Archive for January, 2009

An IDE for Php

Php is a good language, open and functional for server side scripting.  But, being a scripting language, it is a loosely typed and does not force you to use functions.  This makes it very easy to write bad Php code if you don’t keep certain paradigms strictly in mind while writing.  To aid good programmers in this endeavor, here are some IDE’s for Php compared.

  • NetBeans – free, available as Php only edition
  • Dev-Php – free, open source
  • Eclipse Pdt plugin – free, currently (as of this date) not compatible with Eclipse Ganymede edition.
  • Komodo – $29.95 personal, $299.95 professional
  • Php Designer – free personal, $55.00 professional
  • PhpEd – $119.00
  • PhpEdit – $89.00
  • ZendStudio – $99.00 basic, $299.00 professional

Now, I personally appreciate free software, so netbeans is my prime choice, followed by Dev-php.  I have Ganymede eclipse, so pdt won’t work for me, and I’m certainly not going to pay for something that I don’t really need.

You can also edit Php in any text editor, including vanilla notepad. But this can easily lead to bad code.  Still, there are some nice editors that do more for you (syntax checking) like notepad++ than notepad.  For a list of these, go here.

For more info on some of those above, see this page for more information.


Read Full Post »

The first thing an Infra-Red (IR) remote control needs is an IR receiver.  I needed to buy one of these for my project to use the Apple remote on my PC, so I needed to find a receiver that didn’t come with a remote.  You can find several out remote/receiver packages out there, but I didn’t want to spend the extra money on a remote I wouldn’t use (you can see how much extra it is in the bottom list).  

I did some shopping around and figured out that stand alone receiver are hard to find and often too expensive.    Below is a list of many of the standalone IR receivers and their price for purchase on the web. Also listed is their IR frequency ranges (what frequencies of infra-red signal they will pick up).

  • USB-IRT – $50.00 – 36-40kHz (usb connection)
  • HomElectronic’s TIRA 2.1 – $51.11 – 36-40kHz (usb)
  • HomElectronic’s IRA-3 – $43.81 -36-40kHz (RJ45 or Serial DB9)
  • IRMAN – 21.68Pounds – not in stock, delivery not available US
  • PCIR – 24.68Pounds – (serial connection)
  • IRTrans – 99.00Euros (usb connection)
  • TwistedMelon Manta IR1 – $19.99 – 31-60kHz (usb connection)

For Price comparison here is a list of a bunch of remotes for windows (mostly ugly things) that come with receivers (these vary widely due to differing abilities):

  • The Keyspan Remote – This is a very nice looking remote, similar to the Apple remote – $46.24
  • ATI Remote Wonder – Radio Frequency(RF), Vista Not Supported – $49.99
  • Firefly PCRemote – RF, $49.99
  • Firefly Mini – IR – $29.99
  • StreamZap – RF – $39.95
  • SoundBlaster XFI Remote – $29.99
  • Logitech Universal Harmony 659 – 89.99
  • Harmony 550 – 89.99
  • Univeral Learning Remote – IR and RF – $79.99
  • Windows Media Center IR Remote – $39.99
  • Microsoft A90-00007 – $38.99
  • Microsoft Remote Control A9N-00009 – $51.99

Some of the standalone receivers are more expensive than ones that come with a remote! While you shouldn’t worry about the freqency too much (all of them cover the Apple Remote and most common IR remotes) you may notice a huge difference in prices, availability, and suitability.  But one of them stands out – the Manta IR1 receiver.  

The reason for this is that the Manta is put out by a company called TwistedMelon for the purpose of allowing Mac users with older Macs (or Mac towers) with no built-in IR receiver to be able to use Frontrow and control their mac from the couch. Their main product seems to be their software product, Mira, an interface that allows the Apple remote to control the older macs.  The Manta receiver is therefore not only the cheapest standalone receiver I could find on the net, it’s also the best looking, the easiest to use (some of the othe receivers aren’t even usb), and has the widest receiving frequency.  It will work with pretty much any remote control out there (and it works very nicely with my Media Center Remote).  

You might also notice that buying an apple remote plus a manta receiver is still an economical option compared to many remote/receiver packages.

Read Full Post »

This is just for fun, but I think if you haven’t seen these yet, then you’re missing out.  

This dance-video clip

for the song Kalluri Vaanil from the Bollywood movie Pennin Manathai Thottu starring Prabhu Deva Sundaram quickly became extremely popular on YouTube as:

Crazy Indian Dance Video/Dancefest

Its a really good song, very moving, but the production is a little extreme. As if this wasn’t funny enough, a guy called Buffalax came up with this version with subtitles of what the song sounds like to him:

Buffalax’s Version

Now this caused various spinoffs, like this one, but the now the original song continues to be spoofed:

McCain and Palin’s Crazy Indian Dancefest

This is a web craze, an internet meme, every bit as good as rick-rolling, with over 10 million views on Buffalax’s version, 102,000 on the Crazy version and 260,000 on the original. Have fun!

