Jump to content
xisto Community

vujsa

Members
  • Content Count

    1,008
  • Joined

  • Last visited

Everything posted by vujsa

  1. The best method for uploading files in cPanel is to leave them zipped! Upload the zipped file either with an FTP client or better yet, you the cPanel File manager.Once uploaded, you can then decompress the zip file and it will extract all of the files in their proper place and many times with the correct permissions.The next step is to create a database, username and password and give it permission to use the database. I suggest a database name like username_smf01, then a username that is the same. The password should be complex! Very complex in fact. There is an automatic password suggester that I suggest that you use. Be sure to save this information!I believe that the new versions of SMF use FTP for various file system functions. This prevents the infamous user 99 error many have seen in the past with PHP creating server owned files that the account owner can't access. I suggest that you create an FTP account for SMF and limit the account to only the forum directory. The biggest benefit of this is that you don't have to worry about your master FTP account name and password being stolen. The master account has much more access than a directory limited account so it is a good security idea. I suggest using the same password as the database username you used. The FTP username could be similar to your database username like smf01 and the login username would look like this smf01@domain.com.You can then initiate the installer as described in the SMF install instructions found on their website. I recommend that you send yourself an email to a permanent email address that you will check regularly like that one provided by your ISP with the database name, username, and password as well as the ftp account name, login name, and password for your SMF installation. This may come in handy some day.Considering that we offer unlimited databases here, it is important to remember to always use a new database for each script you install. Very large databases run slower.Well, this isn't a step by step for the installation of SMF but i think it will help you avoid errors, security issues, and frustration.vujsa
  2. Okay, there is a little confusion about the various specifications used to measure computer components...There are 2 specifications used to measure a processor, the first is the processor speed or clock frequency. This is a measurement of how many instructions the processor can handle in one second. So a 2.5GHz processor can process 2.5 billion instructions per second. The second measurement is the front side bus speed which determines the amount of data that cat go in and out of the processor in one second. For both measurements, the hight the number, the faster the computer. Additionally, there are different units to measure frequency at work here. 1000MHz = 1Ghz So a 1.8GHz processor is the same a 1800MHz processor. The reason I bring this up is because you stated that your games require 800MHz which is a measurement of the processor speed, not the front side bus speed. So having a FSB speed of 400 MHz will be fine as long as your processor speed is above 800MHz or 0.8GHz. You may have to buy a used processor on eBay to get the issue resolved since a quick search has not found any online stores that sell new processors that would fit your system. If Dell motherboards didn't require special power supplies (at least they did when your system was built), I'd suggest getting a new motherboard, CPU and memory. I know this doesn't really help you but at least you should be able to make a couple of decisions that I'm sure you have been stressing out about. vujsa
  3. I didn't realize that the problem was so big. Nor did I realize that it had been going on so long. I tried to search for a member's posts the other day when I noticed it. I sent an email to OpaQue as soon as I noticed and he resolved the problem in about 2 hours.Be sure to PM an Admin if this happens again.Thanks,vujsa
  4. Well, I have a few concerns...First, the CPU information was "melted" off? Intel acid etches this to the microprocessor cover plate. Perhaps, the thermal compound used has made it difficult to read but cleaning that off real well should reveal the data you are looking for. I suggest rubbing alcohol (70 - 90% isopropyl alcohol solution) and a Q-Tip (cotton swap) or even tissues if you don't press too hard. You should also clean the mating surface of the heat sink to remove any old thermal compound if you don't get a new heat sink and fan with your new processor. Remember, you must use new thermal compound or a new thermal pad between the processor and heat sink to properly transfer heat from the processor to the heat sink. Otherwise, your processor will likely overheat and burn up.My second concern is the bent pins on the old processor. How did you manage that? Socket 478 is a ZIF socket. You drop the processor in with the arrows or triangles aligned and flip the lever to lock the processor. The exact opposite procedure is used to remove the processor. You flip the lever to unlock the processor and gently pull it out with two fingers. I suppose that if you don't take the heat sink off before you remove the processor, it would be difficult to remove the heat sink from the processor probably bending pins in the process.Of course, none of that helps you now...It is true that socket 478 Celeron processors are interchangeable with socket 478 