Trung Huynh’s tech blog

“To just invent something and have a great idea is a lot of work, but it is not enough. You have to get it out in the world ” - Larry Page - ” with a very high standard asap !” - Trung Huynh

Install Apache:

sudo apt-get install apache2

Install PHP:

sudo apt-get install php5 libapache2-mod-php5

Install MySQL:

sudo apt-get install mysql-server

Install phpmyadmin:

sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin

But before phpmyadmin can be browsed at http://localhost/phpmyadmin, it is necessary to add one line at the end of apache2.conf using the following command:

sudo vi /etc/apache2/apache2.conf

Then add the following line at the end of the file:

Include /etc/phpmyadmin/apache.conf

Done! Hang on, we need to restart apache first so everything can work with each other:

sudo /etc/init.d/apache2 restart

More on Ubuntu:

a2enmod rewrite

Recently I have just had my hands on Python when I am working at MusicMetric. I am a Python newbie and just want to write down some experience that I have learned so that I can revise anytime I want (in the way I can understand quickly) and it might also help other people who are new to Python.

First I want to answer for the question “why not multi-threading but multi-processing ?”. The reason is that the GIL (Global Interpreter Lock) makes multi-threading in Python not truly parallel and much less efficient (click here for more detail).

Thank to Multiprocessing module (a process-based “threading” interface) which is available on Python 2.6+, multi-processing in Python is now easier than ever.

1. Using Pool - a quick approach:

import multiprocessing

def testing(arg):
    x = 0
    for i in xrange(arg):
        x += i * i
    return x

if __name__ == "__main__":
    pool = multiprocessing.Pool(N_PROCESSES)
    print "processing..."
    results = pool.map(testing, range(20000000))
    print results

• Main advantages:
  • Quick implementation
• Main disadvantages:
  • Inefficient memory usage
  • Inflexible

2.Using Process:

import multiprocessing

def event_func(event):
    print '\t%r is waiting' % multiprocessing.current_process()
    event.wait()
    print '\t%r has woken up' % multiprocessing.current_process()

def test_event():
    event = multiprocessing.Event()

    processes = [multiprocessing.Process(target=event_func, args=(event,))
                 for i in range(5)]

    for p in processes:
        p.start()

    print 'main is sleeping'
    time.sleep(2)

    print 'main is setting event'
    event.set()

    #wait until all processes stop
    for p in processes:
        p.join()

Advantages:

• Flexible
• More efficient in memory usage than Pool

3. Shared memory:

Using Multiprocess.Pipe() and Multiprocess.Queue():

- Pipe() is used for one-to-one communication.
- Queue() is used for many-to-many communication.
Note:

• If a process is killed using Process.terminate() or os.kill() while using a Queue, data will be corrupted and won’t be able to be used in other processes.
• Processes won’t terminate untill all buffered item have been flushed to the Pipe. If you try to join processes, it is likely that you will get deadlocks unless you are sure that all items which have been put on the queue have been consumed. User Multiprocess.Manager.Queue() instead.
• Memory leaks (I don’t know why) - use Multiprocess.Manager.Queue() instead.

Even god made mistakes, please let me know what mistakes I have made.

Last night Mint CEO Aaron Patzer gave a 45 minute presentation at a startup competition event called Juice Pitcher on the Microsoft campus. The event, which is put on by TheFunded and Vator.tv, put a handful of new startups on stage to show their stuff and compete for a top prize. Between pitches, Patzer took the stage and told the story of Mint, in detail. His company just sold for $170 million to Intuit.

source: Techcrunch

Do you feel bored of using Google/Bing every day ? Do you think Google is slow ? Do you sometimes feel it is hard to find what search results are on page 200 or 1000 ? As a proactive developer, you definitely want to write your own search engine. Thank to Yahoo Boss, I wrote my own customised search engine in less than 200 lines of codes.

Live demo @ www.trunghlt.com/search

Click here to download the source code.

Even god made mistakes, please let me know what mistakes I have made.

Kevin shares the secrets to digg.com and wefollow.com explosive user growth. He covers nine unique strategies that turn passive users into passionate advocates:

Here’s a summary of the 10 ways to grow your consumer web application:

1. Ego.
Ask does this feature increase the users self-worth or stroke the ego? What emotional and visible awards will a user receive for contributing to your site? Are they gaining reputation, badges, show case what they’ve done in the community? Sites that have done it well:

Twitter.com followers. Followers turns every single celebrity as spokesperson for your service. Celebrities continually pimp your service in the hopes of getting more followers. It’s an amazing self-reinforcing traffic generator. Why do followers work? Twitter communication is one way. It’s simple. Followers don’t have to be approved and there aren’t complicated permission schemes about who can see what. It means something for people to increase their follower account. It becomes a contest to see who can have more. So even spam followers are valuable to users as it helps them win the game.

Digg.com leader boards. Leader Boards show the score for a user activity. In digg it was based on the number of articles submitted. Encourage people to have a competition and do work inside the digg ecosystem. Everyone wants to see their name in lights.

Digg.com highlight users. Users who submitted stories where rewarded by having their name in a larger font and a friending icon put beside their story submission. Users liked this.

2. Simplicity.
Simplicity is the key. A lot of people overbuild features. Don’t over build features. Release something and see what users are going to do. Pick 2-3 on your site and do them extremely well. Focus on those 2-3 things. Always ask if there’s anything you take out from a feature. Make it lighter and cleaner and easy to understand and use.

