Posts by Aeonix

Okay so I did find an answer, but that gives a new place for a bug.

The "solution" is:
https://jsfiddle.net/aL5ta60b/2/
Which centers the red div, and centers it's content. Fantastic.

The problem is. Notice the width: 600px. It doesn't react on that. I mean it does, but it doesn't force it to 600px. It's actually hard to explain what it does, it behave like I size it by % rather than by px. Try to play with size of editor to find out what I mean. It is meant to forcefully push red div to the right, and green to take whatever is free.

Edit: Found it! flex: 0 0 400px;

I knew there was a good way to do it, thanks.

Thumbs up next to reputation points shows only for first post. Has no bonding on negative or positive points. It's one who created the topic. Look at this posts' indicator. No thumbs up.

Also, it's profile also says 7 in reputation points.

So I and rproffitt both downvoted a bot.
I went over to it's profile, we have apparently total power of 7 in reputation decrease. I expected -7 in reputation, instead it has 7 reputation. That minus is pretty important.
It also says Lam Bang (7) instead of Lam Bang (-7). It feels like people downvoting trolls are actually endorsing them.

Also, when two people downvote a response, how does it become "Featured Answer"?!

Time for a real challenge.

https://jsfiddle.net/u6n3dq9m/4/

Is what I've got. I'd like the red portition to spread over the div, and fill entire height, while

You can't/Tried but failed:

• Use overflow: hidden, because it doesn't work (I thought it will render some overflow and stuff, I don't know).
• Use position: absolute/relative unless you know how to make DIVs adhere to rules already in CSS (mentioned widths). So, that red DIV is still "350px" and the green DIV is filling. (I tried position absolute and relative, but the green width spread beneath the red div).
• Use display: flex; because it makes text-overflow: ellipsis; not render properly. Further read. Gotta have 'em! Otherwise I'm stuck in a very unnicely cut overflow: none;
• Use display: table; because it makes overflow: hidden, white-space: nowrap and text-overflow: ellipsis not work. Elements span out of parent too and are uncontainable.

You technically can use above things or try. If you know how to bypass the reason why they weren't working in the first place.
To makes matters worse, center vertical align needs to be automatic, not by custom value (e.g. line-height or padding). Because each of the items within will be either bigger or smaller than the rest, they all need to align to center in their own way independantly of their neighbours.

I tried for some time, couple solutions, none work. I'm out of ideas. I call thee, DaniWeb overlords. :D

Fiddling with your code, "display: flex;" seems to be what breaks dots. Try other values?`

I just applied float and overflow: hidden fill technique. And dots appeared instantly! Woohoo! Thanks.

Did he really just link to the assignment and be like "Do this", seriously?!
Not happening dude, you have to cry nicely. Take a look at my questions for example:

• List your attempts
• Format your post well
• Show them code in readible form
• Tell 'em what you tried
• Tell 'em what you're trying to achieve
• Beg for DaniWeb overlords

Lately I came up with another idea on how to represent what I'm asking (it does require webdevelopment knowledge)

Let's say your website works with AJAX responses. You send JavaScript file to user's browser, which is a mini-engine, it sends request to your PHP server-side file. PHP answers with JSON. Your JavaScript file understands it and "does it". The question is, how would I prevent, someone who decides to nibble around my JavaScript file to go to http://example.com/donkey.php?getPost=x, and then make his/her own JavaScript file where they would make requests they weren't allowed to be made. For example, use my donkey.php and create identical website, because they technically can ask anything from database, that I ask as well.

Now turn this over to real life applications. How would I prevent someone sending same queries to the server, using their own program?7

Dammit, I really need to know. But I don't know how to explain it so you'd understand, I don't know what's the part, that you don't get.

The server will response back HTTP/1.1 200 OK that's mean the page you are trying to request exists. Optionally, the server may send Set-Cookie: .... to tell browser that you need to store the following cookie value into your browser for this domain.

Solution. So it IS send per request.

