29-year veteran here. Began programming professionally in 1990, writing BASIC applications for an 8-bit Apple II+ computer. Learned Pascal, C, Clipper, COBOL. Ironic side-story: back then, my university colleagues and I used to make fun of old COBOL programmers. Fortunately, I never had to actually work with the language, but the knowledge allowed me to qualify for a decent job position, back in '92.

For a while, I worked with an IBM mainframe, using REXX and EXEC2 scripting languages for the VM/SP operating system. Then I began programming for the web, wrote my first dynamic web applications with cgi-bin shell and Perl scripts. Used the little-known IBM Net.Data scripting language. I finally learned PHP and settled with it for many, many years.

I always wanted to be a programmer. As a kid I dreamed of being like Kevin Flynn, of TRON - create world famous videogames and live upstairs my own arcade place! Later on, at some point, I was disappointed, I questioned my skills, I thought I should do more, I let other people's expectations make feel bad. Then I finally realized I actually enjoy a quieter, simpler life. And I made peace with it.

I'm now like the old programmers I used to mock 30 years ago. There's so much shit inside my brain. And everything seems so damn complex these days. Frameworks, package managers, transpilers, layers and more layers of code. I try to keep up. And the more I learn, the more it seems I don't know.

Sometimes I feel tired. Yet, I still enjoy creating things and solving problems with programming. I still have fun learning. And after all these years, I learned to be proud of my work, even if it didn't turn out to be as glamorous as in the movies.

My mom died when I was 7, after which my dad bought me a Commodore 64 so I had something to lose myself in during the mourning process.

I learned everything about that system, from my first GOTO statement to sprite buffers, to soldering my own EPROM cartridges. My dad didn't deal with the loss so well, and became a missing person 5 years later when I was 12.

I got into foster care with a bunch of strict religious cultists who wouldn't allow electronics in the house.

So I ran away at 14, sub-rented a closet in a student apartment using my orphan benefits and bought a secondhand IBM computer. I spent about 16 hours a day learning about BSD and Linux, C, C++, Fortran, ADA, Haskell, Livescript and even more awful things like Visual Basic, ASP, Windows NT, and Active Directory.

I faked my ID (back then it was just a laminated sheet of paper), and got a job at 15-pretending-to-be-17 at one of the first ISPs in my country. I wrote the firmware and admin panel for their router, full of shitty CGI-bin ASP code and vulnerabilities.

That somehow got me into a job at Microsoft, building the MS Office language pack for my country, and as an official "conflict resolver" for their shitty version control system. Yes, they had fulltime people employed just to resolve VCS conflicts.

After that I worked at Arianespace (X-ray NDT, visualizing/tagging dicom scans, image recognition of faulty propellant tank welds), and after that I switched to biotech, first phytogenetics, then immunology, then pharmacokynetics.

In between I have grown & synthesized and sold large quantities of recreational drugs, taken care of some big felines, got a pilot license, taught IT at an elementary school, renovated a house, and procreated.

A lot of it was to prove myself to the world -- prove that a nearly-broke-orphan-high-school-dropout could succeed at life.

But hey, now I work for a "startup", so I guess I failed after all.

So, i tried to demonstrate my roommate how many people push their credentials to github by searching for "password remove" commits.

I decided to show him the file and noticed something interesting. A public IP, and mysql credentials.

I visit the IP and what do i see there, a directory listening with a python script, with injects the database into a webpage (???) and a log of all http requests. Lots of failed attacks aiming at the PHP CGI. Still wondering how they failed on a python server 🤔🤔🤔

Edit phpmyadmin to connect to the mysql database. Success.

Inserted a row telling him the his password is on github. Maybe i should also have told him how to actually remove it. 😅
Yes, root can login from %

This is how far i can get with my current abilities.
------------------------------

Scary how insecure this world is.

The Great Escape. by Apple!!

I'm writing a small blogging CMS in bash using CGI. I can't help but giggle every once in a while when I think of the reaction every web developer ever would have if I told them about my project 😂

Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”

Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”

The number of tabs opened in the browser is directly proportional to the completely of the problem! :p

Somebody is very active!

My wife is complaining that am spending too much time on devRant. I just told her, am coming here only when windows is updating :p ;)

How to solve windows Blue Screen Of Death.

Change the color to Green. No more BSOD. :/

Connect a pen drive, format it successfully. Connect to a new machine to copy data and see the data exists.

Crap! which drive did I formatted :(

Request: Need stress ball
Reason: Learning JavaScript

came across this in a python blog!

Damn! Always during deadline!! :/

Forget TDD, BDD...
Use GDD.
(Google Driven Development)
:P :D

Who the fuck uses http code 200 for a failure. Seriously have you ever heard something about a need to parse the shit you're returning...

