Abhishek Gupta

The Sun won’t set at NIT Durgapur !

Archive for April, 2009

Restart & Shutdown the PC with Twitter

Posted by abhiitechie on April 28, 2009

Last week a new Twitter based app called Tweet My PC was  released. This is a great app as you can Restart, Shutdown or Logoff your PC using your Twitter Account. This means that you don’t even need to be in front of your computer to switch it off. Just tweet from your mobile and your PC will shut down. We can even use this app to play pranks on other people by Shutting down or restarting their PC without their knowledge. Its totally upto you, how you would use this app.

The best thing about this app it that its very small, just 382 KB. So you don’t need to worry about it taking space and consuming the PC resources. When you install this app, it will appear in the system tray. You can see the Tweet My PC icon in the system tray. Just double click the icon to open it.

Try it out here http://www.cooltricksntips.com/2009/04/restart-n-shutdown-your-pc-with-twitter.html

Advertisements

Posted in Uncategorized | Tagged: , , , , , | 4 Comments »

Random notes

Posted by abhiitechie on April 28, 2009

  • Exams are over and its time to chillax .
  • Met some of the Final years and got some invaluable advice regarding career and future .
  • Downloaded about 6GB of Hollywood flicks for the holidays .
  • Planning to go home tomorrow in the evening by bus . 
  • Really sad about KKR’s performance .
  • Got the Sun Internship confirmed . Need to go to Bangalore on the 5th of May.

Posted in Personal, Uncategorized | Tagged: , , , , , , , , , , | Leave a Comment »

Download YouTube or Similar using Copy Paste

Posted by abhiitechie on April 27, 2009

 

We watch videos on YouTube, Google videos, and all those FLV powered video sharing portals. We all want to download it and save it for our later pleasure. Ofcourse, lots of desktop applications and command line utilities are available. But if we are on Linux we can have youtube videos with simple copy paste.

The video that you are currently viewing is on /tmp/Flashfoo (the foo can be any random string. After the video is completely buffered, we just have to copy the file to our local disk for persistent storage. That is it.

We can watch as many you want and copy them too. Each of the Flash* files have a unique random character string.

Posted in Personal, Uncategorized | Tagged: , , , , , , , , | 1 Comment »

Resetting password in MySQL when showing Permission denied

Posted by abhiitechie on April 27, 2009

mysql> CREATE DATABASE TEST;
ERROR 1044 (42000): Access denied for user ”@’localhost’ to database ‘TEST’

Stop the mysqld daemon process by 
$killall mysqld

Start the mysqld daemon process with the 
$mysqld –skip-grant-tables option.

Start the mysql client with the        
$mysql -u root option.

Execute the 
mysql>UPDATE mysql.user SET Password=PASSWORD(‘password’) WHERE   User=’root’;  
(say user can be abhishek and password can be abhishek)

Execute the command              

mysql>FLUSH PRIVILEGES;

After this start the MySQL client by $ mysql -u root -p 
Enter the newly set password and get down to the business.

Posted in mysql | Tagged: , , , , , , , , , , | Leave a Comment »

SQL injection vulnerabilities and how to overcome

Posted by abhiitechie on April 27, 2009

SQL injection vulnerabilities and how to overcome.

According to wiki SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

Let me give you an example of one of a very basic vulnerability.

Incorrectly filtered escape characters

This form of SQL injection occurs when user input is not filtered for escape characters and is then passed into a SQL statement. This results in the potential manipulation of the statements performed on the database by the end user of the application.
The following line of code illustrates this vulnerability:
statement = “SELECT * FROM users WHERE name = ‘” + userName + “‘;”
This SQL code is designed to pull up the records of the specified username from its table of users.
However, if the “userName” variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example, setting the “userName” variable as a’ or ‘t’=’t renders this SQL statement by the parent language:

SELECT * FROM users WHERE name = ‘a’ OR ‘t’=’t’;

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of ‘t’=’t’ is always true.

While most SQL Server implementations allow multiple statements to be executed with one call, some SQL APIs such as php’s mysql_query do not allow this for security reasons.

This prevents hackers from injecting entirely separate queries, but doesn’t stop them from modifying queries.

