Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - m0l0ko

Pages: [1] 2 3 ... 8
1
Web Oriented Coding / A few questions about composer
« on: August 07, 2014, 04:10:33 am »
I like to set people up websites if they need one but don't know how. I mainly set them up wordpress sites since they don't require any programming skills to manage. To save myself time, I've been learning how to use composer.

Question 1: can you chain two composer.json files together so that after one composer.json file is processed, the next one gets run.

Question 2: can you define variables in composer.json files?

Question 3:

There are a few things I don't understand. Heres a composer.js file I put together:
Code: [Select]
{
    "name": "acme/brilliant-wordpress-site",
    "description": "My brilliant WordPress site",
    "repositories":[
        {
            "type":"composer",
            "url":"http://wpackagist.org"
        }
    ],
    "require": {
        "johnpbloch/wordpress": ">=3.8.0",
        "wpackagist-plugin/captcha":">=3.9",
        "wpackagist-plugin/tinymce-advanced":">=4.0.0",
        "wpackagist-plugin/wordpress-importer":"*",
        "wpackagist-theme/hueman":"*",
        "wpackagist-theme/eclipse":"*",
        "wpackagist-theme/raindrops":"*"
    },
    "extra": {
"installer-paths": {
"mysite": ["johnpbloch/wordpress"],
"mysite/wp-content/plugins/{$name}": ["type:wordpress-plugin"],
"mysite/wp-content/themes/{$name}": ["type:wordpress-theme"]
        }
    },
    "autoload": {
        "psr-0": {
            "Acme": "src/"
        }
    }
}What are the name and description keys for? In the name key, what is the acme/ part for? Are these keys only for composer.json files that developers add to their packages? Secondly what exactly does the autoload thing do? I want to be  able to put a composer.json file inside a directory, then have it install the application of framework inside that directory but the best I could do was use the installer-paths key to create a folder named by me, then load the wordpress files, as well as the plugins and themes into the places inside my new directory.

I found this online:
Code: [Select]
{
    "require": {
        "wordpress/core": "3.5.2",
        "wordpress/twentytwelve": "1.1",
        "wordpress/akismet": "2.5.7",
        "wordpress/google-sitemap-generator": "3.2.9",
        "wordpress/google-analytics-for-wordpress": "4.3.3",
        "wordpress/wordpress-importer": "0.6.1"
    },
    "repositories": [
        {
            "type": "composer",
            "url": "https://raw.github.com/wordpressoncomposer/composer-repository/master/"
        },
        {
            "type": "vcs",
            "url": "https://github.com/wordpressoncomposer/installer"
        }
    ],
    "scripts": {
        "post-install-cmd": "Wordpress\\Composer\\InstallerTasks::wpConfig"
    },
    "extra": {
        "wordpress_coredir": "wordpress/core",
        "wordpress_wp_contentdir": "wordpress/wp-content",
        "wordpress_wp_config": {
            "site_url": "http://localhost",
            "db_host": "localhost",
            "db_user": "root",
            "db_pass": "",
            "db_name": "wordpress"
        }
    },
    "minimum-stability": "dev"
}
thats much better since it uses a post installation script that sets up the config.php file for you, but what is this https://raw.github.com/wordpressoncomposer/composer-repository/master/ all about? Its obviously not the official wordpress package hosted on GitHub so what is it, is it a modified package tweaked so it works better with composer? How do you know if you can trust a vendor on a repository like GitHub? Where does this Wordpress\\Composer\\InstallerTasks::wpConfig script come from, is it stored on GitHub as part of the wordpressoncomposer/installer package? On github, there is a composer/installers package, I haven't figure out how to use it but I was wondering if it provides these post installation configuration packages too.

2
Projects and Discussion / Re: How to make a PHP/MySQL CRUD system
« on: July 06, 2014, 03:09:41 pm »
Quote from: Schalla on July 04, 2014, 12:12:42 pm
Could you provide some sample data and what must be stored how to set which relations?

Plants, compounds, products, preparations and ailments is the data, they are all interrelated (i.e. a plant contains a compound which cures an ailment and happens to be one of the active ingredients of a product), they are all related to a big nested hierarchical category database, and some of the items (the receptors in the brain that the compounds target) are nested hierarchies themselves so its not so easy to do with CakePHP. I managed to get most of it working, but CakePHP is too bulky and slow for this kind of project.


Quote from: Factionwars on July 04, 2014, 02:56:05 pm
I actually use crud systems all the time nowadays.  That next to a good ORM system.

