viernes, 29 de febrero de 2008

Learn the Basics of Installing From Source in Linux

Few things can be as frustrating to non-expert Linux users as seeing the phrase "... or compile from source packages" on the download page of that killer app to try out (and we know that's often the case for you patient non-Ubuntu users out there). If you're looking for a nuts-and-bolts guide to installing software from those strange-looking Whatever.tar.gz files, Tuxfiles.org has a pretty good one.

PHP 5 Tutorial - Final Class and Methods

In this PHP tutorial we will understand the following:

  • Meaning of Final Class
  • Meaning of Final Method
  • When to declare a class as final
  • When to declare a method as final

Ajax Fast and Easy - Part one, two and three

The purpose of this post is to try to explain AJAX the way I understand it. To me, AJAX is not some complicated technology that you need to go out and buy books to learn. Rather, it is simply two or more web pages, and a couple of simple Javascript functions. I have come to hate the term AJAX. It seems every time I mention AJAX, either developers get nervous, or account managers get excited. Neither situation benefits me. Actually, I’ve pretty much stopped using the term at all. Depending on my audience, I’ll make up different terms. Like when I’m talking to Java developers, I’ll say “we need to do a back end call” and that doesn’t freak them out, but telling them we need to do an AJAX call makes them sweat.

Hopefully, if enough people read posts like this, the mystery and glamor will be removed from the term AJAX. So, lets get to the de-mystification.

Practical (and impractical) PHP Optimizations

I've been seeing a lot of articles popping up lately about PHP Optimizations, particularly within the code (rather than the configuration, server, caching, etc) that I have some nitpicks with.

My position remains the same: Unless your code is running incredibly slow, you've found every single bug you can possibly find without having nightmares about unit tests, or an optimization that makes more than a 10% improvement in speed (factoring in your margin of error,) don't bother. That said, let's down to brass tacks.

Each test is run 1000 times and the execution time is averaged over two different ways of achieving the same results. Execution times are rounded to millionths of a second, and taken using microtime. The server is running Ubuntu 7.10 server with PHP 5.2.3-1 and Apache 2, and will not have anything else open to keep the margin of error as low as possible. To be on the safe side, my margin of error (between doing this for years, and my guesstimate after running countless hours of benchmarks) is about 15% +/-.

(more...)

AJAX file upload tutorial

In this tutorial I will show you how to create simple AJAX file upload system using PHP and JavaScript.

Five basic Ajax tutorials

This post is a collection of five basic and most required Ajax tutorials with PHP. It inlcudes login, insert record into a database table, search engine, autosuggest and Edit in Place.

Prevent Contact Form Spam Email Header Injection

A common technique employed by spammers to send large quantities of email is through the use of unsecured web forms like contact forms. The vulnerability they exploit is a form of Header Injection. There are several basic steps you can take to secure your web forms and prevent spam from originating from your website.

(more...)

HTML Filtering To Secure Websites With HTML Purifier

Secure input and data handling is hard when it comes to HTML because of many different types of malicious code (XSS).

HTML Purifier is a well documented, standards-compliant HTML filter library written in PHP. It simply:

  • Removes all malicious code (better known as XSS) with an audited, secure yet permissive whitelist.

  • Makes sure your documents are standards compliant.

(more...)

How To Automatically Scan Uploaded Files For Viruses With php-clamavlib

This guide describes how you can automatically scan files uploaded by users through a web form on your server using PHP and ClamAV. That way you can make sure that your upload form will not be abused to distribute malware.

jueves, 28 de febrero de 2008

Debugging PHP code using debug_backtrace

Most of the PHP developers debug php code in their local machine just by trial and error using “print_r”,”var_dump” and “echo”. They dont write unit tests or follow any advanced debugger like xdebug. But the problem of using these methods is you cannot fool proof your code and their might be some bugs still present in your code. Lets see how can we debug our code more effectively getting more information from the php interpreter itself. There is a nice function called debug_backtrace() is available in PHP to trace the root of an error. As the name implies, you can trace the execution of you code which produces the error.

