Firstly update the your repositories replacing with “breezy” with “dapper” for example. You can work out the release names and additionally even change the URL’s to a closer mirrors by referring to the official repository list. This can be done using:

vi /etc/apt/sources.list

If you’re not familiar with vi, ESC leaves editing mode and INS enters editting mode. To save and quit when not in editing mode use:

:wq

To update the sources list then upgrade your distribution use the following commands after each other:

apt-get update
apt-get dist-upgrade

Double check the the upgrade using:

apt-get -f install

Then reboot to make all your upgrades take effect:

shutdown -r now

Using the following command will then confirm your server’s version:

lsb_release -a

Update!

I’ve since found out the method above is not the recommended process for upgrading please refer to the preferred process using update-manager-core. Additionally the process I used above has been officially documented on the Ubuntu help site.

The vmware-vdiskmanager.exe that comes with VMware Server can defrag and shrink your virtual drives.. But to make life easier check out these automated BAT files someones written to help out with the tasks. But remember not run this on VM’s that have snapshots!!

I’m involved in the development of a large web application (using Zend Framework) with many different types of entities inside! Some functions performed on these entities should be accessible to some users but not others… To make things more interesting users can assign other users with rights to these entities…

We’re going for a hands off user administration model where users register themselves, create things themselves, and give other users access to them.. THEMSELVES!

This article is Part 1 of many as I design and create a Zend Controller Plugin designed in simple terms to check if the user is allow to do whatever the hell they’re trying to do… I’d like to reuse it forever and a day though, so we need more functionality and flexibility…. My list of requirements goes on:

• Simplified everything - Can we use 1 line to kick off all ACL checks?
  No one likes having to include the ACL checking at the top of everything, and worse yet implicitly define what it is the page does, or who should access it… So we’ll require none of this!!
• Anonymous users should not be discriminated against!
  Anonymous users should be treated just like any other authenticated user - their access should be checked using the same process, and stored in the same manner! Examples of benefits:
  • Simplifies management the ‘anonymous user’ by using a normal role.
  • Logging (e.g. Ann performed this action) and metadata (e.g. updated by Ann) functions don’t need to cater for the irregularity of an ‘unknown’ user.
  • Explicit access to entities can checked/stored in the same way as normal users. For example - I want to make my Social networking profile publically viewable.

• Users should have generic roles!
  This means even though some users may not have implicit access to some entities, they can still have access! This is a more typically found smaller applications so definitely needs to be included.. Some example usage scenarios are:
  • Administrators - Access to everything!
  • Support staff - Application support staff may need to see ’stuff’; manage user accounts.
  • Moderators/Editors - Can approve anything/Can edit anything.
  • Anonymous - Allowed to see log in page.

• Users might have explicit privileges to supercede generic ones!
  This provides a way for use to either grant or restrict access to specific entities regardless of the users generic role. An example scenarios:
  • “Support staff” should b restricted from managing Administer accounts.
  • A user by default can’t edit ‘comments’, but can edit their own.

• Actions can depend on actions too!
  If a user has permission to perform a certain action, there may be other actions they should also have access to automatically. Example scenarios:
  • The ‘Register user’ action uses another action for AJAX validatio
  • The ‘Latest news’ action has an equivalent RSS/ATOM feed through another action

• Required ID checking for actions (soo not typically in scope, I know!)
  I need to explore this idea a little further (I’m not sure it will make the cut yet)… This typically wouldn’t be included in scope for a access control class! BUT… In this ACL model we’ll allow for checking if a user has access an perform an action on a specific entity. And we need to know the entity’s ID and what the entity is right?… So it seems only logically to store what actions REQUIRE what types of entity ID’s… Maybe we’ll go so far as to check they exist?

Assumptions

I’ll never have access requirements more specific than the action being requested!

Basically my ACL will define a users permission (ie. can access OR can’t access) to a specific action and its relationship with an entity if applicable. It will not be able to say a user can only partially see/run the action.

This will likely however still be achievable within this application itself. But it’s definitely outside of the scope of this particular Controller Plugin.

By ‘action’ I mean the standard route in Zend Framework (ie. Module/Controller/Action). So we’ll assume I’ll always be using it…

End note

Obviously every project always has unique requirements so I don’t anticipate what I’m working on will suit EVERYONE… But considering I’m designing this for maximum reused I would very much appreciate hearing the many weird and unique access control requirements you’ve encountered.

