I'm enthusiastic and passionate about web development and design in all it's forms and love to build application with efficient and simple methods

Thursday, June 26, 2014

Breakman Rails: How to avoid XSS cross site Warning

9:39 PM Posted by Codeinterpreter No comments
I will share some trick to avoid XSS cross site warning in Breakman Rails.

  • Example Case: URL 
          Problem :
            <%= raw generated_link_to("View Barcode","schedule/show_barcode?id="+data[0].to_s+"&schedule_id="+@schedule[:id].to_s","edit_schedule",{:class => 'btn btn-mini btn-info',:remote=>"true"}) %>
          Solved :
            <%= raw generated_link_to("View Barcode", schedule_show_barcode_path({:id=>data[0].to_s, :schedule_id=>@schedule[:id].to_s})"edit_schedule",{:class => 'btn btn-mini btn-info',:remote=>"true"}) %>
           *) schedule_show_barcode_path = route alias in config/routes
  • Example Case: Javascript or CSS
          Problem :
         <%= raw generated_link_to('<i class="icon-trash"</i>'.html_safe,"#delete_progress","add_schedule",{:class => 'removedbuttonsetting', :onclick => (params[:row_index],params[:form_type])})%>

<script type="text/javascript">
  function delete_row_form_extrarow(index,form_type){

          Solved :
            <%= raw generated_link_to('<i class="icon-trash"></i>'.html_safe,"#delete_progress","add_schedule",{:class => 'removedbuttonsetting', :indexattr => params[:row_index].to_json,:typeattr => params[:form_type].to_json})%>

<script type="text/javascript">
        var index = $(this).attr('indexattr');
        var form_type = $(this).attr('typeattr');

  function delete_row_form_extrarow(index,form_type){
    var index1 = JSON.parse(index);
    var form_type1 = JSON.parse(form_type);

Breakman Rails: How to avoid Mass Assignment Warning

8:32 AM Posted by Codeinterpreter No comments
Breakman is static analysis security scanner for Ruby on Rails. It's open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

I will share some trick to avoid Breakman Mass Assignment medium settings warning.
  1. Pay attention to your model relationship. My suggestion always use Nested Attributes .
  2. If necessary used attr_protected to relationship variable key in your model.
Below is some of example case I've solved:
  • Example Case 1 "Without Relationship" :
         Set relationship variable in attr_protected to avoid Breakman warning.
      attr_accessible :name, :description
      attr_protected : user_id
         Do this saving method:
            create :
         data_list = {:name => name, :description => description}
        saving_create = self.new(data_list)
        saving_create.user_id = user_id
             update :
        data_list = {:name => name, :description => description}
        user_data = self.find_by_id(1)
        user_data.attributes = data_list 
        user_data.user_id = user_id

  • Example Case 2 "With Relationship" :
      attr_accessible :name, :description
      attr_protected : user_id

      has_one :category
      has_many :products

      accepted_nested_attributes :category, :products

            create :
        products = []
        data_list = {:name => name, :description => description}
        saving_create = self.new(data_list)
        saving_create.user_id = user_id
        all_data.each do |d|
          saving_process = saving_create.products.build
          saving_process.product_id = d[:product_id] 
          saving_process.product_name = d[:product_name]
      update :
        products.each do |p|
        data_list = {:name => p.name, :description => p.description}
         update_process = self.find_by_id(p.user_id)
         update_process.attributes = data_list
         update_process.product_id = p.id
         update_process.product_name = p.id
         unless update_process.save
            raise ActiveRecord::Rollback 


Breakman Rails: How to avoid SQL injection

7:50 AM Posted by Codeinterpreter No comments
Breakman is static analysis security scanner for Ruby on Rails. It's open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

I will share some trick to avoid Breakman SQL Injection medium settings warning.

1. Example Case "IN query": 
Wrong Format :
  id = [1,2,3,4,5]
  query = self.find(:all, :conditions =>["id in ("+id.joins(",")+")"])
Correct Format :
  id = [1,2,3,4,5]
   query = self.find(:all, :conditions =>["id in (?)", id])
   query = self.where("id in (?)", id)

2. Example Case "string query": 
Wrong Format :
  query = self.where("id = '"+id+"' and place = '"+place+"' and user = '"+user+"' ")
Correct Format :
  query_conditions = []
  unless id.blank?
  query_conditions << {"id = '"+id+"'"}
  unless id.blank?
  query_conditions << {"place= '"+place+"'"}
  unless id.blank?
  query_conditions << {"user = '"+user+"'"}
  query_where = query_conditions.joins("and")
  result = self.where(query_where)

Saturday, June 21, 2014

Install JRE on Ubuntu

7:56 AM Posted by Codeinterpreter , No comments
Java Runtime Enviroment also known as JRE is part of Java Development Kit JDK a software development environment for writing Java applications. JRE consist Java Virtual Machine, core classes, and supporting files.
Installing JRE on ubuntu is a little bit different with installation JDK. First, Download the JRE file in here. Remember to download JRE version based on your system version either it's 32bit or 64bit.
After finished downloading your JRE version, we can begin the installation process.

