roopurt18
-
Posts
3,746 -
Joined
-
Last visited
Never
Posts posted by roopurt18
-
-
Just get one bigass HDD, and put everything on it. What harm could it do? Sheesh.
...
-
Thanks for the replies thus far. SA has repeated most of what I believe to be true so I'll probably end up building a cheap PC with a bunch of disks. As far as the external hard drive, we have that. But my wife has photos she can not lose short of California falling into the ocean.
-
My wife has brought up concerns over losing the files on her computer so I proposed a proper backup solution consisting of:
1) Linux-based file server
2) A schedule of full and incremental backups via something like Bacula
3) Offloading the backups to off-site storage
I'd like to implement RAID5 in the file server so my main concern is number and size of drives in addition to ease of replacing a failed drive. Are there any manufacturers that make such storage racks where I can install my own OS? In the future I might turn it into a single sign-on authentication server for the PCs in my house and run other services and scripts out of it. Or am I better off just buying a tower and loading it up with hard drives?
I'm also curious if anyone can recommend data hosting plans that are geared for storage instead of the usual web hosting needs.
If there's anyone else that's been down the path of small scale backup solutions I'd like to hear your thoughts and opinions.
-
In your Windows host file, typically in \Windows\system32\drivers\etc\, you need to add a line like:
127.0.0.1 devsite
That will enable you to browse to http://devsite and DNS will send it back to your machine where your local WAMP will handle the request.
If you set everything up correctly, then http://devsite should automatically redirect to https://devsite
If not...well then you got some trouble shooting to do.
-
On a typical Apache installation there will be a file openssl.cnf one directory above the openssl.exe.
Copy openssl.cnf into the same directory as openssl.exe or change this part of the bat:
-config "%openssl%openssl.cnf"
to
-config "%openssl%\..\openssl.cnf"
The fact that it can't find the config file could be screwing it up, although I doubt that.
You could try these two commands at the command prompt without the bat file:
cd \wamp\bin\apache\apache2.2.11 bin\openssl.exe req -new -x509 -nodes -days 3650 -subj "/CN=devsite" -newkey rsa:2048 -keyout devsite.pem -out devsite.pem -config openssl.cnf
And failing that take out the -subj part:
cd \wamp\bin\apache\apache2.2.11 bin\openssl.exe req -new -x509 -nodes -days 3650 -newkey rsa:2048 -keyout devsite.pem -out devsite.pem -config openssl.cnf
-
BIRT outputs PDF, MS Excel, MS Word, HTML, and plain text.
-
The script I provided is a Linux script; you can recognize it as such from the first line: #!/bin/bash
Here is a DOS script:
@echo off set hostname=%1% set country=US set state=California set location=Los Angeles set openssl=C:\Program Files\NuSphere\TechPlat\apache\bin\ set subject="/C=%country%/ST=%state%/L=%location%/CN=%hostname%" set mycmd="%openssl%openssl.exe" req -new -x509 -nodes -days 3650 set mycmd=%cmd% -subj %subject% -newkey rsa:2048 -keyout %hostname%.pem -out %hostname%.pem -config "%openssl%openssl.cnf" %mycmd%
Name it make-cert.bat and execute as:
make-cert.bat devsite
You need to change the C:\Program Files\NuSphere\TechPlat\apache\bin\ to the path on your system where openssl.exe is located.
You run this from a DOS command prompt.
-
If the user logs into ServerA and then ServerA uses cURL to log into ServerB, the cookie returned by ServerB will reside on ServerA and not on the client's machine. You need to send the cookie data from ServerB back down to the client so that the client can "hijack" their own session.
-
Ideally, i would like to be able to have www.example.com/users/john instead of www.example.com/users/view/id/john
I really don't see what's wrong with the latter there nor any real way around it.
-
Use ltrim() to remove leading white space.
-
Also keep in mind that backslash in single quotes is special and you'd really need two of them to send it to the regexp engine correctly:
$regexp = '/<iframe(.*)\\/iframe>/is'; // Ugly!
-
If the regexp contains slash characters I find it more convenient to use a different regexp delimiter:
$search = '@<iframe(.*)</iframe>@is';
-
Also be warned that the domain name and ServerName (in vhost file) must match the CN (common name) provided in the certificate!
-
In order to use SSL you need to do two things:
1) Obtain a certificate for your domain
2) Configure Apache to load the certificate
For testing purposes you can generate a self-signed certificate in order to become familiar with how to install it on the web server. However, since you are probably not a Certificate Authority, any visitors seeing a self-signed certificate on your production box will be prompted with a "Do you trust this certificate?" prompt.
In order to generate a self-signed cert for testing, here is a simple bash script you could use:
#!/bin/bash hostname=$1 country=US state=California location=Los Angeles rm -f "$hostname.pem" cmd="openssl req -new -x509 -nodes -days 3650 -subj '/C=$country/ST=$state/L=$location/CN=$hostname' -newkey rsa:2048 -keyout $hostname.pem -out $hostname.pem" eval cmd chmod u=rw,go=r "$hostname.pem" exit 0
You can read the man page for openssl to learn more about each of those options or find some tutorials on the web.
