Friday, December 14, 2007

C++: Borland C++ Builder Linker Errors

I kept getting these linker errors for a wrapper class I was writing.

[Linker Error] Unresolved external 'Curlit::errorBuffer' referenced from C:\PROJECTS\LIBCURL\CURLIT.OBJ
[Linker Error] Unresolved external 'Curlit::buffer' referenced from C:\PROJECTS\LIBCURL\CURLIT.OBJ

Now I thought I was just getting random linker errors. But only after I played with things a bit did I realize it was because errorBuffer and buffer were declared static.

class Curlit
{
protected:
static char errorBuffer[CURL_ERROR_SIZE];
static string buffer;
static int writer(char *data, size_t size, size_t nmemb, string *buffer);
static string easycurl(string &url, bool post, string &pstring);

public:
Curlit();
~
Curlit();
static string post(string &url, std::map<string, string> &querystr);
static string get(string &url);
static string escape(string &param);
};

Once I realized it was because they were static, I was able to put the right words into google. I soon learned that static class members, must be redeclared outside the class definition as shown below. Once I added two lines of code, the linker errors went away.

class Curlit
{
protected:
static char errorBuffer[CURL_ERROR_SIZE];
static string buffer;
static int writer(char *data, size_t size, size_t nmemb, string *buffer);
static string easycurl(string &url, bool post, string &pstring);

public:
Curlit();
~
Curlit();
static string post(string &url, std::map<string, string> &querystr);
static string get(string &url);
static string escape(string &param);
};

char Curlit::errorBuffer[CURL_ERROR_SIZE];
string Curlit::buffer;

source(s): programmersheaven.com/mb/CandCPP/67811/67811/ReadMessage.aspx

Monday, December 10, 2007

Scientists Discover How to Make Robots Bounce on Water

Scientists have discovered how water striders are able to not just walk but also bounce on water

Just check out this picture, its awesome.



source(s): http://www.environmentalgraffiti.com/?p=592

Wednesday, December 05, 2007

JS: Are you sure you want to navigate away from this page?

I've been using blogger for a while, and not because I don't know how to build my own blog or website. I've build dozens of them, but I use blogger because its easy, and I don't have to worry about the details of the code. Heck I could build a site like blogger if I wanted, it would just take time. Occasionally on blogger I bump into a feature that I don't know how to replicate, and this is one of them.

I've always wondered how blogger uses javascript to ask "Are you sure you want to navigate away from this page? You have unsaved changes."

I was browsing around in some MSDN DOM documentation and found a window event called onbeforeunload. I've actually explored this issue once before and only got as far as onunload. Having the right keyword to put into google makes a real difference.

Add this javascript code to a page and then try to close the page.
window.onbeforeunload = confirmExit;
function confirmExit()
{
return "Are you sure you want to leave this page?";
}


source(s): http://msdn2.microsoft.com/en-us/library/ms536907.aspx, http://www.4guysfromrolla.com/demos/OnBeforeUnloadDemo1.htm

Monday, October 15, 2007

10 great javascript functions

I haven't found time to go back and discuss these functions, but here they are.

//this function is case insensitive
String.prototype.beginsWith = function(t) {
return (t.toLowerCase() == this.substring(0, t.length).toLowerCase());
}
String.prototype.trim = function() {
return this.replace(/^\s+|\s+$/g,"");
}
String.prototype.ltrim = function() {
return this.replace(/^\s+/,"");
}
String.prototype.rtrim = function() {
return this.replace(/\s+$/,"");
}



function isInt (str)
{
var i = parseInt (str);
if (isNaN (i))
return false;
if (i.toString() != str)
return false;
return true;
}



function alert_obj(obj)
{
var str2='';
for(s in obj)
str2+= "obj["+s+"]"+obj[s]+"\n";
alert(str2);
}



function xml_text_node(elem,nam)
{
try{
return elem.getElementsByTagName(nam)[0].firstChild.nodeValue;
}
catch(e){
return "";
}
}


function count_children(myElement)
{
if (!myElement)
return 0;
var count=0;
var child = myElement.firstChild;
while (child!=null)
{
count++;
child = child.nextSibling;
}
return count;
}




