Alvin Poh

Author: Alvin Poh (page 2 of 48)

How to find and replace a text string in all files on your cPanel / WHM / Linux / Unix server

If you need to quickly find and replace all occurrences of a string of text, the Linux shell is a very helpful too. To do this, we’ll be using the find, xargs, and sed commands. Find is pretty self-explanatory, and sed is short for “stream editor”, which allows you to filter and transform text. xargs is a command that takes in input and executes your chosen command on it – and in our following example, allows you to run the same command on each of the things the find command found.

Here is the command:

find /home/username/public_html/ -type f -name ‘*.php’ -maxdepth 4 -print0 | xargs -0 sed -i ‘s/’

In English, this means to find (find command) in /home/username/public_html/ any file (-type f) of file extension .php (-name ‘*.php’). It searches for 4 levels of sub-folders (-maxdepth 4) after your specified location, and edits files in place (-i). The arguments -print0 (for the find command) and -0 (for the xargs command) must be used together. What it does is separate file names with a 0 (NULL) byte so that file names containing spaces or newlines won’t cause errors.

To limit your search to only the current folder and not search through any sub-folders, use the -maxdepth 0 option.

How to find and replace text string in all MySQL tables

The following tutorial is helpful if you have a MySQL database and need to find and replace all occurrences of a string, for example, replacing “” with “”. This is useful if you are moving or cloning your website to another domain, especially if you are using software such as WordPress.

First, go to your old domain name and export the ENTIRE database, including enabling the option to “drop tables” if they’re already present. If you’re using PHPMyAdmin, you’ll want to select the option as highlighted below. To see these options, choose the Export Method: Custom – display all possible options.

how to find and replace text string in all mysql tables

Once you’ve obtained your .sql file, open it up in a text editor like Notepad, and do a find-and-replace of the string that you’re looking for.

After which, the next step is to import the .sql file back into your MySQL database. The “drop tables” command will remove all the existing tables, and then import your data. You now have a database with all the occurrences of your text string properly replaced.

How To Keep Indentation For The Second Line Onwards In Your Lists (CSS / HTML)

If you’re trying to preserve indentation for your lists, especially when you have multiple lines, then this is the code that you need. It’s fast, east, simple, and works to keep the indentation for the second line onwards (per bullet-point). As you’d imagine, this will work for both ordered (OL) and unordered (UL) lists.

li {
list-style-position: inside;
text-indent: -1em;

The Best Investment Strategy – The Lazy Portfolio

I’ve had many years of experience trading stocks and I’ve even dabbled into Contract For Differences (CFD) and forex. However, while I had my good times and great returns, I’ve also had my “investments” go belly-up or languish for months. If you’re young, “waiting for your investment to break even” may not seem like a bad idea, but if it’s $100,000 worth, and you have to wait a year for it to just breakeven, you’re not coming out of it flat – you’re also giving up the gains had you invested the money elsewhere during that one year. This is otherwise commonly known as “opportunity loss”. When you consider that you can put that same amount into a savings account that gets you 1% per annum, or a stock index exchange-traded fund (ETF) that might get you 8% per annum, you can start to feel the pinch.

Embarrassingly, it was only until recently that I found the concept of “lazy portfolios”. Essentially buying the whole market, it was the perfect answer to what I was looking for: a mix of diversification, lowered risks, indifference to bull and more importantly bear market cycles, returns that beat market benchmarks, and most importantly, takes no time and effort at all to implement and maintain.

Here are the 3 benefits of a lazy portfolio:

1. Saves Time

How do you know what stock will go up (or down)? You don’t. In fact, noone can. Not consistently, that is. So rather than to guess/gamble/speculate or spend hours of your time doing “research” and “analysis”, why not just buy the whole market? Stock index ETFs allow you to do so. When you consider that it is incredibly difficult to beat the market, why not buy the market, and enjoy the gains that the markets make?

2. No Stress

Worried about your portfolio’s performance? Not sure when the next bear/bull cycle will be? Concerned about when to buy or sell? Forget all of that. Use Dollar-Cost Averaging, or Value Averaging, or a combination of both. If you’re using the Lazy Portfolio strategy, you’d be more excited when there are bear cycles because you’d think of them as a great fire sale, and want to buy more then. Compare this to what people would normally do, which is to sell, and you can see how much more stress-less this strategy is.

