suhosin causing grief on Joomsuite component

Hopefully this helps me or someone else with the same issue in the future

suhosin[25917]: ALERT – configured POST variable limit exceeded – dropped variable ‘task_com_morfeoshow[]’ (attacker ‘’, file ‘/home/user/public_html/administrator/index.php’)

in your php.ini (or suhosin.ini depending on your setup)

[suhosin] = 2000
suhosin.request.max_vars = 1000

Technorati Tags: , ,

Boo Language aspx .Net using xsp2 on Mono and Linux (Ubuntu)

I have been playing around with boo a little bit because it has Python-inspired syntax, runs at C# speeds and is a first class citizen on dotnet.

So I decided to find out what it would be like to do some web programming in it. I learned a bit about asp.Net in the process and mono also.

So first thing I did was:

$ cd /usr/share/doc/boo/examples/
$ xsp2

and then from your browser you can run any of the “inline” samples


but if you try and run one of the code behind samples, you get something like this:

Description: Error parsing a resource required to service this request. Review your source file and modify it to fix this error.

Parser Error Message: Cannot find type Boo.Examples.Web.YourName

Source Error:

Line 1: <%@Page Inherits=”Boo.Examples.Web.YourName” %>
Line 2:
Line 3:

The problem is the the boo source code needs to be compiled and the dll’s must be placed in a bin directory in the folder you are running xsp2 from. There is a nant build script there but after trying to hack it to get it to build, we worked out it was easier to just compile

$ sudo mkdir bin
$ sudo booc -t:library -o:ScriptRunner.dll
$ sudo cp ScriptRunner.dll bin

from your browser:


You can then use this to play around with some boo as if it were the booshell (booish)

Thanks to Cedric for helping me out in IRC on this.Technorati Tags: , , , , , ,

Recording Streams with Ubuntu Linux Rhythmbox to mp3 or ogg

There’s three options available for achieving this, as far as I can see:

  • TheLastRipper – This is a fully featured streamripper for that has a great feature set (ID3v2 tags, international characters, automatic directory hierachies) BUT you can not listen to the streams while it’s ripping. It’s got the ‘love’ / ‘ban’ buttons but how can you tell if you can’t hear the bloody music right?
  • LastLonger – Is a command line client written in Perl and you can output the stream to a music player also. When I saw this, I thought that I might use it as a programming exercise and port it to Python, though I couldn’t get it to work quickly and having modern-age ADD, I went looking for something else.
  • Rhythmbox streamrecorder – This is actually what I was looking for in the first place. Rhythmbox makes it very simple to setup ‘stations’ from and streamrecorder does what it says, recording the streams.

The good and the bad of Rhythmbox so far (after 5 minutes of testing, so take it as a grain of salt)


  • Integrated with Rhythmbox, a very usable music player already (I switch between Banshee, Listen, Amarok and Rhythmbox, each have a nice feature I like)
  • Can still use ban and love buttons
  • Can still use “next track” button
  • It’s a python plugin


  • Saves files on your desktop – doesn’t seem anyway to change this in the gui (python exercise could be to make this configurable
  • Uses gnome sounds settings to choose recording format. This isn’t necessarily a bad things except the fact that changing these settings isn’t exactly trivial

Still, the good outweighs the bad by a longshot. I haven’t checked if it handles international characters or writes Id3v2 tags or anything yet.

Bulk Export Images to JPG from PDF – bash one liner

Sometimes I forget what power there is in free software. I put this quickie together the other day. Just be aware that it won’t handle any spaces in the PDF filename.

for i in *.pdf;do pdfimages $i ${i%.*};done && for i in *.ppm;do ppmtojpeg $i >> ${i%.*}.jpg;done; rm -f *.ppm

images are exported as -00n.jpg – ie: the n’th image found in the pdf.

Bash command to determine multiple logins sorted by user with the most logins

Here ’tis

w | awk ‘{a[$1]++}END{for(i in a){print a[i] ” ” i}}’ | sort -rn | head

stumbled on this issue with a HP-UX server we run where the maxusers kernel paramater is set to 600 (512 by default). To change this setting, requires a reboot of the server (something not easily achievable at midday with 600 users logged in). You can change kernel parameters via SAM in HP-UX

This is a slight modification of the 1 liner that sorts your bash history by commands used:

history | awk ‘{a[$2]++}END{for(i in a){print a[i] ” ” i}}’ | sort -rn | head

Here’s some examples of my own from 2 machines:

235 ll
163 cd
149 grep
37 vi
32 for
31 du
26 rm
23 tail
21 htop
20 /etc/init.d/httpd

