大罗-PHP/Python博客

Security Enhancements and Fixes in PHP 5.2.4:

* Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson)
* Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson)
* Fixed size calculation in chunk_split() (Reported by Gerhard Wagner)
* Fixed integer overflow in str[c]spn(). (Reported by Stanislav Malyshev)
* Fixed money_format() not to accept multiple %i or %n tokens. (Reported by Stanislav Malyshev)
* Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)
* Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Stanislav Malyshev)
* Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz)
* Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai)
* Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com)
* Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk)
* Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)
* Improved fix for MOPB-03-2007.
* Corrected fix for CVE-2007-2872.

Posted by rollenc

十大渗钱沟 原来，美元在美国是这么不值钱。赚美元的确是优选

Posted by rollenc

对学生的建议:如何做好研究
如何富有创造力

Posted by rollenc

Wubi - The Easiest Way to Linux

Wubi is an unofficial Ubuntu installer for Windows users that will bring you into the Linux world with a single click. Wubi allows you to install and uninstall Ubuntu as any other application. If you heard about Linux and Ubuntu, if you wanted to try them but you were afraid, this is for you.

Posted by rollenc

15 Cool Things About PHP That Most People Overlook
SPL - Standard PHP Library SPL - php标准库 新发现的大陆
Introducing PHP 5's Standard Library PHP5 SPL介绍

Posted by rollenc

Interactive Linux kernel map
无（代）码胜有（代）码
A Great Web Developer is a Great Application Developer

Posted by rollenc

If programming languages were cars... 如果编程语言是一种车...

Posted by rollenc

如果机器支持apache配置文件.htaccess（一般虚拟机都是支持的），但是并不容许你修改php.ini文件时，你可以使用以下代码来修改一些变量：
只适用于php做为apache的module的情况

  
php_value include_path ".:/usr/local/lib/php;" 
 
  
php_value include_path ".:/usr/local/lib/php" 
 

但是，不要使用

  
php_value error_reporting   E_ALL
 

这样的内容，因为E_ALL是php.ini中定义的常量，在apache中是无效的，任何没有定义的常量都被会解释为0或者空值。
因此以上内容将被解释为不报告任何错误，而不是所有错误。
如果php是做为cgi加载的，那么你可以通过ini_set来实现

$include_path = ini_get('include_path');
ini_set('include_path', $include_path.':/home/rollenc/myphplib'); //注意Linux目录分割符是 : 和windows使用的 ; 不同

Posted by rollenc

Quick Reference Cards 知识小卡片
Database Abstraction Layers Must Die!
Firefox narrowly misses 28% use in Europe Internet Explorer under 70% firefox在欧洲市场占有率达28%
Get started with Zend Framework MVC with the Zend_Controller Quick Start 终于把ZF的Hello world玩出来了。希望实际的操作，不要给我带来对ZF更多的失望。改观，就这一次机会。
Quick Reference Cards 知识小卡片2
socket编程原理

Posted by rollenc

Transplanted Real-World Business Models 现实世界的商业向互联网的转移

The mail-order model 以邮件，包裹的形式销售现实产品。 案例：amazon.com

The advertising based model 广告模式 许多的搜索引擎公司和一些免费站点 案例：yahoo, sina,

The subscription model 订购模式。在很多的音乐站点和成人站点的可以发现这种模式，付费购买之后，获得更多的信息。

The free trial model 免费试用。 即软件中的共享软件模型

The direct marketing model 直接的市场联系 以垃圾邮件，垃圾回复为代表，直接宣传实际市场的资料等，如培训，发票等

The real estate model 资产模型 如域名，Email名等

Incentive scheme models 坑蒙拐骗型 利用抽奖，优惠卷，“免费”服务等，诱导用户点击广告或者提供其私人信息 一些web调查机构使用此模式

Business to Business B2B模式

Combinations of the above models. 综合模式

Native Internet Business Models 纯粹的互联网模式

Unlike the real-world the native economy of the Internet is not based on scarcity but on abundance.
与real-world Model的区别：基于流量，而不是用户

The library model 图书馆模式 指企业站，大学信息站等

The freeware model 免费软件模式 当这个软件被广泛使用后，再发布一些其他的收费或增值版本。 案例：netscape

The information barter model 出卖信息模式 把本站的用户信息出卖给其他的公司 一些新闻资讯站精于此道

Digital products and the digital delivery model. 数字产品和数字产品发送。 数字资料是免费的，但当你需要它的实体时，你需要邮寄它们。利润就在这里。

The access provision model 访问入口提供商 即ISP

Web site hosting and other Internet services. 网站空间或其他服务提供，并在上面放置广告以盈利。


来源： A Taxonomy of Internet Commerce by Paul Bambury

Posted by rollenc

A Taxonomy of Internet Commerce by Paul Bambury 互联网经济的分类

Posted by rollenc

Free Software Sticker Book 开源软件的张贴图标
Xpath functions Xpath函数，部分需要XSLT2.0支持
Episode 23: Architecture Pt. 1
XML in PHP 5 - What's New?

Posted by rollenc

今天在UBUNTU的新力德中看到fctix又有更新了，在cn99源中取得的最新版本是1:3.5.1svn20070807-1, 上一版本是1:3.4.3-1
这是希望？还是最后一顿晚餐？

Posted by rollenc

UGLY! UGLY! UGLY! UGLY! UGLY! UGLY! UGLY! UGLY! UGLY! UGLY! UGLY!

Posted by rollenc

13个在线web2.0风格生成器

Posted by rollenc