  1. Create new folder in opt directory. In terminal type this command "sudo mkdir -p -v /opt/java/64".
  2. Go to folder containing your JRE download file(example: use"cd Downloads" to move to Download directory from your home directory) and unpack the file by typing "tar xvzf YOUR JRE FILE".
  3. Moved unpacked contents into system folder that you created in step1. Type "sudo mv -v YOUR JRE FILE /opt/java/64".
  4. Inform the system and make the new JRE become your system default.
    sudo update-alternatives --install "/usr/bin/java" "java" "/opt/java/64/YOUR EXTRACTED JRE FILE/bin/java" 1
    sudo update-alternatives --set java /opt/java/64/YOUR EXTRACTED JRE FILE/bin/java
  5. Install Firefox plugins. Type "mkdir -v ~/.mozilla/plugins".
  6. Removed IcedTea plugin, if it has been installed. type "sudo apt-get remove icedtea-6-plugin && sudo apt-get remove icedtea-7-plugin".
  7. Remove an older version of the Java plugin. Type "rm -v ~/.mozilla/plugins/libnpjp2.so".
  8. Install the plugin by creating symbolic link. Type "ln -s /opt/java/64/jre1.7.0_60/lib/amd64/libnpjp2.so ~/.mozilla/plugins/".
  9. Close and restart Firefox
  10. Type "about:plugins" in Firefox URL bar. If your installation is correct you will see something like this:

Wednesday, June 18, 2014

Jzebra setting on Ubuntu

12:11 AM Posted by Codeinterpreter , 2 comments
jZebra is a Java applet which allows you to print barcodes, receipts, and more from a Web page to your device printer. It sends raw print commands and basic HTML and PDFs to your raw, PostScript, or LaserJet printer. It has been tested with Firefox, Safari, Internet Explorer, Chrome, and Opera. It supports parallel, serial, USB, and network printers.

To start installing jZebra, you need to install JDK and JRE on your system. Check your JDK by type "java -version" on your terminal and it must show something like this:

     java version "1.7.0_60"
     Java(TM) SE Runtime Environment (build 1.7.0_60-b19)
     Java HotSpot(TM) 64-Bit Server VM (build 24.60-b09, mixed mode)

In your browser type 'about:plugins'. If your JDK and JRE installation is correct, Your browser will show something like this (On Firefox):

If everything is ready, we will start jzebra instalation.
  1. Download the source in here Jzebra.
  2. Extract The File. There's a bunch of file, but we will using "sample.html" and  "qz-print.jar". Make sure "sample.html" and "qz-print.jar" resides in the same folder/location.  You can see this working example with jZebra Printer Device. Download
  3. Set Your Device Printer, Go to system settings > Printing.
  4. Add Printer (or New) and select your printer device.
  5. Select printer make "Generic" Click "Forward" 
  6. Click mode "Raw", Drivers "Generic Raw Queue en". Click "Forward'
  7. Fill Name and Apply
  8. For Configuration Margin etc in EPL2. You can download the manual PDF in here.
  9. I have used 2 type of Barcode Text and Barcode Code, below is general configurations:
  • Text
         Format : Ap1,p2,p3,p4,p5,p6,p7,”DATA”
         A = text

         p1 : Horizontal Start Position (X in dots)
         p2 : Vertical Start Position (X in dots)
         p3 : Rotate (0 = normal, 1 = 90 degrees, 2 = 180 degrees, 3 = 270 degrees)
         p4 : Font Type (1 until 5 = Fixed Pitch, 8 and 9 = Asian Language)
         p5 : Horizontal Multiplier (Accepted Value : 1-6,8)
         p6 : Vertical multiplier(Accepted Value : 1-9)
         p7 : Reverse Image (N = Normal, R = reverse)
        Data : backslash (\) characters designates the following character is a literal and will encode into data field. For Example: code= \"Test\", Printed = "Test"

        Working Example = A50,0,0,1,1,1,N,"Example 1", A50,300,0,3,2,2,R,"Example 6"↵

  • Barcode 
         1 : Horizontal Start Position (X in dots)
         2 : Vertical Start Position (X in dots)
         3 : Rotate(0 = normal, 1 = 90 degrees, 2 = 180 degrees, 3 = 270 degrees)
         4 : Barcode Type Selection (See Image Below)

