Seven things - tagged by Mark Karpeles

January 6th, 2009

Sometimes internet memes are something horrible. On PHP, right now, the whole idea is to share seven things about yourself (not things everyone knows about, it won’t be any fun), all of this because of Tony Bibbs (yes, it’s his fault, even if I don’t know him at all, he’s the one who started it all on the Who tagged who).

By the way I’ve been tagged by Mark Karpeles, myself. If you want to know why, you’ll have to read more.

For the people who don’t know me at all, I won’t eat you, you can come and try to talk to me. I started working on PHP’s WDDX extension (right now rewriting a part of it to use xmlreader instead of expat-like stuff) which was maintained by Andrei Zmievski (who wouldn’t have liked at all seeing the wddx functions assuming “everything is ISO-8859-1″, as he said before, “English is not the only language” and stuff like that).
Oh and now, I’m not using Coldfusion at all, I never touched Coldfusion, I use WDDX because it’s a nice serialization system, and because I got something to unserialize it on the other side.

  • Like Paul Reinheimer, I also do some photography.
    I like being able to take still images out of things I see in my daily life, and that’s what cameras are made for. Since I had the chance to travel around, I got a few pictures from other countries, and a few months ago I bought  a second hand Nikon D70s which helps a lot taking nice pictures.
  • I never finish anyth…
    In fact, sometimes, I happen to finish something, but “finishing something” is just too boring. I always do a new version at some point, so nothing is really “finished”. Just tag it with a version number and continue it (already got this thinkgeek tshirt).
  • My first computer was a Sinclair ZX Spectrum 128k +2.
    My mother was writing little games for me in BASIC, and I started BASIC quite soon. I knew almost every instruction in BASIC (was just missing arrays with DIM) and already started touching the ASM part with POKE, PEEK and USR before I was 7. When I was 8, I got an Amiga 500, quickly followed by an Amiga 2000, another Amiga 2000. Today I own two Amiga 1200…
  • During the Paris’ PHP Forum 2008, I showed Lukas Smith around (especially to find a nice place with better food than the forum’s sandwitches). That day I ate twice.
  • I fully speak and understand spoken French, English and Japanese (which I’m unable to write, and sometimes unable to read). I’m able to utter some words in other languages (the tourist survival base) in Italian, Spanish, German, Hebrew, Russian, Latin and some Chinese. I love travelling, and I even went to Tel Aviv (Israël) during my PHP training (hey, PHP3 is from there).
  • I’m geek. And not half, as I even been featured in a documentary called “Suck my Geek“. While I’m mainly a computers geek, I also do common stuff like watching japanese animation (I learnt Japanese from there), replying to “seven things” extraweb memes, troll by using non-existant words, etc…
    Being geek also implies being curious. While I never finish anything, I started a lot of things, including an OS project, a xinetd-like program in PHP, a BitTorrent client in PHP using PHP/GTK, IRC bots with PHP (MatrIRX), an IRC daemon in C++, and even more useless things than that. Most of them aren’t documented (I’m not a documentation guy, it was hard to write, it must be hard to use… isn’t it?) but are working, and some of them are even actively developed (I recently got a guy who decided to work on some things for pinetd).
  • I make apple pies.
    Not apple pies like the ones you’re used to eat. My apple pies are uniques. If you ever come to Paris, message me before so I can prepare one and let you take a bite. My apple pie follows a receipe I got from my mother, who got it from my grand-mother, etc… Even people who usually don’t like apple pies came to eat some and liked it.

Now, the people I would want to know more about are:

  • Lukas Smith - a great guy who helps PHP from the shadows
  • Zak Greant - Foo Associates (I really like this name)
  • Andrei Zmievski - who initially wrote ext/wddx
  • Pierre-Alain Joye - who helped me a lot on the PHP channel
  • Christophe Robin - alias BombStrike, who has no blog as of today (not yet?)
  • Derick Rethans
  • Mark Karpeles - because nobody tagged me yet, and because I felt like some recursion would be fun (wonder how it’ll work for the “who  tagged who” page)

And finally some rules:

  • Link your original tagger(s), and list these rules on your blog.
  • Share seven facts about yourself in the post - some random, some weird.
  • Tag seven people at the end of your post by leaving their names and the links to their blogs.
  • Let them know they’ve been tagged by leaving a comment on their blogs and/or Twitter.

