Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Armin

Pages: 1 [2] 3 4 ... 105
16
Entertainment District / Re: I'm just going to leave this one here....
« on: April 15, 2012, 09:39:26 pm »
Sometimes they get defensive, but contradicting them and providing them with solid evidence almost never gives them "more fuel". It might get them all riled up for no reason, but that's about the worst thing that will happen if you stay calm.
Agreed. Staying calm is key. Being a dick is more likely to fuel the fire.

An anecdote:

I once sat next to a hippie girl on a flight.

She kept talking about metaphysical crap like spirits, "energy", and karma.

When I made it clear I didn't buy any of it, she wondered why I was such a skeptic. I told her "because I have no evidence to believe in anything supernatural."

She sounded pretty convinced that she did have evidence to believe in the supernatural. She gave her recounting of what sounded like Young's interference experiment, but her version had a twist.

She thought that when humans watched the room, we saw the double-slit pattern. When only recording devices watched, we saw the single-slit pattern.

I chuckled and calmly explained "That's not really what happened in that experiment."

She was incredulous. We made a bet to check Wikipedia after we got off the plane, and that's what we did.

We landed, and found a place to sit down. I found the article, gave her my laptop, and let her read.

"Oh my god, you're right!", she said. Of course... no good nerd is without a good (superficial, at least) understanding of the double-slit experiment. "This changes everything!"

Yep. Her entire belief in the spiritual realm rested on this fabricated version of the double-slit experiment. I don't keep in touch with her, but I'll always remember that as the day that arguing with a kook actually did something.
That is an awesome story.

Funny you bring up this experiment. I have a friend that consistently refers to the double-slit experiment as evidence that through the act of concentrated observation, we can deliberately collapse the waves of probability to our will (for applicable phenomenon only), which in turn provides us with some sort of godlike choice of which universe out of all multiverses we reside in. So for example, he believes that if, during the Schrödinger's cat experiment, the observer had a single-minded focus that the radiation would not reach the Geiger counter, then there would be a much higher probability that the cat is still alive, at least within the observer's universe. He claims this is just a theory of his, but he refers to it so often that I think he really uses it as a sort of a motivation for accomplishing seemingly impossible goals.

I've debated with him over this for amusement, and though this is clearly flawed in my mind, I can never find the right words to explain why. Admittedly my knowledge of physics is limited. How would you refute this idea?

17
Entertainment District / Re: I'm just going to leave this one here....
« on: April 07, 2012, 01:50:13 pm »
too funny.

Being in the hippy business, I have witnessed more than my fair share of pseudoscience, but nothing quite like this.

I'm curious - how do you address this sort of thing? Do you adopt a 'live and let live' attitude, ignoring blatant and painful scientific misunderstanding to avoid hurting peoples' feelings, or do you tell them they're dumbasses?

Under most circumstances, I'm in the former camp. That's moreso out of cowardice than respect, though.
Depending on the circumstance, I usually engage in a polite discussion, respectfully pointing out the flaws in their theories, and then, if applicable, bringing to light more appropriate ways that science can coincide with their general viewpoint. If they're still overbearing with their pseudoscience, I make sure they know I disagree, that they shouldn't spread such misinformation, and then change the subject or move on. I find this most effective, but still not effective enough.

If it was this lady, I'd adopt the "live and let live" attitude, but more-so out of respect for my own time and sanity.

I'd imagine someone could conjure up a pretty humorous flow chart on how to confront the preachers of pseudoscience.

18
Entertainment District / Re: I'm just going to leave this one here....
« on: April 06, 2012, 05:58:38 pm »
too funny.

Being in the hippy business, I have witnessed more than my fair share of pseudoscience, but nothing quite like this.

19
General Discussion / Re: Let's hear it!
« on: March 12, 2012, 08:13:29 pm »
Perform a song about lust, adultery and violence in a church packed with families and children? Finally cross that one off my to-do list.

http://youtu.be/-0MYYJ0lXnY

20
General Discussion / Re: Let's hear it!
« on: March 06, 2012, 04:42:55 am »
in recent news, my drummer is a beast

http://www.youtube.com/watch?v=yzskxP3ybRs

21
General Discussion / Re: Book stands
« on: March 02, 2012, 04:29:59 am »
Wow, thank you for saying that Armin.  As soon as I saw it that's exactly what I thought.  It took me a bit of staring at it until I figured out what I was looking at. Haha
No problem bro.

PS, you have 9 more posts than I do. Fall behind me soon, you shall.

22
General Discussion / Re: Book stands
« on: February 27, 2012, 02:26:26 am »
the first totally looks like fucked up sex toy.

23
General Discussion / Re: <obligatory-new-year's-resolutions-thread>
« on: February 09, 2012, 03:25:19 pm »
Interesting research results.. I messed up cutting a nail yesterday and had to fix it with my teeth (no clippers handy). i discovered that the nails are quite a bit thicker/stronger than they used to be. More like my toenails (which I clip).

