- on the statistics link the top ports to their info.
- provide more information, like how to open or forward ports etc
- your url format would be so much easier if you could just type whatportis.com/xxxx or whatportis.com/keyword rather than the index.php stuff
- it's not clear you can search for software that uses a port, you do say name but it would be more clear if it said something like "80, http, world of warcraft" or whatever
- "is this port open on my computer/server/whatever"
Thanks, you can actually search using the URL, for example http://whatportis.com/80 or http://whatportis.com/http, just need to edit the page so it passes the variable like this, not through the usual GET syntax like it is at the moment.
A few of the things I know need doing are:
- More content for the users and also the search engines as they dont appear to index much of the site, may be even remove the javascript tabs and have distinct pages to help the search engines a bit more...
- Edit the search page to pass variables through the URL (cleanly)
- Some how improve the search system, very basic search at the moment and probably returns too many results for some parameters.
I do agree the statistics page defiantly needs some work doing to it, such as there is the same port listed a few times in the top 5 as there is so many records for it.
Really like the 'this port is open on my computer' although dont want to look like I am attacking all of my users with port scans, so might make that a manual click to check.
Interesting. With grep you need at least something to search (one argument), don't you? If you don't provide another argument to say "where", it reads from standard input (as most unix commands).
But you already know that because you're using it that way with cat. How can you don't remember then the order of the arguments?
> {1} With grep you need at least something to search (one argument), don't you? {2} If you don't provide another argument to say "where", it reads from standard input (as most unix commands).
And ‘find’ is the other way around.
I just don't see any reason to not to use cat. It's not like grep will use fseek() to speed anything up, if I call it with file URI instead.
I have to second prepared statements. You wont have to change your code too much to use them and they are way too important not to use. They can even lead to speedups if you're going to reuse queries.
The errors shown on the site was actually from a misguided hack I performed to log all search variables into a database, unfortunately I forgot to apply the correct SQL protection techniques that I normally do throughout the rest of the site and created the vulnerability slaps self on head.
Apologies for the confusion I am not actually using a SQL cleaner, in-fact with brutal honesty I don’t actually know what one is. I was using the term to reference my usual methods/techniques for keeping SQL ‘clean’ from injection attempts.
I am fairly happy with my current SQL setup and the way it protects from injection, obviously when I code it correctly, however I will certainty look into using fully prepared SQL, currently I do something ‘similar’ using my objects so it would probably be very easy to implement.
Thanks for all of the feedback so far and pointing out the flaws, in fact the logs I have gotten from people ‘testing’ my SQL protection has helped a lot!
I am fairly happy with my current SQL setup and the way it protects from injection
In all seriousness: you shouldn't be, because it clearly doesn't protect in all cases. ("Failed to wrap a query in a magic function to make it sort of safe" is part of "all cases.") You have demonstrated, by neglecting to use your "correct SQL protection techniques," why non-prepared statements are absolutely terrible. You cannot have the error you just did if you train yourself not to use direct SQL queries, regardless of library. Querying via MDB2 or PDO (or doctrine-dbal, which is a superset of PDO) means you have to intentionally and willfully do something very out-of-the-ordinary to pass in raw data as a SQL query, instead of being forced to wrap your queries in some slipshod, maybe-works-maybe-doesn't homegrown function that has not been rigorously tested.
Don't reinvent the wheel. Safe SQL queries are a solved problem.
I do agree that I should consider implementing none direct SQL, however I am 'faily happy' with my current set-up as it does work and protect (when used correctly).
I will certainly look at none direct SQL, however I just don't feel it's my number 1 priority at the moment, especially when the template isn't even rendering in some browsers.
No, I just prefer native web fonts to cufon. And you're still not escaping at least one of your queries properly unless you fixed it in the last 10 minutes.
The design is 'temporary' and off themeforest just to get the hack/project live and on the web - I don't like most of TF's designs however this did seem more minimal than most.
Preferably I would like something with less javascript and a lot more clean, just need to find a designer :)
For a minute I thought you were posting about competing services, then I saw the page and was like "How is this a competition?" It should be something like contest > X entries for following, Y for each port you enter. Weight X and Y however.
