Cleaner redirection in Perl Dancer
By Jeff Boes
January 21, 2015
Recently I worked on a project using the Perl web application framework Dancer that had multiple paths to order a product:
/product => /cart => /checkout => /receiptThat’s the standard approach. Then there was a “phone order” approach:
/create_order => /checkout => /receiptA “phone order” is one taken down (usually by phone), where the user who is logged in is not the same as the user who “owns” the order. Thus, one user is ordering on behalf of another: the order must be recorded as part of the second user’s order history, the various shipping and billing information must come from that user’s stored information, and even the product pricing has to be calculated as though that customer were doing the ordering rather than the logged-in user.
As a consequence, the phone order page flow actually ended up as:
get /create_order => post /create_order => /checkoutThe submission of the /create_order page was processed in an environment that knew about this “proxy” ordering arrangement, thus could do some particularly special-case processing, and then the idea was to pass off to the /checkout page, which would finalize the order including payment information. …
dancer perl
SSH one-time passwords (otpw) on chromebook
By Greg Sabino Mullane
January 21, 2015
A little while ago, I bought a Chromebook as an alternative to my sturdy-but-heavy laptop. So far, it has been great—quick boot up, no fan, long battery life, and light as a feather. Perfect for bringing from room to room, and for getting some work done in a darkened bedroom at night. The one large drawback was a lack of SSH, a tool I use very often. I’ll describe how I used one-time passwords to overcome this problem, and made my Chromebook a much more productive tool.
The options for using SSH on Chrome OS are not that good. I downloaded and tried a handful of apps, but each had some significant problems. One flaw shared across all of them was a lack of something like ssh-agent, which will cache your SSH passphrase so that you don’t have to type it every time you open a new SSH session. An option was to use a password-less key, or a very short passphrase, but I did not want to make everything less secure. The storage of the SSH private key was an issue as well—the Chromebook has very limited storage options, and relies on putting most things “in the cloud”.
What was needed was a way to use SSH in a very insecure environment, …
chrome security ssh sysadmin
Spree Commerce “invalid value for Integer(): "09"” in Spree::Checkout/update
By Matt Galvin
January 14, 2015
Hello again all. I like to monitor the orders and exceptions of the Spree sites I work on to ensure everything is working as intended. One morning I noticed an unusual error: “invalid value for Integer(): "09"” in Spree::Checkout/update on a Spree 2.1.x site.
The Issue
Given that this is a Spree-powered e-commerce site, a customer’s inability to checkout is quite alarming. In the backtrace I could see that a string of “09” was causing an invalid value for an integer. Why hadn’t I seen this on every order in that case?
I went into the browser and completed some test orders. The bug seemed to affect only credit cards with a leading “0” in the expiration month, and then only certain expiration months. I returned to the backtrace and saw this error was occurring with Active Merchant. So, Spree was passing Active Merchant a string while Active Merchant was expecting an integer.
Armed with a clearer understanding of the problem, I did some Googling. I came across this post. This post describes the source of this issue as being the behavior of sprintf which I will describe below. This topic was discussed in the Ruby Forum.
Octal Numbers
As per Daniel Martin on the aforementioned …
ecommerce rails spree
Angular Responsive Layout Directive
By Marina Lohova
January 13, 2015
To all of you window.onResize aficionados, I dedicate this blog post because today we will be doing a lot of dynamic resizing in JavaScript. All of it will be done completely and effortlessly with my one-page long Angular directive.
Why do I need to attach an expensive onResize handler to my already overloaded page, you ask. The answer is very simple. Our app layout is pixel-perfect. Each element has the predefined width and margins. Yet, the app needs to look good on all kind of devices, from regular PC to tablet to iPhone. That’s why I created the following Angular directive in /scripts/directives/tsResize.js:
angular.module('angularApp')
.directive('tsResize', function($window) {
return function(scope, element) {
var w = angular.element($window);
scope.getWindowDimensions = function () {
return {
'h': $window.innerHeight,
'w': $window.innerWidth
};
};
scope.$watch(scope.getWindowDimensions,
function (newValue, oldValue) {
scope.windowHeight = newValue.h;
scope.windowWidth = newValue.w;
scope.mainContainerStyle = function () {
if (newValue.w > 890) {
return {}; …angular css design html javascript
DBD::Pg escaping placeholders with backslashes
By Greg Sabino Mullane
January 12, 2015
The popularity of using JSON and JSONB within Postgres has forced a solution to the problem of question mark overload. JSON (as well as hstore) uses the question mark as an operator in its queries, and Perl DBI (esp. DBD::Pg) uses the question mark to indicate a placeholder. Version 3.5.0 of DBD::Pg has solved this by allowing the use of a backslash character before the question mark, to indicate it is NOT a placeholder. We will see some code samples after establishing a little background.
