rails « Odeley

Archive for the ‘rails’ Category

Touradero.com

Wednesday, December 24th, 2008

Some time ago I released my second RoR webapp:

Touradero is thought as a platform for venues and artists. Venues can be added to the database. Further on, Artists may search for Venues that fit their musical style or their art form.

At the moment Touradero is in a good beta phase. For now my plan is to get as many as possible venues as entries. After that is done I will introduce the site to the bigger user base.

So if you are somehow connected with venues or you want to ask at your favorite venue if they want to add to Touradero, then I will love you forever!

Posted in rails, web sightings | No Comments »

mod_rails - the tryout - the success

Friday, September 5th, 2008

Some months ago I wrote this post: mod_rails - the tryout - the failure (for my situation) where I addressed my problems running a RoR application on a VPS using mod_rails.

In the meantime, according to their blog, the Phusion guys have addressed this issue:
In the last couple of days I took the chance to try it once again.

And today, I am a lucky guy. Having a stable webapplication running under mod_rails and Ruby Enterprise Edition.

It’s stable, phreaking fast and the memory footprint is great (even better than a mongrel system).

mod_rails really is ready for VPS enviroments!

Posted in mod_rails, rails, ruby | No Comments »

MySQL FULLTEXT and its strange behaviors

Saturday, August 16th, 2008

As written some time ago, I switched from implementing fulltext search from Ferret to MySql FULLTEXT!

…. and I was quite happy with that decision for some time, MySql FULLTEXT:

was fast enough
seemed to bring up the results I was expecting
it works with every charset
after adjusting ft_min_word_len it was indexing short enough terms
rails specific: it was just a SQL call, so easy to integrate with e.g. pagination plugins

… but after some time, adding more data, and playing around, I discovered more and more some strange behavior:
Searches that were returning plausible results in the past were suddenly returning a empty result list!

Every straw I found on the Internet, like rebuilding the index etc. did not bring any more light to this situation.

So I was a good boy and really RTFM: MySQL Fulltext manual

The search result is empty because the word “MySQL” is present in at least 50% of the rows. As such, it is effectively treated as a stopword. For large data sets, this is the most desirable behavior: A natural language query should not return every second row from a 1GB table. For small data sets, it may be less desirable.

A word that matches half of the rows in a table is less likely to locate relevant documents. In fact, it most likely finds plenty of irrelevant documents. We all know this happens far too often when we are trying to find something on the Internet with a search engine. It is with this reasoning that rows containing the word are assigned a low semantic value for the particular data set in which they occur. A given word may reach the 50% threshold in one data set but not another.

Aha, that’s it:
Since I was indexing e.g. countries and even tags via this index, It was most likely that there where more than 50% of datasets having this term and so they automatically were seen as stopwords.

Ok, nice standard behavior. But not for me!!!
So how to get rid of it:

The 50% threshold for natural language searches is determined by the particular weighting scheme chosen. To disable it, look for the following line in storage/myisam/ftdefs.h:
#define GWS_IN_USE GWS_PROB
Change that line to this:
#define GWS_IN_USE GWS_FREQ
Then recompile MySQL. There is no need to rebuild the indexes in this case.

No, f*** off! I don’t want to recompile MySQL to get Fulltext working. My MySQL build from my Debian distribution is working quite fine.

Is there no other solution? Yes there is:

Users who need to bypass the 50% limitation can use the boolean search mode; see Section 11.8.2, “Boolean Full-Text Searches”.

So adding a short “IN BOOLEAN MODE” to the SQL query was the perfect solution! (… for me, hopefully using boolean mode works for you)

Posted in ferret, mysql, rails | 1 Comment »

RedCloth and ‘target’ for links

Thursday, July 31st, 2008

I always wondered why RedCloth, or more exact the underlying Textile, does not give you any possibility to define ‘target’ attributes for links.

Searching the web for a solution ended up with no pleasing results. What I found were a bunch of fellows who suffered like I did

So I coded this little snippet that does exactly what I wanted. It add to all links “target=’blank’”. I use this method as replacement for texitilize

def redclothify(text, add_blank_targets_to_link = true) res = RedCloth.new(text).to_html res.gsub!(/<a/,"<a target='_blank' ") if add_blank_targets_to_link return res end

Way far from being perfect, but does just that what I needed. … and maybe some tip for a fellow out there to dig deeper!

Posted in rails | 4 Comments »

SEO tip: No redirect on homepage

Monday, July 21st, 2008

When someone calls http://www.viennastreetstyle.com/ we always want to show the last added shot …

So I had the idea to always redirect to the page showing the last added shot.
For sure it worked fine, the application was doing the expected shot for the viewer.

But what was going wrong:

As it seemed to me, Search engines were not following the redirect
ViennaStreetStyle had no real home page URL.
The homepage URL was changing every several days because of the changing redirects.
People who linked to ViennaStreetStyle, linked to different URLs (the URLs of the different shots). Hence there was no URL that accumulated all the links to ViennaStreetStyle.

After changing this behaviour:
Showing the ‘last added shot’ without redirecting from the root URL … the search engine ranks increased day by day.

Posted in rails, seo | 1 Comment »

viennastreetstyle.com

Tuesday, May 27th, 2008

Some days ago my first Rails application went live:

ViennaStreetstyle.com - ViennaStreetStyle is a simple photo gallery showing people on the streets of Vienna, Austria presenting their own style of street fashion.

I developed this application for friends of mine who had the idea for ViennaStreetstyle.com.

