Skip to main content

​THE INTERVIEWEE WHO HATED ME​

6 years ago a guy looked at me face to face, and boldly told me; "I don't like you!" I immediately fired a response, I asked him that day; "Thank you for the honest feedback, but those that you like, how has it made their life better? How does your liking people pay their bills or take a bank loan? My brother keep your like, I need God's like And that's what guarantees my future. Today I joined a CEO friend of mine in an interview Panel to recruit some new staff, it was a long session, as we returned from a coffee break to continue the hectic interview session, here was this same guy walked in with his grey jacket and CV coming for the interview. Our eyes kissed by fluke, we immediately recognised each other; "the world is indeed spherical", I soliloquized. He felt very uncomfortable through out the interview, one could clearly see the volcanic eruption ongoing in his whole nervous system, he even mistook his date of birth for his last date of empl...

Application Security

I like development more when I know my application will be subjected to a bigger audience either for tests or use. I bet every developer likes this at some point. I hate large numbers during development when the project itself is behind schedule though...because this is when you complete modules for ticks & gram and not fun. 
Sucks.
So, networking...I liked it also because of exposure. Was exposed to this environment so much. I did lots of it. Later found out I was working with less and less materials. I had nothing, in terms of materials, outside Cisco (they really have cool h/ware). Freeware was hard to come by too. I hated dealing with hardware and being platform dependent. Among the nice features a s/ware is to have, platform-independence is one of them. We’ll need something that runs even on mars. 

I kept the knowledge. Bumped into web development and liked it. Big user base..nice. Cross platform apps, sweet. In our last meet-up, we discussed about security and I had several tips on how to make your application air tight and still great to use. Sometimes compromise knocks. Note, there’s always more you can do than what I’m writing. We discussed:
l Input Sanitizing and Validation.
Casing an example, let’s say you want an ID number field. Is the field to accept numerics, alphabets, alphanumeric..and special characters? How many characters? What about html? Can it be same as email? Can it be pasted? 
l SQL Injection.
This is a cool test hack method. How good are you fetching data? How often? How many pages are handling CRUD functions? Can you bypass data fetch?
l Parameterized queries. 
This is where you break the query norm. Try to have staged queries. Have query statements separated. This is all about breaking down queries into chucks. MySqli & PDO is good at this. 
l Folder/File access(read/write) rights.
Where and who can write? I use 0755 permissions for folders and 0644 for files. Works good for me. 
Cache and temp folders are tricky to deal with. Test them nicely....

Comments

Popular posts from this blog

​THE INTERVIEWEE WHO HATED ME​

6 years ago a guy looked at me face to face, and boldly told me; "I don't like you!" I immediately fired a response, I asked him that day; "Thank you for the honest feedback, but those that you like, how has it made their life better? How does your liking people pay their bills or take a bank loan? My brother keep your like, I need God's like And that's what guarantees my future. Today I joined a CEO friend of mine in an interview Panel to recruit some new staff, it was a long session, as we returned from a coffee break to continue the hectic interview session, here was this same guy walked in with his grey jacket and CV coming for the interview. Our eyes kissed by fluke, we immediately recognised each other; "the world is indeed spherical", I soliloquized. He felt very uncomfortable through out the interview, one could clearly see the volcanic eruption ongoing in his whole nervous system, he even mistook his date of birth for his last date of empl...

Canton Jones - Hallelujah ft. Deitrick Haddon, DPB,

Lauren Daigle - O' Lord (Radio Version)

Imagine - John Lennon and The Plastic Ono Band (with the Flux Fiddlers)

You're Bigger by Jekalyn Carr (Live Performance) Official Video

Eulogy | How could you leave us?

I feel this.The only difference is mine is a dad, minus pills. I lost my dad. Hard to keep up  with. Thanks for a place to let it out. Hard to keep it in. Harder to tell a story. Just write down what you're thinking n feeling +Patrick   (not everything though)  Can't use a past tense..I love my dad. I told my dad I loved him once, and it felt awesome. Had never done. I've never told my mum that I love her. I think I need to. I felt so bad...I've never wanted the news bearer to be as wrong as that day. I thought of praying and raising the dead, but just couldn't do it. Science said no, God let it happen. He has reasons. Can't question. NF kinda painted it for me. Honestly, some things can't be forgotten. Can't be undone. Can't be replaced. The only thing I have are precious last moments and advices. Specifically the last thing I did is share a cup of tea in my room. If you're watching Dad, I'm not looking back. I'm matching forth...

Skillet - Set It Off [Official Audio]

All About Opencart: Add table prefix in mysql database for opencart

All About Opencart: Add table prefix in mysql database for opencart : Shared::: Add table prefix in mysql database for opencart If you ever install an opencart without table prefix, you'll get troubles when using some custom modules. (Especially with the table ORDER, RETURN and OPTION. Because that is same as MYSQL Syntax., you'll get error when calling such as "SELECT * FROM ORDER") Here is what you do to add prefix on the table. Enter the database you want to change the table prefix. put below command in SQL Tab and run it. Just change the RED one. Example :  my_prefix_  into  oc_ and  my_database  into  yourdatabasename SELECT   Concat ( 'ALTER TABLE ' ,  TABLE_NAME ,   ' RENAME TO  my _ prefix _ ' , TABLE_NAME ,   ';' )   FROM  information_schema. tables   WHERE  table_schema  = ' my _ database ' run it in SQl Tab in PHPMyadmin. Copy the results. (Don't forget click Show All, to see all...

Mercury Mail Configuration in Windows

My friend talked of writing stuff people look for to make it interesting. Not just people. He said.  i write stuff I would like to read.  I really looked for this. I searched alot. Am sharing because it helped me alot.  The Mercury Mail package in xampp for windows is a great way to start sending emails from openemr or any open source CMS program placed in xampp. The configuration is easy, just need to follow the steps: Benefits of Mercury Mail in openEMR Easy to setup and integrated with XAMPP package Appointment reminders will be sent automatically using Batchcom/Automatic_notification via cronjob The patient reminder mails(alert reminders) will be sent automatically Secure Obtaining Mercury Mail If not using XAMPP, but still want to use mercury mail, you can get it from here http://www.pmail.com/downloads_s3_t.htm Steps of Configuration 1. After downloading Mercury Mail and installing it or if using Xampp, you can find it in C:/x...