/wdg/ - Web Development General

Problem is our incompetent head of IT didn't backup client files in a long time. We'll have to wipe and reinstall the server for sure.

Also the reason why I suspect a tomcat vulnerability was a suspicious JSP file hosting a malicious script (downloading and executing "C:\\fast.exe" from a strange IP address) in the tomcat directory.

where can I get premium wordpress themes for free that aren't riddled with multiple backdoors and js miners?
>inb4 nulled
no, I don't want backdoors and js miners.

Attached: money-dollars-1321408078E.jpg (640x480, 33K)

Just look through the code, is it that hard?

Is there a way to do symmetric encryption using a password that the user input ? Both for text and file. Idea is that users can send file or text to the website, using a password and then anyone having the id & password can download it back.
Most stuff I find are people telling each others not to use encryption for passwords, which is not what I want to do. I also found people recommending openssl_encrypt and decrypt, but sometimes reading some people it do not seems to do the job that securely with my needs.

Anyone to give me some hints ?

server2008.cc/sweden.html
rate my website you stupid fucking idiots

How important is TypeScript for the initial job hunt? I've been reading through the docs for the last 2 days and seriously, I could have written one part of the project that I wanted to do in TS in plain JS by now. Should I just waste company hours for TS and focus on algorithms instead?

I threw up a little.

CNN level beat my peep.

Do you mean actually encrypting the files or rather authenticating to a file upload/download API ?
lel, I somehow thought at some point marquee was removed from browsers, but apparently not.

At least try to emulate the charm of the Geocities sites from the 90's.

>Do you mean actually encrypting the files or rather authenticating to a file upload/download API ?
the former.

You posted this in the last thread, in which you were told "of course". Of course you can. I feel like that's your site, and you just want people to look at it. Anything you see done in wordpress can be built with HTML/CSS/JavaScript, because that's all it is.

>from a strange IP address
figure out who dun it, that should be a primary focus. guess it serves you idiots right for not taking security serious

>reposting
Trying to develop my personal website, having a fucking hard time figuring out what should actually be on it.
Right now, it's just a quick blurb and a couple links to my GitHub/LinkedIn/Behance pages, but I want to expand it to at the very least have a portfolio of some kind, even though virtually all of the stuff that I've done in the past 4 years have been for work. I guess I could start a blog, but I have a hard time also figuring out what to write.
I guess I could also put my resume up either as a PDF download or as actual content...

Attached: gabu_gabu.webm (510x500, 136K)

some crypto or AES library like aes-js or browserify-aes?

Wow, you fucking faggot. I gave you advice in the last thread. Here it is again.
>Experience and/or Education section
>Skills section - can be logos, or text
>Groups section(any open-source communities you're involved in, or any IRL meetings you attend)
Blogging:
Anything. For example, if you learn about memoization, write about it. If you learn about Gatsbyjs, build something with it. Write a tutorial on how to build it.

Since this isn't good enough for you, get rekt m8

what a worthless reply.

should I start with php or python after learning css and html? I notice a lot of sites that I'm on and potentially want to work on are using php, but python seems to be more dynamic when it comes to its uses.

rather JavaScript, since you took the time to learn the other 2 parts of frontend already.

Ah, I forgot about that. After that though?

If you have any neat projects you can make into a browser-based demo, do that. If I had any specific ideas about projects I probably would have done them myself.

As for blogging, think about what you know more about than other people, or things you've explained to others.

Also in the future, keep an eye out for concepts that you've researched and maybe couldn't find any great explanation for, and ended up having to piece together different resources and test things yourself in order to fully understand it. Basically just looking for places where you had to do work to understand it, but now you're an expert, and your post can be the great explanation for the next person who's looking for a guide.

Not every blog post has to be totally unique and insightful. Look at the volume of stuff that's posted to Medium every day just in the vein of web dev: not all of it is going to be unique.

But like seriously though, if your concern is really bitcoin miners and backdoors, reading through the code is doable.

I saw about it, but I can't find about how secure it is, if I can trust it or not.

It's not at all my site.
I'm looking for expert opinion on how I'd even start to do that, because I'm a fucking idiot.

Depends on what you ultimately want to be able to do.
Learning at least 1 frontend framework like React, Vue or Angular (React if you want the most marketable skill) isn't a bad idea really.
But you can start learning backend related things any time as well.
For strictly webdev you can't go wrong with Node or PHP.
If you want to also keep it more universal then either Node or Python I think.
But if you already know. that PHP is what you are interested in, then why not.

