Tag: linux

Simple PHP7, SQLite3, and AJAX Tutorial

Simple PHP7, SQLite3, and AJAX Tutorial

Ajax and PHP
Ajax and PHP

    Using PHP and AJAX can be somewhat confusing. But, the benefits are countless when it comes to doing web related projects. So, I wanted to do a simple tutorial/example of how to get things setup and how to do some basic insert and retrieval of data. For this project, I’m using PHP7, SQLite3, AJAX, Firefox, and Atom. You can use any browser with debugging options and any integrated development environment (IDE) or text editor you want. I choose SQLite3 as my database because it’s lightweight and good for applications that need a database.


To Top


To Bottom

Setup

Creating The Layout & Files

Ultimately, my file and directory layout looks like this:

├── ajaxNphp  // This is my working dir
   ├── index.html
   ├── process.php
   └── resources
       └── server.db

The ajaxNphp folder is the root folder of this project. In this folder, we have a resources folder that holds the database and can hold CSS and JavaScript files among other stuff. ***Note: For this project, JavaScript and CSS are inline to the files! I’m trying to keep this as simple as possible.*** For this part, I recommend using the terminal since it can be faster and we will use it for some other stuff during this project. So, KEEP IT UP! Anyway, My project is located in my Downloads folder under the ajaxNphp folder.
So, I open a terminal and type:

cd ~/Downloads/ajaxNphp/

The tilda (~) means your home folder and the rest is pretty self explanatory. I then do:

mkdir resources && touch index.html process.php

This creates the resources directory where our database will go; if successful, it will then create our PHP and HTML files that we will use for the project. The next part is for us to actually install the tools so we can setup our database and start writing code.

The Tools

    I’m using an Ubuntu based operating system so I’ll show the commands you need to get PHP7, SQLite3, and Firefox installed.

sudo apt-get install sqlite3 php-sqlite3 php firefox

OK, now let’s just check that we have the proper versions installed.

PHP Check

// This will somewhat cleanup the version info on retrieval
php -v | awk '{ print $1 $2 }' | head -n1
// I get PHP7.0.25-0ubuntu0.16.04.1 which is PHP 7.0.25, so I'm set.

SQLite Check

sqlite -version
// I get 2.8.17

// If you do too, try:
sqlite3 -version
// If you get a return, then you are set for SQLite3.
// I get a return value so am set.

Ok, so now we need to determine an environment to work with. I recommend Atom because it has a robust set of plugins and themes that make it more pleasant to work with. You’ll need to get it through their website if you wish to use the same thing; but, any text editor will suit this project.

Setup The Database

    OK, so we now need to setup a database that we can query and insert to by using AJAX, PHP7, and SQLite3. I hope you’ve kept your terminal open as we will now change directory (cd) into the resources directory and launch SQLite3. So, here is what we do:

cd resources/ && sqlite3 server.db

We will then be presented with:

SQLite version <Your SQLite3 Version>
Enter ".help" for usage hints.
sqlite>

If you are seeing this, then let’s go ahead and create our database. I setup three columns for this project and they are title, date, and link. Recall, I’m doing a movies database so the first is for movie titles. The second is for when it was released, and the third is the cover image. So let’s create the table in our database.
Simply do:

CREATE TABLE Movies(title MAX, date varchar(10), link MAX);

If it was successful, you should see NO ERRORS and if you run :

.tables

you’ll get it returned. MAX means that the field can take the largest string possible. The varchar(10) means the field is limited to ten characters. There are other data types such as ints, but we will ignore them for now. Now, let’s insert some initial movie data by doing these below commands one at a time. Make sure there is an ending semi-colon for each!

// Date is in MM/DD/YYYY format

INSERT INTO Movies VALUES('Alien', '05/25/1979', 'https://images-na.ssl-images-amazon.com/images/I/61ujvw4OXNL._SX342_.jpg');

INSERT INTO Movies VALUES('Contact', '07/11/1997', 'http://www.filmsgraded.com/posters/01/1/8/8/84a.jpg');

INSERT INTO Movies VALUES('Paul', '03/18/2011', 'https://upload.wikimedia.org/wikipedia/en/thumb/9/96/Paul_poster.jpg/215px-Paul_poster.jpg');

// Check your work
SELECT * FROM Movies;
// You should see the data you entered returned.

// If so, then simply exit.
.exit

Excellent! The commands are pretty simple to understand. They even give a hint of what is going on. We use “INSERT INTO” to start the insert process. We reference our “Movies” table we created and then pass “VALUES” which match up with our title, date, link table layout. We end each command with a semi-colon. Next, we need a server to process PHP commands, interpret our form data, retrieve our data, etc.

