Svetoslav Marinov’s Blog

RedirectMatch permanent /old-location/.* http://sub.domain.com

Related

• http://johnbokma.com/mexit/2006/08/18/
• http://httpd.apache.org/docs/2.0/mod/mod_alias.html

A quote from http://www.uploadify.com site.

Uploadify is a jQuery plugin that allows the easy integration of a multiple (or single) file uploads on your website.  It requires Flash and any backend development language.  An array of options allow for full customization for advanced users, but basic implementation is so easy that even coding novices can do it.

This article assumes that you've already read the Uploadify docs and tried to integrate it.

Everything is pretty simple however you need to overcome one obstacle with flash and cookies.
More on the flash and cookies topic go to http://swfupload.org/forum/generaldiscussion/383

My Solution:

This article can be downloaded (TXT format)

Here is how to use the uploadify
I use a variable called "__tkn" in the url to pass the session variable.
Some of you may try to use 'scriptData' which didn't work for me.

<script type="text/javascript">
jQuery(document).ready(function() {
if (jQuery("#upl_feed_file_progress")) {
jQuery("#upl_feed_file_progress").uploadify({
'uploader': '/site/share/jquery/plugins/jquery.uploadify-v2.1.0/uploadify.swf',
//                'cancelImg': '/site/share/jquery/plugins/jquery.uploadify-v2.1.0/images/cancel.png',
'script': '/mymodule/mycontroller/myaction/__tkn/<?php echo Zend_Session::getId(); ?>',
'multi': false,
'simUploadLimit': 1,
'fileExt': '*.csv;*.txt',
'fileDesc': 'Feed Files (*.csv;*.txt)',
/                'fileDataName' : 'upl_feed_file', // in $_FILES
//                'scriptData': {'PHPSESSID' : '<?php echo Zend_Session::getId(); ?>'}, // This didn't work for me.
'height': 24,
'auto': true,
'onCancel' : function (event, queueID, fileObj, data) {
alert('Error: You have cancelled the file upload.');
},
'onError' : function (event, queueID, fileObj, errorObj) {
alert('Error during file upload. Maybe the file is too big ? Size: ' +  fileObj.size + ' Error:' +  errorObj.info());
},
'onComplete' : function (event, queueID, fileObj, response, data) {
if (response == '' || response == 0 || response == "0") {
alert('Error during with the upload');
} else {
perf_error('Success!');
}
}
});
}
});

</script>

This one goes in the template ..

....
<div id="upl_feed_file_progress">You have a problem with your javascript</div>
....

Insert this in the boostrap (usually index.php) file
It should be inserted before "Zend_Session::start();"

// ------------------------------------------ START -------------------------------------------

$sessName = "PHPSESSID";
$sessOptions = array('name' => $sessName);

// Flash has problems with cookies so we pass the PHPSESSID variable via get
// it'll be injected if it doesn't exist in _SERVER["HTTP_COOKIE"] e.g. '; PHPSESSID=hdi5u83hfnu7ltlvp5q3bb53k4'
if ((stripos($_SERVER['REQUEST_URI'], '__tkn') !== false)
//    && preg_match('#^[a-z\d]{25,30}$#si', $_GET[$sessName])
&& preg_match('#__tkn/([a-z\d]{25,30})#si', $_SERVER['REQUEST_URI'], $matches)
&& (stripos($_SERVER["HTTP_COOKIE"], $matches[1]) === false)) {
$sid = $matches[1];

$prefix = '';
if (!empty($_SERVER["HTTP_COOKIE"])) {
$prefix = '; ';
}

$_SERVER["HTTP_COOKIE"] .= $prefix . $sessName . '=' . $sid;
$_COOKIE[$sessName] = $sid;

Zend_Session::setId($sid);
}

Zend_Session::setOptions($sessOptions);
// ------------------------------------------ END -------------------------------------------

Your 'myaction' (/mymodule/mycontroller/myaction) should return 0 or 1.

The following code should be useful.

$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
$viewRenderer->setNoRender();

// Skipping the templates
Zend_Layout::getMvcInstance()->disableLayout();

Please share your thoughts.
Are there any security holes in this approach ?

Related Resources

• http://uploadify.com
• http://uploadify.com/forum/viewtopic.php?f=5&t=43&p=3754#p3754
• http://www.uploadify.com/forum/viewtopic.php?f=5&t=43&p=3754&hilit=zend+framework#p3754
• https://bugs.adobe.com/jira/browse/FP-1044

Here is an explanation about brute force attack from Wikipedia

In computer science, brute-force search or exhaustive search, also known as generate and test, is a trivial but very general problem-solving technique that consists of systematically enumerating all possible candidates for the solution and checking whether each candidate satisfies the problem's statement.

Donncha O Caoimh's posting has 2 really good ideas.

1) Use a small script to log some *unusual* POST requests
By using the script Donncha was notified when somebody was trying to get into his wordpress blogs.

