Example of addslashes Multibyte SQL injection

CREATE TABLE users (
    username VARCHAR(32) CHARACTER SET GBK,
    password VARCHAR(32) CHARACTER SET GBK,
    PRIMARY KEY (username)
);
$db = mysqli_init();
$db->real_connect('localhost', 'username', 'password', 'database');
$db->query('SET NAMES gbk');

$_POST['username'] = chr(0x87)."' OR username = username -- ";
$username = addslashes($_POST['username']);
$sql = "SELECT *
        FROM users
        WHERE username = '{$username}'";
$res = $db->query($sql);

if ($res->num_rows) {
    echo 'success';
} else {
    echo 'fail';
}

The certificate for this server is invalid

If you try to access a https website in iOS simulator, you will see the error below.

Error loading page
Domain: NSURLErrorDomain
Error Code: -1202
Description: The certificate for this server is invalid. You might be connecting to a server that is pretending to be "your-domain.com" which could put your confidential information at risk.

Follow the steps below to bypass the ssl cert validation:
1. Drag and drop the .crt file to the iOS simulator.
2. Go to Settings > General > Profile, Select the cert and click “Install”.
3. Go to Settings > General > About > Certificate Trust Settings, Turn on the “Enable Full Trust for Root Certificates” option.

STRAIGHT_JOIN

When using JOIN query, sometimes MySQL’s JOIN optimizer would process the tables in a suboptimal order. STRAIGHT_JOIN can be used to resolve this problem. When using STRAIGHT_JOIN, the left table is always read before the right table.

Deploy to Production Server with Git using PHP

1. Create a deployment script

$commands = array(
    'echo $PWD',
    'whoami',
    'git reset --hard HEAD',
    'git pull',
    'git status',
    'git submodule sync',
    'git submodule update',
    'git submodule status',
);
$output = '';
foreach($commands AS $command){
    $result = exec($command);
    $output .= "{$command}
";
    $output .= htmlentities(trim($result)) . "\n";
}
echo $output;

2. On production server, generate a new SSH key

sudo -u apache ssh-keygen -t rsa

In case the server is not allowed you to generate key for apache, you can create the key using another user and then copy it to apache home folder.

ssh-keygen -t rsa
mv ~username/.ssh ~apache/
chown apache.apache ~apache/.ssh

3. Copy the new SSH key

cat ~/.ssh/id_rsa.pub

4. Go to https://github.com/settings/keys
Click “New SSH Key”

5. Enter Title and paste the SSH key you copied in the previous step. The Title can be anything you want.

6. Go to GitHub repository > Settings > Webhooks > Add web hook > Enter the deployment script url in the Payload URL field. Leave everything else as default.

7. On the production server, go to the site folder and run git clone.

git clone [email protected]:USERNAME/REPO.git .

8. Push the branch to github

9. If doesn’t work, go to /etc/passwd and change apache from /sbin/nologin to /bin/bash, login to apache, git fetch once, then switch back to /sbin/nologin in /etc/passwd

MySQL Commands

Create Database

CREATE DATABASE mydatabase CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;

If failed, use this instead:

CREATE DATABASE mydatabase CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

Create User

CREATE USER '[USERNAME]'@'localhost' IDENTIFIED BY '[PASSWORD]';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `[DATABASE]`.* TO '[USERNAME]'@'localhost';
CREATE USER '[USERNAME]'@'%' IDENTIFIED BY '[PASSWORD]';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `[DATABASE]`.* TO '[USERNAME]'@'%';