Category Archives: Web

[SOLVED] “417 – Expectation Failed” in PHP curl while submitting multi-part forms

I am using PHP Curl extension for a project which requires uploading file to a server I had no control over. However, I was getting HTTP Status 417 with error message Expectation Failed. I don’t know what this is supposed to do and why curl sends it, so I tried removing it by overriding it with the following code:

curl_setopt($curl,CURLOPT_HTTPHEADER,array("Expect:  "));

It worked and the file uploaded successfully.

Hope this helps.

[SOLVED] Selenium server not working in Netbeans 6.9.1

I am using Fedora Core 14 and have installed Selenium Module for PHP. I was not able to run PHPUnit tests on Yii Framework. I tried running Selenium server 1.0.1 and upgrade to 1.0.3 solved the problem.

I downloaded the Selenium Remote Control from here and extract the file selenium-server.jar, renamed it to selenium-server-1.0.1.jar and placed it in /home/myusername/.netbeans/6.9/modules/ext/selenium overwriting the old jar. Then I restarted Netbeans. Now, testing works.

Hope this helps.

PHP Error while running newly created Yii Application

If you are using PHP 5.3 and have created a new Yii! Framework 1.1 application, you will get the following error:

date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Your/Timezone' for 'Timezone Info' instead 

To get around this, just open up index.php of your application and in the first line, add the following:

date_default_timezone_set('Timezone/String');

You should replace the ‘Timezone/String’ with your timezone information. Since my timezone is Asia/Kathmandu, I used:

date_default_timezone_set('Asia/Kathmandu');

Hope this helps.

[HOWTO] Enable cross-domain upload with uploadify jQuery plugin

I have used uploadify v2.1.4 in one of my client’s website. According to the requirements, a form in a website had to submit data to another website. The form also contained file uploads for which uploadify was being used. But uploadify does not support uploading from another site as it uses relative url. Also, flash does not support sending/receiving data to/from another site by default for security reasons.

The solution to the second problem is easy. All that needs to be done is placing a crossdomain.xml file in the root of the server where file is to be uploaded with allowed list of sites that can send/receive data from that site using flash. Here is an example of crossdomain.xml file which allows all the sites:







To solve the second server however, the core uploadify file must be edited. For version 2.1.4, the file is jquery.uploadify.v2.1.4.js. Search for “pathName” (without quotes) and find the following block of codes:

				var pagePath = location.pathname;
				pagePath = pagePath.split('/');
				pagePath.pop();
				pagePath = pagePath.join('/') + '/';
				var data = {};
				data.uploadifyID = settings.id;
				data.pagepath = pagePath;

Replace that with:

//				var pagePath = location.pathname;
//				pagePath = pagePath.split('/');
//				pagePath.pop();
//				pagePath = pagePath.join('/') + '/';
				var data = {};
				data.uploadifyID = settings.id;
				data.pagepath = "http://yourwebsite.here/path/to/folder/above/uploadify/folder";

In the above code, replace “http://yourwebsite.here/path/to/folder/above/uploadify/folder” with full URL of your site where you have uploadify folder. For instance, if you have an application in http://www.yoursite.com/myapp and uploadify directory inside myapp, i.e. http://www.yoursite.com/myapp/uploadify, you should enter pagepath value as: “http://www.yoursite.com/myapp”. Also, make sure you include this edited javascript in the main page instead of the “min” version. Then, use the uploadify swf in uploadify directory in the new server.

Hope this helps.

[HOWTO] Configure Netbeans 6.9 to debug PHP files using xdebug in Fedora 14

I am using Netbeans 6.9 on Fedora 14 for Web development. I have enabled PHP debugging for making PHP development easier. Here is how you can do it too.

