January 10, 2010 at 5:59 pm · Filed under Programming
Today I wrote a class to iterate words in a string. One challenge was finding my way backwards in a string. Specifically, given a starting position inside the string, I wanted to find the previous “word” and return it. However, since this needs to work localized (not just a-z), and the definition of a “word” is configurable, it was no simple matter of looking back for the previous space character.
So here is what I came up with; a method that finds the next or previous word given a starting position in the string:
/**
* Abstracted method for finding the next/prev word. This method assumes that
* $pos is greater than zero and less than the length of $text (check before calling)
*
* @param string $text the string of text to find next/prev word in
* @param int $pos the position of first character in current word
* @param string $wordPattern the regex definition of a word without any matching parens
* @param string $reverse looks backward instead of forward (finds last word in string)
* @return mixed false if no more words or array( "the word matched with junk", "the word only")
*/
private static function nextWordMatch($text, $pos, $wordPattern, $reverse = false) {
// we get the substring of text, starting at the current position
if( $reverse ) {
// in this case, we look at everything before $pos; we reverse it so that
// we can run a simple regex on it rather than trying to deal with craziness
// of looking backwards in string
$text = substr($text, 0, $pos-1);
}
else {
// in this case, we look at everything after $pos
$text = substr($text, $pos);
}
// we escape the preg character just in case
// we add in two sets of match parens, one for the word and one for the whole match
// when looking backwards, we need to look from the end rather than the start
$wordPattern = str_replace('@', '\\@', $wordPattern);
$pattern = "(({$wordPattern})".self::NON_WORD_CHARS.")";
if( $reverse ) { $pattern = "@{$pattern}\$@"; }
else { $pattern = "@^{$pattern}@"; }
// perform the match now and figure out what to do with it
preg_match($pattern, $text, $matches);
if( count($matches) < 3 ) { // remember that the first match is the raw text, so we add one
// we didn't find any words, so return false
return false;
}
// strip off the raw text, leaving our two matches
return array_slice($matches, 1);
} |
Here is the default value for $wordPattern and the constant NON_WORD_CHARS used in the example:
private $wordPattern = '\b[\w]+(?:[-\']\w+)*\b';
const NON_WORD_CHARS = '\W*'; |
August 20, 2009 at 9:11 am · Filed under Programming
It takes a bit of surfing, but you can find some really nice graphics on this site at a fraction of the usual cost: http://graphicriver.net/category/graphics/backgrounds/nature
August 20, 2009 at 9:09 am · Filed under Programming
This compilation is awesome, covering things like fluid horizontal and vertical layouts, sprites, and many other excellent techniques for CSS: http://www.smashingmagazine.com/2009/07/20/50-new-css-techniques-for-your-next-web-design/
July 31, 2009 at 8:56 am · Filed under Programming, Tools
Mindomo is a great, free product for mind mapping. You can utilize it online for free to create some great looking and functional maps.
There is also a pro version at the great price of $6/month, which provides a desktop version, allowing you to store the files locally and organize with folders and sharing capabilities.
With the upcoming addition of collaboraiton, and there continual efforts to improve the product, it’s quickly becoming a great brainstorming and outlining tool.
September 8, 2008 at 2:02 pm · Filed under Programming
I wanted to validate my xhtml code for the new site design, and ran into the following fun errors from w3c:
Line 25, Column 15: there is no attribute "src".
Line 26, Column 18: there is no attribute "wmode".
Line 27, Column 17: there is no attribute "type".
Line 28, Column 18: there is no attribute "width".
Line 28, Column 31: there is no attribute "height".
Line 28, Column 38: element "embed" undefined.
Read the rest of this entry »
August 6, 2008 at 3:02 am · Filed under Programming
I wanted to drop all mysql tables from a db that had a certain prefix, such as xx_.