The following value of “userName” in the statement below would cause the deletion of the “users” table as well as the selection of all data from the “data” table (in essence revealing the information of every user):

a’;DROP TABLE users; SELECT * FROM data WHERE name LIKE ‘%

This input renders the final SQL statement as follows:

SELECT * FROM users WHERE name = ‘a’;DROP TABLE users; SELECT * FROM DATA WHERE name LIKE ‘%’;

SQL injection is a nasty thing. An SQL injection is a security exploit that allows a hacker to dive into your database using a vulnerability in your code. Since many PHP programs use MySQL databases with PHP, so knowing what to avoid is handy if you want to write secure code.
Here are some SQL injection cheat sheet that has a section on vulnerabilities with PHP and MySQL. If you can avoid the practices the cheat sheet identifies, your code will be much less prone to scripting attacks.

Posted in mysql | Tagged: , , , , , , , , , | 2 Comments »

“Fake IPL Player” ????

Posted by abhiitechie on April 27, 2009

A player claiming to be part of the Kolkata Knight Riders team is writing a blog called the fakeiplplayer.blogspot.com. He has been writing about insider stuff like team meetings, the problems between players and other juicy gossip about many players from the KKR camp and also about members of other teams.

That’s not all he has also been dishing out a lot stuff about the team owners and their private lives.

The writer has cleverly hidden his identity by giving fake names and identities to his team mates while describing their antics.

He calls Sourav – Lordie, Ishant Sharma – Long John, Dildo – Shah Rukh Khan, Coachie – John Buchanan, phoren babas – coach and his team, Prince of Patiala – Yuvaraj, Babli – Preity, Big Sister – Shilpa Shetty, Bevdaas – Bangalore Royal Challengers,  Meera Bhai – Harbhajan Singh, Appam – Sreesanth and so on.

Now, the question is who is the “fake IPL Player”? 

Some claim he is Lordie himself – Sourav Ganguly and others say it is some clever journalist using his insider knowledge to spin a web of intrigue because not all he says seems to be true and he does seem to lack some of more obvious information that he should know. Others say it is all part of the great IPL marketing machine to increase the TRPs. IPL season 2 is falling way behind the Great Indian Elections this year in the TV rating games.

Anyway, it’s seems that the “fake IPL player” has added some much needed spice to IPL season 2.

Look : http://fakeiplplayer.blogspot.com

Posted in Personal | Tagged: , , , , , | 1 Comment »

Why Oracle Won’t Kill MySQL

Posted by abhiitechie on April 27, 2009

http://www.forbes.com/2009/04/20/mysql-marten-mickos-technology-enterprise-tech-mysql.html

Posted in sun | Leave a Comment »

Open Source University Meetup (OSUM) now more open

Posted by abhiitechie on April 27, 2009

I guess everybody involved in SUN activities has awareness about OSUM. OSUM was in the past very closed socical network. One needs to be registred in to see what is inside. After long time it has changed to the better way. OSUM is going to be more open to the public now. It means more information and more reasons to be registred in. I guess one of the main principes of any open community is to be open. OSUM is now going to reach this goal.  Have a look at public profile of the groups. Anyway changes are comming .

Posted in Uncategorized | Tagged: , , , , , , , | Leave a Comment »

Developing MySQL Database Applications With PHP

Posted by abhiitechie on April 27, 2009

A four part tutorial that explains the PHP / MySQL extensions – mysql, mysqli, and pdo_mysql – with simple examples is now accessible from Sun Developer Network. While most of the information presented in the tutorial is available elsewhere in bits and pieces, the real value-add is in the introduction of the MySQL native driver for PHP, mysqlnd.

Application developers who are new to the development of MySQL database applications with PHP are the target audience of this tutorial.

Posted in mysql | Tagged: , , , , , , | 1 Comment »

Updated Versions of MySQL / MySQL & Cloud

Posted by abhiitechie on April 27, 2009

A new version of MySQL is available. The new version 5.4 mainly comes with scalability and performance enhancements. Also a new version of MySQL Cluster (7.0) is available. Want to know what you can do with MySQL and the Cloud? Have a look here.

Posted in mysql | Tagged: , , , , , , | Leave a Comment »