Setup The Server

    There are many servers out there one can use and there are some servers that are for testing. If you want to see some options, read my post on Quick Test Servers. For this project, I’m using PHP’s built in server used for testing since it will process PHP and our HTML files.
If you’ve kept the terminal up do this:

cd .. && php -S 127.0.0.1:1212

It’s pretty straightforward for what we are doing here. We moved back to the top directory of the project using cd .. since we only moved down one directory, We then use the “php” command with “-S” as a switch to use its server. We give “-S” an argument of “localhost” (127.0.0.1) and a port of 1212. The port needs to be bigger than 1024 since any port lower and equal to that requires sudo to use. It then waits to process requests. We can use ctrl + c to kill the server which can be helpful for when we want to use ctrl + l to clear the terminal screen of any text output and restart. When your project is complete, you can omit the change directory command and just do the PHP et all part. Add an “&” to the command so that the process is persistent even if the terminal closes. Now, we are truly ready to code!

HTML

Our Basic HTML Template

    Let’s start off with a basic HTML template that we will add to shortly:

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Test AJAX/PHP</title>

<script type="text/javascript">
</script>

</head>
<body>

<h2>Save Movie Info</h2>
<form action="process.php" method="post">
    <input type="text" title="Title" placeholder="Title" name="Title" value="">
    <input type="text" title="Date" placeholder="Date" name="Date" value="">
    <input type="text" title="Link" placeholder="Link" name="Link" value="">
    <input type="submit" name="saveInfo" value="Save">
    <button type="reset" value="Reset">Clear</button>
</forn>


<br/><br/>
<h2>Search Movie Info</h2>
<form>
    <input type="text" name="searchField"
           title="Search"
           placeholder="Search..."
           onkeyup="getData(this.value)"/>
</form>
<br/><br/>


<div id="dynDataField"></div>
</body>
</html>

    Let’s break this down. We have two forms with their own input fields. One form is used for saving new movie entries and the other searches the database and gets the data back. The form that saves new movie info has three fields and a submit button. The three fields correspond to the three columns in our database and Movies table. The submit action uses the forms submit action to send our process.php script POST data about the form for processing.

    The search form has one input field and an onkeyup event that calls a function called “getData”. This function has a parameter passed to it of “this.value” which will take the query that one has typed in. AJAX will be used in this instance to get data from the server as we type in a character. We have a div tag with an ID of “dynDataField” that we will reference to insert the returned data from the server. This is our bare bones HTML. But, it is pretty useless. Clicking any of the buttons or typing a search does nothing. So, let’s create an AJAX script to get our already entered data!

AJAX

AJAX Search Script

    At the heart of AJAX, there are 4 core steps for GET and 5 core steps for POST.

  1. Create an XMLHttpRequest object
  2. Setup an onreadystatechange function for the XMLHttpRequest object
  3. Open a connection with the XMLHttpRequest object
  4. With POST: Setup a setRequestHeader with an XMLHttpRequest object
  5. Send the data with an XMLHttpRequest object
    // Step 1: Create object
    var xhttp = new XMLHttpRequest();  // Create the xhttp object
    // Step 2: Setup an onreadystatechange function for the XMLHttpRequest object
    // This is actually run after send is done and the server spits out info.
    xhttp.onreadystatechange = function() {
        // Confirm we have a  successful connection. Then, receive the response info.
        // For PHP it is echo that sends it.
        // Loops seem to cause this to wait which means an array can be traversed
        // and the output could be written as a table, etc.
        if (this.readyState == 4 && this.status == 200) {
            // do something with the returned data
        }
    };
    // Step 3: Open connection
    // More or less, open a connection: @Params POST or GET, path to XML page or php script, set async t/f
    xhttp.open("GET", "process.php", true);
    // Step 4: Send the data and let server process it.
    //         After done processing it, onreadystatechange is triggered.
    xhttp.send();    // Start the process and send GET data


    //      For POST do and add these changes
    //  xhttp.open("POST", "process.php", true);
    // Used in POST to setup data types like JSON, XML, etc... MUST BE DONE AFTER OPEN
    // xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    // Example data structure for Sending POST with above RequestHeader. See that this mimics GET 
    // xhttp.send("fname=Henry&lname=Ford");
    // xhttp.sebnd(formData);  // Can use a string variable with formatted data structure instead

The above is the process. Here is what we setup in our scripts tag that’s in the head tag:

function getData(query) {
    if (query == "") {
        document.getElementById("dynDataField").innerHTML = "<p></p>";
        return;
    } else {
         var xhttp = new XMLHttpRequest();  // Create the xhttp object
         var formData = "dbQuery=" + query; // Our query being setup for processing
         // This is actually run after open and send are done
         xhttp.onreadystatechange = function() {
             if (this.readyState == 4 && this.status == 200) {
                 updatePage(this);  // Send the returned data to further process
             }
         };
         xhttp.open("POST", "process.php", true);  // Open the connection
         xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
         xhttp.send(formData);    // Start the process

    }
}

function updatePage(returnData) {
    // Get the echoed data and insert to div of dynDataField
    document.getElementById("dynDataField").innerHTML = returnData.responseText;
}

OK, so we have two functions here. One is for getting the data and the other inserts the results into our div. Get data checks to see if the input field is empty and if so leaves things as they are. If there is data in the field, it is then inserted into a variable “formData” and tied in with “dbQuery=”. This is what PHP will look at and use to insert into a database query. We then setup a statechange listener to wait for the server to finish processing the search and we send the result to the other function.

