Note that this is completely unnecessary if you have root access.

Assuming you already have a shell account and you are ssh’d in, execute these commands to install your virtual python environment:

$ wget http://peak.telecommunity.com/dist/virtual-python.py 
$ python virtual-python.py

Those commands copy the Python binary to your /home/user/bin directory and sets up symbolic links to the system wide libraries. This means that the ~/bin/python executable will have access to the same libraries as the system Python but that any extra installed software will not affect the system wide Python install.

Next you should add the ~/bin directory to your PATH by adding this block to your .bash_profile:

 if [ -d ~/bin ] ; then     
    PATH=~/bin:"${PATH}" 
fi 

$ wget http://peak.telecommunity.com/dist/ez_setup.py 
$ python ez_setup.py 

Now you should be able to install whatever you want using easy_install. The first thing I did was install django-db-log using this command:
$ easy_install django-db-log

Most credit card numbers are validated using an algorithm called the “Luhn check”. This is a very simple algorithm that doubles the odd digits and does a sum to see if the number is divisible by 10. The credit card companies use a slightly different version that involves a check digit as the last digit. To generate a credit card number that will pass most validation software (as long as they don’t actually try to process the credit card) one only needs to follow these steps to make sure that the generated credit card is valid.

Choose 16 random numbers starting with a 3,4,5 or 6.
Starting with the first digit, double every other number.

If doubling a number results in a two digit number, add those digits together to produce a single digit number

Replace the odd digits with the new ones just created. You should now have 16 numbers consisting of all the new numbers and the original even numbers

Add up all sixteen numbers.

Manipulate the check digit so that the sum is divisible by 10.

Replace the last digit of the original random string with the new manipulated check digit.

Thats really all there is to it. Check out the source of my javascript credit card generator if you want to see how to generate and validate the credit card numbers.

The reason for starting with a 3,4,5, or 6 is that different card types start with different digit. The 3 is American Express, 4 is Visa, 5 is Master Card, 6 is a Discover Card.

Some companies use more digits to show that the card is from them. For example 5254 is a Master Card from the Bank of America and 4013 shows that it is a Visa card from Citibank. Also note that the expiry date has nothing at all to do with the card number.

There are two packages that you can install to get syntax highlighting to work in Vim: vim-full and vim-common. Because I didn’t have gnome installed vim-full was a very large download (like 50MB) and it errored out anyway. vim-common is definitely the way to go.

sudo apt-get install vim

During the development of a new site I was forced to create one of these evil entities. It was surprisingly simple and painless. The captcha that I outline here is very, very simple and should never be used in production without a fair amount of tweaking.

Having developed my site using php I naturally turned to the GD library.

Firstly I generated a random string to display on the captcha :

//generate a random alphanumeric string of a specific length
function gen_random_string($length) 
{
  $characters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWZYZ".
        "abcdefghijklmnopqrstuvwxyz";
  $real_string_length = strlen($characters) - 1;
  for($p=0;$p<$length;$p++)
  { $string .= $characters[mt_rand(0, $real_string_length)]; }
  return $string;
}

//add to session array so other scripts can access it for the comparison
$_SESSION['image_text']= gen_random_string(8);

//split into character array - str_split only works in PHP 5
$text_array = str_split($_SESSION['image_text']);

//create the image with a background image
$NewImage =imagecreatefrompng("bg1.png");
$cntr = 0;
foreach($text_array as $letter)
{
  //generate a random color for each letter
  $r = rand(0,200);
  $g = rand(0,200);
  $b = rand(0,200);
  $textcolor = imagecolorallocate($NewImage, $r, $g, $b);

  //random horizontal spacing
  $spacing = (rand(5,10)+($cntr*10));
  
  //add the character to the image
  imagestring($NewImage, 5, $spacing, rand(0,10), $letter, $textcolor);
  $cntr++;
}

//output the headers than the image as a PNG
header('Content-type: image/png');
header('Cache-Control: max-age=0');
header('Expires: '.gmdate('r',time()-3600*24*365));
header('Pragma:');
ImagePNG($NewImage);
imagedestroy($NewImage);

<img id='captcha' name='captcha' src="simple-captcha.php">

This captcha can be strengthened by using other GD image functions such as imagefilledellipse and imageline to create artifacts in the background. It also helps to use different fonts and to change the angle of the letters.

