Category Archives: internet

howto's, internet, php-mysql

Zip MySQL database backup with PHP and send as email attachment

6 Comments

I was a happy user of MySQLDumper until a while ago, when my shared hosting upgraded to the cloud architecture and latest PHP version; with that, some modules for PERL went missing and I was left without a viable backup solution (MySQLDumper PHP approach uses a javascript reloading routine which is superslow and is not compatible with wget nor remote cronjobs like SetCronJob.com).

So I found a couple of tutorials on the net (this, and this), mixed them together, especially improving David Walsh’s routine, blended them with some healthy bzip2 compression, and shipped to my webspace.

I stripped the part where you can select which tables to backup; I figured that any backup deserving this name should be “all-inclusive”; also I think that anyone with the special need to backup only selective tables should also be smart enough to change the code to suit his/her needs.

UPDATE 9/9/11: I just added a snippet of code to blacklist some tables from the backup, since I needed to trim the size or it gave a fatal error about the available memory being full; just fill the array with rows as you see fit

This is the result:

<?php
$creationstart=strtok(microtime()," ")+strtok(" ");

$dbhost="your.sql.host";
$dbname="yourdbname";
$dbuser="yourmysqlusername";
$dbpass="yourmysqlpassword";

$mailto="mail.me@mymailbox.com";
$subject="Backup DB";
$from_name="Your trustworthy website";
$from_mail="noreply@yourwebsite.com";

mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);

$tablesblocklist=array(
    "tablename1"=>1,
    "tablename2"=>1,
    "tablename3"=>1,
);
$tables = array();
$result = mysql_query("SHOW TABLES");
while($row = mysql_fetch_row($result))
$tables[] = $row[0];
foreach($tables as $table) {
if (!isset($tablesblocklist[$table])) {
$result = mysql_query("SELECT * FROM $table");
$return.= "DROP TABLE IF EXISTS $table;";
$row2 = mysql_fetch_row(mysql_query("SHOW CREATE TABLE $table"));
$return.= "\n\n".$row2[1].";\n\n";
while($row = mysql_fetch_row($result)) {
$return.= "INSERT INTO $table VALUES(";
$fields=array();
foreach ($row as $field)
$fields[]="'".mysql_real_escape_string($field)."'";
$return.= implode(",",$fields).");\n";
}
$return.="\n\n\n";
}
}
$filename='db-backup-'.date("Y-m-d H.m.i").'.sql.bz2';

$content=chunk_split(base64_encode(bzcompress($return,9)));
$uid=md5(uniqid(time()));
$header=
"From: ".$from_name." <".$from_mail.">\r\n".
"Reply-To: ".$replyto."\r\n".
"MIME-Version: 1.0\r\n".
"Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n".
"This is a multi-part message in MIME format.\r\n".
"--".$uid."\r\n".
"Content-type:text/plain; charset=iso-8859-1\r\n".
"Content-Transfer-Encoding: 7bit\r\n\r\n".
$message."\r\n\r\n".
"--".$uid."\r\n".
"Content-Type: application/octet-stream; name=\"".$filename."\"\r\n".
"Content-Transfer-Encoding: base64\r\n".
"Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n".
$content."\r\n\r\n".
"--".$uid."--";
mail($mailto,$subject,"",$header);

$creationend=strtok(microtime()," ")+strtok(" ");
$creationtime=number_format($creationend-$creationstart,4);
echo "Database backup compressed to bz2 and sent by email in $creationtime seconds";
?>

(WordPress killed the indenting and I’ve no intention of fixing it manually)

The whole routine runs in roughly 7seconds on my not-so-bright hoster server, including bzip2’ing and mailing, while the original text-only output for David’s code took on the same server roughly 17seconds; probably it’s due to the removal of several redundant loops, and using the builtin mysql_real_escape_string() and implode() functions instead of David’s workarounds.

My sincere thanks go to the authors of the two guides, without whom I wouldn’t be writing this today 😉

internet, rants

reCAPTCHA fails to deliver, bypassed or cracked, spam still comes through

Leave a comment

I like(d)  the idea behind reCAPTCHA, blocking spam while helping scanning books is cool, and let’s be honest, reCAPCHA images are more readable to the human eye than the random deformed alphanumeric combinations the usual antispam codes produce.

Anyway, even if I have Akismet plugin installed, being the comments captcha’ed I expected almost no spam at all, not certainly from bots, yet it’s been a constant for me; lately, a huge wave of spam messages, almost identical, hitted the website; this also happened on the punbb forum of my professional website, where reCAPTCHA plugin was in action, and you understand that finding a spam post containing plenty of links with obscene thumbnails attached is not good for my image.