function removeChildren(list)
{
if (list==null) return;
var child = list.firstChild;
while(child!=null)
{
list.removeChild(child);
child = list.firstChild;
}
}


function DOMelement(txt)
{
var o = new Object();
o.elementname = txt;
o.attributes = new Object();
o.innerHTML = '';
o.innerText = '';
o.createElement = function()
{
var attribute_str = '';
for(attrib_name in o.attributes)
attribute_str+= attrib_name+"='"+escape(o.attributes[attrib_name])+"'";

var element;
try
{//IE
element = document.createElement("<"+o.elementname+" "+attribute_str);
}
catch (e)
{
element = document.createElement( o.elementname );
for(attrib_name in o.attributes)
element.setAttribute( attrib_name , o.attributes[attrib_name] );
}
if (o.innerHTML.length>0)
element.innerHTML = o.innerHTML;
else if (o.innerText.length>0)
element.appendChild( document.createTextNode(o.innerText) );
return element;
}

o.setAttribute = function(attribute,attribute_value)
{
o.attributes[attribute] = attribute_value;
}
return o;
}


usage:
var e = DOMelement('div');
e.setAttribute('asdfs','asdfs');
e.setAttribute('asdfs','asdfs');
e.setAttribute('asdfs','asdfs');
var element = e.createElement();

This is the ultimate, because it works in IE as well as compliant browsers.

Monday, August 13, 2007

PHP: Force a page to https

Here is some php code which forces a page to redirect to the same page for https at port 443.

<?php
function die_force_page_to_https()
{
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='off')
{
$u='https://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
$t='';
$t.='<html>';
$t.= '<head>';
$t.= '<meta http-equiv="Refresh" content="0;url='.$u.'>';
$t.= '</meta>';
$t.= '</head>';
$t.= '<body>';
$t.= '</body>';
$t.='</html>';
die($t);
}
}
?>

Monday, August 06, 2007

APACHE: Problem with mod_rewrite setup

One way to see if mod_rewrite is installed is to create a file called info.php with the following contents

 <?php echo phpinfo(); ?> 


Put the file in your server root and view it at http://localhost/info.php. Go to the apache section and look at Loaded Modules. If you see mod_rewrite listed there, you can start using the mod_rewrite commands. If not, you have to play with the apache config file: http.conf, add the following (a website told me to do this):

LoadModule rewrite_module modules/mod_rewrite.so
AddModule mod_rewrite.c


... and make sure the mod_rewrite.so file is in the right place. Then restart your web server. (suse linux: "rcapache2 restart", or windows: Control Panel->Administrative Tools->Services, right click on Apache and select restart)

PROBLEM:
Apache fails to restart.

In windows you can discover the reason using the Event Viewer (Control Panel->Administrative Tools->Services->Event Viewer). It gives the error for Apache:
Invalid command 'AddModule', perhaps mis-spelled or defined by a module not included in the server configuration

REASON:
AddModule for mod_rewrite is for apache 1.2 to 1.3x, but not apache2. I was running Apache2, so instead, the following worked for me in the apache config file:

LoadModule rewrite_module modules/mod_rewrite.so


Now restart apache, and check your http://localhost/info.php file and Voila! mod_rewrite is there, listed as a Loaded Module.

Now as for how to actually use mod_rewrite there are a lot of examples out there,
thats what google is for, right?

http://hypermail.linklord.com/new-httpd.old/2001/Jul/0863.html

Friday, August 03, 2007

CSS: Irritating IE FORM tags act like BR tag

One of the irritating things about IE is that the form start tag is automatically treated like a line-break tag.

Add this to your stylesheet to solve the problem:
form {margin: 0px 0px 0px 0px; }


source(s): http://weblogs.macromedia.com/cantrell/archives/2003/05/
git_rid_of_anno.cfm

Wednesday, August 01, 2007

C++: Set Registry Key Values

This piece of example code writes a key to the windows registry.