3. Solid Returns

You might think that with all these benefits, a strategy like this would probably be low-returns as well, but you couldn’t be further from the truth: a lazy portfolio averages 7% annually. That’s the kind of returns that the stock market will average, and you don’t even have to pay much fees for this (we’re talking about something like 0.05% for a Vanguard ETF). Unlike mutual funds or unit trusts, you don’t pay fees of 1% to 5% a year. On an investment of $50,000, that difference will result in $97,866 after 30 years (with a 0.05% annual fee), versus $84,561 (with a 1.5% annual fee). And that’s assuming your unit trust beats the market (many fail to, even experienced fund managers).

Lazy Portfolio For A Singaporean

Interested? Well, as a Singaporean, we have the problems of a relatively illiquid stock exchange as compared to other markets such as the New York Stock Exchange, London Stock Exchange, or even the Hong Kong Stock Exchange. However, the Singapore Stock Exchange is getting better and more liquid with every year. Until then though, I have chosen to invest my funds elsewhere.

Case A: Investing in the US market

I considered the US markets, especially for their popular Vanguard ETF options. However, there is a 30% withholding tax on dividends of US-domiciled ETFs for international investors from a country without a tax treaty with the United States (Singapore is without a tax treaty). That adds up to a fair sum.

In addition to that, I didn’t want to risk any chance of dying and leaving my family the grand gift of a huge estate tax (this can be up to 55%, so don’t think that it’s a small amount). Since the lazy portfolio is a long-term approach, I didn’t want to park my funds in US-domiciled brokers and ETFs.

Here are some links for international investors:

IRS – Characterization of Income of Nonresident-Aliens

IRS – Some Nonresidents with U.S. Assets Must File Estate-Tax Returns

Unless you are a US citizen or live in a country with a tax treaty with the US, you should probably avoid holding US-domiciled ETFs. Read on for my solution to this.

Case B: Investing in the Canadian market

The next best market seemed to be the Toronto Stock Exchange, which has liquidity, and quite a range of ETFs. However, withholding tax was still 25%. That means for every $1 you get as dividends, you will be taxed $0.25. Ouch.

If you are feeling bullish about the CAD currency, and maybe plan on retiring to Canada, then this portfolio will make sense. The Global Couch Potato model portfolio that is recommended is made up of 3 equity ETFs, in equal parts.

  1. iShares MSCI EAFE IMI (XEF.TO, CAD): International equities ETF, covers the whole world except North American (Canada and USA)
  2. Vanguard US Total Market (VUN.TO, CAD): US equities ETF.
  3. Vanguard FTSE Canada All Cap (VCN.TO, CAD): Canada equities ETF.

The portfolio is no slouch, gaining over 10% every year for a 10-year period.

Case C: Investing in the London and Hong Kong markets

The best markets for Singaporeans seem to be the London and Hong Kong markets. Both London and Hong Kong have no capital gains tax. London-domiciled ETFs will have a 15% tax on dividends (at source – you don’t see this tax on your received dividends), and Hong Kong-domiciled ETFs have a 0% tax on dividends.

  1. ABF Pan Asia Bond Index (2821.HK, USD): The ABF Pan Asia Bond Index invests in domestic currency-denominated government and quasi-government bonds issued in eight EMEAP markets, namely, China, Hong Kong, Indonesia, Korea, Malaysia, Philippines, Singapore, and Thailand
  2. Vanguard FTSE All?World UCITS (VWRD.L, USD): International equities ETF, covers the whole world
  3. SPDR Straits Times Index (ES3.SI, SGD): Singapore-only equities ETF

How To Start a Lazy Portfolio As A Singaporean

I feel that my CPF acts somewhat as a bond component of my portfolio, so I’m reducing my bond component in my portolio.

The broker I use is Saxo Trading, which has a really straightforward account opening process. It has slightly more expensive trading commissions and rates than other brokers such as E*Trade, but has the benefit of not having any of the problems of US estate duties that I highlighted before. Saxo Trading does slap you with a hefty forex conversion fee (additional 0.5% on your conversion), so always try to fund your Saxo account in the currency that you want to trade with.

Request A Call From Saxo TradingHave someone from Saxo personally call you to explain and guide you with their accounts.

For me, since I wanted to buy ETFs denominated in SGD and USD, I simply opened a HSBC Multi-Currency Account, and denominated it in SGD and USD. This has a benefit over other local banks in Singapore because I could do a same-day transfer to Saxo Trading’s bank account, which is also a HSBC bank account. From then on, every transfer I make to/from my HSBC account and to/from my Saxo Trading account, could all be executed online and completed within the business day.

What’s Next – Maintaining Your Lazy Portfolio by Rebalancing

The only thing that you need to do is to make sure that your portfolio components maintain their ratios. For my portfolio, I’d just ensure that each equities component is roughly equivalent, and that my bond component doesn’t exceed half of my age (e.g. if I’m 30 years old, it should not exceed 15%). Since I don’t plan on selling, I merely add funds to the component that is lagging.

