refers to programs/commands. If you only want to grant Apache sudo access to a specific program replace the second ALL with the full path to the command file. So even though you will be able to call last from your script without worrying about the path, you need to know the actual path here:

www-data ALL=NOPASSWD: /usr/bin/last

Now you should have a list of shortcuts at the bottom of the terminal, you want to "WriteOut"(ctrl+o) the file which is the same as saving it, you'll be prompted to choose the path to save to, make sure that you're saving it as /etc/sudoers, otherwise it may try save your changes as a copy.

You can now try run last from your php script by adding the following to your php script:

echo shell_exec("sudo last");

Now that it works you may want to remove the echo lines from your script, or test it with a different command since showing the world who's actually running Apache or the output of last is not something you want.

I needed a function to strip out html tags from a text input, but still let me specify allowable tags.

Instead of spending time figuring out the regular expressions needed to pull it off and becoming a better programmer, I figured why repeat work someone else has probably already done.. I mean I could be a busy man. Anyway I found this great function on Flexer.info [link]. But after trying it out I noticed that the one tag I really really wanted to be parsed out iframe wasn't. It seems because I had specified i as an allowable tag it was also accepting iframe.

So with all due respect to Andrei, below is the revised function with the security hole patched.

All I changed was near the bottom where it determines if it's an allowable tag or not the reg exp was

<\/?" + tagsToKeep[j] + "[^<>]*?>

which allowed any character to follow the allowed tag as long as it wasn't a nested tag, which included frame following i. This will also support self closing tags.

 
// strips htmltags
// @param html - string to parse
// @param tags - tags to ignore
public static function stripHtmlTags(html:String, tags:String = ""):String
{
    var tagsToBeKept:Array = new Array();
    if (tags.length > 0)
        tagsToBeKept = tags.split(new RegExp("\\s*,\\s*"));
 
    var tagsToKeep:Array = new Array();
    for (var i:int = 0; i < tagsToBeKept.length; i++)
    {
        if (tagsToBeKept[i] != null && tagsToBeKept[i] != "")
            tagsToKeep.push(tagsToBeKept[i]);
    }
 
    var toBeRemoved:Array = new Array();
    var tagRegExp:RegExp = new RegExp("<([^>\\s]+)(\\s[^>]+)*>", "g");
 
    var foundedStrings:Array = html.match(tagRegExp);
    for (i = 0; i < foundedStrings.length; i++) 
    {
        var tagFlag:Boolean = false;
        if (tagsToKeep != null) 
        {
            for (var j:int = 0; j < tagsToKeep.length; j++)
            {
                var tmpRegExp:RegExp = new RegExp("<\/?" + tagsToKeep[j] + " ?/?>", "i");
                var tmpStr:String = foundedStrings[i] as String;
                if (tmpStr.search(tmpRegExp) != -1) 
                    tagFlag = true;
            }
        }
        if (!tagFlag)
            toBeRemoved.push(foundedStrings[i]);
    }
    for (i = 0; i < toBeRemoved.length; i++) 
    {
        var tmpRE:RegExp = new RegExp("([\+\*\$\/])","g");
        var tmpRemRE:RegExp = new RegExp((toBeRemoved[i] as String).replace(tmpRE, "\\$1"),"g");
        html = html.replace(tmpRemRE, "");
    } 
    return html;
}
 
 

What happened: Europe called out Microsoft regarding internet explorer being the default browser in Windows. Europe gets what it wants and Microsoft will now show a menu when you first get a pc of several different browsers, the user will select one to install and be default.

I was just reading comments on Digg relating to the story, a group a people that are supposed to know about tech, and I couldn't be more frustrated by the complete lack of understanding even amongst those people.

The biggest problem people have with the ruling is "it's Microsoft's operating system, they should be able to make whatever browser they want default."

I would agree with that but it's a lot deeper than that. Microsoft has majority market share. Internet Explorer not only doesn't follow web standards, but the IE team seems to deliberately work to go against web standards in instances where there's no performance or technical benefit to do so - Internet Explorer is vastly inferior when it comes to performance. It's another issue entirely that they deliberately don't patch security holes because just like Facebook, identity theft and viruses infecting users' computers translates into big bucks and 3rd party businesses solidifying their position as a platform(ie: people promote the use of Windows because they know it'll make users more prone to exploitation, and so they can sell you security software to fix problems that should be stopped on the operating system level.)

