[swift and shift]

Miljaker posted:

2/3 year "informatica" here. Didn't have enough points to start internship so had to wait a full year. Couldn't do most classes from third year because they require internship completion. So I had a year of mixed second and third year classes. Pretty much done with second year now. Next year third year gonna be alot of free time because I did alot already.

Hope to really get webdeveloping going in that period so I make enough money to move out of my parents house... still not sure if I should be freelancing or try and find a company to work for.

what do you mean by "Didn't have enough points to start internship"


you don't need any 'points' to apply for an internship

[mobrockers2]

swift and shift posted:

what do you mean by "Didn't have enough points to start internship"


you don't need any 'points' to apply for an internship

We live in the Netherlands.
Part of our third year is a mandatory internship (for our ?study? not sure what it's called in the us/uk since we have a completely different educational system).
Each year we have 60 points we can earn by getting a positive mark on exams and projects and some other stuff. You need at least (insert amount) of points to be allowed to start your internship, he failed some exams or projects in his second year, making him unable to start his internship.

[hexpunK]

swift and shift posted:

what do you mean by "Didn't have enough points to start internship"


you don't need any 'points' to apply for an internship

I guess it's some kind of university application where they back your applications to an internship and help you find them or something.

Edited:

Or not

[Miljaker]

http://en.wikipedia.org/wiki/Bologna...ss#Netherlands
How the dutch education system sort of works. Nothing explained about those points you can google ECTS (European Credit Transfer System) for that.

[mac338]

PHP problem;

I need to get a Crypt() Function to encrypt passwords, then be able to decrypt the passwords when they are entered into plaintext.

If anyone knows the answer I'd be grateful.

Code:

<?php
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
 
// SQL connection
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
 
//Get Variable
$username = $_POST['myusername'];
$password = $_POST['mypassword'];
$password2 = $_POST['mypassword2'];
 
//db vars
$user = $_POST['username'];
$pass = $_POST['password'];
 
 
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$mypassword2 = stripslashes($mypassword2);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mypassword2 = mysql_real_escape_string($mypassword2);
 
if ($_POST['myusername'] && $_POST['mypassword'])
{
    if ($_POST['mypassword'] && $_POST['mypassword2'])
    {
        if (strlen($_POST['myusername']) >0 && strlen ($_POST['mypassword']) >0 && strlen ($_POST['mypassword2']) >0){
            !- The part that i need help with -! //test crypt
 
!- The part i need help with -!!//$hash=CRYPT('mypassword','$1$SCg6iuU5$56TTOoB/Q2Y1/k8DauasA.');
            $sql = "insert into $tbl_name(username,password)values('$username', '$password')";
            /*echo "$sql";*/
            $result = mysql_query($sql); //or die(mysql_error());
            if ($result == FALSE)
            {
                //username collision
                echo "Username already in use";
            }
            else
            {
                //success
                print "<a href='main_login.php'> Back to login </a>";
            }
        }
        else
        {
            echo " You Do not meet the required Conditions!";
        }
    }
    else
    {
        echo "No password Specified";
    }
}
else
{
echo "Username not specified";
}
?>

[Crhem van der B]

What's the problem, you're not stating the problem.

[mac338]

It's actually a friend of mine's problem, but I assume it was this, to quote him directly;

My problem is that i need to get a
Crypt()
Function to encrypt passwords, later then be able to decrypt the passwords when they are entered into plaintext.

I assume he can't figure out how to do whatever that is.

[Crhem van der B]

I created myself a class for hashing:

/***    A little class for different hashing methods
*    hash_salted_sha512 is simple hash+salt of hashed str+salt
*    hash_bcrypt uses blowfish and returns hashed blowfish. 
*    Average times with different blowfish strengths:
*    10 - 0.062s
*     12 - 0.25s
*    14 - 1.01s   
 *    15 - 2.04s
*/
class Crypt{

    public static function hash_salted_sha512($str, $salt){
        return hash('sha512', hash('sha512', $str.$salt).$salt);
    }

    public static function verify_salted_sha512($str, $salt, $compare){
        return $compare === hash('sha512', hash('sha512', $str.$salt).$salt);
    }

    public static function hash_bcrypt($str, $salt, $strength){
        return hash('sha512', crypt($str, '$2a$'.$strength.'$'.$salt));
    }

    public static function verify_bcrypt($str, $salt, $strength, $compare){
        return $compare === hash('sha512', crypt($str, '$2a$'.$strength.'$'.$salt));
    }

}

Usage is simple:

$pass = $_POST['pass'];
$salt = "abcde";
$original_pass = "txt";

if(Crypt::verify_salted_sha512($pass, $salt, $original_pass))
   // grant access

or with bcrypt:

$strength = 12;
$pass = $_POST['pass'];
$salt = "abcde";
$original_pass = "txt";

if(Crypt::verify_bcrypt($pass, $salt, $strength, $original_pass))
   // grant acces

[Ac!dL3ak]

mac338 posted:

It's actually a friend of mine's problem, but I assume it was this, to quote him directly;



I assume he can't figure out how to do whatever that is.

