Recently I had some issues with correctly escaping my MSTP command I detailed HERE. During the process of testing the escaping, I realized there wasn’t any sites dedicated to numerous escaping techniques and/or testing strings. Normally what I do when I want to test some escaping is i’ll just go through the keys like so `~!@#$^&*

That works to get an idea of which characters are being escaped or not but there are ways in which certain patterns or order you write some chracters that may end up breaking some escaping techniques.

For example with any type of BASH command, you want to make sure the user input escapes semicolons, as a user could use it to break the current command and run something malicious.

I know SQL especially has had many vunerabilities in the past when certain squences are injected. The benefit for SQL database software like MySQL is that their product is specific to one task, and they can perfect their escaping functions to avoid many of these vunerabilities, however open-ended languages that are for numerous tasks such as PHP, BASH, PERL, etc all are too broad and have many escape functions but none of them work for every situation.

Simiarly, not only have I had issues of finding the best ways to escape things, but also I am always googling for a good regex for email validation from HTML forms.

I am a big fan of web 2.0 type websites where the whole website is based slowly on a single task. Therefore, I think there should be a website where users can submit and improve on the best validation techniques for common tasks. This would include not only escaping harmful characters but also regex for validation.

The idea of the site would be all about escaping and testing escapes and input validation for certain languages. It would be heavy on user submission and almost act like a wiki.

Alot of resources are a bit outdated as far as regex go as well. For exmaple not many email validation allows for periods or plus signs that gmail will let you use. One of my biggest pet peeves is when people don’t bother with correctly escaping/validation complex password forms either. I believe every character on the standards QWERTY american keyboard should be allowed in password fields. Including chars like @$#*^, but probably none of the special alt-codes, as thats a bit overkill.

As far as I know, there is no central place where all types of input validation is kept. There are good libaries that try to take care of it for you, for example one that I have used before was JQuery’s Validation plugin. However, javascript is still clientside only, you still want to double check everything on the serverside with PHP or similar serverside language.

No tags

The HTML Strict standard does not allow for the target attribute to be applied to a tags. This means that you can no longer force a new window to open with valid strict HTML.

One of the reasonings for this seems to be that “It should be up to the end user, not the web site, to decide if a link should be opened in the same window, a new window or a new tab; web developers shouldn’t force such behavior on people.” (Reference: Robert Nyman)
(more…)

No tags

The website would allow the user to upload a source image (perfect, uncompressed and ideal image) and various other images that are variations of the source. Such variations could be hue, brightness, contrast, compression, editing etc. It would then output some sort of rating or statistics showing how similar it is to the source.

This idea spawns mostly for a means of rating video quality by taking screenshots of of HD uncompressed video and comparing them to the screenshots of the compressed video. This could come in handy for people who record videos using a camera. You could take certain screenshots from the public trailer, and match that frame with your video. Get an idea how good your video is to the real thing.

This code could also be used in my previous idea, Social Image Crawler.

No tags

The idea of this spawns from http://www.tineye.com where a user uploads or linked an image and tineye will search their database with the best match. It then outputs the closest matching images to the one you uploaded. However, this site would be based solely on social websites and places where people can upload art and or images of themselves. The idea behind it is so you can find people using fake pictures, pictures of you, or stolen artwork.

No tags

I wanted to redirect the index of this site (brianhare.com) to automatically go to my wordpress.  I googled the fastest way to do redirects and I came across this blog http://www.stevenhargrove.com/redirect-web-pages/. He explains the best way to do web redirects. I didn’t know HTTP redirects were looked down upon, but I knew .htaccess files were perferred. Anways, I found this neat little site from his blog: http://www.htaccesseditor.com/en.shtml. It looks pretty and is functional, my favorite type of website. The default page is in Japanese though, so use the English link I posted.

No tags