It’s hard not to be fascinated by computers. They’re overwhelmingly powerful. It’s humbling knowing that if I can conjure up some ridiculous idea in my head, I can probably turn it into a computer program. There aren’t many professions out there that give you such freedom. In fact, most professions require an enormous amount of man-power, machinery, and/or cashflow in order to turn an idea into reality.

Engineering happens to be one such profession. Most engineers don’t have the means to create their very own Trump Tower or even a car for that matter. There is generally too much overhead for creating all of the required parts to make a functional object beyond your average tinker toy. Sure you can get a grant or build a small scale prototype to try and lure in some investors, but that’s not enough to satisfy me.

In programming, my building blocks are merely 1s and 0s.

Surgeons and doctors get to do some interesting work, but their hands on research is in the office. Sure they’ve got clinical studies and trials, but they can’t just test out a theory by grabbing some pedestrian off the street. That would be both inhumane and illegal. If I want a new patient in programming, I just open up another project. It’s for that reason that programming is unique. It doesn’t set such rigid boundaries as to what I can create. All I need is a computer, a text editor, and a compiler. Any single one of you could be the next Linus Torvalds, Donald Knuth, or Edsger Dijkstra.

There’s nothing stopping you from creating the next big thing. Just look at all the software and websites out there… they all started with a guy, a vision, and some programming skills. These people are not all geniouses, so there is no need to get discouraged. Just look at the recent RockYou Password Breach where they were storing passwords in plaintext. This kind of shit happens everyday, yet sites like these are still a big deal. I’ll leave that for another article regarding the stupidity of the lower echelon of programmers out there. Just kidding. But seriously, don’t store passwords in plaintext.

The point is, you’ve got all of the tools necessary at your disposal. Programming allows you to be as creative as like, giving you the ability to create tools that millions of people might find useful from the comfort of your own home.

You are Picaso, the keyboard is your brush, and the screen is your canvas.

You can do amazing things in programming. It’s a nice thing to give back to humanity; to leave your mark. Programming allows you to do this and much much more. You can solve an infinitesimal number of problems and there is almost always more than one solution. If you value your creativity, programming might just be for you.

Many, if not all, of you have had to deal with creating a secure site login at some point in time. Although there are numerous articles written on the subject it is painstakingly difficult to find useful information from a single source. For this reason I will be discussing various techniques I have used or come across in the past for increasing session security to hinder both session hijacking and brute force password cracking using Rainbow tables or online tools such as GData. I use the word hinder due to the fact no foolproof methods exist for preventing session hijacking or brute force cracking, merely increasing degrees of difficulty. Choose a method wisely based on your site’s current or anticipated traffic, security concerns, and intended site usage. The following examples have been coded using PHP and MySQL. I more than willingly accept comments, suggestions, critiques, and code samples from readers like you as they benefit the community on the whole. more »

There are perhaps hundreds if not thousands of articles on obtaining your visitor’s IP address. The majority if these entries will refer to a small subset of global $_SERVER variables (HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP, and REMOTE_ADDR). Although both fast and simple solutions utilizing nested ternary operations exist, they are generally prone to a fairly large bug. The HTTP_X_FORWARDED_FOR server directive may contain a comma delimited list of IP addresses based upon several proxy hops prior to the client request packet reaching it’s destination.

After scouring the web I came across two sites demonstrating what appears to be the most accurate IP retrieval method I have come across. I found a number of inefficiencies in the two functions so I’m going to provide you with my optimized version. more »

I wanted to share a very quick snippet of code I conjured up to demonstrate the use of Kohana’s validation library to verify the proper size of an uploaded image submitted from form input. The height and width class vars specify the height/width or max height/max width of the image in pixels depending on the boolean value of EXACT_SIZE. If EXACT_SIZE is false, we assume that both the height and width of the uploaded image must be less than or equal to the two constant sizes. more »

The MySQL 5.0 reference manual has very specific guidelines as to how auto incrementing is handled within the InnoDB storage engine. This can cause problems for individuals who have improperly created their tables. Perhaps you have made the following mistake and didn’t catch the error. I’ll demonstrate a simple way to create a table utilizing a composite key which will effectively trigger ON DUPLICATE KEY UPDATE on an INSERT statement. more »