         5 : Narrow Bar (See Image in Barcode Type)
         6 : Wide Bar (See Image in Barcode Type)
         7 : Barcode Height(X in dots)
         8 : Print Human Readable (B = yes, N = No)
         9 : Data:backslash (\) characters designates the following character is a literal and will encode into  data field. For Example: code= \"Test\", Printed = "Test"

        Working Example : 
  • B10,10,0,PL,5,5,5,N,"12-34567-890123".
  • B10,10,0,3,3,7,200,B,"998152-001"

Sunday, June 15, 2014

Install JDK on Ubuntu 32 bit and 64 bit

12:57 AM Posted by Codeinterpreter , No comments

To install JDK on Ubuntu we need to do several step. Basically this tutorial for 32-bit and 64-bit Oracle Java 8 JDK on 32-bit and 64-bit Ubuntu operating systems. These instructions will also work on Debian and Linux Mint

1.  Go to terminal and type /sbin/init, this command to check your Ubuntu architecture weather it's 32 or 64 bit.

2. Check Java installed, type java-version on your terminal. If you have OpenJDK installed on your system it will give this results:

  • java version "1.7.0_60"
    OpenJDK Runtime Environment (IcedTea6 1.10pre) (7b15~pre1-0lucid1)
    OpenJDK 64-Bit Server VM (build 19.0-b09, mixed mode) 
Remembered that OpenJDK is not same with JDK.

3. Remove OpenJDK/JRE from your system by running this command: sudo apt-get purge openjdk-\* 

4. Download JDK from Download JDK .Please Remember to download JDK version which fits with your architecture system. For example, if your system running on 32 Bit download 32 Bit Oracle Java binaries.

5.After finished download the JDK file, copy your JDK file to '/usr/local/java'.

   sudo cp -r your-java-binaries /usr/local/java/ 

6.Go to '/usr/local/java/'. cd /usr/local/java/

7. Unpack The Java Binaries in /usr/local/java. Type sudo tar your-java-binaries

8. Your java/ folder will contain jdk and jre directory.

9. Edit system path file.

  • sudo gedit /etc/profile
  • Scroll down until end of file and type:
         export JAVA_HOME
         export PATH
  • Save and exit
10. Inform your system where your Oracle Java JDK/JRE is located
  • sudo update-alternatives --install "/usr/bin/java" "java" "/usr/local/java/your-jdk-directory/bin/java" 1
  • sudo update-alternatives --install "/usr/bin/javac" "javac" "/usr/local/java/your-jdk-directory/bin/javac" 1
  • sudo update-alternatives --install "/usr/bin/javaws" "javaws" "/usr/local/java/your-jdk-directory/bin/javaws" 1 
 11. Inform your system Oracle Java JDK/JRE must default
  • sudo update-alternatives --set java /usr/local/java/your-jdk-directory/bin/java  
  • sudo update-alternatives --set javac /usr/local/java/your-jdk-directory/bin/javac 
  • sudo update-alternatives --set javaws /usr/local/java/your-jdk-directory/bin/javaws
12. Reload your system wide PATH /etc/profile by typing source /etc/profile
13. Test by run java -version  
  • If your instalation is correct, in terminal will displaying something like this:
          java version "1.8.0_05"
         Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
         Java HotSpot(TM) Server VM (build 24.51-b03, mixed mode) 

14. Test your javac by run javac -version
  • You should receive a message which displaying something like this: javac 1.8.0_05 
15.Reboot Your System.

Saturday, June 14, 2014

Instal RVM on Linux Ubuntu 64 Bit

11:40 PM Posted by Codeinterpreter No comments

RVM is a command-line tool which allows you to easily install, manage, and work with multiple ruby environments from interpreters to sets of gems. To install Ubuntu in RVM

1. Check Apache and Mysql existed in your machine.
  •  Type http://localhost or on your browser to check apache running.
  • Check /var/www/ directory.
  • In /var/www/index.html type <?php phpinfo(); ?> , then type http://localhost or on your browser. If apache installation in your machine already correct, your browser will load PHP informations installed on your machine
2.Run on your terminal:
  • bash -s stable < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
  • source ~/.bash_profile .Note : This command is for reload opened terminal. 
  • rvm requirements. Note : This command is for searching all libs that still needed, and then install the lib.
 3. Install Ruby according to the version we need:     
  • rvm install 1.9.3
4.Install another version of ruby with this method.
5. To view all installed RVM 
  • rvm list
6.To use specifics RVM 
  • rvm use 1.9.3
 7.If there is an error when running rvm use 1.9.3 try open file ~/.bashrc and ~/.bash_profile and then add this script :

[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm" # Load RVM into a shell session

8. To use Specifics Gemset

  • rvm use 1.9.3
  • rvm gemset use rails3.2
  • rvm use 1.9.3@rails3.2
9. Set Default RVM
  • rvm use 1.9.3@rails3.2 --default