A tutorial on How_to_make_an_animated_GIF_of_a_terminal_session
by blogobramje:
if [ $value -eq 1 ]
then
echo "Good job"
elif [ $value -gt 1 ]
then
echo "Excellent job"
else
echo "Nothing happened"
fi
The online tool htaccess.mwl.be allows to easily debug HTACCESS redirects, and already saved me some headaches 🙂
Twig is a popular templating system, from the creators of the Symphony framework. Here I describe a minimal startup guide for those preferring a manual installation (i.e. no composer).
<?
require_once 'lib/Twig/Autoloader.php';
Twig_Autoloader::register();
$loader = new Twig_Loader_Filesystem('templates/');
$twig = new Twig_Environment(
$loader,
array( 'cache' => 'cache/')
);
$twig = new Twig_Environment($loader);
echo $twig->render('index.template',
array('name' => 'Andrea', 'surname' => 'Telatin')
);
?>
where the index.template file is
Hello {{ name }} {{ surname }}!
As nobody would store plain password in a database, I’d like to write a short memo on how to encrypt passwords to be safely store them in our databases.
The first concept is hashing. In brief we use a function that takes a string as input (i.e. our plain text password) and produces an output that is different for each input string, but without the possibility to reverse the process. An once popular hashing algorithm was MD5, that is now believed to be not enough secure. Better alternatives include SHA-2 and Blowfish. In PHP we have this function to hash:
$hashedString = hash('sha1', $inputString);
The second concept is salting. Given that is almost impossible to guess the password given its hash, its possible to pre-compute million of hashes and use this database to predict the hidden password. This approach is referred to as rainbow tables. To avoid this the trick is to encrypt (hash) the string with some further text. This is salting.
The simplest form of salting is to encrypt a string like ‘this is the salt for a {$string}’, but if the salt is stored somewhere it is also possible to find it, and moreover if a single user uses a weak password and somehow the hacker cracks it, he will also able to use the same salt for any other password. In PHP we use the hash() function only for to check integrity of contenct, not to crypt passwords, as we have a dedicated one:
$hashedPassword = crypt($password, $salt);
The salt parameter is slightly more complex than a bunch of chars though…
How to salt passwords with PHP
The crypt functions require a form of salt that includes a format string, indicating both the algorithm (I use 2y for Blowfish) and the cost (higher=stronger) of the process:
$password = 'myPassword'; $hash_format = "$2y$10$"; // 2y=blowfish; 10=cost of algorithm $salt = "ThisIsMyLong1234567890Salt"; // has to be > 22 chars echo 'Salt size: ' : strlen($salt); $format_and_salt = $hash_format. $salt; $hash = crypt($password, $format_and_salt);
Given that the “salt” contains the format as well, we can compare hashes like this:
if (hash_equals($hashed_password, crypt($user_input, $hashed_password))) {
echo "Password verified!";
}
Using FUSE to mount remote directories (when the more secure SSH connection is not available), with a program like curlftps, it’s possible to mount any remote directory like:
curlftpfs -o user=user:pass ftp.server.com /my/mount/pointThis means that after any standard editor will become an FTP enabled editor.
composite logo.png photo.jpeg -dissolve 90% -gravity NorthEast test.jpg
To tile the watermark:
composite logo.pngphoto.jpeg -dissolve 55% -tile test.jpg
