As we all know that php does not support multiple inheritance, but we can acheive it through some extent by writing our code. suppose we have a absract class Ingredents -
abstract class Ingredents {
private $DishId;
abstract public function requirement();
public function __construct($DishId) {
$this->DishId = $DishId;
}
public function getDishId() {
return $this->DishId;
}
}
Now If we want to make milk cake we can extend it simply -
class Milkcake extends Ingredents {
private $req = array();
public function __construct($req){
$this->req = $req;
}
public function requirement() {
return $this->req;
}
}
And if we want to make kesar rice then also we can get it simply
class KesarRice extends Ingredents {
private $req = array();
public function __construct($req) {
$this->req = $req;
}
public function requirement() {
return $this->req;
}
}
But now if we want to make kheer then ? ok we are going to use property of Milkcake and kesar rice both.
class Kheer {
private $req = array();
private $dishes = array();
public function requirement() {
foreach ($this->dishes as $dishes) {
$this->req[] = $dishes->requirement();
}
}
public function setDishes($dishes) {
$this->dishes = $dishes;
}
public function getRequirement() {
return $this->req ;
}
}
Now Execute the code -
$kesar_rice = new KesarRice(array('Rice','kesar'));
$kesar_rice_requirement = $kesar_rice->requirement();
print_r($kesar_rice_requirement);
$milk_cake = new Milkcake(array('Milk','sugar'));
$milk_cake_requirement = $milk_cake->requirement();
print_r($milk_cake_requirement);
$kheer = new Kheer();
$kheer->setDishes(array(
'KesarRice' => new KesarRice(array('Rice','kesar')),
'Milkcake' => new Milkcake(array('Milk','sugar'))
));
$kheer->requirement();
$kheer_requirement = $kheer->getRequirement();
print_r($kheer_requirement);
Wednesday, April 28, 2010
Tuesday, April 20, 2010
skipfish - web application security scanner from Google.
Few days earlier I tried, skipfish - web application security scanner from Google.
It uses dictionary- based and and recursive crawl approach. The way it displays the result is very impressing, It has rich javascript based user interface. It divides the results in several parts like - High risk, Medium risk, Low risk, Warnings, Notes, Unique children nodes.
Skipfish is purely written in C and easily achieves 2000 requests per second. Skipfish is realy very easy to install
Installation -
1. Download skipfish from - http://skipfish.googlecode.com/files/skipfish-1.32b.tgz
2. Untar it.
3. Now we need libidn, I installed it with add/remove software option on fedora. You can download it from libidn.
4. cd skipfish
5. make
(it does not standalone installation (make install))
6.Copy dictionary file. According to your use you can copy any dictionary file.
cp dictionaries/default.wl skipfish.wl
Now you can test your web application using skipfish.
./skipfish -o siteresult http://example
Skipfish provide various option like -
-A user:pass (for simple HTTP credentials)
-C cookiename=cookieval (for cokkie credentials)
-X /logout.php (matching url will not be feched)
-I (only crawl URLs matching a substring)
-S (ignore links on pages)
-D (allow to specify additional domains )
-B (prevents crawl to third-party domain)
and so on continue... for more details you can visit - http://code.google.com/p/skipfish/wiki/SkipfishDoc
skipfish is very useful, its high risks includes -
Before using skipfish you make sure that you run this test on staging instance because skipfish will crawl to every link that appears on the site. It can perform any operation of insert, delete, and modify so you should not run on a production site. When I used skipfish it gives very valuable information. Detecting flaws early is surely something worth doing.
skipfish is good quality - it updates it dictionary on run time. Before using skipfish please read skipfish/dictionaries/README-FIRST. So go ahead and use it but not on production server.
It uses dictionary- based and and recursive crawl approach. The way it displays the result is very impressing, It has rich javascript based user interface. It divides the results in several parts like - High risk, Medium risk, Low risk, Warnings, Notes, Unique children nodes.
Skipfish is purely written in C and easily achieves 2000 requests per second. Skipfish is realy very easy to install
Installation -
1. Download skipfish from - http://skipfish.googlecode.com/files/skipfish-1.32b.tgz
2. Untar it.
3. Now we need libidn, I installed it with add/remove software option on fedora. You can download it from libidn.
4. cd skipfish
5. make
(it does not standalone installation (make install))
6.Copy dictionary file. According to your use you can copy any dictionary file.
cp dictionaries/default.wl skipfish.wl
Now you can test your web application using skipfish.
./skipfish -o siteresult http://example
Skipfish provide various option like -
-A user:pass (for simple HTTP credentials)
-C cookiename=cookieval (for cokkie credentials)
-X /logout.php (matching url will not be feched)
-I (only crawl URLs matching a substring)
-S (ignore links on pages)
-D (allow to specify additional domains )
-B (prevents crawl to third-party domain)
and so on continue... for more details you can visit - http://code.google.com/p/skipfish/wiki/SkipfishDoc
skipfish is very useful, its high risks includes -
- Server-side SQL injection (including blind vectors, numerical parameters).
- Explicit SQL-like syntax in GET or POST parameters.
- Server-side shell command injection (including blind vectors).
- Server-side XML / XPath injection (including blind vectors).
- Format string vulnerabilities.
- Integer overflow vulnerabilities.
- Locations accepting HTTP PUT.
Before using skipfish you make sure that you run this test on staging instance because skipfish will crawl to every link that appears on the site. It can perform any operation of insert, delete, and modify so you should not run on a production site. When I used skipfish it gives very valuable information. Detecting flaws early is surely something worth doing.
skipfish is good quality - it updates it dictionary on run time. Before using skipfish please read skipfish/dictionaries/README-FIRST. So go ahead and use it but not on production server.
Subscribe to:
Posts (Atom)
