tag:blogger.com,1999:blog-37578368563650504072024-03-13T18:00:19.803-07:00Freelance Grind<p><b>To contact me install Skype app and look for fotiosb</b><br>
<a href="http://fotios.org">Fotios</a> <a href="https://www.paypal.me/alexfotios">PayPal me!</a></p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.comBlogger67125tag:blogger.com,1999:blog-3757836856365050407.post-40800286497610283962024-02-10T15:52:00.000-08:002024-02-10T15:52:38.807-08:00Airbnb puts money first and people's safety second<p class="typography_body-l__KUYFJ typography_appearance-default__AAY17 typography_color-black__5LYEn" data-service-review-text-typography="true">Airbnb does the job and as long as you read carefully u should be fine, EXCEPT, there has been a glaring hole in their booking process for many years now. If you book a place the does not provide the "immediate booking" option then if the host refuses to accommodate you (most often because he/she had not updated the eligibility status of their property) you do get a full refund BUT only after 1-3 weeks depending on your bank's policies. They tell you something like "sorry, we pre-authed the amount and then when the host refused to host you we issued a full refund - it is just that the credit card hold will take at least a week to clear". Bottom line is that if you are low in funds in your card at that moment and you need a booking right away you are basically screwed.<br /><br />The "full refund but time to reflect" story is just a cheap excuse they have been using for years to excuse outsourcing all risk and hassle to the client while not considering that they sell SHELTER, one of the most basic human needs, and not Gucci bags or some other frivolous thing.<br /><br />Someone who has had his reservation denied and his funds withheld for weeks before refund may find himself homeless in a place like El Salvador and die in the streets like some homeless bum, if his card is not at the moment loaded enough to make a new reservation. Airbnb is quite indifferent and callous to this possibility, although well informed about it, because the current, in purpose flawed, booking process they keep using is convenient to them.<br /><br />This is serious traveler safety issue and It would be interesting if some some NGO or even GO investigated how many people suffered, got in danger, got injured or died because of this practice worldwide.<br /><br />Process needs to change and credit cards should be actually charged - NOT PRE-AUTHED - when host accepts. Then if something goes south the money would remain as booking credit you can use immediately for another booking.<br /><br />At the very least a dialog should be added that warns you of the possibility of denial when u are trying to book a property that may refuse to host you resulting in your money getting frozen for weeks - but no; they don't want that. Instead they try to make it look like it is your fault: "You did not properly read our terms or service", etc. Typical corporate sheep herding. <br /><br />Airbnb simply does not care - all they want is the money and their peace of mind and if some poor travelers die, well, poor people die every day.</p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-4714580113826685422021-03-04T16:56:00.005-08:002021-03-04T16:58:07.988-08:00Have Outlook store mail data in a drive other than C:<p>As with many things Microsoft things that you would think are simple to do can turn out to be, perhaps unnecessarily, hard.</p><p>All I wanted was for Outlook to store its mail data (stored in .pst and .ost file) in E: drive instead of the default C: drive but for that, at least with the latest version of Outlook (2019) you actually need to edit the Registry.</p><p>Here is how:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi79Bn7bziCSoFn6c1kF21g7JZbP5nUNZZZC9563Iihb1qvG0wZJre4j_DKUIuCHvO3UrZfk-oH5JoZm2G6HrGv6X08qKSNC9Ve2olYJuM7jSlxswspgJWn84OChwYSQvLoRx4Vz-szh3U/s1593/ost_relocation.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1593" data-original-width="1185" height="781" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi79Bn7bziCSoFn6c1kF21g7JZbP5nUNZZZC9563Iihb1qvG0wZJre4j_DKUIuCHvO3UrZfk-oH5JoZm2G6HrGv6X08qKSNC9Ve2olYJuM7jSlxswspgJWn84OChwYSQvLoRx4Vz-szh3U/w580-h781/ost_relocation.PNG" width="580" /></a></div><p>Obviously, you can have it point to a full path and not just the root directory of a drive.</p><p>Source: <a href="https://www.datarepairtools.com/blog/move-offline-outlook-data-file-ost/">https://www.datarepairtools.com/blog/move-offline-outlook-data-file-ost/</a></p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-78936241189112441742020-11-26T19:34:00.005-08:002020-11-26T19:39:31.254-08:00VStarcam C90S surveillance camera won't connect to the WiFi<p>It is not mentioned anywhere but this particular model does not support the IEEE 802.11n protocol even with its firmware flashed to the latest version published by the manufacturer. You will need to force your router to 802.11g mode for it to be able to connect successfully and be accessible.</p><p><a href="https://www.vstarcam.com/support/1285" target="_blank">VStarcam C90S support link</a></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39tXIiMORizWCzKxuf3Pt0wq-7qVu5NwLlouI-7oUhGyWAyGMMhdJ7MaRFyhXpaIhhOJPoEOMtbg-8nTx38B83p6ubdKOIxGax5L2xwaTuBI5cX0-Xt_TvOziB4qkzyu4OTF0yVmCktI/s1500/29S.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1500" data-original-width="1500" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39tXIiMORizWCzKxuf3Pt0wq-7qVu5NwLlouI-7oUhGyWAyGMMhdJ7MaRFyhXpaIhhOJPoEOMtbg-8nTx38B83p6ubdKOIxGax5L2xwaTuBI5cX0-Xt_TvOziB4qkzyu4OTF0yVmCktI/s320/29S.png" /></a></div><br /><p><br /></p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-74142021093876818472020-11-26T19:27:00.003-08:002020-11-27T15:02:57.220-08:00Charge your motorized toothbrush with a wireless phone charger<p>In case you forgot to pack your motorized toothbrush charger, basically place your toothbrush, standing up, on a wireless phone charging pad or on your phone, if it supports reverse charging. </p><p><a href="https://www.pickr.com.au/qa/2019/yes-wireless-reverse-charging-can-charge-a-toothbrush/" target="_blank">https://www.pickr.com.au/qa/2019/yes-wireless-reverse-charging-can-charge-a-toothbrush/</a></p><p><b>NOTE: </b>after testing this I can confirm that the wireless charger does charge the toothbrush but ONLY A LITTLE BIT regardless of the time you let it charge. I suppose the there are significant differences in the specification of the wireless charging interfaces of the two. Charge is barely enough for a single short brushing session.</p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-81772892284729333772020-10-27T13:19:00.002-07:002020-10-27T14:06:09.456-07:00Getting the right International travel COVID-19 certificate in Greece<p>There is a large number of private laboratories/clinics in Greece that do COVID-19 diagnostic testing on short notice and can provide a certificate with your results in English.</p><p>Regardless of the which country you are heading to the most important thing to remember is that the type of COVID-19 diagnostic test required in all cases is the PCR (Polymerase Chain Reaction) type of test, also known as, molecular test, nucleic acid amplification test (NAAT), RT-PCR test, or LAMP test. To be on the safe side though, make sure the certificate you receive refers to it as "PCR" or "RT-PCR" which is the name everyone will recognise and accept as valid.</p><p>Then, depending on which country you heading to, things can become more demanding. For instance, the airline employee at check-in or the immigration officials at the port of entry may require that you produce documentation or online evidence that the laboratory you did the testing at is officially certified/recognised for this type of testing by the Greek government. Given that the Greek government's sites are usually in Greek and pretty terse in quantity and quality of easily accessible information this could prove hard to do. I did do some research and thankfully there is official info online, in English, that can be used for that purpose.</p><p>The official Greek certification body for laboratories (including medical) has a minimal English version of its site here: <a href="https://www.esyd.gr/portal/p/esyd/en/index.jsp" target="_blank">esyd.gr</a></p><p>The site is the typical buggy, incomplete, non user friendly Greek public sector mess. It may take some time but eventually you will hit <a href="https://www.esyd.gr/portal/p/esyd/en/labsearch.jsp?lab_type=diLabType:di4_tests" target="_blank">this page here</a> (screenshot below) which allows you to get a listing of all medical labs certified to <i style="font-weight: bold;">ISO 15189 </i>standard.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeO6uoHKbdDvYAauHKnFB5bESyrZo7zjaNhza6X040fivRsk9lMme7za6k-oeiGOT5kpm43i34xIZDAfvsdAitF85i2bYOA_RJ4dHpajnXf9Heku8ppCLKEagU4hyg6CBmKm_Kmj15O9A/s1533/ESYD_Search.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="989" data-original-width="1533" height="390" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeO6uoHKbdDvYAauHKnFB5bESyrZo7zjaNhza6X040fivRsk9lMme7za6k-oeiGOT5kpm43i34xIZDAfvsdAitF85i2bYOA_RJ4dHpajnXf9Heku8ppCLKEagU4hyg6CBmKm_Kmj15O9A/w606-h390/ESYD_Search.PNG" width="606" /></a></div><p>The results are not necessarily labs that do COVID-19 PCR diagnostic testing and they are a mix of public and private entities. Using this listing you can find those labs that are listed under ISO 15189 certification for "human samples", like the one below, and which, in their "Scope of Accreditation" document, linked into their "Accreditation Details" page, list COVID-19 PCR testing as well.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlW0J90lB_QHs4Z_5weJIF2QwTtXqfki6tzfjSI-Y8AtlnNCkOR8-digpHTcEp6LDbzT1zcNnqtAA0_piDpNFzhSQpNZ9eZlwUFZx7gefnKgB_9x9fRrsbJ_ROy9Z_1ndLJXSUzDjWaDA/s1086/Accreditation_Details.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="747" data-original-width="1086" height="414" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlW0J90lB_QHs4Z_5weJIF2QwTtXqfki6tzfjSI-Y8AtlnNCkOR8-digpHTcEp6LDbzT1zcNnqtAA0_piDpNFzhSQpNZ9eZlwUFZx7gefnKgB_9x9fRrsbJ_ROy9Z_1ndLJXSUzDjWaDA/w602-h414/Accreditation_Details.PNG" width="602" /></a></div><p>If you already know of a lab that does COVID-19 PCR testing and want to check if it is officially certified then you can use <a href="https://www.esyd.gr/portal/p/esyd/en/searches.jsp" target="_blank">this search form here</a>.</p><p>Finally, for those able to read Greek there is a precompiled list of certified COVID-19 PCR diagnostic testing labs <a href="http://www.esyd.gr/pweb/s/20/files/anakoinoseis/Ergastiria_ESYD_SARS_CoV_19.doc" target="_blank">here</a>.</p>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-18863521312542704682020-10-14T03:15:00.006-07:002020-10-15T04:48:22.164-07:00Samsung T7 Touch 1TB External SSD Drive security mode's security is questionable<p> I just purchased a 1TB Samsung T7 Touch External SSD Drive. Main reasons were:</p><p></p><ol style="text-align: left;"><li>Its hardware based AES-256 encryption capability.</li><li>Its USB 3.2 connectivity and claimed max read/write throughput of about 1 GB/s</li><li>Its looks</li></ol>Regarding <b>point 1</b>, the Windows software version that comes with the drive and enables its security mode is buggy. It cannot self-update to the latest version, or tell you if there is one (although it supposedly supports self-update) and although it does work, the drive would freeze, and with it the whole <i>explorer.exe </i>process, after a few hours of continuous use, e.g. while copying over many gigabytes, or having <i>Google Backup and Sync </i>sync those many gigs to Google Drive.<p></p><p>Obviously, like this, the drive would be useless for power users while its coveted security mode is on. Thankfully, the <a href="https://www.samsung.com/semiconductor/minisite/ssd/download/portable/" target="_blank">latest software version</a>, which you have to seek out, locate, download and install yourself, does fix the problem; once installed it downloads and installs the latest firmware to the drive which makes the drive work as expected, i.e. it is stable in long term use while security mode is on.</p><p>The implementation of its security mode, however, does leave a few serious doubts to those who are security conscious and technically akin to cybersecurity. When I switched from security to non-security mode and after I disconnected and reconnected the drive I noticed that my files, previously copied over with security mode on, were still accessible as normal. So, how were they encrypted then? Security mode was off and I was never asked for a password when I reconnected the drive, so... This implies the following grim fact: The AES-256 symmetric encryption key is always the same, but probably unique per drive, and potentially known/recorded by Samsung. The are some subcases here - some grimmer than other:</p><ol style="text-align: left;"><li>The AES-256 key is hardcoded and therefore potentially fairly easily accessible via hardware/physical attack by a person with some electronics expertise. This would mean that turning on the security mode and supplying a password merely saves your password in a non volatile register (maybe hashed or maybe even in plaintext, though the latter would be unthinkable for a company like Samsung - more to be expected by Chinese companies of the worse kind), the host software compares the password you supply, on each drive connection event, to the one in the register and then either allows files to be decoded by the hardcoded key and appear as available or not. Security-wise, this is a pretty bad predicament.</li><li>The AES-256 key is recorded in a non-volatile register, initially in plaintext, but once security mode is turned on, it is encrypted, using an undocumented algorithm, with the user password as key or part of the key, and then re-recorded in the same non-volatile register in encrypted form. When security mode is turned off it is re-recorded in its plaintext form and I remember that the software does ask you for your password when you turn off security mode. This is better but does not change the sobering facts that:</li><ol><li>Samsung potentially knows and records the AES-256 key for each drive it puts out in the market.</li><li>We do not know how good the key encryption algorithm and overall implementation of the encryption/decryption process is.</li></ol></ol>Considering the points above, using password only (instead of password & fingerprint) as a more secure option may not be worth not taking advantage of the convenience of the fingerprint unlock feature although if implementation of point 2.2 is good, living with the fact that Samsung may have to disclose your drive's key if you are involved in a major FBI international investigation is not as bad as knowing that some fingerprint sensor fidgeting may unlock your drive.<div><br />Regarding <b>point 2</b>, a host computer with a USB 3.0 bus will only give you half the maximum read/write speed of the drive (around 400/500 MB/s); to get close to the maximum speed of 1GB/s you would need a host computer with a USB 3.2 bus.<p></p><div>Regarding <b>point 3</b>, the drive's looks are obviously great.</div><div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGFMZ2mA37QNKMC7NPveZAywNHFYnKOwtER3kVQ7phkPZiVbGWNyYXX3115haUCcMw0P6v1rqBuiH4_ewOoVQNvUsTl5nzNxSfBk-1Y9iZbZwumvXJ8hanBsovLjLfO69b0b_XDt7NWq8/s2499/20201009_162634.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2251" data-original-width="2499" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGFMZ2mA37QNKMC7NPveZAywNHFYnKOwtER3kVQ7phkPZiVbGWNyYXX3115haUCcMw0P6v1rqBuiH4_ewOoVQNvUsTl5nzNxSfBk-1Y9iZbZwumvXJ8hanBsovLjLfO69b0b_XDt7NWq8/s320/20201009_162634.jpg" width="320" /></a></div><div><br /></div>Finally, here is a <a href="https://www.samsung.com/semiconductor/minisite/ssd/support/faqs-portable/#tab_st_semi_list_expand9" target="_blank">tip from Samsung</a> itself on how to improve the drive's performance on Windows hosts.</div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX7tg0sEQtWHxr7gcyzdJi8zJkq6dHm0E4YnT56aMX6F5h8RHEB_PUa9Xo7ucynPpD_IKXwh4clAEoszRMQEokSWhGwYEfydavmYboVeMZojwsK5yVyNETIt9bkAyfa-LqmAdHY1zVByk/s1879/Samsung_T7_tip.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="811" data-original-width="1879" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX7tg0sEQtWHxr7gcyzdJi8zJkq6dHm0E4YnT56aMX6F5h8RHEB_PUa9Xo7ucynPpD_IKXwh4clAEoszRMQEokSWhGwYEfydavmYboVeMZojwsK5yVyNETIt9bkAyfa-LqmAdHY1zVByk/w640-h276/Samsung_T7_tip.PNG" width="640" /></a></div><br /><div><br /></div><div><br /></div></div>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-50459191162156755152020-07-22T10:25:00.005-07:002020-08-22T04:47:27.088-07:00Office Add-In Caching is Problematic<div dir="ltr" style="text-align: left;" trbidi="on">
Caching for Javascript based web add-ins for Microsoft Office is super problematic. Hard to make it let go of certain files and use new versions of them. Microsoft gives some instructions on how to clear the add-in cache <a href="https://docs.microsoft.com/en-us/office/dev/add-ins/testing/clear-cache" target="_blank">here</a> but it still won't work sometimes.<br />
<br />
Especially problematic files are "FunctionFile.html" and "FunctionFile.js" if the Visual Studio naming convention is to be followed (i.e. how Visual Studio names these files in an auto-generated web add-in project). These files are not downloaded in the task pane's browser instance and therefore caching of them does not follow the same rules; they are extremely sticky and development can get pretty frustrating.<br />
<br />
Only way I have found to deal with the problem is rename them in a versioning way whenever I effect changes on the files and want to see the results immediately. Specifically, assuming that the "Home.html" and "FunctionFile.html" naming convention is being used:<br />
<div style="text-align: left;">
</div>
<ol style="text-align: left;">
<li>In the add-in manifest rename "FunctionFile.html" and "Home.html" to "FunctionFile2.html" and "Home2.html", increasing that version number every time you need to refresh the cache.</li>
<li>In "FunctionFile2.html" rename all instances of "FunctionFile.js" to "FunctionFile2.js"</li>
<li>In "Home2.html" rename all instances of "Home.js" to "Home2.js"</li>
<li>Rebuild & republish the solution if you're using the VS based automated process, or upload the changed files to the add-in backend if you're doing it manually.</li>
<li>Go and manually (e.g. over ssh/sftp or in file explorer if doing it locally) rename the .js files to their new versioned names.</li>
<li>Sideload the published xml manifest of the add-in to your Office app and take pleasure in the fact that your changes finally reflect immediately.</li>
</ol>
<div>
Microsoft has produced irritatingly problematic technologies before but I'm having difficulty remembering something as persistently problematic and as irritating as this. They keep throwing their dirty laundry at the developer.</div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-15638398682279032842020-06-18T15:12:00.003-07:002020-06-18T15:22:44.516-07:00How to recover your Amazon account<b>Case 1: </b>You are being asked to enter an OTP sent to your phone, although you don't have two step/factor authentication/verification, and you have lost access to your phone number or can't receive messages or voice calls where you are, e.g. extraordinary authentication that may occur when you are travelling to other countries where your phone is not working.<div><br /></div><div><b>Solution:</b> Solution assumes you still have access to the email address associated with your Amazon account. Go <a href="https://www.amazon.com/gp/css/account/forgot-password/email.html">here</a> and enter your email address. It will ask you to enter an OTP code that will be sent to your email. Check your email, get the code and enter it; you will then be given the opportunity to change your password AND if needed also the phone number (e.g. new local SIM card or other phone number that does work) associated with your Amazon account.</div><div><br /></div><div><b>Case 2:</b> You can still log in to your account but your account has been locked because Amazon thinks you may not be the actual owner of the account.</div><div><br /></div><div><b>Solution:</b> Go <a href="https://www.amazon.com/a/recover/upload" target="_blank">here</a> and follow the instructions.</div>Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-18450073871191759022020-05-28T11:56:00.004-07:002020-05-28T11:56:52.469-07:00ExecuteFunction won't work with non-button controls in Office Web Add-in manifests<div dir="ltr" style="text-align: left;" trbidi="on">
Although explicitly stated in <a href="https://docs.microsoft.com/en-us/office/dev/add-ins/reference/manifest/control">official Microsoft Office web add-in docs</a> that a function in <i>FunctionFile.js</i> may be called by both a button and a menu item control, it turns out that, at least with the latest Chrome based version of the Edge web control implementing the task pane, only button controls are actually able to invoke functions using the <i>ExecuteFunction</i> add-in manifest clause.</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-6619875763847871462020-04-11T17:45:00.003-07:002020-04-11T19:23:04.218-07:00Switch cameras while recording video on Android<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
Android, as of this post in April 2020, does not natively support flipping camera from back to front while recording a video. Some chat apps can do it though - Instagram and Snapchat for instance certainly WhatsApp and Skype during video calls. So, how do they do it?</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Apparently they do it by screen grabbing a video preview they create in memory - the preview is much like what you see on your screen (minus the overlaid camera controls) when previewing and switching cams on your Android's native camera app. So they take that preview and either record it locally or transmit it to wherever the video is going online, e.g. an Instagram post or the person you are video chatting with.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
But what if you want to do just that, i.e. create your own video while switching between cams on both sides of your phone, without being confined by the intricacies and limiting use cases of each of the aforementioned apps?</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Well, all you have to do is kinda emulate what these apps do. A way to easily do that is:</div>
<br />
<ol style="text-align: left;">
<li style="text-align: justify;">Get a good screen recorder Android app (it records a video of your phone screen being used). There's plenty of those on Play Store.</li>
<li style="text-align: justify;">Get an alternative Android cam app that allows all camera controls to be hidden. One good such app is "<a href="https://opencamera.sourceforge.io/">Open Camera</a>" which is also available on the Play Store. Just use it's "Immersive Mode" to have the controls disappear after a couple of seconds of not using them.</li>
</ol>
<div style="text-align: justify;">
Have fun!</div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-30203158403196345662019-12-18T14:55:00.002-08:002019-12-18T14:56:16.318-08:00Upwork 2019 Success<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi098IQ0NG3GIDZBPjYHuXsdDvTQtw1HW3m3WrAqnQkgO0oOma8GwcXPAevrUML1LeDlKlT8a7OuGTaa12Jk4QTAV5C1a7lFfL95AtY0ZYtXaxCg_4aMBvdqWCdQvZl5umd5AQcr54PWP0/s1600/upwork_2019.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="868" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi098IQ0NG3GIDZBPjYHuXsdDvTQtw1HW3m3WrAqnQkgO0oOma8GwcXPAevrUML1LeDlKlT8a7OuGTaa12Jk4QTAV5C1a7lFfL95AtY0ZYtXaxCg_4aMBvdqWCdQvZl5umd5AQcr54PWP0/s640/upwork_2019.PNG" width="346" /></a></div>
<br /></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-67794056407324191652019-12-15T20:36:00.005-08:002019-12-15T20:36:58.785-08:00One of my software sites<div dir="ltr" style="text-align: left;" trbidi="on">
One of my software sites: <a href="http://transcendsoftware.co.za/">transcendsoftware.co.za</a></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-5157771394021890742019-11-24T21:10:00.001-08:002019-11-24T21:10:08.162-08:00How to defeat Chrome CORB for XHR access to 127.0.0.1<div dir="ltr" style="text-align: left;" trbidi="on">
How to defeat CORB (Cross-Origin Read Blocking) and allow javascript to access local web server running on localhost (127.0.0.1) over XHR:<br />
<br />
<ol style="text-align: left;">
<li>Select a random domain and point it to 127.0.0.1 in your HOSTS file</li>
<li>Direct your XHR connections to that domain instead of 127.0.0.1</li>
<li>You will need to enable SSL/TLS on your local web server.</li>
<ul>
<li>If you are coding your own sockets server in C <a href="https://stackoverflow.com/questions/7698488/turn-a-simple-socket-into-an-ssl-socket">here</a> is a guide on how to SSL enable them.</li>
<li>Or you can base your simple local server on a light web server that supports SSL/TLS out of the box: <a href="https://aprelium.com/abyssws/">abyssws</a> I chose this faster solution and had it serve files dynamically dumped out by my existing logic to specific doc paths under the server's root.</li>
</ul>
<li>You will need to make sure that your local server's responses always include this CORS header: <i>Access-Control-Allow-Origin: *</i></li>
</ol>
<br />
It should be working now.</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-79356153894628953572019-09-24T20:55:00.000-07:002019-09-25T02:11:41.855-07:00How to sniff packets in a WiFi network<div dir="ltr" style="text-align: left;" trbidi="on">
In wired Ethernet LANs sniffing packets meant for other computers in the network, if on a Linux based system, is as simple as setting your local network interface to promiscuous mode and running tcpdump.<br />
<br />
WiFi complicates things as each computer connected to the hotspot holds a wireless WPA session encrypted to a different session key and most hotspots (at least today) only send Ethernet frames meant for a specific MAC address over the specific session mapped to the device to which that MAC address belongs.<br />
<br />
Therefore, one is left with at least three possible ways to do promiscuous sniffing on a WiFi network:<br />
<br />
<ol style="text-align: left;">
<li>MAC spoofing. The MAC address of a Linux box can be easily spoofed using standard utilities like <i><b>ifconfig</b></i> but there are also specialized utilities like <i><b>macchange</b></i>. MAC spoofing is very fragile and timing prone and although you can hijack a few packets using it you run a high risk of killing the Internet connection of the target device you are spoofing.</li>
<li>Running a rogue (secondary) DHCP server on your Linux box (easily installed and configured on a Linux box) and then performing a DHCP poisoning exploit on the legitimate DHCP server using an easily available and installable utility like <i><b>yersinia</b></i>. Doing this you eventually end up with the all of the local network's devices registering with the DHCP server under your control and this way you get to tell them which DNS server and Internet gateway to use. If all you want to do is monitor their DNS requests so you know what sites/services they use, you can simply tell them to use your local BIND instance (which must have query logging turned on) as their DNS server. However, some devices may have their DNS servers hardcoded or you may want to intercept the communication packet themselves; in this case you simply need to set the gateway to your own IP address (which still has as gateway the legit gateway) and turn on packet forwarding like this: <i><b>sysctl -w net.ipv4.ip_forward=1</b></i> After that, using tcpdump and filtering for the IP address of the target device will give you access to the full packet stream to/from that device.</li>
<li>There is an easier way to have the exact same results as with method 2 right above. You can use the <b><i>arpspoof</i></b> utility (easily installable by installing the <b><i>dsniff</i></b> package) to pretend you are the gateway. While arpspoof is ARP spoofing the target machine will send you its packets thinking you are the gateway; you need to forward them by using the same command as above: <i><b>sysctl -w net.ipv4.ip_forward=1 </b></i>Now you also have access to the target device's packet stream. This method also bears some risk of breaking the Internet connection of the target device, so it's best to keep your spoofing as short and targeted as possible.</li>
</ol>
<div>
Methods 2 and 3 are versions of a gateway MITM (Man In The Middle) attack.</div>
<div>
<br /></div>
<div>
Next chapter: SSL/TLS MITM attacks. Privacy goes bye-bye.</div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-80571624912241318372019-08-01T08:37:00.002-07:002019-08-01T08:37:16.998-07:00Best way to show/hide HTML elements without losing styling<div dir="ltr" style="text-align: left;" trbidi="on">
There are basically three ways to do that:<br />
<br />
<ul style="text-align: left;">
<li><i><b>element.style.visibility=hidden/visible</b> </i>works well when it comes to preserving styling but only hides the element while rendering it under the the hood. The element still takes up space in the page layout as if it was there (and it is there just that it does not show).</li>
<li><i><b>element.style.display=none/inline/block/initial</b></i> works well in truly making the element disappear; the element does not show at all and it does not take any space in the page layout (as if it was not there at all). However, it will mess up (not preserve) the styling of certain elements, especially when complex CSS is involved.</li>
<li><b><i>element.hidden="true"/element.removeAttribute("hidden")</i></b> works great, combining the true hiding of the latter with the styling preservation of the former. It is only supported in fairly new versions of browsers though as it was introduced with HTML5.</li>
</ul>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-54431287357351408452019-08-01T08:10:00.000-07:002019-08-01T08:10:50.886-07:00id and name attributes with underscores not working well for Bootstrap form elements<div dir="ltr" style="text-align: left;" trbidi="on">
I came under a weird situation in laravel/bootstrap form whereby a select drop-down's "select-element.value" in Javascript would remain the same (the very first one) regardless of which option was actually selected.<br />
<br />
Turns out the error went away once I renamed the id and name attributes of the select element to a string without an underscore ('_') in it. I looked it up and although theoretically allowed and mostly non-problematic, underscores have a history of issues in id and other element attribute names under different situations and environments and they are therefore not recommended in guides like this one: <a href="https://google.github.io/styleguide/htmlcssguide.html#ID_and_Class_Name_Delimiters">https://google.github.io/styleguide/htmlcssguide.html#ID_and_Class_Name_Delimiters</a></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-90443688063988497352019-07-18T21:01:00.000-07:002019-07-18T21:17:27.544-07:00JavaScript substring replace with RegEx and backreferences<div dir="ltr" style="text-align: left;" trbidi="on">
I wanted to find all substrings matching a pattern, extract certain parts of those substrings, use those substrings of substrings to build new strings and finally replace the matched substrings with those new strings.<br />
<br />
Specifically, using pure JavaScript, I wanted to scan a long string containing HTML, find all strings like:<br />
<blockquote class="tr_bq">
<pre>src="/project/<span style="color: red;">5cba4b052195310084a3c394</span>/file/<span style="color: red;">5cdc5e59a1fefc007cd21b51</span>"</pre>
</blockquote>
to:<br />
<blockquote class="tr_bq">
<pre>http://somedomain.com/user_files/<span style="color: red;">5cba4b052195310084a3c394</span>_<span style="color: red;">5cdc5e59a1fefc007cd21b51</span></pre>
</blockquote>
Basically, match all strings like the top one, extract the two substrings of interest (in red) and then combine them into a new string that should replace the originally matched string.<br />
<br />
I used JavaScript RegEx processing with backreferences marking the substrings in red and it works pretty well. Check out the simple and efficient code here: <a href="https://jsfiddle.net/alexfotios/o6wt4d2p/">https://jsfiddle.net/alexfotios/o6wt4d2p/</a></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-81049052512767973622019-07-17T11:38:00.001-07:002019-07-18T20:37:05.735-07:00ERROR 1064 (42000) in MySQL<div dir="ltr" style="text-align: left;" trbidi="on">
Tried to import a sql script that was the product of forward engineering of an EER diagram done in MySQL Workbench (I had not modified it at all) but I was getting a persistent "ERROR 1064 (42000)" although it all seemed to be in order.<br />
<br />
This is a pretty generic error that can occur in a number of different situations but in my case it turns out it was due to an empty table, i.e. a table defined in the schema but having no rows at all, including a Primary Key (PK) column. Once I defined that the error went away.</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-15707299089184887042019-02-24T18:05:00.000-08:002019-02-24T18:12:17.235-08:00A typical Upwork bid<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="_1mf _1mj" data-offset-key="ai9rp-0-0" style="direction: ltr; position: relative;">
Just a small window to my IT Freelance world. Here is the bid I just a submitted for an Upwork published job I was invited to. I receive 2-5 such invitations every day to projects ranging from white hat hacking to Microsoft Office add-ins.<div class="_1mf _1mj" data-offset-key="e25qq-0-0" style="-webkit-text-stroke-width: 0px; color: #1d2129; direction: ltr; font-family: inherit; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 400; letter-spacing: normal; orphans: 2; position: relative; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px;">
<span data-offset-key="e25qq-0-0" style="font-family: inherit;"><br /></span></div>
<span style="color: #1d2129; font-family: "helvetica" , "arial" , sans-serif;"><span style="font-size: 14px; white-space: pre-wrap;"><i>Hello,
thank you for the invitation!
I have developed a couple of systems that do scraping. The way I went about it is headless browser instances. Main reason for that was that anyone who wants to thwart scraping of their pages would implement something that works in a browser but does not work in something like a CURL based request; a typical example is dynamically built HTML page content using javascript vs the typical static HTML still prevalent on many websites (but diminishing). The core idea here is that if your scraping is using scripted actual browser instances instead of a bot that performs HTTP requests then you have much less to worry about.
So, what I did is I created a Java based manager that launches up to X concurrent headless instances of FireFox and drives them to dynamically and concurrently load pages stored in a MySQL via PHP scripts (the user interface). A special scraping javascript is injected in all pages by a custom Firefox extension - the script is customizable and can look for a number of things (elements/data) in each page loaded depending on the domain and a host of other customizable/programmable factors. It then makes XHR calls to a local PHP script that stores the desired extracted information in whatever format is needed (JSON, tabular in DB, Excel, plain text, etc.) It all runs on Linux.
I would be happy to modify this system to your spec - I think it will work well and it will be a better long term investment than a typical PHP/CURL based scraper. I can do it for a fixed price of 3K USD split in 3 well defined milestones with demonstrable/working deliverables each. Time for complete system delivery working to your spec would be about 3 weeks.
Looking forward to it!
Alex</i></span></span></div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-91402600700477115492018-09-17T20:11:00.000-07:002018-09-17T20:21:08.635-07:00How to bid on a Reverse Engineering project and what tools to use<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
Hi,</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
I have significant experience in low-level Windows development, including driver development (kernel mode), cracking and reverse engineering. I use the most advanced tools of the trade including IDA Pro, OllyDbg, WinDbg and other Windows SDK/WDK tools, Windows SysInternals utilities, and others as needed.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If you are looking to simply decompile a single exe file into C source code I can do that for you for 500 USD. However, it needs to be said that the produced code, though accurate, will not be very readable as a compiled program does not retain identifier names (like variable and function names) that usually convey most of the meaning in source code; still, the code's logic is usually fully and correctly retained.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Also, the code won't be much more than a long monolithic list of statements that is usually not directly compilable into the same application whose decompilation produced it.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Therefore, in most cases, such projects involve a specific function (or set of functions) that need to be decompiled AND converted to meaningful source code that can then be compiled into a new and fully working application. The process of doing the latter usually involves debugging the app to see which function/functions are being called and when and then extracting the decompiled code of those particular functions, rewriting it, in order to become comprehensible, and then combining it with other code into a new project structure (could be a Visual Studio project) that can then be compiled into a new fully working app.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If what you want is what I described in the last paragraph then I can do that as well and the cost for each function/functionality depends on the function/functionality itself and its complexity. Specific quotation for this scenario will be possible after a first full decompilation of the app is performed.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Cheers,</div>
<div style="text-align: justify;">
Alex<br />
<br />
<h4>
Tools</h4>
<a href="https://www.hex-rays.com/products/ida/index.shtml">IDA Pro</a><br />
<a href="http://www.ollydbg.de/">OlyDbg</a><br />
<a href="https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk">WinSDK</a><br />
<a href="https://docs.microsoft.com/en-us/sysinternals/">SysInternals</a><br />
<br /></div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-36335972269932985022018-09-10T14:16:00.002-07:002018-09-17T20:06:10.736-07:00Allowing only one executing PHP request <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
What if for reasons of performance or serialization you wanted to quickly (without messing with complex apache and/or php configuration options) ensure that only one php request of some web application executes at any one time?</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
I had this requirement recently and what I did is used a "lock" file. The PHP code goes and checks if that file exists and it it does it considers execution locked and dies. If the file does not exist it creates it and runs.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
However there is a potentially fatal flaw in this simple solution; what if a PHP request dies (for whatever reason) before it had time to delete the lock file at the end of processing? Your app would never run ever again! To address this I added timestamps into the mix. Specifically, when the file is created a timestamp representing the exact time of its creation is written into it and then when another incoming request polls for the lock file it actually reads the timestamp, compares it to current time and acquires the lock, even though the lock file exists, if a certain time threshold, during which it is reasonable to assume the previous request would have finished processing, has elapsed.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The file's time attributes could also be used instead of a timestamp in the file but that would bring in complexity in the form of platform considerations, timezones, server admins changing those, etc. Though not perfect, the "timestamp in a lock file" is simple to implement, keeps most variables within the PHP platform space and it works.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
So here is the getLock() function I used; <i><b>x</b></i> is the minimum number of seconds between requests you would want to enforce.</div>
<br />
<pre class="hljs" style="background: rgb(240, 240, 240); display: block; overflow-x: auto; padding: 0.5em;"><span style="color: #444444;"><span class="hljs-function"><span class="hljs-keyword" style="font-weight: 700;">function</span> <span class="hljs-title" style="color: rgb(136 , 0 , 0); font-weight: 700;">getLock</span><span class="hljs-params">()</span>
</span>{
<span class="hljs-keyword" style="font-weight: 700;">if</span> (file_exists(<span class="hljs-string" style="color: rgb(136 , 0 , 0);">"steglock.txt"</span>))
{
$before = trim(file_get_contents(<span class="hljs-string" style="color: rgb(136 , 0 , 0);">"steglock.txt"</span>));
$now = strtotime(<span class="hljs-string" style="color: rgb(136 , 0 , 0);">"now"</span>);
$difference = abs( ($now) - ($before) );
<span class="hljs-keyword" style="font-weight: 700;">if</span> ( $difference < </span><span style="color: #006000;">x</span><span style="color: #444444;">)
{
</span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">return</span><span style="color: #444444;"> </span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">false</span><span style="color: #444444;">;
}
</span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">else</span><span style="color: #444444;">
{
file_put_contents(</span><span class="hljs-string" style="color: rgb(136 , 0 , 0);">"steglock.txt"</span><span style="color: #444444;">, strtotime(</span><span class="hljs-string" style="color: rgb(136 , 0 , 0);">"now"</span><span style="color: #444444;">));
</span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">return</span><span style="color: #444444;"> </span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">true</span><span style="color: #444444;">;
}
}
</span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">else</span><span style="color: #444444;">
{</span><span style="color: #444444;">
file_put_contents(</span><span class="hljs-string" style="color: rgb(136 , 0 , 0);">"steglock.txt"</span><span style="color: #444444;">, strtotime(</span><span class="hljs-string" style="color: rgb(136 , 0 , 0);">"now"</span><span style="color: #444444;">));
</span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">return</span><span style="color: #444444;"> </span><span class="hljs-keyword" style="color: #444444; font-weight: 700;">true</span><span style="color: #444444;">;
}
}</span></pre>
<br />
Then, just before you start your processing in you PHP file (or files):<br />
<br />
<pre class="hljs" style="background: rgb(240 , 240 , 240); color: rgb(68 , 68 , 68); display: block; overflow-x: auto; padding: 0.5em;"><span class="hljs-keyword" style="font-weight: 700;">if</span> (!getLock())
{
<span class="hljs-keyword" style="font-weight: 700;">die</span>(<span class="hljs-string" style="color: rgb(136 , 0 , 0);">"You can only submit one request every x seconds"</span>);
}</pre>
<br />
Good luck!</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-45834856988265505832018-05-16T01:29:00.005-07:002018-05-16T01:29:53.594-07:00Run LibreOffice in PHP scipts<div dir="ltr" style="text-align: left;" trbidi="on">
It is often desirable to have PHP convert Word documents into PDF documents. LibreOffice can do that very well and of course it can do much more. There are three tricky points to consider if you want to run LibreOffice with PHP:<br />
<br />
<ol style="text-align: left;">
<li>You need to run it using the <b><span style="font-family: "courier new" , "courier" , monospace;">--headless</span></b> option as it will probably be running on a server that probably has no GUI capabilities.</li>
<li>You need to make sure that the output dir (which if not explicitly specified is the same as that of the php script that runs LibreOffice) is writable by the user php runs as (in my case <span style="font-family: "courier new" , "courier" , monospace; font-weight: bold;">apache</span><span style="font-family: inherit;">). Obviously, the directory where the document that will be read in resides (as well as the document itself) need to be readable by the user php runs as (in my case I just did a </span><b><span style="font-family: "courier new" , "courier" , monospace;">chown apache:apahe <dirpath></span></b><span style="font-family: inherit;"> on both these dirs<span style="font-family: inherit;">)</span></span></li>
<li><span style="font-family: inherit;">(Trickiest) </span><span style="font-family: "courier new" , "courier" , monospace;"><b>soffice</b></span><span style="font-family: inherit;"> (one of LibreOffice's executables) will still not run correctly as </span><span style="font-family: "courier new" , "courier" , monospace;"><b>apache</b></span><span style="font-family: inherit;"> (or </span>whatever<span style="font-family: inherit;"> your php user is) although it will run fine if you execute it as </span><b><span style="font-family: "courier new" , "courier" , monospace;">root</span></b><span style="font-family: inherit;">. This is because it requires special permissions for a directory that it considers its </span>environment<span style="font-family: inherit;"> dir. there is a number of ways to fix this but easiest is to use the </span><b><span style="font-family: "courier new" , "courier" , monospace;">-env:UserInstallation</span></b><span style="font-family: inherit;"> option. In my case I created a subdir under </span><b><span style="font-family: "courier new" , "courier" , monospace;">/tmp</span></b><span style="font-family: inherit;"> (specifically: </span><span style="font-family: "courier new" , "courier" , monospace;"><b>/tmp/soffice</b></span><span style="font-family: inherit;">) and gave it </span><b><span style="font-family: "courier new" , "courier" , monospace;">apache:apache</span></b><span style="font-family: inherit;"> ownership.</span></li>
</ol>
<div>
In conclusion here is how I successfully call soffice from my php script (where <b><span style="font-family: Courier New, Courier, monospace;">$target_file</span></b> is the Word file to be read in):<br />
<br /></div>
<pre style="background: #f6f8ff; color: #000020;">$cmd2 <span style="color: #074726;">=</span> <span style="color: #1060b6;">"/opt/libreoffice6.0/program/soffice -env:UserInstallation=file:///tmp/soffice</span>
<span style="color: #1060b6;"> --headless --convert-to pdf "</span> . $target_file;
exec($cmd2);
</pre>
<div>
<br />
In the my case, the resulting <b style="font-family: "Courier New", Courier, monospace;">pdf</b><span style="font-family: inherit;"> </span>file is saved in the same directory as the php file that runs <b style="font-family: "Courier New", Courier, monospace;">soffice</b><span style="font-family: inherit;">, </span>which is fine for my purposes.</div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-13649031724506791482018-05-11T13:12:00.005-07:002021-08-09T08:45:42.559-07:00Voice searching a new trend for SEO considerations<div dir="ltr" style="text-align: left;" trbidi="on">
Voice searching a new trend for SEO considerations:<br />
<br />
<a href="https://blog.payoneer.com/affiliates/how-voice-search-changes-the-game-for-affiliate-marketers/">https://blog.payoneer.com/affiliates/how-voice-search-changes-the-game-for-affiliate-marketers/</a></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-41739103354751937652018-03-27T02:32:00.004-07:002018-03-27T02:32:56.920-07:00PHP can't write to directory although it should<div dir="ltr" style="text-align: left;" trbidi="on">
If PHP is not writing to a directory (e.g. you can't upload files) although all directory permissions as well as PHP and Apache settings and configuration are correct then, in case you are on CentOS 7 (or RedHat 7), the culprit may be SELinux. Just disable it or, if needed, allow writing to the directory of interest using chcon command:<br />
<br />
<a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-enabling_and_disabling_selinux-disabling_selinux">To disable SELinux</a><br />
<br />