If, however, you plan on selling some components, then during your portfolio rebalancing (which can even be an annual affair – there’s no “right” time to do this), you would sell some units of your best-performing component, and add those funds to your worst-performing component and try to bring the mix back to their original levels again.


And that’s it. After this, decide on a regular period in which to make more purchases of your ETFs, and leave your portfolio to do its work, and spend more time doing the things that you love!

How To Mass Update WordPress URLs After a Site Migration

If you’ve moved your WordPress installation from one URL structure to another, then you might find that certain things might break: for example, image paths.

Updating all your paths will just take a few seconds with a simple MySQL command. Go to PHPMyAdmin, a popular database management panel that your web host should provide you with, and open up your WordPress database. What we’re going to do is to perform an update of all BLOB fields, or in other words, update all the posts that you have at once.

Here’s the SQL command that you should run:

UPDATE `wp_posts` SET `post_content` = replace(post_content, '', '')

Best Protein Bar Review: Which Is The Healthiest Of Them All?

I’ve been trying to change my diet to eat a lot cleaner and healthier food recently, and that means less of processed foods (hams, sausages, burger patties, candy, etc), sugared drinks, and artificial stuff, like artificial sweeteners. Unfortunately, that also leaves me in a bit of a problem when I get hungry in the middle of the day, or when I’m on the move, because I’m suddenly faced with a lot less options to turn to.

So I started researching on possible solutions, and I found protein bars: high in protein, convenient, and seemingly healthy. I started looking at the various kinds of protein bars available on the market, and got myself several brands. Unfortunately, I realised that not all of them were made equal. Even though they came with 20g or so of protein, some protein bars actually had the nutritional profile of a Mars bar!

I only found this out the hard way by trying at least 5 different brands of protein bars – Promax, Promax LS (Low Sugar), Pure Protein, CLIF Builder’s, Quest – before I started reading the nutritional labels closely, and finding out that some of them had WAY too much sugar.

Take a look at these Promax bars for instance. I was wondering just how different the regular Promax protein bars and the Promax LS (lower sugar) protein bars are, until I looked at the nutritional label:

promax protein bar nutrition

These regular Promax bars have 30g of sugar! That’s almost half its weight! And yes – that’s almost what a Mars bar has in them too. After this fact dawned upon me, I realised that it was the reason why their wrappers were designed the way they were. If you noticed, the regular bars had no mention on the amount of sugars, just that it had 0g trans fat, and 18 vitamins and minerals. It was only the Promax LS bars that started to show off the fact that they had 9g of sugar.

promax protein bar compared

The one bar that I found had a really good nutrition profile was from Quest. To me, this was the best protein bar around. It had only 1g of sugar, and didn’t have any artificial sweeteners too.

best protein bar quest

I found out that the flavor greatly changed how much I liked the bar’s taste though. Since taste is subjective, you might have to try the flavors out yourself. Personally, I liked these flavors the best: Chocolate Brownie was my definite favourite, followed by Cookies and Cream, and Cinnamon Roll, and then Double Chocolate Chunk. Here’s how the inside of Chocolate Brownie looks like:


If you’re looking for the best place to buy protein bars, I highly recommend for their low prices, and fresh stock. I’m from Singapore, and ships to Singapore for only S$4 – that’s an incredible deal, and way cheaper than anything that you could get locally!

Save $10 on your first order! Just use this iHerb coupon when checking out: VHW626

Essential .htaccess Tips and Tricks

People running on a good web host should be able to make use of a .htaccess file, which is a plain text file that allows you to have configuration rules that affect your Unix web server on a per-directory basis.

This is a good starting .htaccess file that beefs up your web server’s security, with rules from a post on, and

# Disable server signature
ServerSignature Off 
# deny folder listing
IndexIgnore *
# deny directory browsing
Options All -Indexes
# enable symbolic links
Options +FollowSymLinks
# enable basic rewriting
RewriteEngine on
# Prevent use of specified methods in HTTP Request 
# Block out use of illegal or unsafe characters in the HTTP Request 
RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC,OR] 
# Block out use of illegal or unsafe characters in the Referer Variable of the HTTP Request 
RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] 
# Block out use of illegal or unsafe characters in any cookie associated with the HTTP Request 
RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] 
# Block out use of illegal characters in URI or use of malformed URI 
RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* [NC,OR] 
# Block out  use of empty User Agent Strings
# NOTE - disable this rule if your site is integrated with Payment Gateways such as PayPal 
RewriteCond %{HTTP_USER_AGENT} ^$ [OR] 
# Block out  use of illegal or unsafe characters in the User Agent variable 
RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] 
# Measures to block out  SQL injection attacks 
RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR] 
# Block out  reference to localhost/loopback/ in the Query String 
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR] 
# Block out  use of illegal or unsafe characters in the Query String variable 
RewriteCond %{QUERY_STRING} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] 
#proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc\/self\/environ [NC,OR] 
RewriteRule .* - [F]
########## Begin - File injection protection, by
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http%3A%2F%2F [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
########## End - File injection protection

