How to get the address of the svn server for my subversion repository?

Recently, I had some code from a Subversion repository on my machine, but no longer had tortoise svn or any svn command lines tool set up. Luckily, I remembered that in Subversion there is a lot of fun data inside the .svn directory. For instance you can see the address of the server and repository by viewing the .svn/entries file at the root of the local subversion files.

Just look for the svn:// or svn+ssh://

That line should show you the svn server address, as well as the repo name and branch.

Continue reading

Database stored procedures, functions and triggers are source code of your application. Please treat them as such.

As a consultant for the past two years, when I come into a batch of code that has many stored procedures or triggers in the database, the first thing I ask is whether those stored procedures and triggers are under some kind of revision or source code control. If the developers/DBAs look at me like I’ve got two heads, then I know I’m in for a doozy of a gig because those devs are probably not doing the best job they could be doing.

And that makes sense right? You don’t call in a consultant if everything is unicorns and rainbows with your system.

Stored procedures, functions, and triggers in your database are part of your codebase. They could even be the most important and most delicate piece of your codebase.

I’ll repeat this again for total clarity… Stored procedures, functions, and triggers in your database are part of your codebase.

But not managing your codebase with a tool is a huge mistake. And yet, I see this time and time again on my gigs. And if I had a nickel for every time I saw a stored proc named with “_new” or “_new2” or “_use_this_one” in the name, I could invite Warren Buffet over to play cards and he would consider it.

For managing the source code of your stored procedures on SQL server, there’s even some commercial tools available that take your database objects and chucks them into your source code repo. Or you can always just create a “sql” directory in your source code repository and store the objects there.

There are a lot of ways to manage this problem. Ignoring it, is not managing the problem, it’s making it worse.

Continue reading

Turned off my “home page” today

I turned off my web hosting today that hosted my home page and a few small facebook apps that weren’t making any serious money. It’s kind of the end of an era for me. I’ve hosted my own web page and small apps since probably 1997.

These days it just doesn’t make much sense to host your own anything. The cloud is our new overlord and I for one love the stuffing out of it.

You can have code at github and bitbucket for free (bitbucket does private repos at no cost – yay! ).

You can have your blog on blogger or wordpress. You have your random one-liners and cries for help on twitter.

You have linkedin so that recruiters can spam the daylights out of you with terrible positions in far away countries.

You have roughly a million services for hosting your small apps, like Heroku, PHP Cloud, Google App Engine, and Azure.

I just can’t justify the expense of a basic web hosting or virtual server account any more. I won’t miss doing the system administration on that thing and constantly worrying about hackers. That’s for sure.

I still need a proper home page for my domains to link to all my various cloud identities. Any suggestions?

Continue reading

How to find all the distinct PHP session variables that your applications uses.

The short answer is a one line Linux shell command:

This command:

  • looks through all the files in your application recursively for the PHP $_SESSION reference
  • finds any variables named with capital letters, or lowercase letters, or underscores, or numbers
  • sorts the list alphabetically
  • removes the duplicate items in the list

The long answer is that I found myself with an interesting dilemma recently. How to find all the PHP session variables set in my application. Some pieces of the application were new code, some were older legacy code. I needed to get the full list of session variables because I needed to delete most, but not all of them for a certain usage case ( ie, the user is still logged in and has some properties, but the other session data could be safely destroyed ).

So I began with some command line greps on linux. First I tried:

This was a decent list, but about 1000 rows long. Too unwieldy to deal with. Let’s get rid of the filenames, I don’t really care where the session values are set for my case.

This is a little better, but I don’t need the whole line, just the session variable itself. Let’s see if we can start to grab the session var using a regex pattern.

Now we are cooking. This is a nice list of the session variables ( albeit only one array level deep which is all I needed ). Now how to remove the duplicates? Maybe we should “sort” them first?

That is really close. Is there a way to remove duplicates with the “sort” command? Yes, there is. Hot dog.

There it is. That’s the final command I used which located around 50 variables in the old legacy code and new modular code that were used in the sessions. The only really drawback to this code is it will not find multiple nested array values on the session itself, but you could add that as a separate regex if you need.

Continue reading

Yahoo email account hacked

My wife started sending me emails about male enhancements around 3am Saturday morning. I first took slight offense to this but quickly realized they were addressed to everyone in her address book. Her Yahoo email account had been hacked.

We updated her account password, alerted Yahoo security via a basic form on the Yahoo site, and added a “sign-in seal” to the account.

But really, this should not have happened in the first place. There’s a page in the Yahoo accounts menus that shows you the last 20 or so places you’ve logged in from. There’s a bunch from our hometown and then a couple in France. She’s never logged into Yahoo from France. Ever. Shouldn’t Yahoo be throwing a red flag on that and displaying some of the maiden name, first pet name questions?

The other disappointing piece of this is that there’s no “sign me out of everywhere” button, you can only opt to be signed out every day.

