Tag Archives: php

Loading progress display with mod_fcgid using mod_deflate

When you run your processes with mod_fcgid under apache, one of the problems is that you cannot usefully run flush() to send buffered output through to the client. The reason for this is that the fastcgi interface doesn’t have the … Continue reading

Posted in Stuff | Tagged , , , , , , | Comments Off on Loading progress display with mod_fcgid using mod_deflate

The core is secure

In the documentation for that wonderful content management software, joomla, you can read the following statement: Although the Joomla! core is secure when configured correctly, third party extensions come in all flavors of age and quality. Unless you absolutely trust … Continue reading

Posted in Stuff | Tagged , , , , | Comments Off on The core is secure

A slip betwixt $HTTP_RAW_POST_DATA and $_POST

The curious case of the missing post: An interesting bug came across my desk today. We have some hacky PHP code that receives data from cpanel, which is written in Perl. The bug came out after an update to cpanel. … Continue reading

Posted in Stuff | Tagged , , | Comments Off on A slip betwixt $HTTP_RAW_POST_DATA and $_POST

PHP deobfuscation

One of the things that you see with depressing regularity when hosting crummy PHP scripts for others is this: eval&28;base64_decode&28;’aWYgKCFlbXB0eSgkX1JFUVVFU1RbInRoZW What’s that? Well it says to decode that gobbledegook into a binary stream (the base64_decode part), and then interpret whatever … Continue reading

Posted in Stuff | Tagged , , , , , | Comments Off on PHP deobfuscation