>expert opinion
>Jow Forumswdg

what a worthless question
>is there any way to get free stuff other people used labour to craft
probably not

why you poke fun,this no funny,this serious business.

Wrong. I can get any full course published on udemy, linkedin, etc. for free. I can get any book, article, etc. ever published for free. Same with music, same with websites.

How the fuck do I bring another person onto my project without sounding desperate? I'm not desperate, far from it. But I have products in mind which require artistic skills. I'd also like someone to throw ideas at me.

How do you hire someone without paying them?

>Wrong.

Attached: Okay that's actually racist, dude..png (276x337, 176K)

>without paying them?
are you gonna pay them in exposure?

Attached: index.jpg (228x221, 11K)

>doing it for ((free))

I'd love to pay them, and I would, but it would be after we sold the products, which sucks. So not really for free. I know for a fact people would buy them. I'd be paying for the ads on Facebook and shit too.

The thing is, if you this is acceptable, your ideas probably aren't that good. If they "require artistic skill" and that's the reason your product would make money, you really aren't adding any value yourself. You're a parasite.

And when you dont sell any products, you dont pay them and their time is wasted. The fact that you dont have any money to pay them with from the getgo is a sign you have no capital to actually invest in your idea, and ideas with 0 investment or funding aren't going to make money. How are you going to sell your product without cash to market it to the public? Almost nothing makes money without some level of financial investment put in in the first place.

This may be a stupid question but why don't nodejs servers need to be minified and bundled like a react application for example?

I built an entire website, getting over 200 views per day.. it's a week old. It's not some crazy startup, it'd be a small business. My marketing is not bad, obviously. The artistic product is not the only way it'd make money. I have one product in mind that I want someone to create.

The reason you minify is typically just so the content you serve to the end user is significantly smaller in *file size* than it is in its development form. So the user only has to load 5kb instead of 50kb. Node JS is obviously running serverside so that doesnt matter, but you'd definitely minify the JS you sent from Node to the client. Remember React is a JS framework that acts on the browser, Node JS is a serverside runtime.

If you're so sure your product will sell, take out a loan, pay artists, sell the product, pay the loan back?

>But like seriously though, if your concern is really bitcoin miners and backdoors, reading through the code is doable.
I dont have time for that, I need to get like shitloads of themes, check them out one by one by running them on a local wp, then decide which 3 or 4 I'm gonna keep/buy/fix whatever.
so I'm looking for either an alternative to the Nulled wankery, or some sort of mass wp malware scanner.

>it's okay when I pirate Windows
seek help.

in es6 what's the point of getter and setters if i can assign any variable to an object if i want to?

we couldn't make php run any faster, so yea, we are adding JIT ( just in time compiler ) to php 8 - wiki.php.net/rfc/jit
yes
Pre : preprocess.io/
No !
Hack is not a php preprocessor, its a programming language that runs on HipHop VM.
but you could use Hack and than use hacktophp transpiler.
see : github.com/hacktophp/hacktophp
quiz, slack, facebook, messenger and wikipedia are the ones using it as far as i know.

>decide which 3 or 4 I'm gonna keep/buy/fix whatever.
Yeah, just check those 3 or 4. Don't even think about malicious code while you're testing the majority out. Just run them in a locked-down VM at that stage.

Hack and Haxe are two different things.

Hack is a language based on PHP developed by Facebook which runs on the virtual machine they built for it, HHVM.

Haxe is a language designed to transpile to many languages, with the intent that you can do development in Haxe, and then transpile to both PHP and JavaScript or ActionScript. And there are various other target languages available to which Haxe can be converted.

hooked-on-typing.now.sh/

Expanded my React game a little more. Built entirely with the new hooks API, using this for a talk at a JS meetup in my city.

Attached: example-screen.png (1723x1244, 44K)

ok, i wrote the website. frontend. backend. now how the hell should i go about getting this thing on the web? webhosting? buying a domain name? should i self-host on a pi? Good practices for setting up and maintaining the server?

Attached: 1508848057224.jpg (1000x800, 57K)

Self hosting is a good idea if you have your own server sitting around you can throw linux on. Setup secure SSH, depends really on your webstack but typically I'd pop nginx on, learn how to use services (systemd/initrc) and port forward, redirect your domain's nameservers over to the server. That's what I did to practice devops stuff anyway, really good to get an idea of performance monitoring/devops stuff.

In reality most people would just buyout a VPS and host it.