Well this turned out to be an adventure…
The First Attempt
The first solution I found was to use sed/grep sort of logic:
#mysqlshow -u username -p dbname xx\\_% |sed 's/[|+-]//g'|sed 's/[ ]*$/,/'>droptables.sql |
(xx\\_% is how you tell it to show tables starting with xx_)
This produced a semi-useful list. But I had to manually edit out the extra commas and line feeds to get a pure list, then add “DROP TABLE ” to the beginning of the list. Then feed this into mysql as follows:
#mysql -u username -p dbname < droptables.sql |
I wasn’t real happy with that answer, naturally, so I researched more…
A Better Solution
I came across an alternative in this command:
mysqldump -u username -p --add-drop-table --no-data dbname | grep "^DROP.*\`xx_" | mysql -u username -p dbname |
(replace xx_ with the prefix you want to remove, to do all tables, try just “grep ^DROP”
You can test it first by cutting off the last “| mysql…” bit and see the output, which is useful for debugging, before you go blowing away your tables.
December 19, 2007 at 1:48 am · Filed under Programming
I’ve had the pleasure of converting to Outlook for my work…
I can forgive the functionality issues, but the stupid, dumb, Nazi usability constraints that M$ enforces… oh my. Like, for instance, I can’t sort my mail by flags (called Follow Ups, another great choice for obscurity) or by read/unread. The columns are there, but clicking on them produces an alert saying it’s “not allowed”. Why? Because I might hurt myself if I did?
And I can’t subscribe to an ICS calendar in outlook? Are they just not part of the internet or what? It’s not like they don’t understand, because I can “import” one, but then it just becomes part of my calendar and never again gets updated; more Embrace and Exterminate nazi-ism.
*sigh*, with how hard they try to fail, it’s impossible to understand why the world won’t accomodate.
November 22, 2007 at 2:14 am · Filed under Programming
I’m setting up a new hosting server for several clients. I purchased a download of Virtualmin Pro and checked it out as a total management solution. Although it supports Ubuntu Edgy (6.06.1), it does not support 7.1.
So I did what any good programmer would do… I tried it anyways. It failed. So I fixed the bug and tried it again. That one failed. So I went to the forums and got another suggestion and tried that one. It failed, burned down, fell over and sank into the swamp. So Installed 6.06.1 and the FOURTH ONE STAYED.
So don’t try virtualmin with 7.1, unless you’re glutton for punishment too…
November 22, 2007 at 2:08 am · Filed under Programming
Tried to burn an ISO image in Feisty… although the CD-ROM drive is detected and it recognizes when I put a CD in, it won’t run. It shows a message like the following:
Please insert a rewritable or blank CD.
I hit the forums and found this very relevant discussion.[/url] Apparently the forums hit the forums… because their solution pointed to [url=http://www.xcdroast.org]www.xcdroast.org, who had this to say:
Linux Kernel 2.6.8 broke CD-Writing:
I had several reports that the last 2.6.x kernel broke CD-Writing using the ATAPI driver. Don’t update if you want to continue to use X-CD-Roast, or switch back to SCSI-emulation.
Update: When started from a root shell burning still works, but non-root mode is disabled by this kernel.
So the solution is to run the programs as root. I was able to burn my cd using:
root@Tiki:~# cdrecord dev=/dev/cdrw1 driveropts=burnfree -v -data /home/kato/Desktop/tmp/ubuntu-6.06.1-server-i386.iso |
Looks like others used sudo k3d with comparable success.
I didn’t bother trying to figure out which program the “Write to Disk” command traces back to. But it looks like K3d already has a fix. Maybe Ubuntu will provide a fix soon, too…
November 19, 2007 at 8:24 am · Filed under Programming
I set up a new OpenSSH server on Ubuntu and had to remember how to lock down the settings again. Here is a quick guide to securing SSH against attacks.
Set up an RSA key to use instead of a password
This is an encrypted file which is used to replace your password, providing significant login security (there’s no way someone will guess one of these in the next 10,000 years).
This step assumes you are logged into the server where you will be ssh’ing to. To do this from the client, you create the keygen file as normal, but you then have to upload the id_rsa to your web server’s ~/.ssh/known_hosts (instead of copying it locally as shown below).
