Random Post: My Work Domain
RSS .92| RSS 2.0| ATOM 0.3
  • Home
  • About Me
  • My Publications
  • My Work Domain
  • phpResource Feeds

    Site for phpResource

    May 31st, 2006

    We have taken the phpresgroup.org domain for our group phpResource. Ehsan sponsored this domain. Soon we will publish our group website. Members of phpResource will get some extra facilities through this site. Our main target is to promote the group as well as the Open Source Community. In this journey, we are just at the starting point. Peoples interested to help us by their sponsorships and/or other ways are most welcome.

    phpResource, Go Ahead !


    See My Class “SecurePassword” at phpclasses.org

    May 29th, 2006

    My class “SecurePassword” has been approved at phpclasses.org and it gave me the chance to be one of the top ten authors authors once again.

    See and download this class:

    About this class:

    This technique of generating password hash (or password digest) generates strong hash of plain
    text password. And for authentication, it matches a generated hash with a plain password.

    Modern computers can generate both md5() and sha1() very quickly, thousands per seconds. Thus generating hashes and matching with existing hashes (for hacking) is easy. The present technique implements a kind of hashing that makes strong salt, decodes that and makes hash with that decoded salt and the given password. It gives a variable length strong hash that makes attackers’ job tough.

    This technique –
    1. Creates strong salt of given length
    2. Makes that salt more strong by decoding it to binary data
    3. Creates hash appending that salt to the output of secure hash algorithm – 1
    (sha1)generated hash. Parameter of SHA1 in this case is (decoded salt + plainpassword)
    4. In matching a password with a stored hash,

    (i) The salt is extracted from given/stored hash and decoded first
    (ii) Then sha1() is implemented on that salt + plain password
    (iii) Then this hash is compared with the sha1() generated-hash portion of given/stored hash

    Strengths :
    1. If no parameter is given, initSalt() generates random salt that eventually generates random password hash for the same plain password.
    2. When password characters are only plaintext, attackers’ job is easy. Use of base64_decode()
    helps this technique generate more strong password since the hash contains binary data.
    3. Changing the length of salt (saltLength), you can generate password of variable lengths(upto 70 characters). This strengthens the password and makes attackers’ job tough.

    Please rate this class if you like and if it comes to your needs. Please feel free to contact me for
    any suggestion and/or further assistance regarding the technique and its implementation.


    Double Century for phpResource

    May 24th, 2006

    phpResource did his double century. Critics are already laid down. I hope to see its triple century soon. At present we are getting more new members.

    I like to see it as the best innovative group of the world. I have seen some other PHP groups where a lot number of messages are subjectless(neither about programming nor PHP). I hate those groups. I would like to suggest those groups’ moderators to keep it alive by effective posts. If you want to get the large number of posts, may be you will have – but you wont be able to meet the real goal as a PHP user group.

    Friends, join phpResource and contribute to make it the most innovative PHP user group.


    Grab Your Gmail Address Book

    May 18th, 2006

    I just uploaded my gmail address book grabber PHP script to this address:

    Please see this and let me know if anything is not efficient there.This script just takes all contacts of your gmail account.

    Nothing to be worry about the connectivity consistence of this script. After connecting and getting the addresses into an array, this script disconnects your connection. So you are safe from having any disclosure of your addressbook.

    Enjoy PHPing !!


    Regenerate Session ID

    May 16th, 2006

    Session ID hijacking can be a problem with PHP Websites. The PHP session tracking component uses a unique ID for each user’s session, but if this ID is known to another user, that person can hijack the user’s session and see information that should be confidential. Session ID hijacking cannot completely be prevented; you should know the risks so you can mitigate them.

    A user who creates a new session by logging in should be assigned a fresh session ID using the session_regenerate_id() function. A hijacking user will try to set his session ID prior to login; this can be prevented if you regenerate the ID at login.

    ** Source : sitepoint.com


    “ping” in PHP

    May 13th, 2006

    Get your pinging result by PHP like this way:


    < ?php $arr = array(); exec("ping -c 2 www.google.com", $arr); //2 packets dBug($arr); function dBug($dump) { echo "<PRE>"; print_r($dump); echo "</PRE>"; } ?>

    I got this result:

    [0] => PING www.l.google.com ( 56(84) bytes of data.
    [1] => 64 bytes from icmp_seq=0 ttl=245 time=608 ms
    [2] => 64 bytes from icmp_seq=1 ttl=245 time=519 ms
    [3] =>
    [4] => — www.l.google.com ping statistics —
    [5] => 2 packets transmitted, 2 received, 0% packet loss, time 2755ms
    [6] => rtt min/avg/max/mdev = 519.180/563.682/608.185/44.508 ms, pipe 2

    Someones asked me this type of questions( related to checking connectivity by PHP). This one is my solution for now.


    Code is Poetry !

    May 11th, 2006

    When Code is Poetry, Life is . . . . .
    function kiss(her){
    throw her();}
    return her instanceof Error ? false : true;}}

    a dysfunctional relationship… :p

    I got it from http://www.codingforums.com while searching the netWorld.

    Visit this link for more code poetries:

    Enjoy Coding !!


    Quote Of The Day

    May 11th, 2006

    Today’s google “Quote of the Day” reads –
    “All truth passes through three stages. First, it is ridiculed. Second, it is violently opposed. Third, it is accepted as being self-evident.”

    I recall this type of memory. When I first started phpResource, some so called PHP geeks started to oppose it. Then they tried to strongly oppose it. But they failed, and they will fail. But what I got from this is some so called geeks’ behaviour. I always respected them, but they disclosed their nature(I never thought such about them). But finally phpResource is going ahead strongly proving its strength enough to go forward.

    phpResource, Go AHEAD Strongly !!

    Writting Your Own Smarty Plugins

    May 8th, 2006

    Writting both easy and complex smarty plugins are very easy. It helps you simplify your smarty use. So why not using your own plugins ? For a short guideline, follow this link:

    Keep going on !!

    Templates From Other Sources

    May 8th, 2006

    Why should we always put our html-code (that contains smarty tags) to a temporary file for smarty use ? It can be done without doing so. This is important in the case of executing templates that come from DB, LDAP, etc. See this link to know details:

    Hope you will enjoy !!