Also I just found an example that shows me how to load my own driver into the services without using OSRLoader! Woo! Time to see if I can get that going for mine.
So I found an interesting website. I don't know that I agree with his hyperbolic statements, but some of his books (so far) are a pretty good read, and they are free.
(Read the manifesto for the Hyperbole)
(I say it's hyperbole because I believe you can still be a good programmer functioning within some of the methodologies he describes.)
Hey folks, need some assistance. I'm trying to make use of the EmbossNeedleClient.java available here. It says “All dependencies, including Axis 1.4 and Commons-CLI, are available in lib-1.4.zip” and lib-1.4.zip includes a bunch of jar files. I've added them as a library in Netbeans and it's still giving a package does not exist error.
Have you checked that the package that does not exist is actually in one of the included libraries? Are the jars added as libraries for that project (not just as general libs)? Are you using a recent version of NetBeans? I seem to remember older versions not always playing nicely with the Axis 1 libraries.
If all else fails, you can try adding the jar files individually to the classpath.
I think that the internet has been for years on the path to creating what is essentially an electronic Necronomicon: A collection of blasphemous unrealities so perverse that to even glimpse at its contents, if but for a moment, is to irrevocably forfeit a portion of your sanity.
Xbox - PearlBlueS0ul, Steam
If you ever need to talk to someone, feel free to message me. Yes, that includes you.
Hey folks, need some assistance. I'm trying to make use of the EmbossNeedleClient.java available here. It says “All dependencies, including Axis 1.4 and Commons-CLI, are available in lib-1.4.zip” and lib-1.4.zip includes a bunch of jar files. I've added them as a library in Netbeans and it's still giving a package does not exist error.
Have you checked that the package that does not exist is actually in one of the included libraries? Are the jars added as libraries for that project (not just as general libs)? Are you using a recent version of NetBeans? I seem to remember older versions not always playing nicely with the Axis 1 libraries.
If all else fails, you can try adding the jar files individually to the classpath.
The jars are added as libraries for the project.
I think my Netbeans install might be broken. There appears to be no way to add dependencies, which Netbeans apparently treats differently than libraries. I'll unistall when I get home and use an installer other than the JDK-Netbeans combo.
When people unite together, they become stronger than the sum of their parts.
Don't assume bad intentions over neglect and misunderstanding.
Early this morning my memory scanner was printing out everything perfectly, and now it's literally outputting everything on another line. What the hell happened? I have reverted my code to exactly what I was using this morning. Still nothing.
I want to modify my php session so that it can be secure. Is this acceptable use of sessions?
<?php
mysql_connect("your_host_name","your_username","your_password");
mysql_select_db("your_database_name");
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'";
$result = mysql_query($mysql) or die("cannot execute query");
$count = mysql_num_rows($result);
if($count==1)
{
session_start();
if (isset($_SESSION['HTTP_USER_AGENT']))
{
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
{
/* Prompt for password */
header("location:login.php")
exit;
}
}
else
{
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
}
header("location:index.php"); // put your home page name here
}
else
echo "Wrong Username or Password.";
?>
I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
So I found an interesting website. I don't know that I agree with his hyperbolic statements, but some of his books (so far) are a pretty good read, and they are free.
(Read the manifesto for the Hyperbole)
(I say it's hyperbole because I believe you can still be a good programmer functioning within some of the methodologies he describes.)
I'm using that "Learning Ruby the hard way book" right now and it's pretty good. Feel like I'm learning a good amount and before I started this I was definitely not a programmer
0
admanbunionize your workplaceSeattle, WARegistered Userregular
So I found an interesting website. I don't know that I agree with his hyperbolic statements, but some of his books (so far) are a pretty good read, and they are free.
(Read the manifesto for the Hyperbole)
(I say it's hyperbole because I believe you can still be a good programmer functioning within some of the methodologies he describes.)
I was thinking, "how have I not heard of this?" and then I saw that it was Zed Shaw and it all made sense. Smart guy... acerbic and divisive, but smart.
I want to modify my php session so that it can be secure. Is this acceptable use of sessions?
