Slashdot Mirror


User: VGPowerlord

VGPowerlord's activity in the archive.

Stories
0
Comments
4,725
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,725

  1. Re:what's the purpose of a language, anyway? on PHP Application Insecurity - PHP or Devs Fault? · · Score: 1

    To be fair, PHP disabled the whole "post variables become PHP variables" by default back in PHP 4.2.0.

    Also, error_reporting(E_ALL); will make PHP throw warnings (but not die) when it runs in to undefined variables.

  2. Re:I have to agree.. on PHP Application Insecurity - PHP or Devs Fault? · · Score: 1

    You have to install DBI separately, but CPAN will automatically install DBI when you install any DBD module.

  3. Re:Tool safety on PHP Application Insecurity - PHP or Devs Fault? · · Score: 5, Insightful

    Have you ever used PHP? If not, take a look at the following features:

    1. addslashes() function - Most references say to use this to quote data before putting it into a database. Not only is it The Wrong Way To Do It (twwtdi) according to the SQL standard, but different vendors' databases need different values escaped.
    2. Magic Quotes ini settings. magic_quotes_gpc is the most important one. When enabled, it runs addslashes() on all GET, POST, and cookie input. It is on by default in php.ini-dist, off by default in php.ini-recommended. Which brings up my next point...
    3. The programming environment is not consistent. An INI file controls the programming environment. Turning on things like Safe mode and open_basedir can cause previously working code to suddenly fail. Of course, php.ini-dist has display errors turned on by default, so anyone visiting that page will see the location of your file, the line that has the error, and which error it is... Which brings up the next point:
    4. Security is secondary to convenience. See Using remote files, which is enabled in both ini files by default. See also Magic Quotes as described earlier. Reading up on the deprecated Register Globals is informative, as it was on by default up until PHP 4.2.0. I've also mentioned display_errors, which is on in php.ini-dist.

      Here's a disturbing fact: php.ini-dist is the more ocmmonly used of the two inis, at least for shared hosting. I'll let you consider the implications of that while I summarize things.
    To summarize: The PHP team has made a number of questionable decisions over the years that makes it much easier to write a security hole than it should be.
  4. Re:odd on John Carmack Discusses 360's Edge, Considers DS · · Score: 2, Informative

    Um... Computer hardware is made up of a number of components using digital circuits, which in turn use logic gates, which are a circuit representation of Boolean Logic.

    Besides, what do you think if() and while() do in programs? How about == and !=? <, <=, >, and >= are just a series of boolean comparisons.

    That isn't to say you can write an application using just boolean logic, as you'd need math in there at some point...

  5. Re:Back in the day... on Best Approaches for J2EE Certification? · · Score: 2, Informative

    You mean, you didn't get the nasty email from they saying that all your certifications were null and void back in... 2001, I think it was?

    I did.

  6. Mod parent up on Best Approaches for J2EE Certification? · · Score: 1

    I agree. A Sun certification for Java makes far more sense than a Brainbench certification.

  7. Re:ummmm on HellGate London To Be For-Pay Online Experience · · Score: 1

    ...and yet Dungeons and Dragons Online: Stormreach, which is also heavily instanced, has a monthly fee.

  8. Re:Firefox and Linux ... not really comparable on Why are Free-Desktop Developers Wedded to Linux? · · Score: 1

    I have, and it was relatively easy. Of course, that's probably because I had a slipstreamed Windows CD (which isn't owned "out of the box"), and everything else on hand that I needed to install on CDs (programs) and a USB flash drive (drivers, downloadable programs, important documents).

    On the flip side, what happens in Linux if the driver for my wireless card isn't in the distribution?

  9. Re:1 million shipped on 1 Million PlayStation 3s Shipped · · Score: 1
    Given that the PS3 is almost universally sold out, the difference is probably negligible. It is still very uncommon to see a PS3 in stock. I doubt that you would find more than a couple stores in the whole country which have units from their daily shipments last until the next business day.

    Except that's not true. Heck, my local Best Buy had 2 out on the display floor two days before that sale started, and each store was holding back 25 due to the advertisement's guarantee of a minimum of 25 units for the sale.

    They aren't the only retailer that still has them in stock, too.

    The Wii, on the other hand, is selling out as soon as it comes in everywhere here, a metropolitan area of 100,000 people.
  10. Re:From my personal experience. on 1 Million PlayStation 3s Shipped · · Score: 1

    I know two people with Xbox 360s. Neither has mentioned Gears of War other than to say "I have it, it's OK."

    Unlike the 5+ people I know who have Wiis who say that I really need to try Wii Sports.

  11. Re:Unsold means loss as costs decrease too! on 1 Million PlayStation 3s Shipped · · Score: 1

    You should try Zelda: Twilight Princess. I liked it a lot better than Wind Waker, but it also took a lot longer...

  12. Re:1 million shipped on 1 Million PlayStation 3s Shipped · · Score: 1

    It really depends on whether Microsoft were talking about sales to stores or what the stores actually sold to people. There's a great deal of difference between the two.