You can look at Eloquent http://laravel.com/docs/eloquent for inspiration or to use eloquent as a the ORM. And a crud system is basically some base crud class which works on specific routes thus /post/create and PUT/POST/DELETE/GET to /post/1. Laravel has this built in for you to extend: http://laravel.com/docs/controllers#resource-controllers (also good for inspiration).
Cheers, I'll learn laravel. Cake is the first PHP framework I learned and while it has its benefits (the Hash class makes working with arrays a whole lot easier), I'd prefer to use a more light weight framework. However I need to get the job done as soon as I can but I've hit a dead end with cake, I'm getting this error:
Code: [Select]
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 168772 bytes) in /var/www/html/site/lib/Cake/Log/Engine/FileLog.php on line 134so I've obviously been doing something wrong. I started packing everything into a plugin so that I can easily migrate from server to server or site to site and I think I must have done something thats causing some kind of redundant process thats eating up all the memory.

3
Web Oriented Coding / Re: Javascript browser keylogger
« on: July 05, 2014, 09:00:50 pm »
Quote from: InfosecFurry on June 17, 2014, 09:15:27 pm
Storing data in a variable is all fine and well, but it's not logging anything. Logging -> writing to persistent storage (on disk, shm, sqlite db in RAM, sending it over a network, etc)

Also, this will only log what is being typed within the context of a browser window and has no bearing on what users type in other applications.


Context of a browser window if run in an iframe, context of the browser if installed as a user script. As for storing data, I can think of a way to do that but I don't wanna be arming script kiddies with knowledge that will help them invade peoples privacy (not saying the OP is, but skiddies may come across the thread) so I'll just say this: AJAX same-domain-policy only prohibits receiving data. Doesn't block the request itself.

4
Projects and Discussion / How to make a PHP/MySQL CRUD system
« on: July 04, 2014, 10:59:28 am »
I've been building them for a while now, and fell into many a pitfall, so learned from my mistakes. Firstly, I saw the need to store information about every page, along with information about all the form fields and how they should be dealt with. In a system like CakePHP, a lot of that is taken care of for you, but from experience, its still best to make your own page data system.

The first major pitfall I fell into was storing everything in arrays. Its alright for simple web page systems but it can get complicated fast, and you can end up with a monstrous multidimensional array which is a bastard to debug. XML files are probably a better approach, but since I'm most comfortable with dbs, I'm going that route. First I make a crud database, this will have tables with info on all the pages, subpages. For non static pages (i.e. ones where you display DB data and let users edit it), there'll be tables that controls all that (i.e. how many form fields need to be displayed, how they should be display and validated [for frameworks obviously, I'll just extract that from the models]. This kind of system is actually more useful for frameworks, because you can add rules for how differently routed pages should be processed and avoid all the ass pains I've had from working with CakePHP in an unconvetional way (I hack and tweat the crap out of everything and do a lot of unusual routiing). Another benefit is it will give you much easier control over complicated database relations. Rather than being limited by the models built in rules, you can make a table of relations which will provide the code necessary for the  connection to be made and processed properly. I'm kind of rambling on here, I have the idea in my head, I'll post more about it when I set up the system.

If anyone wants to help me out with this i'd greatly appreciate it. Any constructive criticism and suggestions are more than welcome.

5
Web Oriented Coding / What other languages can I integrate with my web apps?
« on: June 12, 2014, 11:31:13 am »
I started getting into making bash scripts lately, have been making useful tools with them, but since I'm already a PHP programmer and web developer, I like integrating bash scripting with that. I know thats not viable on commercial servers though. Java looks good but this whole JDK toolkit is big and bulky, I don't like installing all that software on my system. Linux comes with python and perl pre-installed so I'd prefer to go that route. Can I integrate them into my web apps though? For example, can I get PHP scripts to run perl and python scripts? I'm well used to MySQL but I recently learned how to use SQLite and I like the way you can integrate it right into standalone  applications.  Python syntax is a bit alien to me, although if I can adjust to bash scripting then it shouldnt be much of an issue learning python syntax. I know javascript and XML, but I'm looking for something to add an extra dimension to my skills. I know java would do that, but what about perl or python? Or any other languages you can recommend.

6
Anonymity and Privacy / Re: Preventing sites from tracking you with cookies
« on: June 07, 2014, 09:56:09 pm »
Yeah a cron shell script that wipes all these files would do it nicely, that bleachbit program seems to wipe out everything, if it has a good CLE then I can make various bleachbit cron jobs. Restricting access to the LSO folder is more of a hardening measure. Why let sites write LSOs in the first place since they're not necessary. I have BetterPrivacy, and the LSO window is always empty because nothing can read the folder where LSOs are stored. Same thing could be done for things like cookies.sqlite for firefox. A shell script that contains an array of files/directories, and an array of file permissions to chmod them. I'm gonna try that and see if firefox can still run without it, or whether it changes the file permissions (can it do that?).

7
Anonymity and Privacy / Re: Preventing sites from tracking you with cookies
« on: May 26, 2014, 06:14:18 pm »
Good point. The second /* is useless. I only recently started learning how LSOs work, I'd read that they can be freely accessed by any site, so I've been using BetterPrivacy. If you chmod 000 the SharedObjects folder, you'd prevent sites from being able to write LSOs completely, but would that interfere with other flash apps on their site?

8
Anonymity and Privacy / Re: Preventing sites from tracking you with cookies
« on: May 24, 2014, 07:32:40 pm »
Anyone whos on linux, heres an easy way to delete LSOs:
Code: [Select]
sudo rm -rf $HOME/.macromedia/Flash_Player/#SharedObjects/*/*

9
Hacking and Security / Re: How does firefox store history?
« on: May 24, 2014, 07:16:18 pm »
Cheers for all the info, this will really come in handy. I started writing a bash script to wipe out history, and harden the OS recently. I only started it and dont have time to get too much into it so I was hoping some people here could pitch in. I'll start a thread for it, but heres what I've got so far:

Code: [Select]
#!/bin/bash
#!/bin/bash

mode="safe"
export $mode

# DISABLING DANGEROUS APPS

# Stop Ubuntu from gathering geographical information via GeoIP
gsettings set com.ubuntu.geoip geoip-url ""

function deleteData {

    declare -a dataPaths=("${!2}")

for dataPath in ${dataPaths[*]}
do

if [ ! -e ${dataPath} ]; then
echo "${dataPath} not found!"
continue
fi

case $1 in
"safe")
echo -e "$dataPath"
;;
"delete")
if [ ! -f ${dataPath} ]; then
echo -e "Deleting ${dataPath} file"
rm -fv ${delPath}
elif [ ! -d ${dataPath} ]; then
echo -e "Deleting ${dataPath} directory"
rm -frv ${delPath}
fi

;;
*)
echo -e "$delPath"
;;
esac

done


}

# REMOVE BAD STARTUP APPS

function removeStartupApps {

startupDir="/etc/xdg/autostart/"

declare -a startupFiles=("zeitgeist-datahub" "vino-server" "tracker-store")
startupFiles=("${startupFiles[@]/%/.desktop}")
delData=("${startupFiles[@]/#/${startupDir}}")
deleteData "$mode" delData[@]
}


# DELETE APPLICATION DATA

function deleteAppData {

fileList=()
appDir=""

case $1 in
"firefox")
appDir="$HOME/.mozilla/firefox/$(ls ~/.mozilla/firefox/ | grep 'default')/"
fileList=("formhistory.sqlite" "downloads.sqlite" "search.sqlite" "places.sqlite" "cookies.sqlite")
;;
"chromium-browser")
appDir=""
appsList=("")
;;
*)
echo "Incorrect app selected"
;;
esac

delPaths=( "${fileList[@]/#/${appDir}}" )
deleteData "$mode" delPaths[@]

}


appsList[0]="firefox"
appsList[1]="chromium-browser"

for app in ${appsList[*]}
do
deleteAppData $app
done


# DELETE CACHE FOLDERS
cacheDir="$HOME/.cache/"
deleteDir=()

deleteDir[0]="thumbnails"
deleteDir[1]="mozilla"
deleteDir[2]="chromium"
deleteDir[3]="vlc"

delPaths=( "${deleteDir[@]/#/${cacheDir}}" )

deleteData "$mode" delPaths[@]

removeStartupApps



# DELETE LSO COOKIES

echo "Deleting cookies:"
ls $HOME/.macromedia/Flash_Player/#SharedObjects/*/*
sudo rm -rf $HOME/.macromedia/Flash_Player/#SharedObjects/*/*


On safe mode it'll just print the files it would usually delete. With the exception of LSOs, it'll delete them either way.

10
Hacking and Security / How does firefox store history?
« on: May 14, 2014, 09:29:11 am »
When I start typing something into the URL bar, the first thing that comes up is "Lovely Lesbians fucking so intense". I wouldn't want my mother seeing that if she uses my laptop lol. I deleted the history the conventional way (CTRL + SHIFT + DEL then delete all history and cookies etc.). Then I went into the mozilla folder and deleted all the sqlite database files that store history. I'm on linux BTW. Do I need to delete the cache folder or something?

