User talk:Ebarrier: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Ebarrier (talk | contribs)
No edit summary
Ebarrier (talk | contribs)
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Config==
==Operating systems basic terms and introduction==
<source lang="php">
===Tasks of the kernel, operating system, RAM, processor etc===
<?php
Applications use the kernel to connect to computer system resources (CPU; memory and devices). It manages input/output requests from software, translating them into data processing instructions for the central processing unit. It is also responsible for managing memory, and for managing and communicating with computing peripherals, like printers, speakers, etc. It is crucial part of the operating system.
//Specific configuration
define("DB_SERVER", "localhost");
define("DB_USER", "root");
define("DB_PASS", "student");
define("DB_NAME", "webshop");
?>
</source>


==PDO server connection==
Tasks:
<source lang="php">
*CPU time planning
<?php
**Real time vs Package processing
try {
**Syncing
    $conn = new PDO('mysql:host='.DB_SERVER.';dbname='.DB_NAME.';charset=utf8', DB_USER, DB_PASS);
**Multitasking with multiple CPUs
    // set the PDO error mode to exception
*Memory management
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
**MMU - memory management unit
    //echo "Connected successfully";
**Cache and swap
    }
*I/O management
catch(PDOException $e)
**Syncronous
    {
**Asyncronous
    echo "Connection failed: " . $e->getMessage();
*File management
    }
**Permissions
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
**File system hierarchy
?>
</source>


==Header session start==
<source lang="html5">
<?php
// Set session variables
session_start();
if (!array_key_exists("cart", $_SESSION)) {
    $_SESSION["cart"] = array();
    // Here we store product -> count mapping
}
?>


<!DOCTYPE html>
An operating system (OS) is system software that manages computer hardware and software resources and provides common services for computer programs (API).
<html>
Tasks:
<head>
*Hardware management
<meta charset="utf-8"/>
**CPU time
<meta name="description" content="Etienne's webshop">
**Memory management
<meta name="viewport" content="width=device-width, initial-scale=1.0">
**Input/output management
<link rel="stylesheet" type="text/css" href="css/main.css">
**Network management
<title>Etienne's webshop</title>
*Computer system management
</head>
**Application management
**Input/output device management
**User authentication and authorization
**Data management between devices


<body>
==User management==
</source>
===What is authorization and authentication?===
 
===What is password salt and what is it used for?===
==Footer JSscript==
==Working with files and permissions==
<source lang="html5">
===Explain the way why permissions are needed and how they are set for users===
<script src="js/myJS.js"></script>
===Explain special permissions===
</body>
==User environment==
 
===What are user environment variables used for? Name two reasons===
<footer>
==Processes==
    <div class="footer">
===How to stream data between processes===
        <a href="http://www.itcollege.ee">itcollege.ee</a>
===What are different type of processes (running, stopped, killed, zombie etc)===
        <p>For any question, please contact us!</p>
===Different examples of how to benefit from sending signals between processes===
    </div>
==Software management==
</footer>
===Name various ways how to manage software in LInux===
 
===What are the pros and cons of Linux software management===
</html>
===What are software repositories?===
</source>
===What are libraries?===
 
==Filesystem hierarchy==
==Log out - destroy session==
===Explain the hierarchy according to FHS===
<source lang="php">
===Name specific folder meanings and usage===
<?php
==Documentation==
session_start();
===Best practices of a good documentation===
$_SESSION = array();
===Why should we document?===
if (ini_get("session.use_cookies")) {
==Security==
    $params = session_get_cookie_params();
===List the different type of security breaches===
    setcookie(session_name(), '', time() - 42000,
===What should the user/admin do to prevent the attack?===
        $params["path"], $params["domain"],
==Partitioning and swap area==
        $params["secure"], $params["httponly"]);
===What are the primary, extended and logical partitions? What limitations are set with these partitions types?===
}
===When isn’t it a good idea to use swap area?===
session_destroy();
==RAID and LVM technologies==
//unset($_SESSION["userid"]);
===Name main uses and features of both technologies===
header("Location: index.php");
==SAN, NAS and CAS technologies==
?>
===Name main uses and features of all the technologies===
</source>
==Backup and recovery==
 