    After this setup part, we do the standard open process but use POST instead of GET. Then, we tell the server what kind of data this is. Recall, GET defines it for us but is limited and less secure while POST has more data formats and better security but we have to define it using the setrequestheader. We then send the data in its formatted string to the server for processing. This w3schools link has some more info about each part. In this instance, the PHP script transfers a string back to the requester. Note, we can transfer JSON, XML, and other data. But, a string or “responseText” is good for now.

Alright, all that’s left is to write our PHP script to process the search and our insert to table option.

PHP

Base PHP

    We have three core parts for the PHP project. We want to determine which form sent the POST. We then call one of two functions. One function will search the database. The other function will insert to the database.
Here is the basic setup:

<?php

// Retrieve data
function searchDB($QUERY) {
}

// Save new entry
function saveInfo($TITLE, $DATE, $INFOLINK) {
}

// Determin action
if(isset($_POST['saveInfo'])) {
    saveInfo($_POST["Title"], $_POST["Date"], $_POST["Link"]);
} elseif (isset($_POST['dbQuery'])) {
    searchDB($_POST['dbQuery']);
} else {
    echo "<h2 style='width:100%;background-color:#ff0000;color:#ffffff;text-align:center;'>Error! Illegal Access Method!</h2>";
}

?>

The part of interest here is the the determine action section. This is how we determine which function to call when a form is submitted or an AJAX call is made. If neither call the script, we drop an error and exit the script. We are simply checking if “saveInfo” or “dbQuery” are set. We then call the proper function and pass the data that is sent. Let’s now setup our search function.

Search Function

    As you might have seen, we are calling our search function “searchDB” and we are passing the “dbQuery” value to it.
So let’s see how we connect to the database and return data:

try {
    $serverPDO = new SQLite3('resources/server.db');
    $query = "SELECT * FROM Movies WHERE title LIKE '%" . $QUERY . "%' OR " .
                                         "date LIKE '%" . $QUERY . "%' OR " .
                                         "link LIKE '%" . $QUERY . "%'";
    $result = $serverPDO->query($query);

    while ($row = $result->fetchArray()) {
        echo "<div style='float: left;margin-left: 1em; margin-right: 1em;'>" .
             "<a href=" . $row["link"] ." target='blank'>" .
             "<img style='width:8em; height:10em;' src='" . $row["link"] . "'/></a><br/>" .
             "Title: " . $row["title"] .
             "<br/>Date: " . $row["date"] . "</div>";
    }

    if ($result->fetchArray() == 0) {
        echo "<div style='float:left;width:100%; background-color:pink;color:#ffffff;text-align:center;'>Nothing Found...</div>";
    } else {
        echo "<div style='float:left;margin-top:2em;width:100%; background-color:lightgreen;color:#ffffff;text-align:center;'>Search Completed...</div>";
    }
} catch (Exception $e) {
    echo "<h2 style='width:100%; background-color:ff0000;color:#ffffff;text-align:center;'>Error!</h2><br/>" . $e;
}

Let’s break this down. In our “searchDB” function, we have a try catch block that checks any exception that might occur. Technically, we really should be more specific to what exceptions might occur but for now, this will suffice. We try to create an SQLite3 database object and give it a local path name of “resources/server.db”. This is set to the “serverPDO” variable. We then create a “query” variable of type string that comprises of an SQL command that very broadly makes the database look at he table and see if any field matches the query. Please note, this is a very in-efficient way to do this as it looks at each field and then sees if any part is like the query both in upper, lower, and mixed casing. If we were being efficient, we’d base our queries on the columns and have either multiple input fields for the search with a “submit” button or use other techniques to keep the searches quick. Since this is a small database, performance isn’t poor and we can get away with this in a general context. Take note that the VALUES section is ordered just like we ordered it when we created the table columns.

    Anyway, we then execute the query and get the result set into the “result” variable. This is essentially a 2D array that comprises an array of result objects that then have an array of values for each object. This is why we use the while loop and access the “row” and then any values there in. We assign the values to a string formatted with HTML markup that is then echoed. After that, we echo whether we traversed an arrays by saying the search was or was not found.

    As I understand it, the “onreadystatechange” is triggered after the script is finished. So, all echos are collected by “onreadystatechange” and once the script sends an exit code the “onreadystatechange” sends what was echoed to whatever you setup to collect and parse the data.

