andy

php.net is probably the best place to look for information. The manual is a real must. There's little chance you will remember every function call and every parameter it takes. The library is a little too big. How long it takes to learn varies wildly. Whether you have programmed before makes a big difference. Be careful with web tutorials some of the miss out important stuff. I wrote my first database driven dynamic site, and then as I read up more on PHP I found I had huge security vulnerabilities in my site. Luckily I don't think anyone noticed. Plus there wasn't anything much they could do maybe wipe the database and execute DB queries but the data wasn't that important it was a short quiz. Biggest tip is think about security. Attackers won't go easy on you just because you're learning. Remember validate inputs preferably using white listing. Escape all outputs (sending to a database is an output). Oh and ask questions if you get stuck!

I have Ubuntu 6.06 on one partition, WinXP on the other. I very rarely boot into WinXP, but it would take me a while to transfer files onto the Ubuntu partiition and reformat the Windows half. I really should buy a second disk. Red Hats a nice distro if you want commercial support. My University used to ave Red Hat machines, now they switched to CentOS. Luckily nothing much broke either.

roughly 2mbps dowm just under 256kbps up

I don't think it needs to be SSL encrypted from the end user to the proxy server. However it would be horribly insecure, especially as the remote site would be believing it had an SSL link all the way when it only has it half way. Of course even with SSL it would still be less secure as the heliohost server (aka the proxy) would decrypt the content and then reencrypt it. It would also make it harder for the end user to check the end point as they will see the heliohost SSL cert and not yahoo's or whoever the true end point is. Add to that heliohost provides shared hosting which lowers security as you don't know who else has access to the same server. What's your reason for using a proxy? If you want annoymity you could use tor, ( www.tor.eff.org ) Or are you just trying to bypass filtering software?

There are quite a few books on programming over on wikibooks.org. Take a look at: http://en.wikibooks.org/wiki/Wikibooks:Pro...uages_bookshelf Incase anyone is thinking of learning C I would recommend "The C Programming Language" by Kernighan and Ritchie One of the books I bought years ago and still find useful for reference. IFound it helpful for refreshing my memory when I had been away from C programming for a while. For Java I would recommend "Java Concepts" by Cay Horstmann Another book I still use regularly, I have the 4th Edition which covers up to Java 1.5/5.0 There is a 5th Edition comming soon which covers Java 6. I found Java pretty easy to learn, but by then I had a grasp on programming. I know people who first learn't to program in C. It is a very compact language, but for me that's it's downfall. Memory management is a tricky concept and it's all to easy to put memory leaks in your program, or to access memory incorrectly. Luckily there is Valgrind for catching the more obvious flaws. The thing that has always annoyed me about memory issues are the error may occur no where near the error. Oh and a quick way to find the cause of a "segmentation fault" (not sure what the windows message for accessing memory incorrectly is) which I wish someone had told me: Compile with the -g flag to gccinvoke program with GDB ( gdb ./myprog )Run your program ( run [arguments] )Do whatever causes the seg faultIt should tell you where the error occured, including line numberIf it says it occured in the libraries you probably called a function incorrectly View a backtrace to find the calling function ( backtrace ) Then quit ( quit ) You wouldn't believe the amount of time this has saved me. You can also use gdb to do a lot more complex stuff.

They've been getting this criticism for a long time and they haven't improved much. They won't improve security because it's not cost effective. If people will buy your insecure product why waste money on making it secure. I'm also thinging it would require a huge change. OSes like Unix/Linux/BSD and to some extent Mac have security built in at the kernel level. It also takes a shift in mindset for both users and programmers. When you write a Windows application many developers assume it has administrator privilages. In Linux you assume your code is running unprivilaged unless it really needs it. And even then many applications that need root (Linux equivllent of Administrator) powers will drop them once it's done what it needs to do. This is common in webservers, they need to run as root to bind on port 80, they then switch to a lower user to limit the damage done if they are somehow taken over. Up to Windows XP there was no easy way to run as a "Limited User" and still do things like install software without logging out and logging back in again. On Linux (and I think Mac) you can perform actions like installation by providing the root password (some distros you supply your user password). Not sure if Vista has fixed this major problem.

