Welcome to my site...

A chinese lion statue

Thanks for visiting my website. You can learn more about me and all the many projects I am involved with my browsing this site. Below you will find the most recent articles published in all the different sections of my website. If you want to view articles on a specific area, please cick on one of the category links above. You can also follow the other links to learn more about me and my non-technical interests.

I'm glad you decided to drop in, feel free to leave comments on any article or to use the contact page to get in touch with me.

Customize the Frontpage / Home Page Template in Joomla 1.5 PDF Print E-mail
Web Development - Joomla
Monday, 21 March 2011 16:56

When visitors first land at your homepage, often you want to do something special. You may want to show a special message, change the header, or do a number of different things. Using the normal backend administration, you can set various modules to display based upon the menu item in Joomla 1.5; however, an empty module position may throw off your design. For example, if you have a three column layout, but only want to show two columns on the frontpage this can be problematic to setup each individual module position, and if you change, add, or remove modules this can be a real headache to implement. Furthermore, if you are developing a template for third party users, you really want to make things happen automagically.

Recently, I had to do a template conversion for a client that required various elements throughout the frontpage to be different. This involved not only making CSS changes, but also dynamically loading PHP and JavaScript code for only the homepage. After digging through the API, I have developed an effective method to determine if you are on the home or "default" page in the template and then to properly apply the necessary logic to make your final display. In preparing for this article, I can across a method posted on the official Joomla docs; however, this method relies upon a specific alias. The alias method is interesting, but it will be customized to only a particular installation, making redistribution difficult since there is no requirement that your homepage's alias be set to "home" as described in the tutorial. Instead, in the method below we will query the Joomla environment for a few additional pieces of information and use some PHP if statements to fine tune our layout control.

Click here to read the full article...
 
Primer on Character Encoding Settings with HTML/PHP PDF Print E-mail
Web Development - PHP
Saturday, 08 May 2010 10:45

Introduction: What are Character Sets and Character Encoding?

While as humans we perceive words as a collection of letters or glyphs as full word representations (e.g., Chinese) computers store everything as a binary representation, including letters. Every letter is represented in binary as some numeric value which is constant within a character set. The most familiar simple character set is the ASCII Character Set, which covers most standard English letters and numbers. However of course, other letters exists as well as diacritic marks and accents (e.g. β, ©, Ü, ŏ). When text is saved into memory/storage it is usually saved using one specific character encoding. Since the saved binary is actually just binary data it is possible to render text saved with one encoding in a different encoding. This is usually not intended and often results accidently and results in corrupt data display; however, because some character encodings storage values overlap it may not always be discernable.

ASCII is insufficient for coverage of all global alphabets and glyphs. Unicode provides a set of standards that include characters in multiple languages, and allows for multi-byte character representations. In ASCII all characters are of a uniform length (8 bit/1 byte); however, there are obviously insufficient possibilities to store all the characters needed for global languages. Of the Unicode standards, the most commonly used is UTF-8, which is the most frequent Unicode character encoding using on UNIX systems and the Internet.

Tags utf-8 :: iso-8859-1 :: mojibake :: ascii :: encoding :: characterset
Click here to read the full article...
 
How to make drop-down boxes ( select elements) with JHTML. PDF Print E-mail
Web Development - Joomla
Monday, 06 July 2009 23:45

JHTML is a very odd class to work with because most of the time you are only calling JHTML::_()and passing some cryptic string that magically gets interpreted into HTML for you. The first thing you should know is that JHTML is a service class, which actually calls a subclass based on the first parameter. I am not sure why you do not natively just call the direct class you want as opposed to this notation which I find odd, but I have decided that I might as well learn all the weird Joomla styles and use them for greater understanding across the community when they look at my code.

So in order to help you get started with this beast, we will look at how to create a drop-down box, formally known as a select element in a form.

Before we get started, it will be a lot clearer if you check out the API from the actual class that will doing the work, we will then work our way back up. When I approached it this way, it made a whole lot more sense later. The class is so obviously named JHTMLSelect, click the link to see the API. Now, we are going to start with the most basic, yet at the same time most complex method, genericlist. The other methods are just more specific version of this, so if you get can the hang of this you will be pretty well set.

Tags Joomla :: JHMTL :: HTML :: forms :: web design
Click here to read the full article...
 
Input Sanitization using JRequst PDF Print E-mail
Web Development - Joomla
Friday, 29 May 2009 06:51

Think about the most basic kind of web page you can create, static HTML. In this sense, you are not expecting any input (either from the user or via a link) to effect the output. This was the easy life back in the early days of the Internet, and life was good. Today, most websites are dynamic. This is most likely why you are using a CMS like Joomla. Now, you may not include any "interactive" features on your website, but the second you start using Joomla your site truly is interactive, because a dynamic site relies upon dynamic content. In most cases, you may (think that you) control the input, but there is really nothing stopping the user from changing the dynamic instructions you set.

Let's take simple example. You have a muli-page article. On the bottom of page one you have a link with a target like this somesite.com/index.php?page=2. At first glance, this looks innocent enough. But there is nothing stopping the user to changing that value and submitting it to your website. But what's the worst that can happen? They change page=2c to page=3 and they go to page 3. That's one possibility, but if you do not filter and validate your input, they may be able to inject arbitrary code and get your application to do something funny.

This may seem fairly obvious in today's world of XSS, CSRF, and other nasty acronyms. However, if you are writing Joomla components you must take this into account. As Joomla grows in popularity, hackers will be drawn to attack your code. Further compounding this issue is that most Joomla site owners know absolutely nothing about HTML never mind web security or procedures. That is why you must make your code as strict is possible - I know this if often very hard in a loose language such as PHP on which Joomla is built.

Tags Joomla :: sanitization :: input :: GET :: POST :: api :: tutorial
Click here to read the full article...
 
Evil Twin Attack Demonstration PDF Print E-mail
Security - Exploits and Attacks
Wednesday, 13 May 2009 00:00

 

The following is a demo and presentation I made to explain the Evil Twin AP attack. In the Evil Twin attack, you use software to immitate a real access point in order to trick user into connecting to your AP instead of the real AP. This gives you man-in-the-middle abilities to snoop and inject data. The presentation includes videos direct from YouTube, so you can easily see the attack in action. I recommend going full screen and watching the videos in HD for best viewing.You can also view the demo videos directly by clicking here.


To view the full report on the Evil Twin attack, click here.

 

 

 
<< Start < Prev 1 2 3 4 5 Next > End >>

Page 1 of 5