Insert Function

    As you can tell, our insert function will take three paramets which are the title, date, and link.

if ($TITLE != "" && $DATE != "" && $INFOLINK != "") {
    try {
        $serverPDO = new SQLite3('resources/server.db');
        $command = "INSERT INTO Movies VALUES('" . $TITLE . "','" . $DATE . "','" . $INFOLINK . "')";
        $serverPDO->exec($command);

        echo "<h2 style='width:100%;background-color:#0000ff;color:#ffffff;text-align:center;'>Inserted to db...</h2><br/>" .
             "Title: " . $TITLE . "<br/>Date: " . $DATE . "<br/>Link: " . $INFOLINK;
    } catch (Exception $e) {
        echo "<h2 style='width:100%; background-color:ff0000;color:#ffffff;text-align:center;'>Error! Database Insert Failed...</h2><br/>" . $e;
    }
} else {
    echo "<h2 style='width:100%; background-color:ff0000;color:#ffffff;text-align:center;'>Error!</h2><br/>" .
         "<h3>A field is empty...</h3>" . $e;
}

Lets break this down. The first parts are pretty much the same as the search function with the exception of execute than query being the command. We also confirm that each field is filled and if not we generate an error HTML markup. We have a try catch block if they are filled. In the try section, we connect to the database. We create a “command” of type string that inserts the sent data from the form. We then echo a success or failure message. Take note that this insert process is not AJAX. Our page will redirect to the process.php file and the file will output HTML. I’m doing it this way to show you two ways of processing data and why AJAX is useful in that we aren’t being redirected. As you can see, it’s a much cleaner user experience to use AJAX and this PHP example shows why. You can change this to AJAX but I will leave that to you to figure out how.

Conclusion

Discussion

    We are DONE! Pat yourself on the back and get a cold beer or favorite beverage. You now have new possibilities available to you since you understand the basic concepts. Let’s do a quick recap and talk about pitfalls and the next steps one should take.

We start off by creating two files and one sub-folder. We then install our needed programs and a development environment. From there, we create our database in the sub-folder and the table in the database. It is important to recall that one of the fields is limited to a string size of 10. Anyway, we then entered some initial data so we could work with it after creating our code. After launching our PHP server, we create our initial HTML markup and talk about what we will do next. Next, we create our AJAX search script that checks against empties and so on. Since the HTML is done, we move on to the PHP. In the PHP, we check what’s sending the request and determine the necessary action from the POST data. We create our two functions and their logic which get called after the initial checks. Once the script exits, our AJAX sees this and we end the data to a function that then inserts the data to a div tag OR we get an HTML output in the case of the data insert form. We then drink our beverage and think about pitfalls and the next project we will do based off the work done here.

Pitfalls

    The first massive pitfall is that we aren’t sanitizing our data. NEVER do a production project without cleaning input data! I skipped it here because I’m lazy and this article would get longer than I want it to. It can be pretty easy to do though since there are libraries out there one can use. You should use a JavaScript library or your own scripts to check the input. I recommend checking through the server too but the JavaScript should get most issues.

    The next pitfall is that we aren’t checking the length of the date field. This can be done through JavaScript too and PHP can cover the process too. So, this would be one of the next steps to do as well as the above input sanitation.

    The next pitfall is that the search function implements a poor query structure. I mentioned this before but we are collating things to keep in mind so I mention it here too.

    I’m sure there are some other things of note but these three are the biggies. Let’s look at what our next steps might be with such a project.

Next Steps

    Here are some next steps to consider.

  • New Projects:
    • Use cookies to create a login system and account control to then access or create users for the database.
    • Use cookies and AJAX to create a tracking system that’ll insert data to the database about links clicked.
    • Create a meta search engine.
    • Create a password manager..
  • Improve Current Project:
    • Sanitize input fields to avoid exploits and future errors.
    • Implement a date field length check.
    • Make a better search system.

Result Images

ajax and php result
ajax and php result
ajax and php result 2
ajax and php result 2
error handling
error handling
error handling 2
error handling 2

db insert
db insert
The Best Linux, Unix, and BSD Open Source Programs

The Best Linux, Unix, and BSD Open Source Programs

Linux Apps

    It’s sometimes hard for me to believe that I’ve been using Linux for well over 6 years. In that time, I have steeped myself in the open source way and used and created many programs for different projects. I am sharing this with the world in hopes of guiding the new and old adopters of Linux, Unix, and BSD in finding wonderful applications that can get any project done. With old users, you might know of all of the ones mentioned here and disagree with my reasoning. Feel free to explain in the comments below and please provide an alternative! Note, I linked to the sites but you can download most of them through your package manager or getting a ppa as needed.

