Getting a “You need to enable referers for this to work” error, and using Symantec Client Firewall? Double-click its icon, click Privacy Control, and click the Configure button.
- Click Advanced button
- In the “Information about visited sites” box, choose Permit
- Click OK, OK, and close
- Try again. It should work now, and you didn’t even have to disable your firewall!
Elliott Back created a list of RPC and RPC2 services to ping, in addition to Ping-o-Matic. WordPress 2.0 (release candidate) is out, so I’ve verified that, by default, the list of services to ping still includes only Ping-o-Matic. This additional list, copied on Dec 28, 2005, should prove useful. These are all general-purpose; you can copy and paste the whole list, if you wish. I will add to (merge) this list as I find others.
http://1470.net/api/ping
http://www.a2b.cc/setloc/bp.a2b
http://api.feedster.com/ping
http://api.moreover.com/RPC2
http://api.moreover.com/ping
http://api.my.yahoo.com/RPC2
http://api.my.yahoo.com/rss/ping
http://www.bitacoles.net/ping.php
http://bitacoras.net/ping
http://blogdb.jp/xmlrpc
http://www.blogdigger.com/RPC2
http://blogmatcher.com/u.php
http://www.blogoole.com/ping/
http://www.blogoon.net/ping/
http://www.blogpeople.net/servlet/weblogUpdates
http://www.blogroots.com/tb_populi.blog?id=1
http://www.blogshares.com/rpc.php
http://www.blogsnow.com/ping
http://www.blogstreet.com/xrbin/xmlrpc.cgi
http://blog.goo.ne.jp/XMLRPC
http://bulkfeeds.net/rpc
http://coreblog.org/ping/
http://www.lasermemory.com/lsrpc/
http://mod-pubsub.org/kn_apps/blogchatt
http://www.mod-pubsub.org/kn_apps/blogchatter/ping.php
http://www.newsisfree.com/xmlrpctest.php
http://ping.amagle.com/
http://ping.bitacoras.com
http://ping.blo.gs/
http://ping.bloggers.jp/rpc/
http://ping.blogmura.jp/rpc/
http://ping.cocolog-nifty.com/xmlrpc
http://ping.exblog.jp/xmlrpc
http://ping.feedburner.com
http://ping.myblog.jp
http://ping.rootblog.com/rpc.php
http://ping.syndic8.com/xmlrpc.php
http://ping.weblogalot.com/rpc.php
http://ping.weblogs.se/
http://pingoat.com/goat/RPC2
http://www.popdex.com/addsite.php
http://rcs.datashed.net/RPC2/
http://rpc.blogbuzzmachine.com/RPC2
http://rpc.blogrolling.com/pinger/
http://rpc.icerocket.com:10080/
http://rpc.pingomatic.com/
http://rpc.technorati.com/rpc/ping
http://rpc.weblogs.com/RPC2
http://www.snipsnap.org/RPC2
http://trackback.bakeinu.jp/bakeping.php
http://topicexchange.com/RPC2
http://www.weblogues.com/RPC/
http://xping.pubsub.com/ping/
http://xmlrpc.blogg.de/
Current total: 54
I woke up this morning at about 10:30 am. Audrey went to a friend’s house, and she’s staying there overnight. I had lasagna and garlic bread for lunch, and my dad cleaned out the garage. I took this morning’s time to change the air filter in my ’95 Tercel. I thought the old one looked very dirty, but my dad said it wasn’t bad: he’s seen dirtier. It took me awhile because I do these things carefully and precisely, especially since it’s my first time. Tomorrow, perhaps, I’ll wash the battery contacts. They’re rather dirty.
I changed the driver’s side windshield wiper, but I had only bought one, so the passenger’s side will have to come later. I used it once today, and I must say, the new one is dramatically better than the old one. It wasn’t raining, but I used the spray function while I was on the road. I need to fill up on fuel tomorrow. I was running near empty. I drove to Aaron’s house and picked up James on the way back. Aaron and James are good friends now. Aaron brought a game he received for Christmas from Dennis, I think. It’s Clue, vintage. Fun game. We played twice; I won both times. Good luck, really. With a little bit of strategy thrown in. I want to play again. Maybe it’s because I won. I’m really quite competitive at times. And it seems, the more competitive I’m being, the more often I win. I could be really shrewd and win almost every game. But that’s no fun. I need to learn how to lean back and take it easy. As it is, I do everything very accurately, and triple check things to make sure I get them right. I even do this during games like Clue and Risk, games where things should be fun. Maybe I make them more intense than they should be.
Aaron showed me a Star Wars card game like Magic TG. It was cool. We watched Madagascar during dinner which Amy borrowed from her friend. That was fun. I love the Penguins too. They know Linux. Especially the Private. and Kawalski (something like that). Sushi is good. Anyway, as the day wound down, I found that I didn’t get a chance to exchange the Microsoft Cordless Desktop 6000. Staples said they didn’t have it. I’ll call Best Buy tomorrow and drive over if they do. I can use a gift card to make up the difference, if necessary. Logitech has a promotion running for their Wireless Desktop MX3100. But it’s not valid at Staples or Best Buy. Mainly online outlets like Amazon.com and Buy.com, I think. Newegg too. I played Albatross18 with Amy.