FreeBSD 7.0-RELEASE Available

The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 7.0-RELEASE. This is the first release from the 7-STABLE branch which introduces many new features along with many improvements to functionality present in the earlier branches.

(more...)

miércoles, 27 de febrero de 2008

jQuery Cycle Plugin

The jQuery Cycle Plugin is a lightweight slideshow plugin. Its implementation is based on the InnerFade Plugin by Torsten Baldes, the Slideshow Plugin by Matt Oakes, and the jqShuffle Plugin by Benjamin Sterling. It supports pause-on-hover, auto-stop, auto-fit, before/after callbacks, click triggers and many transition effects. It also supports, but does not require, the Metadata Plugin and the Easing Plugin.

(more...)

FPDF

FPDF is a PHP class which allows to generate PDF files with pure PHP, that is to say without using the PDFlib library. F from FPDF stands for Free: you may use it for any kind of usage and modify it to suit your needs.

FPDF has other advantages:  high level functions. Here is a list of its main features:

  • Choice of measure unit, page format and margins
  • Page header and footer management
  • Automatic page break
  • Automatic line break and text justification
  • Image support (JPEG and PNG)
  • Colors
  • Links
  • TrueType, Type1 and encoding support
  • Page compression

(more...)

DragonFly BSD 1.12 available

DragonFly BSD developer Matthew Dillon has announced the release of DragonFly BSD 1.12, a BSD operating system originally forked from FreeBSD 4 in order to develop a radically different approach to concurrency, SMP, and most other kernel sub-systems.

(more...)

martes, 26 de febrero de 2008

Using JQuery to Add Drag and Drop Support

Drag and drop support in a web application always get some attention. I used drag and drop support in one of my applications and I have to admit that it involved a lot of JavaScript code. You can check out the article "Browser Compatible Drag and Drop Shopping Cart".

Today I had to create the same drag and drop approach so I decided to check out the drag and drop API's of the JQuery library. I have to admit that JQuery is one of the best JavaScript library that exists today. I can go on and on with the praise but let's take a look at the animation of the sample application.

PHP: Best practices

This guide will give you solutions to common PHP design problems. It also provides a sketch of an application layout that I developed during the implementation of some projects.

Creating Your First Website in Django

Learn the steps of creating a functional website called iFriends. Although this website will be basic, it will be the basis for future hours to build on as you are guided through the various aspects of the Django framework.

(more...)

Meta Tags Explained

In this section, we’re going to go over Meta Tags. While Meta Tags are often misunderstood, incorrectly used and even ignored, let’s go over which ones you should use, how to use them and also which ones to completely ignore. The recommendations here are based on testing results.

Ajax File Uploading with Cake and jQuery

Here’s how to upload files in CakePHP using jQuery.

SQL Server 2005 Driver for PHP

"I'm pleased to announce that the February '08 CTP for the SQL Server 2005 Driver for PHP is now available for download."

(more...)

What's New in FreeBSD 7.0

The day has come...


FreeBSD is back to its incredible performance and now can take advantage of multi-core/CPUs systems very well... so well that some benchmarks on both Intel and AMD systems showed release 7.0 being faster than Linux 2.6 when running PostreSQL or MySQL.

Federico Biancuzzi interviewed two dozen developers to discuss all the cool details of FreeBSD 7.0: networking and SMP performance, SCTP support, the new IPSEC stack, virtualization, monitoring frameworks, ports, storage limits and a new journaling facility, what changed in the accounting file format, jemalloc(), ULE, and more.

Writing Website Scrapers in PHP

This article discusses about how to write a website scraper using PHP for web site data extraction. The concepts taught can be applied and programmed in Java, C#, etc. Basically any language that has a powerful string processing capability. This article will teach you the basics of website scraping. The article will further cover a tutorial to find web ranking from Yahoo.com search engine.

Yahoo Announces Open Search Platform

Yahoo will soon be allowing third parties to enhance the Yahoo Search experience. The new platform, codenamed "SearchMonkey" and officially called Open Search Platform, will consist of a set of APIs that allow third parties to modify search results on Yahoo by adding images, structured data and additional deep links.

(more...)

