RORLAMP Development

Amazon Simple Queue Service (Amazon SQS) is a distributed queue messaging service. The idea of SQS is to remove the direct associations between producer and consumer and act as mediator between them.

e.g

Consider that you have a large  application like websites monitoring which involve many stages like

• Downloading a website
• Processing the downloaded website
• Generating report of the above processing

So instead of clubbing the above three one can just split them on their specific need(based on the work they do)  with each doing their respective task and on completion notify the other about it completion.

The traditional approach (called as Client-Server architecture) is to send the notification using a simple HTTP , REST , SOAP etc request. But it too has some disadvantage as it require extra care and  precision  to handle all possible response e.g Time-out,Server down etc.

One can save this time and effort my using SQS.

e.g Instead of sending the direct request to Server one can use to SQS to interact with Server/Client an can eventually cut down some of drawback of traditional architecture.

Setting up Amazon SQS in Ruby: There are various library available for using Amazon SQS in Ruby (e.g right_aws, sqs)

Pre-requitise:

• aws-access-key-id
• aws-secret-access-key
• ruby-library(right_aws or sqs gem)
  both of which is provide by the Amazon (or you can ask for incase) during the process of account-registration

In your irb console

require "rubygems"

require "right_aws"

aws_access_key_id  = "Your access key id"

aws_secret_access_key = "Your secret access Key"

sqs = RightAws::SqsGen2.new(aws_access_key_id,aws_secret_access_key)

This basically initialize the sqs object for you to work on.

One can create a new queue just by a single method.

 queue(queue_name, create=true, visibility=nil) 

carefully look at parameter supplied.

queue_name => name of  queue.

create => true (create a queue if it does not exist (optional)).

visibility => set visibility (which make the message reappear after a specified time if not  delete from queue).

One key point about visibility is that one can’t set visibility more than 7200 sec for a  queue or a message .But you can set so from RightScale (Cloud Computing management Platform).

e.g

my_queue = queue('queue_1')

just look at few other methods.

1. send_message or push :- Send message to the specified queue.

 my_queue.send_message "This is my first message"

2. receive or pop :- Receive message from the specified queue.

 message_received = my_queue.receive

puts message_received.body
=> "This is my first message"

2.1 receive_messages : – There is also a method called receive_messages to receive an  array of messages but it never returned me more than one message so if it work for you  it fine then syntax is like this

 receive_messages(number_of_message=1,visibility=nil)

 my_queue.receive_messages(2,60) => return and array of messages

3. delete : –  Delete a  message or a queue

 my_queue.delete => "delete the my_queue for SQS"

 message_received.delete => "delete the message from the intended queue"

4. size :- Specify the no of message in the queue

 my_queue.size => 4 ("4" message in my_queue)

5. name :- Specify name of the queue

 my_queue.name => "queue_1" (Name of the queue)

Note : – There is delay lag in all request and response sent/received to/from  SQS server don’t assume to work it instantaneous approximately of around 45 sec -1 minute(can be more)

e.g

If you send  a message to the queue don’t assume it to appear instantaneously in the queue

Pricing Model => $0.10 per 100,000 requests.

Message Size => 64 KB

For more information on Pricing and message size click  here.

Thank you

In many application we want to convert one office format to another office format e.g doc to PDF , doc to html etc.We can import/export document using OpenOffice easily,but this is manual way.But standalone/Web based application we have to automate this functionality. JODConverter,the Java OpenDocument Converter, It converts documents between different office formats using OpenOffice.

JODConverter supports all conversion which is given by OpenOffice.More Info regarding format you can visit here.

Now,JODConverter is a java library so it can be used using java application,or using command line,or by making web service so any other language(RUBY,.NET,PHP,PYTHON) can used this conversion directly.
Convert Office is a ruby Wrapper of jodconverter .Which is used to convert office format to another office format.
Continue reading »

In previous article we have seen that how to start nailgun server,and use of nailgun in shortly.

Now in this article how to use nailgun using ruby application which directly/indirectly use java library or java application. You can start with nailgun manually as shown previous article and configure ng as per need.Or you can install nailgun plugin from github.
Continue reading »

There are various ways to improve “java” performance.One of the way is use of Nailgun.

Nailgun is a client, protocol, and server for running Java programs from the command line without incurring the JVM startup overhead. Programs run in the server (which is implemented in Java), and are triggered by the client (written in C), which handles all I/O.

