Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


HauntedDawg last won the day on July 26 2016

HauntedDawg had the most liked content!

Community Reputation

13 Good

About HauntedDawg

  • Rank

Personal Information

  • Location
    Cape Town South Africa
  • Interests
  • Website

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I often a times do extensive development (lots of small micro-services) spanning multiple different languages which is listed below. In term's of web server environments - I have been using the docker / kubernetes route for the passed 2 and half years and have never looked back. Part of this docker / kubernetes environment I make use of a Reverse Proxy / Load Balancer router in-front of the docker containers named Traefik.io - no need for nginx / apache virtual hosts. Docker has helped me not need to worry about server configuration and the smaller details - now it's as simple as `docker run {{ image name }}` and that image can either be an existing prebuilt image from the huge library over at Docker Hub https://hub.docker.com or you create your own image by using a file named Dockerfile - the final image can then be published to Docker Hub publicly or privately. Some helpful use cases: Need to run a static one page website but don't want to go through the hassle of having to deal with virtual host files? Use a lightweight container with nginx pre-installed and pre-configured, just tell docker which build folder you want to mount on the container. Further Reading: https://hub.docker.com/r/bitnami/nginx/ Have a lot of website's to manage on a single server? Use https://traefik.io - a dynamic reverse proxy with built in load balancing capabilities combined with docker making for zero need for web server configuration. Traefik listens on the docker socket for container events (restart, shutdown, high cpu, low cpu,, startup amongst a few) - and these containers simply needs a label (E.G. `- "traefik.frontend.rule=Host:example.com"`) as well as a domain pointed the servers IP Address and the Traefik Reverse Proxy server will handle serving HTTP & HTTPS requests to the correct docker containers based on the domain name. It provides plug & play support for Let's Encrypt + auto-renewal -- pure awesomeness! If you use docker and use the auto scaling functionality, Traefik will see the new containers immediately and start load balancing them. Traefik is the 9th most popular image on Docker Hub with 10M+ downloads at this time while nginx is further down the list. Saved me lot's of time needing to still configure services as well as install services such as PHP and it's subsequent extensions. See screenshot attached of my development machine's services that are needed for all my projects. I can delete the containers / services while keeping the needed data on the host machine and bring the container / service up again with existing data IDE's / Tools / Services to their relevant languages / use cases / needs: JetBrains IntelliJ Community Edition - for Java / Kotlin development as well as sometime's the odd cases of Native Android Development Building REST / Soap API's with Spring MVC framework using Kotlin is a bliss in itself and with Kotlin being significantly faster than Java - it makes perfect for API's. Kotlin comes with Java interoperability in mind thereby allowing Java code to be called from Kotlin in a natural way, and Kotlin code can be used from Java What is Kotlin you ask? https://www.infoworld.com/article/3224868/what-is-kotlin-the-java-alternative-explained.html PHPStorm - for the obvious first 3 letters of the application's name ? - current place of employment make's use of an already extensively scaffolded starter project which has been built on for the passed 12 - 15 years plus / minus, first making use of the Zend framework and then in the last 4 years making the change of the underlying framework to Symfony Silex using an annotation provider for routing thus keeping the route declaration with the class file and it's subsequent endpoints. Additional Tools: xdebug for debugging / code profiling purposes Always have PHPStorm built-in Terminal open. Siege an http load tester and benchmarking utility https://github.com/JoeDog/siege Visual Studio Code - for all my front-end based applications consisting of NativeScript, Angular, VueJs, HTML, CSS Because I got to experience building Java apps where every variable needs to be type casted - I have become a believer of TypeScript as it enforces type casting. That has saved me a days if not weeks of combined time finding bugs / issues. Chrome Browser - Some developers believe in the Firefox developer tools, but for me and quite a few developers I know, Chrome's Developer Tools is well built and fit's in nicely with Chrome. Also has a dark mode. Bonus. Postman - Manual API endpoint testing API Doc Generators - Swagger for PHP Symfony & Swagger + SpringFox for Java Spring MVC Swagger provides running a list of tests against your API's saving you time during the development lifecycle of an API Digital Ocean - development testing & production based VM's. There's an existing supported driver to allow docker-machine to connect to Digital Ocean to gather information about existing VM's or the ability to create VM's from your own terminal. It's overhead for minimal site's but wonderful for more site's and growth There is probably quite a few other tools / services that I have not listed. I didn't see anyone making use of docker nor any articles floating about - it's worth looking into!
  2. HauntedDawg


