PHP Page Generation Time Code Example Script

PHP Page Generation TimeWhen optimising a website, it’s common for people to measure the PHP page generation time because it is more reliable than the client measuring the total request time which includes network delay which is beyond the scope of the code.

I recently started updating a combined CRM/CMS that I initially developed for an online-only reseller business. Back then, this was how one would usually get microsecond-accurate PHP script generation times. The reason I’m posting this, is not because it’s an integral development for the language but because I see lots of people still recommending the following solution.

Continue reading

Origin is not allowed by Access-Control-Allow-Origin

Remote Origin Errors with JSONP and jQueryAre you self-harming because your browser is complaining about cross-domain, remote-origin XML requests? As annoying as it can be, the web would be a much nastier place without this restriction that limits what can be pulled from where. You’re probably seeing this exact message in the console/error log of your browser’s development tools:

Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin

Once you understand why you’re getting issues with this, it’s tiresome to always be re-writing this integral function so, like my other free web development resources on here, I’ve saved an example as a gist on GitHub with jQuery and PHP code which you are free to copy, clone or download then use without limitation!

Continue reading

Tor Exit Node Trials and Triumphs

Tor Exit Node SetupI recently worked on a project that required rotating IP addresses without the need for speed, just viewing specific pages from different addresses. I first started with open HTTP proxies but their reliability varies hugely and I found that parsing any (free) proxy list was so unreliable and most of the time was spent determining that a proxy was not online so I came up with the idea of leveraging the Tor network due to the ease of path-finding and pruning of dead peers. As the results have shown, the number of peers is always sufficient for the requirements.

As a way of contributing back to the community and the Tor Project, I set up a dedicated Tor Exit Node. It was quite interesting and took a little while of going through disparate documentation sources and the outdated version in the repositories for Ubuntu Server but it was thrilling to learn exactly how this service function, that I’ve admired for many years, functions.
Continue reading

Safe E-Mail Attachment File Extensions

http://www.webdesignerdepot.com/I am adding an e-mail attachment feature  toan internal “Web App” for a business which will only send images and documents (mostly of a proprietary format) so I came up with a quick and simple PHP function to confirm that the extension’s safe.

$attachment_extensions = array('csv','doc','docx','gif','html','jpeg','jpg','ods','odt','pdf','png','ppt','pptx','rtf','svg','txt','xls','xlsx','xml');
if(in_array(end(explode(".", $attachment)), $attachment_extensions)){
    //Extension is Safe
}

Note the inclusion of Microsoft’s file extensions with an “x”-suffix: This mystification was introduced in Office 12 to stimulate upgrades. I don’t agree with their reasoning that has caused extra work for everyone else perhaps because they thought it’d be easier to identify their own files by relying on the extension instead of headers.

How to Add Base64 Padding

I was having a dreadful time working on an a corporate “web app” with the inline viewing of e-mail attachments. After MIME-decoding, only a third of PDF attachments were displaying! Based on that success ratio, some of you reading this with more experience probably already know what was wrong but it took me quite a while to realise. Continue reading

Automatic Sitemap Submission Script

I wrote a script for a client (which was acknowledged as off-contract so I’m providing it as open source) to automate the submission of multiple sitemaps (a.k.a. “pinging”) to multiple search engines.  It’s PHP and coupled with cron, it can run as (in-)frequently as wanted though without scheduling, I think it’s still useful as a batch submission tool.
Continue reading

Booking Management System Nearing Completion

I’m well over half-way with a huge project with tiny deadlines. I underestimated the amount of work that would be required as I designed and developer their latest eCommerce website but the business is being sold and the incoming owner wants a stream-lined platform for checking the availability of tours, booking them and managing payments from clients and to operators with different privilege roles, multiple integrated payment gateways and last but certainly not least, ignoring PEAR Mail to send with authentication (GMail, currently) and the wonderfully simple php-imap …as far as the MIME structure can be considered simple when jumping in head first to write an HTML/CSS/JS/PHP e-mail client from scratch with one e-mail address because used by multiple e-mail address yet still having their messages routed accordingly.

It took two sleepless nights but the back is broken so now it’s time to fix some little things, linking each tour to the original operator’s itinerary or scraping tour-availability so that the staff needn’t hop around between Microsoft Outlook®, Microsoft Word® and Microsoft Internet Explorer® which would negate their Windows lock-in and save them $820 per computer if they switched to Linux and used Chromium’s “Application Shortcut” (a modern Mozilla Prism) shown in the screenshots. Soon I can  get going on the design which I’ve been hanging out for!

Brute Force TrueCrypt Volumes

Brute Force TrueCryptSomeone at work uses TrueCrypt and forgot their password for an encrypted volume which had some important, business-related files that were needed. This person relies on muscle memory for their passwords which has them employing alternating combinations of strings to create secure but forgettable password. To exemplify this method, the three strings “123″, “abc” and “!@#” could yield them a password of “abc!@#123″ or 26 other variations.

This person had no luck in trying everything that they could think of so I made a PHP and Bash script to automate the slow, brute force TrueCrypt volume with 100.000 password combinations to attempt. To save the web browser from a slow demise, I installed php5-cli and had Bash write the results – extremely quickly!
Continue reading