Poetry of Programming

I have seen gems like ssl_requirement, but its too complicated for securing just two pages of user login and sign up.

Referred few blogs and found few useful links for the same:

1> For
# Creating your private key
# Creating your certificate signing request
# Getting your certificate
# Configuring your web server
Refer: http://www.buildingwebapps.com/articles/79189-using-ssl-in-rails-applications
2> For Setting up Rails app with Devise, I have referred this :

http://blog.grow20.com/fun-with-ssl-for-accounts-only

More useful links:

http://blog.dynamic50.com/2011/02/15/ssl-on-wildcard-domains-on-heroku-using-godaddy/

http://www.themomorohoax.com/2010/10/08/using-ssl-in-rails-3

Cannot execute Rake Task in production environment? Does it throws errors of uninitialized objects or refuses to load Model classes?

To execute a rake task for eager loading we require,
config.threadsafe! to be disabled in production which is enabled by default.

But our requirement is to get it disabled only on running a rake task.

Rake already sets a Ruby global: $rails_rake_task

So, in config/environments/production.rb, just say:

 config.threadsafe! unless $rails_rake_task

RVM relies on GIT.

So set proxy for GIT first.

*  Set the http_proxy environment
*  Set a proxy command to bypass the connection:
gcc -o connect connect.c
mv connect ~/bin
echo “/home/kiran/bin/connect -H proxy.company.com:6030 $@” >> ~/bin/proxy
chmod +x ~/bin/proxy

echo “export GIT_PROXY_COMMAND=proxy” >> .bashrc

Now try git clone. If it doesnt work, try out the following the command.

export http_proxy=http://<username>:<password>@<proxy_ip>:<proxy_port>

This line below also works like a charm for GIT,

git config --global http.proxy proxy_addr:proxy_port

Once the GIT is configured, for RVM, you need to do one more change for curl,
Set the proxy inside your ~/.curlrc

proxy = proxy.company.com:proxy_port

and now you can install rvm with no issues.

For rvm install thru proxy:

rvm install X --proxy proxy.company.com:proxy_port

If two developers are under the same user-group, we can even clone/copy the .rvm folder within two users without explicit installations.

Some more references:

http://blog.iwkse.homeunix.org/index.php?/archives/9-Git-Basic-setup.html

http://beginrescueend.com/

http://zipizap.wordpress.com/2010/11/02/cloning-rvm-to-other-user-you-can-just-copy-the-rvm-directory/ [This worked for me as well]

I am attempting to push when I experience a conflict (ruby-1.9.2-p180)

cts_work/diaspora_cts git:(master)> git push origin master

To git@gitorious.org:diaspora_cts/diaspora_cts.git

 ! [rejected]        master -> master (non-fast-forward)

error: failed to push some refs to ‘git@gitorious.org:diaspora_cts/diaspora_cts.git’

To prevent you from losing history, non-fast-forward updates were rejected

Merge the remote changes (e.g. ‘git pull’) before pushing again.  See the

‘Note about fast-forwards’ section of ‘git push –help’ for details.

 

First, see if the conflict can be automatically resolved:

cts_work/diaspora_cts git:(master)> git pull

error: Your local changes to the following files would be overwritten by merge:

db/schema.rb

Please, commit your changes or stash them before you can merge.

Aborting

 

Git status shows that your state is conflicted:

cts_work/diaspora_cts git:(master)> git status

# On branch master

# Your branch and ‘origin/master’ have diverged,

# and have 2 and 1 different commit(s) each, respectively.

#

nothing to commit (working directory clean)

 

IMPORTANT – If you can resolve the conflict do so (normal procedure), this procedure presumes you wish to write the conflicting updates to a branch.

Reset your tree to just your unmerged updates:

cts_work/diaspora_cts git:(master)> git reset –hard HEAD

HEAD is now at 340a54e changes amde

 

Create a branch, use a name which suggests a conflict:

cts_work/diaspora_cts git:(master)> git branch conflict_stuff

cts_work/diaspora_cts git:(master)> git branch

  conflict_stuff

* master

 

Reset your tree to the prior revision:

cts_work/diaspora_cts git:(master)> git reset –hard HEAD

HEAD is now at 340a54e changes amde

 

Pull the other persons changes:(Do not do git pull but always git fetch + git merge)

cts_work/diaspora_cts git:(master)> git fetch

cts_work/diaspora_cts git:(master)> git merge origin/master

Merge made by recursive.

