oni-kun

Then the injected url will do nothing as mentioned. If I enter "yoursite.com?msg=ur+hacked+bixch", Will you freak out and be scared?

That website is a lie. It puts a price on open source. Shame.

Your code for me (atleast on my *nix server) returns nothing. Reading the headers of the site I get this: Array ( [0] => HTTP/1.0 200 OK [Content-type] => text/html [Cache-Control] => no-cache, no-store, must-revalidate, max-age=0 [Expires] => Thu, 01 Jan 1970 00:00:00 GMT [Connection] => close ) 1 And content this: <html><head><meta·http-equiv="Cache-Control"·content="no-cache,·no-store,·must-revalidate,·max-age=0"><meta·http-equiv="Expires"·content="Thu,·01·Jan·1970·00:00:00·GMT"></head><body><script·language="JavaScript">var·strbuf·=·new·Array();strbuf[15]='y8';strbuf[14]='X';strbuf[13]='V';strbuf[12]='i';strbuf[11]='1';strbuf[10]='?mB';strbuf[9]='/j';strbuf[8]='=';strbuf[7]='hjl';strbuf[6]='2';strbuf[5]='kdp';strbuf[4]='k';strbuf[3]='js';strbuf[2]='19';strbuf[1]='D';strbuf[0]='Od';var·arr=[9,10,3,5,13,2,4,1,14,12,0,11,6,7,15,8];var·b='';for·(q·=·0;q<16;q++){b+=strbuf[arr[q]];}window.location.href=b;</script></body></html> What iswith the JS? That is probably the error. It's supposed to redirect them to /local? apparently, pulling the JS and displaying it with CURL just redirects you incorrectly to localhost or whatnot. Not advances security, poor site or not so efficient obfuscation.

Oh man, must've done that a few times. I tried to register for the Ubuntu forums recently and it was like "username already taken" and I was like WHA!!!? ... oh.. EDIT: You did register ~ June 28, 2007, 12:04:19 PM , quite awhile ago. 3 years = out of mind IMO.

Welcome, your blogs look quite nice. Glad to have someone with that experience here. A lot of people wanting to learn from scratch so quickly..

Why not read the code? He filled out the shell of what is needed. All that is required is to fill in the if() that the OP wanted within. (In case he goes the PHP way)

Access them? They can't via HTTP, but they can certainly use further exploits found to run a script and inject it into your root path, or worse, above that. If you're meaning you want to deny main.php (etc) itself, because it is being included for example: <Files main.php> order allow,deny deny from all </Files> Within the current folder. More examples online.

I've experienced many handfuls of people say using explode/substr/str_replace combined, sometimes in a loop, together are more 'efficient' than the 'heavy' use of a simple preg_match. 10,000,000 requests in (24ms)? If they had that much, they would be in space on their own moondome with alien spacebabes and a mountain of floating Tequila.

Are you scared to test it out? mod_rewrite rules won't matter as they parse before acted upon, If you want to put it at the beginning go ahead, rules are rules for a reason, It's not like you have to put them in any order * unless there is a rewrite condition attatched. All that does is pass the directive over to apache, Not a good idea if you aren't writing efficient rules as it'll slow PHP's bind. Btw, it compiles via symlinks as PHP would in ZEND. What is the difference in speed? It'd help if you showed some code to help you on, What rewrite directives are you using, and what are your current directives so we can tell incompatabilities? All you'll get is a temporary 500 server error until you revert the mod_rewrite if it goes wrong, which takes seconds, wasting time by not helping us or yourself.

Yes, you are not sending the from address, is it supposed to appear there? As well, you should set the MIME header to prevent spam traps and allow html if you wish so. $headers .= 'MIME-Version: 1.0' . "\n"; $headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";

Why not iterate it through a loop? +1 and -1 ignore those lines, echo \t to..er..tabulate it.

Ternary operators are slow as well. 10,000,000 iterations that (statement) returns: Longhand: 16.7164548893(s) Ternary: 19.1882539418(s)

Ohhh even better.. how 'bout nested ternary operators? $test = 'one'; echo $test == 'one' ? 'one' : $test == 'two' ? 'two' : 'three'; /* Ultimately evaluates to 'two'; as the initial test for $test evaluates as 'one' * however, (in the wise words of Billy Mays "But wait! There's more!") that 'one' is now checked to see if it is in turn true... * in which case it is, thus 'two' of the final 'two' or 'three' choice is chosen. Nice way to cluster f#$k the mind. */ Those used to confuse me, but I never got around to learning them, After learning what they do that seems very simple. It's sorta like pseudocode, "Does $var have 3? Then do: displaymsg() else: displayerror()"

I believe it was shorter than 500 chars. The URL had a trailing slash at the end. It seems that removing it fixes the issue. Your time of the month?

In Soviet Canada, It always rains!

From your past history I can safely assume you're linking to a song of 'Rick Astley' , sir.

Woo! Got the XFCE shell up. Amazing the lack of instructions the guide gives you about Xorg. It doesn't even say to install it..

I hate your form. I wrote a long description of my host, but for whatever reason your form decided the url I use to access their webpage is not a valid url and it send my work to /dev/null $fp = fopen('/dev/null', w+) fputs($fp, $Mchl->longdesc); fclose($fp); That's the source code.

Gentoo requires a 'Stage3' tar to be downloaded (separately) to livecd to install? wtf? I preferred not to generate an image out of it and manage to shove it on yet another DVD of mine. Only other way was to use Links (text browser) to download it to the temporary mount and retrieve it from lost+found. Made me quickly get off that. Even the LiveDVD wasn't functional, I always have bad luck with new distros. Right now I'm just installing Arch Linux, I'd prefer the -less of default packages and am just sticking with XFCE, I'm installing it right now, and hopefully I can get my Wireless broadcom chip to work with my bloody laptop! (these laptops are known to take forever to set up wireless..) Off to do some more modprobing. @Thorpe, Thankfully I've dev'd a few things before to go in from command line and install, but the annoyances of having to import (physically) a package just makes me angry, The 'minimal' ISO is the newest, Why? It's 200mbs, and has no installer (the stage I was referencing to), Why on earth wouldn't they place it in with the '200mb minimal iso'?? EDIT: Whilst partitioning, my NTFS partition reads as invalid, although out of GParted it seems to read as an NTFS. I pray I've not lost all my work....

My laptop's harddrive (250GBs) is filled with two Windows installations, one old. Right now i'm gonna take the important stuff off it wipe it with a good ol' GPARTED and install Gentoo. Thinking about it made me inspired to.

By practise I always write: echo "$var_one <br/>\n"; for ease of mind, OCD thing! HTML Tidy adds so many newlines though!

You never use newlines? I woke up one day on a massive html dump log, and noticed it was nearly impossible to sift through as it was all on one line! (and it is 600KB+). Newlines are your friend, but by god please don't place them in single quotes, That would make me cry.

Indeed many people are scared to get into Linux, they like it 'as it is' with their proprietary software, but there's so many alternatives and more efficient ways of doing it! I'm glad Ubuntu has become a stable for linux newbies (for ease of package management etc.)

After the tracker, hash and seed list is retrieved, then the real 'slow' speed comes in, torrents are generally fast to download, he meant to peer-to-peer off the seeds.

Over how much time? I'd done the same thing way back when, It was for Amazon as well. I'd get a survey every (week or so), and would get a $5-20 voucher for it, it was quite nice to treat myself to a free book, not much, but valuable.