A brand new Scottish Borders Tourism Portal web site has been launched in the Scottish Borders, by the Scottish Borders, for the Scottish Borders. This site is designed as a web based magazine for anybody planning a holiday to the Borders. It is constantly updated with articles on History, Castles, Outdoor persuits, Events calander, everything to do with the Borders.
It also has listings and advertising for any small business in the Scottish Borders, mainly in the Scottish Borders Tourism sector where Hotels, B&Bs, Holiday cottages can advertise for a minimal fee.
This site is fantastic, see it at Scottish Borders Tourism
[ add comment ] ( 18 views ) | [ 0 trackbacks ] | permalink |
( 3.6 / 25 )Looking for a good Pajero owners club? www.pajerouk.co.uk is excellent very friendly and you'll get some great advice.
The Mitsubishi Pajero Owners Club was founded in 2004 for owners of Mitsubishi's renowned Pajero 4x4,(marketed in the UK as Shogun and as Montero in the US and Spain).
The aims of the club are:
* To promote Pajero ownership to potential owners.
* To help others through shared knowledge and experience.
* To save members money by negotiating discounts with suppliers.
The Mitsubishi Pajero Owners Club is a friendly blend of internet forum and regular 'real world' events.
We welcome new owners, international members, off road enthusiasts, caravaners,
and those for whom their Pajero is simply the ideal choice of family car.
Pajero UK is not a commercial venture. Costs are met from contributions, advertising, and commissions with some left over for events equipment.
[ add comment ] ( 113 views ) | [ 0 trackbacks ] | permalink |
( 2.7 / 33 )PHP is simultaneously the most infuriating and joyful languages I’ve ever worked with. I say “infuriating” primarily because the function names are so inconsistant. Despite the fact that I use it almost everyday, I still have to think to myself “Is it str_pos or strpos? str_split or strsplit?” On the other hand, occasionally I’ll stumble across a gem that perfectly solves the problem at hand with a single line of code.
Here’s a short list of cool features that might have slipped under your radar as well:
1. Use ip2long() and long2ip() to store IP addresses as integers instead of strings in a database. This will reduce the storage space by almost a factor of four (15 bytes for char(15) vs. 4 bytes for the integer), make it easier to calculate whether a certain address falls within a range, and speed-up searches and sorts (sometimes by quite a bit).
2. Partially validate email addresses by checking that the domain name exists with checkdnsrr(). This built-in function checks to ensure that a specified domain name resolves to an IP address. A simple user-defined function that builds on checkdnsrr() to partially valid email addresses can be found in the user comments section in the PHP docs. This is handy for catching those occasional folks who think their email address is ‘joeuser@wwwphp.net’ instead of ‘joeuser@php.net’.
3. If you’re using PHP 5 with MySQL 4.1 or above, consider ditching the mysql_* functions for the improved mysqli_* functions. One nice feature is that you can use prepared statements, which may speed up queries if you maintain a database-intensive website. Some benchmarks.
Learn to love the ternary operator.
4. If you get the feeling that you might be reinventing the wheel during a project, check PEAR before you write another line. PEAR is a great resource that many PHP developers are aware of, yet many more are not. It’s an online repository containing over 400 reusable snippets that can be dropped right into your PHP application. Unless your project is trully unique, you ought to be able to find a PEAR package that saves at least a little time. (Also see PECL)
5. Automatically print a nicely formatted copy of a page’s source code with highlight_file().This function is handy for when you need to ask for some assistance with a script in a messageboard, IRC, etc. Obviously, some care must be taken not to accidently show your source when it contains DB connection information, passwords, etc.
6. Prevent potentially sensitive error messages from being shown to users with the error_reporting(0) function. Ideally error reporting should be completely disabled on a production server from within php.ini. However if you’re on a shared webhost and you aren’t given your own php.ini, then your best bet is to add error_reporting(0); as the first line in each of your scripts (or use it with require_once().) This will prevent potentially sensitive SQL queries and path names from being displayed if things go away.
7. Use gzcompress() and gzuncompress() to transparently compress/decompress large strings before storing them in a database. These built-in functions use the gzip algorithm and can compress plaintext up to 90%. I use these functions almost everytime I read/write to a BLOB field within PHP. The only exception is when I need full text indexing capabilities.