Forget all this nerd talk Just throw it up on heroku. Simple as fuck.

why build manual front and backend if youre going to do that lol might as well use wix

Self-hosting is surprisingly easy for a simple website.
Raspberry PI is totally enough for a small visitor count. You need to install a webserver (nginx, apache, etc.), and a backend language (php?).
Then, most likely you'll want a domain, which you just need to point at your server.
Some config file modifications might be necessary for your server, but if you managed to put together a website, you'll most likely be able to handle it.

Or you could just rent a VPS. DigitalOcean is the hip and trendy choice nowadays, which I too use. But desu I don't really like their style, and have been looking at OVH instead. Mostly because they offer free DDOS protection with their packages, and you can never be too careful.

In any case, you need to be comfortable setting up a server environment via SSH. Never use short passwords, and actually if you can, use auth keys instead of passwords. As soon as your server has a visible SSH server, you'll be getting constant login attempts from chinese and russian and other botnets.
Learn about fail2ban, and always prefer whitelisting to blacklisting when it comes to security.

Don't login as root, use sudo instead, and do regular backups.
Good luck, m8.

>if youre going to do that
not him... what's wrong with Heroku, and how is it similar to wix? I guarantee you 99% of the population cannot figure out how to use Heroku.

not him. as soon as my site was live i got about 6 visitors from china... i didn't even post it anywhere. assumed they were botnets. how the hell do i set up a log file for an express server to see what they tried doing?

>express server
No idea m8. For apache/nginx access logs are in /var/log/apacherornginx.
They just try the most common username/password combos to login. Nothing fancy.

I've tried visiting their IPs in my browser, and I'll often find cool phishin sites, file-hosting sites, shell companies, etc.
Just autoban them with fail2ban, and use good authentication methods.

i put my new node site on nginx. it was easy to setup.

>had interview
>question asked "so did you graduate last year?"
>"u-um, yeah!"
>mfw I have a bootcamp listed on my resume, they must have thought I have a degree
If this phone call goes to an irl interview, I feel I'm going to get asked more about my education and degree... Should I just forget about this job and keep looking? I don't feel like wasting a whole day for nothing(would have to take bus an hour away, and another hour back)

Attached: confused.jpg (600x600, 56K)

>fail2ban
should i use this? my site is small and has no login system. i access it through ssh with a public/private key.

Assigning a variable to a setter property will run the function of that setter.
What you do in that function is up to you. See the example on MDN.
not absolutely necessary in your situation I think, but doesn't hurt either.
did you even google that shit at all?
'esxpress log' first result
morgan logger middleware seems like a popular choice.
Alternatively put the express server behind Nginx, but that may overcomplicate things right now.

well done
I guess it's intentional, that the site is running the dev build in this case?

//php
function f(){
return 3 === 3;
}
echo f();
//output : 1
function f(){
return 3 === 4;
}
echo f();
//output :

wtf the output is nothing? not even false or null or zero?
pls explain

>if you have your own server sitting around you can throw linux on
i have a laptop with linux lying around, will that do?

looks like True coerces to string '1', while False results in an empty string.
Just another PHP thing.
You can use it, but it may not be the best method to keep your project hosted permanently, unless you don't mind having having a powered on laptop lying around 24/7, just for a small webserver.
You also need to configure dynamic DNS, in case you have dynamic IPs for your home connection.
A 5$ VPS from Digital Ocean or Vultr is usually a good option.

kek, disgusting waifu choice. get some taste, weeb

are people calling websites apps nowadays?
i am genuinely confused
when hosting company says they host apps do they mean websites?

thanks anons, I went to bed but appreciate the input. The site is for a small club of ~20 members and there's a login system for them and access to a private google spreadsheet. Ultimately it'll be what they want to pay for, so they may just want to rent a VPS for the additional security and features and whatnot.

imo 'app' implies that the website offers some kind of functionality, that you would normally associate with a more traditional program.
Managing emails, Slack, editing videos, ...
But the is no clear dividing line I think. Some may just use it, because it sounds hip and modern to them.

it actually seems to return "false" which it never outputs
when i do the
if(f() === false){
echo 'test';
}

it outputs 'test' but not if strict compared to null or empty str or zero, only when strict compared to "false"
also when non-strict compared to any of those falsy values it passes
so it seems its a boolean false which does not outputs
weird

about server, you mean i can host it for free from my laptop , just to buy domain?
i realize its unstable and for shitty websites but still in theory

>when hosting company says
oh didn't fully see that part.
I guess that can also mean hosting for backends, DBs, and such services.

