LINQ to SQL: Update several rows

So I was coding away on an MVC project with integrated jQuery. I use jQuery UI Tabs in my page and let the user add new, delete and re-order them. All this I wan’t to save to the database so I can display it the next time the user logs on. I’m using JsonResult to handle the Ajax calls from jQuery on the server side. Add and remove is pretty straight forward with LINQ to SQL like this:
[csharp]//Add
DBTodo_ListsDataContext datacontext = new DBTodo_ListsDataContext();
Todo_List newList = new Todo_List();
newList.ListName = listName;
newList.ListDesc = listDesc;
newList.UserId = userID;
datacontext.Todo_Lists.InsertOnSubmit(newList);
datacontext.SubmitChanges();

//Remove : or really mark as trashed
DBTodo_ListsDataContext datacontext = new DBTodo_ListsDataContext();
Todo_List trashList = datacontext.Todo_Lists.Where(m => m.UserId == userID).Single(m => m.ListID == listID);
trashList.ListTrash = true;
datacontext.SubmitChanges();[/csharp]
I haven’t included all the code above but you get the idea.
We write easy Linq querys and LINQ to SQL takes care of the SQL querys for us. So when I set out to build the sort order update function I thought that Linq was going to do a better job. On the tab re-order I send an Ajax request with an int array with all the tab id’s. The array is in the same order as the tabs is visually. Something like this:
[js]{ 10, 14, 11, 16, 17, 18, 8, 19, 21, 20, 22, 27, 23, 24, 28, 29, 26, 30, 31, 32, 33, 34, 35, 37, 36, 38, 39, 40, 41, 42, 43, 44, 45, 47, 46, 50, 51, 53, 54, 55, 63, 60, 1 }[/js]
So now I have to use that array to reset all the sort order fields for the lists in the array above. First I went like this:
[csharp]public JsonResult UpdateSortOrder(List<int> listsSortOrder) {
int sortOrder = 0;
Guid userID = (Guid)Membership.GetUser().ProviderUserKey;
DBTodo_ListsDataContext datacontext = new DBTodo_ListsDataContext();
// Loop throug the sort order
foreach (int list in listsSortOrder) {
var dbListItem = datacontext.Todo_Lists.Where(m => m.UserId == userID).Single(m => m.ListID == list);
dbListItem.ListSortOrder = sortOrder;
// Count up the sort order
sortOrder++;
}
// Commit changes
datacontext.SubmitChanges();

return Json(new { sorted = true }, JsonRequestBehavior.AllowGet);
}[/csharp]
I know from the beginning that the line selecting the items for me would generate an SQL query each time, this one:

[csharp]var dbListItem = datacontext.Todo_Lists.Where(m => m.UserId == userID).Single(m => m.ListID == list);[/csharp]

How ever I was hoping that LINQ to SQL would concat all the update statements into one SQL query. But when I did a little profiling on the  SQL server I found out that the SubmitChanges() generated one SQL connection and query for each updated item, in this case 43 of them. So I checked the execution time on the web server for this code, i tried three times and got the result below:
[ps]Request #1: 0.1050060s
Request #2: 0.1180067s
Request #3: 0.1050060s[/ps]
Not that this is long but you have to take into account that this is on my dev machine. I’m the only user and I hope my finished project will have more then one user. And then I haven’t even taken into account the overhead of SQL querys to the production server that doesn’t reside on the web server witch my SQL does on my dev machine. So what is a better approach? Build the command in one and the same query string and do one DB call. On the LINQ to SQL datacontext there is a method called ExecuteCommand() that we can use to execute a query straight into the DB. Like this:
[csharp]public JsonResult UpdateSortOrder(List<int> listsSortOrder) {
int sortOrder = 0;
System.Text.StringBuilder query = new System.Text.StringBuilder();
string userID = Membership.GetUser().ProviderUserKey.ToString();
foreach (int list in listsSortOrder) {
query.Append("UPDATE ToDo_Lists SET ListSortOrder = ");
query.Append(sortOrder);
query.Append(" WHERE UserID = ‘");
query.Append(userID);
query.Append("’ AND ListID = ");
query.Append(list);query.Append(";");
sortOrder++;
}
DBTodo_ListsDataContext datacontext = new DBTodo_ListsDataContext();
datacontext.ExecuteCommand(query.ToString(), new object[] { });
return Json(new { sorted = true }, JsonRequestBehavior.AllowGet);
}[/csharp]
So what’s so much better with this? The execution times talks for it self. The execute for three test with this code came back to:
[ps]Request #1: 0.0500029s
Request #2: 0.0230013s
Request #3: 0.0310018s[/ps]
So my conclusion is that sometimes it’s a great idea to go around LINQ to SQL for performance. So sometimes you have to go old-school!

Cannot modify header information – headers already sent by

Ever got this error:

[plain]Warning: Cannot modify header information – headers already sent by
(output started at /storage/content/52/102452/hackviking.com/public_html/wp-config.php:1)
in /storage/content/52/102452/hackviking.com/public_html/wp-includes/class-wp-ajax-response.php on line 129[/plain]

I Googled it a lot. Got number of posts on the problem. Almost all the posted solutions was about blank spaces and unclosed php tags (?>). I tried it all. Worker through all of my template files and got nothing. Removed the template and still had the issue. Checked for blank spaces in the wp-config.php file and still nothing worked. Then I found that the wp-config.php file was Unicode. Re-saved the file as ANSI and re-uploaded it via ftp and it was all working again.

Exchange 2010 ActiveSync Issue

One user can sync his iPhone and not the other. How do you go about troubleshooting that? You can’t find any obvious difference between the two accounts. I was in that exact position last night with some two different accounts.

The symptoms was strange. One account worked just fine and no issues connecting an sync his phone. The other could verify his account information but when he tried to sync a folder, contact or calendar, It just stopped with a simple iPhone message “unable to connect to server“. iPhones are easy to use until there is a problem. You cant get much out of an error message relayed to you from a user.

The issue was how ever resolved when I discovered that it was the folder sync that returned 500 internal server error on the second user. I went in to the AD and enabled “Advanced Features” in the “View” menu. Then selected properties on the user, enter the “Security” tab, select “Advanced” and make sure that the “Include inheritable permissions from this object’s parent” check box is checked.

Great way to do troubleshooting on this type of issues is to use: https://www.testexchangeconnectivity.com/

Hacking Facebook, Twitter and more…

No one have missed the release of Firesheep, I hope. The new easy way to hack your way into other peoples accounts on Facebook, Twitter, WordPress, Flickr, Google and more. The exploit is a plugin for Firefox that captures network traffic and intercepts the session cookies from the sites. This isn’t new to any one but it’s the way it’s implemented that is nice and will get people moving trying to fix there broken sites. If you can’t scale up your service safely with SSL you shouldn’t scale up at all. When you installed the plugin in Firefox just hit “Start Capturing” and when ever it finds a service cookie it will pop-up with the username and picture.

It’s been announced that this is an axploit for unprotected wireless networks but that isn’t all true. If you use a simple man in the middle attack you can capture the traffic on a wired network you got access to in your school or at your work place. There are simple ways of doing this.

  1. Download Cain & Able and install it! (http://www.oxid.it/cain.html)
  2. Download Wincap and install it! (http://www.winpcap.org/install/default.htm)
  3. Download Firesheep and install it, if your browser saves it as a .zip file rename it to .xpi. Then just open firefox menu “Tools” -> “Add-ons” and drag-and-drop the file into the window. (http://github.com/codebutler/firesheep/downloads)
  4. Read this how-to and do a man in the middle attack on your current network. (http://skateass.com/wordpress/cain-arp-poisoning-cracking-and-sniffing-passwords-and-packets/)
  5. Start Firefox, goto “View” -> “Sidebar” -> “Firesheep” then hit “Start Capturing”. Now all the sessions created to the sites will be at your disposal.

You can even create custom site profiles in Firesheep and capture other services then the ones already in there.

What else do you want to read about? Please hit me with some comments!

Plugin has invalid header – Feed locations

Had some problems when I installed the Feeds Locations plugin in my wordpress blog today. Installation was fine but when I tried to activate the plugin I got “Plugin has invalid header” error. My other blog have the same plugin and it works fine, both blogs is version 3.0.1. The plugin didn’t show up in the plugin editor either but I got it running with a quick fix.

  1. FTP in to you site and goto /wp-content/plugins/wp-feedlocations/
  2. Download the zip-file with the plugin and extract it.
  3. Upload the .php file.
  4. Edit the readme.txt, change the row “Tested up to:” to your current version.

Now the plugin shows up when you refresh your admin page and you can activate it.

IPSec VPN with Netgear FVS318v3

My Belkin N1 Vision router decided to die the other day. So i realized it was time for an industrial strength router. Checked out a really nice one with Linux built in and great application support. It was a little prize for me right now, just got a new girlfriend and moved in with her…. 🙂

I finally decided for the Netgear FVS318v3 which comes with a built in IPSec VPN server for 8 concurrent connections. Netgear wants ~$50 for the client software which I wasn’t really happy about paying. So I started checking around for a free alternative. Finally I came across Shrew Soft VPN Client (http://www.shrew.net/). It’s free and really light weight. It took some figuring out how to configure it all so I thought it was a good idea to share it.