===Backup and recovery plans===
==Registration - Hash password==
==Monitoring and log files==
<source lang="php">
===Active and passive monitoring===
<?php
===Types of alerts===
include "header.php";
===Benefits of monitoring===
require_once "config.php";
===Centralized logs===
include "dbconn.php";
==Ethical, social and personal aspects of working in IT field==
 
===Impostor syndrome, teamwork, burnout===
if($_SERVER['REQUEST_METHOD'] != "POST") {
    header("index.php");
}
 
$validFields = true;
 
if($_POST["username"] == null || preg_match("[\w.]{1,64}", $_POST["username"]) != 1) {
    $validFields = false;
    echo "<p>Your username is missing or invalid</p>";
}
 
if($_POST["email"] == null || preg_match("^[a-z0-9._%+-]+@(?:[a-z0-9-]+\.)+[a-z]{2,}$", $_POST["email"]) != 1) {
    $validFields = false;
    echo "<p>Your email is missing or invalid</p>";
}
 
if($_POST["password1"] == null || preg_match(".{8,256}", $_POST["password1"]) != 1 || $_POST["password1"] !== $_POST["password2"]) {
    $validFields = false;
    echo "<p>Your password is missing or invalid</p>";
}
 
if($_POST["firstname"] == null || preg_match("[-a-zA-z]{1,30}", $_POST["firstname"]) != 1) {
    $validFields = false;
    echo "<p>Your firstname is missing or invalid</p>";
}
 
if($_POST["lastname"] == null || preg_match("[-a-zA-z]{1,30}", $_POST["lastname"]) != 1) {
    $validFields = false;
    echo "<p>Your lastname is missing or invalid</p>";
}
 
if($validFields) {
    //Statement to create user in DB
    $statement = $conn->prepare(
    "INSERT INTO `user` (
        `username`,
        `email`,
        `password`,
        `fname`,
        `lname`)
    VALUES (:username, :email, :hashed_password, :firstname, :lastname)"); //the :arguments will be replaced below
 
    if (!$statement) die("Prepare failed: (" . $conn->errno . ") " . $conn->error); //check if an error happens
 
    //We bind all the parameters
    $statement->bindParam(':username', $_POST["username"]);
    $statement->bindParam(':email', $_POST["email"]);
    $statement->bindParam(':hashed_password', password_hash($_POST["password"], PASSWORD_DEFAULT));
    $statement->bindParam(':firstname', $_POST["firstname"]);
    $statement->bindParam(':lastname', $_POST["lastname"]);
 
    //We execute the statement to create user with POST values
    if ($statement->execute()) {
      echo "Registration successful. Thank you! <br> <a href=\"index.php\">Go back to main page</a>";
    } else {
        if ($statement->errorCode() == 1062) {
          //This is result in 200 OK
          echo "This e-mail or username is already registered";
        } else {
          //This will result in 500 internal server error
            die("Execute failed: (" . $statement->errorCode() . ") " . $statement->errorInfo()); //check if an error happens
          }
    }
}
?>
</source>
 
==Log in - Check password==
<source lang="php">
//function to check if the email or username provided match the password
function checkCredentials($dbFieldToCheck, $conn, $username, $password) {
    $statement = $conn->prepare("
        SELECT id, password
        FROM user
        WHERE ".$dbFieldToCheck." = :credential");
    if (!$statement) die("Prepare failed: (" . $conn->errno . ") " . $conn->error);
    $statement->bindParam(':credential', $username);
    if (!$statement->execute()) die("Execute failed: (" . $statement->errorCode() . ") " . $statement->errorInfo());
    $row = $statement->fetch(PDO::FETCH_ASSOC);
 
    if(password_verify($password, $row["password"])) {
        return $row["id"];
    }
    return false;
}
 
//we call the function above twice (for email and for username)
$row1 = checkCredentials('email', $conn, $_POST["username/email"], $_POST["password"]);
$row2 = checkCredentials('username', $conn, $_POST["username/email"], $_POST["password"]);
 
