ZomaTheMasterOfDisaster
ZomaTheMasterOfDisaster
PostsComments
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 6/13/2024 in #resources
color tool that can tell contrast following standards
https://contrast-grid.eightshapes.com/ Should help with some color picking
1 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 6/6/2024 in #ui-ux
Deciding on a color palette and also what mobile phone screen size to start with
No description
9 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 5/13/2024 in #back-end
How do you properly close a php session before closing the browser?
say the user closes your site (tab or browser) and you want the session to be destroyed because you dont want an active session when the user turns their browser back on and goes to your page. How do you detect them leaving your site to close the active session?
47 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 5/3/2024 in #back-end
The best way to implement a "Remember Me" function for login in php
I'm currently working on a remember me functionality for my login page and i know the common way is to use setcookie() then $_COOKIE['<some field here>] and assign a value and check that to login, but is there a better way or a safer way?
57 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 4/9/2024 in #back-end
not seeing any errors yet the code isn't working with login and register
it seems my login and register pages are error-ed and the database isn't getting the data but im not seeing errors. Any ideas?
90 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/29/2024 in #resources
Bash Script to check for a vulnerable version of `xz` utils
A supply chain attack happened to opensuse recently and it was due to a malicious code inside the xz utils github. Please read up on the issue with your respective repo and backup the version to a previous if not patched. Here is a script to check if your system is vulernable. Shared from a friend in my linux discord. 
#! /bin/sh

set -eu

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
then
    echo probably not vulnerable
    exit
fi

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410
then
    echo probably vulnerable
else
    echo probably not vulnerable
fi
#! /bin/sh

set -eu

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
then
    echo probably not vulnerable
    exit
fi

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410
then
    echo probably vulnerable
else
    echo probably not vulnerable
fi
1 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/29/2024 in #back-end
Handling sessions with php question
For my project id like to start the session after they are successfully logged in and transferred to their userpage. I'm curious though how to store the session like do I use the user_id assigned to some other id or something in order to keep track of it being active. I tried reading the php docs on it but I got a bit confused. Any insight on handling sessions is most welcomed. I'll share my code for my login page so others can let me know if im doing this wrong. Thanks!
15 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/26/2024 in #back-end
dynamic file names for php like in js can it be done?
you know how in js you can have file names like [id].js where id is a field from a database for pages that are changing based on what is pulled from the db? Can you do the same for php like [user_id].php for a building something like a individual user page?
19 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/19/2024 in #back-end
Database setup for a simple login and registration page in terms of having a "remember me" function
I'm not sure how to setup my database to have a "Remember me" function in order to handle bypassing login. I know you use a cookie with a encoded string and other stuff but the database setup itself is a bit odd. I'm using a Postgres database and so far here are the fields I thought of... 
user_id AUTOINCREMENT INTEGER
email TEXT NOT NULL
password TEXT NOT NULL
date_added DATETIME
is_admin BOOLEAN
user_id AUTOINCREMENT INTEGER
email TEXT NOT NULL
password TEXT NOT NULL
date_added DATETIME
is_admin BOOLEAN
I'm thinking I'll need either a separate table for generating a token for a Remember Me function or as an additional field in this User table. Not sure since I've never implemented one before. Any suggestions would be great! Thanks!
31 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/18/2024 in #resources
go template library for a more FE setup
https://templ.guide/
1 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/10/2024 in #os-and-tools
Docker not working with SQLite database
I can't get docker to work with my sqlite database and ive tried a bunch of things with changing of files and such and it just doesnt work. My setup is php with apache. Here is my docker-compose file... 
version: "3"

services:
  apache:
    build: 
      context: .
      dockerfile: "./Dockerfile"
    # Php site
    volumes:
      - .:/var/www/html
    
    
    # SQL
      - ./database/todoDB.sqlite3:/var/www/html/database/todoDB.sqlite3
  
    ports:
      - "8080:80"
    
    environment:
      - SQLITE_DATABASE_PATH=/var/www/db/todoDb.sqlite3

    networks:
      - backend

    restart: always


networks:
  backend:
    driver: bridge
version: "3"

services:
  apache:
    build: 
      context: .
      dockerfile: "./Dockerfile"
    # Php site
    volumes:
      - .:/var/www/html
    
    
    # SQL
      - ./database/todoDB.sqlite3:/var/www/html/database/todoDB.sqlite3
  
    ports:
      - "8080:80"
    
    environment:
      - SQLITE_DATABASE_PATH=/var/www/db/todoDb.sqlite3

    networks:
      - backend

    restart: always


networks:
  backend:
    driver: bridge
here is my dockerfile... 
FROM debian:latest

RUN apt-get update -y && apt-get install -y apache2 locales-all micro php libapache2-mod-php php-sqlite3

COPY ./000-default.conf /etc/apache2/sites-available/000-default.conf

RUN a2ensite 000-default.conf
#RUN a2dissite 000-default

EXPOSE 80

# Create folder for SQLite
#RUN mkdir /var/www/db

#COPY ./database/todoDB.sqlite3 /var/www/db/todoDB.sqlite3
COPY ./database/todoDB.sqlite3 /var/www/html/todoDB.sqlite3

# Add permissions for writeable database
RUN chmod 777 /var/html/database/todoDB.sqlite3
#RUN chmod 777 /var/www/db
#RUN chmod 777 /var/www/db/todoDB.sqlite3


CMD ["apachectl", "-D", "FOREGROUND"]
FROM debian:latest

RUN apt-get update -y && apt-get install -y apache2 locales-all micro php libapache2-mod-php php-sqlite3

COPY ./000-default.conf /etc/apache2/sites-available/000-default.conf

RUN a2ensite 000-default.conf
#RUN a2dissite 000-default

EXPOSE 80

# Create folder for SQLite
#RUN mkdir /var/www/db

#COPY ./database/todoDB.sqlite3 /var/www/db/todoDB.sqlite3
COPY ./database/todoDB.sqlite3 /var/www/html/todoDB.sqlite3

# Add permissions for writeable database
RUN chmod 777 /var/html/database/todoDB.sqlite3
#RUN chmod 777 /var/www/db
#RUN chmod 777 /var/www/db/todoDB.sqlite3


CMD ["apachectl", "-D", "FOREGROUND"]
7 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/9/2024 in #back-end
When to use htmlspecialchars vs filter_input ?
im confused when using htmlspecialchars vs filter_input for preventing bad input into php. I have got the hang of using prepared queries but I've not noticed when using the other two mentioned functions. Is htmlspecialchars mainly for outputting html to prevent XSS and is filter_input for handling the user input to prevent it from going through to cause harm?
11 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/6/2024 in #resources
open full stack
Not sure how useful this will be but it looks useful for understanding fullstack. Trigger warning: react is used https://fullstackopen.com/en/
1 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/2/2024 in #back-end
using namespaces and file paths in php properly
having mutiple issues with file paths and using namespaces and not sure why it seems they wont load. 
Fatal error: Uncaught Error: Class "MD\model\TodoModel" not found in /var/www/html/app/controller/TodoController.php:7 Stack trace: #0 /var/www/html/app/view/todos/index.php(4): include() #1 {main} thrown in /var/www/html/app/controller/TodoController.php on line 7
Fatal error: Uncaught Error: Class "MD\model\TodoModel" not found in /var/www/html/app/controller/TodoController.php:7 Stack trace: #0 /var/www/html/app/view/todos/index.php(4): include() #1 {main} thrown in /var/www/html/app/controller/TodoController.php on line 7
here is code 
<?php
namespace MD\controller;
set_include_path('app/model/');
//require '../model/TodoModel.php';
use MD\model\TodoModel;

class TodoController extends TodoModel {
    public function viewTodos() {
        return $this->selectAllTodos();
    }

    public function add_Todo($todo, $data) {
        return $this->addTodo($todo, $data);
    }

    public function edit_Todo($id) {
        return $this->editTodo($id);
    }

    public function update_Todo($id, $topic, $task) {
        return $this->updateTodo($id, $topic, $task);
    }

    public function delete_Todo($id) {
        return $this->deleteTodo($id);
    }
}
<?php
namespace MD\controller;
set_include_path('app/model/');
//require '../model/TodoModel.php';
use MD\model\TodoModel;

class TodoController extends TodoModel {
    public function viewTodos() {
        return $this->selectAllTodos();
    }

    public function add_Todo($todo, $data) {
        return $this->addTodo($todo, $data);
    }

    public function edit_Todo($id) {
        return $this->editTodo($id);
    }

    public function update_Todo($id, $topic, $task) {
        return $this->updateTodo($id, $topic, $task);
    }

    public function delete_Todo($id) {
        return $this->deleteTodo($id);
    }
}
112 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 3/1/2024 in #os-and-tools
Error with volume not mounting docker compose
No description
10 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 2/12/2024 in #back-end
Sanitize user input to avoid XSS attacks Question
I have username and password for login and want to avoid the cross site scripting. I read that using htmlspecialchars() is the way to go but not sure what to do after that. Any ideas?
1670 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 2/8/2024 in #back-end
PHP todo app database setup question
I have a some far a table in mind for username and passwords but not sure how to link their "tasks" to my database in order to save them for when they logout and later re login. Any tips?
544 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 1/27/2024 in #os-and-tools
Docker dev containers or ways to use docker without installing development tools on host machine
I've heard dev containers with vscode can make isolated dev environments but it's still a little new. I'm curious how to use docker (with compose as well) in order to make dev environments where I dont have to install various programming languages and their tools on my machine. Anyone have experience with this?
2 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 1/26/2024 in #back-end
Setting up a php developer environment using Docker
How do you setup a php developer environment using docker along with a database, and node since ill be doing a small practice fullstack project?
17 replies
KPCKevin Powell - Community
Created by ZomaTheMasterOfDisaster on 1/25/2024 in #ui-ux
tools that might help overcome design, color, and css issues for projects
sadly I just stink at CSS, layouts, and colors and other design things. Who would've thought that building a bunch of boxes could be some troublesome :P. I've been trying to figure out things and I've been trying to get those skills together with each project but it never clicks. With that being said, is there any tools that can help with design, colors, and the css side of things so I can focus more on the BE and some FE for any full stack projects I do?
10 replies