11
Web Oriented Coding / Re: Online sandboxes
« on: April 27, 2014, 02:54:10 pm »
Nice. Do any of those let you call PHP functions with AJAX requests? That would be brilliant, there could be one field (textarea for inputting code) for the javascript, one for the HTML and a field for the PHP script that is to be called by the AJAX request. For the output, there could be the regular HTML output, and an additional diagnosis output field which shows you whats going on behind the scenes by displaying the the get/post and response headers and stuff like that. I see this jsfiddle site does let you test ajax requests, I haven't figured out how to use it yet though, it uses something called the echo API, I'm reading up on that.

12
Web Oriented Coding / Online sandboxes
« on: April 27, 2014, 02:01:22 pm »
Can you recommend some good online sandboxes for testing out scripts. I only recently started looking into this, heres a good one for javascript and CSS:
http://jsfiddle.net
it lets you select different frameworks (or pure js), and it lets you select whether the javascript is run onLoad, in the head, in the body etc. Thats pretty useful. I looked up PHP tester there, but haven't found any good ones yet. Theres plenty like this:
http://sandbox.onlinephpfunctions.com/
which don't have many extra features, to do plain PHP tests online I could just use w3schools.com. A PHP sandbox which lets you select different frameworks like CakePHP, and lets you test out ajax with different javascript frameworks, now that'd be useful. A big sandbox which combines HTML, CSS, javascript, PHP (and/or other server side languages) and XML would be excellent. For example, one that shows you exactly whats going on with ajax, or displays the output of XML generated by PHP.

Can you share the best online sandbox sites that you know of. Since I only started looking, the best one I know of is jsfiddle which is pretty sweet, but it doesn't let you test server side scripts.

13
Web Oriented Coding / Re: Where to find a complete set of user agent strings
« on: March 18, 2014, 12:40:38 pm »
I_Learning_I: Thanks for filling me in on all that. I tested out various uncommon browsers and noticed the same thing myself, I just didn't know exactly what the cause of it is. So its a matter of the browser itself selectively supplying info about the system its running on. I was going on the assumption that every OS and browser version combo will give its own unique user agent string that can be used to identify it, kinda like a fingerprint, even if the user-agent string doesn't explicitly say what the OS is.  Thats the idea behind gathering up a huge list of user-agent strings, kinda like a fingerprint database.

That site has a big list, but they don't seem to be using it very well. Heres what you get from some other less common browsers:

Konqueror:
Mozilla/5.0 (X11; Linux i686) KHTML/4.11.5 (like Gecko) Konqueror/4.11

Qupzilla:
Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.21 (KHTML, like Gecko) QupZilla/1.4.1 Safari/537.21

Epiphany:
Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.6+ (KHTML, like Gecko) Chromium/23.0.1271.95 Chrome/23.0.1271.95 Safari/537.6+ Ubuntu/13.10 (3.6.1-2ubuntu3) Epiphany/3.6.1

Ironically, epiphany gives enough info to identify the linux distro, but the website couldn't identify the browser, they put it down as Chromium 23.0.1271.95.

siracha: Thanks for the list, but myip.ms has thousands of strings in their list, and even they can't seem to ID things correctly. Basically I wanna be able to see what OS and browser versions visitiors are using. I'm sure with a list like myip.ms has, I could come up with an algorithm to do that, but that anti spider mechanism they have in place is a pain in the ass so I didn't bother with it.

14
Web Oriented Coding / Re: Where to find a complete set of user agent strings
« on: October 21, 2013, 04:56:58 pm »
Yeah, I was thinking about proxies, I just need to figure out how to make my script go through proxies.

I've been looking at the user agent strings my script logs for various browsers, and weirdly enough, heres what it logs when I use midori:
Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-ie) AppleWebKit/535+ (KHTML, like Gecko) Version/5.0 Safari/535.20+ Midori/0.4

I'm actually on Ubuntu. What the hells going on there?

Staff note: this nigga double posted!

15
Web Oriented Coding / Where to find a complete set of user agent strings
« on: October 21, 2013, 01:45:23 pm »
I made my own script to log visitor info (I know I could just use google stats, but I like to make my own stuff as a learning exercise), and what I need now is to log the users operating system and browser. I have a crappy little script which only tells me things like Windows NT, Firefox etc. what I need is something that will tell me the exact OS (i.e. if the OS is iPhone 3, Windows 7 SP1 etc.) and the browser and version of browser.

I found a gigantic list of user agents with their corresponding OS and browser info here:
http://myip.ms/browse/comp_browseragents/Computer_Browser_Agents.html
thats the kinda thing I'm looking for. I wrote a scraper to scrape every page of user agents on that site, but they seem to have an anti spider mechanism in action, because the spider only works for about 20 pages or so before being IP banned. Its too much of a pain in the ass.

Anyone here have or know where I can find a good list of user agent data? Or alternatively, a good algorithm for getting OS and browser info from user agents?

Pages: [1] 2 3 ... 8