#include <windows.h>

int SetRegValue(char *key_name,char *key_word,char *b,int dwType,int s)
{
int j=0;

DWORD lpdwDisposition;
HKEY hKey;

j=RegCreateKeyEx(
HKEY_CURRENT_USER,
key_name,
0, /* reserved */
NULL, /* address of class string */
REG_OPTION_NON_VOLATILE, /* special options flag */
KEY_WRITE, /* desired security access */
NULL, /* address of key security structure */
&
hKey, /* address of buffer for opened handle */
&
lpdwDisposition /* address of disposition value buffer */
);

if (j==ERROR_SUCCESS)
{
RegSetValueEx(hKey, key_word, 0, dwType, (unsigned char *)b, s);
RegCloseKey(hKey);
}
return(j);
}

int main(int argc, char* argv[])
{
char val[100]="myusername";
SetRegValue("Software\\MySoft\\Settings","Username", val, REG_SZ, 100);
return 0;
}



source(s): http://msdn2.microsoft.com/en-us/library/ms724923.aspx
http://msdn2.microsoft.com/en-us/library/ms724875.aspx

Wednesday, July 25, 2007

C++: Check a valid date

C++ has no checkdate, like php does. so i wrote this to filter out bad dates and feb29ths.

bool isValidDate(int m, int d, int y)
{
//
checks Gregorian date
if
(! (1582<= y ) )
return false;
if (! (1<= m && m<=12) )
return false;
if (! (1<= d && d<=31) )
return false;
if ( (d==31) && (m==2 || m==4 || m==6 || m==9 || m==11) )
return false;
if ( (d==30) && (m==2) )
return false;
if ( (m==2) && (d==29) && (y%4!=0) )
return false;
if ( (m==2) && (d==29) && (y%400==0) )
return true;
if ( (m==2) && (d==29) && (y%100==0) )
return false;
if ( (m==2) && (d==29) && (y%4==0) )
return true;

return true;
}


source(s): http://en.wikipedia.org/wiki/Leap_year

Monday, July 23, 2007

C++: Hide an Application from the Taskbar

(This solution is specific to Borland C++ Builder)

Use this code as your project source to prevent the window from showing up in your windows taskbar.

WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, int)
{
try
{
Application->Initialize();
Application->CreateForm(__classid(TForm1), &Form1);
SetWindowLong(Application->Handle,
GWL_EXSTYLE,
GetWindowLong(Application->Handle, GWL_EXSTYLE)
|
WS_EX_TOOLWINDOW) ;
Application->Run();
}
catch (Exception &exception)
{
Application->ShowException(&exception);
}
return 0;
}


source(s): http://delphi.about.com/od/adptips1999/qt/hidefromtaskbar.htm

Friday, July 20, 2007

C++: Redirect command-line output

I've always wondered how to capture output from a command line program in windows, and the record it into a file.

while you can always just the greater-than-sign to output text into a file at the windows command prompt, sometimes it just isn't good enough.
"echo abc>hi.txt"

I ran into this once with mysqldump.exe.

Well I finally found the code that works. In this example I call 'dir'.

#include <stdio.h>
#include <stdlib.h>

int main(int argc, char* argv[])
{
char psBuffer[128];
FILE *iopipe;

if( (iopipe = _popen( "dir", "rt" )) == NULL )
exit( 1 );

while( !feof( iopipe ) )
{
if( fgets( psBuffer, 128, iopipe ) != NULL )
printf( psBuffer );
}

printf( "\nProcess returned %d\n", _pclose( iopipe ) );

return 0;
}





source(s): www.daniweb.com/forums/thread5755.html

Thursday, July 05, 2007

SVN: Command-line SVN

Just a couple examples.

Use svn checkout help or svn update help for more details.
//you do the initial checkout like this:
svn checkout [svn path] [destination path]
//svn path: svn://192.168.0.93/srv/svn/src/trunk/proj
//dest path: /srv/www/htdocs/dest_path
//user note: it may prompt for a username and password

//this will update to the most recent revision
svn update [destination path]

//for more details call
svn checkout help
// or
svn update help

Thursday, May 10, 2007

Recruiting: High-tech companies go virtual

I am about to graduate from BYU with a bachelor's degree in CS, and have began my job search. I signed up for an erecruiting account where my school has an account with Experience Inc. The system is set up so that interested companies can view my resume and send me job opportunities while I finish up my last segment of schooling.

I received this email this morning.

Dear Students:

Representatives from Hewlett Packard have released the following opportunity.

HP will be interviewing in the virtual world for real-world jobs! This is a first for HP and encourage BYU students to try it out, especially if they are already Second Life players. Those interested can go to the following web address:

http://www.networkinworld.jobs/hp_profile.aspx

Good Luck!
Career Placement Services


Second life is virtual world where "Residents can explore, meet other Residents, socialize, participate in individual and group activities, create and trade items (virtual property) and services from one another." [wikipedia.org]

Most companies have an multiple-contact interview process. Its kind of like tryouts on a high school sports team with multiple cuts. After each interview you sit around waiting to know "Did I make the cut?". For technical positions the first interview is usually with a non-technical person who weeds out their stack of candidates. If you made the cut, you reach the second interview with a more technical person, sometimes as a phone interview depending on your location. After 4-6 contacts they have weeded their candidate pool down to the point they often invite you to their facilities and make you an offer.



Human Resource managers who are involved in the hiring process try to make the best decisions they can based on how you will fit into the company culture, your goals, your passions, and your technical abilities. But how they are trying to measure this using Second Life I just don't know. I mean they may as well have an HP LiveChat operator waiting to assist you and you can sign up for an interview.

For my job I've had to interview before, and I don't understand how an interviewer could adequately determine how someone could work in the real world at HP with a virtual interview. In an interview you are trying to make use of every piece of information available to you to learn about the individual and make the best decision you can.



I guess it makes sense though, if you're being interviewed for a satellite job or a job like HP Second Life Advertising, where you'll never talk to you boss face to face in real life anyway.

While I do respect HP as a company, do they really think they make good decision using Second Life? Or are they just using this as a marketing tactic to lure people into their potential candidate pool who would otherwise not be included? Are they just doing this for the first interview? Or are they trying to use Second Life for every interview?

Thursday, April 19, 2007

Windows: Nightly Defrag

It isn't that hard to set up a nightly defragmentation routine.

In Windows XP, go to Start Menu > Settings > Control Panel > Scheduled Tasks go through the wizard, selecting C:\Windows\System32\defrag.exe to run. At the end, in the advanced options make it run
C:\Windows\System32\defrag.exe c: -f
or D: or whatever your drive name is.

Microsoft provides documentation on the command line defrag:
defrag volume [-a] [-f][-v] [-?]
volume: The drive letter or a mount point of the volume to be defragmented
-a: Analyze only
-f: Forces defragmentation of the volume regardless of whether it needs to be defragmented or even if free space is low
-v: Verbose output
-?: Display the help text


source(s): http://support.microsoft.com/kb/283080

Wednesday, April 18, 2007

PHP: PHP 5 Deployment Error

I've written some code for PHP5, and deployed it to a production server and I saw an error that I'd never seen before.

PHP 5 Code:
<?php

class form
{
    public $name;
    public $fields;
}
?>


Error:
Parse error: parse error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in C:\x\y\page.php on line z


The problem is that PHP 4 has a different syntax for classes. The code above is PHP 5 valid, but not PHP 4. A valid version of its PHP 4 equivalent is this:

PHP 4 Code:
<?php

class form
{
    var $name;
    var $fields;
}
?>

Tuesday, April 10, 2007

WINDOWS: Skip 'Open With Web Service' Window

When you try to open a file and you haven't set a handler for a file extension, a window pops up in XP saying:

"Windows cannot open this file:"
To open this file, Windows needs to know what program created it. Windows can go online to look it up automatically, or you can manually select from a list of programs on your computer.
What do you want to do?
- Use the Web service to find the appropriate program
- Select the program from a list


This is really irritating because no one would ever want to use 'the Web Service' anyway. BTW Microsoft, look up Web Service at wikipedia.

To skip that step, make a file with the following contents, and open it and the registry setting will be automatically imported into your system.

skipOpenWithWebService.reg
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
"InternetOpenWith"=dword:00000000


source(s): http://www.pctools.com/guides/registry/detail/1314/

Monday, April 09, 2007

C++: Associative Arrays

#include <map>
#include <string>


using namespace std;

int main()
{
std::map<std::string, std::string> m;
m["ENG"] = "English";
m["FRA"] = "France";
m["CAN"] = "Canada";
m["AUS"] = "Australia";

//does print empty string
cout<<m["Germany"]<<endl;

//iterate through all elements of array
std::map<string, string>::iterator curr,end;
for( curr = m.begin(), end = m.end(); curr != end; curr++ )
cout << curr->first + " = " + curr->second << endl;
return 0;
}


C++ maps or associative arrays are implemented as self-balancing binary search tree. This means that when you iterate through your map it will not be in the order you added them like in PHP but instead will be in sorted order.

source(s):
http://www.webmasterworld.com/html/3249762.htm

Sunday, April 08, 2007

HTML: Website blank in IE, fine in Firefox

I coded up a website in firefox but it wouldn't show in IE. I was trying to make it xHTML-ish, and had the script tag looking like this:

<script language='JavaScript' type='text/JavaScript' 
src='script.js'/>


For some idiot reason, IE chokes on the whole page, unless it looks like this:

<script language='JavaScript' type='text/JavaScript' 
src='script.js'></script>


source:
http://www.webmasterworld.com/html/3249762.htm

Tuesday, April 03, 2007

LINUX : C++ Hello World Compile Errors

A simple hello world using cout and string yields this.

main.cpp
#include <string>
#include <iostream>

using namespace std;

int main ( int argc, int argv[] )
{
cout << "running....\n";

cout<<"finished"<<endl;
return 0;
}


compile.sh
#compile
CFG=/usr/bin/mysql_config
sh -c "gcc -o mysqltest `$CFG --cflags` main.cpp `$CFG --libs`"


errors
abc@localhost:~/Projects/mysqltest> ./compile.sh
/tmp/ccpF755X.o: In function `__static_initialization_and_destruction_0(int, int)':
main.cpp:(.text+0x23): undefined reference to `std::ios_base::Init::Init()'
/tmp/ccpF755X.o: In function `__tcf_0':
main.cpp:(.text+0x66): undefined reference to `std::ios_base::Init::~Init()'
/tmp/ccpF755X.o: In function `main':
main.cpp:(.text+0x81): undefined reference to `std::cout'
main.cpp:(.text+0x86): undefined reference to `std::basic_ostream<char, std::char_traits<char> >& std::operator<< <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> >&, char const*)'
main.cpp:(.text+0x90): undefined reference to `std::cout'
main.cpp:(.text+0x95): undefined reference to `std::basic_ostream<char, std::char_traits<char> >& std::operator<< <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> >&, char const*)'
main.cpp:(.text+0x9d): undefined reference to `std::basic_ostream<char, std::char_traits<char> >& std::endl<char, std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> >&)'
main.cpp:(.text+0xa2): undefined reference to `std::basic_ostream<char, std::char_traits<char> >::operator<<(std::basic_ostream<char, std::char_traits<char> >& (*)(std::basic_ostream<char, std::char_traits<char> >&))'
/tmp/ccpF755X.o:(.eh_frame+0x12): undefined reference to `__gxx_personality_v0'


The problem is that I was compiling with gcc instead of g++

Monday, April 02, 2007

LINUX: Weird characters when you compile

Why are there weird characters when I compile:

test.cpp: In function âint main()â:
test.cpp:7: error: âcoutâ was not declared in this scope
test.cpp:7: error: âendlâ was not declared in this scope


It's normal if you don't set the environment variable e.g.
export LANG=C


source(s):
http://gcc.gnu.org/ml/gcc-help/2006-08/msg00179.html

Friday, March 02, 2007

VISTA: Install Multiple Updates at Once

I just got a free copy of Windows Vista. But I installed it on a computer without internet access. So to install updates I have to DL them manually.

I just discovered that you can type execute multiple updates at once. Create a and execute a batch file (text file named .bat) containing something like the following:
Windows6.0-KB929451-x86.msu /quiet /norestart
Windows6.0-KB929735-x86.msu /quiet /norestart

/quiet makes it so the update requires no user interaction
/norestart makes it so it won't keep prompting you to restart the machine
Don't forget to restart when you're done.

UPDATE:
As of March 7, I uninstalled vista. I couldn't take it. I couldn't even make it one week. Wait for SP1.

Wednesday, February 21, 2007

JAVASCRIPT: Associative Arrays

I've been programming in javascript for years. Sometimes I borrow other people's javascript code, other times I write my own. Whenever I borrow other people's code there often is a lot of browser independent stuff, like 'if (ie) or if (nn6)...' and I always wondered how they did it. I knew I could do this as well if I had a way to list all of a DHTML element's properties and functions. I could do this in different browsers and then learn when functions and properties to use in each browser.

Now I know how. Every HTML tag or page element can be accessed in javascript. Just tag your element with an id:
<div id='abc'></div>

to access the element, use this javascript
var element = document.getElementById('abc');

each object in javascript can have functions or properties, but all of these can be accessed as an associative array,
so to list all of the element's properties and functions you can do this:

var str = '';
for(var property in myObject) {
var value = myObject[property];
str+= "\n" + "myObject[" + property + "] = " + value;
}
alert(str);


You will notice a different set of properties displayed in IE, Safari, Firefox, etc.

http://en.wikipedia.org/wiki/Associative_arrays

Thursday, February 01, 2007

PHP: Regular Expressions


^ Start of line
$ End of line
n? Zero or only one single occurrence of character 'n'
n* Zero or more occurrences of character 'n'
n+ At least one or more occurrences of character 'n'
n{2} Exactly two occurrences of 'n'
n{2,} At least 2 or more occurrences of 'n'
n{2,4} From 2 to 4 occurrences of 'n'
. Any single character
() Parenthesis to group expressions
(.*) 0 or more occurrences of a single character (anything)
(n|a) Either 'n' or 'a'
[1-6] Any single digit in the range between 1 and 6
[c-h] Any single lower case letter between c and h
[D-M] Any single upper case letter between D and M
[^a-z] Any single char EXCEPT lower case letter from a to z.

Pitfall: the ^ symbol only acts as an EXCEPT rule if it is
thevery first character inside a range, and it denies the
entire range including the ^ symbol itself if it appears
again later in the range. Also remember that if it is the
first character in the entire expression, it means "start
of line". In any other place, it is always treated as a
regular ^ symbol. In other words, you cannot deny a word
with ^undesired_word or a group with ^(undesired_phrase).

Read more detailed regex documentation to find out what is
necessary to achieve this.

[_4^a-zA-Z]
Any single character which can be the underscore or the
number 4 or the ^ symbol or any letter, lower or upper case

?, +, * and the {}
count parameters can be appended not only to a single
character, but also to a group() or a range[].

therefore,
^.{2}[a-z]{1,2}_?[0-9]*([1-6]|[a-f])[^1-9]{2}a+$
would mean:

^.{2} = A line beginning with any two characters,
[a-z]{1,2}= followed by either 1 or 2 lower case letters,
_? = followed by an optional underscore,
[0-9]* = followed by zero or more digits,
([1-6]|[a-f]) = followed by either a digit between 1 and
6 OR a lower case letter between a and f,
[^1-9]{2} = followed by any two characters
except digits between 1 and 9 (0 is possible),
a+$ = followed by at least one or more occurrences
of 'a' at the end of a line.


I used what i knew of regular expressions to create this for form checking.

//mm/dd/yyyy date checking
if (!ereg("^[0-1]{0,1}[0-9]{1}/[0-9]{1,2}/[19|20]{2}[0-9]{2}$", $date))
die('invalid date format, use mm/dd/yyyy');
$mdy = explode("/",$date);
//checkdate() will check things like feb29th in the wrong year etc.
if (!checkdate( $mdy[0], $mdy[1], $mdy[2] ))
die('invalid date format, use mm/dd/yyyy');

//phone format checking
if (!ereg("^[0-9]{3}-[0-9]{3}-[0-9]{4}$", $phone))
die('invalid phone format, use xxx-xxx-xxxx');

//ssn format checking
if (!ereg("^[0-9]{3}-[0-9]{2}-[0-9]{4}$", $ssn))
die('invalid ssn format, use xxx-xx-xxxx');