This is really terrible security. I haven’t forced her to switch to Gmail yet but I probably will strongly urge her to do so in the coming weeks.

  • Gmail has two factor authentication which practically eliminates this.
  • Gmail has a button to sign you out everywhere
  • I *think* Gmail has something if you’re logging in from a different country ( but I’m not positive on that )
Continue reading

Diary of a mysql database problem in 15 minutes

1:42pm – frantic instant message comes in from a smallish project that their site is down.

1:42pm – I ssh into both the webserver and the database server. Database server takes awhile to actually get a login prompt.

1:43pm – Email containing frantic instant message with importance set to high ( side note- people still use importance in emails? people still email after they’ve contacted you another way? people still email? )

1:44pm – I run “top” on both the webserver and the database server. ( There isn’t any other monitoring since it’s a smallish project. there probably should be. Will have to get client to pay for that.) Webserver looks fine. Database server load is really high, around 5 when it’s usually around 0.30. This is a mysql linux server.

1:45pm – exit “top” and open a mysql command line prompt.

1:46pm – execute “show processlist” in mysql. A ton of queries show up, all behind one sinister looking one on a new table that’s been set up recently.

1:47pm – execute “explain sinister-looking query” in mysql to see how mysql is executing that query.

1:48pm – possible_keys = NULL

1:49pm – Ruh roh. Execute “alter table add index…”

1:50pm – database working.

1:51pm – database working.

1:52pm – database working.

1:53pm – database done working. execute “show processlist” to see 2 queries left on stack.

1:54pm – Execute “top” command, load is down to 2.7 and falling. 1.9 now. 0.70 now.

1:55pm – Declare crisis averted via instant message and email. Wonder again if people still use email.

1:56pm – Assign developer responsible for non-indexed table the task of making sure the schema changes get into source code control.

1:57pm – Go back to regular work.

Continue reading

Using Gmail “Details” link to discover older IP addresses

A project that I’m working on has a strict firewall setup which restricts SSH access to only internal machines and those temporary machines outside the network that need access ( like if you’re working from home ). So as my IP address changes at home, I need to notify the service that my IP address has changed from A to B. The service prefers if I can give them both the old address and the new address because they’ll take out the old address from the firewall rules and add access for the new IP address. I was keeping this list on a pad by my desk but today I found myself downstairs, away from that pad, so I couldn’t find my previous IP address, just the new one.

Fearing that I would have to walk ALL THE WAY upstairs to get that pad, I thought for a few seconds and remembered the “Details” link in the footer of my gmail page. Clicking “Details” in the footer of gmail will show you the last 10 instances of logins/refreshes to your gmail page. Sure enough, I was able to find the number 7 entry was from last night and showed my previous IP address. I copied it into my firewall request and got back to my work.

Continue reading

MySql tip for displaying query results vertically

I have a need at the day job to view mysql records via the mysql command line client. Some of the tables I’m looking at have 100 to 200 columns so it’s pretty annoying to view this data horizontally across the screen. If you end your queries in the mysql command line client with \G instead of a semicolon, then it will display the results vertically down the page. Try it out!

Continue reading

How to drop multiple tables in mysql at once

There are a couple of different ways to remove multiple tables from MySQL at one time. Almost all of the ways of dropping many mysql tables at once are dangerous and that’s probably why the MySQL developers have overlooked this “feature.” You run the risk of dropping tables outside of the ones you meant to drop.

But if you’re dead set on this, here’s a stored procedure for dropping multiple MySQL tables at one time that does the job quick and easy.

First you have to add the procedure to the schema. You can technically add this to any schema that you have access to. The way I use it is from a “global” schema that needs to make changes to other schemas that all have similar names. The MySQL user calling the procedure needs to be able to perform the DROP as well as READ the information schema tables. Don’t mess with your permissions unless you have to however.

Calling the procedure can be done with:

So in this case, I’m dropping all the tables that start with “jjj” in the “test” schema. The “pattern” parameter can be any valid MySQL “LIKE” parameter. In a MySQL client, it looks like this:

Now, obviously, if you put in a pattern that returns no resulting table names, then you’ll get an error. But fixing that error is left to the reader as an exercise ( do feel free to contribute that back to me!)

Any questions or comments? Do you have a better way to do this?

Continue reading

Eclipse update conflict “Do you want to overwrite the changes made on the file system”

Earlier today I kept running into a problem using Eclipse (really Zend Studio built on Eclipse) with a project running on the network that I accessed via a mapped drive on my Linux machine. The problem occurred during file saving and looked like this:

Eclipse update conflict “do you want to overwrite the changes made on the file system?”

The only way I was really able to fix this problem was to make sure that both my machine and the networked machine in question had the same exact time. So I busted out ntpdate and made sure both machines were updating their time at least once a day using a command something like this:

Continue reading