PHP has a very handy function addslashes which escapes, by prefixing backslashes, characters that can cause undesired effects in SQL queries (read SQL injection). Coding a login page in Python had me hard pressed to find something similar in Python to escape characters retrieved from login forms. I won’t say I searched across the seven seas, but as much as I looked, I discovered the “escape” function from the “re” module. I cannot find a reference online (I need to search better and more thoroughly), but re.escape in effect escapes all non-alphanumeric characters in string given to it as argument.
The __doc__ string for re.escape says:
Escape all non-alphanumeric characters in pattern.
I ran into a bit of a problem, trying to use the new-style class syntax while calling a class that apparently only supports the old-class style syntax (thanks due to Brend on #python at irc.freenode.net for pointing that out). Look closely at the call to super() in the following code:
# -*- set tabstop=4 -*-
if __name__ == "__main__":
c = CGIWrapper()
Traceback (most recent call last):
File "yoyo.py", line 17, in ?
c = CGIWrapper()
File "yoyo.py", line 9, in __init__
TypeError: super() argument 1 must be type, not classobj
The workaround, naturally, is to call cgi.FieldStorage using the old-class style way.
Backdoor PHP shells are receiving a lot of attention from script kiddies. Unless you know what PHP backdoor shells do, they provide a web-based interface to execute shell commands on systems on which they have been maliciously setup.
A friend once asked me to write him a script to upload files from a server via the PHP shell interface to some anonymous FTP server. I wrote the following minimalist Perl script.
my $host = '';
my $port = 21;
my $user = '';
my $pass = '';
my $file = shift || die "usage: $0 file";
my $ftp = Net::FTP->new($host) or die "failed.$!";
I am making it available here for I don’t know what reason.
“Konsole” supports transparency, but it is slow (and most importantly for me, does not have the “fixed” fonts that xterm uses). “xterm” is cool, but I want transparency which it doesn’t have. “Eterm” is, again, slower than “xterm”, and though it does support backgrounds, you cannot, as far as I have explored it, make “Eterm” use any image for background. On the flip side, “Eterm” has support for the fixed fonts like xterm. But I desperately need “transparency”.
Look at “aterm”. Although working on the shoulders of “rxvt”, “aterm” is pretty much like “xterm”, supports all the things “xterm” does, and provides fast visually pleasing effects (without hogging up resources like Konsole), including, what I want the most, transparency. Not only that, you can configure “aterm” to use fixed font. What more do I want?
If you have aterm installed, invoke it with the following arguments:
aterm -tr -trsb -cr red +sb -fg gray -fn fixed -fb fixed
I have an overly sensitive stomach and digestive system. I really should refrain from eating most things that aren’t cooked at home. I know what happens when I do it, yet I persist, and wake up the next morning with an upset stomach and a foul mood. Sigh.