Upload Files Asynchronously

You are familiar with Ajax and I'm sure that you've used it (or seen it used) in many applications. Of course Ajax is used to transfer data through XML or JSON (or plain text) so the data is never binary data. However, what if you are making an application that needs to be able to upload a binary file asynchronously? Well I've run across an interesting article that explains how to accomplish this.

1.2 Release is now available

The pfSense development team is proud to bring you the 1.2 release! This brings the features and bug fixes from more than 16 months of development since the 1.0 release. Already widely tested and deployed throughout the Release Candidate phase, this release provides the finishing touches on releases already proven in a wide range of network environments.

(more...)

Secure temporary files in Linux

On a typical Linux system there will be at least two, if not more, directories or partitions meant to hold temporary files. There is always the /tmp directory, and often a /var/tmp directory as well. With newer Linux kernels, there can also be /dev/shm, which is mounted using the tmpfs filesystem.

One problem with directories meant to store temporary files is that they can often be targeted as places to store bots and rootkits that compromise the system. This is because in most cases, anyone (or any process) can write to these directories.

(more...)

I can make your site run 10 times faster

"I wanted to take this opportunity to share a few "secrets" that are going to put your site on steroids."

(more...)

SELinux blocks real-world exploits

Linux security experts are reporting a growing list of real-world security situations in which the US National Security Agency's SELinux security framework contains the damage resulting from a flaw in other software. These so-called "mitigations" are showing that a Linux feature that began as an esoteric security measure is starting to prove its worth.

(more...)

lunes, 25 de febrero de 2008

All Gmail Users Are Given Two Separate Email Addresses

You probably know how to create multiple email aliases in Gmail by adding the plus symbol and dots to your Gmail username but there’s something more interesting.

When you create a Gmail account, you actually get two email addresses - one is the regular @gmail.com while the second email address has @googlemail.com in the domain.

That means if your email address in Gmail is something like billgates@gmail.com, all email messages that are sent to billgates@googlemail.com will also be delivered to your own Gmail account. That’s two for the price of one.

Like the Gmail plus trick, you can take advantage of these two domains so that less spam reaches your Gmail Inbox.

Php IDE - VS.Php for Visual Studio 2008

VS.Php is a Php integrated development environment based on Visual Studio. With VS.Php you can design, develop, debug and deploy Php applications within the Visual Studio IDE. VS.Php key features are around providing rich Php and Smarty editing capabilities as well as its ability to debug Php scripts locally as well as remotely.

(more...)

My favorite jQuery Plugins

Anyone who is developing for jQuery knows that there are a ton of jQuery plugins avalible - most of which can be found at the jQuery plugin repository. Browsing through that enormous list can give someone quite a headache. The truth is, there are o many plugins (some better than others) to do really anything you want so I have decided to make a small list of my favorite plugins.

Uploading Files: Multiple Files, Progress Bar, No Postback

Recently, Joe Stagner created some videos and talked about 4 upload scenarios that provide an AJAX-like file upload experience. I've used or looked at all of those options at least once or twice in the past, but they were never quite what I wanted. I wanted something sleek and sexy. Something that really popped. The file upload tool that is my new best friend is SWFUpload.

(more...)

How To Setup PHP5 with Tomcat 5

Sometimes, you want to run PHP with Tomcat. Why? Well, you may have a legacy product, for instance, that will require servlets for many more years.

(more...)

New magic constant in PHP 5.3

n PHP 5.3 there will be another magic constant __DIR__.

Network Diagnostic Tool (NDT) On Ubuntu 7.10 Server

This guide will walk you through the setup process for implementing NDT running under Ubuntu 7.10 server. For those unfamiliar with NDT, it is a network performance testing application. NDT will measure the throughput between your server and the desktops that you run the java client from.

Network Information Functions In PHP

http://codeedoc.com/php/network-information-functions-in-php/

Alternatives to Windows Programs

There are many alternatives to using Microsoft Windows and the applications that are made for it. One of the more popular alternatives is the Linux operating system. Just about everything you can do in Windows, you can do in Linux, sometimes even better and with more control. Linux has been around for quiet a long time, so its no surprise that there are a ton of applications out there that offer the same type of functionality that many of our favorite Windows applications have. This article takes a look at some of the most popular software applications used in Microsoft Windows and compares them with some alternatives that get the same job done.

How to fix your Windows MBR with an Ubuntu liveCD

Something happen to a windows Master Boot Record (MBR) that you’re responsible for? Want a very quick, very easy way to restore it with nothing but your craft, native intelligence and a liveCD?

(more...)

Slider Using PHP, Ajax And Javascript

Have you been searching for the slider script and implementing it in Ajax with PHP then you are in the right place buddy.

(more...)

Get 5GB of Free Online Storage from SkyDrive

Upload and share up to 5GB of data to Windows Live SkyDrive, an online storage solution from Microsoft that's just graduated from beta.

(more...)

Run Linux Apps on Your Windows Desktop

andLinux is actually a full installation of Ubuntu Linux running on top of your Windows operating system.

(more...)

domingo, 24 de febrero de 2008

IPv4 Address Crunch In 2 Years, IPv6 Not Ready

We've known for ages that IPv4 was going to run out of addresses — now, it's happening. IPv6 was going to save us — it isn't. The upcoming crisis will hit, perhaps as soon as 2010, but nobody can agree on what to do.

Secure PHP Programming 101

Writing insecure code is easy. Everybody does it. Sometimes we do it accidentally because we don’t realize that the security issue exists, and sometimes we do it on purpose because we suspect the bad guys won’t notice one little vulnerability. Secure programming is often overlooked because of ignorance, time constraints, or any number of other factors. Since security isn’t flashy until something goes wrong, it is often easy put it off.

(more...)

htaccess Editor: create .htaccess online

.htaccess Editor is a free Web 2.0-like tool that lets you quickly generate .htaccess files for your hosted website. To use, simply select a category on the left, and edit the parameters to your liking on the right. Then observe as .htaccess Editor sticks the proper code in the textbox at the bottom.

(more...)

Distributions and security updates

One of the main Linux stories of the past week was the security vulnerability affecting a considerable range of Linux kernels. The vmsplice() system call, introduced into the kernel in version 2.6.17 (and further expanded in versions 2.6.23 and 2.6.24, which resulted in two additional vulnerabilities) was responsible for the problem. As a result of this code, an unprivileged user logged in to any of the systems running the vulnerable kernel could easily obtain root privileges by executing certain code (this is known as "privilege escalation exploit"). Millions of machines were affected.

The vulnerability was first made public on February 8th. According to the Linux kernel changelog, it was fixed the same day and a new kernel, version 2.6.24.2, was made available on February 11th. The issue was widely publicised on February 11th, when many Linux news sites ran stories describing the problem and some even linked to the code that was capable of exploiting the vmsplice() vulnerability. Although rated as "less critical" (or 2 out of 5 on the severity barometer) by Secunia and "important" (rather than "critical") by Red Hat, any multi-user system running an unpatched kernel was vulnerable, while chances of a successful system compromise also increased dramatically. Even single-user desktop machines could be compromised through an unrelated code execution exploit.

Linux distributions started releasing patches on February 11th, the same day the news became widely known. But how fast were they?

Review: EnGarde Secure Linux

Guardian Digital announced the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18) on Dec 4, 2007. This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features. This review was done with a prior release.

viernes, 22 de febrero de 2008

How to Setup a Wireless Ubuntu Router

"This morning I was moving some stuff around and my router fell, smashing to pieces. Oh no! I need a wireless connection today. The router was a noisy (the fan drives you crazy) older (but faithful) boat anchor. I was in a pinch, with no time to buy a new one. So, I thought a quicker (and for me “fun”), fix would be to set up a temporary router on an old PC."

Sort table rows using Ajax

"Some days ago I was looking for a good and simple way to sort data into a table with a simple click on table headers and I found this interesting framework: Stuart Langridge's sorttable.js. This tutorial explains how to use it in your projects."

Using OpenDNS with your own DNS

"OpenDNS adds the possibility of domain name based filtering. You can configure your own white and blacklist, but they also have a list of categories you can choose from. Most interesting category I found was phising, but I image that if you got small children at home you'd also want to block porn and such. Domain name spelling correction is an added bonus, plus they promise almost 100% service availability, superior performance, domain name spell checking and statistics gathering (can be turned off)."