Here’s my home machine (I use pkill when I login to the same user desktop remotely via NX to kill evolution in the console session) :

109 ll
42 sudo
35 locate
35 cd
24 pkill
17 more
15 vi
15 unison
15 ssh
14 echo

Technorati Tags: , , , , ,

Easy DVD Authoring in Linux thanks to Wine and DVD Flick

I haven’t spent much time with Video editing / DVD authoring on either Linux or Windows. Mostly because I don’t watch much video except for a wierd philia for watching Cop Chases on Youtube or at the other end of the spectrum, watching the extremely interesting TedTalks using Miro or Google Tech Talks.

Anyway, my sister-in-law purchased a Mini-DVD Sony camera. It just so happens that Linux doesn’t support this format at the moment (though Windows 2003 doesn’t natively either), so be warned. Anyway, we managed to use Sony’s software to dump it to a Windows 2003 server and pulled it across to my Ubuntu machine. All I wanted to do was to grab these 5 movies and put them into standard DVD format. I wanted to do both PAL and NTSC because these DVD’s are going to South America and although they use NTSC there, it’s nothing to burn both just in case there’s some issue with one or the other.

So.. how hard could it be to do this? It turned out to be quite difficult using the Linux tools I could find..

First, I came across a post that uses DVDStyler, it’s not in Ubuntu repo’s but they have some deb packages so I download and install them. They are only in i386 architecture, so I –force-architecture and they install. Go to load it and I get this:

dvdstyler: error while loading shared libraries: cannot open shared object file: No such file or directory

I run ldconfig and still the same error message.. It’s 9:30pm, I want to have a playable DVD by 10:30-11pm. Let’s try something else.

So, I then come across any2dvd – usage: any2dvd [ options ] [ -i ] [ input_file1 input_file2 … ]

It’s claim to fame? A script to transform PC multimedia file(s) in any format, into a DVD complete with menus & suitable for playback on a standalone DVD player.

Sounds good.. let’s try it –

/usr/bin/any2dvd: 337 : let: not found
/usr/bin/any2dvd: 369 : Syntax Error : “(” unexpected

Again, I have no desire to go debugging this or reporting a bug and waiting for an answer. I just want something that works, tonight and gives me what I want.


I read a bit about dvdauthor and it seems like it’s a bit more mature (and has 1000 options like most video editing apps) and see there’s a gui for it also called Qdvdauthor AND it’s in Hardy’s repositories, so I apt-get install dvdauthor qdvdauthor.

Kick off qdvdauthor. Ok, this loads and looks fine. I go to add the video files as suggested.. All the thumbnails read “Error” . So I hit the website, find the forums and lo and behold.. I find this post describing my issue.

I really don’t feel like compiling both from source, so it’s about 10:15pm now. I decide that I have been defeated due to lack of time and my trusty Linux desktop just can’t achieve such a task easily, so I decide to look for a Windows application that can do what I need. If you have never seen it, the website “The Free Country” is generally a trusty website to find good, free tools. So I thought.. why not try and run one of these under wine. So, I download two of them. Video DVD Maker, which installed but didn’t run and then I installed DVD Flick, which is actually an open source project host at Sourceforge. DVD Flick installed and ran perfectly on my Ubuntu 64bit Hardy Heron. I selected it to create an ISO file which I then burned using Brasero. DVD Flick is as simple as you can get, load it, select your video files, add a few titles if you like and away you go. by 11:15pm I had my DVD playing on the DVD player.

An ironic sidenote is that DVD Flick installs ffmpeg.exe and uses the cygwin.dll to call it. Using wine to call cygwin to emulate linux – crazy.. but it works.

Here’s the traditional screenshot to see it’s simplicity.

Open Source Ecommerce alternatives to Zencart, OSCommerce and Virtuemart

A couple of new open source Ecommerce products out and about that will hopefully see the end of the monstrosity called OSCommerce and it’s less ugly incarnations –

Whilst they have served me well in the past and I may feel tempted to use Virtuemart for a customer who:

a) Will never ever need any customisations done to it
b) Already has a Joomla installation and is very comfortable using Joomla

What’s the issue with Zencart, OSC or Virtuemart you may ask?

The issue is this. First OSCommerce is a mess. Every single module you ever add to it is a hack, making upgrades a pain in the ass. Zencart, being closely related to OSC is not much better. It’s modularity is a bit better laid out and so you can actually create / install modules with very little hacking, if any BUT it’s template system still suffers from it’s OSC origins. It’s an effort to try and template for them..yes, it’s possible but does it really have to be that hard? Joomla’s concept is 1000 times better in regards to templating and Virtuemart excels in this area due to it’s Joomla foundations.