$allowedForUniversalUsage = htmlEntities($_GET["potentially_super_malicious_code"], ENT_QUOTES);

Does script above help me against XSS and MySQLi injection?

My thoughts would be:

Protection against XSS: Yes
I mean. XSS means that someone would be able to input code, which will be shown publicly and will be executed, the htmlEntities(). It converts actual code into encoded strings, it is as <a href="#">Close</a> according to browser. I can print this, but it won't be executed so it can't really do anything anymore, can it?

Why do I ask, if I found an answer? I still have concerns. Will the line that I served at begin, block malicious content in $_GET["potentially_super_malicious_code"] ? Single quotes, double quotes, penta quotes, triangles, daggers, Doritos everything that could be understood as code, will be parsed into textual-like form? No general way to bypass it?

Protection against MySQLi injection: Yes
Same as with XSS. Doesn't htmlEntities() forbid ' and "'s? Which are super essential? If I bound params, used MySQLi string escapes, allow only alphanumericals and force htmlEntities() parsing, does this block every possible attempt of "bad things happening"?

I know that there are some very high-end website crackers who will find some hyper-super-duper 5TiB long SQL query, which will incinerate the script. But will it keep 99.9% of tryhards/script kiddies away? It is RELATIVELY impossible to break?

Put the username at the end of the post, and I lose. Put the username at the top of the post, and I lose. Seems I can never win here!

Just leave it as it is now, it's just about getting used to it.

Definitely a good argument from Deceptikon. thumbs up

However:

The fix is not to implement security by obscurity and hope crackers aren't smart enough to dig into the binaries, the fix is to correct security holes. And for that goal, open source is potentially superior as there can be more eyes on the code.

Yes, but there's also many crackers who can easily access the code. They don't need to be smart enough to dig into binaries anymore, they can just look at the source-code and find something. recompile, use it and voila. There's still that "counterhold" to this.

That scares the wit out of me.

Just try this, install user-end consumer-grade Java, then when Java asks to update, deny it for a month, then go to website that requires recent Java, and you get this type of thing. Same happens on your server, except there's no more browsers or "helpers" to help you block-out potential threat. So you need keep up with Java, day for day.

Like I said, go full PHP, if you have 4.5v PHP and they will release 4.9v PHP. Your website won't explode, however, having it updated is nice too. On Java, this isn't the case since Java is heavily targetted as it connects server, user and 3rd parties. Where as PHP just connects from server to user without injectables from user side.

I would go with PHP.

General reason is because it is made fast and secure and bugs with it are unlikely unless coder himself/herself codes the script wrong. It is literally made programless. Of course you need Apache, but once that's started, PHP will always work.

I wouldn't choose for Java, since even when you start instance of Java on internet, it complains about "Warning, this version of Java is insecure.", Java seems to be prone to weaknesses. And basing your website upon this would force users to install Java as well (well, that depends on how you're going to handle client-side).

Java needs constant updates and reinstallations. Since being just 2 minor patches behind is already a vulnerability found (mentioning the message earlier).
PHP needs just disabling server for 1 minute, and moving updated PHP files in there. And they're more of bug-fixes and upgrades, because there is no real PHP hacks that are so widely accessible. In order to break PHP in-face you would need other factors to fail, or you need to be genius cracker.

Like I said, I would go with PHP. There's way less to mess with that and it can provide powerful outcome, and gives more strict notifications instead of errors. Simple and direct 1-liner, instead of you scanning throughout the entire stack of try(), catch() and throw().

Yes, because everybody these days knows, that they should open, certain part of this flat text into Ifranview,

url(data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7);

Like I said, everybody knows how to right-click and download the image.
Not everybody knows that they need to copy the part after , into base64 decoder. That's still some slight layer of protection.

Are we really sitting here discussing about how badly we can't protect the image file?