Graphics

     Let’s start off with the first group, graphics. We need the ability to edit images as they are an important part of our lives. If you are the goto family member who does all he home videos and web work for the family site, then you need these tools! Obviously, you could be an artiest or person who just wants to edit or create an image and these will help you too.

OK, so, the first three applications are probably not surprising to anyone who are new and old in the open source community. Gimp is the de facto choice to do ones image editing as it is the swiss army knife of image editors. It has a loooonnng history and is easily recommended. Next, Inkscape is a vector graphics editor and can be used to create or edit vector graphics. Illustrations, diagrams, line arts, charts, logos and complex paintings are but a few of the things one can do. It also makes up for Gimp’s lack of vector graphics editing options. Now, Darktable isn’t really an image editor but more a virtual darkroom to work with images and do color corrections. Still, it is a great tool for those editing raw photo files from a camera and then importing it to Gimp to finish with gusto. Once done editing images, we need an image viewer. I love Mirage as it fulfills my needs perfectly as an image viewer. It is lightweight and fast but has features for zooming, rotating, cropping and more. Last listed here is Gpick. I do web work and often need a particular color that a page is using. Gpick gets the color info on the screen for usage in other applications. This is great too for when using Gimp but it can’t select the color outside of its window.

Multimedia

    Next, we have multimedia programs. This section is clearly important so you can listen to music, view your videos, make videos, edit videos, and more.

OK, the first two are video players. SMPlayer is more a front end for Mplayer but Mplayer is my favorite player given it’s fast, has simple controls, and it plays plethora of video types. I add/mention VLC here because Mplayer doesn’t always have the ability to play the latest and greatest codec and VLC picks up the slack. After these two, OBS is listed because of the awesome ways to record the desktop. One can stream using it too but I use it to get quality recordings of the desktop to do tutorials with. Next to talk about is Blender. It is here for its Non-Linear Video Editor. The controls can be a steep learning curve to learn; but, once you master them, you can not only do video editing but 3D graphics stuff as well. It’s also the best editor for videos on *Nix systems as others tend to be iffy. Now, Deadbeef is indeed the best music player as it loves to state on its site. It plays all kinds of esoteric (PlayStation sound files for instance) and popular music types with great ease. Not only that, its user interface is dynamic and allows for you to setup the look of the player to your needs. Finally, the last two in the list are excellent audio controllers. The first is Alsamixer which is a graphical control interface through the terminal for the Alsa sound system. The second is Pavucontrol which controls the Pulseaudio sound system through its GTK interface.

Internet/Network Tools

    In the next group, we have Internet and network programs. This section is clearly important for the fact that we are an interconnected world. To have tools for the Internet is important in order to access it, use it, and maintain it.

OK, Firefox is a no brainer; though, I have less appreciation for it today than I have had before. It mostly comes down to their new plugin system, the weird applications they ship it with, and the loss of some tools that are near and dear to my heart such as Tabgroups. Anyways, it still is the best browser out there. Now, XChat is great for connecting to IRC channels (chat rooms) and even has a built in list of rooms to connect to. The next to talk about is Qbittorrent. It is a phenomenal torrent client that allows you to search databases from it and it has an excellent interface that is superior to Transmission. Now, Filezilla is great for getting files from different computers using FTP, SFTP, and other protocols. It has a great user interface as well that makes remote file access a breeze.

    It’s worth mentioning that the next few program we are mentioning gets us into territory that depends on the user. You may not need these programs and so it will dictate if you should download them or not. To start, Wireshark for instance is a network monitoring/capture tool. I use it for several projects but if you aren’t doing anything with networks, you likely wont need it. That being said, EtherApe is similar to Wireshark but only in that it can monitor your network. It is cool even if you don’t necessarily need it because it gives a graphical view of the network connections you are making and how much data you are sending. Last, Remmina is useful if you need to remote into computers and need a graphical connection. It has varying connection options such as ssh, RDP, and more.

Office

    This group covers office tools of which there aren’t many per say. Office work is of course a necessary evil in the world; but, you don’t have to use horrible tools too.

OK, other than Microsoft Word, the only contender for handling documents is Libreoffice. Period. As for Evince, it is the best PDF viewer out there and I’ve tried every one of them and continue to come back to it. For dictionaries, you really only have two options to chose from. The first is Google and the second it Xfce4 Dictionary. I keep Xfce4 Dictionary just in case I lose Internet access and need to look something up. Finally, using VYM depends on you. I like visualizing my logic and VYM helps me do just that.

Gaming

    Games. What’s there to say? It’s games….