It means when java is called every time JVM is loaded so execution time of any application increases due to JVM startup time.To overcome this we have to write java application that listen to particular address and port so each time JVM is not loaded and application can listen on that port and gives expected result. Nailgun help us to achieve this. Continue reading »

Lately there have been too many people wanting to know how to execute Javascript in Celerity.
Let me show you how it done.
First a quick note on JRuby installation.
Here are few useful links to install JRuby under

1. Linux(ubuntu) should work for other linux packages as well.
2. Windows.

Just to confirm,kindly type jruby -v on terminal or cmd depending on OS you are using and you should get the version of jruby you are running.

Mine output was

jruby -v
jruby 1.4.0 (ruby 1.8.7 patchlevel 174) (2010-03-11 6586) (OpenJDK Client VM 1.6.0_0) [i386-java]

Now go ahead and just install celerity gem.
More about celerity installation can be found here also just quickly check whether the sample code work for you.If it work then your ready go and for those it don’t well you just need to tweak a bit.

Ok enough of installation,now we start with running javascript under celerity.
Here is my test HTML File “index.html.”

 <html>

  <head>

    <script type=”text/javascript”>

      function populateDropDown() {

        var select = document.getElementById(’colors’);

        var options = ['Ruby', 'JRuby', 'IronRuby', 'Rails'];

        var index;

        for(index = 0; index < options.length; index++) {

          var option = document.createElement(’option’);

          option.appendChild(document.createTextNode(options[index]));

          option.value = options[index];

          select.appendChild(option);

        }

     }

  </script>

  <script type=”text/javascript”>

    function add_new_language() {

      var wrapper = document.getElementById(’wrapper’);

      var input = document.createElement(’input’);

      var br = document.createElement(’br’);

      input.setAttribute(’type’,'text’);

      wrapper.appendChild(br);

      wrapper.appendChild(input);

    }

  </script>

 </head>

 <body onload=”populateDropDown()”>

  <h1>Select Your Favourite Language</h1>

  <form>

    <select id=”colors”>

    </select>   <a href=”#” onclick=”add_new_language()” >More Language</a>

    <br/>

    <span id=”wrapper”>

    </span>

  </form>

 </body>

</html>

Here my sample code in JRuby.

 require "rubygems"
 require "celerity"

 browser = Celerity::Browser.new(:browser => :firefox)
 browser.goto("file:///home/guest/Desktop/index.html")

Now basically one can run the javascript just by a simply calling the method fire_event on the html tag that has the associated event that you want to fire.
 e.g the anchor tag above has a onclick event associated with it.

browser.document.get_html_elements_by_tag_name('a').first.fire_event('click')
 

Now modified the html content i.e (after javascript execution) can be obtain using “browser.xml”.

Here mine output.

  puts browser.xml

<?xml version=”1.0″ encoding=”ISO-8859-1″?>

<html>
 <head>
  <script type=”text/javascript”>
   //<![CDATA[
     function populateDropDown() {
       var select =        document.getElementById('colors');
       var options = ['Ruby', 'JRuby', 'IronRuby', 'Rails'];
       var index;
       for(index = 0; index < options.length; index++) {
         var option = document.createElement(’option’);
         option.appendChild(document.createTextNode(options[index]));
         option.value = options[index];
         select.appendChild(option);
       }
     }
  //]]>
  </script>

  <script type=”text/javascript”>
   //<![CDATA[
     function add_new_language() {
       var wrapper =document.getElementById('wrapper');
       var input = document.createElement('input');
       var br = document.createElement('br');
       input.setAttribute('type','text');
       wrapper.appendChild(br);
       wrapper.appendChild(input);
     }
   //]]>
  </script>
 </head>

 <body onload=”populateDropDown()”>
  <h1>Select Your Favourite Language</h1>

    <form>
      <select id=”colors”>
        <option value=”Ruby” selected=”selected”>Ruby</option>
        <option value=”JRuby”>JRuby</option>
        <option value=”IronRuby”>IronRuby</option>
        <option value=”Rails”>Rails</option>
      </select>

      <a href=”#” onclick=”add_new_language()” >More Language</a>
      <br/>
      <span id=”wrapper”>
        <br/>
        <input type=”text”/> <!— generated by javascipt –>
      </span>
    </form>
 </body>
</html>

Here how I made the whole flow generic.

