Szerteszana²

grin agymenései
Taggalés programozás

The quest for the perfect trim function in Perl

2013-10-17 10:49:39 írta grin
Guys will have been debating about whether there are gek girls or the causes behind the lack of them, and one of the point raised was the lack of will to pursue boring algorithmic questions. Funny that.

Oh, what I wanted to talk about was one of the most boring and simple and everyday things in programming: trimming the leading and trailing spaces from strings (remove them from the beginning and the end, that's it), and the Perl language.  At that point all non-programmers and people who cannot speak perl or regular expressions are relieved from duty, go and get some food.
For those that remained, you may well know that there is no "trim" in perl, you usualy either use a module (Text::Trim comes to mind) or actually regexp it yourself. Most people have their favourite.

But they may not be the best ones!

Perlmonks (who are the pros in everything in perl, most of the time) had their run at it several times, but I wasn't quite satisfied about the depth of the analysis. I need the perfect trim!

So ­ ­ - following the Monk mindset - I gathered a few ideas, among my usual one, and threw them in two testing modules, namely Benchmark and Test::More; first to see the speed and second to check corectness. Actually, it's been the other way around: first I have thrown out those which were buggy and benchmarked the rest.

So here are those who did not fail the tests:
    grin1   => '$str =~ s/^\s*(.*?)\s*$/$1/;',
    mre     => '$str =~ s/^\s*((?:.*\S)?)\s*$/$1/;',
    silly   => '$str =~ s/^\s+//; $str=reverse $str; $str =~ s/^\s+//; $str=reverse $str;',
    hellish => '$str =~ s/^\s*//; $str =~ s/\s*$//;',
    hellish2=> '$str =~ s/^\s+//; $str =~ s/\s+$//;',
    split   => '$str =~ s/^\s+|\s+$//g;',
    te_tri  => '$str =~ s/\A\s+//; $str =~ s/\s+\z//;',


First one was what I usually used, and the rest was advised in various places. The benchmark said:

       mre: 13.8181 wallclock secs (13.67 usr +  0.01 sys = 13.68 CPU) @  730994.15/s (n=10000000)
     grin1: 11.2415 wallclock secs (10.81 usr +  0.04 sys = 10.85 CPU) @  921658.99/s (n=10000000)
   hellish: 6.81456 wallclock secs ( 6.50 usr +  0.01 sys =  6.51 CPU) @ 1536098.31/s (n=10000000)
     silly: 4.13783 wallclock secs ( 4.14 usr +  0.00 sys =  4.14 CPU) @ 2415458.94/s (n=10000000)
  hellish2: 1.69636 wallclock secs ( 1.70 usr +  0.00 sys =  1.70 CPU) @ 5882352.94/s (n=10000000)
    te_tri: 1.70796 wallclock secs ( 1.70 usr +  0.00 sys =  1.70 CPU) @ 5882352.94/s (n=10000000)
     split: 1.03471 wallclock secs ( 1.04 usr +  0.00 sys =  1.04 CPU) @ 9615384.62/s (n=10000000)


which is quite an interesting result. My version was quite a good one until I have removed those which were slower AND buggy. Now not quite that fast anymore.

One important point: this is perl v5.18.1, and it seems that optimalisations in perl code matter.

Due to that may have happened the biggest surprise that hellish code was magnitudes slower than anything else due to many matching failures in matching the ending and now it ran quite good. The silly method gave fast results either which shows how slow the end matching still is.

But to my greatest surprise the winner was the split method using repeated matches, which was faster than the method used in Text::Trim module (which is using the fancy way of the fixed up hellish2 regexp pair), and not by a small margin but almost twice as fast. And, oh, ten times faster than my original. :-)

So now I know what to use. :-)

Enable password saving in web forms

2013-05-23 10:27:04 írta grin
Some people just cannot get it.
I do not get into password security theory right now, it has been well debated to death already. Basically the best way – in my not-so-humble opinion – is to use different, long and random passwords everywhere (at least on the web) and store them in a secure password manager program protected with one very strong, but memorizable master password. (Unfortunately there are lots of programs and web services around offering password management while utilising security in horrible ways, including unsafe or weak encryption, transferring live passwords on the net, sometimes even unencrypted, or storing the cleartext passwords in an olnline database. It is really hard to find one which is secure, cryptographically sound and trusted. And don't get me started with online news articles written by miners and shoemakers playing mad scientist for the masses, telling which program is good and which is not; they can't even spell cryptography, let alone understand what it means. But that's a topic for another day.)
So I advise you to use a secure password storage, with long random passwords, lots of them.
For the web, the easiest way to use a browser with a secure storage. Firefox have one, if you use a strong master password it's quite safe (well, not Fort Knox, but "pretty good").
Sometimes you want to use external password manager, or anything which cannot autofill the form: there you retrieve the long random noise and try to copy it into the password field. Easy, quite secure (as long as you trust your copy buffer, but then again this is a different topic altogether; I do not start to talk you about swap files - security is a bitch).
So, here come the people who cannot get it.
Some people think it is really smart to disable browser password saving. Completely. For everyone. They think it's better to use memorizable "secure" passwords than long random ones. Or maybe they want to laugh at you trying to type them in. So they include shit on their webpage like "autofill=no" attributes. Nasty.
Others think that you should not copy secure passwords, Allah knows what'd on their mind, if they had any. Setting onPaste="return false" and like on web forms. Double nasty.
So here's a script, which is an adoption of someone's script I saved long time ago. I am lazy to look it up, if you're the author you're welcome to tell me and I'll inlcude the credits. The script was updated to handle oncopy and onpaste.

In Firefox at least you create a new bookmark and copy the whole stuff into the URL. Anytime you need to save passwords, click on it, then start filling out.
Enjoy.

javascript:(function(){var%20ca,cea,cs,df,dfe,i,j,x,y;ca=cea=cs=oc=op=0;df=document.forms;for(i=0;i<df.length;++i){x=df[i];dfe=x.elements;if(x.onsubmit){x.onsubmit="";++cs;}if(x.attributes["autocomplete"]){x.attributes["autocomplete"].value="on";++ca;}if(x.onpaste){x.attributes.onpaste.value="";++op;}if(x.attributes["oncopy"]){x.attributes["oncopy"].value="";++oc}for(j=0;j<dfe.length;++j){y=dfe[j];if(y.attributes["autocomplete"]){y.attributes["autocomplete"].value="on";++cea;}if(y.attributes.onpaste){y.attributes.onpaste.value="";++op;}if(y.attributes["oncopy"]){y.attributes["oncopy"].value="";++oc;}}}alert("removed%20autocomplete=off%20from%20"+ca
+"%20and%20from%20"+cea+%20",%20and%20removed%20onsubmit%20from%20"+cs
+%20".%20after%20you%20type%20your%20password%20and%20submit%20the%20form,%20the%20browser%20will%20offer%20to%20remember%20your%20password."
+%20"%20also%20removing%20"+op+"%20onpaste%20and%20"+oc+"%20oncopy.")
})();


Taggalés programozás

Szerteszana²

grin agymenései