What’s the reason behind all this? Possibly reCAPTCHA pollution by special kind of keyword spamming to make certain known words always check positive, or advanced OCR techniques, or your average next door guy payed some millicent each captcha he decyphers. I don’t really care, what I know is that spam is passing through.

So I decided to drop reCAPTCHA altogether and switch to good old onsite captcha generation, let’s see what happens, there is now SI Captcha plugin installed (suppose SI stands for SecureImage, I recognize the pattern).

  This article has been Digiproved

howto's, internet, php-mysql

PHP templating, preg_match, file_get_contents and strpos, the fastest

Leave a comment

While working on the website of reecycle.it, il frecycling italiano per il riciclo degli oggetti, I am spending my resources also on reducing at most the load on the Apache server of my italian shared hosting, Tophost, so i decided to make some benchmarks to see which was the best speed I could load the templates at, using different methods (a template is a “model” of a page -or part of-  written in HTML code, inside which the dynamic values loaded by the website engine are inserted).

All the templates used by reecycle.it were initially created as several .html files (one per each template) with several %tags% substituted by the str_replace() function before the output, but I thought that maybe there were different, faster ways to obtain the same result; a page can contain up to 5 or more different templates (general layout, login panel, simple search widget, search results table, and single row of the search results table), so each page could tell the server to access and load 5 different files on the hard disk (we are ignoring the disk cache for simplicity); maybe reading a single, bigger file containing all of the templates, loading it into memory, and later extracting the needed parts, is faster? This path can be taken in two ways, either by writing two “clean” lines of code using preg_match() and a regular expression, or by using a rather less “elegant” but strictly more performant combo of strpos() and substr() which instead needs several more lines of code.

In other words, I needed to know which one of the three (separate template files, single big template with regexp extraction, and single big template with strpos/substr extraction) was faster. I already knew preg_match was heaps slower than strpos/substr, yet I included it in the test for the sake of completeness.

This is the routine I used:

<?php
$creationstart=strtok(microtime()," ")+strtok(" ");

for ($i=0;$i<1000;$i++) {
 $text=file_get_contents("full.html");
 for ($n=1;$n<=8;$n++) {
 preg_match("/<!--{$n}\(-->(.*)<!--\){$n}-->/s",$text,$matches);
 $html[$n]=$matches[1];
 }
}

$creationend=strtok(microtime()," ")+strtok(" ");
$creationtime=number_format($creationend-$creationstart,4);
echo "preg_match: ".$creationtime."<br />";

/////////////////
$creationstart=strtok(microtime()," ")+strtok(" ");

for ($i=0;$i<1000;$i++) {
 $text=file_get_contents("full.html");
 for ($n=1;$n<=8;$n++) {
 $start=strpos($text,"<!--$n(-->")+strlen("<!--$n(-->");
 $ending=strpos($text,"<!--)$n-->");
 $html[$n]=substr($text,$start,($ending-$start));
 }
}

$creationend=strtok(microtime()," ")+strtok(" ");
$creationtime=number_format($creationend-$creationstart,4);
echo "strpos/substr: ".$creationtime."<br />";

////////////////////
$creationstart=strtok(microtime()," ")+strtok(" ");

for ($i=0;$i<1000;$i++) {
 for ($n=1;$n<=8;$n++) {
 $html[$n]=file_get_contents($n.".html");
 }
}

$creationend=strtok(microtime()," ")+strtok(" ");
$creationtime=number_format($creationend-$creationstart,4);
echo "file_get_contents: ".$creationtime."<br />";

where full.html is the single HTML file containing all the templates (a total of 8, consisting in paragraphs in lorem ipsum style, of different length), identified by <!--templatenumber(--> and <!--)templatenumber--> between which was the code to extract, while the single template files were named from 1.html to 8.html.

What the code does is, for each method it repeats 1000 iterations in which every single template is loaded, from 1 to 8, and measures the needed time to complete. This usage is not very realistic, as the template code is actually several lines of HTML code instead of few long lines of text, and templates are never loaded all together, but only those which are actually needed to draw the page; anyway, better performance in this test means better performance in real-life use (WRONG! check bottom for more details).