Of course everybody still can access it, but I can also put heavy safe on the street with millions in it, it's way better than having all this cash lying just on the ground. Even though entire safe can be stolen, it takes effort, time and basic knowledge. Making it some kind of protection measurement. Better than having it lying on the ground, where everybody can easily take it.

facepalm So easy, yet I haven't found it out. Someone call my brain's on holiday, I need it. I knew count(); dammit! Makes me look stupid! Never liked this function anyways.

I'm sorry, I'm having hard time understanding your question. Could you provide an example instead?

Back when I started Notepad++ and PHP.net/W3Schools.com is all I needed. If something didn't work out I sought for error tried to fix it, and if it didn't work out I would paste my topic in every forum there was to be found.

Lately I've swapped to Brackets, which has some decent coloring and some hinting when it comes to variables and functions. It works pretty smooth so I work with that. I don't necessarily need to work with actual PHP helpers. Might continue writing in Notepad++, I work only with Brackets because it looks nice and not so pre-2000 (like many editors) in my opinion.

http://www.javascript-coder.com/javascript-form/javascript-reset-form.phtml

You can't really do it with PHP. PHP is executed before you get any data. Then you receive ready rendered output. PHP has no effect on your browser anymore, you can do it with JavaScript instead. Link above has a tutorial on how to reset values of forms.

About everything there is. I can listen to almost anything. There's no "bad" music, just people's different tastes.

I like music just in general in all genres, to call some examples with songs I listen quite often to, for each genre:

Classical - https://www.youtube.com/watch?v=ipzR9bhei_o
Orchestral - https://www.youtube.com/watch?v=AohscTU5PZc
Hard Alternative Rock - https://www.youtube.com/watch?v=AHzU-9iozmo
Alternative Rock - https://www.youtube.com/watch?v=LBr7kECsjcQ
Hard Rock - https://www.youtube.com/watch?v=4Xd_ntREJMU
Rock - https://www.youtube.com/watch?v=Dj1sVQ2qdnI
Rap - https://www.youtube.com/watch?v=RvLmcRZte78
Jazz Duet - https://www.youtube.com/watch?v=nfUD0WhE264
Dubstep - https://www.youtube.com/watch?v=gkime9M4z34 (this is actual dubstep, not just random noises placed under category "Dubstep" just because)
Korean Electric Pop - https://www.youtube.com/watch?v=AAbokV76tkU
Hard Dubstep - https://www.youtube.com/watch?v=yiNYUQXMH0A (warning: turn down the volume before proceeding)
Techno - https://www.youtube.com/watch?v=2vcgsSJ9MQc

I mean. Seriously.

By the way, I'm getting strange impression, someone tries to force you to buy expensive laptop with low performance by making nice pep-talk about how great M-series are. Judging by your: "is intel m type processor is better or normal intel processor". Take pictures of specifications listed and send to me through private message, I might help you out and provide you actual and real performance indiciation, provide you the feedback about which components are good for what or less good for something else. I'm not expert, but if I don't know it, Google does.

Like Rubberman already pointed out:

It is NOT intended for laptop and desktop/server situations, and should not be considered for such, unless your laptop needs to run for many hours without a battery recharge.

So unless you're going for charge-free business-class laptop, you're surely not planning to buy one of these series. This processor-line is not meant for gaming, VM, heavy processing just for portability without charger.

Maybe this could help? It's someone who made a basic webpage and implemented ASP.NET into it. If you click the button the color of what I think is the muslim prayer buildings will change to gray by ASP function that has also been presented and explained. I looked at your code and the code on website, they're similiar in some way, but are not exactly same.

I'd prefer having direct models of the processors. I don't think all M processors are better. Since AMD Octacore gets outperformed by Intel's Quadcore and it's still not always true.

Which processors do you mean exactly? After refering to Wikipedia:

Intel Core M is a family of ultra low-voltage microprocessors belonging to the Intel Core series and designed specifically for ultra-thin notebooks, 2-in-1 detachables, and other mobile devices. The thermal design power (TDP) of all Core M microprocessors is 4.5 watts or lower.

I'm assuming that if they consume less energy and are extra safe about electricity, they should perform less than regular Intel processors. When asking about performance, lightweight and response, it's still matter of which processor do you mean exactly. The best M processor of Intel I could've found is 1.2GHz dual core, while I'm having mobile i3 which is quad-logical-core 1.8GHz.

Therefore I expect Intel M-series to be more of a economic choice rather than hardcore performance choice.

In terminal you can use touch which will create empty file in the directory. It also depends where your root directory is. Normally, in XAMPP it would be touch /opt/lampp/htdocs/newfile.

Change your * into <span id="uname">tmp</span><br/>
And add before last }); this code:

        $('.users').click(function(e) {
            var txt = $(e.target).text();
            document.getElementById("uname").innerHTML = txt;
        });

});

<?php $thisIsMyUberValue = "phoenix254"; ?>

<script>
    var uberValue = <?php echo $thisIsMyUberValue; ?>;
    alert("My value was: " + uberValue);
</script>

This should work, and prompt you "My value was: phoenix254". Go ahead, adjust it to your purposes.

I can't apply this personally to your Codepen, because I don't have access to your PHP variable, your folder structure and Codepen doesn't seem to support PHP.

Looking at your project, if I were you I would Google "Ajax", because the thing that you're attempting to create, can be made much easier. Just hinting.

When you need to create a login page using PHP and MySQL, the safety of this login page relies on
- Your PHP scripting abilities
- How well and securely has PHP been programmed in C++.
- How well C++ compiler of interpreter of PHP has been programmed.
- How well and securely has MySQL been programmed.
- How well and securely has interpreter of SQL been programmed.
- The safety of libraries on machine that Apache/MySQL rely on.
- The safety of integrity of machine (operating system).

When you need to create a C# console application, the safety of this application relies on
- Your C# programming abilities
- How well and securely C# .NET compiler has been programmed.
- The safety of libraries on machine.
- The safety of integrity of machine (operating system).

Those were all examples, maybe list is not full, or something isn't supposed to be there, but this is just to give you concept and show you my point of view. Now comes the question:

When you need to create a C++ console application, the safety of this application relies on:
- Your C++ programming abilities
- How well and securely C++ compiler has been programmed.
- The safety of integrity of machine (not, because C++ is translated to Assembly and isn't a code that needs to be interpreted by another interpreter).
- The safety of libraries on machine …

And would it be ok if i ask you to explain this for me too!!
preg_match("/^[A-Za-z0-9'?!-\s\\]+$/", $field)
If you know it, Thank you.

You like torturing people, don't you :D?
Here's the webpage go suit yourself, and here's another one. The example I provided is rather "hardcore" one, that's why this one is on another website, someone made this enough complicated, he/she needed help with it.

So would it be correct?

It is supposed to work if I look at it. Why not try it?

They say the only way you can be a good programmer is if you learn it the hard way

You don’t really understand something unless you can explain it to your grandmother. --- Albert Einsten

It's not about if you learned it hardway, in my case, I imagine the script being moving parts of a mechanism. spooky

My way of solving C++ bugs is attempting to think like compiler, if it says that something's wrong on line 30, I go back one or two loops and critically analyse every single step, if nothing found, then I just make search bigger and bigger.

If I can't do that, I go Google it, many people have tried the same before me, so they probably also have an answer. And if that fails, I can also ask DaniWeb experts. ascension God-like sound effect

But this is really global, the situations vary heavily depending on which type of projects you are doing, are there libraries, is this CLI or GUI. Like, there's literally millions of ways to write a program and even more ways to get it wrong, there's no The Ultimate C++ Error Solve recipe. You just go on working on your code, and if something goes wrong, you expect with hope that someone else have solved your issue, and if there's is none, you're the one solving it, and then someone else will have more hand. This is how we expand "knowledge base", by making easily reachable errors resolvable.

I'm not professor of PHP.