First, what are placeholders? They are special characters within a SQL statement that allow you to defer adding actual values until a later time. This has a number of advantages. First, it completely removes the need to worry about quoting your values. Second, it allows efficient re-use of queries. Third, it reduces network traffic as you do not need to send the entire query each time it is re-run. Fourth, it can allow for seamless translation of data types from Postgres to your client language and back again (for example, DBD::Pg translates easily between Perl arrays and Postgres arrays). There are three styles of placeholders supported by DBD::Pg—question marks, …
database dbdpg json perl postgres
Riding the Elasticsearch River on a CouchDB: Part 1
By Brian Gadoury
January 12, 2015
As you may guessed from my perfect tan and rugged good looks, I am Phunk, your river guide. In this multi-part series, I will guide us through an exploration of Elasticsearch, its CouchDB/BigCouch River plugin, its source, the CouchDB document store, and the surrounding flora and fauna that are the Ruby on Rails based tools I created to help the DPLA project manage this ecosystem.
Before we get our feet wet, let’s go through a quick safety briefing to discuss the terms I’ll be using as your guide on this trip. Elasticsearch: A schema-less, JSON-based, distributed RESTful search engine. The River: An Elasticsearch plugin that automatically indexes changes in your upstream (heh) document store, in real-time. CouchDB: The fault-tolerant, distributed NoSQL database / document store. DPLA: The Digital Public Library of America open source project for which all this work was done.
Let’s put on our flotation devices, don our metaphor helmets and cast off.
In an Elasticsearch + River + CouchDB architecture, all things flow from the CouchDB. For the DPLA project, we wanted to manage (create, update and delete) documents in our CouchDB document repository and have those changes …
couchdb elasticsearch rails
Web Development, Big Data and DevOps—OSI Days 2014, India
By Selvakumar Arumugam
January 12, 2015
This is the second part of an article about the conference Open Source India, 2014 was held at Bengaluru, India. The first part is available here. The second day of the conference started with the same excitement level. I plan to attend talks covering Web, Big Data, Logs monitoring and Docker.
Web Personalisation
Jacob Singh started the first talk session with a wonderful presentation along with real-world cases which explained the importance of personalisation in the web. It extended to content personalisation for users and A/B testing (comparing two versions of a webpage to see which one performs better). The demo used the Acquia Lift personalisation module for the Drupal CMS which is developed by his team.
MEAN Stack
Sateesh Kavuri of Yodlee spoke about the MEAN stack which is a web development stack equivalent to popular LAMP stack. MEAN provides a flexible compatibility to web and mobile applications. He explained the architecture of MEAN stack.
He also provided an overview of each component involved in MEAN Stack.
MongoDB — NoSQL database with dynamic schema, in-built aggregation, mapreduce, JSON style document, auto-sharding, extensive query mechanism and high availability. …
angular conference docker containers mongodb nodejs php cms
DBD::Pg: one ping to rule them all
By Greg Sabino Mullane
January 7, 2015
How can you tell if your database connection is still valid? One way, when using Perl, is to use the ping() method. Besides backslash-escaped placeholders, a revamped ping() method is the major change in the recently released version 3.5.0 of DBD::Pg, the Perl/DBI interface to Postgres. Before 3.5.0, there was a chance of false positives when using this method. In particular, if you were inside of a transaction, DBD::Pg did not actually attempt to contact the Postgres backend. This was definitely an oversight, and DBD::Pg now does the right thing.
Detecting a dead backend is a little trickier than it sounds. While libpq stores some state information for us, the only way to be sure is to issue a command to the backend. Additionally, we check the value of PQstatus in case libpq has detected a problem. Realistically, it would be far better if the Postgres protocol supported some sort of ping itself, just a simple answer/response without doing anything, but there is nothing like that yet. Fortunately, the command that is issued, / DBD::Pg ping test, v3.5.0 */*, is very lightweight.
One small side effect is that the ping() method (and its stronger …
database dbdpg postgres