//zip code format checking
if (!ereg("^[0-9]{5,5}$", $zip) && !ereg("^[0-9]{5,5}-[0-9]{4,4}$", $zip))
die('invalid zipcode format, use xxxxx-xxxx (last 4 digits are optional)');

//email address checking (i got this from somewhere on the net.
//First, check that there's one @ symbol, and that lengths are right
if (!ereg("[^@]{1,64}@[^@]{1,255}", $email))
die('invalid email');

$email_array = explode("@", $email);
// Split it into sections to make life easier
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++)
if(!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i]))
die('invalid email');


// Check if domain is IP. If not, it should be valid domain name

if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1]))
{
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2)// Not enough parts to domain
die('invalid email');

for ($i = 0; $i < sizeof($domain_array); $i++)
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i]))
die('invalid email');
}


source: http://us2.php.net/manual/en/ref.regex.php

Friday, January 19, 2007

C++: LibXML in Borland C++ Builder 5

The key to this solution is using a command-line utility that comes with BCB5 called implib.exe which creates a borland-type .lib file from a win32 .dll

Goal:
Get a simple C++ libxml code example to work (from http://xmlsoft.org/examples/index.html)

What to do:
Okay the first thing you need to do is download win32 libxml from http://www.zlatkovic.com/libxml.en.html

but it has certain dependencies so you will want to fetch the binaries:
* libxml2, the XML parser and processor.
* libxslt, the XSL and EXSL Transformations processor.
* xmlsec, the XMLSec and XMLDSig processor.
* xsldbg, the XSL Transformations debugger.
* openssl, the general crypto toolkit.
* iconv, the character encoding toolkit.
* zlib, the compression toolkit.

Then you three types of files in each project, .dll .lib and .h. The problem with these .lib files is that these .lib files are compiled for Microsoft Visual Studio. But in borland the way to create lib files is using implib.exe included in all distributions of borland c++ builder. I run

implib.exe -a zlib.lib zlib.dll

to create a zlib.lib for borland. Then I do the same thing for the other dlls.

Then add the .lib into the borland project and then source code examples will work.

Hooray for implib!

source(s)
http://www.gantless.com/borland.html (implib)
http://www.zlatkovic.com/libxml.en.html (libxml)
http://xmlsoft.org/examples/index.html (libxml examples)

Thursday, January 04, 2007

PHP: SQL Injection Best Practice in MySQL

It is important to avoid SQL injection when working with mysql, and so it is common to use a function like mysql_real_escape_string() in PHP.

At php.net, they suggest using sprintf and a function called quote_smart as described on their mysql_real_escape_string documentation page as a "best practice" method.

php.net [good]:
$query = sprintf(
"SELECT * FROM users WHERE user='%s' AND password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));


php.net [better]:
$query = sprintf(
"SELECT * FROM users WHERE user=%s AND password=%s",
quote_smart($user),
quote_smart($password));


qsprintf [best]:
$query = qsprintf(
"SELECT * FROM users WHERE user=%s AND password=%s",
$user,
$password);

correction: Of the 3 examples above, the 2 previous used to have single quotes around %s, but this is incorrect as quote_smart or myquote will add single quotes.

note: using sprintf either qsprintf functions will get screwed up when you have a " like 's%' " statement in sql or similar 'like' statements using % (the percentage character).

<?php
function myquote($value)
{
if (get_magic_quotes_gpc())
$value = stripslashes($value);
if (is_numeric($value))
return "'$value'";
return "'".mysql_real_escape_string($value)."'";
}

function qsprintf()
{
$numargs = func_num_args();
$arg_list = func_get_args();
$format = $arg_list[0];
$next_arg_list = array();
for ($i = 1; $i < $numargs; $i++)
$next_arg_list[] = myquote($arg_list[$i]);
return vsprintf($format, $next_arg_list);
}
?>


notes: I modified their quote_smart function and renamed it to myquote in my code sample below because mysql doesn't care if you try to insert '123' into a numeric field (including single quotes) and that way I wouldn't lose leading zeros when inserting something like '01234' into a character field.