Install and enable xdebug

Use yum to install php-pecl-xdebug:

sudo yum install php-pecl-xdebug

Now, open the file /etc/php.d/xdebug.ini in a text editor as root. I use nano:

sudo nano /etc/php.d/xdebug.ini 

Now , make sure the following options are set enabled in ini:

; Enable xdebug extension module
zend_extension=/usr/lib/php/modules/xdebug.so
xdebug.remote_enable=on
xdebug.remote_handler=dbgp
xdebug.remote_host=localhost
xdebug.remote_port=9000

Allow port for xdebug

sudo semanage port -a -t http_port_t -p tcp 9000 

Restart Apache:

sudo service httpd restart

Configure Netbeans to use PHP debugger

Now, open up the file /usr/share/netbeans/6.9/etc/netbeans.conf in a text editor and add the text “-J-Dorg.netbeans.modules.php.dbgp.level=400” in netbeans_default_options so that the line looks somewhat like this:

netbeans_default_options="-J-client -J-Xss2m -J-Xms32m -J-XX:PermSize=32m -J-XX:MaxPermSize=200m -J-Dapple.laf.useScreenMenuBar=true -J-Dsun.java2d.noddraw=true -J-Dorg.netbeans.modules.php.dbgp.level=400"

Restart netbeans and given that you have configured the project directories properly, you should be able to click on the debug button and start debugging PHP file.

[SOLVED] PHP Fatal error: Call to undefined method Zend_Http_Client::setRawDataStream() in /path/Zend/Gdata/App.php on line X

I am trying to use Zend Gdata Library for uploading videos to YouTube. I was trying to test the example provided, but got into a problem running the example. Here was the error:

PHP Fatal error: Call to undefined method Zend_Http_Client::setRawDataStream() in /usr/share/php/Zend/Gdata/App.php on line 661

It was because I had missed the part where I should have sent a Zend_Gdata_HttpClient() object while initializing Zend_Gdata_YouTube() object.

So, here is how I created Zend_Gdata_HttpClient() object and passed it to Zend_Gdata_YouTube() constructor. Also, video upload requires developer key which you can get from Google and username/password.

		require_once('Zend/Loader.php'); // the Zend dir must be in your include_path

		$authenticationURL= 'https://www.google.com/accounts/ClientLogin';
		Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
		$httpclient = Zend_Gdata_ClientLogin::getHttpClient(
			              $username = $user,
			              $password = $pass,
			              $service = 'youtube',
			              $client = null,
			              $source = 'An App Name', // a short string identifying your application
			              $loginToken = null,
			              $loginCaptcha = null,
			              $authenticationURL
			           );

		Zend_Loader::loadClass('Zend_Gdata_YouTube');
		$yt = new Zend_Gdata_YouTube($httpclient,"An App Name","Version something or some desc","API-KEY");

Hope this helps.

[HOWTO] Increase your ibibo TeenPatti Cash by stealing/hacking from others

Ibibo Teen patti is a widely played online card game. It is flash game available as Facebook application. It can also be played directly from ibibo.com.

Me and my friends have found a vulnerability which allows stealing from any player online. In this post, I will describe how to steal ibibo cash from Facebook users only. Stealing from ibibo.com players is also basically same, however in this post I will focus on stealing from Facebook users only. Read along for how to.

Disclaimer: Using the information in this page to steal ibibo cash from others may not be compliant with ibibo’s terms of service. This article is for educational purposes only. The author will not be responsible for anything you do with the information in this page.
Note: This hack works perfectly at the time of writing this. However, it may be fixed in the later version of ibibo Teen Patti.

Tools

Firefox with Firebug addon.
Note to Firefox 4 users: As of now, stable version of Firebug is not compatible with Firefox 4. Please see Howto install Firebug in Firefox 4.

Other Requirements

You need at least 3 players to play. You can login as 3 users yourself in the same computer (using multiple browsers or multiple browser profiles) or you can use help from 1 or two friends, but do note that you need a total of 3 accounts logged into Facebook at the same time. You also need a link to Facebook profile page (only the profile page URL, eg: http://www.facebook.com/user.name, not the login credentials) of a user who has a lot of ibibo cash. It can be your friends or anyone who has a lot of cash. Lets call the three users A, B and U (you) and the victim (whose cash you want to steal) as V for simplicity. It is also better to have the friends online (preferably voice chatting) or in the same room so that you can discuss your moves.

