The Blog of a Programmer
Programming
Code Fix for Missing PATH_INFO
02 years ago
Many applications seem to be using the $_SERVER['PATH_INFO'] and related variables in their router section of code to figure out what information or page is being requested without having to write rewrite_rules for each possible request. It’s smart really! What about the web hosts that aren’t setting this information due to whatever reason?
While there are ways to getting this fixed on the server side, where I do agree it should be fixed, an application should be able to handle running in as many possible environments as possible. With that in mind I’ve found a way to ‘fake’ the information in PATH_INFO when it isn’t being set through the use of the argv array.
$path = (substr($_SERVER[argv][0], 0, 1) == "/") ? $_SERVER['argv'][0] : false;
This has been useful in my current patch for Concrete5 and should be useful for any app that depends on PATH_INFO.
Enjoy.
Pretty URL’s with Concrete5 on DreamHost
6Update:
For those who are curious this patch was submitted to the developers and the still open bug report and fix can be found here:
http://www.concrete5.org/developers/bugs/5-4-1-1/pretty-urland039s-with-fastcgi-and-404and039s/
I’ll be getting this to the developers soon but for anyone using Concrete5 on DreamHost and having trouble with enabling pretty url’s apply the following patch and make sure you check the .htaccess – it should have a ? before the /$1
The patch also includes an update to the controller which tells you what to put in your .htaccess.
http://files.gimmesoda.com/dreamhost/software_patches/concrete5/request_patch/dh_request.patch
Which means you can do the following from the directory that holds the concrete5 files:
wget http://files.gimmesoda.com/dreamhost/software_patches/concrete5/request_patch/dh_request.patch;
patch -p0 < dh_request.patch;
Enjoy!
FLV Streaming Through Nginx Using JW FLV Player
02 years ago
I’m quite happy to report that the Nginx flv streaming module is part of the default Nginx setup on a DreamHost VPS. I finally took some time (much less then I thought it would be) to modify one of my old pseudo-streaming php scripts with a drop in replacement (3 lines of code) that basically just handles a redirect and uses the flv streaming module instead. You can grab a copy over here:
http://files.gimmesoda.com/dreamhost/nginx/nginx_stream.php
I use this particular script in conjunction with the rather popular JW Player:
http://www.longtailvideo.com/players/jw-flv-player/
However, at this point it looks like the newest versions of their player no longer recommends the use of streaming through a script and provides this functionality directly. This script is more for people like myself who don’t feel like upgrading to their branded versions of the player. The plugin functionality sure does tempt me but at a price of $89 for a video player to be used on a single site, I think I’ll stick to my current version, at least for now.
How-to Display a Debian Server’s RSA Fingerprint
02 years ago
Need to verify a rsa host fingerprint for a debian server? Have someone connect and run the following command:
ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
Generating Thumbnails from FLV using FFMPEG
94 years ago
I had to make some modifications to a zenGallery system which was going to hold a lot of flash video files and I was too lazy to create a thumbnail for each image so for awhile it had the default thumbnail.
After a few, “what’s with the thumbnails?” I decided to write a script that executed ffmpeg to create a thumbnail for each video (from the frame 10 seconds into the video) and write out a jpg image.
The filename currently just replaces .flv with .jpg and my settings for the call are pretty generic. If anyone has questions about this feel free to ask.
Grab the .phps file from here: Generate Thumbnails from FLV files using FFMPEG
-bash: /bin/rm: Argument list too long (AKA: Too Many Files)
05 years ago
by JuanJose
in Linux Command Line
find /path/to/directory/ -exec rm {} \;
So apparently that command is magical! Alright, so it’s not magical but it was able to delete over 200,000 spam messages from a users Maildir/ when the rm command failed. “-bash: /bin/rm: Argument list too long”, it complained! So asking around I found out about that beauty of a command and how rm can only take a certain amount of arguments before failing.
Nice to know, as my journey of learning more about Debian Linux (and Linux in general) continues.
MD5 with Dynamic Salt Class
05 years ago
Remember my post about MD5 Hashing and Salt? Well I’ve taken some time to develop a PHP class which helps very easily implement dynamic salt when using MD5. This class can be easily expanded or modified to use a different hash function. Take a look at it and let me know if it becomes useful to anyone!
You can download the PasswordWithSalt.class.php file here. Also I setup a VERY simple demo of how this works. I’m still working on developing this but comments and advice will definately be useful here.
The following is the rough text and instructions I’ve written for my “readme.txt” file.
The only thing you need to do in order to properly configure this class is set the location you want to store your salts at. For example in the class set $storageLocation = “/home/user/salts/”; and give permissions for your server to write to that folder (777 will work). I recommend the folder to be one outside your normal webroot.
The following demonstrates how to store salt for your user, then generate the hash using those salts. Don’t forget to store the final hash so you can compare against it later!