//if one of the function calls above is succesful, user is logged in, otherwise we ask him to try again or to sign up
if($row1) { //if the key-value pair user_id-password exists
    $_SESSION["userid"] = $row1; // This just stores user row number
    header('Location:'.$_SERVER['HTTP_REFERER']); //This will redirect back to index.php
} elseif($row2) {
    $_SESSION["userid"] = $row2;
    header('Location:'.$_SERVER['HTTP_REFERER']);
} else { ?>
  <p>It looks like you are not known sorry. Please <a href="registration.php">sign up</a>  to enjoy our services or go back to <a href="index.php">main page</a>.</p>
</source>
 
==Form validation==
<source lang="html5">
<div class="content">
    <h2>Create your account</h2>
 
    <form method="post" action="regsubmit.php">
      <div>
        <label for="username">Username</label>
        <input type="text"
            name="username"
            id="username"
            pattern="[\w\.]{1,64}"
            placeholder="your username"
            title="Numbers, letters (case sensitive), underscore and dot are allowed. 64 characters max" required/>
      </div>
 
      <div>
        <label for="email">E-mail</label>
        <input type="email"
            name="email"
            id="email"
            placeholder="your email" required/>
      </div>   
 
      <div>
        <label for="password1">Password</label>
        <input type="password"
            name="password1"
            id="password1"
            pattern=".{8,256}"
            placeholder="type a password"
            title="8 characters minimum" required/>
      </div>
 
      <div>
        <label for="password2">Repeat password</label>
        <input type="password"
            name="password2"
            id="password2"
            onkeyup="checkPass(); return false;"
            placeholder="retype your password"
            pattern=".{8,256}" required/>
            <span id="confirmMessage" class="confirmMessage"></span>
      </div>
 
      <div>
        <label for="firstname">First-name</label>
        <input type="text"
            name="firstname"
            id="firstname"
            pattern="[-a-zA-z]{1,30}"
            placeholder="your firstname"
            title="Only letters" required/>
      </div>
 
      <div>
        <label for="lastname">Last-name</label>
        <input type="text"
            name="lastname"
            id="lastname"
            pattern="[-a-zA-z]{1,30}"
            placeholder="your lastname"
            title="Only letters" required/>
      </div>
 
      <div>
        <input type="submit" value="Sign-up"/>
      </div>
     
    </form>
 
    <div id="backToMain">
        <a href="index.php">Go back to main page</a>
    </div>
</div>
</source>
 
==Profile form==
<source lang="html5">
if($_SESSION["userid"] != null && $_SERVER['REQUEST_METHOD'] == "POST") {
    $statement0 = $conn->prepare("
    UPDATE `user`
    SET username=:username,
        email=:email,
        fname=:fname,
        lname=:lname,
        gender=:gender,
        phonecode=:phonecode,
        phonenum=:phonenum,
        dob=:dob,
        address=:address,
        city=:city,
        postal_code=:postalcode,
        countryname=:countryname
    WHERE id = :userid");
    if (!$statement0) die("Prepare failed: (" . $conn->errno . ") " . $conn->error);
    $statement0->bindParam(':username', $_POST["username"]);
    $statement0->bindParam(':email', $_POST["email"]);
    $statement0->bindParam(':fname', $_POST["firstname"]);
    $statement0->bindParam(':lname', $_POST["lastname"]);
    $statement0->bindParam(':gender', $_POST["gender"]);
    $statement0->bindParam(':phonecode', $_POST["phonecode"]);
    $statement0->bindParam(':phonenum', $_POST["phonenum"]);
    $statement0->bindParam(':dob', $_POST["dob"]);
    $statement0->bindParam(':address', $_POST["address"]);
    $statement0->bindParam(':city', $_POST["city"]);
    $statement0->bindParam(':postalcode', $_POST["postalcode"]);
    $statement0->bindParam(':countryname', $_POST["country"]);
    $statement0->bindParam(':userid', $_SESSION["userid"]);
    if (!$statement0->execute()) die("Execute failed: (" . $statement->errorCode() . ") " . $statement->errorInfo());
} else {
    header("index.php");
}
 
