Archive for January, 2008

1GB of Gmail

January 30th, 2008

I have just noticed that I have passed the monumental 1GB mark of email stored in my GMail account. I was invited to join the beta in August 2004 when this was the limit, and way more than other webmail services. Not long after it was upped to 2GB storage, and now with the Infinity+1 and other increases my available storage has risen to over 6.3GB. :-)

Beware of the trailing backslash

January 24th, 2008

I have been working on a pet PHP project that will be maintained by others who are not professional developers. They are intelligent people but are probably unaware of code and SQL injection, never mind know how to avoid it. As a result I have been encapsulating all the client interaction and a set of easy to understand libraries. It was while working on this I came across a scenario that I would not otherwise have come across, that being problems caused by a trailing backslash in an edit field.

Although a training backslash is rarely a problem nowadays as we have magic_quotes_gpc enabled by default on most new servers, there are occasions when you need to strip the slashes and encode as HTML using htmlspecialchars or the like. The problem is that if the last character is a backslash, and a string is appended to another (like when building an SQL query), then it will cause the first character in the appended string to be escaped.

Although the risk of attach is small as it would rely on two sets of data from the user being fed through, and the user knowing the order, it is still a risk, and an easy way to screw with a site.

As an experiment I decided to try screwing with some popular open source projects by ending my field values with a backslash, and guess what, on a small few it caused chaos. The common problem is that the server goes in to overdrive until it times out, that or you get back an interesting error message. If I have time I will look at the potability of using this as a way to inject my SQL, and then look at easy ways to fix it.

So, if you ever use stripslashes remember to think about the trailing backslash.

So long old DAB friends

January 10th, 2008

This is a quick post to mark the passing of DAB radio stations OnWord and Core.

Although I was not a regular listener to OnWord I was pleased it was there for others. I also coded some of the software that populated the OnWord EPG on Freeview so will loose that claim to fame.

Although not intended for me I did tune in and out of Core in the same way as I did many other stations, and I owe them a thank you for publicising my DAB Bar software on there DLS (scrolling text) message.

More background on this can be found in this article.

I need a new mobile

January 9th, 2008

Today I received a call on my mobile phone and it started to beep that the battery was flat. I was slightly surprised because it had been charging overnight. It appears that the fault is in the actual phone so I need a new one. :-(

So, I need some advice on what new phone to buy. Primarily it needs to be small, lightweight, and have a good battery life. It also needs to not be expensive if purchased without a contract. I do not need a camera in the phone as I carry one most of the time nowadays. Neither do I need any PDA like functionality, but a WAP browser is useful for some tasks. I also would really like it to have an easy to use keypad.

So have you any recommendations.