>imo 'app' implies that the website offers some kind of functionality, that you would normally associate with a more traditional program
this makes sense, and this is how it started but seems today everything is an app because its cool and modern just like you said
basically i was reading about this Heroku service that one anone mentioned few posts above, i guess they are cloud service for hosting apps whatever that meant , i need some testing ground for my website built in Laravel that provides SSH access if theres such a thing out there, maybe its too much to ask for SSH for a free hosting
if thats the case what kind of hosting should i buy for my somewhat serious website for car enthusiasts/car selling?

true -> 1 -> "1"
false -> 0 -> ""

if you wanna see the real type and value, use var_dump() instead of echo.

echo true; // 1
var_dump(true); // bool(true)

echo false; //
var_dump(false); // bool(false)

it returns boolean False, but echo coerces the boolean to a string though, which is either '1' or ''. (from my 5-minute PHP knowledge here)
>about server
If you want you can buy a domain and point it to your server, but I still think a VPS would be better.
Do you have a static IP?

If you don't want to go with shared hosting, then the same recommendation as the other user.
Some small 5$ VPS from DigitalOcean or Vultr.

i was expecting too much from simple echo/print when var_dump is what was needed in this case to reveal the truth
thanks guys

no i dont have static IP i was just exploring these possibilities because i always wanted to learn to setup home server (however it may be shitty) for learning purposes, i never did it before but i am using linux exclusively for 4 years now
for starters i was wondering what actually does one need to host a simple website from his home, do i need some special deal with my ISP do they even need to know,do i need to report to someone that i am hosting a website from home lol or is it just enough that i have internet connection and my own hardware and paid domain to myshittytestwebsite.com?

thanks user
the only thing that scares me about VPS is that storage is limited for example $5 DigitalOcean has 25GB of storage and i dont know how much is enough for a website where users will upload images of cars they are selling etc., if by some miracle get to have thousands of users. I just want to plan ahead. Maybe I am overthinking this, i mean even tho images can get heavy maybe 50GB or something would be enough at all times except in maybe some extremes

you can also use `print_r`, useful for dumping objects and arrays.

see : 3v4l.org/DapAW

you can add object storage for ~5$ per 250GB
Server hardware is all you need and a domain, if you want it accessible via a nice name.
Dynamic IP makes it a little bit more complicated, since you then got to have something, that automatically updates the DNS, whenever your IP changes.
The only time your ISP may even ask whats up is if you somehow are pushing terrabytes of data a month.

Is it fun being a webdev?

developing things you like is fun
developing things you don't like isn't fun

What things should I like? I like css because it makes webpages look less trash.

thank you user for all the info

Hi, I'm a laid of journalist looking into building my own blog. Would you recommend me to learn to code it myself, or use up my savings to pay someone??

On another note, would it be possible to get a job for someone without coding experience, who took some basic online courses on coding?

In addition to what the other user said, you can always use a 3rd party image host like Amazon S3 if storage directly on the VPS gets expensive.

css is piss easy and not valuable, however. It doesn't help that clients have shit taste, either, and will just want some bootstrap meme.

nice meme

Attached: 1243214132.jpg (616x664, 40K)

The language itself is easy, but designing something that looks **really** good isn't.

thanks user

>designing something that looks **really** good isn't.
maybe not by your average Jow Forums poster, but there are a horde of people trying to be "designers" out there, separate even from actual artists.

#1 can you actually design something that looks really good (*to others*)?
#2 do your designs actually keep in mind functionality and UX instead of just what 'looks good'?
#3 do the people who will give you money give a shit whether something looks good vs really good vs meme of the week?

i mean, if you have clients lined up for your designs then obviously go for it. But 'css experts' alone are not in hot demand, and it's not a goal I'd recommend.
Of course if you were to learn html and javascript on top of that, you'd be a 'frontend developer,' which definitely isn't as delusional a career choice.

bump

how to I import a link's metadata?
like, if I wanna show a link in my website but I also wanna show the attached metadata (like title, description, image and so on)

i need to make validation for username so that it can only contain letters and numbers and it must start with a letter
after first letter all kinds of kombination of letters and numbers are ok :
username123
user12name
user12name123wewlad

basically its ok if they alternating like that
how do i do it with regex?
i tried /^[A-Aa-z]+[0-9]*[^_\W]$/i
but it doesnt allow alternating sequence of letters and numbers e.g. user123name

during compile or SSR load the site and check what's in the , include that on your page

can't I do that automatically?