DeutschEnglish

Submenu

 - - - By CrazyStat - - -

30. June 2012

CrazyStat counting lots of hits / visits

Filed under: CrazyStat,PHP — Tags: , , , , , — Christopher Kramer @ 16:52

Lately, I got a screenshot of CrazyStat counting quite a lot of visitors and hits. With this post, I’d like to share it with you. It’s quite impressive to see that CrazyStat is able to cope with that many hits easily.

With 4 000 hits per day on average within the last month and about 17 000 visitors on 26th of June, I consider this website quite successful!

So how is your site doing? I’d love to see other screenshots of CrazyStat counting lots of hits.

 

CrazyStat with lot of visitors

Screenshot of CrazyStat counting lots of visitors

Recommendation

Try my Open Source PHP visitor analytics script CrazyStat.

12. June 2012

LaTeX: multiline comments

Filed under: Uncategorized — Tags: , , , — Christopher Kramer @ 23:26

You often want to out-comment some stuff while writing a LaTeX document very quickly, and LaTeX does only offer single-line comments out of the box:

% This is a comment
% This is the next line

Of course this can get a lot of work if you do this manually for a lot of lines. There might be editors that ease this, but I just found a very easy way to achieve multiline-comments using the verbatim package:

\usepackage{verbatim}

You can now just have multiline comments like this:

\begin{comment}
This is a comment
This is the next line
\end{comment}

Very easy. I knew there had to be a package for that. I was just too lazy to search for it up to now.

9. June 2012

Typo3 and other charsets than UTF-8 (latin1 / ISO-8859-1, …)

Filed under: PHP,Server Administration,Typo3 — Tags: , , , , , , , — Christopher Kramer @ 12:30

When updating a Typo3 installation to Typo3 4.5.x, I had problems with charsets and explained the solution here.

Now updating an installation of Typo3 to 4.6.x, I ran into another charset problem: The backend now was completely UTF-8 and therefore, changing texts in the backend caused them to be stored as UTF-8. As the frontend was still ISO-8859-1, special characters (Umlaute) over there got messed up. Maybe there is a way out of this as well ($TYPO3_CONF_VARS['BE']['forceCharset'] I guess), but this clearly shows that Typo3-developers drop support for other charsets slowly and that it might be easier to switch to UTF-8.

In the release notes of Typo3 4.5, I found the following passage:

UTF8 by default: New installations will use UTF8 automatically. Keep in mind that we will be deprecating all other charsets in the release of 4.5, but still support those charsets. 4.7 or maybe even 4.6 will be the first “UTF-8 only” release. When upgrading from older releases to 4.5, you will have to specifically set $TYPO3_CONF_VARS['BE']['forceCharset'] and $TYPO3_CONF_VARS['BE']['setDBinit'] in your localconf.php. An Upgrade Wizard will help you with that.

In the release notes of Typo3 4.6, I could not find a word about UTF-8, but in the release notes of 4.7, it is clearly stated:

check you database if it is utf-8 encoded – TYPO3 4.7 only will work with utf-8.
[…]
The forceCharset option has been deprecated in version 4.5. UTF-8 is now enforced. Even though other values than “utf-8” have not been possible anymore for some time, the option’s value has been queried at plenty of places within the whole core. These references, the option in the Install Tool, as well as many defaults with charset “iso-8859-1” in several classes have been changed, so TYPO3 now works UTF-8-only internally.

So it is clearly time to make the switch.

It is not that complicated – everything is described very well over here.

As the official wiki is very long and explains lots of stuff you might just not care, here are the basic steps:

  • Backup Database and Files
  • Set the charset in your webserver (e.g. “AddDefaultCharset utf-8” in a .htaccess)
  • Adjust some settings in localconf.php:
    // For backend charset
     $TYPO3_CONF_VARS['BE']['forceCharset'] = 'utf-8';
     $TYPO3_CONF_VARS['SYS']['setDBinit'] = 'SET NAMES utf8;'; 
    
     // For GIFBUILDER support
     // Set it to 'iconv' or 'mbstring'
     $TYPO3_CONF_VARS['SYS']['t3lib_cs_convMethod'] = 'mbstring';
     // For 'iconv' support you need at least PHP 5.
     $TYPO3_CONF_VARS['SYS']['t3lib_cs_utils'] = 'mbstring';
  • Adjust your typoScript (change language to your needs):
    config.locale_all = de_DE.utf-8
  • Convert your templatefiles to UTF-8 (and remap them if you use TemplaVoila) – usually in fileadmin/templates
  • Convert your DB to UTF-8
    1. Backup it first if you have not yet (believe me!)
    2. Paste this tool into fileadmin
    3. Run it by opening it in the browser (http://example.com/fileadmin/db_utf8_fix.php)
    4. If everything says “OK”, change the constant “SIMULATE” to false
    5. Run it again
    6. Clean cache of Typo3
    7. Check your site (esp. special characters). If the content is messed up or parts are missing, do the following:
      1. Restore the backup of the database (yes, I told you!)
      2. Uncomment lines 108 – 123 in db_utf8_fix.php
      3. Run it in browser againClean cache in Typo3
    8. Clean all cache in Typo3 Backend

You can find more detailed information here. There are also lots of other ways described how to convert the database.