Anyway back to web standards, the Internet is an open place, Internet Explorer is a political tool used by a company to force the majority of people who just use the default browser to use a shitty browser that can't handle most of the web innovations and standards (Internet Explorer 8) and that leaves users behind so that a hugely significant amount of people are still using Internet Explorer 6! It's like 10 years old for fuck sake.

Web developers and designers often have to create sometimes entirely different code and severely limit the functionality of web apps just to get it to show up marginally correct in the various Internet Explorer attrocities still in wide use for no other reason than Microsoft wants to dominate the world and aims to do it by being directly malicious toward it's users and incompatible with the rest of the web to lock it's users into a sick cycle of dependence.

The reason Europe stepped in is because it's not just the saps that by their products that are affected, it's the entire Internet. Everyone is affected by the majority of people using some variety of Internet Explorer. Easily 60%+ of a developer/designer's time goes into trying to get a website to work in IE and deciding what features to take out because of it.  Google got so frustrated they developed Chrome frame, which is an Internet Explorer plugin that renders pages for IE. They did this because Internet Explorer can't/won't keep up with the rest of the web.

It's about time someone did something, Internet explorer is so insecure to it's users, and so detrimental to the web it's difinitively malware and Microsoft should be sued for intentionally distributing it at all with their software.

http://www.paulgraham.com/gh.html

Visit the above link, a brilliant essay on productivity derived from programming.

It's strange thinking of how drastically my life has adapted to writing software over the years, especially the last year, compared to people I know who don't[read: everyone I know]. But this guy nails it. I guess there's something about programming that just moulds you into a certain behaviour set. It's like if I broke a chunk off Canada, floated it out into the middle of the Atlantic and started a civilization - leaving it for a few generations. Then mailed them an essay on small island civilizations they'd be like "Oh shit! Hey guys, someone wrote an essay about us," and you wouldn't actually have to visit the island to write about it.

What you should take from the essay is that it's all about context. The more context you can fit into your head about a given anything, the better you are at innovating. And when the technological advantage is even - meaning using a computer vs. using a typewriter, brilliance can only be judged on context.

via @AndrewWarner via news.ycombinator, via paulgraham

The future of search..

• Google Goggles
• Voice search in English, Mandarin, Japanese - more to come
• Live mobile voice translation - between every major language coming
• Location becomes first class object in mobile searches

• Desktop search gets real time results integrated as animated scrolling
• Latest(search sidebar) - all latest, including blog posts, tweets, etc.
• Updates(search sidebar) - all status updates, twitter, facebook, etc.
• Real time results focus on relevancy
• Hot topics page based on real time what's happening
• Dozens of algorithms and tech to make real time possible
• Real time partners - Facebook, Myspace, Twitter, and more.

• Google Googles will not recognize faces... yet
• Would like to partner with any source of real time information - comprehensiveness = better search results
• Plan on being/remaining platform ubiquitous.
• Google sends billions of clicks/month to news publishers
• "the web thrives on openness"

In Firefox, when you type stuff into the main url bar (the "Awesome Bar") it tries to do a Google I'm Feeling Lucky search. So if you typed in wiki it would figure out you wanted Wikipedia and take you to Wikipedia.org, it would even take you to the localized version, and when it's in doubt it shows you a standard Google result.

To get this in Chrome add a custom search engine. Use the following as the url.

http://www.google.com/search?q=%s&btnI=Im+Feeling+Lucky

If you make it the default, then any keywords you type into the url bar (the "Omni Bar") will run an I'm Feeling Lucky search. Or you can set the keyword to l. So to use the custom search you would type in l wiki.

 

Finally, just got this email:

It's finally here: Google Chrome for Mac. Available today in beta!

Hi there,

Thanks for signing up to hear from us regarding Google Chrome for Mac! We're excited to let you know that Google Chrome is now available in beta for Mac OS X.

