Older blog entries for mglazer (starting at number 387)

A easy way to prevent security hacks of web data submissions via POST || GET from flood requests or simple Ddos attacks is to use session based submission limits with time intervals.

if ( $_SESSION['count-atmps'] ) {

 	$_SESSION['count-atmps']++;

 } else {

 	$_SESSION['interval']	= time();

 	$_SESSION['count-atmps'] = 1;

 }

 if ($_SESSION['count-atmps'] >= 3 && ( time() - $_SESSION['interval'] ) < 100 ) {

 	die ( 'To many login attempts, come back later.' );

 } else {

 	if ( ( time() - $_SESSION['interval'] ) > 100 ) {

 		unset ( $_SESSION['count-atmps'] , $_SESSION['interval'] );

 	}


 }

The above allows for three attempts with a 100 second interval. So, after three attempts the user agent cannot attempt a submissions request again until the 100 second time interval mark has past then they are allowed three more attempts.

A good idea might be to increase the time interval by itself on each time interval unset. This would increase the time interval between allowed submissions attempts. The more the user attempts and is timed out the longer each timeout becomes. For instance, ($int_val+$int_val) = 200; or to grow exponentially you can multiply ($int_val*$int_val) = 10000;

You can of course increase the number of allowed attempts and the time interval. To be strict you can always at some point outright ban the IP from any future attempts.

After lots of testing and versions I am finally going to make an initial attempt at utilizing my Object Model Array (OMA) and a application controller I specifically wrote for generic web based administration UIs, in PHP of course!

The first use is a simple admin for my PHP replication of JSP call Xpc (eXtensible Page Creation).

This minimal web admin UI for Xpc will have a secure login, allow for the management of the URI object based templates (add, edt, delete...), and the management of the PHP class components (add, edt, delete...).

I'm sure you can imagine the OMA already:

XPC Management

Template Management

View All

View Selected

Edit Selected

Save Edit

As New

As Old

Component Management

View All

View Selected

Edit Selected

Save Edit

As New

As Old

The design will be one of these:

First Web Admin Shell UI

Second Web Admin Shell UI

The templating parser and other templating classes for the admin is new and it will not use the Xpc templating schema.

It will be using a much simpler template parser as well as its own template compiler, a template layout control class, a template sets (themes) class...

I also need to write a new compiler for the Document Objects in PHPortal. Document Objects use my same tag parser class as Xpc and the Method Object does but it uses different tools for interpretation. Since the Document is a Object contianer it can recursivley call other PHPortal URI objects, therefore its compiled state must keep that in mind as well as all of its other allowed tags, eegads!

As a matter of fact I will NOT be creating a Document Object compiler until all of its allowed functionality is slowly removed or simplified. As of now you can use Documents as templates, object containers and more, this is not good and most of this should be removed. It should not be allowed to contain template tags (meaning curly braces vars and dynamic macro blocks). Only a template object should. A Documetn Object should only allow and only interpret <XPC:VAR name="attr"/> and <XPC:ObjectName arg1name="arg1val" />. So, this last bit will be on the back burner for now.

Sidenote:

PHPortal now allow spaces in arguments and Object names to be called by Xpc reference tags inline by using the space urlencoding of 20%. Suits it well since PHPortal Objects are URIs. Except, calling them inline allows for greater flex.

Heres a noticable trend or action flow:

Create text Template, parse template, compile template, convert compiled template into binary, convert and execute binary. Thats alotta work but all are important stages.

Client Python UIs here I come!

Cool!

http://dev.4arrow.com.crazy.sytes.net/

- by http://crazy.sytes.net/

How can I copy and print a textual-selection quickly and with the paper size needed only for the textual selection such as a small quote?

You can copy and paste quickly but I can't copy and print quick enough such as copy and paste to my paper notebook.

Remember Brother P-touch? Those small lable printers?

So, imagine you can print a small selected text block to that exact paper size and easily paste it into your paper notepad.

Usefull right?

A small unix printer with varying label sizes that you can paste into your paper notepads based on whatever is currently selected in your computer.