Monitoring Disks in RAID Array in Windows 7

December 5, 2012 2 comments

For many folks whose motherboards don’t support RAID or just want a simple, easy to implement RAID solution, software RAID is often the best solution. In Windows 7, Microsoft finally got around to providing out-of-the-box software RAID capabilities (apparently you could do it in Windows XP, but not without some real leg work). Only problem is Microsoft didn’t include a notification or alarm mechanism to deal with disk failures. The only notification is a passive entry in the Event Log, which is not obvious for basic users and not really convenient for anyone. This effectively defeats the purpose of RAID as a mechanism for data redundancy, as your disks could fail one by one until all of your data was unrecoverable, and you as the user wouldn’t realize until it was too late.

Click to see my solution

Easily Create a Store Locator

November 28, 2012 Leave a comment

I had initially set out to build my own custom store locator (just for the learning experience) and post a how-to article for it. I quickly found that this has been done many times before, and Google has a very good tutorial if you want to build your own.

But what if you don’t have a database behind your website? What if you don’t have any IT staff to support a custom store locator? What if you need an easy solution?

Check out BatchGeo, a free (with ads) hosted store locator service. All you need is a spreadsheet of your locations that you want to map and whatever secondary information you want to display. BatchGeo takes care of mapping the addresses, so you don’t have to determine the latitude and longitude values for each address (like in the Google tutorial). You can also group your locations arbitrarily, such as by location type in my demo, by simply adding another column of data.

alexdglover_batchgeo_map_demo

Once you supply your information and click “Map Now,” the map will be generated for you to preview. If all is well, just click Save & Continue. You’ll be asked to provide an email address and some basic information about the map you generated, including whether you want it to be public or unlisted. Then just click Save Map.

Finally, BatchGeo will email you the new map URL, as well as some basic iframe code to embed your map on your website. The map has great functionality, allowing you to search geographically (by city, zip code, whatever) or by secondary content (store name, group name, even phone number). Content display is great. Markers are lettered to correspond to the location listing below (as we’ve come to expect from Google maps). Markers are also color coded if you used grouping. Info windows cleanly display formatted secondary information such as web site and phone number.

If you want to get rid of the embedded advertisements, unfortunately it’s going to cost you $99.00 per month. If you can bear the ads, it’s an awesome free service.

Prevent SQL Injection Attacks in PHP Applications

November 26, 2012 2 comments

Ok, some quick background before we get started. Let’s say you have a search bar in your PHP-based web site to help people find items, which ties back to your database. Behind your search bar is some code and a query, something like

$query = "SELECT * FROM ITEMS_TABLE WHERE ITEM_NAME LIKE" . $mySearchBarString .";";

So a user provides some string, like ‘Xbox,’ and it finds all items with ‘Xbox’ in the name. Lovely. But what if the user enters this:

blah; SET @tables = NULL;
SELECT GROUP_CONCAT(table_schema, '.', table_name) INTO @tables FROM information_schema.tables;
SET @tables = CONCAT('DROP TABLE ', @tables);
PREPARE stmt1 FROM @tables;
EXECUTE stmt1;
DEALLOCATE PREPARE stmt1;

For those who can’t read SQL, here’s the short version – an attacker just dropped ALL of your databases, in all schemas. Whoops. This is your face right now:

We’re not going to let this happen to us, because losing and replacing that data seems like a lot of work, and we all have better things to do than restore backups and try to explain data loss to end users.

Let’s review some options

Easy Modal Overlays

November 21, 2012 Leave a comment

Modal overlays are those fancy popups, often used to display a full-sized image or some sort of form. They give the appearance of a new window within the browser, giving sites a more lively animated and interactive look.

It’s a pretty sweet feature, and is actually pretty easy to implement. I’ll highlight a couple options and talk about how to implement them in this post.

Read more…

Making Your Site Mobile-Friendly

November 19, 2012 Leave a comment

There’s no refuting the statistics – over 20% of all web traffic comes from mobile users, and almost everyone agrees that this figure will grow.

Mobile users can use standard web sites, but mobile-friendly sites are going to have better click through, more page visits, and more time spent on pages (there’s probably a cooler digital marketing term for this, but you get the idea).

Part of the pain of mobile-friendly sites is that you must accommodate many different screen sizes and aspect ratios. Check out this comparison from Phone Size:

Very different from one to the next. And realistically, this is a very small sampling of phone sizes.

Let’s walk though a couple scenarios and talk about solutions.

Categories: How-to Guides Tags: , ,

Konami Code

November 16, 2012 4 comments

The Konami code… if you were born in 1990 or earlier, and play (or played) video games, you probably already know what I’m talking about.

The history of the Konami code is awesome in it’s own rite. Here’s the short version: the Konami code is a famous cheat code (up, up, down, down, left, right, left, right, B, A) that first appeared in NES games like Contra. Many times the code was added to video games as a tribute to the classic games or as a tribute to Kazuhisa Hashimoto, the developer who accidentally left the cheat code in the game when it was sold to the public.

That homage has been proliferated by nerds and techies through many games and, eventually, made it’s way on websites.

YES, THERE IS A CHEAT CODE FOR THE INTERNET.

“Google Hacking”

November 14, 2012 Leave a comment

When I was still working at the University of Wisconsin, a co-worker of mine showed me a way to find unprotected directories indexed by Apache and web cameras. Not those kind of web cam feeds – these are usually security cameras in innocuous places, like restaurants, streets, tops of buildings… etc., that are so benign (usually) that whoever set them up decided they didn’t need to be secured (or didn’t know how to secure them).

Anyway, the way he found these was the interesting part. At the time, it was termed “Google Hacking” although now it is sometimes called “Google dorking.” It is simply using Google to find unsecured web content with targeted search terms. Read more…

%d bloggers like this: