If you are trying to use a program to connect to MySQL (in my case, BugTracker, and you encounter the following problem:

Host 'localhost.localdomain' is not allowed to connect to this MySQL server.

This means that the program is trying to use TCP connections rather than sockets, despite using localhost as a configuration option. This is ridiculous, especially in a PHP environment, but we can easily get past it.

In the /etc/hosts file, make sure you have the following line:

/etc/hosts

127.0.0.1    localhost

It CANNOT be:

127.0.0.1    localhost.localdomain    localhost

This fixed my problem.

This regex command I determined and figure I would share with everyone trying to verify the authenticity of an IP address.

^([0-9]{1,3}\.){3}[0-9]{1,3}$

If you have a better regex, certainly entertain me. I’m always willing to listen.

This came about as a result of realizing that a contact form on my business’s website fell subject to XSS (Cross-Site Scripting) attacks. Essentially, what the person (script, computer, hacker, evil sons of b*tches) was using my form and figured out a way to use it to spam others. This came about by checking my mail log and trying to figure out why I had such a large queue of messages, and why my email count had been ridiculously high going to different outbound accounts.

What happens is people can inject a statement as follows into a text field (textarea input, or any other input field):

bcc: email@email.com\r\n
bcc: email2@anotherdomain.com\r\n
bcc: email3@imgonnascrewyou.net\r\n\r\n
 
Howdy! This is SPAM. Have a crabby day!

Note: This can be all on one line, but needs to contain line break characters \r and \n.

So, what happens is if the script isn’t written correctly, those bcc headers get stuck into the email message, resulting in multiple people getting the email, besides just you.

What I’ve been doing is going back through and validating all input (because that’s what I’ve learned to do through my PHP training sessions as of late) so that this will stop. I hopefully will be catching all invalid input and will be notifying myself when it happens, so that I can immediately ban that IP address.

So, if you are reading this and are any type of PHP developer (beginner to advanced) and don’t care about security - either stop coding or start concerning yourself with security. Follow Chris Shiflett’s advice: FIEO (Filter Input Escape Output).

Our apartment complex has been undergoing rennovations recently. I’m thankful that they are upgrading the look, as it has been needed, but there is a slight problem that I do have with it. My schedule as of late has included me going to bed at around 2-3 in the morning and waking up at 11 or noon in the morning.

But, Melissa and I were unwelcomingly woken up Tuesday morning by somebody pounding on the wall next to our office (we’ve been sleeping on the futon in there because it’s more comfortable than our bed, at times). I was so startled when I woke up that I almost darted downstairs to see what the cats had broken and which one I was to punish for doing it. That’s when Melissa stopped me and had me come back to bed.

This was at 7 in the morning.

Monday night they had been ripping down the fencing between the apartments so that they could move between the apartments easier. It was rather odd, but not nearly as startling as the morning work. My problem with this was that they had the workers start so damn early in the morning. I realize that some people’s days do start at 8 (mine used to), but for those that don’t start at 8, I respectfully ask that you not start your work till at least 10 in the morning. Especially for an apartment community.

Alas, when yesterdays work was done (at around 6 PM), I took a look at what they had done. Our back patio was a total wreck from all the debris (as was everyone elses), and I was looking at a wall of insulation rather than a wall of wood. It was disturbing. But, watching what they were doing this morning, and what they had done by the time I left for work @ 5, they had made a lot of progress on getting up the new “wood” (fake wood) paneling, which is more of a beige color rather than the dark brown rotting wood color they had previously.

I look forward to when the renovations are supposed to be finished. Unfortunately, that date is about a month out. Until then, I get to wake up in the morning to Hispanic workers pounding on walls.