#List of Tag that has event Handler
TAGS   =  ['iframe' ,'img', 'frame', 'frameset', 'ilayer', 'input', 'layer', 'select', 'a', 'area', 'form', 'object', 'script', 'embed', 'applet', 'option', 'button']

# defining a Constant with list of event_hander
EVENT_HANDLERS  = ['onclick','onmouseover','onselect','onsubmit']

# List of events that can trigger a function
EVENTS    = ['click','mouseover','select','submit']

 TAGS.each do |tag|
    browser.document.get_html_elements_by_tag_name(tag).each do |element|
       EVENT_HANDLERS.each_with_index do |event_handle,i|
          element.fire_event(EVENTS[i]) if element.hasAttribute(event_handle)
       end
    end
 end

Note : – One didn’t need to fire_event for onload as the onload event is fired as soon as the page is load using browser.goto .

Other options available are : –

Johnson in Ruby
Watir in Ruby
Selenium in JRuby

Thank You

What is Malware?

Malware is software designed to harm your computer or steal your personal information without your knowledge. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Attackers will often hack a site to turn it into an Attack Site, and sometimes the Web site’s owner won’t even know that this has happened.

Most anti-virus programs will only check for malware installed or hosted locally. Today’s hackers usually won’t host the malware on the infected website, they’ll install redirect code on an infected, legitimate website.

An anti-virus scan of your webserver or website will rarely detect this redirect code.

The nature of malicious code, or malware, (e.g., viruses, worms,) seeking financial gain. In the past, worms were designed primarily to propagate. The impact on victims and organizations was primarily a break of service resulting in loss of productivity and sometimes a loss in revenue. Now, many of the significant worms are designed to steal sensitive information such as credit card numbers, social security numbers, pin codes, and passwords and send the information to the attacker for wrong purposes including identity theft.

Malware includes five categories of inserted programs: viruses, worms, Trojan horses, malicious mobile code, and blended attacks. Viruses and worms are usually designed to carry out their functions without the user’s knowledge. Blended attacks use a combination of techniques to insert malicious programs. Malware also includes other attacker tools such as backdoors, rootkits, and keystroke loggers, and tracking cookies which are used as spyware. Spyware, when inserted into a user’s system, threatens personal privacy and enables the attacker to monitor personal activities and to carry out financial fraud.

Attacker tools might be delivered to a system as part of a malware infection or other system compromises. These tools allow attackers to have unauthorized access to or use of infected systems and their data, or to launch additional attacks.

How to protect website from malware?

You need to check your website for any changes made to it after verifying that your site is clean.You can begin checking your site by making a list of all links to external sites. Then verify that you’ve intentionally put those links on your site. Do this by using your browser opening each of the pages on your website and View Source. Check that code not the code you have stored on your development box.The reason for the different browsers/user agents is that hackers will install scripts that will check for the user agent variable. If it’s not the one they have an exploit for, they code won’t even show.

1. Watch traffic to your site and monitor activity looking for any irregularities.

2. Put in firewall and configure your firewall correctly.

3. Develop your web content off line.

4. Protect your databases.

5. Back up your web site after every update

6. Remove unnecessary files. As your website changes, old files are ignored. They should be removed. Keep copies offline in case you wish to add them again, but remember to update any scripts. Old files are often indexed by search engines. So even if you do not link to those pages anymore, the search engines lists them for Internet users to find and visit. Automated programs to search for these files can find them to exploit them.

7. Implement passwords. Any sensitive files, databases or scripts should be protected.Use passwords that are difficult to guess. Use letters AND numbers, but be careful to keep the number of characters within the programmed limits and remember that passwords are case-sensitive.

8. Include robots.txt file to tell search engines not to index files that are restricted to certain users.

9. Hiding the Source users may still copy your content by viewing the page source from their browsers. It’s almost impossible to prevent users from doing so, but there are some complicated ways to hide the actual html code of the page. This is an advanced technique you can use JavaScript’s document.write() method together with an encryption function to hide some parts of the source from visitors.

10. Keep servers up-to-date with the latest patches and software releases.

Website security precautions

The program should have defenses that prevent a hacker from injecting malicious code into your website to either bring the program down or retrieve sensitive information. Web pages where a user submits information are a popular place for hackers to create problems.  Make sure that proper precautions have been taken to sanitize data that can be transmitted from them.Server technology should be hidden by masking file extensions.  This makes it harder for a potential hacker to determine what potential weaknesses a website may be susceptible to.Passwords and logins that are sent over the network and internet should be encrypted. Since anyone can capture data being transmitted through this medium, precautions must be taken to secure sensitive data.

• Basic security

You should have a comprehensive program in place to prevent malware.
Never store passwords or give them out to anyone who is not directly authorized to have them. Check computers for spyware on a regular basis.  Change passwords immediately if these dangerous programs are ever found.

