I was working on writing a shutdown function for a PHP 4 script and noticed some odd behavior when I was getting errors (no way! I program and get errors? Who knew!?) At any rate, when I would handle my error with my custom function, I noticed the shutdown function was still executing after the error function. (Or when it was a Fatal error, the error was shown to the screen but the shutdown function... (more…)
All entries of my technical and business blog.
SimplePHPMailer
There are a very small amount of really easy to implement PHP mailer scripts in the wild. They usually try to pump so many features into them that it becomes difficult to implement or too large of a file. For those looking for just a quick drop-in solution - that you DON’T need to know PHP to use - SimplePHPMailer was developed. All that is needed is to drop the php file into the same... (more…)
PHP Shared Host - Session File Browser Script
PHP stores its session information into flat files unencrypted by default. (more…)
Meta Tag Generator
Meta Tag Generator uses javascript to generate the proper format for some common meta tags. This was originally just a proof of concept script that I decided to release. (more…)
JS Tool - Security Auditing in Javascript
JSTool was a trial run of combining many different scripts from the open source community into a security and auditing script. (more…)
Which Conference Should I go to - Help me in 2008
So, luckily, my current employer will pay and make arrangements for me to attend one major conference each year. Last year I attended Mysqlconf, the year before, Zend Con. (more…)
XSS with Img OnError attribute
So much of my time is spent worrying over the src or href tags on images and links - that I sometimes forget about the other attributes. (more…)
Link Checking Module - 1st attempt
So I wrote some code the other day. It sat in my code repository and I never tested it. I was pretty certain it was going to be some good code, though. (more…)
Update your URL filtering: possible XSS from "Data" URL scheme - Firefox
In regards to the Data in URL scheme (RFC here), I’ve found an interesting issue with the way firefox handles it which could lead to some XSS I think. (more…)
Securing Wordpress - what my 'oops' reminded me
I don’t want to admit it - but I messed up. I didn’t patch wordpress - and I was a victim of one of the released wp exploits. How could you let this happen? you ask. Well, I was lazy. But let this be a lesson to ya - don’t forget - otherwise its a LOT harder to clean it up (it took me roughly 4 hours to fix which included 2 hours of ignoring... (more…)