 app/controllers/sessions_controller.rb            |   21 ++++++—-

 app/models/profile.rb                             |    3 +-

 app/views/layouts/application.html.haml           |   14 +++—

 app/views/people/_profile_sidebar.html.haml       |   15 +++++–

 config/locales/diaspora/en.yml                    |    1 +

 db/migrate/20110226134747_add_columnto_profile.rb |    2 +

 db/schema.rb                                      |    5 ++-

 lib/tasks/profile_update.rake                     |   42 +++++++++++++++++++++

 public/javascripts/application.js                 |    2 +-

 9 files changed, 81 insertions(+), 24 deletions(-)

 create mode 100644 lib/tasks/profile_update.rake

 

Switch back to your branch:

cts_work/diaspora_cts git:(master)> git checkout conflict_stuff

Switched to branch ‘conflict_stuff’

cts_work/diaspora_cts git:(conflict_stuff)> git status

# On branch conflict_stuff

nothing to commit (working directory clean)

 

Push your conflict branch back to the repoistory:

cts_work/diaspora_cts git:(conflict_stuff)> git push origin master

Counting objects: 11, done.

Delta compression using up to 2 threads.

Compressing objects: 100% (8/8), done.

Writing objects: 100% (8/8), 861 bytes, done.

Total 8 (delta 5), reused 0 (delta 0)

=> Syncing Gitorious… [OK]

To git@gitorious.org:diaspora_cts/diaspora_cts.git

   d25e82a..c977122  master -> master

Open ID single sign-on Authentication for consumers

OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords.You may choose to associate information with your OpenID that can be shared with the websites you visit, such as a name or email address. With OpenID, you control how much of that information is shared with the websites you visit.With OpenID, your password is only given to your identity provider, and that provider then confirms your identity to the websites you visit. Other than your provider, no website ever sees your password, so you don’t need to worry about an unscrupulous or insecure website compromising your identity.OpenID is rapidly gaining adoption on the web, with over one billion OpenID enabled user accounts and over 50,000 websites accepting OpenID for logins. Several large organizations either issue or accept OpenIDs, including Google, Facebook, Yahoo!, Microsoft, AOL, MySpace, Sears, Universal Music Group, France Telecom, Novell, Sun, Telecom Italia, and many more.OpenID is the fast, easy and secure way to sign in to websites.Here are just a few benefits to using OpenID.

Accelerate Sign Up Process at Your Favorite Websites:

Most websites ask for an extended, repetitive amount of information in order to use their application. OpenID accelerates that process by allowing you to sign in to websites with a single click. Basic profile information (such as your name, birth date and location) can be stored through your OpenID and used to pre-populate registration forms, so you spend more time engaging with a website and less time filling out registration pages.

Reduce Frustration Associated with Maintaining Multiple Usernames and Passwords

Most web users struggle to remember the multiple username and password combinations required to sign in to each of their favorite websites, and the password recovery process can be tedious. But using the same password at each of your favorite websites poses a security risk. With OpenID, you can use a single, existing account (from providers like Google, Yahoo, AOL or your own blog) to sign in to thousands of websites without ever needing to create another username and password. OpenID is the safer and easier method to joining new sites.

Gain Greater Control Over Your Online Identity

OpenID is a decentralized standard, meaning it is not controlled by any one website or service provider. You control how much personal information you choose to share with websites that accept OpenIDs, and multiple OpenIDs can be used for different websites or purposes. If your email (Google, Yahoo, AOL), photo stream (Flickr) or blog (Blogger, WordPress, LiveJournal) serves as your primary online presence, OpenID allows you to use that portable identity across the web.

Minimize Password Security Risks

Many web users deploy the same password across multiple websites. And since traditional passwords are not centrally administered, if a security compromise occurs at any website you use, a hacker could gain access to your password across multiple sites. With OpenID, passwords are never shared with any websites, and if a compromise does occur, you can simply change the password for your OpenID, thus immediately preventing a hacker from gaining access to your accounts at any websites you visit.Because the focus of most OpenID providers (such as Google, Yahoo and AOL) is in identity management, they can be more thorough about protecting your online identity. Most website operators are less likely to be as dedicated to protecting your identity as the OpenID providers, whose focus is on securely hosting user identities.

