The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,732 other followers

Archive for the ‘PHP’ Category

« Previous Entries

Remotely controlling most Harman Kardon systems

Posted by jpluimers on 2022/05/03

There is a Harman Kardon Remote app on [Wayback/Archive.is] Android and [Wayback/Archive.is] iOS.

It can control Harman Kardon AVR and BDS devices, and the communication appears to be simple XML over HTTP according to [Wayback/Archive.is] H/K AVR 151 Remote Control API – Adam Parsons.

It got reverse engineered into two libraries, both based on string concatenating XML HTTP requests:

Note:

–jeroen

Posted in Software Development, Development, Scripting, PHP | Leave a Comment »

Making it dead simple to implement @haveibeenpwnd in your applications, including strength warning if found in @troyhunt’s password collection.

Posted by jpluimers on 2020/12/02

I wasn’t aware that Troy Hunt created an API [WayBack] for [WayBack] Have I Been Pwned: Check if your email has been compromised in a data breach.

He did, as I noticed through [WayBack] Michelangelo van Dam on Twitter: “Making it dead simple to implement @haveibeenpwnd in my applications, including strength warning if found in @troyhunt’s password collection. Check out to try it out yourself. #ImproveSecurity #haveibeenpwnd”.

There are in fact plenty of other packages, web-sites and apps using the API as seen on [WayBack] Have I Been Pwned: API consumers.

Many people ask “if it is safe” (often assuming passwords are sent in clear, or hashes are sent in full; my fear is that those people implement security somewhere).

It is safe:

PHP source is at [WayBack] GitHub – DragonBe/hibp: A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.

There is also a [WayBack] composer package at [WayBack] dragonbe/hibp – Packagist.

A really cool thing on it is this:

This project was also the subject of my talk [WayBack] Mutation Testing with Infection where the code base was not only covered by unit tests, but also was subjected to Mutation Testing using [WayBack] Infection to ensure no coding mistakes could slip into the codebase.

Apart from the tests, the most important source is at [WayBack] hibp/Hibp.php at master · DragonBe/hibp · GitHub

Related:

–jeroen

Posted in Development, Mobile Development, PHP, Python, Scripting, Software Development, Web Development | Leave a Comment »

Check your PHP project for known security issues – SensioLabs Security Advisories Checker

Posted by jpluimers on 2020/02/05

If I ever cross a PHP project, this is my first requirement to pass: [WayBack] Check your PHP project for known security issues – SensioLabs Security Advisories Checker

–jeroen

Posted in Development, PHP, Scripting, Software Development | Leave a Comment »

Design Patterns & Refactoring

Posted by jpluimers on 2019/07/16

Design Patterns and Refactoring articles and guides. Design Patterns video tutorials for newbies. Simple descriptions and full source code examples in Java, C++, C#, PHP and Delphi.

Source: [WayBackDesign Patterns & Refactoring.

And indeed a lot of examples in Delphi too; few sites have that: Delphi site:sourcemaking.com.

–jeroen

Via: [WayBack] I stumbled upon this yesterday, very informative, accessible and also with Delphi examples – among other languages. – Steffen Nyeland – Google+

Posted in .NET, C, C#, C++, Delphi, Design Patterns, Development, Java, Java Platform, PHP, Scripting, Software Development | Leave a Comment »

Lesson learned: do not copy/paste code from the `Visual` WordPress.com editor…

Posted by jpluimers on 2019/04/16

[WayBack] Lesson learned: do not copy/paste code from the Visual WordPress.com editor; copy from the Text editor or the Preview… – Jeroen Wiert Pluimers – Google+.

Note: likely the HTML below got rendered badly by WordPress.com, so the gist below has the same text as a MarkDown file.

Ever wonder why copy-pasting code from your WordPress.com post fails?

The first statement fails, but the second works:

[root@linux:/etc] # useradd --create-home --shell /bin/false autossh24
useradd: unrecognized option '--shell /bin/false'
...
[root@linux:/etc] # useradd --create-home --shell /bin/false autossh24
[root@linux:/etc] #

The reason is that the first is copied from the Visual WordPress.com editor that renders this HTML inserting   which is a different unicode characer (0x00A0) than a normal space (0x0020):

<blockquote><p><code data-mce-selected="1"># <strong>useradd --create-home --shell&nbsp;/bin/false autossh24</strong></code></p></blockquote>

However, the the second copied from the Text WordPress.com editor succeeds because it has all regular spaces:

<blockquote><code># <strong>useradd --create-home --shell /bin/false autossh24</strong></code></blockquote>

Luckily the Preview render is correct:

<blockquote><p><code># <strong>useradd --create-home --shell /bin/false autossh24</strong></code></p></blockquote>

Lesson learned: do not copy/paste code from the Visual WordPress.com editor; copy from the Text editor or the Preview.

–jeroen

[WayBackEver wonder why copy-pasting code from your WordPress.com post fails?

Read the rest of this entry »

Posted in Development, PHP, Scripting, SocialMedia, Software Development, Web Development, WordPress, WordPress | Leave a Comment »

« Previous Entries
 
%d bloggers like this: