Archive for July, 2010

Installing cx_Oracle on Windows

July 28th, 2010 10 comments

Almost 2 months ago, I started on a project that required the use of Python and access to an Oracle database. It took me multiple days in a row to finally get it up and running so that I could actually make progress on the project, but once I did, I thought nothing of finally getting it to work. However, I was recently approached by another person at work who had to use the cx_Oracle package to access an Oracle DB through Python, and realized the value of actually putting together a post about the steps required.

First off, it is really easy to get it running on Linux. I mean super easy to get Python and cx_Oracle up and running. Secondly, I have an XP machine at work, so no guarantees that this will work with all other Windows Operating Systems until I get to test it on one (not possible till about September at the earliest, I’ll put a todo item in my calendar to try to remember to do it).

Alright, down to the nitty-gritty of it. You first need to install a recent, if not the latest, version of Python, if you don’t already have it of course. When I was installing it on my work computer, that was Python 2.6.5. Now that would be Python 2.7, but since Python is intentionally backwards compatible, it SHOULDN’T matter. For installing Python, be sure to follow one of the many Python install guides available on the web, but the quick run-down of the install process is:

  1. Install Python.
  2. Edit your environment variables to add the Python directory to your PATH variable and create a PYTHON variable. I will cover editing/creating Environment Variables with the later part of this guide because you will have to do it again for cx_Oracle.
  3. Code in Python (you can use an IDE like Eclipse, or a regular text editor like Notepad++).

Next, run the cx_Oracle .msi installer for your particular Windows install. Now that was the easy part.

Next up is the part that most people seem to miss, having an Oracle client on your local machine. Oracle suggests the use of the Oracle Instant Client (updated link thanks to Tim in the comments), and that’s what I used this time. Oracle’s instructions seem to have improved since I first installed the Oracle Instant Client, but that doesn’t mean they are easy to follow.

  1. Go download, and unzip, the Oracle Instant Client from here.
  2. Put it in a place on the C:\ drive that is easy to find/access later (it’s a drag and drop procedure for getting the files there, no installer). My suggestion is to create a directory called Oracle, and place the instantclient directory in there. This way, my path to the Instant Client directory reads “C:\Oracle\instantclient”.
  3. Add this guy to your PATH Environment Variable. You can get to the Environment Variables by right clicking My Computer, select Properties, go to the Advanced tab, click the button that says “Environment Variables”, and now we’re here. From the Python install, your PATH variable (in the user variables section, not the system variables) should already exist from you creating it as “C:\Pythonxx”. Now, add that directory location from step 2 so that the PATH variable reads similarly to mine, which is “C:\Oracle\instantclient;C:\Python26″.
  4. Now you are going to need a tnsnames.ora file. For those of you that don’t know what that is, read here. The company I work for fortunately provided me with one, so I didn’t have to make it from scratch, but basically they contain your connection strings to the different databases you are going to be accessing. I saved mine to “C:\Oracle\network\admin” just for easy memory (and because that’s where someone else’s was when I asked). I hope you didn’t close the Environment Variables screen, you’re going to need it again.
  5. Lastly, you need to add the TNS_ADMIN variable with step 4’s path in it.

You have now installed cx_Oracle successfully. To really test it, you can open up a Python command prompt and run the following lines of code to test it (case sensitive).

  • import cx_Oracle
  • db_conn = cx_Oracle.connect(“user/”)

If either of those steps went wrong, double check the steps. If you still don’t know, comment on the post, or email me (my email is lying around somewhere on this site), and I’ll do my best to help you. There are also many forums and forum threads scattered around that have tried to explain these points as well, but I found them to be inadequate.

Lastly, Google is your friend for finding out about the different functions available in cx_Oracle, and the documentation isn’t terrible for this either.

Windows Shortcuts = Dangerous

July 20th, 2010 No comments

Well, I wanted to have my first blog post of the week be about a different topic, but since this is breaking news, I’m going to post about it.

There has been a new vulnerability discovered, and reported by Microsoft as of July 16th with security advisory number 2286198. It affects all Windows operating systems (XP, Vista, 7, and correlating service packs), and the source code is already publicly available. The worry is that this will start to experience wide-spread usage within the next few weeks by malware writers.