So far I understand it /ubuntu/ will seek for every "ubuntu" in the text, regardless whether it's at the begin, or in middle, or at the end. While just ubuntu seeks for straight text, so far example if your operating system would be called "Linux Ubuntu", /Ubuntu/ will say "Yes, I found it", while Ubuntu won't. Also i at the end indicates that you don't care about the case, so UbUNTU and ubuntu and Ubuntu and ubunTU will all be detected and treated exactly same way.

I wouldn't really be bothered with this if I were you, lets be happy together that it works as it gets sometimes as complicated as preg_match("/^[A-Za-z0-9'?!-\s\\\\]+$/", $field).

<?php

$user_agent = $_SERVER["HTTP_USER_AGENT"];
function getOS() { 
    global $user_agent;
    $os_platform    =   "Unknown OS Platform";
    $os_array       =   array(
                            '/windows nt 10/i'     =>  'Windows 10',
                            '/windows nt 6.3/i'     =>  'Windows 8.1',
                            '/windows nt 6.2/i'     =>  'Windows 8',
                            '/windows nt 6.1/i'     =>  'Windows 7',
                            '/windows nt 6.0/i'     =>  'Windows Vista',
                            '/windows nt 5.2/i'     =>  'Windows Server 2003/XP x64',
                            '/windows nt 5.1/i'     =>  'Windows XP',
                            '/windows xp/i'         =>  'Windows XP',
                            '/windows nt 5.0/i'     =>  'Windows 2000',
                            '/windows me/i'         =>  'Windows ME',
                            '/win98/i'              =>  'Windows 98',
                            '/win95/i'              =>  'Windows 95',
                            '/win16/i'              =>  'Windows 3.11',
                            '/macintosh|mac os x/i' =>  'Mac OS X',
                            '/mac_powerpc/i'        =>  'Mac OS 9',
                            '/linux/i'              =>  'Linux',
                            '/ubuntu/i'             =>  'Ubuntu',
                            '/iphone/i'             =>  'iPhone',
                            '/ipod/i'               =>  'iPod',
                            '/ipad/i'               =>  'iPad',
                            '/android/i'            =>  'Android',
                            '/blackberry/i'         =>  'BlackBerry',
                            '/webos/i'              =>  'Mobile'
                        );

    foreach ($os_array as $regex => $value) { 

        if (preg_match($regex, $user_agent)) {
            $os_platform    =   $value;
        }

    }   

    return $os_platform;

}

echo "Operating system is: " . getOS() . "<br />";
echo "Understood from: " . $_SERVER["HTTP_USER_AGENT"];

?>

Stolen, from here, then modified.

Be aware, this is easily spoofable. Works for me.

sudo nano /var/log/boot.log
sudo nano /var/log/dmesg

First line is log for boot and dmesg is supposedly Ring 0 log, or you could just dmesg | less in case when you have access to command line, working command line.

Okay, questionaire:

1. Do you have Apache server? Start it.
2. Do you have MySQL server? Start it.

3. Create a file called config.php, put inside

   <?php
       $sql_un = "root";   // default: "root";
       $sql_pd = "";       // default: "";
       $sql_db = "";       // you will need to create database and input here it's name
       $sql_conn = mysqli_connect("127.0.0.1", $sql_un, $sql_pd, $sql_db);
       if (!$sql_conn) {
           die("Something didn't work, the file couldn't connect to database!");
       }
       echo "File's request has been successfully sent and answer received.";
   ?>
   

I don't get the <?php echo 'DDD'; ?> part... what about it?

This sounds like you're trying to create a virus and boot it without permission, how good that user firstly needs to agree (and be admin) on making it bootable and evelated and that antivirus will block every attempt. After this, program will be ran by SYSTEM.

The code for this is:

Process.Start(String.Format("cmd /k {0} & {1}", "schtasks /create /tn "XXX" /tr "YYY" /sc onlogon", "shutdown /r /t 5"))

Where XXX is name of your task (you probably call it your program name) and YYY is path to your program e.g. C:/Program Files/Kerbal Space Program/KSP.exe.

