Tony's ramblings on Open Source Software, Life and Photography

PHP Sessions can't handle SimpleXML data

I've been banging my head against the wall over an error reported in some PHP code I've been writing. For some reason the session would be trashed on the server and on next page load I'd get "Node no longer exists" when I tried to open the session.

It turns out that you can't take a response from a SimpleXML object and store it in a session. You'd think that if you could type "echo $myxml->thisnode" and get a string that it's really a string, but PHP automatically typecasts and converts as needed - except in the case of storing in a session variable.

There's an easy solution. Use explicit typecasting when trying to store an XML result string in a $_SESSION[] variable:

$_SESSION['myinteger'] = (int)$myxml->myinteger;
$_SESSION['mystring'] = (string)$myxml->mystring;

Categories:

DRBD Defaults Too Slow For Today's Servers

I was just setting up a new install of two Ubuntu servers with a TB mirrored between them in realtime using DRBD. It occurred to me while I was configuring DRBD that the default settings are way too slow for current hardware.

For instance, if you're going to set up a high-availability cluster no doubt you're going to have a minimum of a Gigabit network connection between the servers and at least use SATA 300 hard drives - probably in a RAID array to get even more throughput.

The default sync speed in DRBD is only 10 Megabytes / second. It's in your best interests, especially on the initial sync, to increase this considerably. At initial setup time you can safely configure this to be as high as your hardware will allow. Check out this article that describes how to go about calculating it.

For instance, initially my setup used 22 MB as the sync speed, but for the initial sync of 1 TB across a Gigabit crossover using SATA 300 drives was going to take almost 10 hours to complete. My hardware config actually lets me push this as high as 68 MB / second, reducing my initial sync time to about 3 3/4 hours, and that's on two systems with no RAID - simply a 1 TB hard drive synced over a crossover cable.


Categories:

First Jaunty Tweaks

An update to my Hardy LTS desktop caused my nVidia drivers to puke again, and for some reason they refused to reinstall. It's all related to having installed this system first as a Gutsy install, and using the nVidia drivers downloaded from their website. Every time there was a kernel upgrade I'd have problems, and it started getting worse with package file conflicts recently.

My hard drive had also gotten a bit small for me, so I decided maybe it was time to go ahead with a fresh install of Jaunty (which I'd downloaded just before the drivers went wacko) and take the opportunity to throw in a new hard drive.

On my first install attempts the Jaunty CD would simply drop to a BusyBox console prompt and never install, without giving any indication of what the problem was. I did a bit of googling and found that this could be caused by a crappy SATA control chipset on the motherboard. I then wasted the next hour attempting to update my BIOS without Windows, a floppy drive or a USB stick. I finally was able to run the BIOS update by placing it on a CF-II camera card and using that. Unfortunately there was no improvement.


Categories:

Making Apache Run Python

I've always been a PHP guy, but recently I had a little Python web scraper utility I wrote that I wanted a nice interface to, and I didn't feel like writing a complete GTK interface for it, or rewriting it in PHP with CURL.

So, I thought, "Hey, there's these people that run Python on their servers instead of PHP, why don't I try that! It shouldn't be any harder than running PHP, right?"

Wrong. It's not hard, but it brings back memories of my first attempt to get Perl scripts to work properly with Apache.

First, you need to install "libapache2-mod-wsgi". This is the module for Apache that lets you run Python scripts from inside your web server. I know, why doesn't it have the word "Python" in the name? Don't worry - just make sure you don't actually try to use the module that DOES have Python in the name. It's the old and outdated way of doing things.

So, use Synaptic to install the module, or at a console enter:

sudo apt-get install libapache2-mod-wsgi

Categories:

IT Security At HIMSS09

I consider security one of my top concerns, and one of my major strengths. Given the volume of information that my servers hold, any potential breach could pose serious problems. We constantly audit our servers and security logs, use a custom firewall and intrusion detection software and take a "close everything open only what's necessary" approach to security. We also use full hard disk encryption on all laptops. I'm confident our systems are more secure than 99% of hospitals out there.

On a given day my servers detect and thwart a minimum of 5 to 6 all-out brute-force intrusion attempts. Identified attempts are automatically blocked from accessing any services on any of our servers. Our firewall logs and blocks at least 50 networks scans per day.