Regex Character Definitions For htaccess

In addition, I found the following write-up useful for understanding the characters in the square brackets after each rule (from StopMalvertising).

the # instructs the server to ignore the line. used for including comments. Each line of comments requires it’s own #. when including comments, it is good practice to use only letters, numbers, dashes, and underscores. this practice will help eliminate/avoid potential server parsing errors.

Forbidden: instructs the server to return a 403 Forbidden to the client.

Last rule: instructs the server to stop rewriting after the preceding directive is processed.

Next: instructs Apache to rerun the rewrite rule until all rewriting directives have been achieved.

Gone: instructs the server to deliver Gone (no longer exists) status message.

Proxy: instructs server to handle requests by mod_proxy

Chain: instructs server to chain the current rule with the previous rule.

Redirect: instructs Apache to issue a redirect, causing the browser to request the rewritten/modified URL.

No Case: defines any associated argument as case-insensitive. i.e., “NC” = “No Case”.

Pass Through: instructs mod_rewrite to pass the rewritten URL back to Apache for further processing.

Or: specifies a logical “or” that ties two expressions together such that either one proving true will cause the associated rule to be applied.

No Escape: instructs the server to parse output without escaping characters.

No Subrequest: instructs the server to skip the directive if internal sub-request.

Append Query String: directs server to add the query string to the end of the expression (URL).

Skip: instructs the server to skip the next “x” number of rules if a match is detected.

Environmental Variable: instructs the server to set the environmental variable “variable” to “value”.

Mime Type: declares the mime type of the target resource.

specifies a character class, in which any character within the brackets will be a match. e.g., [xyz] will match either an x, y, or z.

character class in which any combination of items within the brackets will be a match. e.g., [xyz]+ will match any number of x’s, y’s, z’s, or any combination of these characters.

specifies not within a character class. e.g., [^xyz] will match any character that is neither x, y, nor z.

a dash (-) between two characters within a character class ([]) denotes the range of characters between them. e.g., [a-zA-Z] matches all lowercase and uppercase letters from a to z.

specifies an exact number, n, of the preceding character. e.g., x{3} matches exactly three x’s.

specifies n or more of the preceding character. e.g., x{3,} matches three or more x’s.

specifies a range of numbers, between n and m, of the preceding character. e.g., x{3,7} matches three, four, five, six, or seven x’s.

used to group characters together, thereby considering them as a single unit. e.g., (perishable)?press will match press, with or without the perishable prefix.

denotes the beginning of a regex (regex = regular expression) test string. i.e., begin argument with the proceeding character.

denotes the end of a regex (regex = regular expression) test string. i.e., end argument with the previous character.

declares as optional the preceding character. e.g., monzas? will match monza or monzas, while mon(za)? will match either mon or monza. i.e., x? matches zero or one of x.

declares negation. e.g., “!string” matches everything except “string”.

a dot (or period) indicates any single arbitrary character.

instructs “not to” rewrite the URL, as in “…* – [F]”.

matches one or more of the preceding character. e.g., G+ matches one or more G’s, while “+” will match one or more characters of any kind.

matches zero or more of the preceding character. e.g., use “.*” as a wildcard.

declares a logical “or” operator. for example, (x|y) matches x or y.

escapes special characters ( ^ $ ! . * | ). e.g., use “\.” to indicate/escape a literal dot.

indicates a literal dot (escaped).

zero or more slashes.

zero or more arbitrary characters.

defines an empty string.

the standard pattern for matching everything.

defines one character that is neither a slash nor a dot.

defines any number of characters which contains neither slash nor dot.

this is a literal statement — in this case, the literal character string, “http://”.

defines a string that begins with the term “domain”, which then may be proceeded by any number of any characters.

defines the exact string “”.

tests if string is an existing directory

tests if string is an existing file

tests if file in test string has a non-zero value

Olderposts Newerposts

Copyright © 2015 Alvin Poh

Web Hosting by VodienUp ↑