OAUTH API Authorization between applications

An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

If you’re building…

• desktop applications
• dashboard widgets or gadgets
• Javascript or browser-based apps
• webpage widgets

OAuth is a simple way to publish and interact with protected data. It’s also a safer and more secure way for people to give you access.

If you’re supporting…

• web applications
• server-side APIs
• mashups

If you’re storing protected data on your users’ behalf, they shouldn’t be spreading their passwords around the web to get access to it. Use OAuth to give your users access to their data while protecting their account credentials.For more on OAuth, refer http://hueniverse.com/2007/10/beginners-guide-to-oauth-part-i-overview/

After getting passenger up and running successfully on my machine and after many days of work, I have got to install PHPmyadmin. But Rails Passenger doesnt allow the connection to http://localhost/phpmyadmin.

After lot of search, I have got it fixed when I updated the following under httpd.conf:

<LocationMatch “^/phpmyadmin/.+”>
PassengerEnabled off
AllowOverride All
</LocationMatch>
Alias /phpmyadmin “/path/to/phpmyadmin”
<Directory “/path/to/phpmyadmin”>
PassengerEnabled off
AllowOverride All
</Directory>

This works like a charm…

What do you prefer in terms of Authentication?

Plugin – Restful Authentication (recommended) – easy to use and you can tweak it according to your requirements.

http://railscasts.com/episodes/67 http://svn.techno-weenie.net/projects/plugins/restful_authentication/

Build your own authentication. You should rarely need to do this … Restful Authentication is quite flexible.

http://www.aidanf.net/rails_user_authentication_tutorial

OpenID – a universal authentication system to avoid use of multiple username and password on the Internet. OpenID is getting quite famous now-a-days.

http://media.railscasts.com/videos/068_openid_authentication.mov http://agilewebdevelopment.com/plugins/openidauthentication

Access Control : To easily proivde different priviliges to your users. There are a lot of cool plugins available for access control.

https://opensvn.csie.org/traccgi/tobionrails
http://code.google.com/p/rolerequirement/
http://agilewebdevelopment.com/plugins/activeacl_rails_authorization_system

Centralized Authentication Server – is used to implement single login/password for your users across multiple application. It can also be used for a single sign-on system. For example, Gmail and Google Reader have a single sign-on between them.

http://agilewebdevelopment.com/plugins/cas_authentication_filter

Use Google Authentication API to let your users login using their google username and password.

http://rubyforge.org/projects/asgoogleaccount/

More Plugins :

Rails inbuilt Authentication – http://ryandaigle.com/articles/2006/12/4/whats-new-in…
Acts_as_authenticated – http://technoweenie.stikipad.com/plugins/show/User+Authentication
Super Simple Authentication – http://ariejan.net/2007/08/24/super-simple-…

 How secured is your Model?

 SQL Injection

The problem arises when metacharacters are injected into your queries to database. Rails has a very good support to avoid SQL injection if you follow conventions in issuing queries to your database.

Read more »

After the installation from update manager, and every time I boot up my machine, I get a error with three options out of which I am forced to click OK for “Run Ubuntu in low-graphics mode for just one session” option.

Resolution upon reference from url (http://ubuntuforums.org/archive/index.php/t-1242813.html) for Ubuntu 9.10:

Take a backup and edit xorg.conf file:

sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf_bkp
sudo gedit /etc/X11/xorg.conf

Delete this Section Device:

Section “Device”
Identifier     “Device0″
Driver         “nvidia”
VendorName     “NVIDIA Corporation”
BoardName      “GeForce 8400M GS”
EndSection

And Edit the Section Screen as:

Section “Screen”
Identifier     “Screen0″
Device         “Device0″
Monitor        “Monitor0″
DefaultDepth    24
SubSection     “Display”
Depth       24
Modes “1440×990″
EndSubSection
EndSection

Here we go, no more low graphics mode issues.