<?php
mysql_connect("your_host_name","your_username","your_password");
mysql_select_db("your_database_name");
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'";
$result = mysql_query($mysql) or die("cannot execute query");
$count = mysql_num_rows($result);
if($count==1)
{
session_start();
if (isset($_SESSION['HTTP_USER_AGENT']))
{
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
{
/* Prompt for password */
header("location:login.php")
exit;
}
}
else
{
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
}
header("location:index.php"); // put your home page name here
}
else
echo "Wrong Username or Password.";
?>
I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
I was going to suggest adding an IP check as well but it looks like the tutorial you updated with did just that.
Also, you should be salting and hashing your passwords. My apologies if you plan on doing this later, but right now it looks like you're storing the passwords as plain text.
So I noticed there's usually a huge divide on programmers who use IDEs and those who don't. For those who don't why do you prefer text editors? Right now I'm trying to use Sublime Text, then build my project using the Windows XP debugger, then running it with an .exe and it seems like a lot more work than if I had an IDE to use. However I do feel like I need to know more of what I'm typing so maybe that's the added benefit?
This isn't a trololol attempt. It is a serious question.
Usually it's the environment. If you deal with linux and the shell mostly, an IDE is pretty much useless. These are the people who swear by vim, emacs, or nano/pico.
If you're like me and deal with GUIs and a lot of windows stuff, the shell is pretty impractical and so is using editors like sublime or notepad++ to try and get things done. Why open 18 windows to compile and debug if I can use tabs and one program?
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
So I noticed there's usually a huge divide on programmers who use IDEs and those who don't. For those who don't why do you prefer text editors? Right now I'm trying to use Sublime Text, then build my project using the Windows XP debugger, then running it with an .exe and it seems like a lot more work than if I had an IDE to use. However I do feel like I need to know more of what I'm typing so maybe that's the added benefit?
This isn't a trololol attempt. It is a serious question.
I use Netbeans for stuff and run it more "manual" as well. Personally, depends on the scenario.
The problem with an IDE I see is that it's not necessarily the environment your code is going to be running in. For java, you could have your classpaths perfect in Netbeans but once you put the code where it's going to live permanently, are the classpaths the same? are the installs the same? Are we running in the same OS? For me, I have Win XP machines but most of my java code is on a Itanium Unix machine in jars as a webservice in Tomcat.
Do I want to test those service calls locally? or should it be up on the server?
So I noticed there's usually a huge divide on programmers who use IDEs and those who don't. For those who don't why do you prefer text editors? Right now I'm trying to use Sublime Text, then build my project using the Windows XP debugger, then running it with an .exe and it seems like a lot more work than if I had an IDE to use. However I do feel like I need to know more of what I'm typing so maybe that's the added benefit?
This isn't a trololol attempt. It is a serious question.
It entirely depends on what you're building. Right tool for the job and all that.
There tends to be less of a wide variation on productivity tools when you name a specific task or language.
The main exception is usually programming in languages that don't have a build cycle, where all you really need once your environment is setup is a text editor. That comes down to developer preference, and always should imo.
0
admanbunionize your workplaceSeattle, WARegistered Userregular
Half of my work is VS2010, 'cause it has to be. The other half is web development in dynamic languages, which means I don't have to compile and my exe is switching to my browser. The time an IDE might save me is less than the benefits I get from not being tied to the capabilities of an IDE.
Would that be something like Ruby or Python, @Infidel?
Precisely. The benefits of an "IDE" for those is typically code completion type facilities, which makes it just a smart text editor.
The types of things that really justify an IDE to me are the ones that setting up the builds/scripts/deploy is non-trivial to do manually but trivial to do with the proper IDE. Visual Studio type projects mainly. I can debug locally easy, and easily deploy to a dev server for updating the common "proper" environment, without much trouble.
For web development I don't do that, since (a) there is no build and (b) setting up a local environment to match the server is easy and free, and usually a one-time deal.
That's if I even bother with local development, most of the time I just say FUCK IT, WE'LL DO IT LIVE. Hence the vim usage.
I want to modify my php session so that it can be secure. Is this acceptable use of sessions?
<?php
mysql_connect("your_host_name","your_username","your_password");
mysql_select_db("your_database_name");
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'";
$result = mysql_query($mysql) or die("cannot execute query");
$count = mysql_num_rows($result);
if($count==1)
{
session_start();
if (isset($_SESSION['HTTP_USER_AGENT']))
{
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
{
/* Prompt for password */
header("location:login.php")
exit;
}
}
else
{
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
}
header("location:index.php"); // put your home page name here
}
else
echo "Wrong Username or Password.";
?>
I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
I was going to suggest adding an IP check as well but it looks like the tutorial you updated with did just that.
Also, you should be salting and hashing your passwords. My apologies if you plan on doing this later, but right now it looks like you're storing the passwords as plain text.
I do need that. I'll add in hashing/salting for user registration. Here's a nice guide. I already require strong passwords too. (One caps, one non caps, one number, one character.)
I want to modify my php session so that it can be secure. Is this acceptable use of sessions?
<?php
mysql_connect("your_host_name","your_username","your_password");
mysql_select_db("your_database_name");
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'";
$result = mysql_query($mysql) or die("cannot execute query");
$count = mysql_num_rows($result);
if($count==1)
{
session_start();
if (isset($_SESSION['HTTP_USER_AGENT']))
{
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
{
/* Prompt for password */
header("location:login.php")
exit;
}
}
else
{
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
}
header("location:index.php"); // put your home page name here
}
else
echo "Wrong Username or Password.";
?>
I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
I was going to suggest adding an IP check as well but it looks like the tutorial you updated with did just that.
Also, you should be salting and hashing your passwords. My apologies if you plan on doing this later, but right now it looks like you're storing the passwords as plain text.
I do need that. I'll add in hashing/salting for user registration. Here's a nice guide. I already require strong passwords too. (One caps, one non caps, one number, one character.)
Okay, and one of the more important things to keep in mind there is the per-user salt as opposed to site-wide salts. A lot of MVC frameworks, etc, provide an app wide salt that is never a good idea to use. Locking down accounts after so many failed login attempts in a n minute window is a good method for slowing down brute force attempts as well.
Also, quick question, and you may have gone over this in a previous post. Is there a reason you're going completely from scratch as opposed to using a MVC framework, i.e. CakePHP, CodeIgniter, etc?
Would that be something like Ruby or Python, @Infidel?
Precisely. The benefits of an "IDE" for those is typically code completion type facilities, which makes it just a smart text editor.
The types of things that really justify an IDE to me are the ones that setting up the builds/scripts/deploy is non-trivial to do manually but trivial to do with the proper IDE. Visual Studio type projects mainly. I can debug locally easy, and easily deploy to a dev server for updating the common "proper" environment, without much trouble.
For web development I don't do that, since (a) there is no build and (b) setting up a local environment to match the server is easy and free, and usually a one-time deal.
That's if I even bother with local development, most of the time I just say FUCK IT, WE'LL DO IT LIVE. Hence the vim usage.
I want to point out that for C++ windows is the odd man out. Both Linux and OSX have C++ multiple build chains ( AutoConf, CMake, Scons, B2, QMake, Qbs, and on on on ) that remove the need to use an "IDE" and provide a nice command line interface. Windows on the other hand has always felt horrible when you try to use the same workflow.
Kinda makes me sad to hit "cancel" whenever Sublime Text pops up asking for me to pay for it. I really wish I had $60 to spare because it's totally worth it.
I want to modify my php session so that it can be secure. Is this acceptable use of sessions?
<?php
mysql_connect("your_host_name","your_username","your_password");
mysql_select_db("your_database_name");
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'";
$result = mysql_query($mysql) or die("cannot execute query");
$count = mysql_num_rows($result);
if($count==1)
{
session_start();
if (isset($_SESSION['HTTP_USER_AGENT']))
{
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
{
/* Prompt for password */
header("location:login.php")
exit;
}
}
else
{
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
}
header("location:index.php"); // put your home page name here
}
else
echo "Wrong Username or Password.";
?>
I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
I was going to suggest adding an IP check as well but it looks like the tutorial you updated with did just that.
Also, you should be salting and hashing your passwords. My apologies if you plan on doing this later, but right now it looks like you're storing the passwords as plain text.
I do need that. I'll add in hashing/salting for user registration. Here's a nice guide. I already require strong passwords too. (One caps, one non caps, one number, one character.)
Okay, and one of the more important things to keep in mind there is the per-user salt as opposed to site-wide salts. A lot of MVC frameworks, etc, provide an app wide salt that is never a good idea to use. Locking down accounts after so many failed login attempts in a n minute window is a good method for slowing down brute force attempts as well.
Also, quick question, and you may have gone over this in a previous post. Is there a reason you're going completely from scratch as opposed to using a MVC framework, i.e. CakePHP, CodeIgniter, etc?
I can't say I've heard of those. I've always coded from scratch, or with Dreamweaver or Zend Studio. As for PHP shopping carts, I love Magento to death and if I ever had my own inventory I'd use it and never look back, it just doesn't meet my job's needs. They have their own db, Magento has it's own db, and I can't really wire one to the other. I'll try CakePHP tonight though.
If security is a genuine concern, you're really better off using PDO with prepared statements instead of the classic mysql_* interface. Maintaining protection against injection attacks is much more arduous without prepared statements. You could also use the prepared statements of mysqli_* if you're deadset against PDO for some reason.
If security is a genuine concern, you're really better off using PDO with prepared statements instead of the classic mysql_* interface. Maintaining protection against injection attacks is much more arduous without prepared statements. You could also use the prepared statements of mysqli_* if you're deadset against PDO for some reason.
I love PDO. The only reason the pages I've posted aren't using them was because, at the time, I was working on a server that did not have all the PHP extensions configured (okay, make that none). I'm working on a different server now and can switch to PDO.
I have questions regarding this secure session class I've been working through. I can see how to start the session, but not how to end it. Is the tutorial missing a session ending method or will a typical session_destroy be needed (I doubt that...) Also, I'm not seeing how to personalize the session with database information. Where can I put in my own db queries and load up the session with certain information?
Would that be something like Ruby or Python, @Infidel?
Precisely. The benefits of an "IDE" for those is typically code completion type facilities, which makes it just a smart text editor.
There are also things like refactoring, simple debugging with breakpoints, and other assorted tools that make IDEs more than just text editors. I could definitely see doing Python with a text editor and command window, but it just seems less convenient.
I think that the internet has been for years on the path to creating what is essentially an electronic Necronomicon: A collection of blasphemous unrealities so perverse that to even glimpse at its contents, if but for a moment, is to irrevocably forfeit a portion of your sanity.
Xbox - PearlBlueS0ul, Steam
If you ever need to talk to someone, feel free to message me. Yes, that includes you.
So I noticed there's usually a huge divide on programmers who use IDEs and those who don't. For those who don't why do you prefer text editors? Right now I'm trying to use Sublime Text, then build my project using the Windows XP debugger, then running it with an .exe and it seems like a lot more work than if I had an IDE to use. However I do feel like I need to know more of what I'm typing so maybe that's the added benefit?
This isn't a trololol attempt. It is a serious question.
I swear, I wake up, and you chaps have already answered urahonky's questions.
Locking down accounts after so many failed login attempts in a n minute window is a good method for slowing down brute force attempts as well.
If you do something like this make sure it's only from the IP in question. If you lock it down globally it allows an attacker to lock out a user simply by spamming login attempts.
So I noticed there's usually a huge divide on programmers who use IDEs and those who don't. For those who don't why do you prefer text editors? Right now I'm trying to use Sublime Text, then build my project using the Windows XP debugger, then running it with an .exe and it seems like a lot more work than if I had an IDE to use. However I do feel like I need to know more of what I'm typing so maybe that's the added benefit?
This isn't a trololol attempt. It is a serious question.
I tend to go back and forth between plain text editors and IDEs. Even within a single language, like Python, one day I'll use Emacs and the next Aptana. What I tend to like about IDEs is that I get automatic indenting, code completion, and a built in debugger which is generally straightforward to use without much screwing around configuring a billion plugins in just the right manner like you tend to need to do with emacs, vim, sublime text, etc. Some days, especially after I know the libraries that I'm using inside and out and so have little need for code completion I like to run in a lightweight environment without a million doohickeys flashing and updating and taking up screen space that could be used for more visible code or documentation that I'm reading. For Python specifically, using simpler text editors rather than a full IDE can also be less hassle if I'm working with virtualenv.
I use Notepad++ exclusively, no IDEs. But I don't program in .NET or C++ or anything super heavy, which I suspect is the primary allure of IDEs. I mostly just write scripting and Web languages, where simple syntax highlighting and maybe some code folding is all I really need. But even for Java or C, it's still fine.
Typically I'll have Notepad++ taking up the left half of the screen (which helps to enforce my personal guideline of max 120 characters per line), a directory window at the top right, and one or two terminals at bottom right. I'll also have a browser, either minimized or on another monitor if I have one at the time, open to the documentation for the language.
IDEs feel way too heavy to me. They try to do too many things, and end up being mediocre or difficult to configure at most of those things.
At work, I'm forced into using Eclipse mostly (for Java web development). At home, I opt for Netbeans for Java, PHP, and Javascript, then Sublime for Ruby and Lua/Corona.
I didn't even know fancy text editors and IDEs existed before college.
I would say I don't really use an IDE for C, but if I hooked up emacs in all the possible ways that you can, then it basically is an IDE.
Like the thing I like doing the most in Eclipse is being able to hit F3 to look up a symbol or variable, and for whatever reason I've never gotten around to generating the tags you need to basically do the same thing in emacs.
Locking down accounts after so many failed login attempts in a n minute window is a good method for slowing down brute force attempts as well.
If you do something like this make sure it's only from the IP in question. If you lock it down globally it allows an attacker to lock out a user simply by spamming login attempts.
Another good way is slow them down too. 5 failed login attempts disallows you try except every 5 minutes. After 10 failed login attempts lock it down.
Brute force is effectively 0 at that point unless they figure out how to connect to your DB directly (at that point you have bigger things to worry about).
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Posts
Half way there!
So what does putting an "L" before a string do in C? Does that have something to do with null termination? For example:
I am currently reading his book about C.
http://programming-motherfucker.com/become.html
(Read the manifesto for the Hyperbole)
(I say it's hyperbole because I believe you can still be a good programmer functioning within some of the methodologies he describes.)
Have you checked that the package that does not exist is actually in one of the included libraries? Are the jars added as libraries for that project (not just as general libs)? Are you using a recent version of NetBeans? I seem to remember older versions not always playing nicely with the Axis 1 libraries.
If all else fails, you can try adding the jar files individually to the classpath.
If you ever need to talk to someone, feel free to message me. Yes, that includes you.
The jars are added as libraries for the project.
I think my Netbeans install might be broken. There appears to be no way to add dependencies, which Netbeans apparently treats differently than libraries. I'll unistall when I get home and use an installer other than the JDK-Netbeans combo.
Don't assume bad intentions over neglect and misunderstanding.
<?php mysql_connect("your_host_name","your_username","your_password"); mysql_select_db("your_database_name"); $myusername=$_POST['username']; $mypassword=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mysql = "SELECT * FROM updated_users WHERE email='$email' and password='$password'"; $result = mysql_query($mysql) or die("cannot execute query"); $count = mysql_num_rows($result); if($count==1) { session_start(); if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { /* Prompt for password */ header("location:login.php") exit; } } else { $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } header("location:index.php"); // put your home page name here } else echo "Wrong Username or Password."; ?>I'm trying to get the "secure" part down before I go creating a class. Of course a session class will need very different programming behind it. The cart I'm working on will give rely on a lot of unique user information such as their Quickbooks invoice history and previous product pricing, so I ultimately have to make the class. Here's another nice example though its not secure.
EDIT - Actually this one looks much better.
I'm using that "Learning Ruby the hard way book" right now and it's pretty good. Feel like I'm learning a good amount and before I started this I was definitely not a programmer
I was thinking, "how have I not heard of this?" and then I saw that it was Zed Shaw and it all made sense. Smart guy... acerbic and divisive, but smart.
I was going to suggest adding an IP check as well but it looks like the tutorial you updated with did just that.
Also, you should be salting and hashing your passwords. My apologies if you plan on doing this later, but right now it looks like you're storing the passwords as plain text.
This isn't a trololol attempt. It is a serious question.
If you're like me and deal with GUIs and a lot of windows stuff, the shell is pretty impractical and so is using editors like sublime or notepad++ to try and get things done. Why open 18 windows to compile and debug if I can use tabs and one program?
I use Netbeans for stuff and run it more "manual" as well. Personally, depends on the scenario.
The problem with an IDE I see is that it's not necessarily the environment your code is going to be running in. For java, you could have your classpaths perfect in Netbeans but once you put the code where it's going to live permanently, are the classpaths the same? are the installs the same? Are we running in the same OS? For me, I have Win XP machines but most of my java code is on a Itanium Unix machine in jars as a webservice in Tomcat.