Read Full Post »

Wikipedia’s explanation of sql injection attacks is quite good, but it can be a little technical for the total newbie. So I came up with this way to explain it for my less technical friends and family.

First an analogy:
Suppose you’re playing a word game, like MadLibs, and I ask you for a word or phrase to fill in this sentence:

“This _____ is delicious.”

Now, if you give me the word “cookie”, everything is fine, but if you should fill in the blank with this phrase:

“sucks. Your mother” then the sentence takes on a much nastier meaning.

In the real world:
SQL (structured query language) is a language, similar to English, that is used to control databases. Sentences like:

SELECT * [all] from cookies_table where Type=’chocolate-chip’ ;”


“DROP TABLE cookies_table;”

are provided to the database software to change the way the database looks and acts.

When creating a database for a website that has users and passwords (and potentially credit-card information), programmers need to create queries that have blanks in them (much like MadLibs). If you’re asking for the password of a user so that you can compare it to their given password, you only know what user to look for once that person has told you their user-name (after typing it into the webpage). So programmers create SQL sentences with blanks in them like this: 

“SELECT Password from table_of_names&passes where Username=’___________’ ;” 

When the username is filled in, this sentence tells the database to return the password of the username provided.


This works fine as long as the nice user types in johnny or uroscion as their user-name.  But should a bad user type in this:

“x’; DROP TABLE table_of_names&passes in the textbox, the whole sentence looks like this:

“SELECT Password from table_of_name&passes where Username=’x’; DROP TABLE table_of_name&passes’ “

This causes the database not to merely return the password of user ‘x’ (it doesn’t matter if there is an ‘x’ user or not), but to delete that whole, important table immediately after returning the value.  This is called an SQL injection attack, because SQL was injected into an existing sentence. Bad hackers use these vulnerabilities, when they find them, to wreak havoc on good peoples’ databases.

They can also use them to get information they shouldn’t have access to. If the original sentence looks like this:

 “SELECT * from table_of_names&passes where Username=’_____’ and Password=’______’ ;”

it should display only the user’s information and only if the name and password they provide match those in the database. But if the bad hacker types this into the textbox:

“anyName’ or ‘T’=’T’;”

the sentence now reads:

 “SELECT * from table_of_names&passes where Username=’anyName’ or ‘T’=’T’;” (the rest: and Password… will be ignored by the database).

This sentence says to return the user information where the username is ‘anyName’ or where True is equal to True. This will cause the database to select and return all information of all users, since true is always equal to true in every row. If the software is written poorly, it could display all of this information, rather than just the one user’s, and that information could contain everyones’ credit-card numbers, phone-numbers, etc.

So how do good hackers protect against these injection attacks? Well, the first thing to do is not write badly formed queries (sentences) like the ones above. Queries should only return the needed information and only authenticate on one input at a time and more than one row of information should never be displayed.  But since blanks will always be necessary in some form, the next thing to do is not allow users to input those special words that make up SQL sentences. This means escaping those special words (finding every special word and putting a character in front of it that makes it ignored by the database), actively scanning through the user’s input and removing any special characters or words (like ‘=’ or ‘;’), and restricting (by checking on the server, not with javascript or by restricting textbox sizes in HTML, all you programmers!) the length and amount of input the user can provide.  

So now you have a pretty complete, if non-technical, understanding of SQL injection attacks.  If you’d like to learn more, check out Wikipedia’s article on this, and the links provided there.

Read Full Post »

I like the Apple remote control, you know, the one that comes with the new iMacs. It is sleek, small, has a magnet in it to stick it to the iMac or wall, and is, most of all, simple. It has only six buttons and still manages to be perfectly usable (for the mac, see the bottom). But I don’t have a mac. I have a PC running Vista and I like Vista. But the remote controls that one can buy for windows are huge ugly things filled with way too many buttons for my tastes.  I have a Media Center remote that came packaged with my wife’s Lenovo tower and it has a ton of buttons I never use.  So I set out to get the Apple remote to work on my PC.

The first thing you need is the Apple IR Remote Controller. A standalone apple remote from Amazon.com is $19.00  and $29.99 on the Apple Store (why would anyone buy from the Apple store?).  You could also get this cool remote for Macs that looks exactly like the Apple one (a little thicker) but is also a card reader for even cheaper at $14.99.

Then you’ll need an IR reciever.  IR recievers are nicely built into iMacs and macBooks, but most PC’s don’t come with one (neither do Mac towers).   Since you want to use the Apple remote, you’ll want to buy a standalone reciever, one that comes without the remote control.  Whatever one you choose it will need to detect the Apple Remote’s very common frequency of 38kHz.

See my post on IR Recievers for information on pricing and the best place to get an IR-receiver (pay attention to frequencies listed).

