lunes, 31 de marzo de 2008

Lsof

lsof is the Linux/Unix über-tool. I use it most for getting network connection related information from a system, but that's just the beginning for this amazing and little-known application. The tool is aptly called lsof because it "lists open files". And remember, in Unix just about everything (including a network socket) is a file.

(more...)

domingo, 30 de marzo de 2008

Translate the language on your site using google API

I got an email this morning from CodeProject with a link to the Google api for language translation. I taught it was interesting so i decided to start exploring it and created 3 demos/examples here:

1. Translate language on page load
2. Translate language as you type
3. Translate to a specific language

(more...)

Linux backup software. The old standby and the scrappy new kid.

Backing up Linux isn’t any different then backing up any of it closed source counterparts. The options range from simply writing a script to copy your most critical files to a CD to making a complete copy of the system with an imaging program such as ghost. These options are great if you are backing up an end user system, such as your laptop but, don’t really meet the requirements of a sound backup strategy when a production server is the concern.

To answer that question I thought I’d compare and contrast the two open source Linux backup software options I use day to day. Amanda and Bacula.

Adding Inline Edit To AJAX Add & Remove MySQL Table Entries

Ok. So I am going to show you quickly how to add inline editing to my previous tutorial on using jQuery to remove & add entries to a MySQL Table with AJAX. Inline editing is quite simply being able to edit the information on-the-fly. While this sounds easy, unlike the adding & removing it is actually quite hard and requires a rewrite of some of the code already written in the last tutorial.

(more...)

Login and Authentication with Zend Framework

I've fielded a number of questions from people wanting to know how to handle authentication and identity persistence in Zend Framework. The typical issue is that they're unsure how to combine:

* An authentication adapter
* A login form
* A controller for login/logout actions
* Checking for an authenticated user in subsequent requests

It's not terribly difficult, but it does require knowing how the various pieces of the MVC fit together, and how to use Zend_Auth. Let's take a look.

Five more PHP design patterns

PHP V5's object-oriented features give you the ability to implement design patterns to improve your code's design. When you improve your code's design in this way, it becomes more readable, more maintainable, and more robust to absorb changes.

(more...)

Back Up and Restore Your MySQL Database

Do you need to change your web host or switch your database server? This is probably the only time when you really think of backing up your MySQL data. If you’ve got a website with a database or your custom database running for your applications, it is imperative that you make regular backups of the database. In this article, I will outline two easy ways of backing up and restoring databases in MySQL.

8 Fantastic jQuery Tutorials for Designers

http://tutorialblog.org/8-fantastic-jquery-tutorials-for-designers/

Protect Your Privacy When Downloading

When you're downloading copyrighted material, sometimes disingenuous organizations will join in the download and log your information, like your home IP address. Once they have your address, they can find out who your ISP is and contact them to complain about copyright-infringing activity.

There are a few methods you can employ to protect yourself from this sort of tracking when you're sharing files with BitTorrent, thus setting up a layer of protection between you and those who might track you and report you. Below I'll cover a couple: PeerGuardian2 and proxies—particularly a new proxy service called BTGuard.

Download messages from other Email Accounts

You guys can download messages from other Email Accounts using Gmail's Mail Fetcher (It has got restrictions up to only five other Email Accounts). Setting up Mail Fetcher is Easy as well as free to use, but for this to happen your email accounts must support POP.

Searching With Php And Mysql Beyond Like

Ever wanted to add a search feature to your php & MySQL driven web site? Then your in luck this tutorial shows you how!

viernes, 28 de marzo de 2008

Perform trackbacks with PHP

Trackbacks play an important role in allowing blog readers to find and follow links to useful related content. The PEAR Services_Trackback package lets developers manually generate these trackbacks through a well-defined PHP API that takes care of creating trackback requests and parsing XML responses.

(more...)

Rounded Corners Using CSS

Rounded corners add a nice little design to any page – using rounded corners can be image heavy; So, this post I am going to show you how to make rounded corners using only CSS!

(more...)

Rounded Corners Using CSS

Rounded corners add a nice little design to any page – using rounded corners can be image heavy; So, this post I am going to show you how to make rounded corners using only CSS!

Save PHP POST Data as XML

One of my main goals when creating PHP web forms is to keep them secure and protected from spammers and automated bots. With the amount of spam that Akismet catches every day, I don't need to be reminded of the importance of securing forms. Since 90+% of my forms are POST transmissions, I've taken a lot of time to develop POST debugging and listening code.

One function I use to keep track of POST submissions is my custom print_r_xml() function. The function takes a given array (in my case, $_POST), cycles through each key, and places each key=>value into XML format. From there, I can save the XML to a file or place the XML into a database.

The function can be used on any array ($_SESSION and $_GET would be good options too!).

(more...)