Now I don't know whether it's me who's wrong, but man there are more than 80 different codes defined so there really should be something for you, don't you think?

And don't give me shit like "well the request worked so we return 200 it's only that the request wasn't correct". What for a fucking peace of something are you... Those codes are for that exact reason.

Anyways I'm going to parse the shit with string compare and afterwards kill myself out of shame. Whish me luck...

I wanna make you feel what you have brought into my house!!

I was working with security cameras once in a home automation project. One of those camera particularly stand out by offering a cgi without password request to view and change the current passwort and username.

Seriously wtf is wrong with you? I mean this thing automatically connects to an internet service offering everyone to connect to it with that passwort and username. And I know some of you might say "hey chill the cgi is only available on the wifi" - dammit no. Security is a lifestyle do it complete or get the fuck out. God knows what other mistakes there might be hidden in that thing screaming out to everyone to watch me taking a shit.

But that's not the end of it. My company arranged a call to the technical support of that camera so that I can explain the problem and a patch gets released. Those guys didn't give a shit about it and were even laughing at me. Fuck you!

So whoever is responsible - I will find you - and you will never see me coming.

Esc :/

github is down :(
Lets me open devrant :) yeahhhhh!!!!

Just watched Avatar 2 in 3D 4DX. This is hands down the movie of the year. Might as well be the movie of all movies. 3 hours of watching and going through emotional rollercoaster and havent been bored. It keeps attention. It was so beautiful. The scenes the scenario the plot the CGI. Everything. I can't believe someone made this. I dont understand how this is possible to be made. How can i come back to this reality now? It felt like i was there, in the movie. A beautiful alien world with magic, life with actual meaning, nature, the wonders of universe. Life can be so much broader than our reality. I know it's just a movie and that reality doesn't really exist. But anything you can imagine or visualize means it can exist. Somewhere out there in this infinitely large universe. Out there in some galaxy light years away or ago. This movie is a brutal masterpiece. This is art. It reminds me to be thankful for what i have. Grateful for who i have. And gave me more reason to withstand the darkest days. Because if i work hard and succeed i might end up in a universe like Avatar. At one point in time as a life form. Somewhere... more meaningful than working like a slave and paying taxes to pedophiles and criminals in our current reality. Beautiful.

Meanwhile I was sitting in my Python class.
Suddenly she starts teaching about CGI Scripts and how widely they are used in these days' web interfaces.
:3
Being a web dev myself, this felt so sad.
Considering the advent of so many web frameworks that make it so much easier for the developer to ship a website, who'd use CGI scripts until it's a total nessecary.

Now , what's much worse is she wants us to write a CGI Script for making a resume generator?
I don't know what to do with her..!

just found one more *DD
RDD - Readme Driven Development
Its real google around...

:D

Fun fact: In 2020, there are still companies out there with full-blown web apps using CGI (yeah, remember? /cgi-bin?).

Ugh. That may have been a mistake.

I'm deep in a large effort to refactor my project. It's a one man deal and something I've been working on pretty much every day in some fashion for nearly 10 years (five years ago I started a scratch rewrite to move from a fully CGI server rendered application to a browser rendered asynchronous version built around JS) and that took me three years.

I started this refactor about 8 weeks ago. Turns out I've been tackling the largest modules and progress has been decent. So that's good.

But I got to wondering ... Just how much code is there?

So I whipped up a quick script to do some calculations. Read each file and get a line and word count, skipping empty lines.

In JS it turns out I have 83,973 lines and 467,683 words.

On the back end, 86,230 lines and 580,422 words.

Average publishing stats say the are about 250 words/printed page.

That means I'm confronting refactoring 1,870 pages of JS. That's the size of several decent sized novels. (I think I've done the equivalent of Maybe 400 at this point).

Makes me feel like the walls are creeping in to know how much is left to go ...

Most of us have scary stories about professors that think that they know about what they are talking about when it comes to teaching comp sci subjects. Shit is so backwards in most parts of the world with teachers showing outdated or completely pointless tech.

A friend called me the other day asking for classic ASP help because it was being used in his web class. Another was asking me about flipping c cgi web scripting. Wtf are schools teaching? Having the drive to LEARN actuall useful topics that are relevant on the market is hard enough as it is...shouldn't schools help at least a little bit? I was lucky, we were thaught Java, Python, cpp, js, sql, html5, css3, php, ruby and we had classes for node (for those interested) and asp.net mvc. Those were RELEVANT and good classes and while some outdated tech was good the rest is just bullshit. Specially since most teachers have 0 market value as develpers...but hey!! Wtf do I know! Of course my word is shit against all them doctorate and master degrees.