    This article specifically says "shipped" in relation to Sony's sales. It does not say that 1 million PS3s were sold.

  13. Re:Service Packs on Mac OS X Versus Windows Vista · · Score: 2, Informative

    Microsoft introduced driver signing in an attempt to fix the problem with unstable drivers. If you try to install an unsigned driver, XP bitches at you about it, but lets you continue anyway if you really want.

    However, some companies intentionally defraud Microsoft's test lab.

  14. Re:of getting a fair comparison on Mac OS X Versus Windows Vista · · Score: 1
    In OS X that is one check box and takes 15 seconds to do. I have a sheet of paper somewhere around here with all the steps needed to promote a user in Windows, I was astounded by what the PC tech said had to be done.

    Yes, because clicking a radio button then the Change Account button is so much harder than clicking a checkbox.

    Of course, you have to know where that setting is, which I noticed you didn't mention. So, I'll tell you where it is on Windows:
    Start, Control Panel, User Accounts, [Change an account], user name, Change account type

    Change an account is in brackets because most of the time all the user accounts are already listed on the User Accounts page.
  15. Re:Inactive windows - he's got it wrong on Mac OS X Versus Windows Vista · · Score: 1
    > In OS X, with a page loaded those buttons would indeed look active.

    And that's correct, because they are active. If you go to another app
    and then click on one of these buttons, they are triggered right away.
    (don't know if it's the same on Windows)

    Yes, it is. I can be chatting in a GAIM window and click the back button in my web browser... and it goes back a page.

    I have yet to see an OS where this is not the case. Just because a program doesn't have focus doesn't mean you can't use buttons on it. (I almost said "and menus," but that doesn't apply on OSX.)
  16. Re:It doesn't matter on Mac OS X Versus Windows Vista · · Score: 1

    I take it that you've never played DOS games over a network? Believe it or not, they did exist!

    I played Doom, Doom II, Warcraft II, Duke Nukem 3D, and Quake all in DOS over a 10Base2 (coaxial) network.

    In order to get IPX networking working in DOS, you needed two Novell Netware files and an Ethernet driver. They had to be loaded with lsl.com first, then the driver, then ipxodi.com.

  17. Re:It doesn't matter on Mac OS X Versus Windows Vista · · Score: 1
    Keyboard Shortcuts work by default--if you know the shortcuts.

    That's the exact opposite of what the great-great-grandparent said:
    Use [tab] to select and [space] to "click".

    Not by default. First you have to go into the Keyboard & Mouse preferences and select the full keyboard access for "All controls".
  18. Re:Problem isn't exactly fixed yet ... on Opera Security Patched In Secret · · Score: 1

    Confirmed. That image crashed Opera 9.10 on my Windows XP SP2 system.

    Except that I'm not going to post as an AC.

  19. Re:Next generation Cell into PS3? on IBM's New Processors To Exceed 5Ghz · · Score: 1

    The RAM expansion for the N64 was packaged with one of the few games that required it or available separately. I mean, between the choice of buying the RAM expansion for $20 USD or Donkey Kong 64 + the RAM expansion for $30 USD... which would you choose?

    Note: It might have been $30 USD and $40 USD respectively... I only remember it was a $10 USD difference.

  20. Re:object oriented on The D Programming Language, Version 1.0 · · Score: 1

    It might have something to do with the new keyword, in most languages, creating things on the heap rather than the stack.

  21. Re:I don't get it... on The D Programming Language, Version 1.0 · · Score: 1

    It does seem odd that someone would say it'd hard to write a stream of bytes to a file in Java, considering that you just need to do the following:

    private final String OUTPUT_FILE = "output.bin";
    protected byte[] byteArray;

    // Other code to create and fill byte array here

    private FileOutputStream out = new FileOutputStream(OUTPUT_FILE);
    out.write(byteArray);
    out.finalize();


    Done.

  22. Re:Why? on World of Warcraft Tuesday Maintenance A Thing of the Past · · Score: 1

    I know this is a week late, but I missed this story the first time around.

    I spotted two problems in your post:
    1. WoW has been running since November 2004. That makes it two years, not one.
    2. SWG, like all other SOE properties, has weekly maintenance, usually as long or longer than WoW's.

    (Side note: I haven't played SWG in years, I just remember being annoyed that the servers were always down on... Sunday mornings, I think it was.)

  23. Re:So what!? on WoW Not-So-Live Maintenance · · Score: 1

    Here's the obligitory "You must be new here" comment.

  24. Re:The Acro is... on 2006 - The Year the FSF Reached Out · · Score: 1

    I played the Uproar version... it just wasn't the same. The client really did make the difference.

    I could play it on IRC if I really wanted, but... eh.

  25. Re:like me on 2006 - The Year the FSF Reached Out · · Score: 1

    I wonder if the Acrophobia web game will ever come back. Those were the days. :D