Ross McFarland recently posted to the Cluster mailing list about a Perl binding that he’s been working on for the NDB API. Ross says that it’s just a proof of concept, and at this point nowhere near complete, but is inviting folks to download it and take it for a spin. I’m not a Perl hacker myself, but I’d be interested in hearing your reaction or if you’re doing something interesting with this.

Of course, if you’re working on your own port of the NDB API to some other language - say, PHP, Python, or (heh) even JavaScript - I’d love to hear about it.

After the new version for Linux we are now also able to announce a fixed version of XAMPP for Windows.

Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. To fix this problem we released an upgrade package for the Windows version of XAMPP.

This upgrade is primary for those people who a using XAMPP in a public or semi public environment, like a local network or the Internet.

You can get the upgrade from the usual place (there you also find an explanation how to install the upgrade). More information about the vulnerability: here

Looking for code inclusions?
The versatile google cluster has a solution for this, like for many other tasks.
This search

lang:php \secho\([^)]*_REQUEST[^)]*\); lets You find various places where some variable from the superglobal $_REQUEST is printed with echo. By the same means, you can easily find places where such a variable is directly included in an SQL query, for instance with lang:php \smysql_query\([^)]*_REQUEST[^)]*\); .
This alone yields 50 results for each query, but it may be varied with printf() instead of echo() or just …

Had a support question on the T-SQL to MySQL procedure converter. Seems like the first (current) version crashes when SQL statements are very long. Made a fix, and also improved the printing of long lines. Don't know if I am going to release it as is, or add more pretty-rpinting perheps. Also noticed that my support case uses + for string concatenation, which is not converted by the current version.

Some time ago, I sent an internal message to all the MySQL employees challenging/pleading for anyone who had coding skills but was not involved on the development team to jump in and help fix bugs. Several kind people took me up on that challenge, and Jay has now blogged about his experience and the steps involved in fixing a MySQL server bug. It’s an excellent and detailed explanation of how to set up your linux (or Mac) development environment, and how to add a test case to our regression test suite to be sure the bug never comes back. One suggestion - I recommend using compile-pentium-debug-max instead compile-pentium-debug, as the max build script turns on a lot more things in the code which you want to be tested when you run the regression test suite.

Hmm, I wonder if anyone would …

Slashdot carried a story earlier today entitled "Why Is Commercial OSS So Expensive?" He was referring to embedded software, and his experience is 100% contrary to my own experience. (My background is in open source embedded software.) He says:

Our startup honestly wanted to use OSS products. We do not want to spend time for any OSS bug fixing so our main requirement was -official support for all OSS products-. We thought were prepared to pay the price for OSS products, but then we got a price sticker shock....After all, we have decided that the survival of our business is more important for us then 'do-good' ideas. Except for that embedded Linux (slated for WinCE or VxWorks substitution), we are not OSS shop anymore.Taking the author at his word - that commercial open source is, in fact, expensive (has he tried the alternatives?) - I think he's …

If you're a programmer, you know the difference between a beginner and a master is the ability to write succinct code that does a great deal with very little work. If you can do this, you can easily raise your productivity and the quality of your work by an order of magnitude. Much more importantly, you can have a lot more fun writing code. Read on to learn how.

Stephen de Vries sent an email to SecurityFocus's web application security mailing list earlier today to comment on the new Google Code Search:

Google's code search provides an easy way to find obvious software flaws in open source and example applications.

He provided a few example queries to illustrate his point:

• XSS in Java Applications
• SQL Injection in Java Applications
• …

I've written about Hyperic before when they open sourced their stack management and monitoring software.  Hyperic's HQ product is the best way to manage a software stack in production, whether it's an open source LAMP stack, a closed source stack or, more likely, a hybrid combination.  The HQ product was a spinoff from Covalent and was in development for several years before it was open sourced earlier this year.  CEO Javier Soltero had a vision for creating a company around the technology and he's been able to do just that without compromising on the things that have made the technology successful. 

HQ is an extensible system and so not only does it monitor all kinds of operating systems, web servers, app servers and database servers, but it can be extended to monitor just about any kind of application, both at a technical level and at a business level.  One of …

Today I tried on my database the WITH QUERY EXPANSION clause on a fulltext search.

I manage the website of a famous italian soccer club (www.inter.it), and we have hundreds of thousands of pictures of actual and former players, coaches, events and so on.
Every day a back-office tool involve our web editors in finding pictures based on captions. I developed such a feature using a simple full-text search.

So, let's try to find all pictures about "goalkeepers" (unfortunately this word is not mainly used in picture captions)

mysql> select count(*) from media where match(caption_en) against('goalkeeper');
+----------+
| count(*) |
+----------+
| 60       |
+----------+


Let's try now the same query using WITH QUERY EXPANSION

mysql> select …