Easton's blog

WorkSimple 1.3.5 control panel and login fix

After playing around with WorkSimple 1.3.5 (and apparently not doing much  testing), login.php doesn't redirect on login and cp.php strips HTML.  Download the attachments below and replace cp.php and login.php with the new versions. Save the new versions as cp.php and login.php respectively and upload them to your WorkSimple install directory.

External antennas on ASUS EeePC 701

I finally did what I always wanted to do: add external antennas to my 701. Drilling the holes were a bitch. First, I tried at the right hinge, but the end of the RP-SMA connector was too large. Then next to the VGA port and no luck, Oh, but perhaps next to the second USB port on the right hand side? Nope. Well, what I ended up doing was putting the connector on the outside. Check out the picture:

Edit: here's a better picture


 

 

WorkSimple 2.0 roadmap

I've been making lots of new changes to WorkSimple, paving the way for WorkSimple 2.0. I'll be going over old code and re-implementing some things. I used Twig for templating instead of a custom made method since it seemed easier and more convenient. Templates now are much more customizable and flexible. Check out the screenshot for what it may look like (the colours suck, I know).

Pasteros: cloud-based text storage

I just had to create [another] text storage project, just for shits. Pasteros (temporary domain) is a text storage storage (think Pastebin, Pastie, etc) running on DotCloud. It uses Twig for templating and I just converted the MySQL innerworkings to PostgreSQL (juste pour le fun). I also made an API for public use as well. I'll be releasing the source code shortly. Any feedback is appreciated.

How not to order RAM

So, back in June or so, I ordered four sticks of 2GBs of RAM for my main workstation, DDR2 PC6400. Couldn't wait to get them right? So, a month goes by and they finally come in. Now, the board I have right now is a Supermicro X6DVL-EG2 which accepts ECC RAM. I thought my current RAM was non-ECC so I said fuck it and ordered non-ECC RAM. Wrong. RAM came in, tried it, motherboard beeped at me. Fuck. So I sent it back out east for a refund (to Newegg). A week or two goes by until I get the refund so I go ahead and order DDR2 PC6400 RAM.

Templating with Twig

I've been working on this shitty video sharing site for a couple weeks now and thought I'd try out some new things. I' used phpass for the password management and ended up using Twig as a template framework. I've never used a template engine before so I was new to using one. Twig is actually quite easy to implement into any of your projects. In your PHP script add:

 

require_once 'Twig/Autoloader.php';
Twig_Autoloader::register();

$loader = new Twig_Loader_Filesystem('templates');
$twig = new Twig_Environment($loader);
$template = $twig->loadTemplate('index.html');
echo $template->render(array('value' => 'test');

And that's it. In the example, 'index.html' is the template file. The array passes the variables onto the template. So, your index.html would look something like this:

 

This is a {{ value }} 

That would echo 'test'. The documentation for Twig is alright but it doesn't show how one uses the core extensions. See the below example as a block is transated for Twig's use:
 

      $a = $s + ($limit);
       if ($a > $numrows):
       $a = $numrows;
       endif;
       $b = $s + 1;
       echo "Showing results $b to $a of $numrows";

Becomes:

{% set a = s + limit %}
    {% if a > numrows %}
        {% set a = numrows %}
    {% endif %}    
{% set b = s + 1 %}  
   Showing results {{ b }} to {{ a }} of  {{ numrows }}

 

How publicly released exploits helped WorkSimple

[Photo by Honza Soukup]

A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents. 

 

Pages

Subscribe to RSS - Easton's blog