Featured post

c# - Usage of Server Side Controls in MVC Frame work -

-
i using asp.net 4.0 , mvc 2.0 web application. project requiremrnt have use server side control in application not possibl in noraml case. ideally want use adrotator control , datalist control. i saw few samples , references in codepleax mvc controllib howwver found less useful. can tell how utilize theese controls in asp.net application along mvc. note: please provide functionalities related adrotator , datalist controls not equivalent functionalities thanks in advace. mvc pages not use normal .net solution makes use of normal .net components impossible. a normal .net page use event driven solution call different methods service side mvc use actions , view completly different way handle things. also, mvc not use viewstate normal .net controlls require. found article discussing mixing of normal .net , mvc.
3 comments

php - Prevent application from introducing harmful changes on the server side -

-

this small little hobby project in php. use 0sites.org server (linux os). try imitate functionalities of http://www.codepad.org, http://www.ideone.com. trying have online compiler/interpreter lanuages.

as of now, can compile/run applications php exec(..), unsure how going filter out harmful function calls c/c++ system(..). also, have little idea how going prevent network access.

i planning add few more languages. difficult implement things specific every language. wondering if there way stop things @ more general level.

i have thought on lines of parsing code manually , comment out problematic lines of code. since there more 1 way things, can broken. :-p

any ideas/suggestions/pointers ? shall highly grateful same. :-)

(ps: hobby project. want make professional possible.. )

you need os support creating these sandboxes. approach involving filtering source code going have security problems, , nightmare maintain.

just think: if implement parser correctly, there bug in php's parser, parses differently. allow run system, exec, etc. , around filtering.

you have not stumbled across hobby project; have stumbled across research project.

edit 1

the sanest way can think of without os support patch php (but you'd working in c then, not php), or re-implement php in php. keep in mind how crazy is. sure know countless libraries linked in may do, when given funny arguments? e.g., may want disallow writing files, allow mysql. except mysql has sql commands write arbitrary files.

http://codepad.org/about says done os support. maybe can make ptrace module php, , implement yours in similar way.


Comments

Post a Comment

Popular posts from this blog

c# - Usage of Server Side Controls in MVC Frame work -

-
i using asp.net 4.0 , mvc 2.0 web application. project requiremrnt have use server side control in application not possibl in noraml case. ideally want use adrotator control , datalist control. i saw few samples , references in codepleax mvc controllib howwver found less useful. can tell how utilize theese controls in asp.net application along mvc. note: please provide functionalities related adrotator , datalist controls not equivalent functionalities thanks in advace. mvc pages not use normal .net solution makes use of normal .net components impossible. a normal .net page use event driven solution call different methods service side mvc use actions , view completly different way handle things. also, mvc not use viewstate normal .net controlls require. found article discussing mixing of normal .net , mvc.
Read more

ios - Very simple iPhone App crashes on UILabel settext -

-
i have simple application. have button , label in ib. have ibaction onclick calls settext on label. there's outlet label. connected in ib. crashes app first time in simulator. when launch again, sets text. crashes again next time. crashes on actual device. should simple, i'm not sure i'm doing wrong. thanks. in .h file : #import <uikit/uikit.h> @interface untitledviewcontroller : uiviewcontroller { iboutlet uilabel *label; iboutlet uibutton *button; } @property (nonatomic, retain) uilabel *label; -(ibaction) onclick1: (id) sender; @end and in .m: - (ibaction) onclick1: (id) sender { //[label settext:@"hello world!"]; label.text = @"hello world!"; //[button settitle:@"clicked" forstate:uicontrolstatenormal]; } sorry, i'm new site. how crash log , stack? thanks. edit : while answer technically correct, doesn't answer question @ :( sorry < warning - guess > if you're...
Read more

mysql - Why there can be only one TIMESTAMP column with CURRENT_TIMESTAMP in DEFAULT clause? -

-
why there can 1 timestamp column current_timestamp in default or on update clause? create table `foo` ( `productid` int(10) unsigned not null, `addeddate` timestamp not null default current_timestamp, `updateddate` timestamp not null default current_timestamp on update current_timestamp ) engine=innodb; the error results: error code : 1293 incorrect table definition; there can 1 timestamp column current_timestamp in default or on update clause this limitation, due historical, code legacy reasons, has been lifted in recent versions of mysql: changes in mysql 5.6.5 (2012-04-10, milestone 8) previously, @ 1 timestamp column per table automatically initialized or updated current date , time. restriction has been lifted. timestamp column definition can have combination of default current_timestamp , on update current_timestamp clauses. in addition, these clauses can used datetime column definitions. more information, see automati...
Read more