Posts by Stefano Mtangoo

If you hit any wall, I will be happy to lend support!

Hi,
Here are simple procedure to make it happen
1. Connect to server

$host = "localhost";
$username = "root";
$password = "mypass";
$mydb = "testdb";
$connx = mysql_connect($host, $username, $password) or die("Cannot connect to server <br />".mysql_error());

2. select dabase (Like commandline USE)

mysql_select_db("$mydb") or die("Cannot select databaese $mydb <br />".mysql_error())

3. Query from whatever table you want from selected database

$query = "SELECT * FROM testTable ";
mysql_query($query) or die("Error:<br />".mysql_error())

Hope it helps :)

My Stupid old method

$query = "SELECT * FROM logintable WHERE username='{ $this->EncryptPassword($password)}' AND password='$password'";

Cool!
Thanks Ardav

I think I have not well explained it.
I have:
$this->EncryptPassword($password) which does password encryption
and variable $username. Then I need to write a query to select the matched rows. How would you write that query if it were you?

Hi all,
I have been running errors too much that I realized that I have learned 'bad' behaviour in writting PHP query.
So I decided to change. Please tell me what is good behaviour of writting queries that involve PHP variables as well as functions like one below.

$query = "SELECT * FROM logintable WHERE username={$this->EncryptPassword($password)} AND password=$password";

Thanks

Go for your own if you are capable and if site is not too complex.
It will work EXACTLY as you want. You can also do changes as you wish. The loss is however advantage of ready made, well secured and rich feature CMS. However it is worthy it after some time of maintanance.
So you decide.

If you go for your own, the definitely PHP/MYSQL is for you. If you are trying to find good tutorial, google is good at that task. I prefer w3schools or Tizag tutorials as they start from crawl to walk

Thanks Nick,
that is!

Nope,
I don't want it to be approximated, just truncated.
Instead of writing 2.156 as 2.16 I want it as 2.15

How do I truncate double like 99.998765 to something like 99.99 instead of 100.00? If some printf("%.2f", myDouble); gives 100
That is not what I want.
Any help is appreciated

+1 for netbeans. It have never frustrated me.

No where in constructor you are initializing nobjects
initialize it somewhere in constructor

Cool I understand now.
I need to hear also your comments on pros and cons of random one and how to achieve it. Just idea

I agree with Gresham but beg to defer on the code an not concept.
Example:

function truehash($input) {
return hash('sha1',substr(hash('sha1',$input),4,-4).hash('crc32',$input));
}

Why you don't agree with Will?

Personally, I use something along the lines of the following:

$salt = sha1(md5($_POST['password']));
$password = md5($_POST['password'].$salt);

Using strings such as username or user id is not a good idea as these will be known by anyone using the site, but using the password means that it is unique for each user without having to save the sale string anywhere.

Also, providing you salt the password, then MD5 should be fine :)

If password is the same then hash will be the same isn't it? What is your opinion on random salt?

Hi,
I need to secure my password and here are my questions.
1. What is the best method of making a salt? I have seen enough arguments for not using user info but rather random values.

2. How do I know user salt if I used random one? Should I store on password database? If yes isn't it added advantage to a hacker.

3. Which hashing algorith is better? MD5 hash? SHA1 or what??
Thanks.

Alright thanks. i put a global variable of int ndeps;

I would avoid global thing and instead I would declare a variable and initialize it in each class' constructor

class Object{
public:
    Object(){
        this->ndeps = 5;
    }
private:
    int ndeps;
};

class Graph{
public:
    Graph(){
        this->ndeps = 5;
    }
private:
    int ndeps;
};

I second(third...) C++
I will also advice you use wxWidgets if you want GUI (and yes some graphics) and it have basic sound (like wav). Go for libmad for mp3 playing, vorbis, flac et al for advanced thing. If it is free/open source consider bass library. I have once done full Audio player with Bass/wxWidgets and C++

Of course I will advice getting Codelite IDE beundled with Mingw after you start the project
all the best :)

Solved it.
It was spelling error than anything else error. Just added project DIr to compiler search path and that is ;)

I use CodeLite

I have this question and might look stupid indeed, but bear with me.
I have files in this hierrachy

ProjectFolder/Panel/panel.h
ProjectFolder/Panel/panel.cpp
AND
projectFolder/Search/search.h
projectFolder/Search/search.cpp

I want to include search.h in panel.h
I have tried many thing including

#include "./search/search.h"
#include "../search/search.h"

but I have failed. Any suggestion on how to do it right?

I guess something is wrong with character set encoding you are using. Check this and this and see if you do wrong with anything on encoding.

Get Codelite or Codeblocks or MS VC Xpress and there you dump your beloved TC in trash can or put it in embacadero museum.

If you want GUI for windows only go and learn W32API but for X-platform my votes goes for excellent wxWidgets

Are you inserting as blob entry or just uploading to the site?

I don't know what you are doing but in C++ version you should write no GUI functionality on secondary thread. All GUI issues should Go to primary one and others to secondary.

And Python 2.x is not compatible with 3.x So install both version and set your IDE to Python 3 which you are learning and let blender happily use 2.x If you want to learn with blender wait for version compatible with 3.x

The problem is solved. The thing was that I tried to pass a few arguments to the write method (I treated it the same way as print).

Strange it worked! The function have no return value. What are output to the file? Can you post new code?