Tags: , ,
Posted in General, PHP, Vie vraie | No Comments »

Snow in Paris

January 2nd, 2009

Guess how I was surprised seeing Paris with a white (and really light) mantle…

Tags: , , ,
Posted in Vie vraie | No Comments »

Mantis BugTracker: exploited for defacement

December 20th, 2008

Cat ready to attack mantis

OpenOptimus’ website has been defaced because of an exploit in Mantis BugTracker, but mostly because I totally forgot to update this thing for ages.

The site has been taken down, since our little script-kiddie think he’s so smart he could host stuff there without root noticing anything (chmod 0000 owned him).

Tags: , ,
Posted in Hacking, News | 2 Comments »

AFUP PHP Forum 2008: it’s finished!

December 9th, 2008

The PHP Forum 2008 organized by the AFUP (Association Française des Utilisateurs de PHP, the French PHP UG) is now finished, and while I missed last year’s one because of a personnal matter, I guess someone missed this year’s one too, and more people were waiting him than for me (Zeev).

Anyway the most interesting talks from a technical point of view included:

Great work guys, and hope to get more great presentations from you all (”all” including the people reading this article too) !

Tags: , , , ,
Posted in General, News, PHP | 3 Comments »

SSL server: how to autodetect SSL/non-SSL?

December 7th, 2008

For those of you who already played with Webmin, you probably noticed that connecting without SSL to the webmin interface (typically on port 10000) displays a message telling you how to access the SSL secured interface… on the same port.

Ever wondered how to accept both SSL and non-SSL connections on the same port?

Basically, to display such a message, we need to know if the client talking to us is speaking using SSL, or not. This is easily done by reading a few bytes from the stream, but if you do this, starting the crypto using for example stream_socket_enable_crypto() will fail, since OpenSSL won’t find the full client SSL handshake anymore.

PHP offers us a nice solution to fix this, using stream_socket_recvfrom(). By passing option STREAM_PEEK to this function, we can take a peek at the data pending in the socket, and try to determine if that’s SSL or not.

There, we can either try to parse a SSL packet, or instead try to find data we know there should be if the stream is not encrypted.

Doing this for the HTTP protocol is easy. The protocol is text based, and the first word we will get from the client will be something like “GET”, “POST” or “HEAD”. We just check if we got any of those. If we did, we got plain text connection. If we don’t, it means we are probably facing a real openssl client, and we can try to start negociating the link.

I wrote a little example you can download via SVN at http://ookoo.org/svn/snip/https_multi_serv/. Just run “gen_key.sh” in the ssl directory to get a SSL private key, then run the server with PHP. By default it will listen on port 8000, so direct your browser to localhost:8000 with or without SSL (both will work, this is the point of this server).

Feel free to use the code there, I commented it a bit so it should be somewhat helpful, and I officially release it under public domain (or BSD if “public domain” does not legally exists in your country).

By the way it’s also a nice example of async server using stream_select().

Of course it’s not possible to auto-magically determine if the client is talking SSL when he’s not talking first. You could wait for one or two seconds to see if something comes (ie. an SSL handshake) but it’s not really something that could be called good practice… So let’s just keep this for cases where the client talks first.

Tags: , , ,
Posted in Geek Attitude, Hacking, PHP | 2 Comments »

Eve Online pathfinder

November 30th, 2008

As I wanted to kill some time, I helped BombStrike with his project for Eve Online, a “massive multiplayer online roleplaying space game”.

The part I helped with is about being able to find a “route” from one point to another.

My first attempt was just for fun, a stored procedure for MySQL which did the lookup with the help of 3 temporary tables. This worked quite well, but had serious troubles resolving really long paths (avg. of 7 seconds for a 24 hops search).

So, I finally decided to create a dedicated database format for Eve Online, which would be optimized for lookups.

With this new database, a 95 hops lookup takes an average of 2.25ms. This is fairly acceptable, I’d say.

For those who are interested, the generated database (it took ~3 hours to build it), and some data files are available for download. You can also download the initial MySQL database dump.

The index file is fairly simple, it contains only solar system ids and locations in the main file (4 bytes for little endian solar system id, and 4 bytes for location in main file).

The main data file is a bit more complex. For each solar system we have:

  • Solar System ID (4 bytes)
  • Solar System Security (4 bytes int, explained soon)
  • Number of known solar system when adding this one
  • Solar system name length (1 byte)
  • Solar system name (variable length)
  • Solar system links to other solar systems (size of 9*number of known solar system when adding this one). This list contains:
    • Next hop to reach this solar system (4 bytes)
    • Number of hops remaining to reach it (1 byte)
    • Security level of this route (4 bytes, explained soon)

The security level in Eve Online is a float between -1 and 1. Storing float or double values is a pain, so I converted them to integer with a simple operation: int_value = (float_value + 1) *1000000000.
This way the int_value will be between 0 and 2000000000, and (almost) efficiently use space available on signed 32bits integers.

