Programming
Testing Plugin Syntax Highlter Evolved
Just a quick post to test the Syntax Highlighter Evolved plugin.
<br />
<?php<br />
$this = ‘only a test’; //ignore me<br />
$shout = new shoutOut();<br />
try {<br />
$shout->out();<br />
} catch (Noise $n) {<br />
$shout->whisper();<br />
}<br />
Zero user interaction CAPTCHA – (lamecaptcha)
This is not a new concept by far, however I want to share my fix for auto filling of forms on some of my sites. The issue arises from people creating bots/scripts that are intended to auto populate forms on site and submit them with the assumption that data does go somewhere and hopefully someone will click a bad link or buy some viagra or what not. This is most common when you have common web applications that have indentical registration forms or comment forms (like wordpress sites or forum software like phpbb). To solve this problem I’m sure you’ve see the wavy, crooked, colorful and always hard a hell to read text garbled that you have to enter before signing up to certain sites or buying tickets from ticket master. This form of “humanness test” if you will is refferred to as CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). The nice thing about implementing some form of captcha is that it will usually prevent most random attacks because most people don’t spend time directly targeting a single site, what they do is try to make it work with the most sites as possible to spread the spam as much as possible.
The issue I have with most captcha systems is that they are a) annoying and b) they make me work harder than I need to be c) I end up having to squint my eyes and think hard to figure out what the f*ed up image is really saying. My ideal captcha would require 0 user interaction and somehow figureout that you are real.
So I decided to create my ‘lamecaptcha’.
On most of my forms I have basic javascript validation that says If field a is empty than alert saying field a is empty please fill it in and return false so the form doesn’t submit. However, all the bot has to do is fill in those required fields with garbage and then they put their html links/spam in my textbox or other field and submit away. But, I use this to my advantage. The bot says let me fill in all the text boxes available and hit submit.
So I decided to create a hidden textbox that a normal user can’t see but a bot doesn’t know is hidden.
<br /> (hidden: <input type="text" value="" name="lamecaptcha" style="display:none;" /> ) <br /><br /> (visible: <input type="text" value="" name="text" /> )<br />
(hidden:
)(visible:
)Now when the form is submit all I have to do is make sure that the text box is empty and then I allow it to pass through:
<br />
<?php<br />
if(!empty($_POST['lamecaptcha'])){<br />
//Do something because no human should fill a hidden text box<br />
//If the box was visible for some reason, they still shouldn’t fill<br />
//any text box with out a label saying what should be in it<br />
}<br />
My “attacks” were few and far between but I have noticed that my database is no longer filled with garbage submissions and my clients are not complaining about getting spam from my server.
I haven’t taken the time to figure it out but I would assume a lot of bots are also not running javascript, so another check might be to not allow form submission unless javascript is enabled (this can easily be defeated by a browser bot or there may be some way to fake out the check I don’t know) but it may be worth while to enhance the effectiveness of this.
Again there are simple things like asking for 1+1 or type “here” in the box but I don’t want to make my users do more work because of the a-holes out there, what we need to do is make it more difficult for them. People spend so much time sifting through the spam and garbage it is discusting. Please share with me any ways you have created zero interaction captcha, I think as a service provider bogging down the user is the wrong way to go, and I’m suprised to see CAPTCHA systems become more difficult for the user than the bot.
-Ak
Php: (strpos) Search for text in a string
If you want to search for text inside a string but don’t need fancyness of regex, here lies strpos.
I see a lot of posts online about people confused how strpos works and how to use it for searching for text in a string properly. First thing to note is that strpos() returns the index of the location of the string (not true if the string exists in part of the testing string). So:
<br /> $string = ‘thedog’;<br /> var_dump(strpos($string,’dog’));<br /> Output: int(3)<br />
How does this benefit you if you want to make sure that $string doesn’t contain dog:
<br /> $string = ‘thecat’;<br /> var_dump(strpos($string,’dog’));<br /> Output: bool(false)<br />
As you can see the result was false, but sticking that strpos straight inside your if statement is bad and erroneous code… Here’s why:
<br />
$string = ‘thecat’;<br />
if(strpos($string,’the’)){<br />
echo ‘The is in the string’;<br />
}else{<br />
echo ‘The is not in the string’;<br />
}<br />
Output: The is not in the string<br />
What?? Lets take a closer look:
<br /> $string = ‘thecat’;<br /> var_dump(strpos($string,’the’));<br /> Output: int(0)<br />
So you see, the reason the if statement failed is because the if statement fails on a value of 0.
The proper way to test with strpos is as follows:
<br />
$string = ‘themonkey’;<br />
if(strpos($string,’monkey’) !== false){<br />
echo ‘There is a monkey in my string’;<br />
}<br />
Output: There is a monkey in my string<br />
strpos() will return false if monkey is not in $string so the sure fire way to test to make sure it isn’t in there is to say that the return value is explictly not false. !== confuse you? This tests for an actual boolean value of false. Other values make cause an if statement to fail (such as 0 mentioned above)
(Read more about type comparison here. http://us2.php.net/manual/en/types.comparisons.php)
If data types are making you say huh?? See here: http://us3.php.net/manual/en/language.types.php, I will post later briefly about php and data types, if you have used Java than you live and die by data types, but php has a very simple concept when it comes to data types which makes coding in general easy but relying on and full understanding your own code sometimes difficult.
-Ak
Parsing a CSV file with ASP
I’m no fan of ASP especially after having to work with it… but regardless I had to.
Problem:
I don’t want to try and get a database running for a simple task that would require one table with few rows, but I also didn’t want to jump in and edit html when one small change had to take place.
Solution:
Build a csv file and use asp to parse it.
It still doesn’t make much sense to me but what it does basically pushes all the data into one giant line like (a1,b1,c1,d1,a2,b2,c2,d2) and it counts the number of columns and rows you have. The for loop then uses these number to put it into a multi-dimensional array based off of (row,column)
Here is the code:
csv_to_read="csvfile.csv"
set fso = createobject("scripting.filesystemobject")
set act = fso.opentextfile(server.mappath(csv_to_read))
imported_text = act.readline
imported_text = replace(imported_text,chr(13),",")
imported_text = replace(imported_text,chr(34),"")
split_text=split(imported_text,",")
num_imported=ubound(split_text)+1
total_imported_text = act.readall
total_imported_text = replace(total_imported_text,chr(13),",")
total_imported_text = replace(total_imported_text,chr(34),"")
total_split_text=split(total_imported_text,",")
total_num_imported=ubound(total_split_text)
trows = (total_num_imported/ (num_imported)-1)
'Have to pre-initialize the size of the array
Dim array(10,25)
count=0
for column = 0 to trows
for row = 0 to num_imported -1
array(row,column) = total_split_text(count)
count=count+1
next
Next
To pull a single value out of that (passed via url like file.asp?z=7) I do the following:
input=CInt(Request.QueryString("z"))
'Fill up the variables I need until they are what was actually passed in url and exit
For i = 0 to trows
id = CInt(Replace(array(0,i),chr(10),""))
title = array(1,i)
price = array(2,i)
If id = input Then
Exit For
End If
Next
'Now I go on my merry way and use the variables as needed:
<h1><% Response.Write(title) %></h1>
<h2><% Response.Write(price) %></h2>
Conclusion
This wasn’t quick to figure out but it is dirty and I only wrote it because I have 0 asp knowledge and did not want to try and learn how to connect asp to a MySQL or SQL Server at GoDaddy (not worth the trouble, and gladly I’ll be moving this site to my own server soon enough)
One thing I can’t argue with in a situation like this is if it’s not broken, don’t fix it!
Another intersted bit of code I had to figure out to do in asp was to always print the last day of the current month. I will post that code soon.
-Ak
Using jQuery to rewrite all relative url’s
Problem:
I have a template file that has all relative url’s for all the links and I have this template on two different subdomains, one is used for processing and the other is for static files.
When I display something on my processing server I want it to make all the links point the the static pages without modifying the template.
Solution:
Use jQuery to parse all links and change to the proper domain.
Question:
Is there a better method that is automatic such as this? Or maybe a better way to write the jQuery as it stumped me to get it right for a bit.
Code:
› Continue reading
Creating JSON as a select result in a MySQL Query
So I had this crazy idea at work, I needed to get all the data out of an entire table in a single column. So I decided to return the table as a preformatted JSON array that I could decode straight into a php array for manipulation.
The Code:
› Continue reading
Google Ads
Tags
Categories
- Hardware (1)
- Information Security (2)
- Scams (1)
- Programming (13)
- JavaScript (7)
- jQuery (4)
- MySQL (2)
- php (3)
- JavaScript (7)
- Quick Tips (8)
- Ramblings (30)
- System Administration (4)
Recent Posts
Recent Comments
- Aknosis on Automating MySQL Database Backups on the Command Line via mysqldump
- brittany on Automating MySQL Database Backups on the Command Line via mysqldump
- Aknosis on More jQuery Fun – Auto Populating a Select Box
- zkilz on More jQuery Fun – Auto Populating a Select Box
- Aknosis on More jQuery Fun – Auto Populating a Select Box