(more...)

40 Tips for optimizing your php code

http://reinholdweber.com/?p=3

Housekeeping With Nmap

To start with, Nmap is a free, OSS network discovery tool developed by Fyodor. It's the single most popular portscanner in the world and an invaluable tool for any system or network administrator.

(more...)

Secure Boot CDs for VPN HOWTO

This document describes the creation of live boot CDs used to make secure VPN connections from anywhere (over the Internet) to internal networks that have firewall exposure to the Internet.

Network scanning

Discover how to scan your network for services and how to regularly monitor your services to keep uptimes to a maximum. A key way of ensuring the security of your network is to know what is on your network and what services individual machines are at risk of exposure. Unauthorized services, such as Web servers or file sharing solutions, not only degrade performance, but others can use these services as routes into your network. In this article, learn how to use these same techniques to ensure that genuine services remain available.

Introduction in MVC seperation with PHP

To better demonstrate how MVC works, let’s use the example of a simple news-article publishing system both using MVC and not using it.

(more...)

Build your own file server

If you're anything like me (even before I got really involved with bit-tech.net), you've got spare parts everywhere. You know what I mean - systems that you have put aside as you've upgraded over the years, like Northwood P4s and Athlon XP boards that have gone the way of the dodo. They aren't your top gaming rig - they don't even need 200W to run, much less have 200W for the graphics card.

In my goal of helping you find new and useful ways to use that old crap, it dawned on me - everyone I know complains about files on this computer or that computer, or not being able to get the things they need or want while they're out or away from their home desk. They needed a file server - a REAL file server, with web interface and bit-torrent and the capacity to not tie up your precious screens and keyboards, which are (at least in my house) in less supply than motherboards and hard drives.

(more...)

40 signs you really are a lousy PHP programmer

This is something I prefer to call my "programming list of shame". Although having a formal university education with courses on software engineering, enterprise software architecture & database design I have been guilty of every single one of those things at one time or another. This is completely subjective & Eclipse oriented.

(more...)

Disabling services in Solaris 10

To disable a service you have to be root or have a sudo...

miércoles, 20 de febrero de 2008

Chroot in OpenSSH

"Damien Miller (djm@), who worked on this new feature with Markus Friedl (markus@), offers more details about ChrootDirectory:

This commit adds a chroot(2) facility to sshd, controlled by a new sshd_config(5) option "ChrootDirectory". This can be used to "jail" users into a limited view of the filesystem, such as their home directory, rather than letting them see the full filesystem."

(more...)

Install PHP and MySQL environment on your Mac

what's the most simple way to install a PHP / MySQL environment on a Mac OS X?

martes, 19 de febrero de 2008

PHP Shell, for secure remote access when SSH isn't available

Many companies offer LAMP hosting, but some of the cheaper LAMP providers do not allow SSH access, reserving that feature for higher-paying customers. Without SSH you may think you'll have trouble executing commands on the hosted server. Not so -- PHP Shell allows execution of some commands without having SSH access to the LAMP server.

(more...)

15 Cool Things About PHP That Most People Overlook

Here's what I think are some of the more interesting features of PHP.

domingo, 17 de febrero de 2008

PHP SimpleXML Blogger Syndication

The aim of this article is to describe the steps necessary to take a Blogger blog, and syndicate the content onto a third party web site, using PHP classes and scripts. The core functionality uses the very straightforward SimpleXML class, shipped with all PHP installations, coupled with some basic knowledge of the Google Blogger API and a small piece of PHP scripting to generate the HTML code.

viernes, 15 de febrero de 2008

Using MySQL as a filesystem

With MySQLfs you can store a filesystem inside a MySQL relational database. MySQLfs breaks up the byte content of files that you store in its filesystem into tuples in the database, which allows you to store large files in the filesystem without requiring the database to support extremely large BLOB fields. With MySQLfs you can throw a filesystem into a MySQL database and take advantage of whatever database backup, clustering, and replication setup you have to protect your MySQLfs filesystem.