The most secure systems can be compromised if the wrong people have the information to access them.Run backups regularly and store them in a secure place in a physically different location.Should the unfortunate event occur where your server goes down and you lose all of your data you will have a means to restore your web site.  The frequency that you run backups should be dictated by how often data and files change.

• Don’t weaken your server’s file and folder permissions.

Each file and folder on your server has permissions settings that determine who can read or write that file, execute that program, or enter that folder. Your webhost initially created your webspace with secure permission settings on all files and folders.

• Write your own scripts securely

Learn about the security risks of every language you use. There are lots of online earning how to code securely. A vulnerable script can give hackers access to your user database and to financial or other confidential data.

• Use SSL-encryption

The need to make use of certificates which promote privacy is important. The use of SSL-encryption enables any information that is sent out to be encrypted in order that none of the data is read or intercepted during transit. The key that allows such data to be locked is called a certificate. The same certificate is also used to unlock such a data.

• Block suspicious activity.

• Another threat is the “SQL Injection attacks” which can grant a hacker direct access to your whole web application. To avoid SQL injection attacks; make sure you are escaping variable data before running SQL scripts to return login information for your system in nutshell.

• Choose third party scripts carefully.

Websites need a “web scanning application” solution which can effectively scan whole website and to avoid and prevent hackers from infiltrating website data and applications.The application should be scan website daily or weekly and monitor the all suspicios activity.

Paying attention to these basic precautions will better your chances of surviving potentially devastating problems.

Posted By : Prashant Katare ( prashant.katare@gmail.com )

Everyone is familiar with routes in rails been a Rails developer we add and edit config/routes.rb many time throughout our application.But let get it straight how many of us actually write test for routes that we define.I guess hardly anyone does I too used to avoid writing it until I found out how easy and fun it is to write route test. So let me show you

A Routes Test has basically 3 parts

1. assert_generate
2. assert_recognizes
3. assert_routing

1. assert_generate.
Asserts that the options you provide can be used to generate the provided path.
SYNTAX

assert_generates(expected_path, options, defaults={}, extras = {}, message=nil)

Let see an example
Suppose I have a routes “http://localhost:3000/users/new” so the assert_generate for the following path look like this.

assert_generate("/users/new",:controller => "user",:action => "new")

This tell that the controller and action pair generate the provided path in this case(“/users/new”)

Now make it bit complex
What about parameters passed in to the routes,well you can write test for that as well
Here how
e.g suppose above path look like this ‘http://localhost:3000/users/new?account=1′
Now as you can see the there a additional parameter that been passed now
so the test for the above path would look like

assert_generates("/users/new",{:controller => "users" , :action => "new",:account_id => "1"}, {}, {:account_id => "1"})

Now one might ask why the path isn’t written like this ‘/users/new?account=1′ that because the ‘account_id=1′ is passed as parameters and we all know one never get a path with parameter add to routes if we do rake routes. So to take care of that extra parameter one need to tell what extra(parameter) that will be passed,in this it is “account_id”

Now when you run the following test it run without any error and failure

2. assert_recognizes.
Basically it just the inverse of assert_generate.assert_recognizes asserts that Rails recognizes the route given by expected_options.
SYNTAX

assert_recognizes(expected_options, path, extras={}, message=nil)

e.g Let do assert_recognizes for the same path(/users/new?account=1) for which we did assert_generate.
Here it is.

assert_recognizes({:controller => "users",:action => "new",:account_id => "1"},"/users/new",{:account_id => "1"})

Here again your are a specify the extra as ‘account_id’

Now see a trivial example

http://localhost:3000/users/1 => :controller => “users”, :action => “show”

http://localhost:3000/users/1 => :controller => “users”,:action => “destroy”

so the assert_recognizes for the above two would look like this

assert_recognizes({:controller => "users",:action => "show",:id => "1"},{:path => "/users/1",:method => "get"})

assert_recognizes({:controller => "users",:action => "destroy",:id => "1"},{:path => "/users/1",:method => "delete"})

3. assert_routing.
assert_routing essentially combines “assert_recognizes” and “assert_generates” into one step.
SYNTAX

assert_routing(path, options, defaults={}, extras={}, message=nil)

assert_routing for the above path are as follow

i. “http://localhost:3000/users/1?account_id=1″

assert_routing('/users/new', {:controller => 'users', :action => 'new',:account_id => "1"},{},{:account_id => "1"})

ii. “http://localhost:3000/users/1″ => Show action

assert_routing('/users/1',:controller => "users",:action => "show",:id =>"1")

iii. “http://localhost:3000/users/1″ => Destroy action with method => ‘delete’

assert_routing({:method => "delete",:path => '/users/1'}, {:controller => 'users', :action => 'destroy',:id => "1"})

You Can also try few console trick while writing the test.

