Vile Works

Here’s the deal: I need to store some sensitive data (user names and passwords) in a flat file. I don’t want to make any use of databases because this would defeat the whole purpose of the project. Of course, the passwords will be md5 encrypted in the file, but this wouldn’t be enough.

This neat little login system, Micro Login System, seems to have the basic stuff for me to start with but, as said it stores the user info in a text file.
The contents of userpwd.txt would have been:

admin:3089af3a625carf15ed2a1a93684413ffa
user1:75580656a394292460ebb4b036ebeaf1
user2:c67ac4665947cd23ff7d1d180b8e41d5

That’s user : md5( password ).
I was concerned about this because anyone who knew about the system could have entered address/userpwd.txt in the address box and gotten that info.

My solution

Php files are pretty secure right?…

Continue reading…

How I use captcha without making my users complete the barely readable word

Capthca sucks. For more information on how much captcha can suck see John Willis’ post Top 10 Worst Captchas.
But at the same time it can be really annoying for webmasters to have their forms unprotected with all the spam bots running free out there.

What I wanted was to have the commenting feature protected against spam bots without having the innocent human users ruining their eyes on captcha like images, or complete any mathematical equation or any other additional question fields.

One very important difference between a spam bot and a human using a web browser is that the first can’t run JavaScript code. However, this isn’t a perfect criteria of selection, because there are humans browsing the web using browsers without JavaScript support (Opera Mini for mobile devices for example).

My ideea (and as I did some Google searches, I found out other people had similar ideas) was the followig algorithm:

Does the user have JavaScript enabled?
If yes, he’s ok. Let him comment.
No? He’s a suspect. Read him his rights and give him the ultimate “are you human?” test.

To do this I left the captcha system enabled and in place and wrote 2 extra lines of JavaScript that:

//complete the text field with the correct word from the image:
$('secretword').value='nospam';
//hide the div containing the captcha image and the text field:
$('captcha').style.display='none';

Continue reading…

Put your city on the map in 4 layers. Create an artistic old map of your area.

Here’s what you should be achieving:

Step 1: Getting the actual map

Go to maps.yahoo.com, find your area and zoom in to a desired level—I went in somewhere between City and Street view in some area in Bucharest, Romania but you can also do a Country view. If your part of the world isn’t covered by yahoo maps, try google maps or get a regular image of a map for the area you need.

Hit the PrintScreen key, go in Photoshop and paste it in a new document and then Crop (C key) the image keeping only the desired part. Use the Patch Tool or the Healing Brush Tool to remove the center cross.

Step 2: Applying the old paper texture to give it a vintage look

For the second step you need an old grunge paper texture. I used this free image from cgtextures.

Continue reading…