Craziness, man!
hahaha, "research results"? Awesome.

24
General Discussion / Re: <obligatory-new-year's-resolutions-thread>
« on: February 04, 2012, 10:57:23 pm »
I sense a deep rift beginning to form, splitting down the middle of the fundamental principles this Clan was found upon.

I hope for your sake, iago and Sidoh, that your resistance to change your barbaric, nail-biting ways does not seal our fate as another toppled over, forgotten internet forum.

25
General Discussion / Re: <obligatory-new-year's-resolutions-thread>
« on: February 04, 2012, 04:47:06 pm »
Maybe all these years of nail-biting has prevented you from developing noteworthy nail-clipping skillz? Two clips for each nail, one on each side, meeting in the middle with less than 1mm overlap... gets them mofuggahs as short as you need.

The gross crud that gathers underneath is exactly why I don't want my nails near my mouth, and I hate the scratchy feeling of bitten nails on my clothes/bedsheets.

26
General Discussion / Re: <obligatory-new-year's-resolutions-thread>
« on: February 03, 2012, 03:25:13 pm »
For the hell of it (and to prove to myself that it's not a habit), I stopped biting my nails on Jan 1. I always maintain that I broke the habit years ago, and that biting my nails is part of grooming now, not an unconscious habit. I'm usually fairly conscious about doing it.

And apparently I was right. Not biting them doesn't bother me in general, but having any kind of nails messes up my typing! Using a computer is annoying to me with any kind of nails :(
Over a month later, I haven't put my nails in my mouth. I wonder how long I have to do it to prove a point, I miss having ubershort nails and I hate the feeling of clippers!
You must continue until you reverse your hatred for the feeling of clippers! Then your point will be proven.

27
General Discussion / Re: Secure Web Download Token System
« on: February 02, 2012, 06:22:25 am »
hahaha shit man. I really opened up a Pandora's box with this ambitious idea. I spent equally as much time today failing to figure out why Internet Explorer times out halfway through the 713MB download (something to do with the download script, or server-side PHP settings [I wish my host would install mod_xsendfile]), as I did figuring out how to write this token script.

Due to this issue, and that of the scope of the vulnerabilities, I temporarily bypassed this system altogether with a direct link to the download. I will re-implement these features after I fix these issues.

When I first started this project on Monday, I took a small 5mg dose of Vyvanse to help me focus on this logical task. Later that night, shortly after I made the post about 'accomplishing' the project, loud sirens were coming from up and down my neighborhood streets, and some dude evading arrest walked into my apartment, out of my line of sight, and took refuge in my out-of-town roommate's bedroom.

My Vyvanse-strung-out, 3AM logic kicked in, and I asked if anyone was there. "And if anyone is there, it's okay. I'm going to my room," where I subsequently fell asleep. Albeit, a very skiddish sleep, but sleep nonetheless. [spoiler]of course, because of the day's tedious events + Vyvanse intake + lack of sleep, the entire experience was actually a paranoid hallucination.[/spoiler]

In other words, I need to play music for the next couple of days, or I may fall off into the deep end. :)

Many endless thanks for the suggestions, Blaze. I look forward to finishing this up over the next week so I can use it, along the knowledge I gained from this experience, on future releases/projects.

28
General Discussion / Re: Secure Web Download Token System
« on: February 01, 2012, 08:52:51 pm »
Sorry, is that better? Also, that article doesn't say anything about empty new lines, even though some examples included them. Is there a time and place for them?

29
General Discussion / Re: Secure Web Download Token System
« on: February 01, 2012, 08:12:59 pm »
The easiest thing you can do is probably to use something like MDB2 as a database wrapper and use prepared statements to prevent SQL injection.

Do that and you'll probably be fairly well off.
Thank you sir! I will look into this probably tomorrow.

If you post the code somewhere - or send it to me - I can probably give you some advice.

I'd suggest that instead of storing the email address in the database, you store a hash of the email address - md5($address). When the user does the request, take the md5() of the address they submit and compare it to the md5 stored in the database to see if it matches. That way, you never have to store their actual email address.

Great advice. I already launched the distribution at midnight last night, so I'll have to migrate the email data.

In the meantime, here is the code I used only once to initially add the users into the database (I deleted the script from the server after running it):

Code: [Select]
<?php
$con 
mysql_connect("server_removed","user_removed","password_removed"); //Establishes SQL connection
if (!$con) {
    die(
'Could not connect: ' mysql_error());                           //Ends script in case of connection error
}
$inpEmail "emails@are.listed here@with.spaces seperating@each.email";   //List of Email Input
$arrEmail=(explode(" ",$inpEmail));                                       //Explodes Email Input into an array
mysql_select_db("database_removed"$con);                                //selects the database
foreach ($arrEmail as $email) {                                           //For each email in the array do:
    
$gToken=hash('md5'$email time());                                 //Creates token as md5 hash of email . time
    