Working with PHP 5 in Mac OS X 10.5 (Leopard)

Mac OS X is a great development platform for working with PHP. Leopard comes with Apache, PHP and many other development tools, such as subversion already installed. Leopard brings a much needed upgrade from Tiger's tired PHP 4 to a very modern version of PHP 5.2.4. This is a guide for setting up a PHP development environment under 10.5 using the version of PHP that ships with leopard.

jueves, 27 de marzo de 2008

Deleting & Adding Records With Ajax Using jQuery

I am going to share with you something I started looking at a few month ago for one of my projects, but never continued with it due to deciding to scrap the project. However I have seen a lot of people asking for tutorials on how to do it and thought I would share with you exactly how to do it.

SpamAssassin Installed in 10 minutes.

The easiest way to install third parties software on FreeBSD is to install the from the ports. This can't be easier, become root, go to the directory of the software you want to install and type make install. That's all! Your software is installed. The Makefile take care of everything. From fetching the source, and the patches, to the installation into the right place. Then you are ready to use your new installed software.

(more...)

miércoles, 26 de marzo de 2008

Login system

This is another PHP component ready to use and reuse in your project which implements a "ready to use" login system with PHP.

martes, 25 de marzo de 2008

PHP components: Autosuggest

After several requests I published this simple "PHP component", ready to use, to implement a search form with an autosuggest feature using PHP and MySQL. For all ajax beginners this is the most simple way to implement it (just with 8Kb) and the only thing you have to do is modify some parameters. Take a look at this post for all related infos.

Turn Your PC into a DVD Ripping Monster

All you need is a PC with a DVD drive and a hard drive with some extra space. If you're working on a computer with limited space, that doesn't rule you out.

(more...)

Manage Your Laptop Power Consumption

Powertop works like top for power consumption, with details about which application using the most amount of power, or in case of a laptop it’s battery power. By closing those application you can immediately prolong battery life. It’s also tells you the estimated time left for battery power on your laptop.

(more...)

5 useful url rewriting examples using .htaccess

In this post, I’ve given five useful examples of URL rewriting using .htacess.

Simple Smarty Pagination

This tutorial you will be able to pagination results (database & non database driven results) and intergrate it easily with the smarty template engine.

Hide DNS server (BIND) version from others

DNS server is one of the most targeted application for attack, It’s always a good idea to hide your DNS server version information so that BAD guys cannot view the version and start the attack to this specific version of your DNS server (Bind).

(more...)

PC-BSD 1.5 - Becoming More Usable!

As I look at the new PC-BSD 1.5 (Edison), I cannot help but flashing back to the days when Linux desktop was not that mature as it is today. The PC-BSD project commenced 3 years ago with user-friendliness in mind. Since then, efforts have been put into making PC-BSD desktop operating system as usable as possible for casual desktop PC users. The challenge was pioneered by Kris Moore, the lead developer, and a few volunteers in bringing the open-sourced and BSD-licensed Unix-like FreeBSD (famed for being a very secure and stable server operating system) to the desktop of normal or casual PC users. Interestingly, this project was acquired by iXsystem, a leading provider of high-end hardware solution in October 2006. Having tried PC-BSD 1.4.1and having been a fan of the BSD daemon, I decided to review PC-BSD 1.5. So, I downloaded the 32-Bit version of PC-BSD 1.5 which is powered by the FreeBSD 6.3 Release and GPLed KDE 3.5.8, X.Org 7.3, Compiz 0.6.2, etc. It was officially released on 12th of March 2008.

Unix Cheat Sheet

This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users. This is a practical guide with concise explanations, however the reader is supposed to know what s/he is doing.

10 tools for Modern PHP Development

A simple list of tools for modern PHP development. There are alternatives to most of the tools, but I’ll list native PHP tools wherever possible.

Run Linux Apps Natively On Windows, OSX

Linux has always been the operating system of the geeks and nerds. For some reason Linux has never been able to capture the market like Windows and OS X have managed to do. The main reason for this has been the so called unfriendliness of the Linux OS. But things are changing now with distros like Ubuntu etc..

lunes, 24 de marzo de 2008

Testing firewall rules

Sometimes it is handy to check firewall rules without coordinating a test with the end user. For these tests, use the hping2 utility to "spoof" traffic coming from the source IP address(es) used in the firewall rules.

(more...)

GNOME 2.22.0 for FreeBSD

The GNOME 2.22.0 desktop environment is now available for FreeBSD.

PHP logging class

"Hi guys, I've decided to give out a PHP class I created to easily log anything we want in our websites."

domingo, 23 de marzo de 2008

Using two monitors with X.org

I recently started building up a new box which will eventully become both a workstation and a jail server. This computer has two monitors attached and it runs pretty good.

jueves, 20 de marzo de 2008

Set Up Gateway Level Virus Security With ClamAV And SafeSquid Proxy

In this HowTo, I will explain how you can secure your network from virus and other malware, by installing ClamAV and integrating it with SafeSquid, to scan all in-coming content for virus, and block all infected content at the HTTP Gateway, even before it enters your network.

10 CSS Form Examples

Forms can be greatly enhanced with a touch of CSS, making them more usable and far more visually attractive. Follow some of the examples below and you'll be creating stunning CSS forms in no time at all.

Simple AJAX with JQuery

By the end of this article, you will hopefully understand how to add data, submitted via a form, into a MySQL database without reloading the entire page (the asynchronous part) and show a message saying so.

Getting Started with Zend Framework 1.5

This tutorial is intended to give a very basic introduction to using the Zend Framework to write a simple database driven application.

Monitoring Multiple Systems With munin

In this article I will describe how you can monitor multiple systems with munin. munin produces nifty little graphics about nearly every aspect of your server (load average, memory usage, CPU usage, MySQL throughput, eth0 traffic, etc.) without much configuration. I will install the munin client on all systems that are to be monitored (including the munin server itself); the munin clients will then report to the munin server.

The NetBSD project celebrates its fifteenth anniversary

This week marks the fifteenth anniversary of the beginning of development of the NetBSD Operating System, one of the oldest actively maintained, freely-available operating systems.

(more...)

Using Zend Studio for PHP Programming

Desktop application developers — using Java, C++, or any similar language — are accustomed to being able to choose from a number of powerful integrated development environments (IDEs), each of which typically brings together the functionality of a programmer's editor, a source-level debugger, source code management, a built-in FTP client, and more. As with any robust tool, these IDEs can take some getting used to, and a fair amount of time to thoroughly learn all of their features. But for most programmers, it is time and effort well invested, because it pays dividends in the form of faster development of more solid code.

(more...)

OpenOffice.org 3.0's new features, an early look

OpenOffice.org 3.0 is 167 days away, but who's counting? Maybe the software developers are counting because they have a whopping 2,278 issues targeted for this release. Even though OpenOffice.org 2.4 is not yet out the door, let's see how far they've come with OpenOffice.org 3.0...

The Perfect Desktop - PC-BSD 1.5

This document describes how to set up PC-BSD v1.5. This release is based upon FreeBSD 6.3 and uses KDE 3.5.8 as default desktop environment. Taken from the PC-BSD page: PC-BSD is a complete desktop operating system, which has been designed with the "casual" computer user in mind. It offers the stability and security that only a BSD-based operating system can bring, while as the same time providing a comfortable user experience, allowing you to get the most out of your computing time. With PC-BSD you can spend less time working to fix viruses or spyware and instead have the computer work for you.

Is That Email Attachment Clean or Infected with some Virus ?

Say you have received a suspicious looking file as an email attachment that may or may not be infected with a virus.

If that email is from some unknown source, you are very likely to delete it immediately but what do you do if that file attachment has come from a friend or a trusted colleague ?

Simple, use email. Here’s what you can do to make sure that the attached file is safe and won’t harm your computer.

Video: Man-in-the-Middle Attack on MySpace with Cain

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

(more...)

MirOS BSD 10 Released

The MirOS Project proudly presents release #10 of MirOS BSD: MirOS ξ (xi). A mini-ISO for the installation can be downloaded from mirbsd.org. This image can be burned to a CD and used for installing over the network. The full CD image can be downloaded via BitTorrent.

FreeBSD 7.0 review

Here we are at the moment of truth for the FreeBSD operating system -- the 7.0 release. This is what FreeBSD users and developers have been waiting for ever since the dark days of the 5.X series when the promises of superior performance, threading, and stability fell flat. Though each release in the FreeBSD 6.X series improved markedly in quality and performance, 7.0 has been widely anticipated as the release that FreeBSD fans can have confidence in. I wish I could say that FreeBSD 7.0 lived up to the hype.

(more...)

ZFS Best Practices Guide

solarisinternals.com

Google Code University

This website provides tutorials and sample course content so CS students and educators can learn more about current computing technologies and paradigms. In particular, this content is Creative Commons licensed which makes it easy for CS educators to use in their own classes.

The Courses section contains tutorials, lecture slides, and problem sets for a variety of topic areas:

* AJAX Programming
* Distributed Systems
* Web Security
* Languages

(more...)

Clonezilla

You're probably familiar with the popular proprietary commercial package Norton Ghost®, and its OpenSource counterpart, Partition Image. The problem with these software packages is that it takes a lot of time to massively clone systems to many computers. You've probably also heard of Symantec's solution to this problem, Symantec Ghost Corporate Edition® with multicasting. Well, now there is an OpenSource clone system (OCS) solution called Clonezilla with unicasting and multicasting!

miércoles, 19 de marzo de 2008

Using Screen for Session Management in your terminal

Screen is a session management utility for the unix/linux terminal. It serves multiple functions. Say you’re on a linux box and not running X Windows but you have the need to run multiple applications at once, without a window manager like we’re accustomed to in a GUI environment this can be troublesome, enter Screen. Screen allows you to run multiple instances of your terminal and switch back and forth between those instances with a stroke of the keyboard.

But Screen also serves another function. Have you ever been working remotely via an SSH session while in the middle of a running an app or working on a file and all of a sudden the connection simply drops? Again, Screen is here to save the day.

(more...)

The Best Linux Security Tools

You can never be too safe these days. Viruses, spyware, rootkits, remote exploits, you just never know what security issue is going to be your downfall. That’s why it is important as a Linux administrator to have an understanding of some of the best Linux security tools available to you. In this article, you will learn about ten of the best Linux security tools, and resources on how to use them to your advantage.

Mount remote folders via SSH

This document describes how to install and use sshfs, a FUSE based filesystem that uses SSH to mount remote folders. Since it is based on FUSE (userspace filesystem framework for Linux) your kernel will need to have the fuse module available. FUSE is included in kernel newer than 2.6.14, so I will assume that you will have it already included in your kernel.

List of Ajax form Validators

First off I’d Like to say Happy St. Patrick’s Day!!! Inputing correct data into any web application or website is very important. There is two different ways to validate forms by either Server-side or Client-side. The list below is Client-Side Ajax Form Validator.

Linux Server Hardening

In this article I want to give you an overview about the various software available to harden a Linux server. The possibilities are almost endless and operate on different levels of the operating system.

(more...)

Ajax Forms With jQuery

There are so many different javascript frameworks out there, but I have recently started to use jQuery, and I love it. Not only is the library much smaller than others, but it is so simple to use. I wanted to show how easy it is to turn a regular form into a AJAX form.

Protect your Linux computer

Properly installed and maintained, Linux is a very secure operating system. However, it needs careful setup to achieve its potential and it is easy to overlook vulnerabilities. This article outlines a very high-level security checklist for Linux users.

First look at PC-BSD 1.5

I've followed the development of PC-BSD with enthusiasm since my first test drive three years ago of version 0.6. I was highly impressed with the developers' ability to provide a free BSD that was easy to install and even easier to use. Truthfully, I thought it was just amazing. I've tested various versions since, including 1.0 and 1.4, and was never severely disappointed. So, when 1.5 was released, I expected things to only be better. In many ways they were, but in the most significant way they weren't.

(more...)

Speed Up Linux

Overall, Linux is not known as a resource hog. The free operating system is a fairly lean machine out of the box -- some distributions moreso than others. Still, there are some tweaks you can make to any Linux installation to speed things up.

Most of the tips covered in this article involve using the command line and editing system files. Therefore, it goes without saying that you should be fairly comfortable with your command line skills before attempting any of these tweaks. However, if you're new to Linux, these system tweaks can serve as excellent feet-wetting exercises.

Secure PHP Programming

When a web site is cracked, it typically tends to be a simple common sense mistake by a program author who forgets what an attacker can do with his code. By keeping good, secure practices when programming, you should be able to produce solid code.

However, before I even get into the code part of this shin dig, one obvious fact should be stated that you should never give a public_html directory (or any other directory that you are using to host your files) nor any of its files ownership by any user with root privileges. This and any other techniques you can think of must be implemented in order to minimize the damage an attacker can do.

(more...)

Perfect pagination style using CSS

This tutorial explains how to design a pagination for search results or more in general to split a long list of records in more pages. It's a question I often receive, so I decided to publish a very simple post which explains how to design a perfect pagination style using some lines of HTML and CSS code.

martes, 18 de marzo de 2008

MonoDevelop 1.0 officially released

The official 1.0 release of MonoDevelop was announced late last week. The open source development environment includes a number of advanced features such as project management tools, a graphical user interface designer, a unit testing system, version control integration, and an add-in system that facilitates extensibility. MonoDevelop provides code completion, passive error notification, code navigation, and autoindent functionality for several programming languages, including C#, VB.NET, and C/C++.

(more...)

HEADSUP: DTrace support in current

This is an early headsup for DTrace support being committed to current. I plan to start committing stuff bit-by-bit starting a week from now, subject to review of the bits.

(more...)

Summer Programming Opportunities for Students (Summer of Code)

The FreeBSD Project is happy to again participate in Google's Summer of Code program. This program provides $4500 in funding to allow students to spend the summer writing open source software. If you or someone you know would be interested in this program, please visit our website at :

http://www.freebsd.org/projects/summerofcode.html

There you will find a large list of interesting projects in diverse areas of modern Unix operating system development. Some example tasks involve writing kernel/networking regression test suites, working on peripheral device driver infrastructure, improving multibyte character support, improving the IPv6 support in userland utilities, and much more.

(more...)

jueves, 13 de marzo de 2008

PC-BSD 1.5 - the FOSSwire review

When it comes to free software desktop solutions, Linux tends to get most of the coverage. Now Ubuntu, Fedora, OpenSUSE etc. are all well and good, but it’s all too easy to forget that there are other operating systems out there too that can do th e job.