Precautions

This will not work properly if V is playing ibibo at the same time. Try to make sure that V is not online (if possible). Otherwise the process will most likely be interrupted.
Also, note that in this tutorial, U will be making your friends A and B rich with V’s money. Later you can switch roles and ask them to follow this tutorial to make U rich.

Setup

Login to Facebook and connect to ibibo Teen Patti application. Make sure A, B and U are in the same server. Choose a room with the least number of people with lots of empty tables and join the same room. Don’t join any tables yet.

Getting access to V’s money

The idea here is that U get access to V’s money, play with your friends B and C and make them win.
Step 1:
To do that, you will need to open V’s Facebook Profile Page. In the profile page, Click on View>Page Source (or press Ctrl+U) and search for “user:” (without quotes) and you will find something like this:

Env={user:9999999999,locale:

Copy the number next to “user:” (9999999999 in the above example) and close the profile page.
Step 2:
Go to the page where you have opened Teen Patti Facebook Application and click on the Firebug icon (in the status bar of Firefox), and then the Firebug window will come up. Click on the arrow on top (inspect) and then click on the playing area of ibibo teenpatti. In the Firebug window, you should be able to see username= field. Edit it to replace it with V’s profile ID (eg. 9999999999) you copied earlier. Then, find ../TeenPatti/TeenPattiLoaderX-Y.swf in the same embed code. Add a questionmark at the end of the swf followed by anything you like (so that it looks like ../TeenPatti/TeenPattiLoader1-0.swf?anything_you_like or just ../TeenPatti/TeenPattiLoader1-0.swf?) and press enter.

If you are confused, watch this video to see this step in action.

Once you have done this, the game will reload. After reload, you will be logged in to the application as the victim V and have access to V’s money.

Play and Lose

Now, join an empty room and start a game. Increase the bid as much as you can and always pack or go “Back to Lobby”. Give away as much money as A and B want.

Additional Tips

# Communicate all along the process so that everything goes good.
# Join new empty room each time so that you can skip the 15 seconds wait.
# Ask your friends to play blind and double each time they play, and U double too, so that V loses more than s/he normally would.
# If your friends A for example, runs out of money, U and B simply click “Back to Lobby” and A will still win.
# Watch out for intruders. If there is someone else in the room already, don’t join.

When A and B are done, Suggest A or B to follow the same thing as U did so that you can win next time.

Best of Luck.

Special Thanks To

fr3ak, [A]bu

[HOWTO] Make disqus comments do-follow in WordPress

I am using Disqus Comment System v2.61 and it shows comments as nofollow. This is a concern for several WordPress users as their commentators may not be interested to comment if they get no link love via comment url. The disqus comments are later generated by Javascript but it also contains the basic comments for browsers without Javascript. While I have not yet figured out how the Javascript later inserts “nofollow” attribute later when regenerating the comments with Javascript, I have figured out how to remove the ‘rel=”nofollow”‘ from the link of the basic page, which should work for search engine robots. In the version of Disqus Comment System I am using, the comment_author_url() seems to not work. So, I replaced it with get_comment_author_url() and it seems to work. Following is the new comments.php which shows the links as do-follow.

Disqus Debug thread_id: ".get_post_meta($post->ID, 'dsq_thread_id', true)."

"; } ?>
blog comments powered by Disqus

You can replace your current comments.php with this file and have do-follow links for your blog readers. I have implemented it on this blog. Comment here and check the page source of my website to see a dofollow link to your website.

[HOWTO] Install Greasemonkey Firefox Addon in Firefox 4

I have installed Firefox 4 in my Debian Testing installation from Launchpad PPA. It is quite stable and I have decided to use it instead of Firefox 3. Most of the addons I used is compatible with Firefox 4 by now. However, the version of Greasemonkey available in Mozilla Firefox Addons Site is not compatible with Mozilla Firefox v4 latest build. To install the latest nightly build of Greasemonkey, I went to Greasemonkey Nightly Download and installed it. However Greasefire is not available, we can install userscripts directly from Userscripts website for now.