The most popular way to do this is to use a combination of gzinflate, base64_decodes, eval, and str_rot13. For most users this is really difficult to decode to figure out what is really going on. I wrote this function to hopefully make peoples lives easier (or harder, depending on who you are).
Usually the obfuscated code is written in the wordpress add-on like this :

$coded_string = "eval(gzinflate(base64_decode('FZfFDs..sdff/7nr/8B')));"

function decode_goofy_string($coded_string)
{
  while(preg_match("/eval\(gzinflate/",$coded_string)) 
  {
    $contents=preg_replace("/<\?|\?>/", "", $coded_string); 
    eval(preg_replace("/eval/", "\$coded_string=", $coded_string)); 
  }
  
  return trim($coded_string);
}

This function is pretty straight forward but if anyone has any troubles then leave a comment or send me an email at cody@codytaylor.org

Shortcodes seem to be gaining a fair amount of attention in the wordpress community and with good reason. The Shortcode API, which was new in wordpress 2.5, is a simple set of functions for creating macro codes for use in your posts. Shortcodes are written by providing a handler function and they accept parameters too. Here is a wordpress shortcode to generate a tinyURL for a post.

//Generate Tiny URLS For A Post 
function get_tiny_url($arguments)
{
  if(empty($arguments))
    $url = get_permalink($post->ID);
  else
    $url = urlencode($arguments['url']);
  if($url)
    {
      $tiny_url = 'http://tinyurl.com/api-create.php?url='.$url;
      $new_url = file_get_contents($tiny_url);
    }
    else
      $new_url = "Error";
    return $new_url;
}

add_shortcode('small_url', 'get_tiny_url');

[small_url]  // or
[small_url url='http://codytaylor.org']

Here’s a couple of short tips to avoid making your site lag for the user:

1. Unset your variables. This frees up a surprising amount of memory
2. Use memcache
3. Turn on apache’s mod_deflate
4. If your database is local then close your connections when you’re done with them
5. If your database is remote then use persistant connections
6. Don’t use functions inside of a for loop control expression unless absolutely necessary. Example :
   

   
   for($i=0;$i<some_big_calculation(20);$i++)
   

   
   The some_big_calculation function will be called every iteration.
7. Use string concatenation instead of embedding variables in strings.
   

   
   $some_string = "asdf $asdf2 asdf"; //bad
   $some_string = 'asdf '.$asdf2.' asdf'; //good
   

8. When including files, use at least a relative path so PHP doesn’t have to look in the entire path.
   
9. Try not to use include_once or require_once. They are more expensive and it really isn’t that hard to only include files once
10. Not everything needs to be an object. There is a fair amount of overhead when doing everything OOP.
11. Use output buffering to make everything seem faster.

Hopefully I didn’t miss any of the big ones.

The easiest way to update your Twitter account is to just call curl from the command line with this command.

curl --basic --user "codytaylor1234:mypassword" --data-ascii 
"status=This Twitter update brought to you by curl on the command line" 
"http://twitter.com/statuses/update.json"

<?php
$username = 'codytaylor1234';
$password = 'mypassword';

$update = 'This Twitter update is from a php script using curl';

$url = 'http://twitter.com/statuses/update.json';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$url");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "status=".$update);
curl_setopt($ch, CURLOPT_USERPWD, $username.":".$password);
$result = curl_exec($ch);
curl_close($ch);

if($result)
    echo 'success';

?>;