BSD-based operating systems have been around for a very long time, but traditionally, the big BSD distros like FreeBSD focus on the server and high-end workstation scenarios.

PC-BSD is a desktop-oriented BSD distribution which ships with a full KDE desktop and many of the packages you might be already used to from desktop Linux.

I thought I would review the new 1.5 release of PC-BSD, so, let’s dive in!

PHP 5.3 - A Heavy Hitter in Training

This release may be the most significant update PHP has seen since PHP 5. This is because many of the features planned for the first release of PHP 6 are being backported to 5.3. Anyone that has been folowing the development of PHP is likely aware that 6.0 will represent its entrance into what I like to call its adulthood. This milestone will mark the end of support for deprecated non compliant code, and will fully embrace an OO coding style. It's not going to be the end-all be-all version of PHP, but it will no longer attempt to cling to its procedural roots.

Let's take a look at some of the goodies in store for us in PHP 5.3.

Understanding MVC in PHP

This article series (continued in Implementing MVC in PHP: The Controller, Implementing MVC in PHP: The View, and Implementing MVC in PHP: The Model) demonstrates how to build an MVC web framework using PHP 5. This article covers the basics of MVC web frameworks, building the foundation classes for a framework that the other three articles in this series will build.

miércoles, 12 de marzo de 2008

Migrating Web-Based PHP Applications to Ajax

This article describes a makeover of a typical database-backed web form. We'll show some old code – a mixture of HTML, JavaScript, and PHP – and rebuild it with modern web techniques like Ajax, and modern tools like jQuery. The benefits will include:

  • Separating dynamic content from static content.
  • Separating content, style, and processing.
  • Web client-server communication via function calls.
  • Partial page updates instead of flash-bang page reloads.
  • Faster development and more maintainable code.
  • Faster load times and improved caching.


(more...)

PC-BSD 1.5 now available!

The PC-BSD Team is pleased to announce the availability of PC-BSD version 1.5! This release includes many new features and fixes, including the following:

  • NEW System Updater tool - Keeps system & PBIs up to date - Allows override variables, so that admins can use their own mirrors / servers to roll out updates to users.
  • NEW sound detection program! Uses XML backend to identify and load modules
  • NEW amd64 build of 1.5, including PBIs that are on our auto-build server
  • NEW PBI icon preview library, now a PBI file shows the embedded icon on your desktop, not the generic "PBI" format icon
  • Xorg 7.3
  • KDE 3.5.8
  • FreeBSD 6.3 Release

(more...)

Write a well structured CSS file without becoming crazy

This is a descriptive post about how to write a well structured CSS file. I already spoken about code readability in CSS files, but after several most specific requests about this argument (mainly about the difficult of some readers to manage CSS file with a big quantity of layout elements), I decided to illustrate the process I use in these cases.

I experienced, proceeding without "order" or a clear vision about what you want to realize can be harmful and you risk to add, change, remove classes and properties, with the only result to have untidy code with a lot of unused elements on your final product.

Before you start writing directly CSS code, I suggest you to prepare a "draft" with all sections your site will have. Then follow these simple "rules" to optimize your work.

(more...)

lunes, 10 de marzo de 2008

How to design a sexy header for your site using CSS

Yesterday I received a lot of positive messages about the new template of my site. Expecially for the new header (in particular the green bar on top of the page). Some of my readers asked to me to dedicate a post about how to realize a similar "graphic composition", so I decided to publish a post with the "process" I use in general to design graphical sections for my web sites.

Acid 3 is out! IE 5.5 beats IE 7?

I am quite excited. The Acid 3 web standards-compliance test is now up, and there’s no browser in existence yet that fully succeeds at the test.

Let me explain what these results are telling us before I show them. The World Wide Web Consortium (W3C) develops standards for Internet applications. For example, XHTML, HTML, CSS, etc. Acid 3 basically takes a lot of W3C’s newer standards and tests to be sure that the browser supports the features it should and that it behaves as it should when using them. Acid 3 is a suite of 100 different tests to be sure that these standards are being met. So when I say that browser X gets a score of 55%, this means that browser X passed 55 of the 100 tests it was given.

Here are the results as they currently stand (tested myself)

domingo, 9 de marzo de 2008

Check your DNS records with dig

Have you ever wanted to query the Domain Name System (DNS) to discover what information it holds about your domain? Do you have some important changes to make to your DNS records and need a way to verify your changes? Here's how to check your DNS records with a tool called dig.

Hide .php extension with url rewriting using .htaccess

Last time I’ve written an article about hiding php file extension where I’ve showed you how you can use .html or .asp extension of file instead of .php extension. But there was one flaw in that technique you have had to change the file extension explicitly but in this post I’m going to show you how to rewrite the URL instead of renaming the file extension Using this technique you will see product.html in the address bar of the browser but the actual file name remains product.php and you don’t need to rename the file extension. Furthermore you can rewrite the URL like product.php?id=5 to product-5.html.

