Skip to content

Instantly share code, notes, and snippets.

View sergiotapia's full-sized avatar
💭
In my restless dreams, I see that town.

Sergio Tapia sergiotapia

💭
In my restless dreams, I see that town.
View GitHub Profile
@sergiotapia
sergiotapia / Munich-NO2.md
Created August 24, 2017 14:58
NO2 in Munich, 2016
View Munich-NO2.md

NO2 in Munich 2016: high traffic => high NO2

2016-mu5-hours-junedec-23aug

This plot shows NO2 levels over the day in Munich in June and December 2016. München-Landshuter-Allee on the left has about the highest NO2 levels in all Germany, and a lot of traffic — 120,000 to 150,000 cars and light trucks per day.
Surprise: high traffic => high NO2.

View gist:252ad8e746d3905d1075
[
{
"Created_Datetime":"2\/16\/2013 2:57:59 AM",
"Id":1067196,
"Last_Login_Datetime":"7\/10\/2014 2:36:08 AM",
"LeagueConquest":{
"Leaves":0,
"Losses":0,
"Name":"Conquest",
"Points":0,
View gist:41a7c365afff877161ee
[
{
"Created_Datetime":"7\/26\/2012 8:21:03 PM",
"Id":312304,
"Last_Login_Datetime":"7\/10\/2014 11:48:52 PM",
"LeagueConquest":{
"Leaves":2,
"Losses":151,
"Name":"Conquest",
"Points":81,
View gist:89c2b90251c4d489a162

This advisory concerns a security risk in all supported versions of Active Record. There is no patch to apply for this issue.

Due to the query API that Active Record supports, there is a risk of unsafe query generation in two scenarios. Databases with a table that contains a column with the same name as the table and queries with join aliases which conflict with column names could be vulnerable to an attack where the attacker can perform certain manipulations to the SQL queries generated by Rails.

Determining Vulnerability

A vulnerable application will either contain columns named identically to their table, or have column names which conflict with join aliases.

For example, if you had a model called SecurityToken, which contained an attribute called security_tokens then the following code could be manipulated to return additional records:

@sergiotapia
sergiotapia / md5-example.go
Last active September 21, 2023 06:57
Golang - How to hash a string using MD5.
View md5-example.go
import (
"crypto/md5"
"encoding/hex"
)
func GetMD5Hash(text string) string {
hasher := md5.New()
hasher.Write([]byte(text))
return hex.EncodeToString(hasher.Sum(nil))
}
@sergiotapia
sergiotapia / go-fizzbuzz.go
Last active December 30, 2015 20:59
FizzBuzz written using Golang!
View go-fizzbuzz.go
package main
import "fmt"
func main() {
i := 1
for i <= 100 {
if (i % 3 == 0 && i % 5 == 0) {
fmt.Println("Fizzbuzz")
} else if (i % 3 == 0) {
@sergiotapia
sergiotapia / images_dimensions.go
Last active November 23, 2022 03:53
Golang - Getting the dimensions of an image. jpg, jpeg, png
View images_dimensions.go
package main
import (
"fmt"
"image"
"os"
_ "image/jpeg"
_ "image/png"
)
View gist:6991960
# SQLite version 3.x
# gem install sqlite3
#
# Ensure the SQLite 3 gem is defined in your Gemfile
# gem 'sqlite3'
development:
adapter: postgresql
encoding: unicode
host: localhost
database: smitecamp_db
View gist:6991744
source 'https://rubygems.org'
ruby '2.0.0'
gem 'rails', '4.0.0'
gem 'sass-rails', '~> 4.0.0'
gem 'uglifier', '>= 1.3.0'
gem 'coffee-rails', '~> 4.0.0'
gem 'jquery-rails'
gem 'jbuilder', '~> 1.2'