So, this was the result:

preg_match: 1.8984
strpos/substr: 0.0681
file_get_contents: 0.1352

Final times were obviously different at each page refresh, from a minimum (for preg_match) of 1.4s up to a maximum of 3s, anyway the relationship between them remained the same, that is the strpos/substr combination was two times faster than file_get_contents called for each file, yet what surprised me is how preg_match method is almost 30 times slower than strpos/substr, and hence 15 times slower than asking the server to read several different files together (I suppose this was due to the disk cache in action).

On a side note, the tech support of my hosting, inquired about this, suggested me to drop reading separate files in favour of reading a single file and using preg_match… go figure.

UPDATE:

I just went and tested this benchmark with real templates off reecycle.it… oh how much I was wrong.
I made a function on reecycle.it to fetch the requested template, that when the template inside the big file is missing, loads the single file template, returns it, and adds the missing template to the big single file, so after a while I got a 37kb supertemplate.tpl containing all of the templates of the website. I just changed the routines in the example above, to use the real files of the templates… and behold, the results were inverted! Using file_get_contents() on several files was two times faster than using strpos/substr on a single big file. No matter how I changed it, several, separate small files were still much faster than a single big file.

I blame it on two things: the file is actually big, so string functions have to deal with a big chunk of data to process, and especially the tag formats, since the template delimiters, practically in HTML comment format, begin with the “less than” symbol which is bound to be repeated lots of times inside HTML code, maybe confusing the strpos function.

In fact, in the templates archive file I modified the delimiting tags so they were like {tag(} and {)tag} instead of using the html comment tags <!–…–>, and the results of the benchmark went back to normal, being faster for the strpos/substr combo on the single file archive than with file_get_contents on several separate files, and the more the template requests, the faster the strpos/strsub method if compared to file_get_contents… see results of my next post.

Se vuoi cambiare la tua password, o non la ricordi, inserisci qui l’indirizzo di posta elettronica con cui ti sei registrato<br />
<form method=”post” action=”index.php”>
<table>
<tr>
<td class=”dida”>
email
</td>
<td class=”dati”>
<input type=”text” name=”resetmail” />
</td>
</tr>
<tr>
<td colspan=”2″>
<input type=”hidden” value=”resetpassword” name=”action” />
<input type=”submit” value=”Invia mail di reset” name=”sendresetpassword” />
</td>
</tr>
</table>
</form>

  This article has been Digiproved

internet, wordpress

Protect your WordPress contents from plagiarism with a digital timestamp

1 Comment

Since a while ago, I decided to release all the contents I produce with a Creative Commons license. Why? Well, once I publish my stuff online, anyone with an internet connection can read it; so, if they like it and want to make it more widely available, a stricter copyright policy would compell them to ask me for permission and blah blah; if people like the contents I produce and distribute them around, I’m happy about it, as long as it’s made clear that I am the original author and noone else tries to take credit for my work (because that would obviously piss me off big time). The CC license I chose is the NC-SA, which also forbids any commercial use of my contents (if someone’s going to earn money out of my work, then I want my fair share), and allows re-use of the contents as long as they are released with the same license (I wouldn’t want someone to take my work, reassemble it at his own liking, and then lock it down even if it’s not really theirs).

Well, all’s good until now, but what if someone tries to “steal” your contents? The things you write are legally yours since the moment they are written (as long as they are original, naturally), yet you need to prove they’re yours in case of a dispute. If someone copies one or more articles off your website, he could very well decide to say that those contents are his, and you copied them off him; your word against his.

The only way to “prove” that a written text is yours, is to prove that it was in your possession before anyone else got it; “timestamping” is the keyword, a timestamp which is legally valid (meaning that noone would be able to prove it’s fake), and that binds the digital works with your identity; it’s best if you get a digital timestamp before releasing your work, in fact, if an “attacker” has the means to download the contents off your website and certify them before you do, he would become the new technical owner of your contents.

There are several ways to get a timestamp, free and paid, more and less solid. A free digital timestamp service is provided by Timemarker, but it’s only available for manual timestamping, that is you have to go to their site and provide them with your contents, then download their timestamp PGP signature. It’s good if you need to timestamp images, or archives.

On the other side, if the contents you want to timestamp are written posts on your WordPress blog (and this is all this article is about), the only real good service available to occasional bloggers like me (those who do not make a living with their website) is the free Copyright Proof WordPress Plugin (wordpress.org plugin repository has the most updated changelog), which gets you the best for its price. As soon as you register a free account on Digiprove (they also offer paid timestamping for professional, non-Wordpress users), you can insert your own API key in the plugin, and it will take care of everything: as soon as you hit the publish button in the WordPress editor, before actually publishing the article its written contents will be submitted to Digiprove server for secure timestamping, and once the timestamp information is obtained, the article will be online along with its certificate (you can control how the digiprove timestamp appears both on your website and on their servers, and you can also see the badge at the bottom of this post). Same thing happens when you edit the article, the certificate will be updated to reflect the changes on the article, and the older certificates, even if not linked anymore, will still be valid for the previous revisions of the article.