$sql="INSERT INTO TableRemoved (Email, Token, Used)
    VALUES ('
$email','$gToken','0')";                                     //Inserts 3 values into the SQL Table: Email, Token, number of uses
    
if (!mysql_query($sql,$con)) {
        die(
'Error: ' mysql_error());                                   //Ends script in case of connection error
    
}
    
$DownloadURL="http://www.link.com/removed?email="$email ."&token=" $gToken//Generates download URL
    
$subject="blah blah blah";
    
$message="blah blah blah" $DownloadURL . ;                                                        
    
$header="From:VAYDEN <contact@vaydenmusic.com>";
    
mail($email,$subject,$message,$header);                               //Sends URL to email address
    
echo "1 record added.<br />";                                         //Success!
}
mysql_close($con);                                                        //Closes SQL connection
?>

and here is the code I use for when the user tries to download the file:

Code: [Select]
<?php
$n
=0;                                                                   //Defines "email found" counter
$email=$_GET["email"];                                                  //GETs email from URL
$token=$_GET["token"];                                                  //GETS token from URL

$con mysql_connect("removed","removed","removed");                    //Establishes connection with SQL server
if (!$con) {
    die(
'Could not connect: ' mysql_error());                         //Ends script in case of connection error
}
mysql_select_db("removed"$con);                                       //Selects appropriate databse
$result mysql_query("SELECT * FROM removed
WHERE Email='
$email'");                                                 //Creates array for the email + all associated data
while($row mysql_fetch_array($result)) {
    ++
$n;                                                               //Increments "email found" counter -- I use this because there is no 'while {} else {}'
    
if ($row['Token']!=$token) {                                        //If the token does not match, do:
        
$gToken=hash('md5'$email time());                           //Generates new Token
        
mysql_query("UPDATE removed SET Token = '$gToken', Used = '0'
        WHERE Email = '
$email'");                                       //Adds new token to database, resets uses to '0'
        
$DownloadURL "removed"$email ."&token=" $gToken;          //Generates new download URL
        
$subject="blah blah blah";
        
$message $DownloadURL "blah blah blah";
        
$header="From:VAYDEN <contact@vaydenmusic.com>"
        
mail($email,$subject,$message,$header);                         //Sends new download URL to email address
        
die('blah blah blah');                                          //Ends script with "token expired" error message
    
}
    elseif (
$row['Used']>='3') {                                        //If the token has been used 3 or more times, do:
        
$gToken=hash('md5'$email time());                           //Generates new Token
        
mysql_query("UPDATE removed SET Token = '$gToken', Used = '0'
        WHERE Email = '
$email'");                                       //Adds new token to database, resets uses to '0'
        
$DownloadURL "removed"$email ."&token=" $gToken;          //Generates new download URL
        
$subject="blah blah blah";
        
$message $DownloadURL "blah blah blah";
        
$header="From:VAYDEN <contact@vaydenmusic.com>"
        
mail($email,$subject,$message,$header);                         //Sends new download URL to email address
        
die('blah blah blah');                                          //Ends script with "token expired" error message
    
}
    elseif (
$row['Token']==$token && $row['Used']!='3') {               //If token matches and has not been used more than 3 times, do:
        
$incToken=$row['Used'];
        ++
$incToken;                                                    //Increments token used variable
        
mysql_query("UPDATE removed SET Used = '$incToken'
        WHERE Email = '
$email'");                                       //Updates database with number of token uses
        
if ($fd fopen ($fullPath"r")) {                             //Runs this following download script:
            
$path $_SERVER['DOCUMENT_ROOT']."/hidden/";
            
$fullPath $path.$_GET['download_file'];
            
$fsize filesize($fullPath);
            
$path_parts pathinfo($fullPath);
            
$ext strtolower($path_parts["extension"]);
            switch (
$ext) {
                case 
"pdf":
                
header("Content-type: application/pdf");
                
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
                break;
                case 
"mp4":
                
header("Content-type: video/mp4");
                
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
                break;
                default;
                
header("Content-type: application/octet-stream");
                
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
            }
            
header("Content-length: $fsize");
            
header("Cache-control: private");
            while(!
feof($fd)) {
                
$buffer fread($fd2048);
                echo 
$buffer;
            }
        }
        
fclose ($fd);
        exit;
    }
}
if (
$n==0) {                                                            //This is my "while {} else {}" solution for if the email is not found
    
die "blah blah blah";                                               //Ends script with "email not found" error message
}
?>

I plan to clean this up by having the emails be sent from a separate PHP script, among other things. Also, forgive me for being new to programming. :P

30
General Discussion / Re: Secure Web Download Token System
« on: January 31, 2012, 03:20:10 am »
sweet... A little over 8 hours later without leaving the room, I've successfully accomplished my first project in PHP/MySQL.

Thanks for the direction, rabbit. :)

Though I'm still curious about how I should go about preventing anyone from taking advantage of SQL vulnerabilities and gathering the email addresses (most important), and also maliciously changing any table data. Any suggestions would be greatly appreciated. :D

Pages: 1 [2] 3 4 ... 105