Showing posts for category: PHP
Monday 11th December 2023 (updated: Tuesday 12th December 2023)
A list of things I really need to get a handle on. Some I'm used commercially and some I haven't.
* React (probably my priority as it focuses on the V bit of MVC)* Vue (I like the idea of this one's simplicity)* Angular (probably a bit more involved as it is a full client-side MVC endeavour)* Laravel (the go-to framework for PHP MVC support)* Python (probably the lowest priority; more intrigue)
I'm very much a vanilla guy. The HTML, CSS, PHP, JavaScript that I write is done without libraries (excluding, j...[more]
Thursday 10th August 2023 (updated: Wednesday 23rd August 2023)
I use MySQL a lot. I run it locally using MAMP for a ton of data projects that never find their way online.
My current development project involves a one-off operation to insert 1,000,000 rows of data to a small table. The table has 2 indexes - a Primary Key and a specific index on 2 columns.
The project is driven by JavaScript that then AJAX's out calls to PHP which runs the database operation.
The actual project is a pixel scanner which uses HTML5's Canvas API to examine a pixel, determine its RGBA val...[more]
Wednesday 2nd August 2023 (updated: Monday 1st January 2024)
Sometimes refered to as file path traversal.
I have become fascinated with the techniques attackers may use to discover web server directories and files. Specifically, of course, those directories and files that are not intended to be obvious.
A simple look at robots.txt in the root directory may unearth some resources that aren't meant to be viewed. By virtue of the fact they are listed in the .txt file the website owners don't want search engines indexing them. This is all above board and I'...[more]
Saturday 29th July 2023 (updated: Tuesday 1st August 2023)
Updates to the Vintage Points Calculator are now live - Vintage Points Calculator.
1st August 2023
You can now request a new password - an email is sent out to you with instructions for changing your password
29th July 2023
Created ability to create an account to store points progress
Fixed rounding issues on calculation - occasionally threw an error where there was no rounding required i.e. integers passed rather than floating point
Created admin page to allow for manual adjustment o...[more]
Thursday 27th July 2023 (updated: Wednesday 23rd August 2023)
I have always wanted to expand my Vintage Points Calculator to allow for people to sign in and record their points progress.
To that end I've started to put the framework in place to allow for registration. The features will be fairly simple:
Record daily points against allowance
Use points bank for 'over-spilled' daily points
Administer daily points and bank amounts
Password recovery
The registration code is around 90% complete. Update: no complete and tested The authentication code is 100% ...[more]
Monday 24th July 2023
I asked ChatGPT the above question to help me with some research.
Both bcrypt and Argon2 are secure password-hashing algorithms supported by PHP's password_hash function. They are designed to hash passwords securely and protect against brute-force and rainbow table attacks. Here are the key differences between bcrypt and Argon2:
Algorithm and Security Strength:
Bcrypt: Bcrypt is an adaptive password-hashing algorithm based on the Blowfish cipher. It is a widely used and battle-tested algorith...[more]
Sunday 23rd July 2023 (updated: Monday 1st January 2024)
As an extension to my 'referer' project I also capture the IP address of the client as they arrive at my site using
$_SERVER["REMOTE_ADDR"]
I thought it would be an interesting exercise to see if I could do a reverse lookup on the IP address to identify any A (address) records held in each case.
I found a useful and free service at ipwho.is.
Using PHP's cURL is was able to provide any IP address and return some cool data.
$id = $_POST["id"];
$ip = $_POST["ipaddress"];
$ch = curl_init('h...[more]
Sunday 23rd July 2023 (updated: Monday 1st January 2024)
I recently created a small project to capture the URL of sites that have referred to my own website.
Interestingly it seems that search engines have suppressed the query string part of the URL.
e.g. for the URL
https://www.google.com/search?client=firefox-b-d&q=wilfs+corner
I would expect to be able to capture this in its entirety using PHP's
$_SERVER["http_referer"]
What is actually sent from the search engines is just the root domain. e.g. https://www.google.com/
Frustrating but then ...[more]