Since a cross-domain request in Javascript isn’t really an option we have to create a proxy using PHP in order to authenticate the user on the Twitter API. If anyone knows an easy way authenticate a Twitter user using only javascript I’d love to hear it. Anyway if we replace a small amount of code in the above example and put it in a file then we can use a simple ajax request to update our Twitter status. So the new PHP file would be:

<?php
$username = $_POST['username'];
$password = $_POST['password'];

$update = $_POST['update'];

$url = 'http://twitter.com/statuses/update.json';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$url");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "status=".$update);
curl_setopt($ch, CURLOPT_USERPWD, $username.":".$password);
$result = curl_exec($ch);
curl_close($ch);

?>

For this example I called that php file ‘twitter-update.php’. Now that we have our simple proxy we can update our twitter status with a simple html form and a little ajax. I used the prototype framework for my javascript.

<script src="includes/prototype.js" type="text/javascript">
<script type='text/javascript'>
function update_twitter()
{
  var param_string = "username="+$('username').value+"&password="+
        $('password').value+"&update="+$('update').value;
  alert(param_string);
  var options = {
    method: "post",
    parameters: param_string,
    onSuccess: function (xhr, Json) {
      alert("Response received successfully.");
    },
    onFailure: function (xhr, Json) {
      alert("Request was unsuccessful.");
    }
  };
  
  var oRequest = new Ajax.Request("twitter-update.php", options);
}

</script>

Obviously this is for example purposes only and if you’re actually using it for production then you should edit it a lot. Now for the last little bit here’s the simple html form that starts it all.

User Name : <input type='text' id='username' value='codytaylor1234'><br>
Password  : <input type='password' id='password' value='mypassword'><br>
New Status : <input type='text' id='update' 
value='Twitter Update from html/javascript/php'><br>
<input type='button' value="Update Twitter" onclick='update_twitter();'>

Most of the time we don’t really have to think about types in php. But if you’re dealing with this kind of thing then you usually want to know what you’re working with. This php function example will only work with integers and will return a value of -1 if the first parameter is not a number. The function returns 1 if the number of bits set in the number pased in is odd. Otherwise it will return 0. The second parameter defaults to 4 because that is the number of bytes in a normal php integer. In php if a number becomes larger than an integer can handle, which is called an overflow, it becomes a float. The default integer size is platform dependant but it’s usually 4 bytes. It can be set using the constant PHP_INT_SIZE if you need to change it.

<?php

function odd_parity($something,$number_of_bytes_to_check=4,$double_check=0)
{
    //test to make sure it's a number
    if(!is_numeric($something)) {return -1;}  

    $setbits = 0;

    //get the number of bits that are set
    for($i=0;$i<$number_of_bytes_to_check*8;$i++)
    {
        if($something & (1<<$i)) $setbits++;
    }

    //check if the number of bits set is even or odd   
    $result =  $setbits % 2;
   
    //spit out the results to double check it's working 
    if($double_check)
    echo   "<br>Parity of : ".$something." is ".
    $result." In Binary : ".decbin((int)$something).
    " Checking the right ".($number_of_bytes_to_check*8).
    " Bits";

    return $result;
}

//will return 0 because it's defaulting to 4 bytes
echo odd_parity(0x0100010001);  

?>

I’ve just started using the tiny url service and so far it’s been useful. On one of my sites I wanted to generate a tiny url for each of my pages to make them quicker to type in and also so people don’t know what get variables I’ve set until they get there. Here is the PHP function that I used to generate a tiny url for every page on the site.

There doesn’t seem to be any documentation at all on the Tiny URL website about this so I’m not sure if it’ll change in the future.
This function passes your desired url to the api-create.php script on the tinyurl domain which returns a nice short url that isn’t a pain to put into your iphone.

function get_tiny_url($url)
{
  $new_url = file_get_contents('http://tinyurl.com/api-create.php?url='.$url);
  return $new_url;
}

$tiny_url = get_tiny_url("http://codytaylor.org");