OK, yes, Steam is present. It’s not open source but it’s the only exception to the list I’ve made. Next up, PlayOnLinux (PoL). It can be used for more than games but I think it’s safe to say it’s the biggest reason for using it. They may disagree and you might too but you and them are totally wrong…. I am joking but it is pretty true that the biggest reason to use PoL is for the games. Now, DOSBox will get the old but good games playing if you are a connoisseur of such antiquities. It’s the only emulator out there that I am aware of that targets old systems. Next, everything after DOSBox and before QJoypad are games worth downloading that are free and open source. Goodies like Freedoom and my favorite to this day, The Battle for Wesnoth, are listed. Last is QJoypad. I highly recommend this program to get your controllers working. Go to the site to get the latest version as the repos tend to be older.

Tools/Other

    The final group listed here covers tools and other programs. System cleaning, virtualization, and more is l;isted here.

Finally, we reach the end of our list of great apps! This section has a number of useful tools such a Virtualbox which will let you run virtual machines. From there, we have Gparted which manages partitions. Bleachbit and Gtkorphan keep the system clean while MidnightCommander is a great terminal file viewer. Gdebi is an excelent graphical interface to install deb packages and Htop views system resource usage from the terminal. Leafpad is a fast and small text editor to make quick changes to text files while Atom will allow for heavy lifting edits such as coding. Terminator is a great terminal that allows for multi-pane views, transparent background, and more. Next, Gufw is a great interface for managing firewall rules and Ghex lets you view hex files and edit them. Last is one of my creations, FXWinWrap. It is a front end for XWinWrap and makes it easier to set the various perameters.

Well, this complets my list for awesome programs one can use in *Nix like systems. This list is by no means complete but makes a great start. I mentioned web work and one of the tiools I use. Another tool I use is wordpress-cli which helps me manage WordPress through the terminal than the WordPress interface. Linked below is my review for it.


https://www.itdominator.com/wordpress-cli/

Wordpress CLI

W3C Killed Web Security

W3C Killed Web Security

W3C Logo
W3C Logo

    It’s a sad day folks…. The W3C killed web security by accepting DRM without having a caveat that protects against DMCA’s (Digital Millennium Copyright Act) unreasonable reach. Security researchers are out; hackers are in. While I am sure that most users believe that companies and creators have the right to protect their IP (Intellectual Property), I am also sure they believe in having strong security and a reasonable right to use their purchased product in whatever manner they see fit. With the web, it was a last bastion that held to those principles. It was killed both brutally and without much compunction by W3C and its corporate backers in a vain attempt to stem the tide of piracy and illegal copying.

    Let’s be clear here for a moment about the current problem. I don’t have an issue with DRM. I don’t agree with it all the time but neither do I disagree with it all the time. No, the issue is with DMCA and it’s unreasonable reach in trying and failing to protect DRM. There are two sections in the DMCA that are of great interest. The core section I am referring to is Section 1201: Circumvention of copyright protection systems.

    Section 1201 affects the web and all technologies the most and is why it is a sad day for the internet. The EFF letter to W3C addresses some of the concerns regarding Section 1201 in its implementation in web technologies.
Here are some of the critical points they made when hoping W3C would add a pretext for accepting DRM standards.

    “This covenant would allow the W3C’s large corporate members to enforce their copyrights. Indeed, it kept intact every legal right to which entertainment companies, DRM vendors, and their business partners can otherwise lay claim. The compromise merely restricted their ability to use the W3C’s DRM to shut down legitimate activities, like research and modifications, that required circumvention of DRM….
    More directly, such a covenant would have helped protect the key stakeholders, present and future, who both depend on the openness of the Web, and who actively work to protect its safety and universality. It would offer some legal clarity for those who bypass DRM to engage in security research to find defects that would endanger billions of web users; or who automate the creation of enhanced, accessible video for people with disabilities; or who archive the Web for posterity. It would help protect new market entrants intent on creating competitive, innovative products, unimagined by the vendors locking down web video.”

There is the crux of the issue and why W3C should have had clear stipulations for implementing DRM into web technologies. There really isn’t anything protecting the user and their right to circumvent DRM when it is not infringing the patent holder or IP source. Security experts are now in a quasi grey area where their work is to determine vulnerabilities but they are violating DMCA. This helps no one but the bad guys and that is just sad in the day and age where billions of users need strong security the most.

    In addition, we don’t know who did and didn’t vote in favor of the implementation of a DRM standard. The votes are secret and that should disturb us even more than the terrible overreach of DMCA’s rules. It is worth noting that W3C’s member votes aren’t always public and by default one must opt-in for public disclosure of said vote. For an organization that affects our lives, to not have public disclosure of votes by default and as enforced practice is egregious. We all know why this is the case though. Companies don’t want to look like the bad guys even when they are. So they hide in anonymity as we all are left to hang by their terrible decisions. We can make some guesses as to who voted for the standardization but don’t know who else are their accomplices. Essentially, a private group gets to affect our lives without us holding them accountable. In addition, their votes wont stop piracy or illegal copying. So all in all, they hurt themselves as well as us with nothing to show for it but the further stripping of our rights.