Gimme a break. School can be great. But a lot of the leadership there is toxic af for our industry. And while I appreciate the effort in me being thaught modern languages (and thaught is a hard word since I already knew how to program way before going to school) i still remember a teacher taking points away from an assignment for not using switch statements in Python...despite my explaining that there was no such thing (you can go around it by using a lil technique using functions, its pretty cool..pero no mames)
Or what about the time I mentioned to a fellow student how he could use markup for having more control with his windows forms while the very same teacher contradicted me saying that shit was not possible. Or the guy at the school in which I work teaching intro to programming using fucking vba...fk man if you are going the BASIC route at least teach them b4j or something fuuuuck.

I had good teachers, but they were always cast asside by dptmnt heads as if they knew better. I just hate pendejo teachers I really do.

Chinguen a su madre, bola de babosos.

When you take your fast but plain cgi scripts and convert them to fastcgi...
"no way the page parsed and analyzed 325 XML trees this fast" 😇

PROJECT: New shiny app in js
TODO:
1. Window shopping for new frameworks

2023 After a big working day ! I just want to relax with an easy movie to watch
The movie
- Political
- overpower woman that spite on man
- the message
- remake, spin off
- predictable as fuck story line
- actors that have no fucking emotions
- plots twist predictable
- predictable boring scary jump
- watch it on netflix, disney+, Amazon prime, HBO, Crave, Helix, Tou.tv for only 25$ a month
- CGI are fucking ugly shit
- story incoherence
- movie are always politicly correct
- i see the camera man in the cars window is fucking obvious
- people working in movie are poor as fuck because shit actors want lot's and lot's of money
- lot of movie are make for the branding not the movie itself
- you notifications are more interesting than the movie itself
- you want to go to the theater... 99$ popcorn and M&M bag of 20 pieces
- kids want to listen something else
- woman want help with the dishes at 10 PM
- no more beer or chips

You know what ? I think i will go feed some duck 🦆 at the park next time

Does somebody know how to send data to the PHP CGI executable directly and how to receive it (stdin/stdout)?
Or point me to a useful resource?
In a side project (just for fun) I try to implement the interface on NodeJS so I could process PHP through ExpressJS (long story).
I've been able to send and receive stuff, but the PHP CGI always tells me that I am "not allowed" to use this interface...
Docs/mailinglists seem reeeally old and don't want to go through the Apache source code 😅
Or does Node not have enough privileges for communicatig with PHP CGI exe?

pritn object

Every single time... :(

Only Linux guys knows the difference between root and root ;)

(Spoilers about Ready Player one here)

FUCK YEAH!
I watched Ready Player One in 4DX AND IT COSTED AN UNHOLY FUCKING AMOUNT OF MONEY!
yet it was THE BEST MOVIE Ive ever watched, AND I MEAN IT! IT WAS SO FUCKING GREAT! THE CGI THE ACTORS!
STEVEN DID AN EXCELLENT JOB!
and as a Trekkie I LOVED the scene of Hallidays death I mean his coffin WAS A FUCKING PHOTON TORPEDO! and in the Last scene you could see a bat'leth HOW HOW COOL WAS THAT!
And dont get me started on all the other References like the Holy Handgranade, Rubiks Cube, FUCKING BATMAN HELPING SOMEONE CLIMBING, Minecraft OASIS edition, Halo... I CANT ITS TOO MUCH!

Today talking with a schoolmate about an optional VS/CGI course at the university, he goes like "Why do we need to know everything about X and Y?", yeah well this means being a Software Engineer darling... what did you expect?

CGI is fun, websockets are fun, why on earth is it so fucking hard to have both of them with proper switching using at most one extra program apart from my handlers?
By proper switching I mean that you actually track connections and upgrade headers to decide what to do, rather than forcing websocket connections onto a separate HTTP resource just to tell the difference.

These days all companies just want to show off how evolved their AI is.
Any presentation without the neural networks CGI animation is incomplete!!!

i've installed lamp and my php -v is 7.1.15. i created a form and when i request to a .php file, it says "php-cgi not found: Please ensure that configured PHP Interpreter built as CGI program (--enable-fastcgi was specified)".
but ive specified the php.ini file from etc/php/7.1/cli.
and in setting/languages & Frameworks/php/cli interpreter it says php version not installed & debuger not installed. SOS

@dfox By default there is -1 showing up on all the comments. Its just me or everyone ?

Filmmaker, no cgi only practical effects like good old movies.

Working for a company using Cobol > CGI > PHP > MySQL > Django, and once again another custom rolled framework with no documentation in PHP. Basically no desire, haha.

@dfox Gifs not playing on android :(

Most of the web stuff I have done in the past have been PHP, Wordpress, cgi, etc. I read about nginx and was very impressed by what it accomplished in the last 20 years. Now I have a desire to play with this tech for fun.