The big problem with them is when you need to make modifications to the core cart to implement a particular feature a customer wants. We have had situations where a small feature for the client required 144 changes in the files of Virtuemart. As soon as a XSS or other security issue comes to light, we have two options

  1. Let it be, cross fingers and hope nothing happens (this really is not an option)
  2. Inform customer, explain risks and give them compelling reasons to update (at their cost)
  3. Our current solution is when we sign contracts with customers, we include a compulsory security updates fee, which means we update their site when new security releases come out. This has worked out best so far but still requires us to explain why we are giving a solution that isn’t inherently secure to begin with. Microsoft has made this easier to explain (daily updates anyone?) and for the most part, we can kill most XSS / SQL Injection attacks using Apache modsec rules but we really want to get beyond NEEDING to upgrade and therefore NEEDING to patch our mods into new releases of Virtuemart etc.

So, without further ado, there looks to be two better alternatives that have come to the rescue recently that look very, very promising though we haven’t done any work with them yet, so I will report on that later.

In PHP land, we have Magento. A very sexy, professional looking Open Source Ecommerce application that’s built upon the Zend MVC framework and claims to be able to develop extensions without touching core code. This, hopefully will fix our templating, modification and upgrade woes in a PHP solution. It has SEF URL’s built-in, google analytics built-in and a mini-CMS of sorts.

In Python land, we have Satchmo an open source ecommerce application built on top of the Django framework, with a reasonable feature set.

As part of my toolbox, my thinking at this point is if we have a customer that needs a standard shop with little to no development work, Magento will be our tool. If the customer has very unique needs, integration with other systems and customisations, we will work with Django.

This is because PHP deployment is so easy, that our only need should be to produce templates in Magento. If development work is needed, deployment and templating become a trivial matter in Satchmo in comparison to the ability to develop in Django & Python.

Would love to hear other’s experiences with any of the above… and of course any horror stories (or otherwise with OSC based development)

Open Source Web Design and Development Tools – Inkscape and Kompozer

I have been using Linux on the desktop part-time for nearly 6 years now and full-time for 3 years. My web development experience began using Macromedia’s tools and when I migrated to Linux, I took them with me with the help of the Wine project to run them under Linux. The majority of the functionality I used in Fireworks worked flawlessly, with only a few small exceptions and never crashed on me.

Dreamweaver was a slightly different story, especially as layouts became more complex and the html grew in size, it had a tendency to crash under wine in these circumstances. I run a horizontal split window of the design view and code view. Sometimes, it’s easier to achieve what you want in one or the other.

Until recently, I was unable to find something that a) Performed the job as good (or close to) both Dreamweaver and Fireworks and b) Felt natural to use and learn.

For imaging / design: “The Gimp”
Web ‘development’: Screem or Bluefish

For numerous reasons, these never cut it for me. I am not a fan of Photoshop / The Gimp interface and while I was able to get around and do things I needed to do, it felt slow and awkward. Both screem and bluefish had no way to quickly view your changes in the IDE or to make changes visually.

That said, all three programs are very capable it’s just that they don’t suit my way of doing things.

I now am slowly migrating to two new tools for web development.

Replacing Fireworks – Inkscape has come to the rescue.
Replacing Dreamweaver – Kompozer is here to help.


Just the last 2 weeks I have really begun getting into Inkscape, an amazingly capable and well designed vector graphics editor that (apart from the odd crash – though it manages to save your work) is proving to me to be even better than Fireworks. It’s like Freehand and Fireworks all in one beautifully wrapped package – that can even be scripted in Python.

I am certainly no graphics guru but I’m definitely above average compared to most non-professional graphics users.

Apart from the user interface being well thought out, the other great things about Inkscape are:

  1. Excellent Tutorials and Resources
  2. Keyboard Shortcuts for almost anything.
  3. In-built access to Open Clipart (0.46 Linux only)

Here’s a quicklist of places to find great inkscape tutorials:

a feature I would love to see is the ability to automatically download any open source fonts found in your Inkscape document, so that sharing files could be easier.

Inkscape is available for Linux, Windows and Mac OS X and can be downloaded here

It is available via apt-get and yum repositories in their respective Linux distributions.


