www.stichting-ecosafe.org
Stichting EcoSafe is a Dutch foundation for the safe-keeping of the funds that are necessary for the maintenance of hardwood plantations. In July of 2006, together with Johan Ockels, I created a...
View ArticleMediaWiki thumb.php and rewrite rules
May, last year, I created an empty draft for this post, because, around that time, I had gone through quite some effort before I got thumbnails for foreign file repos working just right. Now, I’m...
View ArticleYtec, WordPress and Aihato.nl
On Oktober, the 25th, in what will be known to future generations as a historical move, Wiebe changed the A record of www.aihato.nl to point to the new production site running at Ytec. The new site, a...
View ArticlePHP include exploits
A year ago, my web host thoroughly explained how PHP include vulnerabilities can be exploited, hoping that better user education would leave less member-sites vulnerable to automated attacks by spammer...
View ArticleTaking control of the wpautop filter
WordPress does automatic paragraph formatting using the wpautop filter, some PHP code originally developed by Matt Mullenweg. For most of the time that this blog has existed, I’ve disabled the wpautop...
View ArticleExecuting system commands from PHP with SUID executable.
If you want to execute system commands from something like PHP, you need a SUID executable which you can call from your PHP scripts. This is such a script. It could be extended to support parameters...
View ArticleHow to test payformystay.com
I haven’t got much experience when it comes to testing web applications. Instead (and more so out of apathy than belief), I’ve always adhered to the ad-hoc test approach. However, the usage of pure...
View ArticleNFSN PHP file write permissions in safe_mode
I’ve been causing some (security) concerns for myself by thoughtlessly using the dreaded 777 permissions for upload directories to allow the various PHP-based websites that I host at...
View ArticleThe decade-old posts bug
I just noticed that none of my posts older than a decade could be listed: The culprit was in the following function, where I had to add "century" and "10" to the lists of $periods and $lengths...
View ArticlePHP fgetcsv() behavior on empty lines
The PHP documentation for fgetcsv() states that A blank line in a CSV file will be returned as an array comprising a single null field, and will not be treated as an error. Here’s a quick demonstration...
View Article