Pentium 4 processors which have the same motherboard requirements. For example, I have a Pentium 4 socket 478 processor running in one of my computers but the motherboard is not capable of Hyper Threading technology which limits the processors that are compatible. Additionally, the motherboard I have is only capable of 533MHz front side bus so I can't drop an 800MHz processor in there.Now, I have a very old socket 478 motherboard. That socket had only been out for about 6 months then and most Pentium 4 computers were using the socket 423 processor. Perhaps you have a new enough motherboard in your system that it doesn't matter.It is possible that you damaged the socket when you removed the old process since you bent some pins in the process. The only way I would know if your new processor is compatible is if I knew what chipset the motherboard is using. I'm wondering about the guy that installed the Celeron processor... You said that you cross-referenced with Dell so is this a Dell computer? did he do an upgrade for you when he installed the Celeron processor that you removed? Why did you remove the old processor since you determined that you had to replace it after it was removed, I didn't gather that you were trying to upgrade the Celeron when you started.If you could answer a few of these questions, perhaps we can determine if your system is compatible.=============================================================================I guess that I took too long to write this, someone else has also responded...The maximum CPU frequency is reliant on the chipset used in the motherboard. So, the chipset must have a maximum speed set various processors. It could simply be that the 2.5 GHz P4 attempts to send too much data through the FSB for the chipset to handle but the less powerful 2.5 GHz Celeron processor doesn't overwhelm the system since it processes fewer instructions even though they run at the same frequency.Additionally, the motherboard could have been locked to prevent upgrading! Dell doesn't make money from people that upgrade their computers, they make money from people that buy new computers.vujsa
  5. Well, I usually use a trigger to run a script. I usually combine this with a timer to ensure that the script is executed the proper number of times.This is helpful for people that don't have access to cron jobs.Basically, in every page of my website, my script would check to see how long it has been since the last time the operation had been executed and if the amount of time since the last execution was longer that the required interval, the operation is then executed then. Otherwise, it is not.When the script is execute, the timer is reset and if more than one interval has passed, the operation is executed however many times it should to get current.This way your web server is only working when you have visitors.There are a few topics about this on the forums if you want more information.vujsa
  6. http://forums.xisto.com/no_longer_exists/ Found here: https://www.google.com/search?q=proxy+server vujsa
  7. In short, no. Storing the authentication information in the code will not work since anyone can view client side code. Furthermore, you would need to change the code every time a new user was added which is normally done automatically server side. Client side scripts cannot change a file on a server without a server side script to interface with. vujsa
  8. Well to clarify... In HTML1.0, there were tags that didn't come in pairs since the tag didn't modify anything. For example, you have to use and opening and closing anchor tag <a> and </a> so that the browser understood that whatever was in between the two was the anchor! However, horizontal rule <hr> is it's own entity and it doesn't modify something else so there wasn't any reason to close the tag... In XML, all tags must be closed! There are no exceptions to the rule but most views / browsers are very forgiving! So, when you combine the two languages, you have to follow the rules for both to make XHTML. So, in HTML1.0, we used <br> that was it but for compliance with the XHTML standard, you must use the <br /> which opens and closes the tag at the same time. Basically, it tells the viewer / browser that the next tag found is not a child of the last tag. I hope this clears things up. vujsa
  9. Well, I'm not sure what Nvu/Composer is... Probably just a WYSIWYG editor which won't help you much! There is some information about Joomla template creation but you have to dig and know what you are looking for. For example, here is the master list of Joomla template documentation at the Joomla site: https://docs.joomla.org/Category:Templates Here is the page most people find. I edited it recently to include a link to the page above since I had so much trouble finding information. https://docs.joomla.org/Template Both of the links above are for Joomla versions 1.5+ only. Joomla 1.0 versions can be used with Joomla 1.5 but 1.5 templates must be modified to work with Joomla 1.0! There are tutorials available for this in the developers section of the Joomla site. The problem is that most of the Joomla website is geared towards the documentation and support of Joomla 1.5 now so older 1.0 articles may have been or soon will be removed. On to what you'll need to consider before continuing... A Joomla template is made up almost entirely of HTML! This is great news for people wanting to create their own template or modify an existing one. Style of course is completely controlled with CSS. The CSS is usually stored in a separate file but occasionally, multiple files are used along with embedded CSS to compensate for browser differences and still more CSS might be dynamically generated and embedded to control items that vary due to selections you make in the template manager etc... It is important to have some knowledge of PHP. Without PHP, you cannot create a template for Joomla. This is because your template will need to automatically adjust for varying conditions such as no modules in a specific position. Other PHP is used to actually specify the module positions in the template. Because of this mix of code, using a WYSIWYG editor isn't very practical for a few reasons. None are able to create the required PHP code needed. Most create awful HTML code which makes it more difficult to complete the template since you have to clean the code up first. Most use inline styling only so creating an embedded style sheet or even a CSS file is a lot of work. Because of the dynamic nature of Joomla website, no WYSIWYG editors are not capable of anticipating the code needed to make a template work. Basically if you don't know HTML and CSS, you can't create a template for Joomla You will need to be able to code by hand at some point in time. I generally create a pure HTML/CSS document with all of the colors and images I want to use then convert that to Joomla! Converting isn't too difficult but again, you have to assume that any given module position may be empty when displayed and adjust the rest of the template to exclude that part of the template. Otherwise, you could end up with large holes in the template. For example, if you used a common three column template but there isn't any modules to be loaded in the right column, then you'll have an empty column that will look awful and take up valuable space. In that case, you really need to have the template adjust to a two column style instead. Once your index.php file is done, you have to also create the configuration file and XML installer file. This is the minimum I believe. You'll need to read the documentation for template creation in the links I provided and also install and study several other templates. Here are a few more links for you, for Joomla 1.0 and under as well as Mambo tutorials, I suggest these sites: http://forums.xisto.com/no_longer_exists/ http://forums.xisto.com/no_longer_exists/ I hope this helps. vujsa
  10. I think that the example that you are referring to is just that, an example... I completely understand your issue with the <p> (paragraph) tag. It has it's uses but not as often as the WYSIWYG editors thing nor people writing CSS tutorials. You can use any tag that you want actually. I don't even think it has to be a valid HTML tag to work but that is a different discussion. If you want to format a string of text, you can use <span>. You use it the same as <p> but it doesn't have any default formating so you can use it for a whole paragraph or just a single letter in that paragraph! <span class="redText">This is red</span> and this is not! You should use the <div> tag for very large blocks of text but it will divide your text somewhat even without specific CSS to tell it to. It works kind of like table cells without the table! If you are using tables anyhow, you can just apply the style to the table, row, or cell that you want. <td class="cellStyle">This is my table cell content</td> Just remember that every tag has some type of property to it that you may need to compensate for with the CSS to get it to work that way you want it to.For example, if you have a CSS entry for the <p> tag to remove the extra spaces, then you might be happier. I'm not sure but maybe like this: p { margin-top: 0px;} it could be the padding command instead. I just don't use the <p> tag at all so I can't remember how to do it. hope this helps, vujsa
  11. You didn't specify if you installaed the PHP engine with Apache in your original post. If you don't, then your PHP scripts won't work. This is the reason people use package such as WAMP (Windows Apache MySQL and PHP). It is basically what you had before but with all of the required software packaged together. Anyway, I'm glad to hear that you have a working solution. vujsa
  12. I'll have to agree that WYSIWYG editors are very helpful but I still tend to code everything by hand. Most WYSIWYG editor tend to write very messy code with peculiar tags and codes. Since so much of my code is actually PHP generated, I have to write the corresponding HTML by hand since it is usually bits and pieces that are later arranged by the script into a single page.I must say that WYSIWYG editors have gotten much better. Some almost even get much of the CSS correct now. :mellow:I like WYSIWYG editors for one very important reason. I get paid a lot of money to repair, replace, or revise pages that have been created by the editors. Many of my clients simply use one of the editors and then don't know how to fix problems so the need a professional to help. Knowing how to read and write HTML makes working on these files very easy.Today, a customer asked me to update the copyright date on every page on their website. In a WYSIWYG editor I would have had to open every file make the change and save. In my text editor, I opened all of the files, used the find and replace function to change all open documents, selected "Save All", and uploaded all of the files at once. There were only 20 pages but it would have been the same amount of time for 100 pages (upload time varies of course)!
  13. Well, my Linux is awful! So I'll concentrate on non-Linux based problems...Assuming that you are using a LAN since the IP addresses are those commonly used be default in most routers I may have a possible cause.Let's assume that you are accessing one computer on your network as your Apache server. You probably had to either forward HTTP request to that computer or set that computer as your DMZ. As a result, the router knows what to do with HTTP requests. You may need to tell it how to allow connection to your symbolic links. My guess is that either your router's firewall is blocking the request or the router doesn't understand how to handle the request.This may or may not be helpful. I'm sorry, it is the only thing I can think of.vujsa
  14. When I built my new system, I kept my old one in tact. I partitioned the drive and loaded Linux (Fedora Core) on it for fun and learning. Of course I kept WinXP installed with all of my old files but I didn't have room for 2 computers so I got a KVM (Keyboard Video Mouse) switch. This allows me to use one keyboard, one monitor, and one mouse for two computers! They have switches for more than 2 computers which would be great if you have a number of servers running but obviously don't need I/O devices for each of them. Well, I do a lot of web development and the old computer has older versions of IE and Netscape as well a Linux installation of FireFox and Mozilla. Switching between WinXP and Linux requires a restart but with a double click of the "Scroll Lock" key, I can switch between my new computer and whatever OS is running on my old computer.Since both computers are on my home network, I can share files between them (assuming both are currently running Windows) and can use the one to back up important files from the other.Given the huge differences between browsers versions and and of course different browsers, it is very helpful to be able to check a website in multiple browsers and versions.I suppose if I had several computers all running different OS's, I would benefit if I bought a KVM switch that would share I/O for all of them.Do you have a KVM switch?How do you use it?
  15. Just got my new hardware setup and I love it. I do a lot of programming and as a result a lot of switching between programs. Now I can leave my browser open on one screen and my editor and FTP client open on the other. Saving me a lot of time!!!So here is what I got...EVGA e-GeForce 8600GT PCI-E dual DVI output video card.2 HP L1910 19 inch flat panel monitors.Just for fun, I also added a second Western Digital WD1600JS 160GB SATA hard drive which I configured in a RAID 1 for mirrored data protection.I may add 2 more of the same hard drive later for increased storage as well as enhanced performance as RAID 0 striped drives read nearly twice a fast since you read from both drives at the same time.I think I'll take my old system 1.7GHz P4 2GB memory etc which is currently connected to one of my monitors via a KVM switch and split it off and set it up for my kids with my old 17 inch ViewSonic flat panel monitor. One of their favorite (old WIN95) games isn't compatible with the new video card. :mellow:Who knows, with the time I save, I might be able to be active in the forums again.
  16. In the United States, most states have a driving law that requires drivers to move one lane over from an emergency vehicle on the side of the road. For example, if you are on a multi-lane road, two or more lanes in each direction, and there is a police car with it's lights on on the side of the road; the driver is supposed to move out of the lane nearest the location of the stopped police car. If you cannot move over due to traffic or you are on a single lane road, one lane each direction, you must slow down. Some states specify the speed at which you must slow down. This is to prevent police officers from being hit while writing traffic violations or tending to an emergency. The law specifies emergency vehicles as police, fire, ambulance, or tow trucks.Most people don't realize that tow trucks are included!Additionally, many people don't seem to understand the concept of "move over or slow down" so they do both!!!!!!This is a very dangerous situation. Not only does traffic have an emergency vehicle they need to be aware of, now they have a vehicle that merges into their lane AND slows down. On the modern freeway where traffic could be moving a 70 miles per hour or more, having a car unexpectedly pull in front of you and slow to 45 miles per hour can cause a major collision!So, just remember, the rule is "move over OR slow down" not both!On to other laws that people don't understand it seems.The inside lane is for passing! In the U.S. this is the left lane on a multi-lane road. If you want to drive slower than everyone else then please move to the right (outside) lane! Some places actually have signs that state "slower traffic keep right" or "keep right except to pass"! This is particularly true on roads with more than two lanes in each direction. The right (outside) lane should be for turning, slower traffic, or merging on and off the limited access highway. The second (usually middle) lane is for normal driving at a speed in which the majority of vehicles are traveling. The left (inside) lane is for traffic moving faster than the majority of vehicles or for the passing of slower vehicles in the middle lane. If you are not passing, then you shouldn't be in the inside lane. Most vehicles should spend the majority of their trip in the middle lane! If you are in the inside lane and their is a line of traffic backed up behind you, you are obstructing traffic and need to move to the center lane as soon as possible. If you are in the center lane and all other vehicles are either having to pass you on the inside lane or are backed up behind you, you need to move to the outside lane. In city driving, a left turn requires that the vehicle be in the left (inside) lane, do not enter the left (inside) lane until you are nearly ready for the turn and be sure to signal your intentions.Don't pass on the right (outside). The inside or left lane is for passing and you should only pass another vehicle on their left side (in the U.S.). This is particularly true of large vehicles such as trucks as they have a much larger blind spot.Traffic on a limited access highway has the right-of-way! If you want to merge onto the highway, you must yield to the traffic already on the highway! If this requires you to slow down or stop, then you are required to do so. The existing traffic is not required by law to slow down, move over, or any other maneuver to allow incoming traffic to enter the highway. You may have to use the shoulder but do not expect the regular flow of traffic to "let" you on. It isn't their responsibility!There is a reason that you have a turn indicator! Use it every time please. Not only is it the law, it is th polite and considerate thing to do. Many collisions could be avoided if the indicator was used.Do not block intersections. Wait outside of the intersection until you are sure that you have room on the other side even if you have a green light. Otherwise, your actions will cause gridlock. This is when vehicles with a green light cannot go because the traffic moving across the intersection was stopped be for the intersection was cleared. If the traffic on the other side of your intersection isn't moving or is moving slowly, just wait behind the while line until you have room on the other side to move into under your normal green light. Additionally, do not block cross streets, drives, and entrances that do not have a stoplight while you are waiting for your light to turn green. Not only does this allow other to "get out" it may work in your favor...Near my home that is a corner gas station. Many cars turn off the main road and the want to turn across traffic into the gas station. If the gas station entrance is blocked, the cars can't turn and get stuck in the intersection in front of the cars blocking the entrance. It takes some maneuvering of the cars behind the person wanting to turn to unblock the intersect. Of course everyone is irritated! If the drive wasn't blocked, then the traffic jam would never have occurred. So in this case letting a car or two through actually gets you through the intersection more quickly.I think that if everyone or at least most people would be more considerate of other drivers, we would all get to our destinations more quickly and safely.vujsa
  17. I think that it is important to note that there has never been a truly communist society! A communist society is one where all citizens are truly equal and share equally in the labors, prosperity, and decisions of that society.The countries mentioned above are all socialist societies! This is where the government rules everything and has absolutely nothing to do with communism! Communism is a Utopian concept but socialism is usually just an extension of a dictatorship as seen in North Korea or Cuba! These people do not share in the prosperity or decisions of their labors! The government tells them what to think and do and if the resist, they are either publicly executed to keep others from disobeying or secretly executed (disappeared) to avoid explaining why their opinion was unacceptable.The reason that Americans are so resistant to the idea of "Communism" is because the whole reason this country was formed was to allow the people of this land to escape the type of society that allows others to oppress people the ways that communist countries do. Furthermore, all of our laws and structure of government were specifically designed to prevent a dictatorship or government controlled society as seen in North Korea.Do you honestly believe that the people of North Korea are better off with the sick SOB that is running that country? Should it be allowable for the ruler or family member of a ruler of any country to walk into a school and select girls to serve him sexually against their will? Is it okay for a ruler to kill an entire village of people just because he wants to?These are the kinds of things that happen in countries. The people rarely know any better so they are easy to brainwash but just because they don't know that they are the only ones starving and being treated so brutally doesn't mean that it is right for them to live that way.The communism idea is a nice one but would never work as all men desire power and in a communist society everyone is supposed to share the power equally.vujsa
  18. After World War II, the United Nations led mostly by the United States decided that the Jews that had been so badly treated by Nazi Germany should be given the chance to return to the Holy Land and what is now know as the country of Israel was taken and given to the Jews. Much of the Arab world at that time did not have the political or military power to prevent this from happening. Keep in mind that after the war, the only country that didn't have to rebuild anything was the United States so trying to stand up to that kind of military might was pointless. The arrangement seemed to go okay at first with the expected opposition but it was believed that people of all faiths that considered this the Holy Land would eventually get along in peace. Eventually the Egyptians, a mostly Muslim country, decided that having the Jews there was intolerable but Israel with it's well trained U.S. supplied and U.S. backed military emerged the victor. Since then, there have been numerous attempts by Muslim extremist and even non-Muslim Arabs to displace the Jewish population in the Middle East. The Palestinians have been in constant conflict with the Israelis because of the land that was taken away from them. To make things more difficult, the Israelis have continued to expand their boarders further and further into Palestinian territory. It is no wonder why the Arabs are irritated by the situation. This has lead to desperate actions such as suicide bombing and other terrorist methods to convince the Israelis to leave. On numerous occasions, there have been peace treaties signed between Israel an Palestine but it never lasts and frequently it is because of the actions of the Israelis. In fact, the last peace treaty was going well until the Israelis decided to attack a Palestinian building it believed to house enemies of Israel. For as long as I can remember, the Palestinians have complained about Israeli settlers stealing their land and terrorizing them with beatings and other oppression. And for as long as I can remember, we, the United States, have backed Israel and have had nothing but trouble as a result! In fact every time we involve ourselves further in the happening in the Middle East, the more hostilities we encounter from Muslim extremist. I thin it is safe to say the most Middle Easterners are less than happy with the United States because of our presence in their countries and especially because of our backing of Israel. I finally concluded that it is Israel that is in the wrong in most of these conflicts and that we, the United States, are wrong for supporting Israel. Additionally, since most of the power of Israel is derived from the military support they get from us, we should be able to force them to play nice. Something like, "If you can't play nice, then we can't play with you!". In fact, it is the U.S. that is most likely to be able to stop the hostilities in the Middle East be forcing the Israelis to sign a treaty that would give back most of the Palestinian land, prevent future expansion of Israel without a monetary arrangement with the lawful landowners, and eliminate aggression on the part of both sides. Not only would the U.S. have to force Israel to do this, it would have to hold them accountable. Since that isn't going to happen and nobody wants to believe that Israel is in the wrong, a new program has provided 100 brand new video cameras to the Palestinian people to record their daily observations of how the Israeli military and settles treat them. So far, two soldiers have been arrested for brutalizing a prisoner and three settlers arrested for beating local farmers in their field seemingly for no reason but to terrorize them. I hope this new campaign will help the Palestinian people to demonstrate to the World just how bad their conditions are and how wrong the Israelis are! vujsa Just a note: I do not believe that terrorist tactics such as bombing public places or using suicide bombers should ever be employed. People should stand up for what is right and protect what is theirs but violence should be a last resort and when used should follow the internationally accepted guidlines for appropriate behavior during war.
  19. Very nice detailed explanation of how to get your database set up for a log in script. I think this an area that is very often overlooked when explaining how to create such a script. Most of the time the author simply gives the MySQL code and continues on with the description of the PHP that does all of th work but this is a great guide for getting ready for your script.I look forward to reading the rest of the tutorials you are planning for this systemvujsa
  20. Sometimes the simplest question can provide much more information than you realize. I will add one other security tip...I generally save the session data in both the session cookie and the database...It is good to use sessions to store your session ID which I generally use to get permissions from the database.However, if you store other user information in the session cookie and the database and compare that to the user's current information, you can better prevent someone from hijacking a session.For example, check the user session id, IP address, and maybe browser version or OS to see if that matches what is was when the user logged in.Another important suggestion is to expire sessions after a certain period of time to prevent an old session from being reused. Just apply a current timestamp each time a session ID is used in the database. Not only does this prevent someone from using an account after the real owner forgot to log out, it makes it far more difficult to hijack a session since the hijacker only has a limit amount of time to find a session and attempt to use it.Hope this helps.vujsa
  21. LOL There is no SQL disk space limits other than the limit placed on your account... This is true with all hosts! Your database storage is part of your overall account storage limitations. So, if you have 500MB of storage on your account and your file use 400MB, then you only have 100MB for your database. As for the SQL server, in the event that if becomes full, additional drive space is allocated. Occasionally, if the SQL drive is placed in read only mode for maintenance or protection, it may give a disk full error since it can't be written to. So, my suggestion is to first check how big your SQL databases currently are in cPanel and also check your total disk space usage. If these are more than your account limits, then you need to find a way to reduce you disk usage. If the error still occurs without your account being over limit, then reply here. vujsa
  22. I don't see any security holes in the code provided. However, the actual authorization code, "login.php", isn't included so I can't comment on that. Either list the code or provide a link to the post that you are referring to. When I do login systems, I use a salt, the username and the password to generate the hash from. I sometimes use multiple hashing techniques and different hashing orders... For example, I might do the following: $usersalt = md5(uniqid(rand(), true));$username = $_POST['username'];$userpass = sha4(md5($usersalt . $username) . md5($_POST['userpass']));This way, you save the username, salt, and password hash in the database and the code puts it all together. So, if someone manages to get access to you database it would be very unlikely that they could decipher the actual password since they wouldn't know what order you used to generate the password hash. For extra security, you can also use a global salt salt which is the same for everyone's password hash but only be stored in one PHP file somewhere in your system like your configuration file. You would have to include the file in all of your user creation and authorization scripts. This would prevent a key part of the hash from being seen in the database making even more unlikely that anyone could decode your hashing method. You can add other user information to the hash to simply increase the complexity used to generate the hash requiring many more steps to decipher it manually. The more items that you add to the hash and the more different hashing functions (md5, sha1, etc...) you use on those items, the harder it is to figure out the method and order used to generate the hash. The following user information would work: email address first name last name date of birth address city country Just remember, if the user changes any of the information, a new password hash must be generated! Otherwise, you won't be able to check the submitted login information against the password hash since during authorization, the user submitted password must be converted exactly the same way as the stored password hash was in order for them to match. If the data is different, then they won't match and the user won't be able to login. On that same note, you must only use constant data for the password hash. This is data that doesn't change over time like the username which is stored in the database. Once a random password salt is generated, it must be stored in the database. Using the current time or current date in the hash will not work since the time will always be different. If you want to, you can use a time stored in the database like the user creation date. I hope this gives you some insight into securing you user's saves password information in your database. vujsa
  23. Xisto does NOT sell email information nor has there been a database compromise. Your email address is listed in your application for free web hosting. Email harvesters have little difficulty collecting emails without any protection which is probably why you use a junk mail account for your account here! Admins use the email address you supply in the application to determine if the correct account is being activated for hosting when we approve applications. I designed the hosting application form and hope to add a measure of security to the email address during my next update. Thank you, vujsa
  24. No problem! There are a number of commercial sites that use Joomla as their CMS. There is even a version of Joomla that has a shopping cart and related templates pre-installed. You may also note that there are a number of commercial licensed products for Joomla. I believe that under GNU/GPL, you can even charge for the download and installation of Joomla. You can't charge for the software but you can charge for services you provide regarding the acquisition and implementation of the software. Of course, when in doubt, you can always send a formal inquiry to Open Source Matters or check out this information page about Joomla! License Guidelines. Hope this helps, vujsa
  25. Actually, if you have a decent portfolio, reputation, or references, you can get high end clients that have large budgets. If a client doesn't know how to do what you do and they really need it done and done fast, they'll pay a lot of money for the job. For example, I have a relative that works for a drug manufacturer. They wanted a new system to track clinical trials. So they hired a programmer that did the job for probably a very large sum of money. He used XML for the database and developed the software to interact with the database. It is a simple system... Take subjects temperature, log it... take subjects blood, log it... etc... I could have done the same system using PHP and MySQL on their secure intranet with additional password protection etc for much less but I'm not the guy they hired! The point is that if you tell someone that a job costs $1000.00 and they hire you, it isn't your fault. If someone pays you $1000.00 for a job, better do it right though. vujsa
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.