<a href="https://blog.lysender.com/2015/07/centos-7-selinux-php-apache-cannot-writeaccess-file-no-matter-what/">To resolve the issue with SELinux enabled</a></div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0tag:blogger.com,1999:blog-3757836856365050407.post-66038492841130752042018-03-08T08:44:00.001-08:002018-03-08T08:47:35.028-08:00How to configure drupal with clean URLs<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
There is some confusion on drupal.org (and other sites) on how exactly to do that: multiple conflicting articles, incomplete instructions, etc. The way to do it is to basically include the correct set of <i><b>httpd.conf </b></i>directives for all three of the following directories (assuming the default/usual directories are used):</div>
<ul style="text-align: left;">
<li style="text-align: justify;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;">/var/www </span></li>
<li style="text-align: justify;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;">/var/www/html</span></li>
<li style="text-align: justify;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;">/var/www/html/sites/default</span></li>
</ul>
<div style="text-align: justify;">
<span style="font-family: inherit;">The </span><i style="font-family: inherit;">httpd.conf</i><span style="font-family: inherit;"> sections for the first two directories normally already exist by default; the third one needs to be created. No </span><i style="font-family: inherit;">.htaccess</i><span style="font-family: inherit;"> files need to be used; everything can be done in the </span><i style="font-family: inherit;">httpd.conf</i><span style="font-family: inherit;"> file. Here is the relevant listing from my <i>httpd.conf </i>file that </span>successfully<span style="font-family: inherit;"> configured Drupal with clean URLs for me:</span></div>
<br />
<pre style="background: #ffffff; color: black;"><span style="color: dimgrey;">#</span>
<span style="color: dimgrey;"># DocumentRoot: The directory out of which you will serve your</span>
<span style="color: dimgrey;"># documents. By default, all requests are taken from this directory, but</span>
<span style="color: dimgrey;"># symbolic links and aliases may be used to point to other locations.</span>
<span style="color: dimgrey;">#</span>
DocumentRoot <span style="color: #0000e6;">"/var/www/html"</span>
<span style="color: dimgrey;">#</span>
<span style="color: dimgrey;"># Relax access to content within /var/www.</span>
<span style="color: dimgrey;">#</span>
<span style="color: #7f9fbf; font-weight: bold;"><Directory "/var/www"></span>
AllowOverride <span style="color: maroon; font-weight: bold;">All</span>
<span style="color: dimgrey;"> # Allow open access:</span>
Require <span style="color: maroon; font-weight: bold;">all</span> granted
<span style="color: #7f9fbf; font-weight: bold;"></Directory></span>
<span style="color: dimgrey;"># Further relax access to the default document root:</span>
<span style="color: #7f9fbf; font-weight: bold;"><Directory "/var/www/html"></span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Possible values for the Options directive are "None", "All",</span>
<span style="color: dimgrey;"> # or any combination of:</span>
<span style="color: dimgrey;"> # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Note that "MultiViews" must be named *explicitly* --- "Options All"</span>
<span style="color: dimgrey;"> # doesn't give it to you.</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # The Options directive is both complicated and important. Please see</span>
<span style="color: dimgrey;"> # </span><span style="color: #5555dd;">http://httpd.apache.org/docs/2.4/mod/core.html#options</span>
<span style="color: dimgrey;"> # for more information.</span>
<span style="color: dimgrey;"> #</span>
Options Indexes FollowSymLinks
<span style="color: dimgrey;"> #Options Includes ExecCGI FollowSymLinks MultiViews</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # AllowOverride controls what directives may be placed in .htaccess files.</span>
<span style="color: dimgrey;"> # It can be "All", "None", or any combination of the keywords:</span>
<span style="color: dimgrey;"> # Options FileInfo AuthConfig Limit</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> #AllowOverride None</span>
AllowOverride <span style="color: maroon; font-weight: bold;">All</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Controls who can get stuff from this server.</span>
<span style="color: dimgrey;"> #</span>
Require <span style="color: maroon; font-weight: bold;">all</span> granted
RewriteEngine <span style="color: #797997;">on</span>
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
<span style="color: dimgrey;"> #RewriteCond %{REQUEST_URI} !=/favicon.ico</span>
<span style="color: dimgrey;"> #RewriteRule ^ index.php [L]</span>
RewriteRule ^(.*)$ index.php?q<span style="color: #808030;">=</span>$<span style="color: #008c00;">1</span> [L<span style="color: #808030;">,</span>QSA]
<span style="color: #7f9fbf; font-weight: bold;"></Directory></span>
<span style="color: #7f9fbf; font-weight: bold;"><Directory "/var/www/html/sites/default"></span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Possible values for the Options directive are "None", "All",</span>
<span style="color: dimgrey;"> # or any combination of:</span>
<span style="color: dimgrey;"> # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Note that "MultiViews" must be named *explicitly* --- "Options All"</span>
<span style="color: dimgrey;"> # doesn't give it to you.</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # The Options directive is both complicated and important. Please see</span>
<span style="color: dimgrey;"> # </span><span style="color: #5555dd;">http://httpd.apache.org/docs/2.4/mod/core.html#options</span>
<span style="color: dimgrey;"> # for more information.</span>
<span style="color: dimgrey;"> #</span>
Options Indexes FollowSymLinks
<span style="color: dimgrey;"> #Options Includes ExecCGI FollowSymLinks MultiViews</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # AllowOverride controls what directives may be placed in .htaccess files.</span>
<span style="color: dimgrey;"> # It can be "All", "None", or any combination of the keywords:</span>
<span style="color: dimgrey;"> # Options FileInfo AuthConfig Limit</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> #AllowOverride None</span>
AllowOverride <span style="color: maroon; font-weight: bold;">All</span>
<span style="color: dimgrey;"> #</span>
<span style="color: dimgrey;"> # Controls who can get stuff from this server.</span>
<span style="color: dimgrey;"> #</span>
Require <span style="color: maroon; font-weight: bold;">all</span> granted
RewriteEngine <span style="color: #797997;">on</span>
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
<span style="color: dimgrey;"> #RewriteCond %{REQUEST_URI} !=/favicon.ico</span>
<span style="color: dimgrey;"> #RewriteRule ^ index.php [L]</span>
RewriteRule ^(.*)$ index.php?q<span style="color: #808030;">=</span>$<span style="color: #008c00;">1</span> [L<span style="color: #808030;">,</span>QSA]
<span style="color: #7f9fbf; font-weight: bold;"></Directory></span>
</pre>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
</div>
Fotioshttp://www.blogger.com/profile/07434203175784993227noreply@blogger.com0