Skip to content

Instantly share code, notes, and snippets.

View ss23's full-sized avatar

☃ Stephen Shkardoon ☃ ss23

111 followers · 10 following
View GitHub Profile
@ss23
ss23 / test.php
Created January 31, 2014 01:47
<?php
// Example usage: php check.php "Please speel check thsi sentence"
// Example output: Please <speel> check <thsi> sentence
$dictionary = file('/usr/share/dict/words', FILE_IGNORE_NEW_LINES);
$words = explode(" ", trim($argv[1]));
foreach ($words as $word) {
$found = false;
@ss23
ss23 / gist:8856675
Created February 7, 2014 02:49
root@debian-hhvm:~/ssorg# php --version
PHP 5.4.4-14+deb7u7 (cli) (built: Dec 12 2013 08:42:07)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies
root@debian-hhvm:~/ssorg# time composer update >/dev/null
real 0m18.415s
user 0m6.024s
sys 0m0.092s
@ss23
ss23 / hhvm.hdf
Created February 7, 2014 04:33
Server {
DefaultDocument = index.php
IniFile=/root/silverstripe-installer/php.ini
}
VirtualHost {
www {
Pattern = .*
Disabled = false
RewriteRules {
@ss23
ss23 / my.php
Created February 16, 2014 22:46
<?php
// Copyright (c) 2013 Land of Bitcoin http://www.landofbitcoin.com/
// Feel free to modify anything or remove banners as long as you keep the footer line unchanged.
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND.
// Donations greatly appreciated: 1MiCRoXT5gFtGZLSmW6efAx968WAKvD5xz
// INSTALLATION:
// 1. Set the config values below.
// 2. Upload the index.php and the Microwallet.php files.
@ss23
ss23 / gist:9731715
Created March 23, 2014 23:53
emails[0]:
[Subject]: Foobar
[To][0]: Baz
[1]: Boo
[CC]...
[BCC]...
[Message]: I love kitty cats!
emails[1]:
[Subject]: Foobar
@ss23
ss23 / gist:9738047
Created March 24, 2014 10:46
<?php
public function getExportFields() {
$fields = parent::getExportFields();
$fields['Provider.Name'] = 'Provider Name';
return $fields;
}
@ss23
ss23 / gist:9852996
Last active August 29, 2015 13:57
Draft of how to audit SilverStripe code

Whitebox

Folder structure isn't easy to notice at first. Generally, each folder is a "module" (where framework is core SilverStripe, cms is the CMS part of core SilverStripe, and mysite is the custom code). There's also a /vendor directory that might be used if they're using composer. If they're using Composer you'll be able to use the composer.json file in the root of the project to determine where some folders are coming from and if they're using official modules, etc. Extra points if you checking their live webserver and find access to it. Information disclosure and all that.

Most of the interesting code will be in mysite/ probably (though worth noting, there's no explicit rule that you have to put your code in a folder called that -- another common option is to put in a folder named after the project). CMS and Framework are the only two modules you probably won't need to audit or worry about, however, it's fairly common for developers (especially ones not fa

@ss23
ss23 / gist:10621983
Created April 14, 2014 06:43
postgres=# \timing
Timing is on.
postgres=# select 1;
?column?
----------
1
(1 row)
Time: 0.940 ms
@ss23
ss23 / gist:10787388
Created April 15, 2014 23:11
<% if CurrentMember.ID %>
<% Do things %>
Lots of things
<% many many things %>
<% else %>
<% cached MyCache.Keys() %>
<% Do things %>
Lots of things
<% many many things %>
<% end_cached %>
@ss23
ss23 / foo.yml
Last active August 29, 2015 14:00
---
Except:
environment: "live"
---
RecaptchaField:
public_api_key: "kitten"
private_api_key: "cat"
---