Sunday, July 24, 2016

nix-tools and commands every programmer must know

Most common nix-tools

cd /var/some_directory
pwd - print current working directory

mkdir - make directory, can be used with -p flag to create recursively nonexistent parent dirs

ls -l - list all dirs and files with their permissions and modified time / if U need to print all hidden files + human readable weights of a files You may use - ls -lah

nano - the simplest editor to fast edit files

vim - more hard to learn then nano, but in practice sometimes U will get in situations where something opened by this editor and U have no choice - learn how to edit text and close it, at least.

| - this symbol is pipe, that redirects the output to any other stream

> write line to file
>> append line to file

echo - print everything to output, ex.: U can use something like this echo "test" >> /var/log/my.log

cat - print text from a file to stdout 

grep - finds text in any file(s), output etc. this tool is tremendously useful, especially in combination with others, later You will see 

kill / killall - for the 1st U need to provide the pid to kill (sometimes with -9 to send SIGKILL to running program ), for the 2nd the name of a program

mc - Midnight Commander, nothing to add just install it by default to do work much faster and transfer anything over the net

htop - install this by default either, to monitor LA, CPU, HEAP/SWAP etc

df -h - find out disk space in human readable format

find / locate - finds a file

which - which program used providing absolute path

netstat - status of connections to server

wget / curl - tools to make requests over the network with many options including for ex.: ssl connections etc

ping - pings the host, checking if it is alive

telnet - test network connection for IP on any PORT

traceroute - displaying the route and measuring transit delays of packets

Miscellaneous and combination of nix commands/tools
(kids may  go to sleep)

cat filename | grep sometext - become acquainted this is Your life saver on high-load systems when You try to pick needle in a haystack.

ps aux | grep program_name - find a special running process 

history | grep %command part% - finds a command previously executed

tail -fn 20 filename - show last 20 lines of a file and proceed to output last written (appended)

head -fn 25 filename - show first 25 lines of a file and proceed to output last written (prepended)

netstat -tlpn - show active internet connections

nmap -p 5123 94.240.126.22 - test PORT for particular IP

Rock `n` Rolling nix commands/tools
(older generation still here?)

du -csh * | sort -n - find the most heavy folders and sort them 

find /path/to/files* -mtime +5 -exec rm {} \; - delete files older then 5 days

find folder -depth -type f -atime +7 -delete - find files that have a time of modification older then 7 days

find -vc 'special*' | wc -l - find files started with special and print counter

chmod +x $(find /var/www/someproject/ -type d) - chmod only for dirs

netstat -na | grep 3306 | wc -l - count all processes of mysql-server 

grep --include=\*.{c,h} -rnw 'directory' -e "pattern" - search for pattern in directory, including only files with .c/.h extensions
grep --exclude=*.o -rnw 'directory' -e "pattern" - search for pattern in directory, excluding only files with .o extensions

Detect DDoS or frequent connections in the network (graphical way):
netstat -an|grep ESTABLISHED|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c|awk '{ printf("%s\t%s\t",$2,$1); for (i = 0; i < $1; i++) {printf("*")}; print ""}'

Detect DDoS or frequent connections in the access.log files:
head -n 1000000 /var/log/nginx/yourprojectexample.com.access.log|cut -f 1 -d ' '|sort|uniq -c|sort -nr|more

Examples of output:
 953558 213.X.X.X
   6218 37.X.2.X
   2400 46.X.36.X
   1128 109.X.124.X
........

There is an extra one - my favorite, if U`ll ever be in critical situation and need to do things fast with previously performed action - try this:
!ops - this will search in a history for "%ops%" wild-card and run, as an example U might want to connect to mysql-server with command like mysql -u username -h somehost -pPassword db_name by just executing: !mysql

Saturday, July 23, 2016

Abbreviations every programmer must know

Here will be introduced several abbreviations every programmer must know, some of them have a fundamental basis for how to improve Your code quality and exponentially evolve Your knowledge in computer science.

Basic principles:

API - Application Programming Interface

SDK - Software Development Kit

OOP - Object Oriented Programming 

SOLID - Single Responsibility, Open-Closed principle, Liskov`s substitution, Interface Segregation, 
Dependency Inversion. (have a discrete mathematical scientific base)

RDBMS - Relational DataBase Management System

SQL - Structured Query Language, special purpose programming language designed for managing data held in RDBMS

ACID - Atomicity Consistency Isolation Durability, the main concepts of RDBMS

CRUD - CREATE - POST/INSERT, READ - GET/SELECT, UPDATE - PUT-PATCH/UPDATE, DELETE/DELETE, corresponding to HTTP1.1/SQL respectively.

SIGNALS - Signals in C, some of them are so popular and commonly used, that if U don`t know them - it looks like total lame, they are all started with SIG|TYPEOFSIGNAL  ex.: SIGKILL, SIGTERM - polite termination of a program, SIGHUP - terminal disconnected, SIGIO - input/output handling, SIGFPE - floating point or division by zero error, SIGCHILD - when child process is terminating, SIGCONT - continue process execution, SIGPIPE - broken pipe.