Of course not! You use whichever technique applies to your situation. The first thing you do is validate input data. If you expect it to conform to a certian pattern you make sure it does. For intance if you are allowing someone to enter an email address you make sure they can only enter a valid email address. And make sure they haven't put a newline character in it (google: header injection http://www.google.co.uk/search?q=header+injection ) If you expect a number check it really is a number. If they are enterng something that should be positive make sure it really is positive. After you've varified all input data to the fullest extent you can perform any operations you want to on it. Then you come to output it, this is where you do your escaping. (using the data in an SQL query counts as output because the data goes somewhere else). At which point you perform escaping in accordance with what you are trying to do. If you are using it in a mySQL query then use a mySQL escaping function, if you are putting it in a HTML page ue either HTML entities, or HTML special chars (be careful with quote characters, not all of them are escaped by default). Remember if you pull something out of your database that was orriginally input by the user and you are going to put it in a webpage it still needs to be escaped as the mySQL escaping was only used to get the data into the DB. You might want to Google for "PHP Security" Andy

It can't be trusted though because you establish an encrypted connection with the proxy and then the proxy establishes an encrypted connection with paypal. This means that you are reling on the security of your proxy. Which in this case is a shared host. And probably hasn't been attack tested to the degree that PayPal has. A decent proxy would just forward the packets so the encrypted connection would be between paypal and end user, and the proxy would never need to know what encryption was, it would just pass along lower level packets.

Viruses rarely destroy the hardware. The CIH computer virus did try to overwrite the BIOS which could render the PC unable to boot. Normally it would just require replacing the motherboard (or the BIOS chip itself). My machine is getting pretty old now. Needs to upgraded when I find the time/money. 2.8 GHz Pentium 4 (Hyper Threaded) 512 MB Ram Nvidia GeForce FX 5200 Surprisingly it still runs pretty fast.

Security perhaps? Do games still try to execute code off the stack? That would probably not work any more. Stack code should never be marked as executable it brings in a whole load of attack vectors via buffer overflows. Not only can you control the address to return to but you could have put all the nasty code straight in the stack ready to be run. really bad. Microsoft don't really care much about backwards/forwards compatibility. Mind you with a release schedule of one release in several years most technology becomes pretty obsolete by the time they retire the old version.

Depends on your OS. I normally ue Xvidcap ( http://xvidcap.sourceforge.net/ ) (I think it only runs on Linux, or Unix like systems). Dumps the screen capture into a mpeg file, useful for editing.

Depends on the game really. If you want a big desktop based game then performance is critical so anything that runs through interpriters is a no-no. In that case I would go for C/C++ probably using OpenGL If you want a website based game I would go with PHP and a MySQL backend, but there are quite a few other languages that could be used server side. If your producing small games you might want to look at using Python and PyGame

I think there are two different issues here. There will be two different connections, one from the users PC to the proxy, and one from the proxy to the end website. If you want SSL enabled for both parts. I'm not sure if you can access pages on shared hosting over SSH. Apache needs the host header to decide who's site is being displayed but SSL needs to serve the certificate prior to knowing who's site is being used. If shared SSL connections are supported on the virtual hosting it is likely your users will see a domain mismatch message, unless heliohost uses a wildcard SSL certificate. The proxy itself also needs to understand SSL to make the connection to the end point. For that it needs: OpenSSL Net::SSLeay I would be very suprised if openSSL was not already on the server. It may not be accessable though. According to cpanel Net:SSLeay is installed system wide so that shouldn't be a problem. However I can't see anyway you can setup SSL for connecting to your site. You can probably get your proxy to connect to SSL sites but it would be horribly insecure as it's sending the last bit unprotected. I seem to remeber being told that (inbound) SSL on shared hosts is normally not available as it requires each shared host to have it's own static IP so that Apache can determine which SSL cert it needs to serve. You might want to ask djbob: 1. can SSL connections be established to accounts on heliohost (i.e. does https://yourname.heliohost.org work, or be made to work) 2. Are outbound connects to port 443 permitted by the firewalls It might be better to keep it all in one topic, if the answers are dotted around all over the place tings could become confusing.

You might want to download the manual. Or add search for PHP functions (Firefox's search box can search PHP functions for you) The official manual and a function search is available from http://www.php.net You going to need to lookup functions in the manual quite a bit as you start out. If you want a book just type PHP into Amazon, there's probably quite a few.

I vote Java. My reasoning: C - too hard to learn with all the pointer complexities. C++, like C only bigger. Python - the interpritter is really unhelpful! It won't detect errors that GCC or javac would pick up no problem. Mis spelling a variable will either be ignored if assigning to it or will raise an error only when the code is executed. ruby - never used, can't comment LI - never heard of, can't comment basic - never used, but Dijkstra said: "It is practically impossible to teach good programming to students that have had a prior exposure to BASIC: as potential programmers they are mentally mutilated beyond hope of regeneration." Delphi - I actually learnt to program in Delphi, had to unlearn some of the misconceptions I managed to pick up though. Pushed me into GUI before I even new the basics of programming. Java - My current langauge of choice (except when I need the performance of C, or the low level access, or if the system lacks the JVM). Javac will pick up as many problem as it can, including typos. Coupled with Eclipse IDE this is amaingly powerful. Sybntax is similar to C and other languages. Has a nice library which means you don't need o worry about things like creating arrays that grow (you can use an array list).