Development was quite straight-forward without any kind of a big suprise by using the following plugins/libraries:

attachment_fu
For uploading and handling the images
geokit
for locating the shots on the map of Vienna
YM4R
Greatest plugin for doing all the GoogleMaps stuff
prototip
Javascript library for easy rendering of complex tooltips

The whole system is running on a busy 256 MB VPS under Mongrel with 2 server instances (so in best condition to get slashdotted or sth like that).
But it is somehow an experiment for me how far you can go with that low server specs.

Posted in ajax, capistrano, fun, geokit, javascript, mysql, prototype, rails, ruby, web sightings, ym4r | 2 Comments »

mod_rails - the tryout - the failure (for my situation)

Monday, April 14th, 2008

Some days ago, I have introduced you to mod_rails. I totally freaked out by the idea to let RoR running inside of Apache. Just without using FCGI or proxying Mongrel.

Though, I had not much spare time this weekend, I just had to try it out!

First of all:
You guys rock!!! These guys just impressed me how well-thought a first release version can be.
The whole setup and Apache configuration is so damn easy - you can’t go wrong. The setup script even detects missing linux packages and tells you exactly what to do, depending on the hosting distribution.

So I switched one of my RoR applications to mod_rails …..

But after using it for some minutes I got heavely disappointed. It is just no good hosting option for my situation: [My server is a Debian VPS with 265MB-768MB burstable]

The memory consumption the machine went up from 280MB (wo/ mod_rails) to over 700MB. So all my applications started vomiting, because there was no memory left. Only killing apache2 processes helped me to solve the situation.

So I thought, I will be a good guy and RTFM. I stepped across this configuration parameter:

RailsMaxPoolSize <integer>

The manual recommended to set this parameter to “2″ for servers with small memory footprint.

So I did, but it was no help. Same memory consumption by all apache2 processes.

The next step was to not include the mod_rails module in apache. No help, either. So mod_rails wasn’t even running anymore and the memory consumtption was still beyond the pale!

So, the only reason I can imagine, is that one of the newly installed gems (axpr?) and not mod_rails directly is causing that big memory mayhem.

Huh, restoring a backup of my server was the only help to get rid of the situation!!!

What do you think? What might be the cause of my situation?

Posted in mod_rails, rails, ruby | 6 Comments »

Phusion Passenger (a.k.a. mod_rails)

Friday, April 11th, 2008

As it seems a new star is born on the “Rails-How to-host” sky!
Phusion Passenger

After reading some posts, it seems to be a first rock-solid “mod_rails” implementation.
No Mongrel, no FCGI just a clever Apache module that hosts Rails directly out of your WebServer.

Just point your DocumentRoot to your public folder and there you go. Even restarting your application is damn easy:

touch /webapps/mycook/tmp/restart.txt

Even I can write a Capistrano recipe to do that!

And this statement is just the Killer for me:

Page caching is fully supported, without the need to configure mod_rewrite.

Unfortunately, I won’t be able to install it for the next 3 weeks, but I am looking forward to get this baby under test.

Posted in capistrano, rails, ruby | 1 Comment »

Don’t let anyone take over a user account!

Friday, March 21st, 2008

Some days ago I stepped across this must-read tutorial:

Use attr_protected or we will hack you

To be honest: I really do not use all of these tips - I MUST do so!!

While reading it, some other do’s and dont’s came to my mind:

Users are only allowed to edit his/her ‘personal data’
Do not provide ’sensitive data’ via your REST XML response

1. Users are only allowed to edit his/her ‘personal data’
Just imagine, you are a user of an app and your user id is: 5.
With the url ‘/users/5/edit’ you may edit your ‘personal settings’.

Now try the url ‘/users/6/edit’.
Gosh!! It’s so easy to hijack another profile!

This is just a solution for my application. But I’m shure you get a hint what’s the idea behind it.

Of course, this does in most cases not only apply for the users resource.
You have to apply this pattern for all resources that are explicitly editable by one (…) user(s).

2. Do not provide ’sensitive data’ via your REST XML response
Rails is so great! Just look at following scaffold code - You get a REST XML interface by doing nothing!

def index
@users = User.find(:all)
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @users }
end

But what will happen if one calls ‘/users.xml’ now?
The response will be a REST XML response with all non-private and private user data! Cool a list of all passwords, emails and credit card numbers of all your users!!!

def to_xml(options = {})
default_only = [:id, :name, :email]
options[:only] = (options[:only] || []) + default_only
super(options)
end

With overriding your to_xml() you just exclude the private data from your xml output!
Actually, after applying this recipe to my application I found it in this great book: Advanced Rails Recipes. Go for it!

I’m quite shure, the above code can be done more general, or just ported to a plugin. It’s just an advice what you have to keep in mind!

Come on! Now it’s your turn!
Some more recipes that apply to this topic!

Posted in rails, security | 2 Comments »

AJAX file uploads in Rails

Friday, March 14th, 2008

Ever tried to do a file upload in a remote_form_tag. I did! - And I failed.
Digged a little bit deeper what a XMLHttpRequest is allowed to do and then it was clear for me that it won’t work. But I didn’t wanted to let loose and then I found some ideas about “iframe remoting pattern” - This seems to sove the problem - But how to implement it in Rails?

This tutorial was great help! It explains how to do that stuff using attachment_fu and respond_to_parent.
It was just a walktrough!

Posted in ajax, rails | 1 Comment »

Odeley