    While it all looks bad, there are bright spots. The US government is looking to open source its code base as much as it reasonably can. Maybe they’ll step in and decide obtrusive DRM and its protective DMCA rules are too powerful. If interested in some of their projects, check out my article covering some of the best packages released to date.

Code.gov

Code.gov

Picture of code dot gov slogan
Code.gov

    I just wanted to make a shout out to Code.gov and the work they do. If one isn’t sure of who or what they are they are the US government’s team working to opensource the code used by the government’s agencies. This post comes on the heals of an email I received from their mailing list which reminded me of their transition to open source their code. I can’t think of any better way to express democracy than through opening up a sizable chunk of ones code base.

Here are 5 projects to keep an eye on


5 — Consumer Financial Protection Bureau’s Owning a Home Project

    Hey, getting a home isn’t always easy but it can be with these tools provided by Consumer Financial Protection Bureau and its Owning a Home project. Everything is looked at from loan options, terminology, and costs.

Link: https://github.com/cfpb/owning-a-home

4 — National Archives and Records Administration’s File Analyzer Project

    So, this project came to my attention because I am programming a CSV file viewer. I’m considering other functions for my application and this file analyzer just might be the thing to give it a cool boost. It says that each file test generates a table of results and that is useful given my CSV viewer dumps a csv file into a GUI table view.

Link: https://github.com/usnationalarchives/File-Analyzer

3 — Department of Agriculture’s RIBD Project

    Ahh leisure…. Who doesn’t want to enjoy time off at beautiful federal lands, historic sites, museums, and/or other attractions?
According to their site, the “Recreation Information Database (RIDB) provides data resources to citizens, offering a single point of access to information about recreational opportunities nationwide.”

Link: https://usda.github.io/RIDB/

2 — NSA’s Unfetter Project

    When not spying on us and the world, the NSA is helping us secure our data by giving tools that analyze gaps in our security posture.

Link: https://iadgov.github.io/unfetter/

1 — NASA’s 3D Resources

    I am a big fan of space and even bigger fan of making beautiful Blender renders. NASA’s 3D model collection is huge and gives great assets to space fans and art lovers alike to play with.

Link: https://github.com/nasa/NASA-3D-Resources

Top Resources For Distro Maintainers

Top Resources For Distro Maintainers

Distro Maintainer
Distro Maintainers looking serious….

    There are great resources for a Linux distribution maintainer and here are a few of my favorite. Most sources are geared towards Ubuntu based systems but a few like the Themes and Window Managers links are more or less universal.

Window Managers

The first site deals with the plethora of window managers that are out there. XWinMan lists many managers ranging from session and full desktop managers to just the bare windows themselves. There are some that are deprecated so be weary; but, it still has many that are not!
              Link:  http://www.xwinman.org/

Source List Generator

The next is a site that generates source list files for Ubuntu. This is really awesome for a number of reasons but the biggest for me is recovering from a bad dependency hell scenario. While it is rare, it is something that a maintainer and even a user needs to be aware of. Adding too many PPAs (which generally isn’t recommended) can cause loops and other strange and unexpected behavior from a package manager. In addition, the generator gives PPA info on a number of popular software this is not necessarily shipped with the system. It is well worth keeping in ones developer/user arsenal.
              Link:  https://repogen.simplylinux.ch/index.php

Themes

This third link deals with themes, icons, backgrounds, etc. Who doesn’t like themes? Anyway, it has many of these to spruce up the system and make it less boring. I started using Gnome-Look early on in my Linux experience and it has yet to fail to find me something cool or aesthetically pleasing.
              Link:  http://www.gnome-look.org/

Debootstrap Versions

This fourth link is geared towards building a Debian based distribution. Debootstrap is a great peace of software but needs the PPAs of the system it will setup in a subdirectory of ones system. This links provides the needed information.
              Link:  http://packages.ubuntu.com/search?keywords=debootstrap&searchon=names&suite=all&section=all

Ubuntu-Mini-Remix

This fifth link goes to a website that has minified Ubuntu ISOs. These are phenomenal for creating new distributions from pretty much scratch. It isn’t LFS kinda scratch but it’s as close as it’s likely to get.
              Link:  http://www.ubuntu-mini-remix.org/

Chrooting in and building up is the best way to do this. I have a video of the steps too:

Package List

This last link is great for doing source compiling. This can be used to find the install name of a package when an error output doesn’t give much of a hint. I must admit I only just recently heard of this page after attempting to compile a installer package. Going to the IRC of the developer was where I learned of this. It’s a bit embarrassing for not having known of this given how long I’ve been using various *nix systems. Still, I guess the old adage, “you can’t teach an old dog new tricks”, is proven wrong.
              Link:  http://packages.ubuntu.com/

Quick Test Server

Quick Test Server

Server

    There are times when I need a server in order to test some feature or bit of code. I don’t like spooling up a Linux, Apache, Mysql, and PHP (LAMP) or Linux, Nginx, Mysql, and PHP (LEMP) stack because it’s tedious. Notice what I did there? I made the whole sentence tedious to get you to think it really is tedious. It really isn’t but frankly, I needed a reason to write this. Anyway, so, what is one to do? Well, there are two option that come to mind and those are Python, Php, or Netcat. One might ask, “Whaaat? Rly?” Yup. Really. All one needs to do is open up a terminal/cli and get ta hackin.