While I’m working on it I would like to incorporate the anything that is realistically reusable…

Having trouble with permissions to a file on Windows XP? So was I even though I was logged as an Administrator.. the same account which created the file.. the permissions hadn’t been modified.. Even worse the files locked were a virtual server I had spent days configuring!

The process to fix it was actually quite simple but took awhile to find:

1. Download SubInACL from Microsoft and install it.
2. Using notepad create a file in the SubInACL.exe directory called “reset.cmd”.
3. Paste the following commands in to this file then run it.

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f
 
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=system=f

Without reading in to these commands too much I suspect I didn’t need to use them all. But I figured that the Administrators and Systems accounts should have access to everything right? The security conscious paranoid man in me now questions, but its too late so I’m suppressing the voice!

Version control (also known as Revision control or Source control) is the management of different versions of files. I don’t know how large development teams could survive without it! Typically they all have one thing in common they help multiple developers contribute to a single project using an central server.

But how can it help? Have you ever worked on a project with someone else and had your files overwrite your files? Or constantly had pop your head over the fence to say “I’m going to work on file abc.xyz, okay?“. Preventing this is the selling point for me!

Version control systems can achieve this in either of the following ways:

• Locking - The simplest style is locking a file so only one person can modify it at a time. A file is checked out by one person then later checked back in.
• Merging - The more productive method merges multiple versions together. This way two people can work on the one file at the same time merging their changes when finished.

I’m going to concentrate on merging although locking is not without it’s benefits. Regardless of your system you should be familiar with some techniques used. This includes the conventional directory structure:

/branches/
/tags/
/trunk/

Or if you choose to have multiple projects in the one version control project:

/project-1/branches/
/project-1/tags/
/project-1/trunk/
/project-2/branches/
/project-2/tags/
/project-2/trunk/

Each of these top level directories has a specific purpose:

• Trunk - Where you’ll find the main line of development. Which is basically the primary repository for your code!
• Branches - Can contain multiple branches, each once a copy of the trunk that has branched off into a separate line of development.
• Tags - Contains tagged (as in with a friendly name) copies of the trunk from a specific point in time. Primarily used for taking snap shots of your released versions.

Branches can be used in two ways in my opinion:

• a unique development line never intended to be merged with the trunk - an example being one client has unique needs not beneficial to others.
• a development line which is intended to be merged with the trunk, but requires significant work which might have caused disruptions to progress on the trunk.

Where and how you work depends on your project, development team and what you’re working on!! A branch could be used for each developer working on a separate component not yet ready to be placed in the trunk. Alternatively smaller teams maybe comfortable all working in the trunk directly.

The sequence diagram below shows how a user might create a branch of the trunk and continue to work on it until merging it back in to the trunk.

A good practice shown above, is to merge the trunk into the branch periodically. This makes the process of finally merging the branch into the trunk more manageable! Additionally you should do this again immediately before merging your branch into the main line of development once it’s complete…

There are a number of different systems, my preferred is Subversion (SVN) , another common one is Concurrent Versions System (CVS)… Here are some websites that helped me get my head around this:

• The Top Ten Subversion Tips for CVS Users
• Version Control with Subversion - Branching and Merging
• Revision control - Wikipedia

I’m reasonably new to this so… Please let me know if you’re aware of any corrections required to the above!

Currently Zend_Auth won’t work if you’re using a Micrsoft SQL Server database for storing your account credentials.

This is because of a bug in the \Zend\Auth\Adapter\DbTable.php specifically in the authenticate() function. The SQL Statement it generates is not MS SQL friendly:

SELECT "users".*, "credential" = 'mypass' AS zend_auth_credential_match
FROM "users"
WHERE ("identity" = 'me')

Consequently causing the following error:

Incorrect syntax near the keyword 'AS'.

The good news is the code below can be used as a replacement in this function until the Zend Framework team get a chance to fix it themselves. It has been tested in MS SQL 2005 but I imagine it should work well in another DB (but test this yourself and comment back!).