Here are a few fun facts from us on the Google Chrome for Mac team:

73,804 lines of Mac-specific code written
29 developer builds
1,177 Mac-specific bugs fixed
12 external committers and bug editors to the Google Chrome for Mac code base, 48 external code contributors
64 Mac Minis doing continuous builds and tests
8,760 cups of soft drinks and coffee consumed
4,380 frosted mini-wheats eaten

Got taken to this page.

Where if you click on the lego image, you can see the Google Chrome Staff in lego form.. keep clicking for closeups. (not here, first go to the google chrome link one sentence above then start clicking)

Then watched the new ads(there's a bunch of them, at the end of each use the in movie menu, or click here):

 

Then read the blog post announcement here.

Where they had this video:

And also mentioned the Linux beta, and extensions.

Then I installed it and tried it out. It's fast. So I finished writing this in Chrome. Wonder how this will affect browser market share.

I've always had a problem with my ISP's DNS servers. They're slow, but they're also slow to update. I changed a few DNS settings for a domain I have the other day and could access the new settings from my phone over 3G within 5 minutes - if not instantly. Comparatively it took 3+ days for it to propogate through my ISP. Flushing DNS has no effect on this.

So I just switched to Google's DNS, it took a second to change, and it's definitely faster. Noticeably. The question is now that Google sees every website I visit, whether I go through Google.com or not, and they can easily associate my ip address with my Google account, or not, and have even more insight into my web behaviour, what's happening to my sense of privacy, and sense of self. I'm not saying I am the websites I visit, I'm saying Google is gaining an increasingly accurate representation of me, my wants and needs, in a virtual self, and using it to simulate my own decision making in the cloud whenever I do a search. They're taking a piece of my consciousness and feeding it billions of search results. They're using me to find search results for me.

If you use Google Chrome I'd imagine(I'm too lazy to look it up now) there's some TOS clause that prevented them being aware of every site you visit, but this Google DNS stuff is a service of me sending them each website I visit for the purpose of redirecting me to a given site. Also every application I use that checks for updates will now go through Google as well.

I feel as though my laptop is plugged into the Googleplex LAN. Sort of. I feel like someone should be studying how this affects my online behaviour, or how it affects the way I see Google. But, like, set up your scientific equipment in the driveway and bring your own food.

Oh yeah, and here's how to switch to Google DNS: http://code.google.com/speed/public-dns/index.html

I'm writing a Flex/AIR app that grabs stuff from a database and displays it in an mx.controls.list. Interacting with it you can switch the list mode, which changes the visibility of certain controls in the itemRenderer. There are currently 20 items in the dataProvider, about 8 are displayed at any given time. I noticed that switching modes - and by doing so waiting for validateList() to run, took incrementally larger amounts of time for each of the first 3 items that were in view. So if you scrolled down one item and switched modes it was a bit faster, and if you scrolled past the first 3 switching modes became instant as it should be.

After looking over the same possibly relevant lines of code several times, reading up in detail of how the validateList() cycle works and getting into the nitty gritty of list classes I realized the problem was on the database side. I had a column named length. At first I thought there was an issue where I'd set the column type as a floating point number and maybe actionscript was having a time converting it or dealing with it in an object - there's no actual reason why I thought this, but the performance issue was not noticeable if the floating point number was smaller than 10,000.

Fortunately after only a few hours time wasted I, the spaz writing this, realized that the length column was being interpreted in actionscript as the length(ie: number of children/values) of the object. So say length was set to 100,000, for every item in the list it would have to create and analyze 999,992 blank values - creating space in memory for each one, along with the 8 actual values pulled from the database.

Furthermore when I referenced the item.length value while technically the value pulled from the database, was really the number of children in the object. The small robots that live inside my computer and make it work must have though I was bananas.

I'd like this to be my formal application for the prestigious Leader of the Idiots, but since I'm obviously not equipped with the basic skill set to do anything(read: dressing oneself, remembering reserved names) I'll rely on some kind soul reading this to file the application for me and submit it to the proper authorities.. thanks.

Adobe is literally making it possible for me to create what I want, and cosmically in sync with where I am on the road to creating those things. I feel indebted - as I should, to the tool creators. The future will be a crazy cross platform interconnected kinda world. It's a great era to live in, and be a part of.