I don’t know where my cell phone is and I’ll have to think about it and look for it tomorrow. Last I can remember… last night is a blur. That’s why I need to blog these things. or else I simply don’t remember. We watched… National Treasure. Before that… I went to the solar car meeting. I definitely had my cell phone there. I came home and Audrey came back an hour later. So I don’t think I lost it outside, although it’s possible. It’s most likely somewhere in the house. I should just make a habit of charging it every night.
I turned off Themed Ad Units because I didn’t like the way they looked. They were shown on pages randomly. When I had multiple ad units, they would theme one of the units and not the other. On some loads, neither were themed. The problem was that the themed ad units had specific colors, including a colored border (while I usually use borderless ads). I liked the little pictures, but unfortunately it’s not fine-tunable. So today, December 26, 2005 at 1:57 AM, I turned them off. Let’s see how it affects the stats, if any. Although that might also be affected by the holiday season and Christmas. I’ll have to continue testing.
I’ve realized that I am managing too many websites. Does some aspiring web developer want to take one off my hands? Any earnings while you’re managing the site are yours, of course. And if I have any plans to take back control, I promise to tell you at least three months in advance. I will pay for hosting and domain registration. All I ask is that I can link my sites together. You’d be in charge of everything for your website, including promotion, development, design, etc. You can do whatever you want with it. And I’ll be here for you to consult when questions arise. Some websites are not developed at all (just domain name and idea at this point), while some have a small beginning. Post a comment if interested.
Merry Christmas, everyone! Let’s celebrate and have a party. Actually, I think I will be going to a party or something. Whatever it is, I’m sure it’ll be great. It’s a wonderful holiday and a great time to reflect on the blessings God has given us. In any case, I hope you’re having great time during this season.
Please leave a comment here to be recorded for all time! I think I might edit this post later to elaborate on Christmas happenings. or perhaps I’ll just create a new post.
Today I registered the domain sizzly.info with NamePros.com. I need to keep track of these things. I’m starting to neglect some websites while focusing too much on others.
It’s Christmas eve. My uncle is visiting, and I’m going to spend time with friends and family. So I’ve resolved to get off the computer now. Hopefully I can stick to that.
I woke this morning to an email that looks like this:
(I didn’t display images, in case they were using image tracking to see who opened their email.) It’s very clever. Rather than a cheap-looking email that says “update your billing info”, this one actually poses as an email from another eBay user, and makes it look like it’s going through eBay’s messaging system. However, it’s not: all of the email’s links point to ngwahsec.edu.hk/~jimmy/signin.htm (unsecure site; appears to be down atm; maybe they were shut down). This gives it the look of a legitimate email, while still enabling the scammer to get the victim’s eBay login. Be wary of emails you receive.
Hey, it’s another Midnight Message (finally). Sometimes I think my life is rather boring. Certainly the things that really catch my interest (and keep me up all night) are different from what interest other people. The only person I think I can talk with is Aaron, and even he has more a Linux / Open Source bent, while I focus more on PHP / web development. On the other hand, there are a lot of people like me on the Internet. It would be awesome if I stumbled into someone I met online in real life. When I get older, I’ll have to attend those conventions and things, so I can meet and get to know those with similar interests.
Anyway, it’s a Midnight Message, so I’ll recap my day in one sentence. I woke up late, had some cereal, delivered three packages via UPS at Staples, read some of Artemis Fowl, said “Hello” to William, worked on my mom’s website, bid on a copy of the Settlers of Catan [Travel Edition], ate a big dinner, and went to Christmas carolling rehearsal at church. How’s that? I think this is more for myself than for anyone else. If I don’t log what I did, it’ll be as if nothing happened, because I’m living day-to-day and really have no plans for the immediate future.
Alright, so on to the Title of this post: SQL Insertion and Error Reporting. This reminds me of some days I spent in high school, never recorded, shared only with a couple people, and easily forgotten. I think that if I don’t think about it and write about it now, it might be completely forgotten forever. So here’s my effort. I read an article on PHP security blunders at SitePoint. It discusses SQL insertion vulnerabilities. Now I realize that I’ve taken advantage of this flaw without really understanding it. I knew how SQL queries worked, sure. But using form data to exploit a simple query is not something I fully grasped. Yet, I used it to gain access to the school’s digital television broadcasting system one boring day in CompSci AP class. It was just a little incident. I didn’t do anything malicious; only poked around. I saw an administrator access the private site on one of the computers, and then I later went to another PC to check out the site myself. Of course, it was secured behind a simple login. I entered some text. It spat back an error (see “Error Reporting” in the SitePoint article). It was a Microsoft SQL error, and it told me that what I entered in the box was sent directly as an SQL query.
So I entered something like ‘ OR TRUE ‘ (SitePoint’s example is ‘ OR ’1′=’1 — I might have used that too) in the box. And that was it — I was in! There were some options, if I recall, for scheduling videos to be shown. I couldn’t upload a custom video, though. Also, I was using a public terminal in the middle of a class session, so I was nervous about doing this too long. I soon exited the system and returned to my regular routine. If this is the sort of thing you do for fun, we should get in touch. Because at the moment, I’m starting to realize that I was actually quite lonely in high school.