I published slides from my two talks from our Egypt company meeting.
First one is about Sphinx search engine. The originally presentation was prepared by Andrew Aksenoff, author of Sphinx for HighLoad.ru conference, I translated it on English for our meeting.
And second about Mercurial version system, the tool we decided to use for our internal and web projects.

Entry posted by Vadim | 2 comments

Add to: …

There is a going trend among companies not just supporting and appreciating open source, but also ‘’going open’’ by releasing their new development efforts as open source or converting their formerly proprietary offerings open source by releasing the source code under some open source license such as GPL.

I believe there are many misconceptions among organizations as to what can be gained by this and even more misconceptions as to how to manage the process.

Some Myths:

- Open Source is hostile to intellectual property.
- If I give away my software to the Open Source community, thousands of developers will suddenly start working for me for nothing.
- The Open Source movement isn’t sustainable, since people will stop developing free software once they see others making lots of money from their efforts.

(Free/Libre Open Source Software: a guide for SMEs 2007)

Some reasons why select …

Okay, so you have used some mysqldump to backup some of your data. But have you wondered how to test your backup? What if mysqldump does not really 'backup' your data? It is actually quite simple to test your backup and that is to verify the restore of your backup.

Here are a couple of ways to test your backup recovery (assuming that you have restored your backup already).

1. Do a select count(*) on all your tables before and after you restore your data.
2. Do a md5sum on your MySQL files before and after you restore your data.

Obviously when you do test your recovery process, you need to make sure that no data is being changed while you are doing it.

I had some free time this weekend, so I thought I would give DRBD a look on EC2... It wasn't long in, and I made a discovery:

etch:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 12:31:38:00:35:37  
          inet addr:10.252.58.197  Bcast:10.252.59.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:82547 errors:0 dropped:0 overruns:0 frame:0
          TX packets:41818 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:121402208 (115.7 MiB)  TX bytes:2645395 (2.5 MiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

At least …

Today's entry, provided by Paul Reinheimer, is entitled Channels and Output.

Name

Paul Reinheimer

Blog

blog.preinheimer.com

Biography

Born in Vancouver, raised in Ontario, educated in Windsor, currently roaming the streets of beautiful Montreal. When not fighting off crazy Internet vixens, Paul pays his hosting and Internet bills by taking care of training for php|architect, launching his own projects like funcaday, and speaking at various conferences.

Location

Montreal, Canada

When getting started with PHP programming, we memorize rules that those …

With 130 entries in the “MySQL” category and no MySQL-related subcategories, my blog had become impossible to search and navigate easily.

And thus I created a number of new categories for the MySQL entries within my blog. They’re listed in the left navigation bar, below the months, as well as below:

• MySQL Server, MySQL Cluster, Falcon
• Connectors: PHP, Ruby on Rails
…

I've been talking to some Montrealers about using Amazon EC2. One of the small issues with EC2 is that you have no fixed IP addresses for your instances. This means that people are having to use DNS, which works well 99% of the time[1].

One of the problems for me, is that I can't as easily have a virtual interface, which is the IP address of the current master database server - I have to have a hostname like mysql-master.mydomain.com. Which means that if I switch masters, I have to wait for the TTL length for old clients to stop connecting to the previous master (In talking to Rightscale, they set it to 45 seconds, PeterZ has blogged about with not to use 0 second TTLs here).

The possible solution - when you switch masters, the previous master shuts …

I figure while I'm in the blogging spirit, I should announce where you can catch me presenting early next year:

March 12-14 - PHP Quebec
* Security from the Database Perspective
* Breaking the Rules

April 14-17th - MySQL Conference
* Exploring Amazon EC2 for Scale Out Applications

May 21st-23rd php|tek
* Performance Tuning MySQL
* Designing for High Availability

I decided to do something different and submit about 10 outlines for possible talks, so it's interesting to see what each of the organizers eventually arrive at.

With MySQL 5.0, it's much easier to do SQL Injection attacks, because you can use UNION against information schema. You couldn't do this with the old SHOW commands.

i.e.

SELECT * FROM users WHERE id = $id;

becomes:

SELECT * FROM users WHERE id = 0 UNION 
SELECT group_concat(table_name) FROM information_schema.tables  
WHERE table_schema=DATABASE() group by table_schema;

The rules to a union in MySQL is that the second query must match the same number of columns as the first query. In this case, you can just keep changing it till you get the column count right:

SELECT group_concat(table_name), 1, 2, 3, 4 FROM information_schema.tables 
WHERE table_schema=DATABASE() group by table_schema;

I presented on these types of attacks here

mysql> create database attack;
Query OK, 1 row affected (0.00 sec)

mysql> use attack;
Database changed

mysql> create table users (id INT UNSIGNED NOT NULL PRIMARY KEY auto_increment, username varchar(30) NOT NULL, 
password char(32) NOT NULL, UNIQUE KEY (username));
Query OK, 0 rows affected (0.00 sec)

mysql> INSERT into users (username, password) VALUES ('morgo', MD5('my_password')),
 ('ted', MD5('another_password'));
Query OK, 2 rows affected (0.41 sec)
Records: 2  Duplicates: 0  Warnings: 0

mysql> SELECT * FROM users;
+----+----------+----------------------------------+
| id | username | password                         |
+----+----------+----------------------------------+
|  1 | morgo    | a865a7e0ddbf35fa6f6a232e0893bea4 |
|  2 | ted      | 280fb9194368f9d1d44f8ddcc13f2717 |
+----+----------+----------------------------------+
2 rows in set (0.00 sec)

mysql> CREATE TEMPORARY TABLE users_copy LIKE users;
Query OK, 0 rows affected (0.04 sec)

mysql> …