But, even I know that to assume we'll never suffer an intrusion is arrogant and dangerous. That's why I made it a point to attend the session on HIM breach notification laws. What was surprising to me was how few people attended that session. I guarantee a lot more will attend the session on the Government stimulus bill, but managing and planning for security issues should be even more important.


Categories:

Fixing libgl1-mesa Package Problems

I've known for a while that the proprietary NVidia drivers I downloaded some time back screwed with my system, unfortunately I hadn't realized just how bad until I tried upgrading from 8.04 to 8.10.

After the upgrade and reboot, X wouldn't start and my package manager complained about various libgl1-mesa packages. When I tried doing "apt-get -f install" as suggested, I would get the following error:

unable to create `./usr/lib/libGL.so.1.2': No such file or directory
among other things...

There's actually a pretty simple fix... I entered the following in a console:
dpkg-divert --remove /usr/lib/libGL.so.1.2
dpkg-divert --remove /usr/lib/libGL.so.1
apt-get -f install

All was well with the world - I still needed to manually reinstall my proprietary NVidia drivers, but at least now my package system wasn't broken anymore.


Categories:

Where's The American Dream Gone?

There was a time when people referred to the "American Dream." The dream was that if you worked hard and smart, that you could become something better than you were. Immigrants flooded our borders hoping to jump on the capitalism bandwagon and make something of themselves.

What's interesting is that they have. In fact, a study by Johns Hopkins in 2001 found that even when considering Caucasian European immigrants against native-born Caucasian American's (in order to remove any racial prejudice from the numbers,) immigrants generally had greater than a 35% better net worth.

As an employer, entrepreneur and father, the average work ethic in the US seriously concerns me. I have to say we have an exceptionally good batch of employees right now, but when we were located in Alabama, finding good employees was exceptionally hard. Several people seemed to feel entitled to work 5 hours a day, and then spend 3 of those browsing the Internet or chatting with other employees. Unfortunately I didn't just have a bad batch, it was something I saw over and over. If you had to let someone go due to lack of work ethic, suddenly they threatened you with a lawsuit (one even went to arbitration.)


Categories:

Why Open Source Should Be The Future

Everyone can agree that computer software has become orders of magnitude larger and more complex when compared to early home computer software. The first complete non-game application I wrote was a spreadsheet. No, I didn't use a spreadsheet app, I wrote my own Excel clone, or rather in the day I called it my own "Visicalc" clone, complete with recursive algorithms. The entire application and data fit within 64k of RAM on my Commodore 64.

Any modern software developer will tell you that a program that creates a dialog that says "Hello World" will likely be 1MB in size. Modern computers are more complex, modern operating systems are more complex, and that makes even the most simple application more complex.

Complex software requires a complex team of developers to get everything designed, tested and developed. A single application might have dozens of programmers working on it.

The more complex an application is and the more developers working on it, the more chance there is to be bugs that are not found in the initial testing phase. Different segments of the application rely on other pieces in order to work correctly, and those pieces cannot be tested until they are all snapped together.


Categories:

Adjust Backlight Brightness When On Battery Power (Ubuntu)

For those of you running Gnome, this will help you tweak your power management settings.

Ubuntu provides a nice little power management utility in System + Preferences + Power Management, and it includes a checkbox to tell it to dim your backlight when on battery power to save your battery time. By default, it will drop your backlight by 50% from your regular setting. I find that my backlight is bright enough that I can run as low as 30% brightness on battery and be happy, but I like full backlight strength when I'm running on AC power.

There's a quick and easy tweak you can do to change how far to drop the backlight when you're running on battery power. To do this, open Applications + System Tools + Configuration Editor. Be advised that you can do serious damage to your system setup in here, so be careful to only change what you understand.

Once you're in the Gnome configuration editor, browse down to:
/apps/gnome-power-manager/backlight
and look for "brightness_dim_battery".

This setting is the percentage to dim FROM whatever it's at before you lost AC power. In other words, if you normally run 100% and want to run at 30% when on battery, enter 70 here.


Categories:

Poll: Should users be able to create accounts?


Categories: