Hackers have started to exploit a vulnerability whole in Apples software Quicktime. This whole is still not fixed since Apple has not yet released a patch.
So far are only Windows-users targetted, but Mac-users are not safe either. The vulnerability whole was discovered 23 November and was achieved because Quicktime doesnt validate incoming data securely. This time it’s connected with the rtsp protocol which is used for streaming video.
The hackers can with this method make a takeover of the targetted computer. Failed attacks will cause DOS (denial of service) conditions.
The hack itself is a buffer-overflow that targets the Header Content-length.
For more information of how to secure it, take a look at symantec.
The code for the hack itself can be found at milw0rm.
There are some major differences between PHP and C++. PHP is significantly less strict than C++ and it supports dynamic typich which allows you to assign values of different types to the same variable. There are also no pointers in PHP, instead you use a mechanism of references.
When you take a look on the object-oriented fact, PHP is kind of inferior to C++, but in the newer editions, PHP 5.X, PHP has started to think of it more and more.
If you compare the operators, there is a small difference there as well. In PHP you a string might return NULL if a substring is not found or 0 if the string starts with the substring. In C++ it’s not possible to distinguish 0 and Null.
One other difference is that PHP is far inferior to C++ in the aspect of performance. You shouldn’t make any complicated and sophisticated softwares with PHP since C++ is superior in the performance part. On the other hand, PHP is the standard in dynamic web page processing, which leads PHP to be almost more used then C++, therefore there are more resources available for PHP.
Both Visual Studio 2008 and Dotnet 3.5 will be available in the markets in a couple of weeks. Evaluations are already available at MSDN.
Among the news in Visual Studio 2008 is increased support for Windows Vista applications, which have been fairly problematic in Visual Studio 2005. Over 250 more news are also available and those includes usage of different version of Dotnet and support for webdevelopment including Ajax functionality.
A highlight in Visual Studio 2008 is the linq (Language Integrated Query). The point with this tool is to reduce the gap between objects and data and the programmers should focus on what to do with the data instead of reaching for it.
Microsoft’s goal with Visual Studio 2008 was to give both amateur programmers and professional programmers a platform for development.
Here’s a good portal for compuer science resourses; the Computer Science directory.
The site is a strong site which has been featured at lifehacker and has a couple of tutorials that are great for both beginners and advanced programmers and scripters.
Check it out!
Ruby is a programming language that has been placed in the shade of languages like php and java.
So why are people afraid of ruby?
Obviously there is no answer to that question, but one could be the “strange” syntax. Or in fact, it has a nonstrange syntax and all other programming languages has a strange syntax.
The coolest part abour ruby that it is 100% object oriented (OO). Check these differences between a php source and a ruby source. Both lines of code will output the same line but in lowcase intead.
1 | "THIS IS A NORMAL STRING IN UPPER LETTERS".lowcase |
That’s because all string, integers and bools are objects.
Then, if you’re using PHP, you would have to place the string into a function like this:
1 | strtolower("YOU SHOULDN'T ALWAYS USE CAPITALS"); |
In fact you save some time using ruby in this case..
There are cool things about Ruby but since the syntax is so easily human-read, I believe programmers have difficulties of writing it. They want the strange syntax that no one will understand.
Ever thought of having external content in a DIV without using iframes?
Iframes are ugly and will not validate properly in strict XHTML so therefore a solution for this is needed.
The solution we will use is a very simple PHP function that will grab the content from the page and then display it properly.
So how do we replace that iframe with something else? How can we create an iframe without an iframe?
This solution is widely used as proxy-scripts around the web and it is by far the most simple.
If you’re only aiming to replace an iframe you can do it easily with the file_get_content PHP function.
1 2 3 4 5 6 7 | <?php function displaycontent($url) { $content = file_get_content($url); echo $content; } ?> |
And if you are aiming for a simple proxy-script, you can just add a str_replace command and replace all hrefs with some additional characters:
1 2 3 4 5 | function displaycontentproxy($url) { $content = file_get_content($url); $content = str_replace('href="', 'href='proxy.php?url=', $content); } |
A very simple solution to the iframe problem. Solved?
There are plenty of sorting methods available, but as we all know, the king of them all is Quick Sort.
It’s kind of hard to understand the differences in time it takes to sort a number of elements, but I’ve seen this nice page that has visually shown the amount of time needed to sort with some sorting methods.
All “famous” methods are shown, like the most original “Bubble sort” which all programmers have used atleast once (atleast most of them).
Here is the function they use for bubble sort with Java:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | // Copyright (c) 1994 Sun Microsystems, Inc. All Rights Reserved. class BubbleSort2Algorithm extends SortAlgorithm { void sort(int a[]) throws Exception { for (int i = a.length; --i>=0; ) { boolean flipped = false; for (int j = 0; j<i; j++) { if (stopRequested) { return; } if (a[j] > a[j+1]) { int T = a[j]; a[j] = a[j+1]; a[j+1] = T; flipped = true; } pause(i,j); } if (!flipped) { return; } } } } |
To give the function a challange, here is their fastest function of Quick Sort, called Fast Quick Sort.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 | // Copyright (c) 1994 Sun Microsystems, Inc. All Rights Reserved. public class FastQSortAlgorithm extends SortAlgorithm { /** This is a generic version of C.A.R Hoare's Quick Sort * algorithm. This will handle arrays that are already * sorted, and arrays with duplicate keys.<BR> * * If you think of a one dimensional array as going from * the lowest index on the left to the highest index on the right * then the parameters to this function are lowest index or * left and highest index or right. The first time you call * this function it will be with the parameters 0, a.length - 1. * * @param a an integer array * @param lo0 left boundary of array partition * @param hi0 right boundary of array partition */ private void QuickSort(int a[], int l, int r) throws Exception { int M = 4; int i; int j; int v; if ((r-l)>M) { i = (r+l)/2; if (a[l]>a[i]) swap(a,l,i); // Tri-Median Methode! if (a[l]>a[r]) swap(a,l,r); if (a[i]>a[r]) swap(a,i,r); j = r-1; swap(a,i,j); i = l; v = a[j]; for(;;) { while(a[++i]<v); while(a[--j]>v); if (j<i) break; swap (a,i,j); pause(i,j); if (stopRequested) { return; } } swap(a,i,r-1); pause(i); QuickSort(a,l,j); QuickSort(a,i+1,r); } } private void swap(int a[], int i, int j) { int T; T = a[i]; a[i] = a[j]; a[j] = T; } private void InsertionSort(int a[], int lo0, int hi0) throws Exception { int i; int j; int v; for (i=lo0+1;i<=hi0;i++) { v = a[i]; j=i; while ((j>lo0) && (a[j-1]>v)) { a[j] = a[j-1]; pause(i,j); j--; } a[j] = v; } } public void sort(int a[]) throws Exception { QuickSort(a, 0, a.length - 1); InsertionSort(a,0,a.length-1); pause(-1,-1); } } |
To the point:
Check this site: http://www.cs.ubc.ca/~harrison/Java/index.html
Another great resource which has the same style is http://cg.scs.carleton.ca/~morin/misc/sortalg/
On that site, you can press the images and you will see the time needed to sort with each of these functions. All functions also have a source-code for those who want to try it.
Another funny resource for sorting is this famous movie (sorting out sorting) which many computer scientists have seen:
(It’s horrible quality)
Before you comment, this is a quite lame script, however, it is quite useful as both information and other matters as well. Most people hate spamming but even though you hate it, the source code can be used as something else.
This script will spam a target site with some non existing traffic. You won’t be able to fool web analytics with this script since they will see that you’re from a single IP so there’s no reason to try.
The full source can be viewed at the bottom of this post so you don’t have to copy and extract every piece because of the comments.
Well, let’s get to the point:
In the beginning of the script, we activate error_reporting so we will get some errors written if something goes wrong:
1 2 | <?php ini_set('error_reporting', E_ALL); |
After that piece, the configuration follows. Referer, spam-location and the number of hits will be written here:
3 4 5 | $referer = "http://thereferersite.com"; // Where the traffic should be sent from $spamsite = "http://www.thespamsite.com"; // The spam site location $times = 1; // Number of times you want to traffic spam a site |
To continue this, we get the header part. Here we will have the User-agent, which referer we have and which site we have targeted:
6 7 8 | $header = "GET / HTTP/1.1\r\nHost: $spamurl\r\n"; // Start of the header $header .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6\r\n"; // Which useragent. XP, English, Firefox 2.0 $header .= "Referer: $referer\r\nConnection: Close\r\n\r\n"; // Which referer to use and close the connection |
When connecting with a socket you need to know which port you should pass through. PHP has a function to do this, called getservbyname. This will most likely use port 80. A full list of which service for which port is found here. We also convert the spam location site to an IP address.
9 10 | $port = getservbyname('www', 'tcp'); // Get the port to use when connecting to the www using tcp. $ip = gethostbyname($spamsite); //Gives you the IP instead of DNS |
So now we have finally got to the action part. We start with a for-loop that makes this sequence the number of times we wrote in the configuration part. After that, we create a socket with AF_INET, SOCK_STREAM and SOL_TCP.
AF_INET shows that we are using a IPv4 Internet based protocol.
SOCK_STREAM gives us a reliable, sequenced full-duplex stream which the TCP protocol are based on.
SOL_TCP basically means that we use the TCP protocol.
Then we initiates a connection using socket_connect with our socket we created and the ip address of the target site along with their www port, usually port 80.
A couple of error reports later we find the code “socket_write(..” which is a function that writes the socket with the header we have written before and the length of the buffer. This is followed up by socket_close() which just closes the connection, and then by the randomization part that just makes the script sleep for some milliseconds.
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | for ($i = 1; $i <= $times; $i++) { echo "Number: $i\n"; // Create the socket! $socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); if ($socket < 0) echo "socket_create() failed:\n".socket_strerror($socket)."\n"; // If something fails, what? // Connect to site using the socket you created $result = socket_connect($socket, $ip, $port); if ($result < 0) echo "socket_connect() failed ($result):\n".socket_strerror($result)."\n"; // If something fails, what? socket_write($socket, $header, strlen($header)); socket_close($socket); // Closes the socket $sleep = rand (10, 70); // For randomization echo "Sleeping: $sleep\n\n"; sleep ($sleep); } ?> |
It wasn’t harder then this!
Now you can use this code to create some more funny scripts that are not lame by default (spamming is).
Remember to turn on the sockets extension in your php.ini file if you didn’t have that before. Uncomment the extension=php_sockets.dll line.
The whole source-code is here:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | <?php ini_set('error_reporting', E_ALL); // Give you all PHP errors reported // ////Some of the configurations // $referer = "http://thereferersite.com"; // Where the traffic should be sent from $spamsite = "http://www.thespamsite.com"; // The spam site location $times = 1; // Number of times you want to traffic spam a site // //// Now we'll write the header that should be sent // $header = "GET / HTTP/1.1\r\nHost: $siteurl\r\n"; // Start of the header $header .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6\r\n"; // Which useragent. XP, English, Firefox 2.0 $header .= "Referer: $referer\r\nConnection: Close\r\n\r\n"; // Which referer to use and close the connection // //// A couple of more facts before the action statrs // $port = getservbyname('www', 'tcp'); // Get the port to use when connecting to the www using tcp. $ip = gethostbyname($spamsite); //Gives you the IP instead of DNS // ////Let's spam the site with the $times number of times! // for ($i = 0; $i < $times; $i++) { echo "Number: $i\n"; // Create the socket! $socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);// AF_INET means IPv4 Internet based protocols. // SOCK_STREAM = sequenced, reliable, full-duplex stream. The TCP protocol is based on this. // SOL_TCP means that TCP will be used. if ($socket < 0) echo "socket_create() failed:\n".socket_strerror($socket)."\n"; // If something fails, what? // Connect to site using the socket you created $result = socket_connect($socket, $ip, $port); if ($result < 0) echo "socket_connect() failed ($result):\n".socket_strerror($result)."\n"; // If something fails, what? socket_write($socket, $header, strlen($header)); // Writes the socket, using the header we wrote earlier and the length of the buffer socket_close($socket); // Closes the socket $sleep = rand (10, 70); // For randomization echo "Sleeping: $sleep\n\n"; sleep ($sleep); } ?> |
The TIOBE company has an own list of programming language popularity where you can check programming language popularity.