8. Return multiple values from a function with “by reference” parameters. Like the ternary operator, most PHP developers who come from a more formalized programming background already know this one. However, those who’s background is more HTML than Pascal, probably have wondered at one time “how do I get multiple values back from a function I wrote, even though I can only use one return value?” The answer is that you precede a variable with “&” and use it “by reference” instead of “by value” or copy all the variables into an array and return the array.
9. Fully understand “magic quotes” and the dangers of SQL injection. I’m hoping that most developers reading this are already familiar with SQL injection. However, I list it here because it’s absolutely critical to understand. If you’ve never heard the term before, spend the entire rest of the day googling and reading.
[ add comment ] ( 129 views ) | [ 0 trackbacks ] | permalink |
( 2.9 / 32 )Reset Folder View Settings :
1. Open the Start Menu.
2. In the white line (Start Search) area, type regedit and press Enter.
3. Click Continue for UAC prompt.
4. In regedit, go to:
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags
5. In the left pane, right click on Bags, and click Delete.
6. Click Yes to the confirmation pop-up window.
7. In regedit, go to:
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
8. In the left pane, right click on BagMRU and click Delete.
9. Click Yes to confirmation pop-up window.
Increase Folder View Cache Memory :
NOTE: This will increase the amount of folders to be remembered for changes to the folder view settings.
OPTION: This is a optional step, but the increase will help ensure that Vista does not forget. Steps 1-9 must be done first before you do this section. If you decide to skip it, them go to step 13.
10. In regedit, go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell
11. In the right pane, right click on BagMRU Size.
23. Click Modify.
12. Dot the Decimal and type 20000 (folders) and click OK.
NOTE: 5000 is the default number of folders to be remembered.
[ add comment ] ( 98 views ) | [ 0 trackbacks ] | permalink |
( 3 / 41 )Spam has some things in common with other human activities and transactions. There is a sender and a receiver, each with different preferences and priorities. The sender hopes to use the spam as an advertisement for goods and services, and as with all advertising projects, there is a cost and a return. If no recipients ever responded to spam, it would die out in a fortnight — but there is always someone, brain-damaged or pathological, who responds to spam advertising. And the unit cost for spam is very low, so low that one can send out 100,000 spam messages, get only a few responses, and still make a profit.
One way to fight spam is to raise the unit cost per spam message. But since the advent of botnets, unit cost has gone down. Before botnets, spammers had to pay a server operator for the direct costs for the bandwidth used by the spam traffic, as well as some legal costs incurred by operating an illegal enterprise out of a legal server. This means a botnet — a sub rosa network constructed out of many poorly defended home computers, without the knowledge of the computers' owners — can solve both the legal and unit cost problems. There are no ongoing unit costs if the spammer owns the botnet, and only small costs to create the botnet in the first place, and because the spammer's identity is concealed along with the botnet, the legal issue is moot.
Now for the recipient of spam. Spam blocking and filtering has had a short, depressing history. At first, spammers used normal, centralized servers, so it was a simple matter to block all packets arriving from that server. Sometimes a spammer would acquire an account under false pretenses and commence spamming, which might cause all traffic from that server to be blocked, which would hasten the spammer's departure. Sometimes a spammer would sign up for a 30-day free trial subscription at a large end-user service like AOL, using a false name, address, and credit card number if required, and spam until the account was shut down. Companies like AOL quickly realized what was going on and closed this loophole.
Spam filtering relies on methods that examine the e-mail header information, the subject line, and the content. Unfortunately, all of these can be faked. There was until recently some hope that by examining the message body, a spam filter could detect "organ enlargement" and similar terms and filter on that basis. The spammers have solved this problem by putting a graphic image where the text used to be. Images are more difficult and costly for a machine to convert into readable form, there is a lot of spam traffic, consequently this class of spam goes unexamined.
The summary of this issue from the recipient's perspective is that modern spam messages don't have to betray themselves by way of origin, return address, subject line, or message body. Put simply and directly, it is impossible to use filtering methods to stop spam. Any filtering methods, any established criteria, will be adapted to by the spammers.
There is a filtering scheme that relies on validation. It works like this: on receiving a message, an e-mail program automatically sends out a validation post to the message's return address. The idea is that the sender has to reply to the validating post in order for the original message to be delivered to its recipient. The flaws in this scheme are so numerous that it can only be adopted by one of two classes of Internet user — persons "of diminished intellectual capacity" and narcissists. The first group would not be able to think through what would happen if two validating-account people tried to contact each other:
* Person A posts a message to person B.