Depending on what software you want to use to program the Apple remote,  and if you’re using Vista, you may reconsider the Manta.  Read more below, look at the programs available to see if they recognize any of the receivers more easily than the Manta, and read the comment about XP drivers, and give it some thought.  However, I still think the cheapest reciever and the easiest to use software (IR Server Suite) is the best option.

Now that you have both a remote and a receiver, you’ll want to get them working on your PC. If you’re have an old Mac without an IR receiver, you just plug it in and install Twisted Melon’s Mira Software for exactly that purpose.  With a PC, things are a little bit more complicated.

Vista will  recognize the Manta receiver as an a Microsoft eHome Infrared Transceiver and will automatically install the drivers for it.  For windows XP, you’ll need to download the driver update from Microsoft to recognize the Manta (and most IR recievers).  This makes it instantly useable with any windows MCE remote control (the most common kind). I have one of these also (it came free with my Wife’s Lenovo) and it works fine.  However, the driver will not recognize the signals coming out of the apple remote.

Here’s where things get more complicated.  Depending on what operating system you have you will have several options, but regardless of what you do you will need a software controller to learn and recognize the apple remote signals.  Below is a list of many of them out there:

  • Promixis Girder 5 – 49.99 (free trial), bad reviews
  • IRCommand2 – 9.95 (free trial)
  • ByRemote HIP – Freeware
  • EventGhost – open-source
  • Medi-Texxx VICE – 20.00 (free trial) not supported
  • PC Remote Control
  • IRAssistant – Freeware
  • LIRC – only for Linux, WinLIRC for Windows 95/98
  • IR Server Suite – Freeware – strongly recommended

I’ll rule out the ones that cost money right away (except for Girder) since its the best.  That leaves HIP, EventGhost, PCRemote, IRAssitant, and IR server suite.  PCRemote will not work for this due to the reasons below and I tried the methods below to struggle with HIP, EventGhost, and IRAssitant and found them more work than necessary (plus none of them would work for me because I have Vista 64bit).  So I thought I was up against a brick wall until I found this thread, which says that there is an easier and better way, and that is to use IR Server Suite.

Download IR Server Suite, install it, open the translator and begin using the programs section to program the Apple Remote. You just click a remote button, then tell the software what to do with it.  You can do almost anything in your computer.  So, for any version of windows, there you have it:  the Apple Remote on a PC.

Now, for the harsh truth: The apple remote has only six buttons on it, and you’ll only be able to program those six individually.  You can control your computer in many ways, but you’ll never have as much control as a Media Center Remote can give you, and you’ll never have full control over Windows Media Center.  The Apple remote is made to work with FrontRow, which is programmed to handle buttons differently depending on context, but Media Center is not.  You’ll have to decide if six buttons is really worth it for you.

Addendum: If you really want to use one of other remote programs out there, you could buy a different receiver (one that works with the software suite of your choice), but if you want the cheapest receiver (Manta) and still want those other programs, here are some steps you can follow depending on which OS you’re using. This site also has some good information to follow, and this blog has even better information.

If you’re using XP 32bit

You can use Girder, HIP, or EventGhost.  But these will not recognize the remote with the default driver, so you can use a replacement driver (which seems to not work very well) or you can follow the much simpler methods here to continue using the default driver (both the replacement driver and this method disable the default driver’s automatic input handling feature, which is necessary to use these programs).

Editing the Registry to Disable eHome tranceiver automatic handling (this is easily undoable, see bottom):

  1. Once the driver is auto-installed for your receiver.
  2. Hit windows key + r, type in “regedit.exe” and hit enter.
  3. Navigate to this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\HidIr\Remotes\745a17a0-74d3-11d0-b6fe-00a0c90f57da
  4. Delete the keys from “CodeSetNum0” to “CodeSetNum3”.
  5. To undo this at any time:
    1. Hit windows key + r, type in “devmgmt.msc” hit enter.
    2. Expand Human Interface Devices
    3. R-Click on the Microsoft eHome Infred Transceiver
    4. Select Uninstall. Hit Ok.
    5. Click on the action menu at the top.
    6. Select Scan for hardware changes.  Wait, the installing driver dialogue will pop up and those registry keys will be readded.

Once you’ve done that, Girder, HIP, and EventGhost should recognize input signals in XP 32bit using the eHome driver setting or eHome replacement driver setting (even though you don’t have the replacement driver).  I can’t verify that they will as I’ve never tried it.

You’re using Vista 32bit

The method described above will not work for Windows Vista, those programs will not recognize the original driver.  But you can still use the replacement driver written for vista found here. Read more about that on this forum.

Vista 64-bit

You’re apparently out of luck, the only way to use an ehome transceiver like the Manta with a foreign remote is with IR Server Suite (see above).


Windows 7 64bit & Apple Remote V2

Erik Andersson reported to me that he got the apple remote version 2 working in Windows 7 64bit.  You can read about how to do that on IRSS Forum here.  Thanks Erik!


Read Full Post »