Computer Programming

Yes, a bit specific, but I need to store some links!

Benchmarking String Function to camelCase

I needed a function to turn snake_case to camelCase. The reason why? Angular and Javascript are better with camelCase, and Python and Django prefer snake_case. I tried working with both in the Django side, and it wasn't pretty. Even worse, I lost track of when I switched from one to the other, if I switched at all. So, I'm going to try renaming the keys as they are handed off from Django Rest Framework to the Javascript.

A Django REST Framework Technique for more Detailed Related Records

This is a nice way to deal with building lists of objects to display in tables. It's kind of hidden in there, but in your serializer, you can specify that a field is represented by another serializer.

The result is a list of objects instead of a list of URLs or PKs.

Now, going with that, you can save on data transfer by serializing only a few fields.

My .vimrc

set nocompatible " be iMproved, required
filetype off " required

" set the runtime path to include Vundle and initialize
set rtp+=~/.vim/bundle/Vundle.vim
call vundle#begin()
" alternatively, pass a path where Vundle should install plugins
"call vundle#begin('~/some/path/here')

" let Vundle manage Vundle, required
Plugin 'gmarik/Vundle.vim'

" All of your Plugins must be added before the following line
call vundle#end() " required
filetype plugin indent on " required
" To ignore plugin indent changes, instead use:

Intermittent Django REST Framework glitch examined with Apache Benchmark

While programming in the rest framework, I hit this error, intermittently, but over and over, along with others:

Could not resolve URL for hyperlinked relationship using view name "parseuser-detail". You may have failed to include the related model in your API, or incorrectly configured the `lookup_field` attribute on this field.

Being a noob, I hit the books (documentation) again, and again, and thought I had it right, or close. (Don't start out creating Django models for non-Django-managed tables. It's pretty hard. It's better to learn the vanilla Django way first, if possible.)

Instant Cross-Domain Access for Everyone with CORS in PHP

Here's a snippet of code that will make your PHP REST API work cross-domain, through the magic of CORS:

/**
 * CORS is a way to allow scripts from other domains to post to this URL.
 */
if ($_SERVER['REQUEST_METHOD']=='OPTIONS') {
    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Methods: POST, OPTIONS');
    header('Access-Control-Allow-Headers: Content-Type');
    exit();
}
header('Access-Control-Allow-Origin: *');

Django Rest Tutorial, Inverted

[I hesitate to post this, because it makes me look like I'm a slow learner... but, oh well. I hope someone finds this interesting.]

An Unsafe Version of the PHP Example

This is an unsafe version of the Model PHP Script example. It is more useful for learning PHP. An explanation follows, about what it does, and why it's unsafe.

<?php

/* 
 * Sample PHP form and database example.
 * This is an *unsafe* example, based on the safe example.
 */

// 1. config variables
$dbhost = 'localhost';
$dbuser = 'mysite';
$dbpass = '12JNdie8Ds3';
$dbname = 'mysite';

// 2. get the value from the form
$x = $_POST['x'];

Model PHP Script Example: writing relatively safe web forms

I just whipped this script up to demonstrate some techniques for writing relatively safe web forms with PHP. This example doesn't strive to look nice or even be easy to understand. It should be a jumping off point for learning some PDO, some htmlspecialchars, some filter_var, and a functional style of composing pages. The last thing - not such a great idea, but it works for really short pages.

This script is written to try and avoid SQL injection attacks, and cross site scripting (XSS).

Code is attached, and below.

A List of SQL Injection Attacks

I was looking at some special logs we keep, and found these attempted SQL injection attacks.

~~~~
admin
'
a'or' 1=1--
'or 1=1--
'or''='
'or'='or'
admin' or 'a'='a
admin'or 1=1#
"or "a"="a
'or 1=1/*
'or'a'='a
'or 1=1\0
"or"="
"or"="a'='a
"or1=1--
"or=or"
''or'='or'
') or ('a'='a
'or' '1'='1
'or''=''or''='
'or'='1'
'or1=1--
a'or' 1=1--
a'or'1=1--
or 'a'='a'
or1=1--
'.).or.('.a.'='.a
'or.'a.'='a
')or('a'='a
1'or'1'='1
aaaa
admin
admin' OR 1=1/*
or 1=1--
"or 1=1--
"or 1=1\0
'xor
1 or '1'='1'=1
1 or '1'='1' or 1=1
' UNION Select 1,1,1 FROM adm
~~~~

Python str.split, annoying design.

Even after a year of diddling, I'm still a python newb, and things like str.split(None) are why.

Everyone knows split splits strings on a character (or in the civilized world, a regex). str.split(None) splits on whitespace and then trims leading and trailing whitespace. It's a great feature, but why not call it str.split_whitespace?

'a b'.split(None) returns ['a','b'].

'a,,,b'.split(',') does not return ['a','b']. It returns ['a','','','b'].

Security Logic Simplified into a Cheatsheet

Came up with this comment to help me think through end-user security.

~~~~ /* * Security logic is based roughly on NTFS style allow and deny. * * The logic is as follows, in order: * 1. If a specific role or user is in the deny list, they are denied. * 2. If a specific role or user is in the allow list, they are allowed. * 3. Otherwise, they are denied. * * There are three special values.

AngularJS Directive: Stretchdown - stretches an element to the bottom of the window.

I've made may first directive! OK, not that special, but to me it is. This is one of the more difficult features I've come across in Angular, and I still don't really "get it".

[I didn't "get it" because I used directives as a mixin to implement a UI feature. Directives are really supposed to be for encapsulating HTML into small templates.]

I'm not even going to do a code walkthrough, because I can't really explain it well. The easy part is calculating the height the element should be. The tricky part is implementation.

Chrome Rendering Glitch with Label's Padding in Points (PT), Even Values

I have to learn the Chromium bug reporting system. Found an interesting rendering bug if, on a label, you specify a padding with an even number of points (pt), the rendering is shifted up a little bit, and the border can disappear if it's adjacent to another element.

WordPress: Setting the META Description to part of the page's content

This code puts the first paragraph of the post into the description meta tag. It tries to strip out leading whitespace and any tags. If you insert an image, it should be stripped.

R Database Connection Class in RS (R5 S5)

I'm learning R, and it's been interesting. The weird part is that I don't know stats. Yes, I know standard deviation, mean deviation, and easy stuff, but those are one-liners in the R tutorials. What I know in stats amounts to around 1/4 to 1/2 a page of the R tutorial. So to compensate, I have a stats text from the thrift store, so I'll eventually be less than a total ignoramus about what I'm reading.

One of the twists of what I'm messing with is that all our data is in a database. The normal mode of operation for R users is to load the entire data table into memory and do awesome reporting on it. Where I'm at, for better or worse, is more like a traditional web application with a database back end.

A problem with this is that MySQL lets me have only 16 connections going at the same time. I'm not sure if it's the driver, but I'll assume that. Since RStudio holds the connections, coding a lot of changes eventually leads to a lot of lost database connection handles, and eventually running out of connections.

Syndicate content