Code archive at forgedeuphoria.com

Archive for the 'Code' Category

Uncloaking TinyURL

Friday, October 12th, 2007
By Aeriff 11 months ago 1 Comment

Categories: Code

Welcome to another PHP tutorial from ForgedEuphoria. This time around we’ll be looking at how to use PHP to input a TinyURL and display the real page’s URL, thus ‘uncloaking’ the link. Let’s get into it!

Here’s the full code for our function:

<?php
function reverseTinyURL($url){
    $url = explode('.com/', $url);
    $url = 'http://preview.tinyurl.com/'.$url[1];
    $preview = file_get_contents($url);
    preg_match('/redirecturl" href="(.*)">/', $preview, $matches);
    return $matches[1];
}
?>

Download this code: revTinyURL.phps

Let’s break it down..

The first line of code declares that it is a function, ‘reverseTinyURL’.

function reverseTinyURL($url){

Next our function splits the URL, starting with .com. Next it gets the source of TinyURL preview page, which is where we will find our uncloaked URL.

$url = explode('.com/', $url); $url = 'http://preview.tinyurl.com/'.$url[1]; $preview = file_get_contents($url);

Finally it uses the PHP preg_match function to find the line of HTML where our link is hidden and then returns it as a URL.

preg_match('/redirecturl" href="(.*)">/', $preview, $matches); return $matches[1]; }

If you want to know how to use the function, see below.

<? reverseTinyURL('http://tinyurl.com/2frj9u'); // returns http://www.forgedeuphoria.com/blog/ ?>

Download this code: revTinyURL-example.phps

Pretty neat, eh?

Questions, comments, something unclear? Leave a comment.

If you liked this post, buy me a coffee!

Generating Random Passwords in PHP

Wednesday, June 20th, 2007
By Aeriff 1 year, 2 months ago 0 Comments

Categories: Code

So here is my first coding article for this site and I thought I’d start with something simple: generating random passwords using PHP.

Generation of random passwords is very practical in many situations, for example generating forum activation codes, but it doesn’t stop there. There are virtually thousands of uses for a script like this.

The script becomes more versatile and scalable if it is written in the form of a function, so that is exactly what I will do. This function will hopefully work anywhere.

The basic idea behind this random password is that it will give a different password every time it is called. This can only be done by using the time as what the password is generated off to make each code truly unique. So we will start of by defining a PHP function which will generate this password for us. There will be one input from the user: the length of the password. When the function is called, it will return a random password of alphanumeric characters ranging from 0-32 depending on the length given.

Here is the complete function:

<?php
function randomPassword($length){
 
  $pass = md5(time());
  $pass = substr($pass, 0, $length);
  return $pass;
}
?>

Download this code: genrandpw.phps

The above function is pretty straightforward. The first line defines a function called randomPassword which takes a parameter ‘length’. The next line uses the built-in PHP function MD5(). MD5 function returns the hash of the input given. Here we give MD5 the time as an input. The time() function returns the timestamp. Remember that the timestamp will always be different because the date is always changing (here date includes time and seconds). So basically when we give the MD5 function the latest timestamp, it generates the hash for that specific instant, which is also always different because of the ever changing time.

Next we substr the password returned. Substr is used for returning some specific length of a given string. For example, the substr used here will return the initial string of the password of the length that the user will give.

The last line of code returns the password randomly generated.

The code can be used in such a way as shown in the examples below:

<?php
echo randomPassword(15);
 
// Or you could use the below and call the string via the $password variable.
 
$password = randomPassword(15);
echo $password;
?>

Download this code: genrandpw-examples.phps

The above code will return something like 1n48a6fb3m9f6c8

I hope you enjoyed the first code article on this blog, which should be the sign of more articles to come.

Tips, questions or just plain baffled by my code? Leave a comment.

If you liked this post, buy me a coffee!

Vulnerability Found in Redoable Wordpress Theme

Saturday, May 19th, 2007
By Aeriff 1 year, 3 months ago 0 Comments

Categories: Code and Wordpress

An XSS vulnerability has been discovered in the popular Redoable theme (version 1.2) by Dean Robinson (which this blog happens to be running). A proof of concept and a temporary patch have been released by the finder of the flaw over in this post at redlevel.org. It is advised that you update as soon as possible.

I have patched my theme so for all you script kiddies out there, it simply means Go away and find someone else’s blog to exploit.

If you liked this post, buy me a coffee!

Twitter and Blobsy

Saturday, March 10th, 2007
By Aeriff 1 year, 6 months ago 1 Comment

Categories: Code

Well recently I’ve joined the Twitter crew (check out my profile here). I’ve also been messing with the Blobsy code. Blobsy is an open source framework for an MSN bot. It simply is a script written in PHP that can run from a shell and waits for your command. Of course you have to delve into the more complicated things like Switchboard and Notification Server things but it’s all fairly easy once you get the hang of it like everything else is. I have coded a simple 5 or so lines of PHP that will allow me to post to Twitter using my Blobsy bot. It uses cURL and simple posts to Twitter and either gives me a success message or an error message (don’t you hate those?). Drop me a comment if you want the source code.

If you liked this post, buy me a coffee!