Creation of the initial file is also pretty simple.

First, we create the various solar systems, based on data from the database.

Next, we insert what we call “level 1″ links (basically, those are all the direct links).

Finally, we enter a for loop starting a 2 and finishing at 255 which will ask to populate links. There the way this is done is easy.
For each solar systems:

  • We collect all links which takes one less hop than the current value of the loop (for example for the third iteration, we take all “2 hops” links)
  • We “advertise” them to solar systems directly connected to our solar system, saying the “next hop” is us (for example this would lead a solar system directly connected to the current one adding the current solar system as a “3 hops” target for the advertised solar system).

Explaining all that is not easy, I hope I didn’t get anyone lost here.

Anyway have fun with this piece of (maybe) useful code!

Tags: ,
Posted in Geek Attitude, PHP | No Comments »

PHP 5.3.0alpha3

November 26th, 2008

The release of PHP 5.3.0alpha3 is soon (planned for December 2nd for now), the main change since PHP 5.3.0alpha2 is the namespace separator, which switches from :: to \.

Other changes should include:

  • MySQLnd async queries and other stuff like stream scanning
  • ext/mhash removed from main tree, and replaced with ext/hash, which seems better (I believe compatibility function names will be used, eg. ext/hash will provide mhash_* functions aliases)
  • OpenSSL will now work with buffers (I’ve been waiting for this one)

Anyway this is most likely going to be the last alpha release of PHP 5.3, as this should mark the last new features added to PHP 5.3. Next test releases should be beta, then RC, for finally getting a final PHP 5.3 out in 2009.

By the way, remember that in France, the PHP 2008 Forum will be held on December 8th and 9th 2008 in Paris, and many people will be there…

Tags: , ,
Posted in Geek Attitude, PHP | No Comments »

Wddx and PHP

November 21st, 2008

Recently I had some troubles finding a good way to let Qt (now owned by Nokia) and PHP communicate.

At first, I tried using QtSoap (part of Qt Solutions), but I was expecting something better for a commercial-only element (the lack of wsdl parsing is the main problem, I guess).

Anyway I finally decided to look at less complex solutions, and found WDDX to be a good idea.
After some tests I wrote a WDDX module for Qt and started doing tests. I was surprised at some point when I saw that the data I was getting from the server appeared to be UTF-8 encoded, and here I found that PHP’s WDDX extension was broken: the documentation stated WDDX functions only accept UTF-8, but the code was clearly showing conversions from ISO-8859-1 to UTF-8…

This led me to write a patch to fix that (along other patches for other features in PHP), and post a lot of stuff to the PHP internal mailing list.

I found out that the Wddx extension was maintained by Andrei Zmievski, and I guess he didn’t have enough time to continue looking after it… anyway he approved my patch, and at this point I became a “php developper”.

Next steps are pretty normal: I discovered again CVS, which I had totally forgotten, I discovered branch management and manual merge because PHP branches are too different, and a lot more stuff which made my time working on Wddx pretty fun.
Thanks to the tests I wrote I could spot two other bugs, one in PHP_5_3 (wddx_add_vars() was ignoring the first passed variable) and one in all versions of PHP (serializing a class providing a __sleep() method with wddx caused this class to be stored without its values, even those __sleep() said we need to store).

Anyway the next thing I’d like to implement in Wddx is packet streaming: the ability to send a packet while building it, allowing creation of really large packets without needing the RAM to store it (and coupled with stuff like mysqli::use_result(), it’s a nice way to stream large SQL data).

Anyway WDDX is a really nice way to serialize data, and it seems JS libraries able to parse WDDX exists (I only use it for communications with Qt, so I didn’t look a lot in this direction, still I guess google could tell you more).

Tags: , ,
Posted in Geek Attitude, PHP | No Comments »

Guess where I am having my holidays

August 18th, 2008

Just looking at this picture should be enough :-)

Posted in Vie vraie | 1 Comment »

Thunderstorm in Paris

August 7th, 2008

It caused two metro lines to be closed.

photo

photo

photo

Posted in Vie vraie | No Comments »

« Older Entries