Credits: Donncha O Caoimh

if ( ( isset( $HTTP_RAW_POST_DATA ) || !empty( $_POST ) ) && $_SERVER[ 'REQUEST_URI' ] != '/wp-cron.php?doing_wp_cron' && $_SERVER[ 'SCRIPT_NAME' ] != '/wp-comments-post.php' && substr( $_SERVER[ 'REQUEST_URI' ], -10 ) != '/trackback' && substr( $_SERVER[ 'REQUEST_URI' ], -11 ) != '/trackback/' ) {
mail( "MYEMAIL@gmail.com", $_SERVER[ 'HTTP_HOST' ] . " POST request: " . $_SERVER[ 'REMOTE_ADDR' ], "URL: {$_SERVER[ 'REQUEST_URI' ]}\nPOST: " . print_r( $_POST, 1 ) . "\nCOOKIES: " . print_r( $_COOKIE, 1 ) . "\nHTTP_RAW_POST_DATA: $HTTP_RAW_POST_DATA" );
}

2) Use the limit login attempts Wordpress plugin

Here is some info about the plugin
Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

I was looking for drivers for my Motorola Q9 and here is what I found

http://www.motorola.com/consumers/v/index.jsp?vgnextoid=bda09ec8009a0210VgnVCM1000008806b00aRCRD

(the link above will like change in the future.

• Motorola USB Driver v3.7.0 (for 32-bit versions of Windows®)
• Motorola USB Driver v3.7.0 (for 64-bit versions of Windows®)

Maybe you've used rsync for linux and enjoyed its functionality.
Here is a solution for Windows.

The owner of http://www.itefix.no/ took the time to compile the binary.

Download location:
http://sourceforge.net/project/showfiles.php?group_id=69227&package_id=68081

Have you seen this message lately ?

csvn: Commit failed (details follow):
svn: Could not use external editor to fetch log message; consider setting the $SVN_EDITOR environment variable or using the --message (-m) or --file (-F) options
svn: None of the environment variables SVN_EDITOR, VISUAL or EDITOR is set, and no 'editor-cmd' run-time configuration option was found

Here is how to export SVN_EDITOR variable.

Feel free to change the editor to pico, nano etc.

echo export SVN_EDITOR=vi >> ~/.bash_profile

Logout and then Login again to *see* the change.
By *see* I mean that you have to do execute the following command and the editor of your choice should be run for you:

svn ci

Related:

• http://www.jappler.com/blog/archive/2008/05/05/howto-change-the-svn-editor

I was constantly refreshing to see who is going to win the competition by receiving 1 million twitter followers.

It's between Ashton Kutcher and CNN Network

I am supporting Ashton. By the way his film with Cameron Diaz was pretty cool.

When I refreshed I saw Ashton's followers jumped to almost 2m and then went back to ~990 000.

Twitter definitely is having hard time calculating the real number of the followers.

Sometimes you don't need users to select some of the options in the HTML drop down menu.

For example you have a dropdown menu with these options.

==========================
Please select a province/state for US/Canada

Canada
--------------
Prov1
...
Prov10

United States
--------------
State1
...
State50
==========================

What we need is a province/state but what if the user selects the separators '----' ? or the country name ?

To solve this challenge we use negative values for values that should not be selected. Then using jQuery we disable them.

<script type="text/javascript">
jQuery(document).ready(function() {
jQuery("#acc_info select option").each(function (index, obj) {
// Disable items that have a value less then 0 OR an empty string
// We want those elementes to be disabled only.
if (jQuery(obj).val() == '' || jQuery(obj).val() <= 0) {
jQuery(obj).attr("disabled", "disabled");
}
});
});
</script>

Related:

• http://jivebay.com/2007/05/30/handling-checkboxes-radio-buttons-and-select-options-in-jquery/
• http://techeyes.blogspot.com/2007/11/making-html-select-readonly.html

The following cool code is supposed to redirect if your site has been opened in a frame.

<script type="text/javascript" language="JavaScript">
var topLocation
try {topLocation = top.location.href; }
catch(er) { window.top.location.href = self.location.href;}
</script>

Credits: http://www.mydreamsbook.com

How did I find this ?

I was looking for Elizabeth Banks pictures (She's so beautiful by the way).
She is in Zack and Miri Make a Porno film which by the way I didn't like so much but that's another topic.
Related

• http://www.askmen.com/galleries/elizabeth-banks/picture-21.html
• http://images.google.ca/images?q=Elizabeth%20Banks&oe=utf-8&rls=org.mozilla:en-US:official&client=firefox-a&um=1&ie=UTF-8&sa=N&hl=en&tab=wi

I have just created a group called Canada Web Professionals.
I've tried before with a group in Facebook but it didn't work out.
Maybe people just want to chat there.

I am giving a try with LinkedIn.
Feel free to join at: http://tinyurl.com/canadawebpros

or

http://www.linkedin.com/groups?about=&gid=1853638&trk=anet_ug_grppro