ThePsion5

Wikipedia ArticleWikipedia is your friend.

Hehe, I was barely motivated to come up with those statistics, lol...

Sadly, the only server I have that runs PHP at the moment is my laptop. I think I can give you some extimates on the time it would take, however:Assuming the attacker knew nothing about the seed, it would be nigh-impossible to crack without brute-forcing every MD5 combination (16^36 attempts on average). If they faked the HTTP_REFERER then they would still need to figure out that it was being used with a seed. Assuming they did that and made the following assumptions and could run all their attacks within one minute:1. The seed is an integer less than 3600: (24*60)/2 = 720 average2. The seed is an integer less than 10 digits: ((10^10)-721)/2 = 4,999,999,639 average3. The seed is any string less than 10 digits: ((129^10)-721)/2 = 638,068,209,558,560,809,240 average (Muahahaha! )If they try to brute force the MD5 function, it would take (129^32) = Some large number I can't translate, lolIf they can't run all of their attacks in a minute, then divide those numbers by the percentage of the attack they can complete in one minute...so if the attacker could only run 10% of the attacks, multiply the average attempts by 10. Basically, it becomes less and less likely the longer they take.

1. You can use server settings to parse a file with any type of extension - adding .js to the list of extensions to look for PHP tags in is as simple as adding a few characters (for apache at least, I know you can do the same on other servers as well)2. Whoops. Corrected now.

I was thinking about the problem of using client-side Javascript Encryption without the website use being able to see and potentially decode how it works, and I have an interesting idea on how to make it much more difficult (though not impossible, sadly) to find and view said code, and should deter all but the most dedicated of code-stealers, lol.Why not use a referrer+time based seed with any of the common PHP encryption functions to keep any unauthorized sources from viewing your javascript code? It could be implemented like so:Use this in the head section of your html/php pages to include any needed java script: <?PHP$minute = floor(time()/3600);$seed = md5($_SERVER['PHP_SELF'] . $minute);print '<script type="text/javascript" src="js/protected.js?seed=' . $seed . '">';?> Then, in the protected.js file, you would include a page with code like this code like this: <?PHPfunction isValidReferrer($seed){ $ValidSeeds = array(); $Page = $_SERVER['HTTP_REFERER']; //The refering page $Minutes[] = floor(time()/3600); //This minute $Minutes[] = $Minutes[0]-1; //The previous minute $ValidSeeds[] = md5($Page . $Minutes[0]); $ValidSeeds[] = md5($Page . $Minutes[1]); return in_array($seed, $ValidSeeds);}if(isValidReferrer($_GET['seed']){ //print the scripts}else{ //say something mean and threatening to them :D}?> Granted, it'd be some extra overhead for a server with high-traffic, but if you really want to keep your javascript secure then it might be a good idea. You could further spice it up by adding your own seed, cookie information, and the like. Any input? It seems like an interesting idea if you don't mind the extra server overhead.

You might also want to try looking on sourceforge.net, the chances of them having a project devoted to converting an access database to another form like a MySQL database is pretty good, I imagine. It's where I've found a lot of useful PHP apps.

Since the length of file extensions might possibly vary, depending on the filetype and OS, I would go with using explode instead of substring. Seems more reliable that way.

You could also use a spam-proof, randomly generated question to keep that from happening too. For example:function stfuSpammers() {$numbers = array('zero', 'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine');//select two random numbers & note their array index//add the two array indices into $answerprint "<div>What is $number1 plus $number2? ";print 'Enter the answer here:<form action="' .$_SERVER['PHP_SELF'] . '"> <input type="text" name="answer" /> <input type="hidden" value="' . $answer . '"> <input type="submit" name="realanswer" value="Answer The Question, Sucka!"/></form></div>';} Then on the next page you just check to see if their answer matches the hidden value, that should stop any spammers unless they want to code a spam-bot specifically for your site, lol.

You could also use the header("Location: url") function...If i remember correctly, the 'REFRESH' meta is frowned upon by search engines and the like, lol.

Sure, I'll give you a run-down of what my algorithm does. By the way, this is designed to parse out any search keywords contained in a referral URL.There are actually two versions; the second uses less memory but isn't quite as fast as the first.The uber-fast one (note: when testing this, apache will use up to 170 megs of ram, lol):for each file being parsed:1. pull the content into a variable2. use strpos() on the content variable with ? (question mark) to retrieve the start of GET values.3. Using the value from the previous strpos() function as an offset, call strpos() again with " (double-quotation), signifying the end of the URL4.Armed with the two strpos() values, use substr() to pull the GET values out of the file content5. use explode() with & (ampersand) to get all the individual GET fields into an array6. Iterate through each value of the array, calling strpos() for the following ('q=', 'p=', or 'searchFor=')7. If any of them match, call substr() and strlen() with the result of your previous strpos() to extract the value portion of the GET field8. call url_decode() on it and use it as the key for an array like so $SearchWords[$value]++;9. Repeat from step 2 until the first strpos() (in step 2) returns false.10. Sort the array11. Put it into a file12. RULE THE WORLD:-DThe other version just exports the array to a different file for each file parsed, so it's pretty similar. It will also decrease Apache's maximum usage to 110 megs instead of 170, but it's also about 20%-25% slower.

Hello once again,I'm trying to come up with a way to deal with invalid float numbers. Specifically, the ones you get when you try to perform an operation that exceeds a floating-point numbers precision, like dividing one by 19000. I end up with a number that looks like this: When I encounter this number, I just want to set it to zero - no reason for something like that to spam up my file, lol. However, code like this doesn't work:if(is_nan($percent) $percent = 0; Neither does this: if(is_infinite($percent) $percent = 0; Or this: if(!is_finite($percent) $percent = 0; Is there any way I can conveniently detect and remove these numbers?

arsort() is actually exactly what I need, thanks. :)Dunno how I missed that in the documentation though...

Hi again,I have a function that outputs a rather large associative array in a order based on the values in the array. It starts being completely unordered, but i need to arrange it in an order similar to this: as in, ordered by the array values instead of the associative keys. I know that I can do this using the aSort() function, but this sorts them in reverse order, which means I have to use the array_reverse() function to flip it around the way I want it. I'm trying to find a way to eliminate that costly call to array_reverse(), but in order to do that I need to use a for loop that runs in reverse, like this:for($i = $count; $i > 0; $i--){$Output .= array[$i] . "\n";} But i need to access the associative array keys in this for loop. Is there any way to do it?

Well, I wrote something that turned out to be pretty damn fast actually, lol. Fast enough to parse 1.6 gigs of information in about 75 seconds, at least . My general strategy was to minimize the code in loops as much as possible, avoid double-quotes, and the like. I'm pretty satisfied with what I got, hehe.

Hi guys,I'm writing a PHP script that parses GET values out of a log file with lines resembling something like this: And I'm trying to figure out how to do this quickly, because there are a LOT of log files to parse. I've considered using regular expressions, like so:$Info = preg_match_all('%\?[^"\s\S]*"%', $Sample); But I've heard that regular expressions are none-too-fast. I've also thought of doing the same with string functions: $Lines = explode('?', $Sample);foreach($Lines as $line){$Info[] = explode('\"', $line);} But this seems like it would be comparably slow as well. Unfortunately, I'm not familiar with the exact speed of the regular expression functions in php, but i assume that they're somewhere between omega(n^2) and omega(nlogn), whereas my string-splitting version has a time of omega(2Xn^2), where X is the time taken for each explode() function. Can anyone shed light on this, or point me somewhere that gives precise information on the execution time of these two approaches? Thanks in advance!

A minor optimization to your code - instead of: $query = "SELECT * FROM `counter` WHERE `timeviewed` >= $maxtime";$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());$num = "0";if(mysql_num_rows($result) > 0){while($row = mysql_fetch_row($result)){$num++;} You could have this instead: $query = "SELECT COUNT(*) FROM `counter` WHERE `timeviewed` >= $maxtime";$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());$resultArray = mysql_fetch_array($result);$num = $resultArray[0];} It won't matter much as long as the database and server are on the same computer, but it could save you alot of network traffic otherwise.

*Quietly yanks script* :)

I don't think that PHP5 supports operator overloading, lol. But while we're at it:foreach($internet as $website){ if($website->doesSuck(array('standards', 'coding', 'content', 'design')) { self::optimize(website); self::sendInvoice(website); self::addToResume(website); }}$income = self::getDisposableIncome();spend($income, array('videogames', 'computerstuff', 'ninjagear');self::increment1337();

Well, you may be able to do something similar to this if you only need to add small blurbs to your website:page.php?addnewsitem=true&title=thetitle&text=ashortblurboftextthatyoucanactuallytypeinabrowserwindow&auth=somevariableThen you could have a php function that looks something like this: function checkForUpdates(){$add = $_GET['addnewsitem'];$title = $_GET['title'];$text = $_GET['text'];$auth = $_GET['auth'];if(strcmp($add, 'true') === 0 && isProperAuth($auth)) //If the proper authentication is used...{//add the text to the file that contains all the news}else{//display the news}}function isProperAuth($authentication){/*Check to see if the proper authentication was provided. Since the get values are stored in the browser history, you should use a variable that changes over time (that you can keep track of). Like, the hour and minute of your server plus 13 minutes in a weird format, for example. That way it won't be decoded unless someone is looking for it fairly hard, lol.*/} However, i should stress that this method is not very secure...it wouldn't take much for someone to crack it even without your browser's history at their disposal. Just a warning.

I have a few languages that I like quite alot.1. PHP - I love its flexability and convenience, and its amazingly convenient web functionality. I'm not so much a fan of it's strange Object-Oriented behavior or some of the unfortunate side effects weak typing can have, but oh well.2. Java - So clean, so friendly, such a beautiful API! The opposite of PHP in error-proneness, but the rigidity that comes along with it can be frustrating3. XML/XSL/Anything related - Finally, a universal, human-readable language. I'm as happy as a leetle gurl

I've never coded one myself before, but I believe that this will require javascript in addition to PHP coding if you want your drop-down lists to change without the user having to press submit. I imagine that if using JS was out of the question you could contain the form in an iFrame and refresh just that whenever you need to change the second drop-down options. Tutorials on creating them are fairly easy to find, you may also want to check out the Javascript forum on this site too. Hope it helps.

Hi guys,I was doing some work today and I came across a webpage that used a <base> tag to specify the domain for all relative links. I've never encountered this tag before and I was wondering if I should be using it, as I've never had any issues with relative links anyway. Advice?

Thanks, that's just what I was looking for! I didn't think I could use unset() with array keys, that's why I hadn't tried it.

I'm not positive, but I think that the PEAR package offers improved security and other nifty functions like custom header information...I've never used it myself though.

Actually, that is a very good point. An error in your CSS code will still result in the document being parsed up until the point of the error, after which everything else will be ignored. Maybe this is the cause of your difficulties?