What It Does

When we browse the file system in Windows, it shows icons for each file/shortcut/directory, and these can be customized. This malicious code is hiding in the simple viewing (not even running the shortcut) of the shortcut’s icon containing the malicious code. The malware utilizing this exploit can spread via infected USB thumb drives and the usual unintentional downloading of trojan horses and the like.

How to Protect Against It

Follow Microsoft’s instructions for not displaying shortcut icons. Microsoft’s temporary fix can be found with their security advisory number 2286198 (see the Workarounds and Mitigating Factors sections).

My Original Source

I found out about this issue through Trend Micro’s CounterMeasures blog post about the situation.

Parting Advice

Follow the workarounds described by Microsoft in their security advisory and hope that they can push out their fix by Patch Tuesday in August (closest planned patch date).

Old Spice Style

July 14th, 2010 No comments

If I ever do my own ad campaign, I will definitely follow the model that Old Spice is using right now. If you are unfamiliar with what they are doing, they have the man in their regular TV commercials (which are quite humorous to say the least) doing personalized YouTube videos for people sending the OldSpice twitter account a message of what they would like said. Suddenly, Old Spice is getting tons of brand awareness, resulting from a little bit of real-time, instant work. Very interesting to say the least.

As more people become aware of this project of Old Spice’s, more people will submit to have videos made. As more videos are made, the larger the presence of Old Spice on YouTube and the internet in general. The larger their brand awareness level is, the greater expected profits for Old Spice and increased purchasing by consumers. To top it off, it is definitely a CHEAP advertising campaign. They are doing everything in probably 1-2 takes, and a little bit of writing ahead of time. The result will likely be a combo of the best use of social media to advertise and one of Old Spice’s cheapest advertising campaigns.

Of course, the novelty of this advertising scheme will likely only be viable for another day or so of straight use, but after that time, and giving the social communities a rest, Old Spice or someone else can likely rinse and repeat the process. Now, the most interesting use of this ad campaign would certainly be if someone ELSE had the guy say something that advertised for a different product all-together. Association would get the word of this other product out there, but would likely ruin the ad campaign for all the bystanders.

WordPress Upgrade Issue

July 1st, 2010 No comments

So recently, when BurgerBlog went through the automatic update from WordPress 2.9.x to 3.0, it ran into a slight hiccup that corrupted ALL of the posts that were on there. The issue seemed to be with the format of the single and double quotes throughout all the posts. They were all, without fail, replaced with ‘?’s. Now, what baffles me is how the system saved the wrong double and single quote symbols in the first place.

The quotes were the ones that are seen in word processors, like Microsoft Word, that are directional. So if I “quoted” something, the first quote would be different from the second quote.

Regardless, the reason that the system originally saved them, but no longer saved them is what truly confused me. As a result, I went through the following procedure:

NOTE: SQL knowledge and access to the phpMyAdmin page is required.

  1. Accessed the phpMyAdmin page, found on the control panel for your site. No, not the WordPress control panel, the one that’s on the back-end of the site itself (gives you access to your site’s stats, FTP accounts, email accounts, etc.).
  2. Browsed to the WordPress database and used the following SQL statement to find all posts that now had ‘?’s in them:
  3. To get all the posts with ‘?’s in them and their IDs.
    SELECT ID, post_title FROM wp_blogname_posts WHERE post_content LIKE ‘%?%’

    To get the distinct post titles that contain ‘?’s in them.
    SELECT DISTINCT post_title FROM wp_blogname_posts WHERE post_content LIKE ‘%?%’

  4. From there, I was able to garner the proper ID of the post title (most easily found by finding the present blog post with that title and selecting edit, then looking in the URL bar for the ID), and use SQL back-ups where possible to garner the most recent version with the quotes and single-quotes in them still.
  5. Did a find and replace on my back-ups for all of the incorrect double and single quotes.
  6. Manually pasted in the corrected post content directly into the database to expedite the process (could have done it manually with each edit page, but that requires waiting for all the WordPress functions and AJAX to load).

It took a couple hours to go through the 40 posts on BurgerBlog that were messed up, and that’s not including the extra time required to fix the ones I didn’t have back-ups for (I had been slacking with my consistent back-ups). Now, it is almost entirely fixed, with the exception being the couple of ‘?’s that were missed in the ones that were done manually (those should be fixed by end of 7/2 anyways).