"When a search engine visits the dynamic url like product.php?id=5 it does not give much importance to that URL as search engine sees “?” sign treat it as a url which keeps on changing. so we’re converting the dynamic URL like the product.php?id=5 to static url format like product-5.html. We’ll rewrite the url in such a way that in browser’s address bar it will display as a product-5.html but it actually calls the file product.php?id=5. So that why these kind of URL also named as SEO friendly URL."

(more...)

How They Hack Your Website: Overview of Common Techniques

We hear the same terms bandied about whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really as inaccessible as many of us imagine; a nefarious, impossibly technical twilight world forever beyond our ken?

Not really.

When you consider that you can go to Google right now and enter a search string which will return you thousands of usernames and passwords to websites, you realize that this dark science is really no mystery at all. You’ll react similarly when you see just how simple a concept SQL Injection is, and how it can be automated with simple tools. Read on, to learn the basics of how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you.

Creating a CAPTCHA image with security code to validate forms

In this tutorial you will learn to create a security code image generator, or a CAPTCHA image, that is so helpfull against spammers.

sábado, 8 de marzo de 2008

Writing Silverlight applications in PHP

"In my last post about Phalanger I mentioned that our important goal is to support the Silverlight (2.0) platform. Shortly Silverlight is a cross-browser platform that can be used for developing client-side components that run in the web browser and contain rich media, graphics and can interactively communicate with the user. The language that can be used for writing Silverlight code can be in general any .NET language, so our goal is to allow using PHP by making Phalanger compatible with Silverlight."

(more...)

Monitoring a slow system

When your UNIX® system runs slow, it is vital that you discover what the problem is as quickly as possible so you can get your system back into the normal operating mode. There are many causes for a slow system, but actually identifying the problem can be exceedingly difficult. In this article, study examples of how to identify and diagnose the cause of your slow running UNIX system to get your machine running properly again.

Automatically backup your mysql databases daily

This script will not only backup all the databases on your server once a day, but it will also optimize/repair them -- and to keep things clean, it gzips the backups and automatically deletes any backups that are more than 3 days old. You must have the root mysql password in order to use this particular script, though.

viernes, 7 de marzo de 2008

Create Your Own Cross-Platform Backup Server

Backing up your data on a regular basis is important, and turning a spare computer into a backup server is often the best way to make sure it gets done. But most methods require either a good deal of command-line learning or serve only one operating system. Not with Restore, a free, open-source backup system that can install or run from a live CD, work with any OS, and operate through a simple browser-based interface. Today I'll demonstrate backing up a Windows laptop to an older desktop, but you'll see how Restore can be easily molded to fit just about any home backup needs.

(more...)

Lighttpd Webserver setup with php5 and Mysql support

Security, speed, compliance, and flexibility — all of these describe lighttpd (pron. lighty) which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments. With a small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, SCGI, Auth, Output-Compression, URL-Rewriting and many more) lighttpd is the perfect solution for every server that is suffering load problems. And best of all it’s Open Source licensed under the revised BSD license.

(more....)

Filtering input variables

Hundreds if not thousands of vulnerabilities have been discovered in php based application because of the lack of filtering of input data. You can never trust a user, and verify what you are receiving.

The lack of securing input data can lead to sql injections, php injections, path disclosures, and more vulnerabilities. Some of these can be a serious risk not only for your website or a database but also to the whole server where your site is hosted. For example using mysql injection and path disclosure it’s possible to read and even write files (of course it depends on the server configuration.).

(more...)

Installing Backtrack Linux to a USB Thumb Drive

A few months back, when I was doing to series on my Capstone class for school, I wrote about installing Backtrack Linux to your hard drive. For those not in the know, or for those that didn't read my article, Backtrack Linux is a Linux distro based off Slackware Linux, and is designed for pentesting, and hacking. It normally comes as a live CD, and is pre-packaged with all sorts of hacking tools and scanners.

(more...)

PC-BSD 1.5 RC1 is out!

ftp://ftp.pcbsd.org/pub/1.5rc1/

.NET runs on Linux, Mac OSX and FreeBSD ?

Everybody knows about Mono, the .net for Linux. This is not about Mono.

This is about DotGnu. Recently I've find very interesting project. And decided to write about it.

Choose the DVD ripper that's right for you

Linux is sometimes belittled for having inferior applications, but that's simply not the case. Take DVD rippers, for example -- a plethora of them work on Linux machines. With so many to choose from, which is the best?

FreeBSD 7.0 Bests Linux In SMP Performance

"After major improvements in SMP support in FreeBSD 7.0, benchmarks show it performing 15% better than the latest Linux kernels on 8 CPUs under PostgreSQL and MySQL. While a couple of benchmarks are not conclusive evidence, it can be assumed that FreeBSD will once again be a serious performance contender."

(more...)

