I recently switched to MacVIM for all my development, and somewhere along the way I found a neat snippet to allow looking up the php.net page for a function without ever leaving vim. This seemed a very useful feature to me, since I sometimes tend to forget in what order I need to place my arguments for a function. Even though the code didn’t work right out of the box as it should, I managed to get it working anyway.
First of all make sure you have installed port, afterwards install the lynx browser by doing a port install lynx.
To finish off add the following code to your ~/.vimrc file and of you go!
function! OpenPhpFunction (keyword) let proc_keyword = substitute(a:keyword , '_', '-', 'g') exe '5 split' exe 'enew' exe 'set buftype=nofile' exe 'silent r!lynx -dump http://www.php.net/manual/en/print/function.'.proc_keyword.'.php' exe 'norm gg' exe 'call search ("Description")' exe 'norm jdgg' exe 'call search("User Contributed Notes")' exe 'norm dGgg' exe 'norm V' endfunction au FileType php noremap K :call OpenPhpFunction(expand('<cword>'))<CR>
When typing a php function and you are wondering about the syntax hit ⇧ Shift + k and MacVIM will display the php man page above your current file!
You might not realize it right away, or learn this the hard way, but your data is never secure. Even if you are using a password to login to your mac or computer.
Just do the simple test yourself, take out the hard drive from your computer, mount it to any other pc and most likely you’ll be able to read most of the content on it right away. Even worse, if you do some digging on the Internet you’ll probably find out about methods to retrieve passwords, account details and stuff like that. I’m not going to cover how to do it, you can just look most of this up on google.
1. Account Password
Without a doubt you need to setup an account password, and make sure whenever you leave your pc it locks. This way if you ever leave your laptop unprotected (which you shouldn’t ever do, but it happens) you don’t invite others to mess around with your system.
2. Drive Encryption
While some people would discourage it, you should setup drive encryption. If your machine get’s stolen, you’re at least making it not too easy for the thief to get access to all your files.
On mac there is FileVault2, windows offers BitLocker.
3. E-mail passwords
In case you are using an email address provided by your internet provider, switch to gmail right now! You’ll not always stay with the same internet provider. And the security option they offer pretty much suck compared to the two-factor authentication google offers. Don’t forget, if your primary email account get’s hacked, all the accounts linked to this email-address can be hacked too using the common “password forget” feature.
4. Secondary email address
In case you do loose access to your primary email account, make sure you can get back in by providing a second recover-email address, recover questions or whatever they offer. Ideal would be an email account you still use on a daily base so you’ll notice when that gets compromised, but you don’t use for important stuff. For instance an Live account which you daily use to login to MSN.
5. Use a password manager
By using a (good) password manager you’ll be less lazy to use real random and different passwords for all those sites you signed-up for. And if you pick right, there won’t be a lot of passwords you have to remember anymore. Be sure to pick on that offers backup’in and use a strong encryption key!
This post isn’t dedicated to backup-habits or how to backup properly, but do keep in mind if you use drive encryption and strong passwords etc, if your drive fails it might be impossible to retrieve the data without backups. Or if your laptop get’s stolen, wouldn’t it be swell to just migrate the backup to your new one, and continue working where you left of without having to worry about changing all important passwords first because the’re out in the open.
7. Change passwords now and than
I’m not sure changing passwords every week will make you more secure, but it can’t hurt to change them once in while…
8. Write down passwords and recovery keys
Yes, that’s right, it almost seems stupid. But what if you loose all? I for instance have all my passwords and key-phrases (for FileVault recovery eg) printed out, and the’re hidden in my room in a safe place. You could tape them to the backside of your closet.
firecat: Hmm, just wondered if using Windows, IIS, Mysql, and PHP would be called a WiMP platform QDB#445431
We store data in databases (MySQL for instance) and give every row an unique ID; the primary key. There is nothing wrong with this, and it works like a charm. But in my opinion users shouldn’t be confronted with these id’s.
First off all in 90% (and I’m making this number up) of the cases it would be better to display text that links back to the id.
Because it provides better readability, displays a part of the content of the page in the url and just makes sense.
In other cases it’s impossible to provide text matching the content.
- example.com/friendship/1218206961/1039453650 (facebook-id)
PHP’s uniqid or rand
It’s possible to generate an unique hash, check if it already exists in the database, and use that as identifier for users.
But this approach creates overhead. You need to keep generating unique hashes as long as the generated id is present in the database. You need to store the hash in the database and retrieve the matching id from the database.
base_convert(id, 10, 36)
This is slightly better, but still guessable. Also this doesn’t solve the problem of storing multiple id’s in a hash, unless you use a separator like: example.com/9E5H04/Pa303.
Also imagine the user copy/pasted the hash from somewhere. Your App/site will return an error and the user will leave. If you on the other hand could detect the user copy/pasted only a part of the hash… you can warn your user about an incomplete hash due to bad copy/paste practice.
Code an id_to_hash() function
Now we’re talking! This is without doubt the way to go, even though you’ll want to use the base_convert function but you can use a code function for that such as Paul Gregg did.
I made a function that is capable to convert two id’s into a hash. Decoding the hash to return the two id’s. Check if the hash is faulty (when the user copy/pasted the hash but left out a part).
example.com/16G8SMMfkc01T or example.com/16G8SMMfkc
(The second hash doesn’t contain a parity digit to check for faulty hashes.)
Good uses for this
Imagine you’ve got two tables: Users and Posts. Both tables have a column with an unique id such as UserID and PostID.
You could easily return a hash (for a shorturl) the user can copy/paste on twitter/forums/etc; and recover the PostID and UserID from this hash. This allows other features such as analytics, affiliate tracking, etc.
example.com/#postid# + #userid# returns shrtrl.it/#hash#
Share this link with your friends to earn points/cash!