<?php
require(“PasswordWithSalt.class.php”);//Init the class
$SaltPlease = new PasswordWithSalt();//Store generated salts for user “admin”
$SaltPlease->storeSalt(“admin”);//Get hash for user admin, password is “password”
$hash = $SaltPlease->createHash(“admin”, “password”);
?>
The following demonstrates how to duplicate the hash for a user who already has salt. $dbhash should be filled with the hash you have stored before.
<?php
require(“PasswordWithSalt.class.php”);//Init the class
$SaltPlease = new PasswordWithSalt();//Get hash for user admin, password is “password”
$hash = $SaltPlease->createHash(“admin”, “password”);//Check to see if the generated hash match.
if($dbhash == $hash) {
echo “Password Hashes Match.”;
} else {
echo “Password Hashes DO NOT Match”;
}
?>
MD5 Hashing and Salt
35 years ago
I just read a great post by Marcel Oelke who runs http://md5.rednoize.com/. He’s got a great way to access his webservice and then check if a user’s password is insecure. Even if you are using MD5 before storing the password, I certianly hope people aren’t storing passwords in cleartext, it may not be secure.
I know many people don’t add some salt before storing the password and MD5.rednoize.com really is the perfect example as to why you should be salting all passwords! Even if you have a single sitewide salt - prepending it to a user’s password before creating the hash is a powerful way to prevent the use of a database like the one which runs MD5.rednoize.com matching against your database. So basically in PHP:
$salt = “ThisSuperLongStringWillProtectMyUsersAgainstInsecurePasswords”;
$userpass = $_POST['pass'];
$md5pass = md5($salt . $userpass);
When your user then attempts to login you’ll duplicate the same process. I personally would keep the $salt in a file outside the normal webroot.
Now the chances of a site having the matching hash to your users password – even if the pass is ”word” is MUCH less likely. I hope this explains what it means to salt your passwords.
You can read Marcel’s post and learn how to call his webservice here:
http://blog.fl3x.de/2005/11/10/checking-password-strength-using-md5rednoizecom-and-ajax/
Image Resizing Using PHP and the GD library
06 years ago
I’m developing a new system core, can’t really say what it’s about but I’m having some fun doing it. Coding it is interesting, I’m getting to pull out and update some of my php code. Below is some code for image resizing, I use config files to set some default information like directories to save to and max width/height requirements. Also the entire system uses language files so I don’t output the text directly either, except for what I’m going to remove which is the uploaded file information.
Resize JPG images using the GD library and PHP.
function get_image_information($key) {
global $thumbnail_dest, $image_dest, $thumb_max_height, $thumb_max_width, $image_max_height, $image_max_width;
$filename = $_FILES[$key]["name"];
$file_type = $_FILES[$key]["type"];
$file_tmpname = $_FILES[$key]["tmp_name"];
$file_error = $_FILES[$key]["error"];
$file_size = $_FILES[$key]["size"];if($file_error == 0 && $file_size > 0) {
if($file_type == “image/pjpeg” $file_type == “image/jpeg” $file_type == “image/jpg”) {
$image_name = md5(time() . rand(1001,10000)) . “.jpg”;
$thumb_dest = $thumbnail_dest . $image_name;
$image_dest = $image_dest . $image_name;
create_image($file_tmpname, $thumb_max_height, $thumb_max_width, $thumb_dest);
create_image($file_tmpname, $image_max_height, $image_max_width, $image_dest);
return “thumbs/” . $image_name;
} else {
$success .= file_upload_success_1 . $filename . file_upload_success_2 . “
“;
$success .= “We can only accept jpg uploads. Upload Failed.”;
return $success;
}
} else {
if($file_error == 1) {
echo $file_upload_fail_1;
} elseif($file_error == 2) {
echo $file_upload_fail_2;
} elseif($file_error == 3) {
echo $file_upload_fail_3;
} elseif($file_error == 4) {
echo $file_upload_fail_4;
} elseif($file_error == 6) {
echo $file_upload_fail_6;
}
return false;
}
}
function create_image($image, $max_width, $max_height, $dest) {
$image = imagecreatefromjpeg($image);
if ($image === false) {
die (‘Unable to open image’);
}$width = imagesx($image);
$height = imagesy($image);if($width < $max_width && $height < $max_height) {
$new_width = $width;
$new_height = $height;
} else {
$scale = min($max_width/$width, $max_height/$height);
$new_width = floor($scale * $width);
$new_height = floor($scale * $height);
}$image_resized = imagecreatetruecolor($new_width, $new_height);
imagecopyresampled($image_resized, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
imagejpeg($image_resized, $dest, 90);
}
The XML Document Object Model
06 years ago
I’m writing a bunch of functions that communicate with Amazon using classic asp, it requires me to learn much more about the XMLDOM, so that I don’t manually parse through every XML file. For anyone else who is interested in the XMLDOM I recommend the article, “XML“, over at Dev Articles who, by the way, tend to produce many many very helpful and articulate articles written in a manner most people can either understand or learn to understand.
JJ
Top Commenters