I recently got my XPS M1330 notebook upgraded from Windows Vista to Windows 7.It happened that one day I need to burn a CD and found that ROXIO DVD Creator is no more working though I have used it less. I have found the collection of CDs given by Dell and re-installed ROXIO Creator 9.  Thats it ! I made my own Axe on neck. Everytime I boot up my notebook. a pop up near the windows toolbar stating “This driver has got compaitibity issues with windows blah… blah…” and then the following errors appear:Microsoft Visual C++ Runtime LibraryRuntime Error!Program:…ommon Files\RoxioShare\9.0\SharedCom\(application).exeThe application has requested the Runtime to terminate it in an unusual way.Please contact the applications support team for more information – OR – Microsoft Visual C++ Runtime LibraryRuntime Error!Program: C:\Program Files\Roxio\(application folder)\(application name).exeR6025- pure virtual functional call I should say its more than a nightmare. This error keep popping up by freezing my notebook every 10-15 minutes approx. I tried all my ways of uninstalling it by following this support url of ROXIO.http://kb.roxio.com/search.aspx?URL=/content/kb/Creator/000127CR&PARAMS=But No Go !The error continued  for several Days..  Irritated and frustrated, today i just sat for hours to fix it. Finally I did it. Took almost 6 hours to google it and fix it though.I am blogging it to help another “Sufferer” of Roxio.Step 1:  I have got ROXIO installed as many Programs infact using the Roxio Creator 9 CD given by Dell.

• “Roxio Audio”
• “Roxio MyDVD”
• “Roxio Drag and Disc” etc.. with update manager included.

Step 2: Instead of uninstalling the programs through Control Panel remove programs. Uninstall themFrom Program Files -> roxio XXX -> UninstallFollow this support url ->   http://kb.roxio.com/search.aspx?URL=/content/kb/Creator/000127CR&PARAMS= Step 3: I did everything but I couldnt delete Program Files -> Commom Files -> Roxio Shared/Sonic Shared.It says that it is used by some other application. Those are nothing but# RoxWatchTray9.exe# RoxMediaDB9.exe# VideoWave9.exe# MyDVD9.exe# MediaManager9.exe# DiscCopier9.exe# RXLabelCreator.exeStep 4:  I opened Task Manager in Windows 7 , it didn’t showed me any of these processes running. Here lies the main story. Due to which I couldnt delete the Roxio Shared under common files folder which is the root cause of Runtime error Popping up now and then.I even ran to buy Perfect uninstaller Software by reading this :http://www.squidoo.com/uninstallroxioI used that software and got ROXIO uninstalled though.Later I found “Show all process from all users” tab under Task Manager wherein you can end that process of roxioxxx.exe running and easily delete that Roxio shared folder under common files.Great ! those Perfect uninstaller people are earning on Roxio. Kudos to them! Kicks to roxio! and Sorries for other Users (like me)! But dont worry, just try the above steps.

A new release of Rails is available – Rails 2.3.3.Among the usual bug fixes, a few new features were added, from the release notes:

• touch is a convenient method to update a record’s timestamp and nothing else. This is extracted from apps whose models “touch‚” others when they change, such as a comment updating the parent.replies_changed_at timestamp after save and destroy.[..]
• :primary_key option for belongs_to for broader support of legacy schemas and those using a separate UUID primary key: belongs_to :employee, :primary_key => ‘SSN’, :foreign_key => ‘EMPID’ [..]
• leaner user-facing encoding [JSON] API.
• decoding backends for the json and yajl libraries. Both are significantly faster than the default YAML backend.

Meanwhile, the work on Rails 3 continues. Yehuda Katz has posted a few blog entries on the new architecture for Rails 3, as well as lessons learned from refactoring a large code base as Rails.One of the goals of Rails 3 is to bring Merb’s modularity and well defined internal APIs to the Rails codebase; Yehuda’s article on the interface between ActionController and ActionView gives some insight in what’s going on on that front. What becomes clear is that the fusion of Merb and Rails is a major project and is still underway.The work on Rails 3 also has an impact on the development of Merb. A recent discussion on the Merb mailing list addressed the state of Merb 1.1, which was due a few months ago. The current plan is to make sure a smooth migration path to Rails 3 is possible – which, of course, requires to know what Rails 3 architecture will be.With all that said, Merb is still a viable solution for many projects, as Ezra Zygmuntowicz (Merb’s creator) points out:

I’d like to chime in and say that I am still happily building apps with merb, http://engineyard.com/solo is built on merb. I don’t find that there is anything I’m missing or that there are any features or major bugs stopping me from building apps with merb.

For another glimpse at plans for Rails 3, David Heinemeier Hansson’s RailsConf’09 talk is available online.

