Tuesday, September 27, 2011


WebGL Experiments

Learning WebGL

WebGL Specification

Problems & Solutions:

Problem 1: ‘Can not Initialise’ in Firefox 4+
1. Type “about:config” in your browser’s URL bar
2. Filter by ‘webgl’
3. Set webgl.force-enabled = true (double-click)
4. Set webgl.verbose = true (to see error Tools > Error Console)
5. Restart Firefox

Problem 2: Cross-domain WebGL Texture doesn't render
- ‘forbidden to load a WebGL texture from a cross-domain element’ in Firefox 4+
- or 'Uncaught Error: SECURITY_ERR: DOM Exception 18' in Chrome 10+
Solution1:  work locally
1. Encode the image into base64
Binary File to Base64 Encoder
 2. Put data source in place of the image's path
<img src="data:image/jpeg;base64,iVBORw0KGgoAAAANSUhEUgAAADIA...really long string" alt="" />

Friday, September 23, 2011

HTML 5, CSS3 and JavaScript

1. 8 Simply Amazing HTML5 Canvas and Javascript Animations

e.g. Bomomo

2. 10 Jaw Dropping HTML5 and Javascript Effects

e.g. Blob

3. 13 Amazing Examples of HTML5 and CSS3

e.g Coke Can

4. WebGL

how to prevent SQL injection

SQL Injection Attacks and Some Tips

' UNION SELECT name, type, id FROM sysobjects;--
- the initial apostrophe closes the opening quote in the original SQL statement.
- the two dashes at the end starts a comment, which means that anything left in the original SQL statement is ignored.

SQL Injection

' or '1'='1
' or '1'='1' -- '
' or '1'='1' ({ '
' or '1'='1' /* '

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of '1'='1' is always true.


Tuesday, September 20, 2011

PHP mail()

No email was sent

1. check if sendmail server is running
[root]# service sendmail status

Configuring Linux Mail Servers

Friday, September 2, 2011

Prevent Cross Site Scripting

1. HTML and JavaScript

2. PHP: Preventing typical XSS attacks

3.  15 PHP regular expressions for web developers

4. XSS (Cross Site Scripting) Prevention Cheat Sheet

5. PHP Regular Expression

6. Using Regular Expressions with PHP

7. Regular Expression Basic Syntax Reference

8. Using a Regular Expression to Match HTML

9 Ultimate Regular Expression for HTML tag parsing with PHP

Literal Text:
- The characters that match themselves are called literals

  • backslash  \  :
  • caret  ^  :  at the beginning of a regular expression indicates that it must match the beginning of the string
  • dollar sign  $ : match strings that end with the given pattern.
  • period or dot  .  : matches any single character except newline (\). e.g. the pattern h.t matches hat, hothit, hut, h7t, etc
  • vertical bar or pipe symbol  |  : is used for alternatives in a regular expression.
  • question mark  ?   : 
  • asterisk or star  *  :
  • plus sign  +  :
  • square bracket  [   ]  :
  • round bracket  (  )  :
  • brace  {   } :

If you want to match a literal metacharacter in a pattern, you have to escape it with a backslash.

[agk]    matches any one a, g, or k
[a-z]    matches any one character from a to z
[^z]     matches any character other than z
[\\(\\)] matches ( or ) (in javascript, the escape slash must be escaped!)

.        any character except \n
\w       any word character, same as [a-zA-Z0-9_]
\W       any non-word character
\s       any whitespace character, same as [ \t\n\r\f\v]
\S       any non-whitespace character
\d       any digit
\D       any non-digit

\/       literal /
\\       literal \
\.       literal .
\*       literal *
\+       literal +
\?       literal ?
\|       literal |
\(       literal (
\)       literal )
\[       literal [
\]       literal ]

\-       the - must be escaped inside brackets: [a-z0-9 _.\-\?!]

{n,m}    match previous item n to m times
{n,}     match previous item n or more times
{n}      match exactly n times
?        match zero or once, same as {0,1}, also makes + and * "lazy"
+        match one or more
*        match zero or more

|        or
(x|y)    match x or y, inclusive (all x and y will be replaced)
( )      grouping and reference
\1       reference to first grouping, used in the expression
$1       reference to first grouping, used in the replacement string
$$       literal $ used in the replacement string

^        anchor to the beginning of the string
$        anchor to the end of the string
\b       match a word boundary (does not include the boundary)
\B       match a non word boundary (does not include the boundary) 

q(?=u)   match q only before u (does not match the u)
q(?!u)   match q except before u 

i        case-insensitive search, used like /expression/i
g        global replacement, used like /expression/g