$ script/console
>> routes = ActionController::Routing::Routes</strong>

>> routes.generate :controller => "users" , :action => "new"
=> "/users/new"

>> routes.generate :controller => "users" , :action => "edit", :id => "1"
=> "/users/edit/1"

>> routes.recognize_path '/users/new'
=> {:controller=>"users", :action=> "new"}

>> routes.recognize_path '/users/edit/1'
=> {:controller=> "users", :id=> "1", :action=>"edit"}

In previous article we have seen that how pdf is generated  using act_as_flying_saucer plugin.

Following code snippets is used for generating pdf with bookmark .

<html>
  <head>

    <bookmarks>
      <bookmark <strong>name="Section 1" href="#section_1"</strong>>
        <bookmark name="Section 1.1" href="#section_11"></bookmark>
        <bookmark name="Section 1.2" href="#section_12"></bookmark>
      </bookmark>
      <bookmark name="Section 2" href="#section_2"></bookmark>
      <bookmark name="Section 2" href="#section_3"></bookmark>
    </bookmarks>

  </head>

  <body>

    <div style="page-break-before: always;">
      <a <strong>name="section_1"</strong>>Section 1</a>
    </div>
    <div style="page-break-before: always;">
      <a name="section_11">Section 1.1</a>
    </div>
    <div style="page-break-before: always;">
      <a name="section_12">Section 1.1.2</a>
    </div>
    <div style="page-break-before: always;">
       <a name="section_2">Section 2</a>
    </div>
    <div style="page-break-before: always;">
       <a name="section_3">Section 3</a>
    </div>

  </body>

</html>

<bookmark name=”section 1″  href=”#section_1″> tag is used to generate bookmark.
which contains name attribute for displaying name of bookmark.
href attribute is used for navigation purpose.

<bookmark> tag can be nested so it can be used for generating nested bookmark
<bookmark> tag is wrapper with <bookmarks> tag. This tag placed in html header.

Now in html body whichever anchor tag has name attribute with value as same as bookmark
href value on that position user is navigated.

Mainly two tag is used which is displayed below.

<bookmarks>
<bookmark name=”Name Of Bookmark”  href=”#bookmark1“>< /bookmark>
</bookmarks>
<a name=”bookmark1″>Text</a>

Pdf with password protected in rails

In previous article we have seen that how pdf is generated  using act_as_flying_saucer plugin. Now  act_flying_saucer  has added support for  password protected pdf.

To generate PDF with password protection just pass :password=>”xxx” to render_pdf method.

render_pdf :file=>'pdf/generate_pdf.html.erb',:password=>"xxx"</pre>

You can install act_as_flying_saucer plugin

 script/plugin install git@github.com:amardaxini/acts_as_flying_saucer.git

For  further details you can visit article or visit http://github.com/amardaxini/act_as_flying_saucer

In this article i have just taken a short example describing vertical table,and its implementation using rails.

When table has no fixed column it has dynamic fields .data is not stored on separate column but data stores in vertical fashion.

For implementing vertical table table has mainly 2 columns key and value pair.key is like database column name and value contains actual data.

Lets take an e.g

Consider website in which it contains various products and its comparison ,searching and many more features.product can be mobile,car etc.Product has many items.item may be nokia 6600,nokia n72 etc.

Here our aim is not compare aur search items.Here our main aim is how vertical table concept is applied.Suppose we have to build only single product comparison site then each product has it’s own attributes that can be easily build with adding column for each product.

we are developing generic site(multiple product).so there is no fixed attributes,each product has it’s own attributes either we create different model for each product or we can proceed with vertical table concept.

• Product has many Product Attributes.
• Product has many Items.
• Item has many Item Attributes.
• Item Attribute belongs to Product Attribute.

Product Attribute mainly requires 3 fields

name : which is used for key in vertical table(i.e column name)

option_type : which is used for viewing different form of data when item is created .(textbox,dropdown,checkbox,multi option)

option : which contain option if its drop down or multi option(serialize)

Item has only name field which is optional.

Item attribute mainly required 3 fields

name : key name or column name

value : actual value

item_id : foreign key of item

It is used where table has dynamic fields,and it only concern with data.

Here data grows vertically.

It has mainly key ,value pair.

Source code of above example is hosted on github http://github.com/amardaxini/vertical_table_demo

For More info about vertical table you can visit http://weblogs.foxite.com/andykramek/archive/2009/05/03/8369.aspx