This service, again, is free, and does its job perfectly. Cian Kinsella, Digiprove’s CEO, told me they’re going to improve the way the plugin works, to make it dynamically create the certificate HTML code inside the post (it’s currently hardcoded, with CSS styling done inside the tags), and he also anticipated that, after this change has been done, they will be probably adding a feature I requested, that is a sort of “older certificates drawer”, thanks to which the reader can access the links to the older timestamps of the previous revisions of your page which reside on their servers, and are currently lost (the links, not the certificates); this will greatly improve the functionality of the plugin for those who prefer updating their older posts with newer info, instead of opening new posts.
By the way, even if Cian is CEO of two different companies, and I don’t know his daily schedule but I suppose it should be pretty busy, he still managed to personally reply to my mails to Digiprove’s support, which is good!

Since a while ago, I decided to release all the contents I produce with a Creative Commons license. Why? Well, once I publish my stuff online, anyone with an internet connection can read it; so, if they like it and want to make it more widely available, a stricter copyright policy would compell them to ask me for permission and blah blah; if people like the contents I produce and distribute them around, I’m happy about it, as long as it’s made clear that I am the original author and noone else tries to take credit for my work (because that would obviously piss me off big time). The CC license I chose is the NC-SA, which also forbids any commercial use of my contents (if someone’s going to earn money out of my work, then I want my fair share), and allows re-use of the contents as long as they are released with the same license (I wouldn’t want someone to take my work, reassemble it at his own liking, and then lock it down even if it’s not really theirs).

Well, all’s good until now, but what if someone tries to “steal” your contents? The things you write are legally yours from the moment they are written (as long as they are original, naturally), yet you need to prove they’re yours in case of a dispute. If someone copies one or more articles off your website, he could very well decide to say that those contents are his, and you copied them off him; your word against his.

The only way to “prove” that a written text is yours, is to prove that it was in your possession before anyone else got it; “timestamping” is the keyword, a timestamp which is legally valid (meaning that noone would be able to prove it’s fake), and that binds the digital works with your identity; it’s best if you get a digital timestamp before releasing your work, in fact, if an “attacker” has the means to download the contents off your website and certify them before you do, he would become the new technical owner of your contents.

There are several ways to get a timestamp, free and paid, more and less solid. A free digital timestamp service is provided by Timemarker, but it’s only available for manual timestamping, that is you have to go to their site and provide them with your contents, then download their timestamp signature. It’s good if you need to timestamp images, or archives.

On the other side, if the contents you want to timestamp are written posts on your WordPress blog (and this is all this article is about), the only real good service available to occasional bloggers like me (those who do not make a living with their website) is the free Copyright Proof WordPress Plugin (wordpress.org plugin repository has the most updated changelog), which gets you the best for its price. As soon as you register a free account on Digiprove (they also offer paid timestamping for professional, non-Wordpress users), you can insert your own API key in the plugin, and it will take care of everything: as soon as you hit the publish button in the WordPress editor, before actually publishing the article its written contents will be submitted to Digiprove server for secure timstamping, and once the timestamp information is obtained, the article will be online along with its certificate (you can control how the digiprove timestamp appears both on your website and on their servers, and you can also see the badge at the bottom of this post). Same thing happens when you edit the article, the certificate will be updated to reflect the changes on the article, and the older certificates, even if not linked anymore, will still be valid for the previous revisions of the article.

This service, again, is free, and does its job perfectly. Cian Kinsella, Digiprove’s CEO, told me they’re going to improve the way the plugin works, to make it dynamically create the certificate HTML code inside the post (it’s currently hardcoded, with CSS styling done inside the tags), and he also anticipated that, after this change has been done, they will be probably adding a feature I requested, that is a sort of “older certificates drawer”, thanks to which the reader can access the links to the older timestamps of the previous revisions of your page which reside on their servers, and are currently lost (the links, not the certificates); this will greatly improve the functionality of the plugin for those who prefer updating their older posts with newer info, instead of opening new posts.
By the way, even if Cian is CEO of two different companies, and I don’t know his daily schedule but I suppose it should be pretty busy, he still managed to personally reply to my mails to Digiprove’s support, which is good!

  This article has been Digiproved

internet, rants

Progetto tessera sanitaria, certificati medici online, ma per favore.

8 Comments

In famiglia sono il più “tech-savvy”, e questo significa che ogniqualvolta ci siano difficoltà, più o meno banali, con tutto ciò che riguarda la “tecnologia”, io sia coercitivamente chiamato in causa.

…e chi chiamerai? Ghooostbusters ephestione!

Ebbene, stavolta è stato il turno di un parente medico, alle prese con il sistema di certificazione online per l’INPS, e per certificati di malattia di vario tipo; arrivo senza sapere quale sia il problema reale, ma sapendo comunque che, da qualche parte, l’inghippo si troverà. Cominciamo dall’inizio.

L’indirizzo del sito è www.sistemats.it, e prima di realizzare che si legge “sistema T-S”, l’istinto è di pronunciarlo “sistemaz”. Un altro nome potevano trovarlo. Il conforto però giunge quando, inserito l’URL nella barra degli indirizzi del browser, si viene ridiretti al seguente URL:

http://sistemats1.sanita.finanze.it/wps/portal/

Che senso ha? Anche se il sito è ospitato sui server del ministero delle finanze, avrebbero potuto mantenere sistemats.it come dominio root, per coerenza.

Cliccando sul link home, l’URL diventa magicamente qualcosa tipo (tenetevi forte):

http://sistemats1.sanita.finanze.it/wps/portal/!ut/p/c1/04_SB8K8xLLM9MSSzPy8xBz9CP0os_gwL2dLZwODYAP_UG9jA6MAf3Mvk6AQAwMPM30_j_zcVP2CbEdFAGkQrCE!/dl2/d1/L2dJQSEvUUt3QS9ZQnB3LzZfVkpDOUMwMFMwT1VLMzAyUE83SjRSVDAwSDY!/

I cookie di sessione dove li abbiamo dimenticati?

Fin qui, il problema non si pone molto, in fondo una volta arrivati sul sito X, chi è che torna a guardare cosa si trova nella barra degli indirizzi? (e questo è un motivo per cui molte persone rimangono vittima di scam e spoof di vario tipo.)

Una prima considerazione è d’uopo: molti medici, soprattutto i più “grandi”, a meno di non possedere uno spiccato interesse personale verso l’informatica, una volta messi davanti ad un pc sono delle vere e proprie capre (in senso buono, s’intende). L’obbligarli a rilasciare certificazioni unicamente per via non solo digitale, ma per giunta telematica, ha imposto su di essi un onere umano immenso; inoltre, lasciati a sé stessi, con in mano degli sterili fogli arrivati per posta, che pretenderebbero di spiegare in modo chiaro il funzionamento del sistema, fornendo allo stesso tempo i dati di accesso composti da codici alfanumerici, significa averli persi per sempre nei meandri di un universo sconosciuto e spaventoso.

home sistemats
La home del sito sistemats.it

Ora, questa è la pagina home del sito. Non so voi, ma io ho dovuto impiegare una buona manciata di secondi per trovare la sezione per autenticarsi. Mi sarei atteso un modulo di login con i campi per nome utente e password in alto a destra, oppure un link “Login/Entra/Accedi” ben visibile nel menu, ma non riuscivo a trovare nulla del genere. La mia banner-blindness mi ha impedito di far caso all’icona nell’angolo in alto a destra, con il link apposito. Risolto, penserete? Macché.

certificato non riconosciuto
Finanze e sicurezza, un dicotomio

Subito dopo aver cliccato sul link per “accedere con credenziali” ci si trova di fronte a questo. Nessun problema per me, immagino sia privo di rischi l’accettare un certificato proveniente dal ministero delle finanze, ma ricordate che stiamo parlando di qualcosa rivolto ai medici di famiglia, capre davanti ad un computer. Cosa fa il medico in questo caso? Giustamente, perso nell’universo parallelo del digitale, usa un mezzo a lui ben noto, il telefono, per mettersi in contatto col servizio di assistenza. Risposta?

Deve avere qualche problema di sicurezza con l’antivirus

Tralasciamo, dopotutto alla fine ha fatto una cosa sensata, ed invece di disattivare AVG (ammesso che sarebbe riuscito) ha deciso di chiamar me.

Quindi accetto il certificato e proseguo, mi trovo ora davanti a quello che dev’essere il form di login più userfriendly della storia:

login sistemats
Il form di login

Il livello di zoom della pagina nel browser non è stato modificato in alcun modo, anzi, per sicurezza, in Firefox ho anche cliccato su Visualizza>Zoom>Reimposta. Mentre io sfruttavo la mia vista ancora buona, il medico accanto a me si ciecava strizzando gli occhi a 15cm di distanza dal monitor cercando di capire cosa ci fosse scritto a schermo.  Se non altro, siamo rassicurati dal fatto che

Per qualunque chiarimento rivolgersi al proprio Amministratore di Sicurezza

Chi sarebbe costui?

Premo CONFERMA (perché non “Entra”?) contemplando il pulsante RIPULISCI (perché non “Cancella”?). E soprattutto, perché entrambi i pulsanti sono ombreggiati in modo da sembrare già premuti?

Mi autentico, cambio la password standard fornita dalla società che, per conto del ministero, gestisce il sistema, ed il medico comincia a prendere confidenza col pannello utente. Ma non prima di aver dovuto scegliere le domande di sicurezza. Sì, perché se yahoo e google ti permettono di scegliere tra “Come si chiama il tuo gatto” e “Qual era il nome della tua prima fidanzatina”, per tutelarti qualora dovessi dimenticare la password, il sito in questione ti chiede di scrivere a mano sia la domanda che la risposta, per due volte. Altri 5 minuti persi così aspettando che la fantasia ormai scossa del medico partorisse una coppia di domande di autenticazione.

Troviamo il link per “Inviare un certificato (medico)”, finalmente. Ci si clicca sopra, e ricompare un secondo errore da Firefox per un certificato di sicurezza non riconosciuto, ma ormai siamo preparati all’imprevedibile e superiamo l’ostacolo. Un paio di giri di prova con logout seguito da login autonomo del medico, per accertarsi che avesse acquisito il metodo, e via verso nuovi orizzonti.

Tornato a casa, mi sono voluto divertire anche ad esaminare il sito dal lato tecnico. Per prima cosa, i badge di XHTML e CSS del W3C (quanti siti li mettono in mostra senza usare codice validato). Il sito è in XHTML 1.0 valido (persino strict), mentre il badge del CSS punta alla pagina del validator vuota, senza specificare di validare automaticamente il link referer; quindi non mi sono dato la pena di inserire a mano l’URL, mi fido.

Veniamo al sorgente, vero aspetto in cui il sito si distingue. Non bene, ma l’importante è che si distingua.

La prima riga di codice è la specifica del DOCTYPE, e si trova alla quindicesima riga, le 14 righe precedenti sono vuote, le ultime due di queste contengono alcuni spazi randagi prima del carriage return.

La riga successiva, il tag di apertura <html>, si trova alla riga 34.

Il codice prosegue così, tra fulgidi biancori di righe desertificate, ed un numero straordinariamente elevato di <!--commenti html--> lasciati dovunque, alcuni con abbondante markup html inutilizzato, altri con commenti veri e propri riguardo al codice.

Il più caratteristico comincia così:

<!-- Modifiche Anto 2007-11-14 R1.1 [...]

Passando il codice HTML della homepage nel servizio HTML minifier (che rimuove tutto ciò che non viene visualizzato, quindi non solo spazi tabulazioni e carriage return, ma anche, appunto, i commenti) i bytes da scaricare si riducono nientemeno che del 43%. Per confronto, ho eseguito lo stesso test con alcune pagine di un sito il cui codice è stato interamente scritto da me, e la compressione si aggira attorno al 10%.

Che altro dire?

  This article has been Digiproved

howto's, internet, php-mysql

Resize, enlarge or scale an html image map with a PHP script

5 Comments

I am creating a portal for an italian website which will sport a nice region selector with an imagemap, and region highlighting with a javascript. I found a free and detailed image map of italy along with a combined png, but it was too small to be really useable, so I needed to put a bigger image; with that, I also needed to alter the imagemap coordinates to they matched the enlarged image… noway I was going to do that by hand!

So, after searching for a pre-made solution (which I obviously didn’t find)  I devised a very simple PHP script to do eaxctly that. The script puts the entire code for the image map inside a string variable, and then processes that string with a regular expression search and replace to change the values accordingly to my needs. I only needed to make the image two times bigger, mantaining the aspect ratio, but since I was going to publish this inside a guide, I said to myself “why not making it so you can change the aspect ratio as well”. So, if you want, you can make the imagemap two times larger, and 1.5 times taller.

Here’s the sample script (the $html variable is defined with a sample imagemap for the region of Lazio alone, for space purposes, but you can put whatever you want inside, I used it with the whole map of Italy, together with <map> tags and lines breaks/indentation). Be careful and ESCAPE the double quotes inside the HTML before pasting the code inside the string. In other words, simply put a backslash (the \ character) before each occurence of a double quote (the $quot; character) inside the HTML, I used the search and replace function of Notepad++.

<?php
$html="<area href=\"#\" alt=\"state\" title=\"lazio\" shape=\"poly\" coords=\"74.513,86.938,75.667,87.365,75.667,88.007,74.744,89.077,75.436,90.467,76.359,90.039,77.857,90.039,78.319,90.039,79.127,90.788,79.588,91.857,79.588,92.606,80.049,93.034,80.51,93.034,81.317,94.103,81.779,94.852,82.24,94.959,83.74,94.852,84.201,94.959,85.123,94.959,86.392,94.103,87.43,93.141,88.122,93.141,89.39,93.141,89.967,92.713,91.351,90.895,91.813,90.895,92.274,91.216,93.196,90.895,94.349,90.788,94.926,90.467,96.31,89.825,96.886,90.467,96.656,90.895,95.849,91.323,95.387,92.072,94.234,92.072,92.965,92.713,92.505,93.676,92.505,94.317,92.734,94.959,91.928,95.28,91.813,95.922,91.467,96.778,92.505,98.382,92.505,99.023,92.505,99.986,91.928,101.804,91.928,103.194,92.734,103.837,94.234,103.623,96.31,104.264,97.579,105.013,99.309,106.51,102.191,108.543,103.229,108.543,104.728,109.077,106.113,110.361,106.574,111.965,106.804,113.035,106.574,113.783,106.574,114.425,105.882,114.853,105.305,115.067,104.844,115.067,104.728,116.029,104.728,117.099,104.152,118.061,103.46,118.703,102.999,119.345,102.999,120.093,101.961,120.308,100.23,120.735,99.539,120.308,98.271,119.345,96.656,118.489,95.156,118.275,92.965,118.489,91.005,118.703,89.39,116.885,89.506,116.029,88.122,114.639,85.931,113.997,83.97,112.607,81.548,110.574,78.55,107.687,77.627,105.869,76.128,104.692,74.975,102.874,73.706,101.056,71.745,99.023,70.131,97.098,67.594,94.959,69.093,93.676,70.131,92.606,70.592,91.216,70.592,90.039,71.745,89.611,72.553,88.649,73.014,88.221,72.553,86.938,73.245,86.189,74.513,86.938\" />";
echo preg_replace("/([0-9.]{2,}),([0-9.]{2,})/e","round(\\1*2,3).','.round(\\2*1.5,3)",htmlentities($html));
?>

All you need to do is change the parameters inside the regular expression (numbers in red), first is for horizontal proportion, second for vertical; in this example the imagemap will be resized to 2 times its length, and 1.5 times its height, if you want to make the size three times bigger, change it to

echo  preg_replace("/([0-9.]{2,}),([0-9.]{2,})/e","round(\\1*3,3).','.round(\\2*3,3)",htmlentities($html));

Then, copy the php script to your server, open it in a web browser, and copy/paste the result. Note: according the the way the imagemap is originally formatted, you may need to edit the regular expression to accomodate for spaces, tabs, linebreaks or whatever; in this case, since the coordinates were listed with just commas inbetween it was not needed. If you are stuck, write in the comments an excerpt of your imagemap code and I’ll try and help you.

  This article has been Digiproved

howto's, internet

Time of last visit to a website page in Firefox history

Leave a comment

Last time I put hands on my car, a Rover 75, in order to change by myself the in-tank fuel pump (maybe a tutorial will be coming about that), I already knew it was going to be a hard task. That’s why I made sure I had enough time, it was a sunny sunday morning and had plenty of light as well.

Last thing I did before going out in the yard was checking some tutorial page to rapidly review the job details, and first thing I did after the job was finally done and I checked the pump was working, was to call my girlfriend to give her the good news, even if I knew she wasn’t going to car much. What I hadn’t done, was checking the time before going out, and after getting back inside, and I was surely curious to know how much it had taken total.

Checking the call history on my phone was easy, so I knew the time I finished, but looking in Firefox History to see at what time I had last visited that tutorial webpage, it wasn’t as easy as I thought, since there was no right-click option whatsoever to obtain that info. I knew it had to be recorded somewhere, since Firefox has the capability of ordering its history based onorder of last visit, so a not-so-immediate search found this solution, whis is the following:

Go to History menu -> Show all history, then in that window you have to add the date column (right-click on the columns headers and check “Visit Date”), that will show the visited time.

