Programing

参考Be wary of garbage collection 先看段代码： echo "Stage 1: Mem usage is: ", memory_get_usage(), "\n"; $arr = array(); for ($i = 0; $i < 1000000; ++$i) { $arr[] = rand(); } echo "Stage 2: Mem usage is: ", memory_get_usage(), "\n"; $foo = 1; $bar = 2; echo "Stage 3: Mem usage is: ", memory_get_usage(), "\n"; $foo = $arr; $bar = $arr; echo "Stage 4: Mem usage is: ", memory_get_usage(), "\n"; $arr = array(); echo "Stage 5: Mem usage is: ", memory_get_usage(), "\n"; $bar[] = "hello, world"; echo "Stage 6: Mem usage is: ", memory_get_usage(), "\n"; $foo = array(); echo "Stage 7: Mem usage is: ", memory_get_usage(), "\n"; 运行结果： Stage 1: Mem usage is: 37712 Stage 2: Mem usage is: 60232136 Stage 3: Mem usage is: 60232248 Stage 4: Mem usage is: 60232248 Stage 5: Mem usage is: 60232288 Stage 6: Mem usage is: 104426704 Stage 7: Mem usage is: 60242672 看stage 4， ...

511 ~$who | awk '/^'"$USER"'/' wang tty7 2009-12-23 09:00 (:0) wang pts/0 2009-12-23 09:00 (:0) 511 ~$who| awk '/^'"$USER"'/' wang tty7 2009-12-23 09:00 (:0) wang pts/0 2009-12-23 09:00 (:0) 较新版本的awk可以这样： nawk 'END { print "Your path variable is " ENVIRON["PATH"] }' #如下： ~$awk --version GNU Awk 3.1.6 ~$export b=2; ~$awk 'END { print "Your path variable is " ENVIRON["b"] }' /dev/null Your path variable is 2 参考文章 3.12) Is it possible to pass shell variable settings into an awk program? There are two different ways to do this. The first involves simply expanding the variable where it is needed in the program. For example, to get a list of all ttys you’re using: who | awk ‘/^’"$USER"’/ { print $2 }’ (1) Single quotes are usually used to enclose awk programs because the character ‘$’ is often used in them, and ‘$’ will be interpreted by the shell if enclosed inside double quotes, but not if enclosed inside single quotes. In this case, we want the ‘$’ in “$USER” to be interpreted by the shell, so we close the single quotes and then put the “$USER” inside double quotes. Note that there are no spaces in any of that, so the shell will see it all as one argument. Note, further, that the double quotes probably aren’t necessary in this particular case (i.e. we could have done who | awk ‘/^’$USER’/ { print $2 }’ (2) ), but they should be included nevertheless because they are necessary when the shell variable in question contains special characters or spaces. The second way to pass variable settings into awk is to use an often undocumented feature of awk which allows variable settings to be specified as “fake file names” on the command line. For example: who | awk ‘$1 == user { print $2 }’ user="$USER" - (3) Variable settings take effect when they are encountered on the command line, so, for example, you could instruct awk on how to behave for different files using this technique. For example: awk ‘{ program that depends on s }’ s=1 file1 s=0 file2 (4) Note that some versions of awk will cause variable settings encountered before any real filenames to take effect before the BEGIN block is executed, but some won’t so neither way should be relied upon. Note, further, that when you specify a variable setting, awk won’t automatically read from stdin if no real files are specified, so you need to add a “-” argument to the end of your command, as I did at (3) above. A third option is to use a newer version of awk (nawk), which allows direct access to environment vairables. Eg. nawk ‘END { print “Your path variable is " ENVIRON[“PATH”] }’ /dev/null ...

从这里看到一个在线原型设计工具 Mockingbird 是基于 Cappuccino 开发的一个在线原型设计工具。 确实很酷，280 Slides也是用这个工具做的。 研究了下，它是用Objective- J来做的，好像是类似GWT一样的东西，挺麻烦的 Cappuccino is an open source application framework for developing applications that look and feel like the desktop software users are familiar with. Cappuccino is built on top of standard web technologies like JavaScript, and it implements most of the familiar APIs from GNUstep and Apple’s Cocoa frameworks. When you program in Cappuccino, you don’t need to concern yourself with the complexities of traditional web technologies like HTML, CSS, or even the DOM. The unpleasantries of building complex cross browser applications are abstracted away for you. Cappuccino was implemented using a new programming language called Objective-J, which is modelled after Objective-C and built entirely on top of JavaScript. Programs written in Objective-J are interpreted in the client, so no compilation or plugins are required. Objective-J is released alongside Cappuccino in this project and under the LGPL. ...

allow_url_include 如果打开，则可以include远程文件 这是个很古老的安全问题了，今天做了下实验，才意识到危害性。 以前一位include 只是取到静态html内容，把它原样输出，没想到它会对获取倒内容中的php代码进行解释执行，很危险。 机器a上： wang@wang-desktop:~/www$ cat inc.php EOF ?> 然后在另一台机器b上： ...

使用lynx来获取网页文本， 效果就相当于在一个网页上面输入ctrl+a ctrl+c，然后ctrl+v保存到一个文本文件中，当然写到脚本里就可以自动化操作了。 lynx -notitle -nomargins -nolist -width=4096 -verbose -display_charset=gb2312 -dump http://baike.baidu.com/view/396668.htm?hh=255 | iconv -f gb2312 -t utf8//IGNORE 排下版 wang@wang-desktop:~/script/notsobad/shell/tool$ cat get_url.sh #!/bin/sh # File: get_url.sh # Author: notsobad # Description: # Created: 2009-12-14 15:53:02 # Last modified: 2009-12-14 15:53:02 url=$1 lynx -notitle\ -nomargins\ -nolist\ -width=4096\ -verbose\ -display_charset=gb2312\ -dump\ "$url"\ | iconv -f gb2312 -t utf8//IGNORE

关于shell中的eval 对于命令注入后，一条命令可能需要的字符大概有这几个吧 $ ' " ; && || [ ] ` > <; 可以看到是很多的，所以黑名单过滤的方法肯定是有问题的,因为是肯可能绕过去的。 加入对所有GET, POST的参数都用了htmlspecialchars做了处理，那么所有的< > 都会被转义成html字符 那么就没办法使用重定向符号了吗？ 参考下下面的利用eval来使用管道符号 The shell takes care of pipes and I/O redirection before variable substitution, so it never recognizes the pipe symbol inside pipe. The result is that the three arguments |, wc, and -l are passed to ls as arguments. ...

几篇很不错的文章 1 易用的界面，简单的一步 2 主次分明 3 每日构建（daily build）是你的朋友 4 第四战略篇：膨胀软件与80/20的谣传 5 行进中开火 6 看起来简单， 实际上复杂 7 给计算机系学生的建议 8 轻松面试找到理想员工－非官方的面试技术指南 9 The Joel Test: 软件开发成功 12 法则 10 《微独立软件供应商：从理想到现实》序 11 抽象渗漏法则 原文：Joel on software ...

shell参数中单引号如何表示呢？ 存在一个程序notsobad,它接受一个参数中含有单引号，怎么写呢？ # 双引号引起来 echo "'" ./notsobad -a xxx -b "'" # Or,注意参数中的单引号写法，实际上是 '\'' ./notsobad -a xxx -b ''\''' echo ''\''' 在shell参数中包含｀（反引号）字符，如何做呢？ # Wrong! # 反引号会先被shell截获解释，替换为反引号内部命令的执行结果 # 实际上产给notsobad的是id这个命令的输出，而不是命令本身 ./notsobad -b "`id`" # Right! echo '`id`' ./notsobad -b '`id`'

shell中的heredoc很有用，对于临时的创建一个较长的字符串，比如脚本中要创建一个脚本等，就可以用这个 参考 Here Documents heredoc中的变量，shell命令都会被执行 下面的脚本创建了一串ftp命令，供ftp命令使用 Filename=`basename $1` # Strips pathname out of file name. Server="ibiblio.org" Directory="/incoming/Linux" # These need not be hard-coded into script, #+ but may instead be changed to command-line argument. Password="your.e-mail.address" # Change above to suit. ftp -n $Server << End-Of-Session # -n option disables auto-logon user anonymous "$Password" binary bell cd $Directory put "$Filename.lsm" put "$Filename.tar.gz" bye End-Of-Session 注意，如果想输出原始字符，即不希望‘$’符号被替换为变量，需要把引导字符用引号引起来，或者添加转义符。 ...

今天看到了个说法 什么是bing？ Bing Is Not Google 参考GNU GNU’s Not Unix