Abhishek Gupta

The Sun won’t set at NIT Durgapur !

Archive for the ‘mysql’ Category

All about QFlicks

Posted by abhiitechie on August 16, 2009

Hi people , this post is all about a project which I started roughly a month ago by the name of “QFlicks”. It was named so because the graphics library I chose to use is the popular Ot and the  application is a movie collection cataloger which scans the disk for media files and gets film informations (duration, plot, cover ,rating ,poster cover , casts  etc) from the popular Amazon’s http://imdb.com or the Internet Movie Database . It also allows the user to filter his possessions based on movie titles,genre,ratings  , seen or unseen etc.

The later versions of the software will witness subtitle downloader extention and many more.

Here are the basic features which I plan to inmplement in version 1.0

  • Scanning user-chosen directories to find media files (films in a first time)

Status : Done

How : Used a recursive OS walk algorithm to extract movies from all folders , sub-folders , sub-sub folders etc.

  • Extracting film titles from file names (tough one if files are not properly named)

Status: Done

How: Using Neural Network algorithms and and basic Regular Expression.

  • Create a list of these names in a database get films information (duration, plot, poster cover , rating , casts etc) from imdb

Status : Done

How: Used a library named IMDBPy as imdb.com does not provide and API (Another example of Amazon’s miserness). The database used is MySQL which experienced developers feel is a wrong choice for desktop.

  • display films list and information of the selected one

Status: Done

  • basic settings handling

Status: More or less done until someone comes out with bugs

  • Filtering based on genre , title ,rating seen or unseen etc.

Status: Not Done

To Do: Learn multiple substring search in SQL ( SQL sucks , I hate it)

  • Clean and simple gui

Status : The Gui is simple but not clean and hangs as I have not implemented the Multi-threading

To Do : Learn Multi-threading and make the network call fuctions run in separate threads in the background and also need to implement customized Progress Bars for UI

Plugins (towards upper versions):

  • subtitle downloader
  • playlist manager
  • automatic new files inclusion (directory survey)
  • music album and video series handling

Tools Used:

  • Python as the Programming Language
  • Qt as Graphics Library
  • QtDesigner for the Gui
  • SVN as versioning program
  • MySQL as database software
  • IMDBPy as the library
  • GPLv3 licence

Here is the screen-shot of my Work :
Screenshot
The sourceforge Link for the project is :

Get the source from the Repository :

Current OS Support :
Gnu/Linux with Qt >= 4.5 and MySQL >= 5.0

Newbies who don’t know how to use SVN or are facing problems with code can mail me at
mailto: abhii.cse.nitdgp@gmail.com

The project is likely to see its first release on 24th of August 2009
Advertisements

Posted in mysql, Personal | Tagged: , , , , , , , , , , , , , , , | 4 Comments »

Programming Forums that will always help

Posted by abhiitechie on May 17, 2009

Java  Forums

 

imageSun forums Sun’s official Java forums

imageDZone Forums 

PHP Forums

 

image  PHP freaks 

image PHP Builder forums

image  Devshed php development forums

image Weber forums

MySQL Forum

 

RoR  Forums

image Rails forum

 image  Ruby forum

For all kind of programming Q and A.

image

 

 

Posted in java, mysql, Personal | Tagged: , , , , , , , , , , , | Leave a Comment »

Resetting password in MySQL when showing Permission denied

Posted by abhiitechie on April 27, 2009

mysql> CREATE DATABASE TEST;
ERROR 1044 (42000): Access denied for user ”@’localhost’ to database ‘TEST’

Stop the mysqld daemon process by 
$killall mysqld

Start the mysqld daemon process with the 
$mysqld –skip-grant-tables option.

Start the mysql client with the        
$mysql -u root option.

Execute the 
mysql>UPDATE mysql.user SET Password=PASSWORD(‘password’) WHERE   User=’root’;  
(say user can be abhishek and password can be abhishek)

Execute the command              

mysql>FLUSH PRIVILEGES;

After this start the MySQL client by $ mysql -u root -p 
Enter the newly set password and get down to the business.

Posted in mysql | Tagged: , , , , , , , , , , | Leave a Comment »

SQL injection vulnerabilities and how to overcome

Posted by abhiitechie on April 27, 2009

SQL injection vulnerabilities and how to overcome.

According to wiki SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

Let me give you an example of one of a very basic vulnerability.

Incorrectly filtered escape characters

This form of SQL injection occurs when user input is not filtered for escape characters and is then passed into a SQL statement. This results in the potential manipulation of the statements performed on the database by the end user of the application.
The following line of code illustrates this vulnerability:
statement = “SELECT * FROM users WHERE name = ‘” + userName + “‘;”
This SQL code is designed to pull up the records of the specified username from its table of users.
However, if the “userName” variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example, setting the “userName” variable as a’ or ‘t’=’t renders this SQL statement by the parent language:

SELECT * FROM users WHERE name = ‘a’ OR ‘t’=’t’;

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of ‘t’=’t’ is always true.

While most SQL Server implementations allow multiple statements to be executed with one call, some SQL APIs such as php’s mysql_query do not allow this for security reasons.

This prevents hackers from injecting entirely separate queries, but doesn’t stop them from modifying queries.

The following value of “userName” in the statement below would cause the deletion of the “users” table as well as the selection of all data from the “data” table (in essence revealing the information of every user):

a’;DROP TABLE users; SELECT * FROM data WHERE name LIKE ‘%

This input renders the final SQL statement as follows:

SELECT * FROM users WHERE name = ‘a’;DROP TABLE users; SELECT * FROM DATA WHERE name LIKE ‘%’;

SQL injection is a nasty thing. An SQL injection is a security exploit that allows a hacker to dive into your database using a vulnerability in your code. Since many PHP programs use MySQL databases with PHP, so knowing what to avoid is handy if you want to write secure code.
Here are some SQL injection cheat sheet that has a section on vulnerabilities with PHP and MySQL. If you can avoid the practices the cheat sheet identifies, your code will be much less prone to scripting attacks.

Posted in mysql | Tagged: , , , , , , , , , | 2 Comments »

Developing MySQL Database Applications With PHP

Posted by abhiitechie on April 27, 2009

A four part tutorial that explains the PHP / MySQL extensions – mysql, mysqli, and pdo_mysql – with simple examples is now accessible from Sun Developer Network. While most of the information presented in the tutorial is available elsewhere in bits and pieces, the real value-add is in the introduction of the MySQL native driver for PHP, mysqlnd.

Application developers who are new to the development of MySQL database applications with PHP are the target audience of this tutorial.

Posted in mysql | Tagged: , , , , , , | 1 Comment »

Updated Versions of MySQL / MySQL & Cloud

Posted by abhiitechie on April 27, 2009

A new version of MySQL is available. The new version 5.4 mainly comes with scalability and performance enhancements. Also a new version of MySQL Cluster (7.0) is available. Want to know what you can do with MySQL and the Cloud? Have a look here.

Posted in mysql | Tagged: , , , , , , | Leave a Comment »