Thanks for all your opinions then. I'll get Netbean then :)

@cwarn23: I've done it before myself but thanks for the offer. Can I not use it with IIS though?

First +1 for both Netbeans & NPP. NPP+ Explorer plugin make good editor for simple project. As project gets bigger NB is a way to go.
As per server, NB will ask for place to put files (point to www equivalent of WAMP) and Address (localhost/yourproject). So I guess it will work with any server (as it doesn't know server types only places files are and URI)

Any idea?

No error but no output either

And it means file is empty, especially if you opened with write option

Not tested but I have problem with your OnData Methods
Please try this and see what it gives.

def onData(self, event):
        DataWindow(self)
        db = Database()
        sql = "SELECT rowid, address, subnet, gateway FROM pod1"
        records = db.select(sql)
        count = 0
        for v in records:
            index = DataList.InsertStringItem(sys.maxint, str(count + 1))
            DataList.SetStringItem(index, 1, v[0])
            DataList.SetStringItem(index, 2, v[1])
            DataList.SetStringItem(index, 3, v[2])
            count += 1

This should help you a lot in your work. All the best

Hi guys,
I need help with and Idea on how to do this. Basically I want to have sockets session. User logs in and the program authenticates him against DB. Having done some PHP this is not big problem. The problem is how do I maintain session. In PHP there is session superglobal. I have no Idea how to do it in C++

Any suggestion on that?

I had a same question some days ago and it went unanswered. I could not complain as I pay no body and I don't get paid. All is voluntary and I hope someone knowledgeable will step in. I haven't done that and I plan to do. Once I get anywhere I will post here

wxWidgets doesn't look to bad, im looking at gtk+ right now.

I use wxWidgets and it is rich not only in handling GUI issues, but also in other stuffs like Direcories/Files streams sockets et al. There are extensions if you need functionality that isn't in core and can write yours not-so-complex to do. Check zetcode for tutorial

What do you mean by c++ class library

not sure if that is what you want. If all you want is growing array, you might need to check vector(STL)

#include <vector>
int main(){
    vector <int> myVector;
    for(int i=0; i<100; i++){
        myVector.push_back(i);
    //then you can add anything later
    myvector.push_back(100);
    }
}

So hashing is the best!
Cool then. What is considered to be the best hashing algorithm? What about salting in hashing, necessary to increase security or another overkill?

so which is the best, hashing or encrypting? seeing that I don't need to recover the original password. All I need is security and ability for user to login (which can be done by comparing hashes)

The only use-case for encryption during securing a PHP site is if you want to encrypt passwords rather than hash them.

I don't know what is better, but I plan to encrypt them than hashing them. But If hashing will have added advantage I can think of it

If you encrypt them you can decrypt them and email them back to the user if they lose it. If you hash it you can't do that because it's one way, you'll just have to send a random password back to the user.

I think I should send them random link to change their password than send them plain text password

Thanks guys.
I will read those.

Good experience :)
Would you consider GUI-lizing it so that lazy people will use it!
add logging, try to repair and so forth.

Learning to write secure PHP code for a website is about a lot more than encryption. Encryption is only one part of creating a secure website. Enabling encryption on the site will vastly increase security as information will not be sent in plain text across the Internet.

I need only to apply it to login/register form. I wan't it to be secure enough like Joomla/Drupal. No overkill like CIA web ;)

The scope of "website security" is huge. There are hundreds of facets to consider all of which depend on the specific project you are working on.

Sure, and I know I cannot cover all. I want that one enough to get my pages secure. I work on webpages+Database (MySQL)

Here are a few links to get you started:

http://www.phpfreaks.com/tutorial/php-security

http://phpsec.org/

http://php.net/manual/en/security.php

You will also need to keep abreast of new PHP and web-related security developments.

Thanks a lot for the links

I would highly highly recommend pursuing some kind of formal education regarding these topics. It is simple to write a PHP script. It is hugely difficult to ensure that it is secure and will remain secure for the foreseeable future.

Sincerely,
Nate

Thanks for recommendations. I will think about that :)

There aren't really that many techniques (and 0 algorithms to remember) to secure your site. MD5 your passwords, scrub your inputs AND outputs, use prepared queries (PDO)..

is MD5 secure? Every place i read of hashing, md5 is being bashed of being insecure but they don't really get to the point where they tutor you

I'm all for being strong in CS but as far as PHP goes unless you're hell-bent on being able to give the user their password back on reset you're not going to be using cryptographic algorithms too much.

Please, explain a little bit

what does fatal error means >?????

error that will end up killing your application

actually I included all the libraries that i need them. I am sure of this.

No, you didn't. that is why the linker complains.
Which IDE do you use?

I am tring to be good in english:D

thanks

:)

not program output..but the content of the file PJ657_output.txt

Smells like linker error! Are you messing with libraries? Does your program need one?

Also seems English is not native for you. ;)

Thanks that took care of that, but any clues why it reads square 4 or five times?

It depends on what you feed. Remember that computer isn't intelligent at all. Yes, it is fast but never intelligent. garbage in-garbage out. So post the content of the file PJ657_output.txt and we'll know why. Also instead of using

if (shape == 'T' || shape == 't')

Just use

#include <cctype>
//........................
if (tolower(shape) ==  't')

there is also short tutorial here. try and see if it will help you

and another thing, It is done differently in different platforms and toolkit. I would use wxidgets toolkit, if i was you, but then time isn't enough to learn anything