Lately, I’ve been trying to find ways to reduce the amount of time I spend on stupid sites like myspace (nevermind the fact that the time it took to reduce this amount took me enough time to visit myspace 1x a day for another month – heh). At any rate, I’ve been using Google Reader a lot more (I’m up to 180 or so feeds) and I thought: Why don’t I make an RSS feed... (more…)

I was working on a script that opened up a new connection to the same server with fsockopen to process a php script. It passed the variables needed through GET and then gathered the output. Finally, it displayed the output on the screen under the current context. (more…)

I just thought I’d drop some useful links and tools your way for those beginning and non-tool-cist peoples: (more…)

An interesting idea that a colleague told me about was a ‘security trigger’ in any application that has a SQL type storage engine. The trick is to make sure that your admin account is not ID #1 and that your administrative username isn’t one of the most common ones: (more…)

I was reading on a forum the other day about some benchmarks for PHP. The guy had posted some results in ms measurements, and was getting upset about his erratic results. There were some things that he was forgetting, however. (more…)

In our current setup at (“the triangle”), we have to use odbc connections to access our db2-udb database - and I don’t like it. But we have to stick with it - and that’s the way life is. The main reason I don’t like it is the immense overhead and time it takes to execute queries. Well, I did some research and found out some interesting things. The most important of which was a cursor... (more…)

The “security guys” have been talking about the problems with FireFox’s password manager and I got curious. It turns out that javascript can access saved passwords in your password manager simply by creating a login form and capturing the input field’s contents. While this isn’t necessarily a vulnerability in FireFox, it does suck! The biggest attack vector is websites that allow user submitted content that have script injection holes. Basically, if a third party can... (more…)

A lot of weird things have been happening ever since we introduced a new error handler at (“the triangle”). First of all, it took down our whole site for a good portion of time (oops!), then it created a large project for us to review our code. Turns out a lot of the errors were just weird little things that we ignored. However, there were a few times where the @ operator php.net/language.operators.errorcontrol.php was a... (more…)

After listening to a javascript internals optimization talk, I wanted to see how these concepts could relate to PHP. The biggest thing that stuck out to me was the order of the for loops in javascript. According to the talk, loops written backwards (or using the deincrement operator instead of the increment one…) was a lot faster. They said comparing a value to zero was faster than comparing a value to another value. With the... (more…)

Everyone knows that standard SVN has its list of 6 or 8 standard hooks - but what if you’re 1) lazy, 2) busy, 3) don’t have access to the SVN server? Using one of the popular win32 shell integrated svn clients, TortoiseSVN, we can still force commit log messages easily: (more…)