In yesterday’s article, I shared with you a webserver written in Python that captures data being logged and transmitted from your vehicle’s computer using the Torque app for your cellphone. In that article, I mentioned that I would also be providing a PHP app that does the same thing. As promised, I now want to share that PHP code with you. If you haven’t read yesterday’s article, I would advise that you check it out first. In it, I introduce you to the Bluetooth Supper Mini OBD 2 / OBD II adapter which I use for reading the computer data from my truck and pass it back to my webserver for logging and future analytics. You can get the bluetooth adapter from Amazon for $20.00. That article also includes the instructions for configuring your webserver’s URL in the Torque app as well as what the Torque app is and does. Once you have finished reading that article, come back here where you can get the code for a PHP app that can be used for capturing and logging the data transmitted from the Torque app on your mobile device.
Recently, I finished reviewing a book that discusses how to generate passive income online. One of the topics touched on in that book mentioned that it is possible to generate extra income using WordPress and more specifically creating plugins for WordPress. Although the book didn’t go into the details about how to create plugins, it did state that it is extremely easy. So, being curious, I decided to find out for myself just how easy it is to create my own WordPress plugins. In the end, the author was correct. Creating your own WordPress plugins is extremely simple to do and now I want to take a few minutes to show you how to create your own WordPress plugins. Before continuing, it is advised that you know how to write PHP.
PHP is a server-side programming language, used for creating dynamic web applications. It was released in the year 1994. In the present world enormous numbers of websites are developed on PHP. PHP is usually written inside an HTML page, but with *.php extension.
Ruby was invented one year before PHP, i.e. in the year 1993, but it was officially launched in the year 2005. The main target behind this invention was to create a new language which is stronger than Perl and based on Object Oriented Programming even more than Python. But Ruby is not currently a standalone language; it is tied with Rail Framework.
One of my biggest pet peeves in life is having some non-techie ask me a question about how to do something the right way, then spend the next three hours justifying to me why they did it the wrong way and will continue doing it wrong. I’m not saying that I’m the best at what I do, but I am pretty good. At least, I’m better at programming than someone that has never written a line of code in their life. I don’t take my car to the mechanic and tell him how to fix it. I don’t go to the doctor and tell him how to do a surgery. No! Instead, I trust them and rely on them to do what it is that they have been trained to do.
Until about five years ago, one of the services that I provided as a contractor was network and web application security auditing. In fact, I even taught classes on how to protect your software and web applications for misuse and abuse. During a class I was teaching about PHP security & exploitation, I had a guy stand up during the middle of my speech and tell me that I didn’t know what I was talking about. He said that everything I talked about was bullshit and was not possible in the real world. More specifically, he said that my techniques could not be used against his company’s website.
So, to humor him, myself, and the rest of the people in the room, I asked if he would allow me to do a live evaluation of his website which he bravely agreed to. The first thing I asked was did he have an outward facing website? Meaning, did he have a website that could be accessed over the web? He said he did and gave me the URL to the site. So, I loaded up the page in my browser and almost pissed in my pants from laughing at all of the security vulnerabilities right there on the home page. One of the biggest and probably easiest vulnerabilities is what I’m going to share with you now.
I just finished reading an article over at phpclasses.org that talks about “the plot to kill the PHP MySQL Extension”. In that article, Manuel Lemos (the author) describes the call to have the MySQL extension removed entirely from future releases of PHP. If this happens, it won’t happen immediately. Instead, the extension will be deprecated for a while which will lead to warnings being written to your logs showing E_DEPRECATED notices. Then, at some point, method calls such as “mysql_connect” and “mysql_query” will no longer work at all.
Personally, I think this is a terrible idea. Built-in MySQL functionality is one of the things that drove me to PHP in the first place. Not to mention, I have hundreds if not thousands of websites I’ve created over the years that all rely on this extension. If the host providers for those sites upgrade PHP to a version that no longer supports this extension, I’m going to have a lot of pissed off customers. I’ve had it happen before where one day things are working perfectly and then the next day they’re not and it’s all because of an upgrade that went in overnight. However, this move could take those pains to an all new level.
Plus, think about all of the books that are out there right now that teach PHP with the MySQL extension. I have at least 10 books in my bookcase that teaches to use the MySQL extension. All of those books would also become obsolete.
Be sure to checkout the original article at http://www.phpclasses.org/blog/post/153-The-Plot-to-Kill-PHP-MySQL-Extension.html. Also, be sure to let us know in the comments below what you think about this move. If Facebook had a “dis-like” button, I’d be clicking it right now!