$statement1 = $conn->prepare("
    SELECT username, email, fname, lname, gender, phonecode, phonenum,
        dob, address, city, postal_code, countryname
    FROM `user`
    WHERE id = :userid");
if (!$statement1) die("Prepare failed: (" . $conn->errno . ") " . $conn->error);
$statement1->bindParam(':userid', $_SESSION["userid"]);
if (!$statement1->execute()) die("Execute failed: (" . $statement->errorCode() . ") " . $statement->errorInfo());
$row1 = $statement1->fetch(PDO::FETCH_ASSOC);
?>
 
<div class="content">
    <h2>My profile</h2>
 
    <form method="post">
        <div>
            <label for="username">Username</label>
            <input type="text"
                name="username"
                id="username"
                value="<?php echo $row1["username"];?>"
                pattern="[\w\.]{1,64}"
                placeholder="your username"
                title="Numbers, letters (case sensitive), underscore and dot are allowed. 64 characters max" required/>
        </div>
 
        <div>
            <label for="email">E-mail</label>
            <input type="email"
                name="email"
                id="email"
                value="<?php echo $row1["email"];?>"
                placeholder="your email" required/>
        </div>   
 
        <div>
            <label for="firstname">First name</label>
            <input type="text"
                name="firstname"
                id="firstname"
                value="<?php echo $row1["fname"];?>"
                pattern="[-a-zA-z]{1,30}"
                title="Only letters"
                placeholder="your first name" required/>
        </div>
 
        <div>
            <label for="lastname">Last name</label>
            <input type="text"
                name="lastname"
                id="lastname"
                value="<?php echo $row1["lname"];?>"
                pattern="[-a-zA-z]{1,30}"
                title="Only letters"
                placeholder="your last name" required/>
        </div>
       
        <a href="changepass.php">Change password</a>
 
        <div>
            <label for="gender">Gender</label><br>
            <?php
            if ($row1["gender"] == null) { ?>
                <input type="radio" name="gender" value="male"> Male
                <input type="radio" name="gender" value="female"> Female
            <?php
            }
            elseif ($row1["gender"] == "male") { ?>
                <input type="radio" name="gender" value="male" checked> Male
                <input type="radio" name="gender" value="female"> Female
            <?php
            }
            else { ?>
                <input type="radio" name="gender" value="male" > Male
                <input type="radio" name="gender" value="female" checked> Female
            <?php
            } ?>
        </div>
 
        <div>
            <label for="phonenumber">Phone number</label>
            <select name="phonecode" id="phonecode" onchange="" size="1">
                <?php
                $statement2 = $conn->query('
                    SELECT phonecode
                    FROM country
                    GROUP BY phonecode
                    ORDER BY phonecode');
                if ($row1["phonecode"] == 0) {
                    echo "<option value=\"null\">-</option>";
                }
                else {
                    echo "<option value=".$row1["phonecode"].">+".
                        $row1["phonecode"]."</option>";
                }
                while($row2 = $statement2->fetch(PDO::FETCH_ASSOC)) {
                    echo "<option value=".$row2["phonecode"].">+".
                        $row2["phonecode"]."</option>";
                }
               
                if ($row1["phonenum"] == 0) { ?>
                    <input type="text"
                        name="phonenum"
                        id="phonenum"
                        value="-"
                        pattern="[0-9]*"
                        title="Only numbers"
                        placeholder="phone number"/>               
                <?php
                }
                else { ?>
                    <input type="text"
                        name="phonenum"
                        id="phonenum"
                        value="<?php echo $row1["phonenum"];?>"
                        pattern="[0-9]*"
                        title="Only numbers"
                        placeholder="phone number"/>
                <?php
                }
                ?>
            </select>
        </div>
       
        <div>
            <label for="dob">Date of birth</label>
                <?php
                if($row1["dob"] == "0000-00-00") { ?>
                    <input type="text"
                        name="dob"
                        min="(Date('Y')-90)-01-01"
                        pattern="[19|20][0-9]{2}-[0|1][0-9]-[0-3][0-9]"
                        title="The date format must be YYYY-MM-DD"
                        placeholder="yyyy-mm-dd">
                <?php
                }
                else { ?>
                    <input type="text"
                        name="dob"
                        value="<?php echo $row1["dob"]; ?>"
                        min="(Date('Y')-90)-01-01"
                        pattern="(19|20)[0-9]{2}-(0|1)[0-9]-[0-3][0-9]"
                        title="The date format must be YYYY-MM-DD"
                        placeholder="yyyy-mm-dd">
                <?php
                }
                ?>
        </div>
       