    Python call up the Python module SimpleHTTPServer using the switch -m and then give it a port. Make the port greater than 1024 since those are reserved and require root to use. BAM! Open your browser of poison and go to localhost:portNumber or 127.0.0.1:portNumber.

Python Server

python -m SimpleHTTPServer 1337

I did not need to insert any index.html files to the directory. Python automatically gives a list of the directory contents when no index file is found. As a side note, Python doesn’t seem to read Php properly. I have yet to get it to work.

    For Php all one does is use the switch -S and then give it an address (127.0.0.1) and port. Again, make the port greater than 1024 since those are reserved and require root to use. BAM! Once more, open your browser of poison and go to localhost:portNumber or 127.0.0.1:portNumber.

Php Server

php -S 127.0.0.1:1337

It is worth noting that with Php I had to insert an index.php file into the directory I ran the command from. It doesn’t generate any list but does throw an error when no index is found. Additionally, this method seems to only work with Php files. To test if the Php server works, simply insert in the index.php :

<?php
    phpinfo();
?>

    For the last one we will look at Netcat. Netcat is the swiss army knife of the networking tools and has an interesting way of creating a kind of server. To start off, simply create a file called serve.sh. The name is arbitrary but that’s what we will use for this example. Then, in the file add

Netcat Server

#!/bin/bash

    echo "`cat index.html`"

When this is done, simply create an index.html as you would any other. In my case, I did:

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <title>Google Link</title>
</head>
<body>
    <h1><a href="http://www.google.com">Google</a></h1>
</body>
</html>

After all this prep, which isn’t much we simply run in the terminal where serve.sh and index.html is:

while true; \
do { \
    echo -e 'HTTP/1.1 200 OK\r\n'; sh serve.sh; \
} | nc -l 1337; \
done

One might need to press enter again to actually run it because of the \’s stating “look to next line for rest of command”. One can also just remove the \’s and put the whole command like so:

while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; sh serve.sh; } | nc -l 1337; done

One can use Php with this by the way. All one does is rename index.html to index.php. Then one adds some code like in the Php example above. After that, in the serve.sh, edit the cat index.php to be php index.php. This has Php interpret the file which then has its output gets echoed back to the requester.
All of this needs some explaining. So what is happening is that the while loop is checking to see if there is anything left to run. Note that the first part before the semicolon tells the browser that there is a server where one requested one. IE, it confirms the request. Then, the serve.sh is ran. In serve.sh it echos out what cat prints from index.html or what Php prints from index.php. This is essentially sent as the file back to the requester. Thus, we can see the h1 sized Google anchor link in this example.

    Voila! A nice juicy server is ready for use in any project that needs one. If one is adventurous, one can use these simple servers to serve files on the local network. To do this, all you have to do is allow the port to accept connections using UFW and then change the address “127.0.0.1” to “0.0.0.0”. This isn’t recommended for long term use but can be useful when needing to transfer something or using an app that’s for the local network. Even then, one might be better off just using ssh or email! Still, in those rare times, all one does is allow the port to be open by using ufw.

ufw allow portNumber/tcp

To remove the rule:

ufw status numbered
ufw delete "the number associated with ones portNumber"
ITDominator’s Github Projects

ITDominator’s Github Projects

Github:
Github Cat Image
    This is my Github account. I have accumulated a good number of programs and repositories over the years. Though, much of it has now been setup in an archive repository since I no longer support the code. The ones not in the archive are my active projects and represent my current skill level barring proper try/catch handling which I am too lazy to implement at this time. Otherwise, they are my projects to improve my coding skills.

    PS – Yes, not all (probably most) properly meet OOP standards. This is a personal choice since I don’t want to create a number of files just to have code split up properly. One controller file suits my needs just fine at this time. Though, one or two will eventually get refactored and setup to meet OOP standards.

Redirect

ITDominator’s Youtube Channel

ITDominator’s Youtube Channel

Youtube Channel:

    Linked is my Youtube Channel. At the inception of this post and following my need to switch accounts in order to unify my brand, I am pretty much back to zero subscribers. Starting new yet with more knowledge is invigorating and terrifying all at the same time. I hope you dear follower will find something useful or amusing from my humble collection of videos. I cover a lot but like to focus on C, C++, Java, JavaFX, Bash, Python, Blender, Gaming, and a whole lot of other topics.

Redirect