You don't decrypt the passwords. You're not even 'encrypting' when using crypt; you're hashing. With that being said, you need to hash the plaintext password and match it against the hash password stored in the database. If they're the same, then it's the right password. If they're not, then it's not the right password.

I think.

Edited:

like i said, it's not encryption; it's hashing.

[mac338]

Ac!dL3ak posted:

You don't decrypt the passwords. You're not even 'encrypting' when using crypt; you're hashing. With that being said, you need to hash the plaintext password and match it against the hash password stored in the database. If they're the same, then it's the right password. If they're not, then it's not the right password.

I think.

Edited:

like i said, it's not encryption; it's hashing.

Thanks, he replied;

I know, I've been removing that crypt because it send a cryptation of the password to the database, but it wont match the plaintext with the database, thus the plaintext password will not work at all, just the encrypted password.

PHP:
Crypt()
I usualy Mix them both up too.
Can be used many ways.
Persoanly, Hashing it with an MD5 algorithm is rather useless nowdays.

Then With adding Salt to it, it's still makes it an one-way algorithm, Yet that's not the question, The question is how do i fix the problem.

[rookwood101]

mac338 posted:

Thanks, he replied;

I've done my research (lots of reading) and to me the best method seems to be using bcrypt. Someone has made implementing it easier with this: https://gist.github.com/1053158

This seems to be the best possible solution for password storage and checking.

Sources:
http://stackoverflow.com/questions/1...sswords-safely
http://stackoverflow.com/questions/1...ssword-storage

And just in case you don't understand the whole thing fully (I get that impression) here's a little on how basic hashing works (although the method I've given above is more complicated).

User Registers - You store the users password in the database in it's hashed form.
User tries to login, you hash the password they have used to login and compare it to the one in your database.

[Ac!dL3ak]

don't use MD5- it's been proven that it has been able to collide

[asantos3]

I want to know good e-books or real books, to buy, about XHTML/HTML (4.01 and 5), css, php (with mysql) and javascript. This last one, i really need to get one, the others is just to read for simple fun and to stay on the bookshelves for better enchantments.

[areolop]

How do I clear a website's cookies ( I keep getting 301's from the server, not client)

[twenty]

areolop posted:

How do I clear a website's cookies ( I keep getting 301's from the server, not client)

click the wrench > then search cookies > click all cookies and site data

[swift and shift]

Ac!dL3ak posted:

don't use MD5- it's been proven that it has been able to collide

all hashes have collisions

[Trivkz]

What's the best framework for mobil websites? or is it better to roll your own?

[Sharpshooter]

mac338 posted:

PHP problem;

I need to get a Crypt() Function to encrypt passwords, then be able to decrypt the passwords when they are entered into plaintext.

If anyone knows the answer I'd be grateful.

Code:

<?php
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
 
// SQL connection
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
 
//Get Variable
$username = $_POST['myusername'];
$password = $_POST['mypassword'];
$password2 = $_POST['mypassword2'];
 
//db vars
$user = $_POST['username'];
$pass = $_POST['password'];
 
 
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$mypassword2 = stripslashes($mypassword2);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mypassword2 = mysql_real_escape_string($mypassword2);
 
if ($_POST['myusername'] && $_POST['mypassword'])
{
    if ($_POST['mypassword'] && $_POST['mypassword2'])
    {
        if (strlen($_POST['myusername']) >0 && strlen ($_POST['mypassword']) >0 && strlen ($_POST['mypassword2']) >0){
            !- The part that i need help with -! //test crypt
 
!- The part i need help with -!!//$hash=CRYPT('mypassword','$1$SCg6iuU5$56TTOoB/Q2Y1/k8DauasA.');
            $sql = "insert into $tbl_name(username,password)values('$username', '$password')";
            /*echo "$sql";*/
            $result = mysql_query($sql); //or die(mysql_error());
            if ($result == FALSE)
            {
                //username collision
                echo "Username already in use";
            }
            else
            {
                //success
                print "<a href='main_login.php'> Back to login </a>";
            }
        }
        else
        {
            echo " You Do not meet the required Conditions!";
        }
    }
    else
    {
        echo "No password Specified";
    }
}
else
{
echo "Username not specified";
}
?>

I tend to hash the password with something like sha256, then pick a few fixed points to take a character from on the password (which only you and other developers should know) and create a salt from this, then rehash the hash including the salt. Then to decrypt and check passwords repeat the process and see if the outcome matches the hash in the database.

[BBgamer720]

Trivkz posted:

What's the best framework for mobil websites? or is it better to roll your own?

I know Bootstrap resizes itself quite well for mobile devices.

[douche beat]

BBgamer720 posted:

I know Bootstrap resizes itself quite well for mobile devices.

I'm getting pretty fucking tired of all the Bootstrap'd sites nowadays though, it seems tons of new website creators think to use it without any customization (or very minimal) leading to a shit design that isn't distinguishable from the thousands if not millions of others.

If you're going to use Bootstrap please don't be an idiot, customize it so it doesn't look like ass like the rest of them.

[Ac!dL3ak]

swift and shift posted:

all hashes have collisions

this is what i meant

However, it has since been shown that MD5 is not collision resistant; as such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property. In 1996, a flaw was found with the design of MD5, and while it was not a clearly fatal weakness, cryptographers began recommending the use of other algorithms, such as SHA-1—which has since been found also to be vulnerable. In 2004, more serious flaws were discovered in MD5, making further use of the algorithm for security purposes questionable—specifically, a group of researchers described how to create a pair of files that share the same MD5 checksum. Further advances were made in breaking MD5 in 2005, 2006, and 2007. In December 2008, a group of researchers used this technique to fake SSL certificate validity, and US-CERT now says that MD5 "should be considered cryptographically broken and unsuitable for further use."

[BBgamer720]

douche beat posted:

I'm getting pretty fucking tired of all the Bootstrap'd sites nowadays though, it seems tons of new website creators think to use it without any customization (or very minimal) leading to a shit design that isn't distinguishable from the thousands if not millions of others.

If you're going to use Bootstrap please don't be an idiot, customize it so it doesn't look like ass like the rest of them.

http://lesscss.org/

[douche beat]

BBgamer720 posted:

http://lesscss.org/

Less is not required to create websites that work at different sizes, CSS and HTML can do that already

[j4NZKUE]

Miljaker posted:

And just wanted to know from profesionals here how much they would charge for a website like www.bijmargo.nl

Not a professional or anything but how many hours you put into that? and how many of the hours were used to learn before you could apply it?, but i guess its worth about 600€ -> 775$ but as I said it depends on the hours you worked on the project.

[ThePuska]

How's the browser support for MathML these days? I can convert from LaTeX to MathML easily, so should I use MathML or a third-party service for rendering LaTeX to images and embedding them? Or is there a third option

Edited:

*a third option for displaying on my website lots of mathematical stuff originally written in LaTeX editors

[swift and shift]

ThePuska posted:

How's the browser support for MathML these days? I can convert from LaTeX to MathML easily, so should I use MathML or a third-party service for rendering LaTeX to images and embedding them? Or is there a third option

Edited:

*a third option for displaying on my website lots of mathematical stuff originally written in LaTeX editors

use mathjax, it's great

I use it here: http://charliesome.github.com/diffcalc

[Trivkz]

So I'm trying to use Mechanize to login to a private tracker ( nxtgn.org ) but for some reason I keep getting:

Code:

Net::HTTP::Persistent::Error at /test
too many connection resets (due to Resource temporarily unavailable - Timeout::Error) after 0 requests on -614353908, last used 1336838339.80583 seconds ago

The code I'm using is:

Code:

agent = Mechanize.new
page = agent.get('http://nxtgn.org/login.php')
form = page.form('loginbox')
form.username  = 'Username'
form.password = 'Password'

agent.submit(form)

Also: Just noticed it only happens when the login details are correct.. Ideas?

[_Undefined]

I need a better way to lay out this screen:



They're permissions for a group. Ideas?

[BBgamer720]

douche beat posted:

Less is not required to create websites that work at different sizes, CSS and HTML can do that already

douche beat mentioned customizing Bootstrap so it looks different to the default look - LESS is the easiest way to do that.

[Miljaker]

_Undefined posted:

I need a better way to lay out this screen:

They're permissions for a group. Ideas?

Tabs?

[Trivkz]

Trivkz posted:

So I'm trying to use Mechanize to login to a private tracker ( nxtgn.org ) but for some reason I keep getting:

Code:

Net::HTTP::Persistent::Error at /test
too many connection resets (due to Resource temporarily unavailable - Timeout::Error) after 0 requests on -614353908, last used 1336838339.80583 seconds ago

The code I'm using is:

Code:

agent = Mechanize.new
page = agent.get('http://nxtgn.org/login.php')
form = page.form('loginbox')
form.username  = 'Username'
form.password = 'Password'

agent.submit(form)

Also: Just noticed it only happens when the login details are correct.. Ideas?