I presume that you already have DynDNS enabled. If you have a dynamic WAN address it’s a must to get this to work.

First you have to set up your FVS318 router to accept the connections.

  1. Log on to your router and go to the “VPN Wizard” in the left hand menu.
  2. Just click “Next”…
  3. You have to set a name for your connection and a pre-shared key (PSK). Select “A remote VPN client” as connection type.
  4. You will get a confirmation screen next. Just click “Done”.

Now your router is up to speed and you need to download the VPN client from http://www.shrew.net/download
Ones installed it’s time to set up your new connection.

  1. In the router admin page select “IKE Policies” in the left hand menu. The two pieces of information you are interested in is “Local ID” and “Remote ID”.
  2. Now start Shrew Soft VPN Access Manager and click “Add”.
  3. Now enter your DynDNS, or static WAN address if you have one, in the “Host Name or IP Address” field.
  4. Set “Auto Configuration” to “disabled”.
  5. Set “Local Host” – “Address Method” to “Use an existing adapter and current address”.
  6. Now go to the “Name Resolution” tab. If you know the addresses to wins server and/or dns server on the remote network enter them here. If not uncheck the check boxes.
  7. Now go to the “Authentication” tab and set “Authentication Method” to “Mutual PSK”.
  8. “Local Identity” should be the field “Remote ID” on the routers “IKE Policies” page. “Identification Type” should be “Fully Qualified Domain Name”.
  9. On the “Remote Identity” tab the “Identification Type” should be “Fully Qualified Domain Name” and “FQDN String” should be the “Local ID” from the routers “IKE Policies” page.
  10. Moving on to the “Credentials” tab fill in your PSK in the “Pre Shared Key” field. In this case “areallylamekey”.
  11. Then you go to main tab “Policy”.
  12. Uncheck the “Obtain Topology Automatically or Tunnel All” check box.
  13. Click the “Add” button.
  14. Type in your network. To route all the 192.168.0.x addresses over the VPN tunnel enter address 192.168.0.0 and netmask 255.255.255.0. If you have the same network address range at home and in your current location you can enter specific addresses or add an other topology entry that excludes those addresses.
  15. Then hit “Save” and you will return to the mane window.
  16. Dubbel click your connection and select “Connect”. That’s it!

Your now up and running with your own secure IPSec tunnel to your home or office!

Unable to display current owner

Run across a strange problem today. On a test server running Microsoft Windows Server 2008 one developer discovered that he couldn’t delete a file even though he was admin on the system. I connect to the system and realize that I have the same problem, even though I’m domain admin. When I checked the permissions on the file it just displayed that I didn’t have the permissions to see the ACL and redirected me to the ownership tab. All I could see there was “Unable to display owner”. When I tried to take ownership I got “Access denied again”. So back to the trusted CMD i thought! Same thing cacls.exe returned the same thing and gave me Access denied…

 

I then ran psexec from sysinternals:psexex -s cmd.exe
This starts the CMD as local system account. Now I have access to anything, or so i thought. NOT!
Same thing again, couldn’t do anything with the file or view any options. Back to the drawingboard and then I came up with a reboot. Tried it and failed, it was a desperate measure and it was pretty clear that it wouldn’t fix anything.

 

Then I found the solution, I needed to access the file without windows pounding the NTFS rights in my head. I really didn’t want to rip out the hard drive and put it in to an other server to do it. So this is what I did….

 

Download MoveFile from sysinternals.
Run cmd.exe as administrator.
Run movefile c:{path}{fucked-up-file} “”
Reboot

 

That will trigger the operating system to delete the file during system boot.

SQL transaction logs growing and growing and …

Problems with growing transaction logs on SQL servers is a common problem. But many admins doesn’t think twice about the problem, they just add more disk space. The transaction log is only needed when you want to do a restore to an other point then the last backup. So in many cases they are not needed right after a backup. Or you want to take a backup on them and then free up the space on you raid 10 disks that are more expensive then your backup media. To free up all the space used you need to set the database in simple recovery mode and then do a shrink on the DB. When that is done you place the DB back in the FULL RECOVERY MODE. So why not do this automatically ones a week right after the backup?

Just add an T-SQL section to your maintenance plan and run the code below:

[sql]EXEC sp_MSForEachDB
‘ALTER DATABASE [?] SET RECOVERY SIMPLE;
DBCC SHRINKDATABASE (?, 10, TRUNCATEONLY);
ALTER DATABASE [?] SET RECOVERY FULL;'[/sql]

Or if you want to build a custom list of databases, so you don’t run this on all the DB’s run this code to generate the T-SQL:

[sql]EXEC sp_MSForEachDB
‘PRINT "ALTER DATABASE [?] SET RECOVERY SIMPLE";
PRINT "GO";
PRINT "DBCC SHRINKDATABASE (?, 10, TRUNCATEONLY);";
PRINT "GO";
PRINT "ALTER DATABASE [?] SET RECOVERY FULL;"
PRINT "GO";'[/sql]

The important thing is to set TRUNCATEONLY, if you don’t you will fragment the entire DB file. When you run the command above without the TRUNCATEONLY parameter it will take the last record in the DB file and place in the first hole of empty space in the DB file and so on. So you will create a fragmentation if you do so.
Another way to do it, which is slower and created more disk IO but can be done, is to do a transaction log backup and then just delete the transaction file backup.

MS documentation: http://msdn.microsoft.com/en-us/library/ms190488.aspx

IIS 7 FTP access denied while uploading files

I got this strange problem yesterday at work. One of our developers was trying to upload files to e new server and he got 500 access denied each time he tried. After he spent hours double checking all the NTFS rights and IIS settings he asked me for help. At the first look I thought the IIS server had been messed up some how. After verifying everything that he told me was OK, after all he is a coder and they usually don’t understand servers, I really didn’t know what to do next. So I thought about it for a moment and then I started from scratch, checked the entire solution from the bigger picture.

So with the system blueprint in front of me it all started to clear up. The server was situated in our server center across town and all his traffic was passing through a VPN tunnel between our two ISA 2006 servers. The ISA server sets all the FTP rules to “Read-Only” by default but I didn’t realise that this was a problem for the VPN site to site tunnel also. After checking the routing rule and then the access rule for the communication between the two networks I found the settings for FTP traffic between the two ISA servers. After I unchecked the “Read-Only” check box for the FTP traffic on the VPN site to site access rule it all worked as designed.

World Domination II Hack

I was trying to pass the time the other night while waiting on a very slow crypto crack. On one of my servers I found the old flash game World Domination II. First I played it over and over again but then I wanted the edge. Like when the US goes to war with superior technology, money and control over the media. First i googled it to see if someone all ready done the work for me, just like you did when you found this. I actually found a hacked version online with limitless cash and less cash for the opponents. But I wanted more. So you can start out by testing the online hacked version and then follow the tutorial below.

World Domination 2 (full) – Hacked
Easy: $999999,000,000
Medium: $999999,000,000
Hard: $999999,000,000
Enemies money is lowered to $50.000.000
T…..
www.arcadeprehacks.com

http://www.arcadeprehacks.com/game/413/World-Domination-2-(full).html

First get Cheat Engine: http://www.cheatengine.org/downloads.php
Install it and start it!

In the top left corner there is a computer icon, click it.
You will see a list of processes that you can “hook” on to.
If your running the game online “hook” on to you browser process (iexplorer or firefox) or the WDII.exe if your running the downloaded version.

Now start the game and select your opponents and level and start.
I selected hard so I have $55.000.000 in cash. So I take 55 * 8 = 440.
Takes Cheat Engine and puts 440 in the value box and hits First Scan.

You will get a number of hits that we can sort through later. Now return to the game and either gain money through Resources or spend money some how.

I selected Resources and gained some cash. Now I’m up to $86.000.000. So I take 86 * 8 = 688.
Goes back to Cheat Engine and put that in the value box and hit Next Scan.
You will be left with two results, double click them both and changed them to something like 8000 and then freeze them. You have to change both of them otherwise you cant spend any money just look at a pretty number on the dashboard.

Before you do anything else go back to the game and hit the Propaganda button, select a city and check your Propaganda strength. Mine was 71%, so 71 * 8 = 568.
Take that and put it in the value field of Cheat Engine and hit New Scan and then First Scan.

Again a large number of hits, so do something to change your Propaganda Strength in the game.
My new strength was 87%. So 87 *8 = 696. Put that in the value field and hit Next Scan.
Double click the value, change it to 800 and freeze it and you will have 100% propaganda for ever.

You can change all the other values of the game, like number of warheads and stuff like that but that will really take all the fun out of the game. Now you can build what ever you want and start diplomatic relations with who ever you want.