It's kind of hard to troubleshoot it from distance. Would you mind installing TeamViewer and send me data through private message? In this manner I would able to see directly what your system thinks of USB, instead of these hours long spaces.

'access denied'

Are you sure you ran cmd as administrator? Do you have physical access to the pendrive? If so, could you move to the computer it is attached to and attempt the same (e.g. executing scripts)? Is the stick is damaged, can you move your important files in your HDD temporarily? Do you think that if everything else fails, we can format your USB (with specific tools (3 ways to that))?

...once again, you would need to know the letter.
Run cmd as administrator. Type inside:

X:
cd /
echo > autorun.inf
echo FIRST LINE OF THE FILE > autorun.inf
echo SECOND LINE OF THE FILE >> autorun.inf
echo THIRD LINE OF THE FILE >> autorun.inf
echo FOURTH LINE OF THE FILE >> autorun.inf
echo FIFTH LINE OF THE FILE >> autorun.inf

And so on. Replace X: with the letter of the pendrive. Notice the difference between FIRST LINE OF THE FILE and rest, there's a difference, watch out.

But still I don't get it, if it's USB attached over network, every single device that is usable to Windows needs a letter, here's an example on how USB attached to network looks like. In this case it's letter Y:. And this image, shows pendrive having letter Z:, I can't really help you further unless you give me the letter of pendrive, or execute commands posted above or pass me screenshot of the properties of this pendrive.

instead a letter can i use a program name or pen 'ID'?

I wouldn't know how this could be achieveable by cmd. Which "program name" do you mean exactly? Pendrive ID can be used to format the pendrive, leaving it empty and still usable. If you're willing to do this here's pretty detailed tutorial. But why exactly couldn't you use a letter of pendrive? It needs one to start program, if you don't know what it is, if you open "My Computer", every single drive and letter has attached letter to them, Windows is mostly on C:/, and DVD/RW drive on D:/, so your USB also has to obtain one that run a program.

Or would you like me to assist you "personally" on this, through TeamViewer?

Also, your first post says

i have 1 pen drive, that is my network.

Do you know localization of pendrive? If not, why is it there? Could you right-click on it and choose for "Properties", take screenshot of it and post it here?

I'd like to crash the autorun function, so it will execute only when you access it to through software or Windows Explorer so that nothing will start automatically. Open command prompt as administrator and type this:

X:
cd /
echo > autorun.inf

But replace, X: with your USB's letter.

In case this wouldn't work, there's lots of solutions, eventually you could format it leaving no software, no autorun file, no problem.

It would depend on project itself. If you would release your project and keep making it better, then no other company would be able to be better at it. The final step of protection for that software of yours, would be releasing it when finished, protected, and polished and then keep implementing many features. Before any other company would find out about your humble project. You would then have solid fan-base and a proof/evidence that you were one that made it work first, the first one that made working and useful tool for people out there, and they're only nothing but copying your project due to lack of imagination.

You might try to get patent for it, then no one would be able to use it, although it's not as quite cheap as free.

Essentially nothing really blocks anybody from stealing your idea. And if you can't steal their idea, you buy them and their idea (look YouTube, Tumblr, Picnik). Google is even trying to steal idea from Facebook, and it works, even though Facebook is a gigantic company now.

This is just how software production works, creating something awesomely useful without being eaten alive by big marketing monsters.

Okay, this is my final answer, if this can't solve your issue, I can't really help you:

1. First off, be entirely sure, your Linux installation allows both your folder AND your image, a public access.

2. Second of all, update your script to this:

   <?php

   $images = glob("*.png");
   $folderRoot = "http://" . $_SERVER["HTTP_HOST"] . dirname($_SERVER["PHP_SELF"]);
   
   foreach($images as $imageName) {
       $imageUrl = $folderRoot . "/" . $imageName;
       echo "<a href=" . $imageUrl . ">" . $imageName . "</a><br />";
   }
   

   ?>

3. Make sure this script lands amongst images.