PHP Session Storage

This is a continuation of my older article PHP Memcache Extension - Lesser Known Pitfalls. Reader Tony pointed out a very strong statement I made regarding not to use memcache as PHP session storage.
I have to admit that was some strong statements I made when I was writing that post. Thank you Tony for pointing that out. :) I have since changed the wording a bit to not deny the all usages of memcache in replacement of session.

Here's a couple situations I think are not good ideas when using memcache as the primary session storage:

1. putting shopping cart data in memcache on a high volume e-commerce site. if the memory on the memcache server runs out or it crashes, your customers will instantly loose everything in the cart.
2. putting user session data in memcache. this one is arguable. again, in a high volume situation, if memcache server goes away, just imagine how many queries will be triggered on your database.

I'm sure it's very arguable that none of those will be problems when using clustered memcache servers and have memcache servers installed with 64GB of memories (God forbid if all 64GB of data all got lost because of a power outage)

However, if the size of each session is controllable, growth of session data is foreseeable, and in case of failure, data is recoverable without triggering major disaster, I'm definitely pro on using memcache as the session storage. There are many ways to achieve this. Here's a couple ideas of mine:

1. Controlling the size of each session can be easily achieved by optimizing your code. A lot of times I see people toss everything into a session (like user data) just in case a piece a data might be needed somewhere, sometime in the future. This leads to a lot of unnecessary data being stored in session. 
2. Optimize the query that gets the data before it is set into session. In case of failure, you need to ensure that your database can handle the amount of traffic for recovering the data. If each lost session requires a major join query, you can well guess how long the database will last.
3. Have a backup plan for the session data. If you have the luxury of using data storage mounts backed by NAS, utilize it. Put your session data in memcache for fast access, leave a copy on the NAS for faster and safer recovery. (remember, I don't mean leave a copy permanently)
4. Again, if you have the luxury of using storage mounts backed by NAS, try use SQLLite for your user data. Each user will have his/her own SQLLite file. Whenever data needs to be retrieved, SQLLite file gets hit first. Imagine the load gets spread across thousands of disks. 

All in all, I'm not opposed to any form of session storages as long as all sides of it are well thought out and planned out.

Fried Video Card

Things are just not heading towards North as I wished. Ever since I had my WoW account hacked, it seems like every little thing can turn South at the most unexpected time.

Just as I was trying to finish up the dev work on the three Chrome Extensions, my video card gave up on me. Sadly, I'm on a Dell XPS400 that was built 4 years ago and the video card is only a GeForce 6 series. I know, it's really a joke to most of  you guys. It's definitely a legacy video card now consider that it's only PCI-Express x16 without the buzzy word "2.0". I guess I should've replaced it when the fans started making noises....  Everything is too late now. It finally frozen up my screen and gave up on itself.

I'm actually writting this post from my wife's laptop which I'm not allowed to use for programming. It's a netbook strictly bought for her for reading online novels (those chinese love novels.... are they really that good?)

I have placed an order for a new video card, a GeForce 9800 GT, from newegg.com. It should arrive by tomorrow. For those of you who came from the support link on my extensions, please be patient. I'll be back on track in a couple days, promised.

First Tweet from Space

Just about 10 hours ago, Timothy J.(TJ) Creamer, a NASA Astronaut tweeted from the International Space Station. This marks as the 1st tweet from space.

According to the statement release today by NASA, "Astronauts aboard the International Space Station received a special software upgrade this week – personal access to the Internet and the World Wide Web via the ultimate wireless connection."

This personal Web access, called the Crew Support LAN, takes advantage of existing communication links to and from the station and gives astronauts the ability to browse and use the Web. The system will provide astronauts with direct private communications to enhance their quality of life during long-duration missions by helping to ease the isolation associated with life in a closed environment.


During periods when the station is actively communicating with the ground using high-speed Ku-band communications, the crew will have remote access to the Internet via a ground computer. The crew will view the desktop of the ground computer using an onboard laptop and interact remotely with their keyboard touchpad.


Ok, they don't have full access to internet all the time, but probably a few hours per day as the station orbits around the earth. Also, the access isn't directly through a dell/mac they brought with them, but rather through a computer on the ground which the astronaut will access using remote desktop. Still though, this is really cool. This gotta be the most interesting place to use twitter and marks the first step toward full internet access in space.

Now, here comes some fun facts from the statment:

Astronauts will be subject to the same computer use guidelines as government employees on Earth


This translates to as:  no porn, no WoW, and the other 100,000 noes from the government computer use guidelines handbook.

Regular Expression Checker v1.1.2 Released

This is a very minor release, but it did include a significant update.
The tool now accepts html or any other markup language format. Previously, since the results are directly outputted into a div, any thing wrapped within < and > would been parsed by the browser. These tags are now properly parsed and regular expression matching mechanism has been updated to support this change.

Release Notes:
v1.1.2
 - support for html is added
 - some code optimization

WoW Account Hacked

Sigh.... The unthinkable has happened. My WoW account was compromised last night. Some punk ass somehow got my logon info and went through all of my characters across realms. Everything that could be sold was gone and all my gold is gone as well. My characters are practically naked now.

There have been lots of phishing emails lately. So far, I've been able to identify them all. This time, I'm really suspecting it's the UI Addons I've been playing around with lately. There were probably key loggers in those freaking UIs. To up the security, I've just ordered an Authenticator and I will reinstall all my computers at home tonight.

I have contacted Blizzard via email and webform. So far their phone line has not worked. According to their support page, there's a chance to restore all my items/gold if I report the compromise within 2 weeks (which I did, obviously).  But, this restore can only happen once per account. If the account is compromised again, only lost characters would be restored, but no gold/item would be reimbursed.

When an account is reported or its security appears to have been compromised, the World of Warcraft Customer Support Staff will disable access to the account while we conduct an investigation. Once we are confident that account access privileges have been restored to the registered user (and only the registered user), we will enable access to the account. While we will attempt to restore any items/gold missing from the account, we cannot guarantee that lost items/gold will be reimbursed. Reimbursement is only a possibility if the situation is reported within 2 weeks (14 days) from the date the account was first compromised. Additionally, restoration due to an account compromise is offered only once. Should the account become compromised in the future, we may restore deleted characters, but no reimbursement of items/gold lost will be offered. 

Chrome Armory v1.3.2 Released

After staying up very late last night to push out v1.3.0, I was very happy with the new code optimizations. Now that the whole code base is based on a much stronger structure/framework, I started doing some reality checks on the list of features on my notebook (btw, it was updated early this morning after seeing the new wowarmory). Surprisingly, most the features can be done much sooner since the implementation part has gotten much easier and cleaner.

I had a long 3 hour drive home from work today (LA traffic SUCKS). Usually it's a long ass boring drive, but not today. My brain was going through each planned/unplanned features to figure out how they can be done and in which order they can be released. Don't under estimate the power of 3 hour traffic jam. I've not only reordered the release milestones on my basecamp, but also added a few more features onto my notebook after I got home.

So here it is, v1.3.2. I quickly finished off some of the features that were interrupted by yesterday's emergency release and also added a simple but very very neat feature - 3D Model Viewer.

Release Notes:
v1.3.2
 - added new character 3D model viewer
 - added base/ranged/melee/spell/defense stats of the character
 - lots of code optimization and speed optimization

Chrome Armory v1.3.0 Released

v1.3.0 is supposed be a big release, but since Blizzard decided to update wowarmory.com, this version has been taken over by code updates to support Blizzard's updates.

However, this release isn't a minor patch release. It did contain quite a bit of changes and including a new feature. I went through major refactoring over the quick and dirty codes (remember, this extension was my first extension and took me only half a day to finish v1.0). The end result is a more organized, more secure, and much faster code base. You'll probably notice the load time on a character's profile has increased. This round of refactoring is only the first step of many that I have planned.

My goal is to have a release at least once a week (every Sunday). There are many ideas on my notebook (on Evernote), so stay tunned in for more. :)

Here are the release notes:

v1.3.0
 - major release to support new wowarmory.com UI
 - added character specs
 - detects the active and inactive specs