        <fieldset>
            <legend>Address of residence:</legend>
            <div>
                <label for="address">Street</label>
                    <?php
                    if($row1["address"] == null) { ?>
                        <input type="text"
                            name="address"
                            id="address"
                            placeholder="your address"/>
                    <?php
                    }
                    else { ?>   
                        <input type="text"
                            name="address" id="address"
                            value="<?php echo $row1["address"];?>"
                            placeholder="your address"/>
                    <?php
                    }
                    ?>
            </div>
           
            <div>
                <label for="city">City</label>
                    <?php
                    if($row1["city"] == null) { ?>
                        <input type="text" name="city" id="city" placeholder="your city"/>
                    <?php
                    }
                    else { ?>   
                        <input type="text"
                            name="city"
                            id="city"
                            value="<?php echo $row1["city"];?>"
                            placeholder="your city"/>
                    <?php
                    }
                    ?>
            </div>
           
            <div>
                <label for="postalcode">Postal code</label>
                    <?php
                    if($row1["postal_code"] == 0) { ?>
                        <input type="text"
                            name="postalcode"
                            id="postalcode"
                            placeholder="your postal code"/>
                    <?php
                    }
                    else { ?>
                        <input type="text"
                            name="postalcode"
                            id="postalcode"
                            value="<?php echo $row1["postal_code"];?>"
                            placeholder="your postal code"/>
                    <?php
                    }
                    ?>
            </div>
           
            <div>
                <label for="country">Country</label>
                <select name="country" id="country" onchange="" size="1">
                    <?php
                    $statement3 = $conn->query('SELECT nicename FROM country');
                    if ($row1["countryname"] == "0") {
                        echo "<option value=\"null\">-</option>";
                    }
                    else {
                        echo "<option value=" . $row1["countryname"] . ">" .
                            $row1["countryname"] . "</option>";
                    }
                    while ($row3 = $statement3->fetch(PDO::FETCH_ASSOC)) {
                        echo "<option value=" . $row3["nicename"] . ">" .
                            $row3["nicename"] . "</option>";
                    }
                    ?>
                </select>
            </div>
        </fieldset>
       
        <div>
            <input type="submit" value="Save"/>
        </div>
     
    </form>
</div>
 
==Image upload with hash of picture's path==
<source lang="html5">
<?php
include "header.php";
require_once "config.php";
include "dbconn.php";
 
if (array_key_exists("uploaded_image", $_FILES)) {
    if ($_FILES["uploaded_image"]["error"] == 1) die("Too big image!"); // File size check
    $finfo = finfo_open(FILEINFO_MIME_TYPE);
    $mimetype = finfo_file($finfo, $_FILES["uploaded_image"]["tmp_name"]);
    if (strpos($mimetype, "image/") != 0) // This is basically mimetype.startswith("image/")
        die("Go away! Only images allowed!");
    $checksum = sha1(file_get_contents(
        $_FILES["uploaded_image"]["tmp_name"])) . "." .
        pathinfo($_FILES["uploaded_image"]["name"], PATHINFO_EXTENSION);
 
    // Keep the original image in uploads/ folder
    if (!file_exists("uploads/" . $checksum)) {
        copy(
          $_FILES["uploaded_image"]["tmp_name"],
          "uploads/" . $checksum);
    }
// Generate thumbnail, this assumes you have created thumbnails/ folder and set permissions to 777
if (!file_exists("thumbnails/" . $checksum)) {
$im = new Imagick("uploads/" . $checksum);
$im->thumbnailImage(128, 0); // Width of 128px and automatically determine height based on aspect ratio
$im->writeImage("thumbnails/" . $checksum);
}
// Generate smaller version of the image
if (!file_exists("small/" . $checksum)) {
$im = new Imagick("uploads/" . $checksum);
$im->thumbnailImage(960, 0); // Width of 960px and automatically determined height
$im->writeImage("small/" . $checksum);
}
 
    //DB query
    $statement = $conn->prepare("
        INSERT INTO product (name, description, type, price, hash)
        VALUES (:name, :desc, :type, :price, :hash)");
    $statement->bindParam(':name', $_POST["product_name"]);
    $statement->bindParam(':desc', $_POST["product_desc"]);
    $statement->bindParam(':type', $_POST["product_type"]);
    $statement->bindParam(':price', $_POST["product_price"]);
    $statement->bindParam(':hash', $checksum);
    if (!$statement->execute()) die("Execute failed: (" . $statement->errno . ") " . $statement->error);
 
    ?>
    <p>The product <?=$_POST["product_name"]?> has been added successfully!</p>
 
<?php
}
?>
<h1>Add a new product</h1>
<ul>
</ul>
<form method="post" enctype="multipart/form-data">
    <label for="product_name">Product name: </label>
    <input type="text" name="product_name" placeholder="Product name" required/><br>
   
    <label for="product_type">Product type: </label>
    <input type="text" name="product_type" placeholder="Product type" required/><br>
   
    <label for="product_price">Product price: </label>
    <input type="number" name="product_price" placeholder="Product price" min="0" required/><br>
   
    <label for="product_desc">Product description: </label><br>
    <textarea name="product_desc" rows="10" cols="50"></textarea><br>
   
    <input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
    Select product picture (max 2M):
    <input id="file" type="file" name="uploaded_image" accept="image/*"/><br>
    <input type="submit" value="Add product"/>
</form><br>
 
<?php
$statement = $conn->prepare("SELECT id, name, price FROM product");
//$result = $conn->query("SELECT id, name, price FROM product");
$statement->execute();
 
while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
    echo "<li><a href=\"description.php?id=" . $row["id"] . "\">" . 
        $row["name"] . "</a> " . $row["price"] . "eur</li>";
}
?>
</source>

Latest revision as of 13:45, 8 June 2016

Operating systems basic terms and introduction

Tasks of the kernel, operating system, RAM, processor etc

Applications use the kernel to connect to computer system resources (CPU; memory and devices). It manages input/output requests from software, translating them into data processing instructions for the central processing unit. It is also responsible for managing memory, and for managing and communicating with computing peripherals, like printers, speakers, etc. It is crucial part of the operating system.

Tasks:

  • CPU time planning
    • Real time vs Package processing
    • Syncing
    • Multitasking with multiple CPUs
  • Memory management
    • MMU - memory management unit
    • Cache and swap
  • I/O management
    • Syncronous
    • Asyncronous
  • File management
    • Permissions
    • File system hierarchy


An operating system (OS) is system software that manages computer hardware and software resources and provides common services for computer programs (API). Tasks:

  • Hardware management
    • CPU time
    • Memory management
    • Input/output management
    • Network management
  • Computer system management
    • Application management
    • Input/output device management
    • User authentication and authorization
    • Data management between devices

User management

What is authorization and authentication?

What is password salt and what is it used for?

Working with files and permissions

Explain the way why permissions are needed and how they are set for users

Explain special permissions

User environment

What are user environment variables used for? Name two reasons

Processes

How to stream data between processes

What are different type of processes (running, stopped, killed, zombie etc)

Different examples of how to benefit from sending signals between processes

Software management

Name various ways how to manage software in LInux

What are the pros and cons of Linux software management

What are software repositories?

What are libraries?

Filesystem hierarchy

Explain the hierarchy according to FHS

Name specific folder meanings and usage

Documentation

Best practices of a good documentation

Why should we document?

Security

List the different type of security breaches

What should the user/admin do to prevent the attack?

Partitioning and swap area

What are the primary, extended and logical partitions? What limitations are set with these partitions types?

When isn’t it a good idea to use swap area?

RAID and LVM technologies

Name main uses and features of both technologies

SAN, NAS and CAS technologies

Name main uses and features of all the technologies

Backup and recovery

Backup and recovery plans

Monitoring and log files

Active and passive monitoring

Types of alerts

Benefits of monitoring

Centralized logs

Ethical, social and personal aspects of working in IT field

Impostor syndrome, teamwork, burnout