This list is not even near 100% accurate but gives you a very good hint of which language to use and more likely which language to NOT use when developing an advanced software. The index itself is built upon a not so sophisticated method, which is basically to search the major search engines with this term:
+”<language> programming”
and count the number of hits received.
That’s why the list is not that accurate but it still gives you a rough estimate of which languages that are growing and which are not.
The top 20 popular programming languages in September 2007 is (the % is of total market share):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | Java 21.701% C 14.908% Visual Basic 10.748% PHP 10.204% C++ 9.938% Perl 5.416% C# 3.583% Python 3.025% Javascript 2.722% Ruby 2.065% PL/SQL 1.860% SAS 1.395% D 1.370% Delphi 1.224% ABAP 0.706% Lisp/Scheme 0.633% COBOL 0.630% Lua 0.572% Ada 0.566% Fortran 0.478% |
To notice from the source both c++ and c is falling in line, although it’s not much. You can also note that PHP is actually more popular then C++. This could be because of PHP’s simplicity compared to C++ which generate more “newbie-questions” about PHP rather then C++.
The top climber, Lua, is not a very known programming language. Lua is most known for homebrewed software for Playstation Portable and Nintendo DS. On a later matter, the language has been used to create scripts in World of Warcraft, which most likely is the reason for the huge climbing (thanks Sickwookie comment #1). The language itself is claimed to be a mix of Python, Icon, Scheme and Lips.
The list from 21-50 can is here (the % is of total market share):
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | Transact-SQL 0.452% Pascal 0.429% ActionScript 0.407% FoxPro/xBase 0.387% Awk 0.383% MATLAB 0.364% IDL 0.326% Prolog 0.313% ColdFusion 0.297% Logo 0.249% Bash 0.221% RPG 0.198% Tcl/Tk 0.187% LabView 0.178% Haskell 0.147% Smalltalk 0.145% CL (OS/400) 0.133% Forth 0.119% Natural 0.116% Erlang 0.109% VBScript 0.102% APL 0.101% REXX 0.088% Objective-C 0.084% OCaml 0.082% Icon 0.079% Postscript 0.076% Lingo 0.075% ML 0.074% R 0.072% |
There are plenty of people out there searching for a script to get the alexa ranking for a site. Last time I looked I didn’t even find a free function to get the data, just some expensive solutions.
So anyway, here’s a PHP coded function we have made that collects the alexa-data with the SimpleXML function. It’s very easily coded so everyone should understand what it does. However, since it uses the SimpleXML function, it can only be used if you run PHP5. That’s a requirement.
Please give us some credit if you use the function. A comment or anything will work!
1 2 3 4 5 6 7 8 9 10 | <?php function getalexa($url){ // cdsrc.com $request_url = "http://data.alexa.com/data?cli=10&dat=snbamz&url=".$url; $xml = simplexml_load_file($request_url) or die("feed not loading"); return $xml->SD->POPULARITY['TEXT']; } ?> |
And here’s a little description of how to use it:
11 12 13 14 | <?php echo getalexa("http://cdsrc.com"); // This would print the alexaranking of cdsrc.com ?> |
Simple huh?