POSIX - Portable Operating System Interface for Unix

RC - Race Condition

DRY - Don`t Repeat Yourself

KISS - Kip It Simple, Stupid

YAGNI - You aren't gonna need it

Protocols and references:

ISO - International Organization for Standardization, includes members from almost all countries over the world.

IETF - Internet Engineering Task Force

RFC - Request for Comments has a serial number ex.: RFC-6455 winch describes the specifications of a WebSocket protocol intercommunication. 

HTTP1.0/1.1 - Hypertext Transfer Protocol, in simple words it describes how headers/body of a request/response should be transferred and through winch of methods GET/POST/PUT/PATCH/DELETE/HEAD/OPTIONS and with what rules.

SOAP/WSDL - Simple Object Access Protocol and Web Services Description Language - based on XML and describes Access to Web-Services.

RESTfull - Representational State Transfer, describes several constraints like: Client-Server, Stateless, Cacheable, Layered System, Uniform Interface.

W3C -  (not for all programmers, but for Web front-end is a must)

Formats: 

JSON-RPC - stateless, light-weight remote procedure call (RPC) protocol. For instance, you can call methods of controllers by appending to uri statements like this - &method=getMapObjects

JSON API - JavaScript Object Notation with Application Programming Interface for server/client intercommunications  

GraphQL - is a query language with types and their restrictions/filters, ex.: required fields, string/boolean/numeric types. Developed and used by FaceBook.

XML/XSLT - Extensible Markup Language and Extensible Stylesheet Language Transformations

PSR - PHP Standard Recommendations (not common, only for PHP developers)

Security: 

SSH - Secured Shell

SSL/TLS - Secure Socket Layer / Transport Layer Security (newer version of SSL)

SQL Injection - when hacker can inject some sql-query by inputting extra value to the field of a query, if it hasn`t been protected by param-bindings for example or by string escaping etc

CSRF - Cross Site Request Forgery 

XSS - Cross Site Scripting

DDoS - Distributed Denial of Service

BruteForce - attack explore weakly programmed input points in application by forcing them with ex.:  multiple requests.

Man in the Middle - Asymmetric encryption eavesdropping via TCP/IP socket connection, HTTP over it 

Session Hijacking - it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server.



Tuesday, July 5, 2016

Why PHP vs JAVA again and who rules the WEB

Sure there a are many holly-wars about wich tech is better than the other, but let me explain my point of view as a 14-year experienced programmer.

Experience with PHP 13 years, 7 of them with Java (also worked with C/C++/JS/JQ/SQL).

First of all PHP, at this time, is compiled to a byte-code with OPCache since 5.5 version, and it is even much better in PHP7.x versions whether we review processor ops speed (33% faster) or RAM (3 times less memory consumption than in 5.6 version), there was for a long time PThreads lib wich is based on POSIX C Threads supported with thread-safe versions of a PHP core.

Java - integrated Lambda expressions in 8 version, improved GC performance (as always in several JVM Generations), but it seems it is even slower time after time, convenient HTTP1.1 support, multi-threading out of the box etc makes it stuck to the market.

What I like about PHP7 - it is strong technology, really - stop thinking of it as of simple form-renderer, CMS/CRM based or even worse Joomla sites. It was 10 years ago - forget it. I`ve worked for many international companies that do their business in Russia/US/EU, Brasil, Mexico they were totally (except for some micro-services and SQL/NoSQL dbs) written in PHP 5.5, 5.6, 7.x versions and evolved faster than projects on other techs. In other companies, the core+API-calls were written in PHP successfully.

As for the last trends in PHP world, there are primitive types (scalar types with type casting) You can do (int), (double), (bool), (string) in any version since 5.x, return type declarations in methods/functions, scalar type declarations in arguments of a method/function, SPL. And as always does - PHP community strongly supports Web protocols, formats.

Java is more like enterprise and it may seem to  have things done, but it is not always completely true and what is worse - it is much more difficult than in PHP wich is adopted by static-call functions written in C and closely integrated with Linux functions and tools. Ex.: if U need to delete the file, in PHP U just do unlink($myFile); wich is pure, native and intuitive - sure there are many examples like this - fork(), fread(), fclose() etc

FrameWorks: everybody misunderstanding that there are 2 great FWs for Java Struts and SpringMVC, may be for the last few years Spark and none of enterprise - production ready FWs for PHP - Nah, totally not a true as with other statements of shallow unprofessional individuals, who can not see beyond their noses in some directions. Proof - there were a long time ZendFW, for those who like MIT license - numerous Symphony, Yii1/2, Laravel5.x, CMS based Drupal and much more, they are really stable, enterprise and production ready.

Nowadays PHP is the world's biggest and commonly used tech for Web, API, RESTfull services, micro-services, it strongly supports all the RFC recommendations.

PHP is 21 years old monster in 2016 - it can not be underestimated.

Thx for reading,
Sincerely Yours, Arthur.