It's a bug in Mechanize 2.5, got it working with 2.4.

[hexpunK]

_Undefined posted:

I need a better way to lay out this screen:



They're permissions for a group. Ideas?

Maybe have the options under a heading floated, and style them to look like more interesting buttons than a simple checkbox? Possibly in the same style as your update button, but bigger, and more obvious when it's toggled on or off.

[Cow Muffins]

So I'm trying to learn javascript / jquery, and I've ran into an issue. Basically, I don't know the rules for the language and can't see why this isn't outputting:

Code:

<html>
<head>

<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script type="text/javascript">

var map_string = "";

function load_map(file)
{
    $.get( file,
           function(data)
           {
                map_string = data;
           }
         )
}

document.write(map_string);

</script>
</head>
<body>

<input type="button" value="Level 1" onclick="load_map('http://www.test.com/map1.txt');" />

</body>
</html>

The "map1.txt" was an actual html address when I was testing it, I just didn't want to link to the actual file, because I didn't need to. Anyways, I'm trying to load a text file into a string, and then parse the string into a 2D array. The text file has 1s and 0s separated by commas that I'm going to eventually make into a map for a canvas game. But I wanted to be able to dynamically load maps from text files, so that's what I'm trying to do.

Any tips for how to do this, or just helpful advice in general would be appreciated!

[Gibo990]

Can anyone see the problem with my syntax here?

Code:

$orderDB = mysql_query("INSERT INTO order (itemsID, deliveryDestinationID, total, shipped) VALUES ($itemID, $delivery, $totalprice, 'N')") or die(mysql_error());

I'm passing it the following variables, $itemID which is a number (e.g. 00002), $delivery (again like 00002), $totalprice (a number, e.g. 137.97) and a char N. I'm echo'ing the variables and they all have correct information in them but i'm getting this error:

00031 00022 N 137.97
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (itemsID, deliveryDestinationID, total, shipped) VALUES (00031, 00022, 137' at line 1

To me it looks like it doesn't like the $totalprice thing, but the field is set to DECIMAL (10,2) in my database.

[Ac!dL3ak]

obligatory "use PDO" post

maybe try putting $totalprice in quotes?

[Senor_Penguin]

I'm having a little trouble installing treasury for SMF. Heres the error im receiving

[rookwood101]

Cow Muffins posted:

So I'm trying to learn javascript / jquery, and I've ran into an issue. Basically, I don't know the rules for the language and can't see why this isn't outputting:

Code:

<html>
<head>

<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script type="text/javascript">

var map_string = "";

function load_map(file)
{
    $.get( file,
           function(data)
           {
                map_string = data;
           }
         )
}

document.write(map_string);

</script>
</head>
<body>

<input type="button" value="Level 1" onclick="load_map('http://www.test.com/map1.txt');" />

</body>
</html>

The "map1.txt" was an actual html address when I was testing it, I just didn't want to link to the actual file, because I didn't need to. Anyways, I'm trying to load a text file into a string, and then parse the string into a 2D array. The text file has 1s and 0s separated by commas that I'm going to eventually make into a map for a canvas game. But I wanted to be able to dynamically load maps from text files, so that's what I'm trying to do.

Any tips for how to do this, or just helpful advice in general would be appreciated!

Was the address for the map that you are loading external to the server?

[ToXiCsoldier]

-Snip fixed-

[Skorpy]

Cow Muffins posted:

So I'm trying to learn javascript / jquery, and I've ran into an issue. Basically, I don't know the rules for the language and can't see why this isn't outputting:

Code:

<html>
<head>

<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script type="text/javascript">

var map_string = "";

function load_map(file)
{
    $.get( file,
           function(data)
           {
                map_string = data;
           }
         )
}

document.write(map_string);

</script>
</head>
<body>

<input type="button" value="Level 1" onclick="load_map('http://www.test.com/map1.txt');" />

</body>
</html>

The "map1.txt" was an actual html address when I was testing it, I just didn't want to link to the actual file, because I didn't need to. Anyways, I'm trying to load a text file into a string, and then parse the string into a 2D array. The text file has 1s and 0s separated by commas that I'm going to eventually make into a map for a canvas game. But I wanted to be able to dynamically load maps from text files, so that's what I'm trying to do.

Any tips for how to do this, or just helpful advice in general would be appreciated!

The document.write() is ran before you click the button and map_string is empty at that point. You need to make it output after you click the button.

And don't put onclick to elements. Use jquery's $.click() instead.

[rookwood101]

Skorpy posted:

The document.write() is ran before you click the button and map_string is empty at that point. You need to make it output after you click the button.

And don't put onclick to elements. Use jquery's $.click() instead.

-snip- silly me!