Category Archives: Python

The search for PHP IDEs

Posted on by
1

A short while ago I wrote about using Netbeans for my PHP development. I have been using it for a while until 1) the linux version of Netbeans begun hanging in mid code.

I got quickly tired of the inconsistencies between the windows versions and linux versions as I end up coding on both platforms.

Enter Aptana the IDE built specifically for dynamic scripted languages like PHP, ruby, python and such. Basically my neck of the woods. Aptana is about as heavy as netbeans as it is built on the eclipse platform. But the feature set in this IDE more than makes up for the weight of it.

It integrates nicely with my SSH, SVN, and FTP servers, which I basically need for my access, sync, and upload requirements respectively for most of my projects.

I am going to try this one out as well and see how it pans out. I am already impressed with it’s performance and feature set, so keep it tuned in for how it pans out.

My python scripts (1)

Posted on by
Reply

Recently I have had to do a few tasks that would have required a lot of man hours renaming files and creating xml documents.  First step was to remove any unwanted characters such as slashes quotes and so on.

print "Python script to clean up filenames removing any characters "
print "we do not want"
print "19 / 05 / 2009"
print "Arthur: K. Aning"
print " ------------------------------------- "
print
import os, time
unwantedchars = ("/","\\","'","\"") #you can always add to this list
directory = raw_input("What directory [eg: 'c:\\path\\to\\files']: ")
replacement = raw_input("Replacement Character? [default = ''] ")
for root, dirpath, fname in os.walk(directory):
    for files in fname:
        filepath = root+"\\"+files
        for char in unwantedchars:
            newfilename = files.replace(char, replacement)
        if(os.path.exists(filepath)):
            print "Renaming: "+newfilename
            #os.rename(filepath, newfilename)
            print "--------------------------------------------"
        else:
            print "did not find file: "+filepath
            print "skipping"
            time.sleep(0.5)

MySQL injection attacks

Posted on by
2

After my dissertation, on methods and tools for testing SOAP Based Web Services, I have been giving a lot of thought to SQL injection attacks obviously coming from a web application development background that is one of my pet peeves.

I have often used a recycled function to sanitise inputs from users before any database interaction is opened up and this has served me really well. It however only dawned on me, when it would be advisable to use this sanitation methods. For example when you need to register a user obviously you will need to sanitise inputs that will be stored in the database as plain text  such as user names, email addresses and the like (unless you’re uber paranoid where you will decide to [reversibly] encrypt all entries to the database), then you should not even be reading this post .

For simpletons like me however I have realised that is is not necessary to sanitise for SQL injections when storing passwords because I NEVER store passwords in plain text anyway. The necessity is removed because after the salt is retrieved from the hash (regardless of what algotrythm SHAx MDx Blowfish etc) the text is in no way close to what the plain text looks like so it would be a waste of time trying to do this.

Kudos to those who had already come to this realisation. It took me a while but I finally got there.