Recently I've been asked this type of questions for several times.
It is like "If you can't access the back end, how do you know if a problem is from front end or back end?", or "If you can't access the database, how do you know the performance issue in the website is from the front end or back end?", or "In front end, how can you differentiate if a problem is from front end or from back end?"
I really don't have any clue how to answer this kind of questions. Can someone help me? Thanks in advance.
I think that alla the 4 questions could have a great number of answers,all of them depending from the context. Backend and frontend when using ajax requests get mixer a lot.
Let's say we're talking about performance problems in a website and we don't know anything about the architecture behind.
In this case I would take a look into network stats and timelines from firebug or similar. If some sort of request to our application server is taking to much time it could be the backend. But how to be sure? maybe the frontend is asking with an ajax call for al the database entries while the pace only needs are to display just one entry.
Maybe the only good answer for all the questions would be "I would start to look for performance bottlenecks and understand their nature "
Related
Does anybody know where documentation for the Metacritic api is/if it still works. There used to be a Metacritic API at https://market.mashape.com/byroredux/metacritic-v2#get-user-details which disappeared today.
Otherwise I'm trying to scrape the site myself but keeping getting a blocked by a 429 Slow down. I got data like 3 times this hour and haven't been able to get anymore in the last 20 minutes which is making testing difficult and application possibly useless. Please let me know if there's anything else I can be doing to scape I don't know about.
I was using that API as well for an app I wrote a while ago. Looks like the creator removed it from Mashape. I just sent him an email to ask whether it'll be back up. I did find this scraper online. It only has a few endpoints but following the examples given you could easily add more. Let me know if you make any progress!
Edit: Looks like CBS requested it to be taken down. The ToS prohibits scraping:
[…] you agree not to do the following, or assist others to do the following:
Engage in unauthorized spidering, “scraping,” data mining or harvesting of Content, or use any other unauthorized automated means to gather data from or about the Services;
Though I was hoping for a Javascript way of doing this, the creator of the API also told me some info.
He says I was getting blocked for not having a User agent in the header and should use a 429 handling procedure i.e. re-request with longer pauses in between.
A PHP plugin available as well: http://datalinx.io/shop/metacritic-api/
I had to add a user agent like JCDJulian said and now it allows me to scrape. So for Ruby:
agent = Mechanize.new
agent.user_agent_alias = "Mac Firefox"
Then it stopped giving me the 403 Forbidden error.
I am working on enhancing the a search functionality of a website.
The current search is working as
1.reading all the rows from the database
2.find keywords from each rows and return the result.
The problem is it is too slow and it has to prepare all the data in the backend which mean read all the data from different database and put them to html.
The solution comes to my mind is:
show partial search results (like 10) which means as long as it find enough result in the databse it will stop reading and searching rows.
once user scroll down the page, using ajax to trigger another process of searching
My questions is:
Is it a good way(possible way) to do that?
Any tutorial source I should look up.
i know it is kinda abstract question, but I need advice for this.
Thanks in advance.
Update my research:
https://github.com/webcreate/infinite-ajax-scroll
this jquery lib can do the front end job
I'm trying to retrieve a user timeline from Twitter using YQL's community Twitter table. The full REST url is
https://query.yahooapis.com/v1/public/yql?q=SELECT%20*%20FROM%20twitter.status.timeline.home%20WHERE%20oauth_consumer_key%20%3D%20'kt9wDTrDREjXzRhBMpw'%20AND%20oauth_consumer_secret%20%3D%20'zNnA76G3NhZSeaJdRv7munbyutlcqK8k0hazf6JrEo'%20AND%20oauth_token%20%3D%20'195tuy9661-yJFEsgA0VPCwg6gsNHtuy2y2Kq2LwTdKe4BRYa4j'%20AND%20oauth_token_secret%20%3D%20'myWfyDTtOHscMmJy6tuyU1XDyiZJiIIRkK7sIPvT2ngI'&diagnostics=true&env=store%3A%2F%2Fdatatables.org%2Falltableswithkeys
(keys have been mangled to protect the guilty)
The response I get is:
The current table
'twitter.status.timeline.user' has
been blocked. It exceeded the allotted
quotas of either time or instructions
As I seem to be doing the querying correctly, I'm at a bit of a loss as to why I should get this response, particularly since it works as it should through the YQL console. The only thing I can think of is that I need to authorize my query somehow with an API key, or oAuth credentials, but I haven't been able to find a comprehensible example of how to do this.