Review of FreeBSD 7

The next major update of FreeBSD 7, due this December, is in the running to be one of the most impressive FreeBSD releases to date. The ULE scheduler has now reached maturity, leading to significant gains across the board (particularly in server workloads). This new scheduler brings notably impressive performance improvements to both MySQL and PostgreSQL.

In the first section of this article, I’m going to take a look at what’s new. In the second section, I will discuss what the future holds for FreeBSD beyond the upcoming FreeBSD 7.0 release, including screen shots of the revamped FreeBSD installer "finstall".

(more...)

Acid3 Test Released

The Web Standards Project has announced the release of Acid3, the latest test designed to expose flaws in the implementation of mature Web standards in browsers.

(more...)

jueves, 6 de marzo de 2008

Cross-Domain AJAX calls using PHP

AJAX has become the core component of many web applications around us. And its fairly easy to handle AJAX now a days, with the help of various javascript libraries (ex: jQuery, Prototype, Mootools, YUI, etc). But there is one security issue that web browsers impose in doing AJAX calls - they don’t let you do AJAX calls in web servers different than yours. That means, if your script is in www.mydomain.com and you’re trying to do AJAX call to www.anotherdomain.com/get.php, then the browser will through error like: “Error: uncaught exception: Permission denied to call method XMLHttpRequest.open”.

Now, there are a number of solutions to this problem. Instead of explaining them all to you, lemme provide you the simplest one: using a PHP transport file.

Google releases Contact API

Shortly after releasing a tool for synchronizing Google Calendar with Outlook yesterday, Google released another key in the synchronization puzzle: an API for accessing Google contacts.

Get Notified of New Gmail in Multiple Accounts with GmailAssistant

Free, open source application GmailAssistant monitors multiple Gmail accounts and alerts you of new mail.

(more...)

miércoles, 5 de marzo de 2008

phpMyBackupPro: No simpler backup for MySQL

Backing up data stored in a MySQL database is an important issue for anyone running a blog, wiki, or any Web-based application that relies on the popular database engine. Many MySQL management solutions allow you to export database data as an SQL query, but if you are looking for a dedicated MySQL backup tool, phpMyBackupPro (pMBP) is your best bet.

martes, 4 de marzo de 2008

Fundamentals of ASP.Net vs. PHP

Both programming languages PHP and ASP are used to develop dynamic database oriented websites. Active Server Pages (ASP) is normally from Microsoft and is used only with Internet Information Server (I.I.S.) that runs on Microsoft Servers also. But on the other hand you can say PHP is platform independent programming languages and can connect with several kinds of databases.

There are a lot
of differences between ASP and PHP.

The best Linux system repair disk graduates to 1.0

If you need to repair PCs, even if you don't use Linux as a rule, you should have a Linux repair CD. These self-booting Linux distributions give you all the software tools you need to bring all but the deadest computers back to life. The best of these distributions is, hands-down, SystemRescueCd.

I've been using SystemRescueCd for years, and it has saved my rump many times. With every new version, SystemRescueCd has continued to get better.

(more....)

PHP Namespaces Is Not Years Away, Now In PHP 5.3

"All we have to do is wait until PHP 5.3 is stable and released. Since 5.3 is just a minor revision number most hosting providers would be more willing to update than if it was PHP 6. Therefore, namespaces support will take less time to be globally supported. This is very exciting news."

(more...)

Configuring SSL Under Apache

With a secure web server, clients can connect to your server secure in the knowledge both that it is who it claims to be and that the transaction is well-encrypted so their data is safe. The best way of doing this is with Apache 2, the leading Linux web server software, and Secure Sockets Layer, a secure communication protocol. Transport Layer Security (TLS) is the successor to SSL, but they work in basically the same way. I'll refer from here on just to SSL.

(more...)

Creating a Gmail-Like Ajax Status Display

Most of us geeks know and love Gmail. It has a very nice interface and it is an inspiration to constantly improve our own web applications. Today, I set out to create an unobtrusive Gmail like page status message, much like the one shown in the screen shot:



(more...)

lunes, 3 de marzo de 2008

List of Useful jQuery Plugins

I viewed each of the jQuery plugins in the jQuery plugins repository. I couldn't believe how many there were! So I decided to make this master list to weed out any plugins that were either broken or I didn't find any practical application for. You will notice I added, "EXCELLENT" to the plugins that I thought were exceptional.

(more....)

Live Linux Wireless and Security Distributions

Listed are some of the more Wireless and Penetration Testing specific Linux distros available.

Example of Linux Process Creation

In this example, we use the ls command to list a file. Because the ls program is the child of its local shell, we need to trace the shell from which the ll (ls -al alias) command is executed. Two shell windows are required to perform this test.

Process Accounting HowTo

Process Accounting is used for

1. Keeps track of user processes.
2. Originally intended as a way to keep track of resources in order to bill departments/users for their usage.
3. Packages

(more...)