* Person B's e-mail program automatically sends a validating message to person A.
* On receipt of B's validating message, A's program sends a validating message to validate B's validating message.
* On receipt of B's message to validate A's validating message ... ad infinitum.
Someone will undoubtedly reply, "Oh, these validating programs solve the infinite-loop problem by automatically accepting a validating message without challenge." At which point I would say that the spammers now send out messages that look just like validating messages, thus destroying the entire method.
This validating scheme, with the glaring defect diagrammed above, is perfect for narcissists, because after all, they are the only important person on the planet. True to their status as narcissists, they won't consider the possibility that someone else might adopt the same strategy, because no one else really exists, or if they have the temerity to exist, they don't count (read more on narcissists here). Actually, now that I think about it, adopting this validating scheme is as clear an indicator of clinical narcissism as owning a leaf blower (you know — instead of raking your own leaves, just blow them into your neighbor's yard. After all, he isn't a real person, he won't mind the leaves).
Now we turn to what is advertised in spam. Typically it is something no one would pay to have advertised, or it is something so obviously worthless or illegal that normal advertising channels are closed. The problem with advertising something illegal is that, in order for the message to serve any purpose, it must reveal the vendor's identity and contact information. This problem is often circumvented by locating the vendor in a country willing to tolerate anything.
There has been a recent surge in penny-stock scams, a practice known as "pump and dump". The perpetrator acquires a position in some worthless stock, then advertises the stock in a spam mass mailing, then, when the stock price has peaked, sells his position. This kind of scheme relies on a level of public stupidity that is a bit difficult to imagine, but, since it works over and over again, it must be true — people really do receive spam e-mails and then rush out to buy the stocks they advertise.
Then there are "phishing" spam mails. These pretend to be legitimate contacts from banks or credit institutions asking for validation of account numbers, passwords, and social security numbers. Some direct you to a Web page crafted to look exactly like a legitimate site, this helps the credibility issue along. And in this case, the victims are not necessarily stupid people — many intelligent, educated, cautious people have been taken in by this class of scam, simply because they weren't sufficiently skeptical or paranoid.
It requires a certain, perverse kind of alertness and discipline to survive the modern Internet, and being taken in by the cleverer scams is not necessarily an indictment of one's intelligence. I'd like to prove this to you with an example (please do not read ahead, that would spoil it). Here goes:
* On May first, you receive a letter from a financial advisor who wants your business. He makes a remarkable claim — he says he will correctly predict the direction of the Dow-Jones average for the next six months. He says you will receive a letter at the beginning of each month, and it will accurately predict whether the DJIA will rise or fall in the subsequent month. He wants your business, and he has decided to prove his value to you by making this run of predictions.
* For six months straight, to your shock, the financial wizard correctly predicts the direction of the Dow-Jones average for the following month. He is never wrong, and his mail arrives at such a time that you realize you could have acted on his advice and made a real killing in equities.
* On October first, the wizard makes his final prediction and points out — correctly — that he has never been wrong, and that you could have gotten way ahead of the average investor by following his advice.
* You sit in shock, looking at the letter. The wizard really did predict the market for six months straight. You really would have made a lot of money by acting on his predictions. He must be for real.
In fact, as convincing as this might be, it's a scam. To uncover how this scam works, being able to think is not enough. One must think in a different way — more skeptical and suspicious than most people are. Here is how this well-known scam works:
1. The "wizard" acquires a big collection of addresses (e-mail, conventional, doesn't matter), the bigger the better.
2. Each month, the "wizard" splits the list of addresses in two and mails a different message to each group. To group A, he says the market will rise. To group B, he says it will fall.
3. At the end of the month, the wizard discards the addresses that got an incorrect prediction, splits the remaining addresses in two, and mails another prediction as in step 2 above.
4. At the end of six months, the "wizard" has a list of prospects, each of which has received a seemingly miraculous run of correct market predictions. These are hot prospects and some of them are going to beg the "wizard" to take their money.
Now that you've read the explanation, I should add that there are any number of similar scams, scams that rely on the credulousness and basic honesty of the average person. Now think — if you had received the six amazing letters, what would you have done? Would you have been skeptical and guarded enough to see through it?