Do I want to test those service calls locally? or should it be up on the server?
It entirely depends on what you're building. Right tool for the job and all that.
There tends to be less of a wide variation on productivity tools when you name a specific task or language.
The main exception is usually programming in languages that don't have a build cycle, where all you really need once your environment is setup is a text editor. That comes down to developer preference, and always should imo.
Precisely. The benefits of an "IDE" for those is typically code completion type facilities, which makes it just a smart text editor.
The types of things that really justify an IDE to me are the ones that setting up the builds/scripts/deploy is non-trivial to do manually but trivial to do with the proper IDE. Visual Studio type projects mainly. I can debug locally easy, and easily deploy to a dev server for updating the common "proper" environment, without much trouble.
For web development I don't do that, since (a) there is no build and (b) setting up a local environment to match the server is easy and free, and usually a one-time deal.
That's if I even bother with local development, most of the time I just say FUCK IT, WE'LL DO IT LIVE. Hence the vim usage.
I do need that. I'll add in hashing/salting for user registration. Here's a nice guide. I already require strong passwords too. (One caps, one non caps, one number, one character.)
Okay, and one of the more important things to keep in mind there is the per-user salt as opposed to site-wide salts. A lot of MVC frameworks, etc, provide an app wide salt that is never a good idea to use. Locking down accounts after so many failed login attempts in a n minute window is a good method for slowing down brute force attempts as well.
Also, quick question, and you may have gone over this in a previous post. Is there a reason you're going completely from scratch as opposed to using a MVC framework, i.e. CakePHP, CodeIgniter, etc?
I want to point out that for C++ windows is the odd man out. Both Linux and OSX have C++ multiple build chains ( AutoConf, CMake, Scons, B2, QMake, Qbs, and on on on ) that remove the need to use an "IDE" and provide a nice command line interface. Windows on the other hand has always felt horrible when you try to use the same workflow.
I can't say I've heard of those. I've always coded from scratch, or with Dreamweaver or Zend Studio. As for PHP shopping carts, I love Magento to death and if I ever had my own inventory I'd use it and never look back, it just doesn't meet my job's needs. They have their own db, Magento has it's own db, and I can't really wire one to the other. I'll try CakePHP tonight though.
I love PDO. The only reason the pages I've posted aren't using them was because, at the time, I was working on a server that did not have all the PHP extensions configured (okay, make that none). I'm working on a different server now and can switch to PDO.
I have questions regarding this secure session class I've been working through. I can see how to start the session, but not how to end it. Is the tutorial missing a session ending method or will a typical session_destroy be needed (I doubt that...) Also, I'm not seeing how to personalize the session with database information. Where can I put in my own db queries and load up the session with certain information?
There are also things like refactoring, simple debugging with breakpoints, and other assorted tools that make IDEs more than just text editors. I could definitely see doing Python with a text editor and command window, but it just seems less convenient.
If you ever need to talk to someone, feel free to message me. Yes, that includes you.
I swear, I wake up, and you chaps have already answered urahonky's questions.
So I shall just say, "^^^^ What they said".
vim 4 lyfe, yo!
Haha - it's okay. I enjoy waking up, seeing the questions followed by the answers, and then muttering to myself...
PROGRAMMING NINJAS!!!
If you do something like this make sure it's only from the IP in question. If you lock it down globally it allows an attacker to lock out a user simply by spamming login attempts.
Typically I'll have Notepad++ taking up the left half of the screen (which helps to enforce my personal guideline of max 120 characters per line), a directory window at the top right, and one or two terminals at bottom right. I'll also have a browser, either minimized or on another monitor if I have one at the time, open to the documentation for the language.
IDEs feel way too heavy to me. They try to do too many things, and end up being mediocre or difficult to configure at most of those things.
I didn't even know fancy text editors and IDEs existed before college.
Like the thing I like doing the most in Eclipse is being able to hit F3 to look up a symbol or variable, and for whatever reason I've never gotten around to generating the tags you need to basically do the same thing in emacs.
SE++ Forum Battle Archive
Another good way is slow them down too. 5 failed login attempts disallows you try except every 5 minutes. After 10 failed login attempts lock it down.
Brute force is effectively 0 at that point unless they figure out how to connect to your DB directly (at that point you have bigger things to worry about).