Can anyone possibly point me in the right direction on this? YQL's community tables seem to offer a marvelous way to do very complicated things with ease, so I'd hate to fall at the last hurdle so to speak.
According to the twitter docs the call to this API endpoint is supposed to return the last tweets from the authorized user, right? Not from any kind of user. Just checking that this is really what you want to achieve.
From: http://dev.twitter.com/doc/get/statuses/home_timeline
Returns the 20 most recent statuses,
including retweets if they exist,
posted by the authenticating user and
the user's they follow. This is the
same timeline seen by a user when they
login to twitter.com.
This is the definition of the datatable that you are using. I am a bit confused about the #id parameter in the example of that datatable because I don't see it being used anywhere.
www.datatables.org/twitter/twitter.status.timeline.home.xml
The error message you get sounds like an internal YQL error message and not like something that comes from Twitter, doesn't it?
Sorry for not being able to provide answer right now but maybe raising other related questions can help somebody else or you to figure it out. If I crack this later I will add to this again.
You have to have a form on your website for people to send an email to a friend if they found something interesting. You can force people to be logged in (which is not a good option in my case). You can make time delay (this is not really urgent email, so it can wait for 5 minutes). Do you have this problem? How would you solve it?
Edit: I am mostly interested in stopping manual spam
Do you have a problem with automated scripting of your form, or people genuinely using it too much?
The simple solution to the bot problem is a Captcha, such as ReCaptcha. The user-friendliness is questionable, but it would perhaps solve your problem.
You can also use something different from all those captcha scripts. Let me tell you what I do:
- I create a md5 hash:
$secretWord='TryToHashMe';
$formID='myForm';
$md5Value=md5($secretWord.$formID);
echo '<input type="hidden" name="form-check" value="'.$md5Value.'">';
echo '<input type="hidden" name="bot-check" value="">';
those are 2 very simple ways because: 1) auto bots try to fill all your inputs and 2)the hash is not provided, this mean you have a post request from outside your site. The hashing could be extended with some session or cookie, too.
All the best!
I would recommend a Captcha or if you would like something a bit less intrusive, have a simple math problem(which changes) so you just have something like:
For spam protection: Type what Two Plus Two is here _________
I did this on my personal website and never had a problem(and I had a lot of attempts that failed by spambots)
This service has very good anti-spam measures.
http://www.tellafriendking.com/features.php?showall=1#spam-free
FYI, I am involved with the company, so I'm not entirely unbiased, but we do get a lot of refugees who come to us to end their spam problems with other services or downloaded scripts.
Edit:
If you feel the need to vote down, perhaps you should leave a comment too...
The best solution is to use an all-purpose bot filtering solution. I know this is an old post, but a new botnet was discovered that uses these send to a friend modules to send spam (not a new technique but some interesting new advancements).
According to one security vendor (good tips), “At a minimum, they should include a rate-limiting mechanism that will prevent an IP address from issuing unreasonable numbers of requests over a specific period of time. Other DIY solutions are to have all users fill in CAPTCHAs and to enforce registration as a prerequisite to sending out an email message.”
In a web application, when your server side code screws up and experiences an unhandled exception, what is the most appropriate way to tell the end users of what happened?
Do you simply say "Something unexpected happened and we are sorry". Should you try to make some sense of what the exception was and what the user was trying to do and let them know how to recover, if at all thats possible?
End users will care a great deal if they are part way through a transaction when this happens and they have to start again. As far as possible you should try and maintain their client state (i.e. form values they have typed in). That's probably your most important consideration if you are looking to keep them happy.
Most end users will not appreciate a witty remark about how lucky they are to have found your bug, in fact it is more likely to greatly annoy them. If you want to use your users to report bugs (and they will do it) then show them an error code and short description and get them to pass it back to you in its entirety.
In all cases you need to try as far as possible to give them a clear instruction on what to do next e.g. "There has been an unexpected error. Press send again" Best guidance is to keep the language formal and concise, you don't need lots of please and thank you, although it may suit your polite nature. You want messages to be short, concise and didactic rather than chatty.
The Lynx text-based browser has a nice message, something like: Congratulations, you have found a bug in Lynx! Following are instructions for filing a bug report (mainly sending a log file to a given email).