First look at FreeBSD 7.0

I remember well the first time I attempted to set up FreeBSD 4.x as a desktop system. After configuring the X window and launching KDE, I was greeted with something that only a computing masochist could find enjoyable - no mouse or sound, unsightly jagged fonts, lack of a graphical package manager and other configuration tools... It took hours of searching and following "geeky" documentation before I was able to load the correct kernel modules for the USB mouse, install prettier fonts and set up anti-aliasing - all by editing obscure configuration files in Vim. Needless to say, the first impressions weren't good. Despite an obviously elegant system with a large number of packages available for installation, the tedium of setting it up as a desktop system was discouraging, to say the least.

So when FreeBSD 7.0 was finally released last week, I decided to make a new attempt at installing and configuring FreeBSD for the desktop. Have things improved? Would I be able to tweak the FreeBSD of today into a desktop system without wasting hours of searching and command line configuring? These were the questions going through my mind while booting the installation CD on my test box - an older Pentium 4 1.4 GHz machine with 384 MB of RAM, two 120 GB hard disks, an NVIDIA GForce4 graphics card, a generic LCD monitor with a maximum resolution of 1280x1024 pixels, integrated sound and network chips that are recognised by most Linux distributions, a USB mouse, a DVD burner... all pretty standard if somewhat outdated hardware.

(more...)

domingo, 2 de marzo de 2008

Creating Your Own FreeBSD 7.0 DVD

If you're in the FreeBSD world, you've probably already downloaded or csup'd FreeBSD 7.0 or are in the process of doing so now. As yes, after what seemed like waiting forever, the announcement of 7.0 went out last night.

I spent this morning making a DVD ISO of FreeBSD 7.0 to be included in the upcoming BSD magazine. Creating a DVD is easy and my instructions follow.

Linux: An Open Letter To NVIDIA

We the GNU/Linux community and the undersigned, kindly request that you, NVIDIA Corporation, increase your efforts in better enabling the open-source community to develop free software drivers for your graphics hardware. Your major competitors in this market, AMD/ATI and Intel, have not only supported the community in open-source driver development efforts but they are now openly releasing hardware programming documentation.

(more...)

Virtual Hosting Howto With Virtualmin On CentOS 5.1

This tutorial shows how to set up a CentOS 5.x server to offer all services needed by virtual web hosters. These include web hosting, smtp server with (SMTP-AUTH and TLS, SPF, DKIM, Domainkeys), DNS, FTP, MySQL, POP3/IMAP, Firewall, Webalizer for stats.

HowTo Use GPG

linuxpoison tips.

Beginner's Guide to Python

New to programming? Python is free, and easy to learn if you know where to start!
This guide will help you to get started quickly.

Google language tools API ( PHP 5 class )

This PHP 5 class API is developed on the base of a tool that I wrote some years ago.
Simply works querying Google translation / language tools with the text and language pair choosen.

"I find it useful because of Google haven’t released yet an API for its translation tools."

(more...)

Sending Emails with the Zend Framework

Many PHP applications require the ability to send emails nowadays from simple plain-text emails confirming a registration to advanced HTML newsletters.

PHP allows us to send emails using the mail() function but this can quickly get complex when you begin to add HTML, attachments and different character encoding.

Luckily for us developers, the Zend_Mail component from the Zend Framework greatly simplifies the process by providing easy-to-use methods for creating and sending emails.

This article will walk you through creating and sending plain-text and HTML emails, adding attachments, multiple recipients and much more.

Gmail Hacks, Tips & Tricks

You already know that Gmail beats all other email providers with its endless customization capabilities, Google product integration and fantastic spam filter. Take it to the next level with these Gmail power user tips and Greasemonkey extensions for Firefox. We haven’t forgotten the Mac users, either.

(more...)

Faster Performance, Fewer Machines For FreeBSD?

In the newly released FreeBSD 7.0, speed is a key improvement with gains of up to 1,500 percent at high load utilization over its predecessors in the FreeBSD 6.x branch.

While performance improvements are a key aspect of FreeBSD, it's not necessarily the most important new item in the free open source operating system...

sábado, 1 de marzo de 2008

Drawing with PHP: array to graph

Ever wanted to make something like this with PHP ?



Well, today I will show and explain the script that generated this beautiful graphic.

jQuery Tutorials for Designers

This article contains 10 visual tutorials intended for web designers and newbies on how to apply Javascript effects with jQuery. In case you don’t know about jQuery, it is a "write less, do more" Javascript library. It has many Ajax and Javascript features that allow you to enhance user experience and semantic coding.

How to clear the cache from memory

Linux has a supposable good memory management feature that will use up any "extra" RAM you have to cache stuff. This section of the memory being used is SUPPOSED to be freely available to be taken over by any other process that actually needs it, but unfortunately my linux (two distros now, mandriva i586, and mandriva x86_64) thinks that cache memory is too important to move over for anything else that actually needs it...