Linux Mint 7.0 – Install TrueCrypt
| TrueCrypt is probably one of the best open source application to be used for data protection.
The best thing is that an encrypted partition/container will be accessible using truecrypt on any supported operating systems (windows / linux / mac). First we have to download the latest version from there website. http://www.truecrypt.org/downloads Select the version for ubuntu 32b |
 |
| Extract the executable file from the tar.gz archive. |
 |
| Double click on the shell script in order to launch the installation !
Next screens shows exactly how the process goes: |
 |
 |
 |
 |
| Press Install Package
To launch the application just go to Menu > Run Program write truecrypt and press ENTER. The application is launched ! |
 |
| More details on how to use this good application can be found on there web site. Probably I will write down some clear lines but that in the near future ! |
Most Complete Password Manager
For quite some time I have been searching for a password manager to suit my needs.
I needed to be easy to use, strong encryption, not to leave any trace on the operating system and to be flexible enough.
The application that I have found fulfills these requirements and also is free 
.
@
Bellow there are some screen shots to reflect the main functionality.
The application is running directly from USB when inserted into a computer running windows and having dotNet >2.0 installed on it.
Geting the file extention with php
In many operations we need to check the file is being processed.
Bellow is a simple yet effective method to get the extension from the file name.
function get_file_extension($file_name)
{
// to keep it clean just make all letters in the file name small letters
$file_name = strtolower($file_name);
// split the file name by [ . ] and store all parts into an array
$ext = split("[/.]", $file_name);
// get the no of elements in the array
$i = count($ext);
// the extension is the last element in the array [ -1 is because the array starts from 0]
$extension = $ext[$i-1];
return $extension;
}
Protecting strings sent via POST
In all cases we are using input from the user we need first to check for the validity of the input. This way we can avoid the SQL injections for example.
For example we have a form username / password.
We have to get the input from the two fields and use them in a query on the user table to see if we have a match.
In case o password, we do not care to much because we do not store the password in plain text but rather in an salt form (md5 for example). Because of this we do not care too much about the content of this field
$password = md5($_POST['PASSWORD']); /* in this moment no meter what sql injection string the user has entered the resulting salt will consist in 32 chars string which cannot harm our sql statement */
For the username there is a little bit more complicated. We are storing the usernames in plain text, so we have to be careful how we protect this string not to have false results.
I am using the following function but in my case I mad some restrictions to the username form: only alphanumeric chars plus – _ and @ as special characters.
function string_check($string)
{
$string = strtolower($string);
// we check the string for funny chars
$valid_chars = "0123456789abcdefghijklmnopqrstuvwxyz-_@";
$invalid_chars = 0;
// make a loop to verify each character in the string
$len = strlen($string);
for($i = 0; $i <= $len; $i++)
{
if(substr_count($valid_chars, $string{$i}) == 0)
{
// this means that the current char is not in our valid chars list
$invalid_chars++;
}
$i++;
}
if($invalid_chars == 0)
{
return TRUE;
}
else
{
return FALSE;
}
}
$username = trim($_POST['USERNAME']);
if(string_check($username) == TRUE)
{
// we continue the process using this string in the sql statement
}
else
{
// we stop here because the user input is funny
}
Nu fa concurenta statului !!!
The article has
no responses yet