37 comments
[ 2.7 ms ] story [ 63.7 ms ] thread- on the statistics link the top ports to their info.
- provide more information, like how to open or forward ports etc
- your url format would be so much easier if you could just type whatportis.com/xxxx or whatportis.com/keyword rather than the index.php stuff
- it's not clear you can search for software that uses a port, you do say name but it would be more clear if it said something like "80, http, world of warcraft" or whatever
- "is this port open on my computer/server/whatever"
A few of the things I know need doing are:
- More content for the users and also the search engines as they dont appear to index much of the site, may be even remove the javascript tabs and have distinct pages to help the search engines a bit more...
- Edit the search page to pass variables through the URL (cleanly)
- Some how improve the search system, very basic search at the moment and probably returns too many results for some parameters.
I do agree the statistics page defiantly needs some work doing to it, such as there is the same port listed a few times in the top 5 as there is so many records for it.
Really like the 'this port is open on my computer' although dont want to look like I am attacking all of my users with port scans, so might make that a manual click to check.
Suggestion: - statistics: top 5 ports show only 2 distinct ports. it would be better IMO to show 5 distinct ports
But you already know that because you're using it that way with cat. How can you don't remember then the order of the arguments?
> {1} With grep you need at least something to search (one argument), don't you? {2} If you don't provide another argument to say "where", it reads from standard input (as most unix commands).
And ‘find’ is the other way around.
I just don't see any reason to not to use cat. It's not like grep will use fseek() to speed anything up, if I call it with file URI instead.
The API is actually live using JSON and someone has written an Android App for it already, just need to document it and make it public.
The nav at the top, right hand background-image isn't rendering on my ff5/win7 ".details .tabnav li a span".
as so: http://imm.io/7KxD
Also, I'd stay well away from centered text if I were you. And the Red highligthed text is quite disconcerting seeing as they arn't hyperlinks.
Hope that helps :) even if its not technical feedback.
Taking inspiration from something like server fault, however I am not a designer and finding a template that matches that is hard :)
http://php.net/manual/en/security.database.sql-injection.php
Warning bells. Correct practice is to use PDO or MDB2 and prepared statements for SQL access. You should never need a "SQL cleaner".
Apologies for the confusion I am not actually using a SQL cleaner, in-fact with brutal honesty I don’t actually know what one is. I was using the term to reference my usual methods/techniques for keeping SQL ‘clean’ from injection attempts.
I am fairly happy with my current SQL setup and the way it protects from injection, obviously when I code it correctly, however I will certainty look into using fully prepared SQL, currently I do something ‘similar’ using my objects so it would probably be very easy to implement.
Thanks for all of the feedback so far and pointing out the flaws, in fact the logs I have gotten from people ‘testing’ my SQL protection has helped a lot!
In all seriousness: you shouldn't be, because it clearly doesn't protect in all cases. ("Failed to wrap a query in a magic function to make it sort of safe" is part of "all cases.") You have demonstrated, by neglecting to use your "correct SQL protection techniques," why non-prepared statements are absolutely terrible. You cannot have the error you just did if you train yourself not to use direct SQL queries, regardless of library. Querying via MDB2 or PDO (or doctrine-dbal, which is a superset of PDO) means you have to intentionally and willfully do something very out-of-the-ordinary to pass in raw data as a SQL query, instead of being forced to wrap your queries in some slipshod, maybe-works-maybe-doesn't homegrown function that has not been rigorously tested.
Don't reinvent the wheel. Safe SQL queries are a solved problem.
I will certainly look at none direct SQL, however I just don't feel it's my number 1 priority at the moment, especially when the template isn't even rendering in some browsers.
Web fonts > Cufon
Not sure what you mean by the images? you want more? and less text?
Preferably I would like something with less javascript and a lot more clean, just need to find a designer :)
For a minute I thought you were posting about competing services, then I saw the page and was like "How is this a competition?" It should be something like contest > X entries for following, Y for each port you enter. Weight X and Y however.
I also agree, fonts need help.
This is probably some of the most helpful feedback I have gotten in a long time, on any project :)
If you're interested in better web fonts, look at Google Web Fonts.