    We have not found to have any performance impact using NativeScript and we have a variety of mobile apps out there at the moment. The app is truly native though hence "Native"Script ? - it just make's it super easy to maintain without needing 2 different developers cause of different languages. See here for more reading: https://www.nativescript.org/nativescript-is-how-you-build-native-mobile-apps-with-angular
  3. HauntedDawg


    NativeScript is what you want for mobile apps (or React Native) - https://www.nativescript.org/ Haven't heard of Flutter. Will give it a look
  4. MCCode's come's with an IPN file. Paypal also provide's an IPN PHP file. Use those in your application. They already have the methods to check a payment is completed.
  5. Without seeing the underlying server structure, ports opened, whats on and whats off, it will be a hard guess.
  6. Does it eventually trigger this line: $db->query("UPDATE `crons` SET `nextUpdate`={$times} WHERE `file`='{$file}'"); As that is what will depict the next cron time. Check and make sure nextUpdate is now() time + 60.
  7. http://makewebgames.io/showthread.php/32642-any-version-Removal-of-1-minute-crons There on, its simple to add 5 minutes, 1 hour, daily, etc etc.
  8. http://makewebgames.io/showthread.php/32642-any-version-Removal-of-1-minute-crons I think (have not checked), but lower down or further in the thread shows the 5 minute and etc.. And its quite easy to add to it. This does run 1 minute cron 10 times if the user has been inactive for 10 minutes.
  9. Top of my head. Newsletters: sending an email to your users using smtp to check for a response back, if it doesnt, flag it in the database, there after check if they have a cellphone number to sms. Check that sms has a response, if it doesnt, flag it in the database. Sure, you can extract your data from ssh and plug it into a php script. Sure, I am deviating now from the topic, but its an example. And there are many other examples. Who says its to modify data anyway? In fact, my admin panel does not allow for any editing of the users, but is there to only answer support tickets, view transactions made, what products were bought, all with beautiful charts displayed on the front page. The same can be done with SSH, but you'll need to be exporting data and importing every time.
  10. Waste of time arguing. Yet, I am not arguing. Deflects from the thread, no.. not really, as we are still on topic with regards to admin page security. for no real benefit.. Well, you don't seem to be putting much positive comments on this thread anyway, so might as well f off. Oh, and yeah, while it is relatively easier to manage your game via the database directly. It's a pain in the ass. So, I'll sit here, with my sub domain, while you manage your game via the database and write scripts for all the times sql can't do what php can.
  11. My reasoning for a sub domain, is one prime reason. Sessions. Now, admin.php renamed to asdfaasdasdasda14.php will still be able to read that domains sessions, thus being able to hijack your sessions. How many times have we seen the ol trick of changing your user profile image to either logout.php or the admin panel submitting a change of user permissions? You seem rather narrow minded to one word you been mentioning in all your posts from this one. "Pentest", did you now only recently figure out how to do that? Oh wait, lets not forget we can actually block access to the sub domain completely by user and password using htaccess, and then actually require another user and password to login to the system. So, how far does your pentest go? As far as seeing a permission denied page. If someone really wanted to damage your site, and have the know how, they would not even bother with a admin section in the first place, and actually look for any open vulnerable ports to get access to the DB/mail/SSH/FTP/SFTP.. you name it..
  12. Post up your final result so others that may have the same issue can see. Glad its resolved :)
  13. It looks like what you are wanting to do is create a global array and then populate that inside the loop to later use in the morris bar object:   var chartData = []; // Holds our data for the chart /* Do ajax stuffs here */ // Loop through the data from the ajax $.each(data.result, function(a, i) { chartData.push({x: i.date, y: i.count}); // Push values into array }); console.log(chartData); Morris.Bar({ element: 'graph', data: chartData, xkey: 'x', ykeys: ['y', 'z', 'a'], labels: ['Y', 'Z', 'A'] }).on('click', function(i, row) { console.log(i, row); });
  14. jsFiddle Your json return data (or your psuedo json is wrong).   { "result":[ { 'id': 1, 'date': '2014-12-10', 'site_id': 'http://someurl.com', 'count': 1 }, { 'id': 2, 'date': '2014-12-03', 'site_id': 'http://someurl2.com', 'count': 52 }, // More results go here ] }   Also, by adding a secondary argument to the $.each function, you can then extract the data by using the second argument while the first remains the index.   $.each(data.result, function(a, i) { var json = i; // Since we no longer need to target the main array anymore var chartData = ''; // Depending how this array/object is built, i would suggest reading up on writing json strings });
  • Create New...