What I want to do:
- create, manage, and launch minecraft servers
- provide a web interface for managing servers (I would like to learn how to make the server use the infrastructure of nginx to be managed like its other services)
- make this packaged so others can use this (probably on github)

I don't know anything about nginx other than it is really really cool, can serve massive amounts of web pages, and can do a whole lot more than that.

Question:
Is nginx suitable for this? Is this a big learning curve? Will I have fun doing this?

I am currently running a multi-instance minecraft server being managed by a piece of software called Crafty Controller. It is really neat. However, I am finding it buggy. I also see that the next version of this software will be behind a patreon. This is really disappointing. So this is spurring me to consider building something fun for myself, and if useful, for others.

I will most likely do very barebones and inflexible web interface that just gets the job done. I know enough to get by. So I assume I have a large learning curve ahead to do this.

Any advice? Is this going to turn into a large time sink?

Thank you hosing company, all you had to do was rebuild the crummy php 5.2 cgi with an up to date version of openssl that supports tls 1.2 so the PayPal integrations work for the seven customers who are too fucking tight to pay to have their sites upgraded to something modern...

Not set all 120 sites across five servers to run on php 5.2..

Assholes!

!devrant

What the fuck is wrong with walking deads CGI??? Did they lose all their budget or something?

DEER WALKING DEAD DIE

Design in Motion: Real-Time Rendering's Impact on Architecture

Architecture, a discipline that once relied heavily on blueprints, models, and lengthy render times, has undergone a revolutionary transformation in recent years. The advent of real-time rendering technology has fundamentally altered the way architects visualize, present, and interact with their designs. This paradigm shift has not only enhanced the creative process but has also empowered architects to make more informed decisions and create immersive experiences for clients and stakeholders.

Real-time rendering, a technological marvel that harnesses the power of high-performance graphics hardware and advanced software algorithms, allows architects to generate photorealistic visualizations of their designs in a matter of milliseconds. Gone are the days of waiting hours or even days for a single rendering to complete. This acceleration in rendering time has not only expedited the design process but has also encouraged architects to explore multiple design iterations rapidly.

One of the most significant impacts of real-time rendering on architecture is the ability to visualize a design in various lighting conditions and environmental settings. Architects can now instantly switch between daytime and nighttime lighting scenarios, experiment with different materials, and observe how their designs respond to different seasons or weather conditions. This level of dynamic visualization offers insights into how a building's appearance and functionality evolve throughout the day, contributing to more holistic and thoughtful design solutions.

Moreover, real-time rendering has transformed client presentations. Architectural concepts can now be communicated with unprecedented clarity and realism. Clients can virtually walk through spaces, observing intricate details, exploring different angles, and even experiencing the play of light and shadow in real-time. This immersive experience fosters a deeper understanding of the design intent, enabling clients to provide more targeted feedback and make informed decisions.

The impact of real-time rendering on collaboration within architectural teams cannot be overstated. Traditionally, architects and designers would need to wait for a rendering to complete before discussing design changes or improvements. With real-time rendering, team members can make adjustments on the fly, observing the immediate effects of their decisions. This seamless collaboration not only enhances efficiency but also encourages interdisciplinary collaboration as architects, engineers, and other stakeholders can work together in real-time to refine designs.

The integration of virtual reality (VR) and augmented reality (AR) into the architectural workflow is another transformative aspect of real-time rendering. Architects can now create VR environments that allow clients to step inside their designs and explore every nook and cranny. This not only enhances client engagement but also enables architects to identify potential design flaws or spatial issues that might not be apparent in 2D drawings. AR, on the other hand, overlays digital information onto the physical world, facilitating on-site decision-making and construction supervision.

Real-time rendering's impact extends beyond the design phase. It has proven to be a valuable tool for public engagement and community involvement in architectural projects. By creating virtual walkthroughs of proposed structures, architects can offer the public an opportunity to experience the design before construction begins. This transparency fosters a sense of ownership and allows for constructive feedback, contributing to the development of designs that resonate with the community's needs and aspirations.

The environmental implications of real-time rendering are also noteworthy. The ability to visualize designs in various environmental contexts contributes to more sustainable architecture. Architects can assess how natural light interacts with interior spaces, optimizing energy efficiency and reducing the need for artificial lighting during the day.

In conclusion, real-time rendering has ushered in a new era of architectural design, propelling the industry into a realm of dynamic visualization, immersive experiences, and enhanced collaboration. The ability to witness designs in motion, explore different lighting conditions, and interact with virtual environments has redefined how architects approach their craft. From facilitating client presentations to fostering sustainable design solutions, real-time rendering's impact on architecture is profound and multifaceted. As the technology continues to evolve, architects have an unprecedented opportunity to push the boundaries of creativity, efficiency, and sustainability in the built environment.

In those learning days the universal solution to all systems issues -
'restart and see if that fixes'