[ add comment ] ( 42 views ) | [ 0 trackbacks ] | permalink |
( 2.8 / 50 )Computer software pathogens come in several varieties — viruses, worms and Trojans, to name a few. A virus, so defined because like its biological counterpart it attaches itself to, and depends on, a living organism (a computer program) for support, tries to insinuate itself into a computer, replicates there by attaching itself to as many programs as possible, and optionally propagates across any available network connection to other machines.
Worms behave much as viruses do, with the distinction that a worm is self-sufficient — it doesn't need to attach itself to a program, because it is a program. A "Trojan horse" or "Trojan" differs from a worm in that it arrives in disguised form, as part of a legitimate program or group of programs, and tries to remain undetected.
These pathogens have several purposes. One purpose might be to record the computer owner's keystrokes (this is called a "keylogger") and send them to a remote location for exploitation. A keylogger is a very high security threat, because the owner may enter sensitive personal information as bank account data and social security number, all forwarded to a criminal. Some people have the idea that, if a Web browser shows that it is visiting a secure Web site (signified by the appearance of a padlock) that what one types is therefore secure. But if a computer has been infected with a keylogger, all personal information must be assumed to be compromised, regardless of the nature of the transaction.
Another purpose for infecting a machine is to turn it into a spam server, a "bot" in a "botnet". In this case, the pathogen awaits instructions from a central control point (often an IRC posting is used to instruct the bot cells), and then acts in concert with many other machines according to the broadcast instructions. One purpose for a botnet is to deliver spam in a way that is impossible to control (because each bot in the botnet has a separate address, so address filtering fails). Another purpose is to take part in a DDOS — a Distributed Denial of Service attack. A DDOS attack is a concerted effort to overwhelm a server with malformed packets, packets that have no legitimate purpose, that have been crafted to use up as much server time as possible. A concerted DDOS attack can absorb a server's entire capacity and make it invisible to its legitimate users — for the duration of the attack, the server might as well not exist.
DDOS attacks are sometimes carried out as part of a ransom scheme — "pay up or we'll keep you off the Internet" — or to try to silence critical voices, or to punish enemies of the "bot-herder", the controller of the botnet. Because a DDOS attack arrives from independent servers (and addresses) all over the world, and not unlike the spam scheme described above, it is not possible to control by address filtering. It is this sort of activity — cheap threats and big rewards — that attracts the attention of criminals, and that makes the Internet a haven for gangsters.
[ add comment ] ( 49 views ) | [ 0 trackbacks ] | permalink |
( 3.4 / 51 )Microsoft Windows is by general agreement the worst operating system presently available. According to insider accounts, it is written by a loose gaggle of undisciplined "cowboy coders" whose individual contributions are knit together into an incoherent whole, rather than being made part of a coordinated, internally consistent, large software project, such as one reads about in computer science textbooks.
At the time of writing, even Microsoft's advocates have come to realize that Windows is out of control and cannot be meaningfully improved or added to any longer — it is now too complex and disorganized to admit incremental improvements. As to Vista, the current Windows version coming to completion at the time of writing, Microsoft management was obliged to face reality and, one by one, abandon the primary goals of the project, because the software base is now too complex and disorganized, and the working style of the programmers is not disciplined enough.
Because of the near-universality and poor quality of Windows code, Windows machines have become a favorite target of hackers. It is relatively easy to break into a Windows machine, plant some parasitic software, and turn the machine into a slave, a "bot". If the machine happens to be connected to a high-speed Internet connection, it is in an ideal position to do the bidding of criminals, 24 hours per day, often without any hint to the owner that it has been taken over.
It is only fair to add that the other commonly available operating systems (Mac OS X and Linux) are probably equally vulnerable to attack, and the only reason there are not more attacks on those machines is because they are few in number — hackers don't waste their time coding for machines that only represent a few percent of the total PC market.
It is estimated that several hundred thousand Windows machines are infected at the time of writing, each serving as a cell, a "bot" in a "botnet", a network of slave machines waiting to do the bidding of criminals.
[ add comment ] ( 50 views ) | [ 0 trackbacks ] | permalink |
( 3 / 42 )If you are looking for a way to count the total number of times a specific value appears in array, use this function:
<?php
function array_value_count ($match, $array)
{
$count = 0;
foreach ($array as $key => $value)
{
if ($value == $match)
{
$count++;
}
}
return $count;
}
?>
This should really be a native function of PHP.
[ add comment ] ( 720 views ) | [ 0 trackbacks ] | permalink |
( 2.9 / 45 )
Calendar