 

The ‘svn merge’ command compares two trees, generates a patch, then
applies that patch to a working copy. Yes, you have complete freedom
to compare any two trees, and thereby generate any patch you want. But
that does *not* mean that ‘svn merge’ always will do what you want.
It’s *your* responsbility to make sure that the patch being produced
makes sense, and cleanly applies to your working copy.      
Skipped ‘src’
Skipped ‘src’
Skipped ‘src\au’
Skipped ‘src\au\com’
Skipped ‘src\au\com\forward’
Skipped ‘src\au\com\forward\codeSections’
A src\au\com\forward\codeSections\DesignNotes.txt
A src\au\com\forward\codeSections\CodeSections.java
Skipped ‘src\au\com\forward\codeSections\testFiles’
A src\au\com\forward\codeSections\testFiles\testin.cs
Skipped ‘docs’
Skipped ‘docs’
A docs\htmldoc.exe 

See those skipped messages? That indicates driver error. The merge
command is trying to add and remove certain directories because they’re
not related to each other at all. Please read this section of chapter
4, regarding ancestry:

http://svnbook.red-bean.com/en/1.1/ch04s03.html#svn-ch-4-sect-3.2.4

Then after reverting, try the merge again with the –ignore-ancestry
command.

So, It is like this what I have implemented,

> Taken a latest production copy as my_working_copy

> Merged the dev branch with production branch under  my_working_copy

svn merge –ignore-ancestry prod_branch_url dev_branch_url my_working_copy/

> And this is how we avoid the driver error.

> Check for conflicts under my_working_copy

Fix the conflicts always in favour of Clients Requirements.

Else if no conflicts, check in the merge to production

Finally, Say The END to the project !!!

Next is What ?  [ Samsung Adv ]

Make sure you are in the root of your app and do:
svn propedit svn:externals vendor/plugins
Just delete the line(s) of the plugins you no longer want.

If you get the following error then you need to set your environment variable.
svn: None of the environment variables SVN_EDITOR, VISUAL or EDITOR is set, and no ‘editor-cmd’ run-time configuration option was found

For example, you can set the SVN_EDITOR to use Vi editor from your unix prompt like

export SVN_EDITOR=’”/bin/vi”‘

In Windows, instead of export, it is

set SVN_EDITOR=c:/windows/notepad.exe (for notepad)

or

set SVN_EDITOR=”C:\Program Files\Posix Tools\bin\vi” (for Vi editor)

Rails migrations are great, they allow continual evolution of database schema. Sometimes, especially when prototyping, I hate to run migrations down and up and load data, just to make small independent change in database table. In this situations I run only specific migration:

ruby script/runner 'require "db/migrate/005_create_blogs"; \n
CreateBlogs.migrate(:down)'
ruby script/runner 'require "db/migrate/005_create_blogs";\n
 CreateBlogs.migrate(:up)'

This is much typing (for just one migration at least so here is the rake task to do the same:

namespace :db do
  task :migrate_one => :environment do
    file = Dir["db/migrate/#{ENV["VERSION"]}_*.rb"].first
    require(file)
    migration_class = file.scan(
/([0-9]+)_([_a-z0-9]*).rb/)[0][1].camelize.constantize
    migration_class.migrate(:down) unless ENV["DIRECTION"] == 'up'
    migration_class.migrate(:up) unless ENV["DIRECTION"] == 'down'
  end
end

Put this rake task in lib/tasks and you can call it with rake db:migrate_one VERSION=005. This would run migration down and up. You can also add DIRECTION=up or DIRECTION=down to control direction.

Thanks to Bojan Mihelac.

“Enni Gundelu aaa?” Its a normal saying in telugu asking How dare you? But the exact words translation is “How many hearts you have haan?” Hmm… Well… I have two hearts !!!

Apart from Redhat Linux, I’m also trying to set up my Rails app on a Win XP Pro machine to clarify some Ajax effects in IE. IE used system hosts file very well. But at the same time, on the same OS,  my latest Mozilla Firefox version 3.0.1 ignores the same hosts file. And this only happens when Proxy Server is used.

I didn’t understand why the configuration works only with IE, but not with
Mozilla. Makes no sense to me at all.

I am sure that I have set no proxy for localhost, and I have even tried setting no proxy for the local IP range like 192.168.3.0/24 where my working IP lies in between. Glory ! it worked…!!!

Ofcourse, I googled with suggestions of clearing cache and subscription to 5$ monthly plan to know the solution. So this info.. is for those who uses proxy and gets weird cases like this… Enjoy the solution,  absolutely free…!