Some chick called “Safire” has republished my Safe Dynamic Includes snippet on her tutorial site. (Fingers in mouth gagging here; I thought people had stopped creating these lame tutorial sites.) Alongside the code is the advice that, in normal dynamic includes “it’s just the x= that makes it unsafe
“, and swapping this letter for a ‘z’ makes it all okay again.
Incidentally, this random swapping of letter renders file_exists as “file_ezists” which isn’t going to work.
Anyway, the funny thing is the idea that without any other protection (although of course my code already has it), simply swapping the letter will protect you against hacking and other malicious acts.
Oh, if only all of developing were so easy.
19 Nov at 10:09 pm
“file_ezists” – mocking me :o
19 Nov at 10:27 pm
Gah…not another one. When will these kind of tutorial sites die?
19 Nov at 10:39 pm
Oh yes, the letter x is very dangerous. *nod* x is the unknown, and the unknown is dangerous! muahaha… If we can change it to any letter, can I change it to R? I think R is a cool letter. But is it safe? O_O
19 Nov at 10:50 pm
I am in awe at such blatant incomprehension of the $_GET superglobal. Don’t give fucking PHP tutorials if you don’t understand *that*. @Rachael: j is the safest letter in dah world.
19 Nov at 11:00 pm
Psh. Everyone knows x is unsafe. DUH To make the tutorial safe again, you have to remove ALL the Xs. Don’t replace them! They’re bad! In fact, while you’re at it, remove every other letter as well, all letters are unsafe. Once you have done that, your site will be supah safe! (I kid. Obviously. But seriously, when she says “this is insecure but I don’t know why” or whatever, it really gives you the utmost trust in what she’s “teaching” you. *Eyeroll*)
19 Nov at 11:02 pm
The letter X will kill you in your sleep! Where did she get that idea?
19 Nov at 11:30 pm
Urgh her text in the header is soo tiny! I cannot even read it!! How do you know when people have stole your stuff, i.e how do you find it? Do you google lines of your own content, or was this random: did someone just stumble on it accidently??
20 Nov at 12:14 am
That is a truly impressive lack of logic she’s got going on there.
20 Nov at 12:26 am
I never liked X’s, they always seemed like they were hiding something.
20 Nov at 1:06 am
Hmm, this day is just getting better. It may be Monday, but I had cake for lunch, no homework, and now this… the only downer is that math test. Oh well, this makes that seem nonexistent.
20 Nov at 1:17 am
If that doesn’t scream wanna be PHP tutorial master person thing, I don’t know what does. If you are that stupid to copy the whole code and then find/replace ALL the x’s, then you shouldn’t be allowed to copy anything if you do xD
20 Nov at 1:41 am
3 words for her: What a twat
20 Nov at 2:17 am
@Vasilli – pss someone else made that xD change the x to comething lk qD HAHA
20 Nov at 6:21 am
Oh no, Jem, she took it down! :D
20 Nov at 7:40 am
I don’t really mind about most teenybopper websites with their illegible font, etc. it’s just when these people try to give stupid advice to others that I say, ‘Oh God, WHY?’
20 Nov at 7:53 am
“Each of these tutorials took time to make.” Oh really? I thought ‘taking time to make a tutorial’ involves actually writing out the tutorial yourself and making sure you fully understand what you’re writing? o_O Oh, and she took the tutorial down already. :P
20 Nov at 9:14 am
More often than not, people e-mail. That was the case this time.
20 Nov at 10:52 am
I never liked X’s anyway, it’s all A,B and C’s for me. *rolls eyes*
20 Nov at 11:52 am
I’m literally tearing up now. Please, no more. I’m going to die of laughter.
20 Nov at 3:24 pm
I say fuck all letters and numbers, and start replacing variables with hearts and stars! is there an ascii code for ponies? THAT’S WHAT I’M GOING TO USE!
20 Nov at 3:28 pm
It’s nice to know she took it down… upsetting she even done this in the first place. Anyway I have never commented on your site before, I was kind of afraid to leave my website because I might get a “pants” award, lol. Anyway hopefully people will stop doing that! Best of luck!
20 Nov at 3:54 pm
@Melissa: I’m not too keen on glitters personally, but your site is not even close (in terms of “badness”) to some I’ve seen. :) That said, I’d recommend you ditch Waks Ask & Answer, it’s awfully insecure.
20 Nov at 6:41 pm
At least your site is readable melissa! lol
21 Nov at 1:48 am
Thanks for replying Jem and Carly! Not to inappropriately spam the comments… but I’m so used to Waks Ask & Answer, I just continue to use it :( Oh and about the font size, I know! I’m trying my hardest to make everything sort of “accessible” if that’s the correct word! Off to read your new blog now :)
21 Nov at 11:40 pm
@ Melissa Using a script that is insecure is just ignorant, no matter if you like it better than another script or not.
22 Nov at 1:42 am
@ melissa… you’re leaving yourself open to hacking. I’ve seen lots of blogs hacked when people haven’t updated their wordpress to the latest version… mooch around this site and there’s a list of alternatives Jem recommends. And yes, accessable is the right word!
20 Dec at 11:32 am
strangely, i don’t think she meant it X= My mother says “Everyone makes a mistake.” But, I’m still figuring out if she has read the Disclaimer page of yours. X) Lame tutorial sites? Sorry for being a n00b, but did you mean tutorial sites that steal other people tutorials? X=