Happy converting!

 

Update 2014-05-05: Changed link to db_utf8_fix-script as the original site is reported to be attacked and does not host the script anymore. I cannot check if the script at snipplr is exactly the same, but it looks so.

6. June 2012

The most complete Rainbow Table Lookup Site: Google!

Filed under: Security — Tags: , , , , , — Christopher Kramer @ 16:16

About three years ago, I wanted to login into an installation of CrazyStat which I had installed back in 2004 in CrazyStat’s early days. Problem was, I had forgotten the password. Of course I could simply change it, but I was curious what the password was and if I would be able to find out. The old version of CrazyStat installed on that server saved the password as an MD5 hash, but without any salt (new versions save salted passwords). So the challenge was to decrypt an MD5 hash which had not been salted before hashing.

I looked the hash up in several rainbow tables I found on the web, but did not find any match. Of course, I had not used a simple password, so rainbow tables including dictionaries and brute-force up to several characters were useless.

So I thought, well, let’s brute-force it myself. So I wrote a simple brute-force algorithm and let it run on the Hash. I included characters, German special characters (öäüßÖÄÜ), numbers and several other special characters I though I might have used in the password. So this resulted in a huge character set (>80 characters) and a very slow brute-force. I ran it on my home server for several days, but did not succeed. I think I was brute-forcing passwords of 9 characters when I stopped.

I just gave up at that time, because it was not that important and just an experiment.

Lately, I read that Google is a very good password cracker. Thinking about this, it is obvious: Google indexes the whole web, and there are several MD5 rainbow tables on there, which Google indexes as well. So just google for a hash, and if it is in one of the rainbow tables indexed by Google, you will find it. Also some pages use MD5 for page-IDs which will be indexed by google as well. So I enter the hash I had tried to decrypt three years ago, and it just gave me the password I had searched for straight away! Far more efficient than brute-force or downloading rainbow tables 😉 By the way, the password I searched for had more than 9 characters and is not included in any normal dictionary, although maybe in some password list (but not frequently).

I tried several other hashes to see how good Google is. Of course all easy ones are included. But some other more challenging ones were included as well. For example, it knows the hash of “crazystat” (“CrazyStat” is not in there so far). It knows the hash of my hometown (I will just give you the hash here, find out yourself: 97b559a3d65b95dcda14d70e49ef87fc).

So compared to most rainbow table lookups I have seen so far, Google performs very well. Of course not everything is in there, and with a good salt string, it should be useless.

One test I tried were some random characters, but not so many. I was surprised that Google does not know it. I then used a decrypt/encrypt site that stores every hash it calculates when you encrypt something in a rainbow table. Afterwards, this site was able to decrypt it of course. Now I am waiting how long it takes for Google to index that hash as well.

Now let’s see whether you are faster: Here is the hash:

f533abf87579c6ccc8de45c4d81e9e39

A simple brute-force or a good rainbow table should do to decrypt that. Please leave a  comment if you decrypted it. There is at least one md5-decrypt site now that knows this hash, so you might also be able to find this one.

Have fun!

And of course, never be the bad guy who uses stuff like this meaning ill 😉

 

Update 2012-09-22: It seems so many people google the hash I posted here that Google suggests it automatically when searching for f533:

But MD5this did not crack it yet and it seems Google is not able to index the md5lookup site I fed with the hash. Well, probably the hash is a bit more difficult to crack than I thought. But somebody must be able to decrypt that. Come on!

30. May 2012

Released: phpLiteAdmin 1.9.2 includes CSV import/export

Filed under: DBMS,PHP,phpLiteAdmin,Server Administration — Tags: , , , , , , — Christopher Kramer @ 15:54

As I wrote in March, I implemented CSV import and fixed export issues of phpLiteAdmin. This fixed phpLiteAdmin bug #71. I also wrote a small fix for bug #75. Today, new version 1.9.2 of phpLiteAdmin was released including both fixes. You can download it here.

I’d like to thank the phpLiteAdmin team for including my work and allowing me to join the team. I plan to address more issues of phpLiteAdmin in the future to push phpLiteAdmin a little further. There is still some more work to be done which I will have a look at once I find the time.

I recommend the new version to anybody using phpLiteAdmin (and also everybody who doesn’t yet ;-)). Please use the bugtracker in case you find any issues.

I hope some of you find the new features useful or are happy to see those bugs fixed.

Thanks again to the phpLiteAdmin team for the great tool and the opportunity to contribute to the project. Fortunately, I do not have to create a fork to improve the tool.

 

14. May 2012

Mount clonezilla image to restore single file (browse)

Filed under: Linux,Windows — Tags: , , , , , , , , , , — Christopher Kramer @ 12:28

Clonezilla is a fine tool to backup/restore/clone partitions or drives. It is very powerful, can handle both Linux and Windows partitions and so on. If you do not know it, you should really give it a try. It is really free software (open source), which means it is also free to use for commercial purposes.

By the way, if you want to backup/restore images of Windows partitions/drives, I’d also recommend DriveImage XML which is also very powerful yet simple (only free for private use). Windows 7 has also built-in backup and imaging tools, which you can give a try. But this post is about Clonezilla.

One important feature that Clonezilla does not offer out of the box is browsing images to restore single files. You can only restore complete partitions or drives.

But there is a way around this, which is discussed in this forum thread, although not perfect as it requires lots of time and disk space as well.

The basic approach is to convert the whole image into a (probably huge) img-file that can be easily mounted. In the forum post linked above several different commands are discussed depending on your image file.
Here I’d like to show you what worked for me.

In my case, the file was compressed using gzip and it was an image of a linux partition (ext3). I used Ubuntu Linux to mount the image. The steps I took:

  1. Install partclone (sudo apt-get install partclone)
  2. Prepare an img-file somewhere where enough free disk space is available:
    touch /dir-to-new-image/partition.img

    You should have at least as much free disk space as the size of the image there.

  3. Convert the clonezilla-image into the img-file:
    sudo cat /dir-to-images/partition.ext3.ptcl-img.gz.*
    | sudo gzip -d -c
    | sudo partclone.restore -C -s - -O /dir-to-new-image/partition.img

    (This is one line. Note the minus after -s. I overlooked it when I tried this first.)
    This will take some time, dependent on how big the image and how fast your drive(s).
    There are other commands in the forum thread for NTFS images and other compression formats.

  4. Mount the img-file:
    sudo mount -o loop -t ext3 /dir-to-new-image/partition.img /mnt

Thanks a lot to all posters of the forum mentioned above for these hints, especially bfitzhugh, nutria007, ttguy and gaebriel!

P.S.: It’s always good to have a (recent) backup 😉 One drive of mine just crashed after about two years in operation, so I know what I am talking about…

Think about what pain it would be if the drive of your laptop / desktop would crash just right now. If you get a bad feeling thinking about this, you should make a backup now.

5. May 2012

TortoiseSVN painfully slow (Log)

Filed under: Windows — Tags: , , , , , , — Christopher Kramer @ 21:14

I had a problem with TortoiseSVN: Sometimes it behaved painfully slow. Especially when I wanted to view the log of CrazyStat’s svn repository, it took about 10 minutes (!) to show it. First I thought the problem was caused by the Sourceforge servers, but then I realized that other svn clients did not have the same problem. I tried several things and the solution finally was quite simple and even listed the the TortoiseSVN FAQ:

Browsing very slow in explorer and file/open dialog.

If you have mapped network drives which are not resolved, either because the drive is inaccessible, or you have not logged in, file browsing may become unresponsive while Windows tries unsuccessfully to access the drive. Either unmap the drive or ensure that it can be accessed

 

I first did not think that this was my problem as I did not experience slow browsing in explorer or file/open dialog. But after I unmapped all unresolved network drives, it worked great again.

By the way, I’d recommend TortoiseSVN to anybody who is searching for a windows svn client. I have not seen any other client that powerful yet simple.

I hope this might be helpful for somebody who has the same problem.

28. April 2012

CrazyStat 1.71 RC1 released

Filed under: CrazyStat,PHP — Tags: , , , , , , , — Christopher Kramer @ 20:31

Today I released CrazyStat 1.71 RC1, the first Release Candidate of version 1.71. As there have already been two beta-versions tested by some testers, I consider this release candidate quite stable. I expect that no or only small changes will be made for the final version. Therefore, I’d like to encourage all CrazyStat users to update CrazyStat to 1.71 RC1. It is very simple, as described in the FAQ.

So what are the major changes?

  • New languages: Russian and Danish. Thanks a lot to the translators Vladimir and Liza! I hope CrazyStat will be translated into more languages soon. It is really not much work. Please contact me if you are interested.
  • PHP4 support dropped. I removed all workarounds for old PHP versions. Now at least PHP 5.1 is required. If your host is still running PHP4, you should really update or change to another hoster. PHP4 is not maintained for quite a while now. Also support for old GDlib-versions was dropped (1.x).
  • You can now link the entries of the file-module to the files. See the config setting you need to set.
  • IP anonymization reworked. This is now turned on by default. See FAQ for more information.
  • Average and total visiting time in hits-module
  • New logo by kartoffelpfluecker (thanks!)
  • Improved UTF8-support
  • New Browsers (Firefox-Versions), Bots, Operating Systems etc.
  • Lots of (smaller) fixes, i.e. producing PHP notice errors or invalid (X)HTML
  • Fix of a bug that caused weird ordering of the days-module sometimes
  • Fix of a bug that made Chrome transfer passwords unencrypted and corrupt the password file when changing passwords using Chrome

So this is more a maintenance release, not a major whole new version. See history for more details (with CrazyStat’s new public SVN hosted on Sourceforge, you can even track every individual change).

I hope you enjoy the new version. You can download it here.

Tell me what you think about it in the comments. In case you have problems, please ask in the support forum.

Enjoy using CrazyStat!
Christopher

26. April 2012

How to include CrazyStat in WordPress

Filed under: CrazyStat,PHP,Wordpress — Tags: , , , , , — Christopher Kramer @ 00:52

Of course it is possible to include CrazyStat in wordpress. I will describe here how it can be done. This approach assumes you have your own wordpress installation and can edit templates. It might not work this way if your blog is hosted on wordpress.com or similar. But I guess using CrazyStat in these cases would still be possible. Contact me if you need to know how and I will have a closer look.

So I assume you have a running wordpress installation and installed CrazyStat like described in the readme (at least steps 1-6 of quick install instructions). I assume you have a backup of your wordpress installation (at least the themes folder).

So the question is where to put the include code:

<?php @include_once("stat/src/include.php"); ?>

Log into the wordpress admin panel and click appearance/editor (German: Design/Editor). Make sure you selected the correct theme in the dropdown menu on the top right.

In case you do not want to use a counter

Click on “footer.php” on the right. You will see some HTML / PHP code in the editor. Put your cursor just before </body> (which should be quite at the end).  This is the best place to insert the CrazyStat code:

<?php @include_once("stat/src/include.php"); ?>

The path is seen from the wordpress root-directory. This code assumes you installed CrazyStat in the wordpress root-directory under “stat”. In case you installed it one level higher, you would need to use:

<?php @include_once("../stat/src/include.php"); ?>

Save your changes.

You might also need to adjust $config_rel_path. See config-documentation for details.

In case you want to use a counter

In this case, you’d need to find the place in your template where you want to place the counter. This should normally be somewhere after <body> in header.php, before </body> in footer.php or in sidebar.php. Unfortunately you need some HTML experience to find the correct place here. Use the same code as above.

In case you have problems

Please ask in the CrazyStat support forum in case you have problems or questions (no registration required at the moment!).

I hope I could clarify this for some people. Maybe I will do a wordpress plugin sometime. If you think this would be a great idea, tell me in the comments.

Alternative option: Use the WordPress plugin mzz-include-CrazyStat (Update 2017-02-17)

The problems with the solution described above are:

  • Whenever the theme is updated, the change of the footer.php might get lost.
  • If you switch to another theme, you need to add the CrazyStat code again.

To solve these problems, CrazyStat user Morgan Jassen developed a small helper plugin that just inserts the include code:

Find it here: https://github.com/mjassen/mzz-include-crazystat

I just found this today and have not tried it yet, but think it is the better option. Thanks, Morgan!

17. April 2012

CrazyStat 1.70 detects Firefox 11 as 1.x (fix)

Filed under: CrazyStat,PHP — Tags: , , , , — Christopher Kramer @ 00:25

Hey,

CrazyStat version 1.70 (and before) detects Firefox version 11 (and upwards) as “Firefox 1.x”.

Firefox versions were really coming up fast lately, so I did not finish version 1.71 to get all those new versions added before they come out.

To fix this issue in 1.70 (or before), simply add “Firefox/11=Firefox 11” to stat/usr/keywords/browser.txt or even better download the current browser.txt from SVN. Just replace the file and clean the cache.

Note that you can easily customize browser detection as described in FAQ.

Of course this won’t be an issue in upcoming 1.71.

Greetings,
Christopher

« Newer PostsOlder Posts »