Here is the procedure for generating the keyfiles:
#generate the public/private key pair
#leave the passphrase blank (or you'll have to type it constantly)
kato@zephyr:~/$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/kato/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kato/.ssh/id_rsa.
Your public key has been saved in /home/kato/.ssh/id_rsa.pub.
The key fingerprint is:
0d:a6:cd:1c:53:ab:b2:1b:b5:7e:ce:15:96:35:97:f9 kato@zephyr
kato@zephyr:~/.ssh$ cd /home/kato/.ssh
kato@zephyr:~/.ssh$ ls -l
-rw------- 1 kato kato 1675 2007-11-19 16:56 id_rsa
-rw-r--r-- 1 kato kato 393 2007-11-19 16:56 id_rsa.pub
#your server might show identity and identity.pub... that's fine, use those in place of id_rsa
$ cat id_rsa.pub &gt;&gt; authorized_keys
$ chmod 644 authorized_keys
kato@zephyr:~/.ssh$ ls -l
-rw-r--r-- 1 kato kato 214 2007-11-19 16:04 authorized_keys
-rw------- 1 kato kato 1675 2007-11-19 16:56 id_rsa
-rw-r--r-- 1 kato kato 393 2007-11-19 16:56 id_rsa.pub
#some older servers will require you to use authorized_keys2 for ssh2 clients! |
Now download the private file (the one without .pub on the end) to your client. You will want to configure your client to load this keyfile automatically. This is easy enough with putty, for other clients, check out pageant (which can intercept password requests and supply the key).
[img]putty_keyfile.jpg:Loading ssh key into putty…[img]
- First decide if you will be using SSH1 or SSH2 (or both). Most likely you’ll want to stick with SSH1 (until OpenSSH is installed at PPPL, or until SSH2 is installed, etc).
- Generate public/private keypair for SSH1: [b]ssh-keygen[/b]. This will generate [b]~/.ssh/identity[/b] and [b]~/.ssh/identity.pub[/b].
- Do this on each machine you want to access (to/from) using ssh (only need to do this once on the PPPL unix cluster)
- Take all of the identity.pub files (which contain a public key on one line) and create an [b]~/.ssh/authorized_keys[/b] file by placing the contents of each separate identity.pub file on a single line of the [b]~/.ssh/authorized_keys[/b] file (then place on all sshable hosts).
- For SSH2, use [b]ssh-keygen -t {rsa,dsa}[/b] (you choose between rsa keys or dsa keys, currently I use DSA), which will generate [b]~/.ssh/id_{dsa,rsa}[/b] and [b]~/.ssh/id_{dsa,rsa}.pub[/b].
- Follow instructions for SSH1 keys, but instead generate a [b]~/.ssh/authorized_keys2[/b] file using the id_{dsa,rsa}.pub files.
Specify who can log in with ssh
From the cli, type:
Then add your login account:
usermod -a -G sshaccess kato |
Configure SSH
On Ubuntu and Gentoo, open [b]/etc/ssh/sshd_config[/b]. Now we will tweak several properties:
- Changing the Port will shut off 98% of the attacks on your ssh server. As long as you have the skills to get through the firewall, this is your best defense. To pick a port number which won’t conflict with any other apps, check out this comprehensive list of ports. I used port 27.
- Turn off PermitRootLogin
- Enable PubKeyAuthentication
- Do not PermitEmptyPassword
- Restrict users who can log in with AllowGroups
- Enable logging with SysLogFacility and LogLevel
Here is what my finished script looks like:
# What ports, IPs and protocols we listen for
@@Port 27
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
@@PermitRootLogin no
StrictModes yes
#RSAAuthentication yes
@@PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
@@RhostsRSAAuthentication no
# similar for protocol version 2
@@HostbasedAuthentication no
# To enable empty passwords, change to yes (NOT RECOMMENDED)
@@PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
@@PasswordAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
# Allow client to pass locale environment variables
AcceptEnv LANG LC_
@@AllowGroups termgroup
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes |
References
Creating RSA and DSA keys for SSH
SSH User dentities
Creating SSH Key Pairs
« Previous entries ·
Next entries »