3. Build and Release.
Stop thinking you understand your users. You think users will love this or that and you’ll probably be wrong. So don’t spend 6 months building features users may not love or will only use 20% of. Learn from what users actually do on your site. Avoid analysis paralysis, especially as you get larger. Decide, build, release, get feedback, iterate.

4. Hack the Press. There are techniques you can use that will get you more publicity.

Invite only system. Get press by creating an invite only system. Have a limited number of invites and seed them with bloggers. Get the buzz going. Give each user a limited number of invites (4 or 5). It gets bloggers talking about your service. The main stream press calls and you say you are not ready. This amps the hype cycle. Make new features login-only, accessible only if you log in but make them visible and marked beta on the site. This increases the number of registered users.

Talk to junior bloggers. On Tech Crunch, for example, find the most junior blogger and pitch them. It’s more likely you’ll get covered.

Attend parties for events you can’t afford. You can go to the after parties for events you can’t afford. Figure out who you want to talk to. Follow their twitter accounts and see where they are going.

Have a demo in-hand. People won’t understand your great vision without a demo. Bring an iPhone or laptop to show case the demo. Keep the demo short, 30-60 seconds. Say: Hey, I just need 30 seconds of your time, it’s really cool, and here’s why I think you’ll like it. Slant it towards what they do or why they cover.

5. Connect with your community.
Start a podcast. A big driver in the early days of Digg. Influencers will listen and they are the heart of your ecosystem.

Throw a launch party and yearly and quarterly events. Personally invite influencers and their friends. Just have a party at a bar. Throw them around conferences as people are already there.

Engage and interact with your community.

Don’t visually punish users. Often users don’t understand bad behaviour yet as they think they are just playing they game your system sets up. Walk through the positive behaviours you want to reinforce on the site.

6. Advisors.
Have a strong group of advisors. Think about which technical, marketing and other problems you’ll have and seek out people to help you. Give them stock compensation. A strong advisory team helps with VCs.

7. Leverage your user base to spread the world.

FarmVille. tells users when other players have helped them and asks the player to repay the favor. This gets players back into the system by using a social obligation hack. They also require having a certain number of friends before you expand your farm. They give away rare prizes.

Wefollow. Tweets hashtags when people follow someone else. This further publicizes the system. They also ask when a new user hits the system if they wanted to be added to the directory, telling the user that X hundred thousand of your closest friends have already added themselves. This is the number one way they get new users.

8. Provide value for third party sites.
Wallstreet Journal, for example, puts FriendFeed, Twitter, etc links on every page because they think it adds value to their site. Is there some way you can provide value like that?

9. Analyze your traffic.
Install Google analytics, See where people are entering form. Where they are going. Where they are exiting from and how you can improve those pages.

10. The entire picture.
Step back and look at the entire picture. Look at users who are creating quality content. Quality content drives more traffic to your site. Traffic going out of your site encourages other sites to add buttons to your site which encourages more users and more traffic into your site. It’s a circle of life. Look at how your whole eco system is doing.

“250 million users are just the beginning” - Mark Zuckerberg

“So often people are working hard at the wrong thing”. http://www.businessinsider.com/working-hard-is-overrated-2009-9

Security vulnerability is always a concern of PHP newbies. This post series are to summarise rules in order to help PHP beginners with developing PHP web applications confidentially. The content is referenced extensively from Essential PHP security.

Rule 1: Disable register_globals
Using register_globals can increase the magnitude of a security vulnerability and hides the origin of data. Super global arrays $_GET and $_POST should be used instead.

Rule 2: Disable error notification
Error notifications help developer with debugging but also reveal malicious information. Therefore as soon as the website is established, it necessary that you have to disable error notifications. Set display_errors to Off and set log_error to On for error logs. If you are unable to make changes to file php.ini, httpd.conf, or .htaccess, use the following:

ini_set('error_reporting', E_ALL | E_STRICT);
ini_set('display_errors', 'Off');
ini_set('log_erros', 'On');
ini_set('error_log', '/usr/local/apache/logs/error_log');

You can also handle your own error. This is an example of using set_error_handler:

set_error_handler("my_error_handler");
function my_error_handler($number, $string, $file, $line, $context) {
  $error  = "------------------------------------------------------"
  $error .= "Number: [$number]n";
  $error .= "String: [$string]n";
  $error .= "File: [$file]n";
  $error .= "Line: [$line]n";
  $error .= "Context: n". print_r($context, TRUE) . "nn";

  $error_log($error, 3, "/usr/local/apache/logs/error_log");
}

Rule 3: Filter input (not validate input)
Filtering input is a process by which you prove the validity of data. The vast majority of security vulnerabilities in PHP application come from invalid input data. Please always remember that input data can be anything which does not depend on the input type. Also use a separated array, e.g. $clean, for filtered data. The following code filters a typical numeric input:

$clean = array();
if (preg_match("/^[-+]?[0-9]+$/", $_GET["id"])) {
  $clean["id"] = $_GET["id"];
}

Rule 4: Escape output

• For client: use htmlentities($string, ENT_QUOTES) and $html[] for escaped strings.
• For MySQL user:use mysql_real_escape_string() and $mysql[] for escaped strings.

The following example demonstrates the proper technique for a MySQL database:

$mysql = array();
$mysql["username"] = mysql_real_escape_string($clean["username"]);
$sql = "SELECT * FROM profile WHERE username = '{$mysql['username']}'";
$result = mysql_query($sql);

(more coming soon…)

Even god made mistakes, please let me know what mistakes I have made.