All entries of my technical and business blog.

Create an RSS feed of comments from myspace

Lately, I’ve been trying to find ways to reduce the amount of time I spend on stupid sites like myspace (nevermind the fact that the time it took to reduce this amount took me enough time to visit myspace 1x a day for another month – heh). At any rate, I’ve been using Google Reader a lot more (I’m up to 180 or so feeds) and I thought: Why don’t I make an RSS feed... (more…)

Pass PHP session to a new script using fsockopen

I was working on a script that opened up a new connection to the same server with fsockopen to process a php script. It passed the variables needed through GET and then gathered the output. Finally, it displayed the output on the screen under the current context. (more…)

Write Security Triggers Against SQL Injection

An interesting idea that a colleague told me about was a ‘security trigger’ in any application that has a SQL type storage engine. The trick is to make sure that your admin account is not ID #1 and that your administrative username isn’t one of the most common ones: (more…)

ODBC for UDB and PHP - How I increased performance by 400%

In our current setup at (“the triangle”), we have to use odbc connections to access our db2-udb database - and I don’t like it. But we have to stick with it - and that’s the way life is. The main reason I don’t like it is the immense overhead and time it takes to execute queries. Well, I did some research and found out some interesting things. The most important of which was a cursor... (more…)

Demonstrating Password Manager Almost Vulnerability in FireFox

The “security guys” have been talking about the problems with FireFox’s password manager and I got curious. It turns out that javascript can access saved passwords in your password manager simply by creating a login form and capturing the input field’s contents. While this isn’t necessarily a vulnerability in FireFox, it does suck! The biggest attack vector is websites that allow user submitted content that have script injection holes. Basically, if a third party can... (more…)

The Perils of the AT in PHP

A lot of weird things have been happening ever since we introduced a new error handler at (“the triangle”). First of all, it took down our whole site for a good portion of time (oops!), then it created a large project for us to review our code. Turns out a lot of the errors were just weird little things that we ignored. However, there were a few times where the @ operator php.net/language.operators.errorcontrol.php was a... (more…)

Is it better to write your 'for' loops backwards in PHP?

After listening to a javascript internals optimization talk, I wanted to see how these concepts could relate to PHP. The biggest thing that stuck out to me was the order of the for loops in javascript. According to the talk, loops written backwards (or using the deincrement operator instead of the increment one…) was a lot faster. They said comparing a value to zero was faster than comparing a value to another value. With the... (more…)

Force Log Messages using Tortoise SVN

Everyone knows that standard SVN has its list of 6 or 8 standard hooks - but what if you’re 1) lazy, 2) busy, 3) don’t have access to the SVN server? Using one of the popular win32 shell integrated svn clients, TortoiseSVN, we can still force commit log messages easily: (more…)

⬅ Newer | Older ➡
Page 47 of 52
or use RSS