Redis Home Email Injection | damonkohler Not so long ago, I ran a wiki called SecurePHP. On that wiki, there was one particular article about email injection that received a lot of attention. Naturally, with all the attention came lots of spam. As a result, I disabled editing of the wiki and content stagnated. The PHP mail() Function There are a lot of ways to send anonymous emails, some use it to mass mail, some use it to spoof identity, and some (a few) use it to send email anonymously. Function usage: mail([RECIPIENT],[SUBJECT],[MESSAGE],[EXTRAHEADERS], [EXTRAPARAMS]); (mail()) Extra params are not commonly fed from user input, so we'll skip this part. Example 1 Here's an example of code we'll base our analysis on: When looking at the HTML form or at the code, it seems obvious one cannot choose the recipient email address as it is hardcoded in the script. And will produce the following raw output: To: $recipient Subject: $subject $headers $message When calling the function like this: The raw output data will look like this: Regex
QR Code Generator: QR Stuff Free Online QR Code Creator And Encoder For T-Shirts, Business Cards & Stickers AtomEnabled.org Database management in single PHP file iTerm Tab and Unix Shell Customizations for zsh, bash and tcsh Although iTerm works quite nicely out of the box, there are a few unix shell-specific tweaks you can implement that help to take advantage of some of the many nice features. In what follows, I describe and give some examples of a few customizations. iTerm Tab, Title Bar and $DISPLAY Customizations I have been using iTerm instead of Apple's Terminal.app for several years. The labels on the tabs and title bar can each be customized so that they dynamically display current information about what directory you are in. The method used to achieve this result is different for each of the shells on OS X. In addition to the tab and title bar customizations, these sample startup scripts also contain code that sets the $DISPLAY variable if you are an X11.app user. Click on the links appropriate to your shell in the table below to view or download the relevant sample startup file. Examples of Startup Files Read by Unix Shells iTerm -- Finder Interactions Additional iTerm Shell Scripts and Functions
Semantic Web The promise of web standards W3C standards define an open web platform for application development. The web has the unprecedented potential to enable developers to build rich interactive experiences, that can be available on any device. The platform continues to expand, but web users have long ago rallied around HTML as the cornerstone of the web. Read more about W3C Standards Why W3C web standards? W3C publishes recommendations, that are considered web standards. W3C develops technical specifications according to the W3C Process, which is designed to maximize consensus, ensure quality, earn endorsement and adoption by W3C Members and the broader community. W3C web standards are optimized for interoperability, security, privacy, web accessibility, and internationalization. W3C's proven web standards process is based on fairness, openness, royalty-free, we make the web work, for everyone. Value of creating standards at W3C Wide array of applications
Logging processes with PHP Its sometimes necessary as a developer to log and track data as it is processed either to debug or to keep a simple record of maybe who’s logged in or out of your site. You could easily do this by accessing a MySQL database and adding a row, but you then have to create and maintain that database. So today I’m going to run through the steps to writing and reading a .txt log file. The Code In order to write and access our log file we will be using the php functions fopen() fwrite() and fclose(). find below the rules that can be passed to fopen(). NOTE: It’s important that the file permissions for the log file are set so our script can access and modify it. Running the function Below is a very simple example of how to call the function. $message = 'Posted to the database'; log_action($message); Reading our log file Above is an image example of the code below minus the row highlighting and thumbnails. Below is a quick method for displaying the contents of our log file.
Home - FUSE for OS X