Not just for ruby but also the corresponding formats for
Java
public static final SimpleDateFormat RFC3339_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
and for Oracle
SELECT to_timestamp_tz('1979-21-09T06:54:00+01:00','YYYY-MM-DD"T"HH24:MI:SSTZH:TZM') FROM dual /
Oracle
What’s all the fuss about this SQL Injection thing?
It boils down getting some malicious crafted SQL code into the SQL code of an application, destroying data or authenticate yourself without knowing any real password. xkdc has a nice explanation.
The simple cases base on wrong escaped strings and the like. But as this SQL injection cheatsheet shows there are an infinity number of possibilities.
At day most of the time my database connection is an Oracle connection and so i found this Oracle whitepaper titled How to write injection-proof PL/SQL very interesting (via Bruce Schneier found at the gay bar).
I do not have a magic recipe for avoiding attack vectors all the time but as well as the whitepaper is written, it’s not a solution to expose all queries only via pl/sql to clients. In fact, it’s a nightmare to get this to work with JPA and other ORM mappers.
I try not to use dynamic sql in the sense of “concatenate some strings with one another and mysql_real_escape_string or DBMS_Assert. them” but use prepared statements with placeholders and explicit datatypes. Also if there’s a need for computing sql queries at runtime, do not ever let user supplied input come near them. I know that i’m relying to my api in this case but there is always a point on which i must rely on i guess.
As alway, the most important thing is: Be conscious about what you are doing and try to understand that, but at this point, i leave the discussion about software development and enter the depths of common sense…
Just a quick reminder for myself:
With the default installation of an Oracle Express (Oracle XE) comes two shell script with all the necessary environment variables to use sql*plus, exp, imp and the like on the command line:
source /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/bin/oracle_env.sh
respectively
source /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/bin/oracle_env.csh
After staring at this
for about a day in various rotations and flips just to get Oracle GeoRaster work together with a homebrew GIS like application made me feel somewhat dizzy. To be cartesian or not cartesian, that is the question 
Otherwise, Oracle GeoRaster works quite well, at least for that bunch of german TK25 maps in GK3 coordinates that used to float around in the filesystem and are now being stored in the database.
This is really going the last post of my series on Oracle VM Server / VM Manager on inexpensive hardware.
Last week a second Dell Power Edge arrived, followed by a little NAS/iSCSI System, the ES-2100 from Eurostor, which is rebranded Thecus N5200 Pro. I do link Eurostor because i made some very nice contact with their tech support.
After running the Oracle VM Server on a 2.4 GHz Core 2 Duo Xeon with 4 Gb Ram for about 70 days non-stop, we decided to do the next step: Incarnating a second server with a shared storage.
The one server runs an paravirtualized OEL5 with 2 GB Ram which itself runs an Oracle 11g test instance with medium load, a hardware virtualized Windows XP with 512 MB Ram that runs a Jetty with a few services and since 2 weeks a hvm Debian that serves as a mailrelay for that Exchange of ours… Which has a now really less load as SpamAssasin takes care of all.
Setting up the second Dell was flawless, nothing new.
The iSCSI was another thing… First i deleted the RAID6 as we decided to go for RAID5. Stupid me set disk usage to 100%, went for the weekend, came back on monday and saw: Wow, no space for the iSCSI target. Damn it, all timeplans went bazoo… So deleting the RAID once again and back to start, this time with 20% for Disk Usage (you never know) and 80% for one iSCSI target (if this was my machine, i really had a purpose for 1.5TB storage… but here.. *sigh*).
So, another 8 hours later, i bought a cheap 8 port Gigabit switch, set up the ES-2100 for link aggregation and connected it to both Oracle VM Servers.
I roughly followed the steps described here, but as i changed some steps, let me describe them:
rpm -Uvh iscsi-initiator-utils-6.2.0.742-0.5.el5.i386.rpm
iscsiadm -m discovery -t sendtargets -p 139.185.48.249
Example of removing a node:
iscsiadm -m node -p 10.2.0.250:3260,3 -T iqn.1992-04.com.emc:cx.apm00070202838.b0 -o delete
Listing the remaining:
iscsiadm -m nodeand having a new partition under /proc/partitions after
service iscsi restart
The ocfs2 cluster configuration is as simple as described in the linked Oracle document. I recommend adding names and ipaddresses corresponding to the one in /etc /ocfs2/cluster.conf to /etc /hosts, as the o2cb services won’t start otherwise. One thing Oracle forgot to mention is to open port 7777 on both machines in the iptables configuration.
At first i made the mistake to mkfs.ocfs2 the device and forgot to create a partition. This worked for whatever reason, but i destroyed the filesystem and created a partition with fdisk (new partition, primary, the whole thing).
Next, i didn’t follow Oracle but decided the following:
/dev/sdb1 /OVS ocfs2 defaults 1 0
So in the end we have a safe setup with hardware costs under 5k € and a setup time from about 6 or 7 days which brought some good knowledge and know-how. I think we wouldn’t have achivied this based on a VMWare solution brought by external consultants. Maybe that would have ended like the last Dilbert in that series .
To bring some variety to this blog, here’s a picture of the current setup:
I one of the google visitors or the 2 readers have any questions, feel free to ask 