If you’re curious, in the end I realized I had been a total of four hours at it.

download, howto's, internet

Tutte le faccine, gli smiley e le emoticons di C6 per Miranda IM

Leave a comment

Dopo che r3vindt aveva sviluppato il plugin del protocollo C6 per Miranda, ho iniziato subito ad usarlo summo cum gaudio al posto del programma originale di C6, anche se al tempo mancava il trasferimento dei files… ma poco male, sempre meglio avere tutti gli instant messengers concentrati in un unico programma piuttosto che tenere un mastodonte poco configurabile come il client di C6 classico sempre attivo.

Ora che i filetransfers sono perfettamente funzionanti (mentre scrivo l’ultima versione del plugin è la 0.1.0.2) ed è supportata anche la funzione multichat, mancavano solo le emoticons, delle quali, non c’è che dire, C6 abbonda davvero. E’ per questo che ho deciso di aggiungerle tutte sotto forma di una estensione per SmileyAdd. Ho scaricato le gif animate (ma c’erano anche qualche bmp e jpg) dal sito di C6, ed ho creato un file asl utilizzando il linguaggio di scripting di mIRC, in modo che ricorsivamente per ogni immagine fosse creata una riga con la sintassi di SmileyAdd.

Il prodotto finale è quello che potete scaricare da qui. Leggete il readme.txt all’interno del file zip per le (minimali) istruzioni di installazione.

download, internet, pc

Internet tools freeware downloads

Leave a comment

After the website was moved to the new domain and converted to PHP, a lot of utilities linked here have been massively updated, disappeared, or become obsolete/useless. I removed the obsolete/useless ones, and added “google” near the ones which are not hosted in here but you should google for, while the downloads you can find in here are pretty rare, bust still useful ones

GuildFTP Daemon (GuildFTPd) (google)

Free FTP server, installs and configures easily, can interact with mIRC (great if you want to set a banner on an IRC channel to share songs, pictures, or everything else on your HD), has a nice graphic interface.

GuildFTP mIRC Script (google)

This mIRC script, younger brother of GuildFTPd, is an FTP server which runs in mIRC (!) through a script for this chat program. It is obviously usable only if you plan to run an FTP for an IRC channel, and should use less memory of the proper application, since is “embedded” in mIRC (obviously it’s not as user friendly as the main app).

NetPerSec (google)

ZDLabs utility to constantly monitor the download/upload speed. What is simply too cool about this one is that it shows itself in the system tray with a small graphic to see in real time the speed (too bad under Windows 2k it needs to be restarted if you disconnect/reconnect, because it behaves randomly…)

Zidrav (google)

You create a CRC table of the big file you downloaded, send it (via mail, IRC DCC, ICQ, whatever) to the guy who has the original file, who uses the same program and the CRC table you sent, to create a “patch”, which he later sends you (again, via FTP, DCC, or whatever), and which you use with the same program to fix your file which will be exactly the same of the original one.

howto's, internet, pc

How to get an named alias for your dynamic IP

2 Comments

No matter if you use a DHCP connection (which means you have a different IP address for each connection – every 56k and ISDN line, and some DSL and Cable lines) or a static IP one, if you have a server installed on your machine, you may take advantage by "changing" your IP with a named address (for example, "yournick.hn.org" instead of "151.21.7.103"); for instance, the users of your server would easily remember your address.

This can be done for free, using both a service which mantains a DNS (Domain Name Server – a server which is capable of telling you the IP corresponding to an alias, like "yournick.hn.org", that would correspond to "151.21.7.103" as in the example above), and a small program which checks your IP every "n" minutes, and if it changed since the last time, sends the updated information to the service itself. So, very briefly, someone who knows you have an FTP server responding, for example, at the address ilikecandies.hn.org, port 21, would have his FTP client asking to the DNS of the service to tell him your true IP, and then would directly connect to that IP… still the only information he must remember is "ilikecandies.hn.org", and not your true IP, which is much more difficult to keep in memory).

To the practice now: there are more than one way to achieve this, and they depend from the small program you use to send out your IP. Every free service suggests free utilities to update the IP automatically, and since I wrote this guide years ago, the only service still operating is DynDNS.org.

DynDNS allows you to choose aliases different from the principal domain (which means, you can get "yournick.dyndns.org", but also "yournick.mine.nu", "yournick.homeip.net", and several others).