Kompozer is an unofficial bug-fix release of ‘Nvu’, which was born out of Mozilla’s Composer. The advantage of this is that Kompozer uses the gecko engine to render Kompozer’s layouts within itself much like you can with Dreamweaver (ie: without opening an external browser to view your layout). Additionally, it has very good support for CSS, XML and Javascript editing and a built-in W3C HTML Validator.

I have had Kompozer crash on me, usually when pasting in a large HTML page from elsewhere but other than that, it is an extremely user friendly and capable HTML/CSS/JS editor.

It is not an ASP / PHP / Python IDE and doesn’t make any attempts to be one. From that perspective I feel it encourages clean separation of code and layout.

Once again, Kompozer is also cross-platform and is available for Windows, Linux and Mac OS X

Learn to Design Web Themes and Templates with New Wiki is a new website designed to provide users with comprehensive, free guides for designing Web Themes and Templates. This site intends to ease the web design process by providing tutorials for a large number of systems at a common location.

It is often difficult to find a resource that is focused on providing quality, relevant and free information for designing themes and templates; specifically one that covers a wide range of applications. This is where intends to step in. Launched initially with tutorials covering over 20 Content Management Systems, is expected to grow into an exhaustive resource for the theming community, with users generating most of the content.

“ promises to fill a much needed gap in the theming and templating community” said Ric Shreves, author of the Packt book, Drupal 5 Themes. “It is a source of information that cuts across systems and provides designers and developers a place to share ideas and approaches outside of the walled gardens of individual project sites.” Shreves, a partner in Water & Stone, an open source web development company, went on to say that “Mambo, Joomla, Drupal, Plone, Modx — whatever — none of the clients really care and frankly it matters less and less as time goes by What we should be concerned with is the end result, and that is where this site comes in.” is part of an ongoing process at Packt to develop unique methods of contributing to the Open Source community. Notable other initiatives include the website on free installation tutorials,, and the annual Open Source CMS Award that has a total prize package of $20,000 to be divided among several winning projects. has been developed using the open source MediaWiki software package and has initially been populated using chapters from Packt books. is free to use and open for everyone to contribute to. It is expected to grow and expand over the coming months with more tutorials added by users.

For more information, please visit

How to schedule Linux to mute speaker volume overnight

Here’s a simple method of automatically muting your volume overnight and resetting it in the morning. This is especially good for those who use softphones, skype or an IM client that have sound alerts output to speakers.

We are going to use three command line tools for this: aumix, which and cron. We are also only going to set things up so the commands are run under the user account, rather than as root as cron used incorrectly can open up some security issues.

so, to get started try and run:

:~$ aumix

and if it’s not there, try

:~$ sudo apt-get install aumix

for Debian / Ubuntu or

:~$ yum install aumix

for Redhat / Centos / Fedora

Now that we have aumix installed, we want to find out the path to the executable as Cron doesn’t always use our environmental variables to find executables on our path. So type:

:~$ which aumix

We can see it’s in /usr/bin/aumix

So, kick-off your music player and try playing some music or other audio then run the following commands:

:~$ aumix -v 0


:~$ aumix -v 100

The first command should have dropped your volume down to 0% and the second command should have taken it back to 100%. Now that we have that working, let’s add it to cron. For myself, I don’t want to be disturbed between 11pm and 7am, so following cron’s options, we have

minute-hour-day-month-weekday-command – and we use 24 hour format. An asterisk means run at every instance of that time period, so:
* * * * * would mean every minute of every day, every month and
0 0 * * * would mean at midnight every day.

For myself, I want the 23rd hour of every day, every month for the volume to be set down and I want the 7th hour of every day for the volume to be returned to 90%. So we add this to our crontab:

0 23 * * * /usr/bin/aumix -v 0
00 07 * * * /usr/bin/aumix -v 90

To do so as a user, we use:

:~$ crontab -e

Now if your default editor is vim / vi and you have never used it before, you will need to learn a little vi before we get started. When the editor opens, type to enter insert mode allowing you to copy and paste the above code and modify for your needs, when you are finished editing, press esc then VV to save the file and exit.

If the above vi / vim is too difficult, then you can make nano your default editor (if it’s not already)

:~$ EDITOR=/usr/bin/nano

and then run

:~$ crontab -e

Nano is a simplistic editor with the basic instructions displayed at the bottom of the screen.

So, there you have the very basics of Cron administration – ie: the Task Scheduler of Linux and how to adjust your volume via the command line.

If you are looking for a GUI tool for Cron Administration, look no further than gnome-schedule:

:~$ sudo apt-get install gnome-schedule

here’s our beloved screenshot:

for raising and lowering the volume.

Technorati Tags: , , ,