Let's say that script is called make-cert.sh and you want to create a testing site called devsite, you would enter the following at a command prompt:
$ ./make-cert.sh devsite
And the script would make a file devsite.pem
The next step is to configure Apache. This will depend on your Apache version, but for example let's say you have Apache 2.
1) You need to locate the ssl.conf files included with your Apache distribution and load them into the configuration.
2) Configure your vhost to use the certificate
<VirtualHost devsite:80> ServerAdmin email@domain.com RewriteEngine on RewriteCond %{HTTPS} !on RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L] </VirtualHost> <VirtualHost devsite:443> ServerAdmin email@domain.com ServerName devsite SSLEngine on SSLProtocol TLSv1 SSLCipherSuite HIGH ; assuming certs are in $APACHE_HOME/certs SSLCertificate certs/devsite.pem DocumentRoot /var/www/devsite <Directory /var/www/devsite> SSLRequireSSL Order Allow,Deny Allow from 192.168 127 </Directory> </VirtualHost>Restart apache service and check the error logs for problems.
That vhost configuration will send all non-ssl requests to SSL, therefore making the entire site SSL. You could add additional RewriteCond directives to redirect only for certain pages if you wanted.
When it comes time to make a certificate for your production box you perform essentially the same steps. However instead of a self-signed certificate you need to generate a CSR (certificate signing request). You send this CSR to a true CA (certificate authority). The CA will verify all of the details contained in the CSR and within a few business days will send you back your certificate. They typically provide two files, a domain.key and a domain.crt; you can concatenate these two files into domain.pem for your Apache installation if you desire.
This page contains useful SSL information:
-
Glad to hear it. Also keep in mind that when working with financial data it's a good idea to use the arbitrary precision math libraries.
-
My coworker uses ODBTP for talking to MS SQL on both Windows and Linux. I've used ODBTP on Windows and unixODBC with FreeTDS on Linux to talk to MS SQL.
-
I would store the intervals as:
id | start | rate
Where "start" is the first second of the interval. Each interval is therefore 900 seconds long and they are as following:
0 - 899 00:00 to 00:14:59
900 - 1799 00:15 to 00:29:59
1800 - 2699 00:30 to 00:44:59
Then you can load an array of "start" => "rate"
<?php // Note that you'll have to use appropriate database functions $rates = array(); $q = query( "select start, rate from the_table order by start" ); while( $r = fetch_object( $q ) ) { $rates[ $r->start ] = $r->rate; } ?>Now to determine the tax rate for a given timestamp:
<?php // some datetime $dt = '2010-09-01 16:23:42'; // convert to timestamp $ts = strtotime( $dt ); // determine seconds of day $seconds = 3600 * ((int)date( 'H', $ts )) + 60 * ((int)date( 'i', $ts )) + ((int)date( 's' )); // now determine which interval it starts in $interval = $seconds - ($seconds % 900); // look up echo 'rate is: ' . $rates[ $interval ]; ?>
That's not thoroughly thought through but it might get you there.
-
header( "Content-Length: " . filesize( $filename ) ); // <-- requires full path header( "Content-Disposition: attachment; filename=$filename"); // <-- does not require full path readfile( $filename ); // <-- requires full path
Therefore you can change it to this:
header( "Content-Length: " . filesize( $filename ) ); header( "Content-Disposition: attachment; filename=" . basename( $filename ) ); readfile( $filename );
-
I use BIRT for all of my reporting. There's a few learning curves to be had but I've been using it for almost 3 years now.
-
No. You can stream from where it is. Just change the single line of code I pointed out.
-
petroz and mikosiko are proposing the correct solutions here.
-
Yes. Headers are plain-text key / value pairs sent to the user agent. There are many, many more types of user agents than just web browsers that will show a sophisticated user all of the headers sent and received. From a security standpoint I adopt the mindset of "The more this is a black box to the user the better." That particular header controls the preset file name that appears in the "Save As.." prompt so all it needs in the first place is the file name and not the full path to the file.
Also consider that the full path can reveal more about your box than you intend to. Let's say you were writing a plug-in for a popular CMS, disclosed the full path, and the attacker saw this:
Content-Disposition: attachment; filename=/var/http/1.3/htdocs/domain.com/cms-1.0.3/protected/thefile.mp3
What can the attacker deduce from this?
1) You run Linux.
2) You're probably using Apache Httpd 1.3
3) You're probably hosting multiple domains
4) You're using version 1.0.3 of the CMS
So now what can the attacker do? They can look for known exploits for your versions of the web server and CMS. Hypothetically it could also be that this CMS doesn't support PHP 5 until version 1.1.0, therefore the attacker can deduce that you're on a version of PHP less than 5, probably 4.x.x, and then look for known exploits for that as well.
-
$filename is a full path to the file.
I can't imagine why you'd want to disclose the full path to the client.
-
Then you should likely change this line:
header( "Content-Disposition: attachment; filename=$filename");
to:
header( "Content-Disposition: attachment; filename=" . basename( $filename) );
Order before grouping
in MySQL Help
Posted
If you want to select the IDs having the max date and min date: