andresmtz

That is great, rebuilding scripts is a good way of learning how to program. I use to do that in high school when I make web pages, I create some things and other parts were modified scripts. Is a good way because you learn how things are programmed and then you can learn those techniques and create your own. Nowadays I program almost everything I use; I only download some complex and very good scripts (like scriptacolous.js).

If you check the referrer is enough to kick a hacker out or there exists another good practices for enhancing security in php scripts that process forms?

Does any one has an easy sample code to manage the session? I have done this only in php and I want to do the same with Java Server Pages. I want to know how to create the session, how to destroy the current session and clear all variables, how to get the session id and how to read the session variables. Thanks

I read some information about this security issue in Web Browsers. Actually is only a security issue for the surfers that use Microsoft Internet Explorer, the rest of us that do not use this internet browser can relax, we are not vulnerable. Anyway I will explain a little bit about this Clipboard sniffer. 1. Only in Microsoft Internet Explorer The people at Microsoft said is a "feature" provided by Internet Explorer. The true is that many web developers think that is more like a bug, because it allows that any website with a "clipboard sniffer" could read and use the content of your clipboard. No matter is your are working in another application that is not Internet Explorer, it is enough to the clipboard sniffer that you open the website where is installed in a window of Internet Explorer. You wont notice any weird activity. 2. The script is Client Side only These means that only runs in the computer of the visitor of the website. The Clipboard sniffer is actually only based in a very easy (really very easy) JavaScript code that would only be correctly interpreter and execute by Microsoft Internet Explorer. It has no relation with the server side scripting language such as ASP, PHP, JSP, cgi, etc, is completelly independent. Is only related with Internet Explorer 6 or lower version and for Internet Explorer 7 it will ask you before entering a website with the clipboard sniffer, if you allow this website to access you clipboard. This is more like a 'easy patch' implemented by the Microsoft guys in the last version of their web browser, because it wont fix the security problem in many cases. The 'common', 'normal' and 'non-geek' web surfers may not understand or even read this advice and will click "yes" to these kind of annoying messages of their browser. Some users are just desperate to open the web page and they would not notice the text of any advice the explorer will show, specially if they are using Internet Explorer 7 under Windows Vista because they have to deal with many annoying "security advices" of this operating system all day, after a few minutes of this I would be desperate and I would be hating this messages too. 3. The solution The straight-forward and easiest solution to maintain you data secure of clipboard sniffers is by simply not using a browser with this "feature". I recommend Firefox or Opera. Both are great browsers and have a solid platform and excellent support for web standards. Firefox is completely free open source web browser and is available for Windows, Mac OSX, Linux, Solaris and other OS. Opera is also free to download, but recently they changed their policies and they required you put some ads or purchase it If you still want to use Internet Explorer anyway is OK, but it is recommended to change your security settings: Internet Explorer 5 and 6 1. In Control Panel, click Internet Options. 2. Click the Security tab. 3. Under Select a Web content zone to specify its security settings, click the zone where you want to prevent Web sites from accessing your clipboard. 4. Click Custom Level. 5. In the Scripting section, under Allow paste operations via script, click Prompt or Disable. 6. Click OK. Internet Explorer 4 1. In Control Panel, click Internet Options. 2. Click the Security tab. 3. Under Select a Web content zone to specify its security settings, click the zone where you want to prevent Web sites from accessing your clipboard. 4. Click Custom, and then click Settings. 5. Click Prompt or Disable for Script ActiveX controls marked safe for scripting, and then click OK. Note: Windows Administrators can also adjust the default setting for this feature by using Group Policy or the Internet Explorer Administration Kit (IEAK). These steps to fix the security issue were taken from the Microsoft Help and Support available at: How to Prevent Web Sites From Obtaining Access to the Contents of Your Windows Clipboard In here you will see a quite long text from Microsoft explaining that is not a problem because Internet Explorer blocks this "feature" if you turn on the "High Security" mode of Internet Explorer. This more is more like a "Paranoid mode" because it also blocks many other real feature of the web browser. Conclusion This feature or bug is a bad characteristic of Internet Explorer in almost all cases. However it could be useful for some RIA (Rich Internet Applications) that run under this web browser and it could be used in a very positive way to create more interactive and desktop like applications. I think that this feature should be disable by default in any security level of Internet explorer and when a trusted website with clipboard sniffer script that would be used to enable copy/paste support for some interesting features, a message should prompt then and the user may now enable this feature. I have not seen any website that uses this feature, maybe because it is better to copy/paste in the traditional way via the Web Browser clipboard support and not via the JavaScript support that is only compatible with Internet Explorer. By using the traditional clipboard support of the web browser, websites only have access to the data that has been pasted to an input box and do not see the entire clipboard board like in the JavaScript sniffer.

I also agree in not using MS Access I have seen some pages with ASP that work with this database and they work very slow. Access is not intended to work in web, it is only useful If you want to create a simple and single user system and you want it to be working in very few time and in a local environment. It is easy to use because it has a graphic environment and wizards to create the user interface. However there are many tool for working with other database systems (like PhpMyAdmin) so I prefer not to work with access in any case, unless is the only option (because of licenses or host configuration). I also agree to use MySQL, Microsoft Sql Server or Oracle that are more scalable and powerful databases. MySQL is free and is going better in each release, so is a very good option for many websites.

Hi,does anyone knows the URL or port to access the control panel of a site hosted by a Windows Server.I have only used Unix Hosting Servers and the usually have cpanel and the URL to access it is usally http://forums.xisto.com/no_longer_exists/ or http://www.domain.com/ need to access this panel to create a database. Please Help.

Nowadays we have a Solaris 9 Server (SunOS 5.9) in our campus, and it serves to 250 or more collage students. It works just fine and fast and it had to been shut down only once since the last 3 years and was only because a general failure in electricity power. It runs in a Sparc, I don't know what version of sparc but definitive it is not a new and powerfull one. Maybe the Solaris server in your collage just need a good config. and system tunning, maybe I dont know your situation. But I also thing Fedora is ok, I heard that in other campus of my university they use Fedora or Suse an works all right. I think that it depends more of the system's and services configuration, network settings and a good administrator to have any Unix running to fit the users requirements. And about Java, selling and supporting servers is the principal business of Sun Microsystems and Java was only launched as another project and it is not to intended to be the main income's source of the company. The Solaris guys said that Java is optimized in their Operating system and that it runs better on it. Maybe is true because they are the creator, i have never test it.

Yes Linux is multi-thread but only in user level threads and do not in the kernel threads as Solaris do. This kernel level threads allow the system to change between threads faster than changing between process when running system's tasks. Actually Linux kernel only sees process and not threads because it uses the same control structure to manage process and threads, it uses what is called a task_struct for both threads and process. So in Linux changing between threads has the same overhead for the system as changing processes. In the other side, Solaris will change faster from thread to thread because it creates an equivalent structure for managing the process (called in Solaris proc_t) and individual structures for each thread (kthread_t) inside the process, so when the changing between threads is required the dispatcher only changes the thread structure, which is smaller and retains the process structure that contains common data for the threads inside the process. Also an klwp_t structure is provided in a Solaris process as a save area for threads switching between user and kernel modes. In FreeBSD it has a proc struct, a thread struct, and a ksegrp struct. Effectively, all three Unix OSes schedule threads, where a thread is a kthread_t in Solaris, a thread structure in FreeBSD, and a task_struct in Linux and the difference is how they manage them. As a conclusion one important difference for Unix flavors is the kernel. Each Unix implements their own kernel. Linux uses the Linus Torvalds implementation, Solaris and BSD do their own implementation. These kernels use different subsystems (scheduling, memory Management, paging, etc), rules and policies. They have different code, that should perform equivalent tasks to the others kernel implementation. All kernels have their own advantages and disadvantages.

OpenSolaris is only like a "testing Operating System" where developers test their beta products. It is an open source project sponsored by Sun Microsystems, Inc; and it was initially based on a subset of the source code for the Solaris Operating System. The idea of this project is to create a community where developers from Sun and elsewhere can collaborate on developing and improving operating system technology. OpenSolaris only provides the core kernel, some common libraries and commands that are currently distributed with the Solaris Operating System. Over time, it is expected that additional parts of the Solaris OS will be made available through OpenSolaris. In the future, Sun Microsystems may include part of the OpenSolaris source code as the basis for new versions of products and components that will be included in future releases of Solaris OS and third-party products distributions. The main difference between the OpenSolaris and the Solaris Operating System is that the OpenSolaris does not provide an end-user product or complete distribution. Instead it is an open source code base, build tools necessary for developing with the code, and an infrastructure for communicating and sharing related information. Support for the code is provided by the community; Sun offers no formal support for the OpenSolaris product in either source or binary form. The Solaris OS is Sun's operating system distribution and is branded, tested, maintained and supported as a Sun product. Future releases of the Solaris OS will be built from the OpenSolaris source code, but will still be supported in the same manner as current versions of the Solaris OS. So, it is only good idea to install this operating system if you wanna test or be a developer for the OpenSolaris project. I would not use it as my Operating System at work and of course not as a server, because it is not stable in any way. I have never installed it, but I think that it should be tedious to make it work. As I said it is very straight-forward to install and can be easily customized during installation or when installed. I think that it is based in the Knoppix distribution, but I like it more. I also installed because I don't want to spend too many time configuring (only the necessary).

Why SOLARIS is different to other UNIX? Well, Solaris has some important differences with other Unix. For example the FileSystem. They use ZFile which is file system created by Sun Microsystems an it is a 128bits file system capable for managing a unlimited capacity (2^128 bytes! it's a very huge number!) which could be a single Hard Disk or multiple hard disks or a cluster of computer. Another difference is the Console managment which makes the creation of users, roles and permission a very fast and easy task by using some wizards and a graphical interface. It also could be used to manage computer remotely so you can easily manage an entire network from one single Solaris Server. Also security is enhanced by the use of TCP wrappers. This management tools for Unix Administrators are one of their most important differences. They have the Java Desktop that is based in Gnome. They also are good in managing concurrent virtual machines. An important internal difference is that it is completely an multi-threating operating system because it not only manages multiple concurrent threads at user level, it also manages multi-threat at system level, which leave us to an N to N relation between user and system threads. Other Unix do not have this. The advantage of having a multi-thread at system level is that the operating system is faster, because it do not have to make too many context changes because most of the system's process are really another thread that use the same process context, is like having a single process to be the operating system so it is easier to manage this "single" process instead of multiple process. This multi-threat performance is even greater if Solaris is used by a multicore processor such as Turion64X2, Intel CoreDuo or even better an UltraSparc with a eight-core processor. However in almost everything else it looks and works like another Linux/Unix. I have to confess that I also have problems to install it in my laptop Dell Inspiron 1501 because some drivers were unavailable or their installation may cause Kernel Panic, so I installed in my friend's laptop (an HP) and we do not have any problems (unless the Wireless card). I recommend Solaris as a very good option if your looking for a Unix to be used as a Server to manage a network, services, clusters, etc (administrator's tasks). It is probably the best option in the market for this. And it is used by many big and important companies around the world (i.e eBay, High Performance Computing Virtual Laboratory, Engineering DataXpress, etc). If you look for a Linux to be used by a single user at home (like a normal person ja) I recommend OpenSuse, I like it more than Ubuntu (:S) and other linux. It is very easy to install and use, and it is focus for common users (not companies as Solaris). It has a very intuitive user interfaces, and it cames with many applications. It is almost as easy as windows, because it has automatic updates, YaSt to manage the system's config. and more. I hope this reply is useful to understand the some differences between Solaris and other Linux.

Well, Solaris has some important differences with other Unix. For example the FileSystem. They use ZFile which is file system created by Sun Microsystems an it is a 128bits file system capable for managing a unlimited capacity (2^128 bytes! it's a very huge number!) which could be a single Hard Disk or multiple hard disks or a cluster of computer. Another difference is the Console managment which makes the creation of users, roles and permission a very fast and easy task by using some wizards and a graphical interface. It also could be used to manage computer remotely so you can easily manage an entire network from one single Solaris Server. Also security is enhanced by the use of TCP wrappers. This management tools for Unix Administrators are one of their most important differences. They have the Java Desktop that is based in Gnome. They also are good in managing concurrent virtual machines. An important internal difference is that it is completely an multi-threating operating system because it not only manages multiple concurrent threads at user level, it also manages multi-threat at system level, which leave us to an N to N relation between user and system threads. Other Unix do not have this. The advantage of having a multi-thread at system level is that the operating system is faster, because it do not have to make too many context changes because most of the system's process are really another thread that use the same process context, is like having a single process to be the operating system so it is easier to manage this "single" process instead of multiple process. This multi-threat performance is even greater if Solaris is used by a multicore processor such as Turion64X2, Intel CoreDuo or even better an UltraSparc with a eight-core processor. However in almost everything else it looks and works like another Linux/Unix. I have to confess that I also have problems to install it in my laptop Dell Inspiron 1501 because some drivers were unavailable or their installation may cause Kernel Panic, so I installed in my friend's laptop (an HP) and we do not have any problems (unless the Wireless card). I recommend Solaris as a very good option if your looking for a Unix to be used as a Server to manage a network, services, clusters, etc (administrator's tasks). It is probably the best option in the market for this. And it is used by many big and important companies around the world (i.e eBay, High Performance Computing Virtual Laboratory, Engineering DataXpress, etc). If you look for a Linux to be used by a single user at home (like a normal person ja) I recommend OpenSuse, I like it more than Ubuntu (:S) and other linux. It is very easy to install and use, and it is focus for common users (not companies as Solaris). It has a very intuitive user interfaces, and it cames with many applications. It is almost as easy as windows, because it has automatic updates, YaSt to manage the system's config. more. I hope this reply is useful to understand the some differences between Solaris and other Linux.

I don't know that by mounting a virtual device you could extend you swap. It's a great an easy solution if you do not want to re-partition your drive. But what about performance? Because one of the advantages of Unix systems over Windows is that "virtual memory" is stored in an individual and exclusive partition (swap) and Windows stores it in the same partition of the system (usually C:).The advantage of having an exclusive partition for virtual memory is that the swapped pages do not need to "compete" for allocation and virtual memory is faster, may be in this solution you propose the performance is similar as to having the complete virtual memory as one unit because I see that you pre-allocate this memory file.

I have 7 years programming since I was 15 years old. I start programming in Pascal and Basic.Then I try Javascript, HTML and CSS. Then I learn lingo for macromedia director, and then actionscript for Flash.All of these was in highschool and by my own.Then I learn Java, C++, Perl, PHP, VB 6, VB .net, Prolog, scheme, c--, assembly language in collage. And of course SQL for db. Also OQL which is similar to sql and is suppose to be used for object oriented databeses.

Eclipse is a good java IDE if you just want to code Java without creating an interface because you will need to code it all (yes i know it takes a lot of time and sometimes a little bit boring). Well there is another IDE that will be your perfect solution. It is Neatbeans! It has became one of the post famous and more used programming environment not only for Java, also for C/C++ applications and for creating UML diagrams and generating code from it (since version 6.0). Netbeans allows you to easy create GUI by just dragging to the screen components such as textfields, labels, buttons, radio buttons, text areas, panels, and many other cool components. It support both the java.awt interface or the javax.swing. I heard that Netbeans won a prize because their GUI's building tool not only allows you to put components, it also have auto-align and auto-size functions that makes very easy to create professional user interfaces in minutes. It also has a preview button to easily view your interface without compiling you whole application. Well this are only a few advantages of netbeans, I only mention these few because you ask about building interfaces; but it has many other features as managing classes in packages, to create test clases, deploy the application by creating the JAR file automatically, debugging, templates, and more! The netbeans site is: https://netbeans.org/ The only IDE you need for developing any application!

Floyd - Warshall The Floyd - Warshall algorithm is used to find the shortest path between all nodes in a directed graph with weights in its connections. A single run of the algorithm will find the shortest path between any pair of nodes in the graph with a complexity time of O(V^3), where V is the number of nodes of the graph. This complexity time is due to the 3 cycles it uses in its implementation. The algorithm works by estimating the cost of the shortest path between nodes and it corrects its answer in each iteration. Let's suppose that we have a graph with V nodes, all numbered from 1 to N. The shortest path between node 'i' and node 'j' could be one of the followings: - The path between "i" and "j" or - The path between "i" and "k" plus the shortest path between "k" and "j", where "k: is the intermediate node smaller than N In other words these two statements could be written as pseudo code: shortestPath_i_to_j = min(shortestPath(i, j), shortestPath(j, k) + shortestPath(k, i)); And the complete pseudo code is: procedure FloydWarshall () for k = 1 to n for each (i,j) in (1..n) path[j] = min (path[j], path[k]+path[k][j] ); end end end procedure Assume that N is the number of nodes in the graph and that each element of the path[j] has been initialize with the cost of traveling from i to j, normally using an adjacency matrix. For numerically meaningful output, Floyd-Warshall assumes that there are no negative cycles (in fact, between any pair of vertices which form part of a negative cycle, the shortest path is not well-defined). Nevertheless, if there are negative cycles, Floyd–Warshall can be used to detect them: either run one more iteration and see if there are any changes, or look for negative values in the diagonal. Some of its applications and problems were it could be applied are - Shortest paths in directed graphs. - Transitive closure of directed graphs. In Warshall's original formulation of the algorithm, the graph is unweighted and represented by a Boolean adjacency matrix. Then the addition operation is replaced by logical conjunction (AND) and the minimum operation by logical disjunction (OR). - Finding a regular expression denoting the regular language accepted by a finite automaton (Kleene's algorithm) (sound complex? yes!) - Inversion of real matrices (Gauss-Jordan algorithm). - Optimal routing. In this application one is interested in finding the path with the maximum flow between two vertices. This means that, rather than taking minima as in the pseudocode above, one instead takes maxima. The edge weights represent fixed constraints on flow. Path weights represent bottlenecks; so the addition operation above is replaced by the minimum operation. - Testing whether an undirected graph is bipartite. Hope this was useful to understand the algorithm and that you will be able to apply this algorithm in solving problems.