(more...)

HexLive 1.0.3 is now available

HexLive is a live cd based on FreeBSD and build with the FreeSBIE toolkit. It is suited for network analysis.

(more...)

jueves, 14 de febrero de 2008

How to Prevent SQL Injections?

SQL injection attacks, injects or manipulates your SQL query to obtain results in unanticipated ways.

The general way of validating a user on a web site is to provide a HTML form through which they can enter Username and password.The easiest way to validate this user would be to build an SQL query, and then check that query against the database to see whether that user exists.

(more...)

miércoles, 13 de febrero de 2008

Firefox 3 Beta 3 Officially Released

Mozilla has officially released Firefox 3 beta 3. This release includes new features, user interface enhancements, and theme improvements...

What's new in PHP 5.3?

PHP 6 is just around the corner, but for developers who just can't wait, there's good news -- many of the features originally planned for PHP 6 have been back-ported to PHP 5.3, a final stable release of which is due in the first half of this year.

(more...)

martes, 12 de febrero de 2008

FreeBSD 7.0-RC2 Available

The second Release Candidate for FreeBSD 7.0 is now available.

domingo, 10 de febrero de 2008

Building Desktop Applications in PHP

In this article, I’ll examine the techniques and systems you can use to build desktop applications, from GTK libraries to native Windows API calls.

PHP 4 is Dead—Long Live PHP 5

PHP 4, deployed on tens of millions of servers globally, is among the most successful languages of all time. But its run is coming to an end.

Active development for the scripting language has been discontinued and security updates will conclude in August. And for some developers, PHP 4 will be history before Valentine's Day.

(more...)

Is Your Computer a Zombie Bot Being Controlled by Hackers?

Zombie BOT is a computer that is infected by a malicious software which allows remote control. Hackers usually fool computer users by binding the remote control software to another legitimate program such as a game. When you run the program, it’ll only show the game at your screen but in background, it has already secretly installed a remote control software which allows the hacker to gain access to your computer when you go online.

(more...)

Migrate All Your Old Gmail to a New Gmail Address

The email address you chose when signing up for Gmail seemed completely hilarious when you first signed up, but after a year of sending resumes to employers from strangelove45@gmail.com, you may be reconsidering your choice. Luckily with Gmail's easy-to-use Mail Fetcher feature and POP3 access, you can easily import all of your old emails to your new, respectable Gmail address with a few very simple steps.

Keep Your Wi-Fi Going Strong

The Web Worker Daily weblog suggests several methods to keep your router performing and your wireless internet strong. The post offers several tips for how to improve your wireless network, from performing a cycled reboot when things aren't working correctly to adding access points to boost get your signal to every corner of your home.

(more...)

Top 10 BitTorrent Tools and Tricks

BitTorrent is the go-to resource for downloading everything from music and movies to software and operating systems, but as its popularity continues to grow, so do the number of tools available for making the most of it. Some are must-haves, while others are a waste of time. Climb aboard for a look at 10 of the best BitTorrent utilities, tools, and resources for finding and managing your BitTorrent downloads quickly and efficiently.

OpenBSD Will Not Fix PRNG Weakness

"OpenBSD's coordinator stated, in an email, that OpenBSD is completely uninterested in the problem and that the problem is completely irrelevant in the real world."

(more...)

Firefox v2.0.0.12 Vulnerable By Default.

You probably thought otherwise after they just released version 2.0.0.12. a couple of hours ago, that had a fix for numerous other vulnerabilities. But guess what? we are going to see 2.0.0.13 pretty soon I guess...

Set up a virtual FTP server with pam-mysql

Setting up a virtual File Transfer Protocol (FTP) server with a database back end offers many benefits. By using a database, you can store a large number of users centrally, so it's easy to manage. It offers more security than traditional Unix OS authentication methods, because virtual users can access only the FTP server's resources, not the OS's. You can use the many Web tools that are available to easily install, configure, and manage the database back end. A virtual FTP server also supports some special characters, such as @, that FTP itself doesn't support, which can come in handy if, for example, your company uses its employees' email addresses for identity purposes.

(more...)