// build credential expression
if (empty($this->_credentialTreatment) || (strpos($this->_credentialTreatment, "?") === false)) {
    $this->_credentialTreatment = '?';
}
 
$credentialExpression = new Zend_Db_Expr(
    $this->_zendDb->quoteInto('(CASE WHEN '
        . $this->_zendDb->quoteIdentifier($this->_credentialColumn)
        . '=' . $this->_credentialTreatment, $this->_credential)
        . ' THEN 1 ELSE 0 END) '
        . ' AS ' . $this->_zendDb->quoteIdentifier('zend_auth_credential_match'));
 
// get select
$dbSelect = $this->_zendDb->select();
$dbSelect->from($this->_tableName, array('*', $credentialExpression))
         ->where($this->_zendDb->quoteIdentifier($this->_identityColumn) . ' = ?', $this->_identity);

The code above generates the following MS SQL friendly SQL statement:

SELECT "users".*, CASE WHEN "credential" = 'mypass' THEN 1 ELSE 0 END AS zend_auth_credential_match
FROM "users"
WHERE ("identity" = 'me')

There is an issue open with the team if you’re interested in reading it (and please vote for it to be resolved).

This little trick has saved my life with quite a number of times!! But took me a while to find, so here I am sharing…

Lets say you’ve already got IIS running on your 2003 server, but you want to install several other web servers (or just one.. Hehe). You’ve already assigned a number of additional IP addresses to your server under network adapters TCP/IP settings.

But you then notice IIS is listening on all IP address! Despite having configured you’re sites in Internet Information Services (IIS) Manager to only use one IP address. You can see this using netstat.exe!

Solution

1. Install Microsoft Windows support tools. Found on your Windows Server 2003 CD at \support\tools\suptools.msi
2. Stop IIS listening on all addresses “httpcfg delete iplisten -i 0.0.0.0“
3. Set IIS to listen on a specific address “httpcfg set iplisten -i 192.168.x.x“
4. Stop IIS “net stop http /y“
5. Start IIS “net start w3svc“

Confirmation

Now to confirm what you’ve just done you can run “httpcfg query iplisten“.

There’s a lot of buzz with Frameworks and Libraries these days, and rightly so, without them some projects I’ve worked on would still be under construction!!! Developing with frameworks and libraries will save you time in both development and testing.

The abundance of functionality some provide often mean you’ll end up with a better end product. Not all clients can afford the time and money required to have developers work from the ground up. With the benefits of useful frameworks/libraries your clients will get more than they wanted for less than you quoted (or you could keep the float).

I could go on for hours listing examples I’ve played with over the years, but some of my personal favourites are:

Zend Framework
http://framework.zend.com

The leading open-source PHP framework has a flexible architecture that lets you easily build modern web applications and web services.

Yahoo! User Interface Library (YUI)
http://developer.yahoo.com/yui/

a set of utilities and controls, written in JavaScript, for building richly interactive web applications using techniques such as DOM scripting, DHTML and AJAX. The YUI Library also includes several core CSS resources.

jQuery
http://jquery.com/

jQuery is a fast, concise, JavaScript Library that simplifies how you traverse HTML documents, handle events, perform animations, and add Ajax interactions to your web pages. jQuery is designed to change the way that you write JavaScript.

I realise there is a great deal more I could and should be listing here… and probably some much better?! Please leave a comment I’ve love to here your favorites… and I’ll try include them in future posts!

Are you selling electronic products online? Such as software, videos, music… People are use to buying physical products even still in this electronic age. Even when more and more people are turning to purchasing and downloading music and videos in electronic formats.

We get use to the way the world works, and once something set its stuck! A classic example of this (and the purpose to this post) is 3D Boxes of software purchased online… You know the ones! They were on the website you bought that last application from, you just didn’t realise at the time that you would never see the actually box in real life because you downloaded the software…

One such free product worth downloading, and designed for producing these is 3D Box Shot Maker.

Is it just me or does the phrase “box shot” sound funny? Particularly when taking this quote from their website out of context:

An impressive box shot will make your software outstanding, and easily defeat your competitors at the start.

Its very poor practice to use the text like “Click here” as links. Some browsers, particularly some for disabled users, provide a summary of links throughout a page. If this practice were to be adopted throughout a page, a list of links like this would be presented to the user:

• Click here
• Open this
• Here
• Download

Out of context none of these links make sense nor provide any indication of where they go!

When creating a link, first check that the words sufficiently describe where the user should expect to be taken. So avoid using phrases like “click here”, and in a lot of cases, linking just one word probably wouldn’t be descriptive enough either.

Other common indescriptive links used are “Document” “Publiction”, “Form”. When taken out of context you have no idea where this link goes, and you’re left with so many questions e.g. Which form? Which publication?

Usability studies have shown people quickly scan pages rather than reading them in full. Because links stand out, by linking the appropriate text rather then indescriptive phrases people are likely to find the information they are looking for a lot quicker. Otherwise they’ll give up a visit a website which is easier to navigate…