個人測試問題發生的背景如下:
環境: Windows Server 2003
先灌MYSQL 5.1 =>OK
再灌PHP4 =>OK
灌PHPMYADMIN =>設定Secret_blowfish OK=>跑的時候出現

Client does not support authentication protocol requested
by server; consider upgrading MySQL client

MYSQL官方的解決方式如下:

MySQL 5.0 uses an authentication protocol based on a password hashing algorithm that is incompatible with that used by older (pre-4.1) clients. If you upgrade the server from 4.0, attempts to connect to it with an older client may fail with the following message:

shell> mysql Client does not support authentication protocol requested by server; consider upgrading MySQL client

To solve this problem, you should use one of the following approaches:

  • Upgrade all client programs to use a 4.1.1 or newer client library.
  • When connecting to the server with a pre-4.1 client program, use an account that still has a pre-4.1-style password.
  • Reset the password to pre-4.1 style for each user that needs to use a pre-4.1 client program. This can be done using the SET PASSWORD statement and the OLD_PASSWORD() function:
    mysql> SET PASSWORD FOR
    -> 'some_user'@'some_host' = OLD_PASSWORD('newpwd');

    Alternatively, use UPDATE and FLUSH PRIVILEGES:

    mysql> UPDATE mysql.user SET Password = OLD_PASSWORD('newpwd')
    -> WHERE Host = 'some_host' AND User = 'some_user';
    mysql> FLUSH PRIVILEGES;

    Substitute the password you want to use for “newpwd” in the preceding examples. MySQL cannot tell you what the original password was, so you’ll need to pick a new one.

  • Tell the server to use the older password hashing algorithm:
    1. Start mysqld with the --old-passwords option.
    2. Assign an old-format password to each account that has had its password updated to the longer 4.1 format. You can identify these accounts with the following query:
      mysql> SELECT Host, User, Password FROM mysql.user
      -> WHERE LENGTH(Password) > 16;

      For each account record displayed by the query, use the Host and User values and assign a password using the OLD_PASSWORD() function and either SET PASSWORD or UPDATE, as described earlier.

Note

In older versions of PHP, the mysql extension does not support the authentication protocol in MySQL 4.1.1 and higher. This is true regardless of the PHP version being used. If you wish to use the mysql extension with MySQL 4.1 or newer, you may need to follow one of the options discussed above for configuring MySQL to work with old clients. The mysqli extension (stands for “MySQL, Improved”; added in PHP 5) is compatible with the improved password hashing employed in MySQL 4.1 and higher, and no special configuration of MySQL need be done to use this MySQL client library. For more information about the mysqli extension, see http://php.net/mysqli.

It may also be possible to compile the older mysql extension against the new MySQL client library. This is beyond the scope of this Manual; consult the PHP documentation for more information. You also be able to obtain assistance with these issues in our MySQL with PHP forum.

For additional background on password hashing and authentication, see Section 5.4.9, “Password Hashing as of MySQL 4.1”.

後來試了之後就可以RUN了, 如果各位也遇到這個情況不妨試試.

主要是針對不同的帳戶, 可能是版本的問題, 只要設定OLD_PASSWORD, 再FLUSH一次MYSQL應該就沒問題了.

原文可參考: http://dev.mysql.com/doc/refman/5.0/en/old-client.html

當我們要把一個MYSQL的資料庫輸出,
搬移到另一臺機器的MYSQL時,
如果是全英文的資料庫還好, 最怕的是遇到中文字編碼的問題.
如果欄位是VARCHAR的dataType, 搬移後用網頁顯示時會是” ??? “..
相信是因為big5跟UTF-8之間轉換所造成的問題.
我的解決方式是把相關的資料格式從VARCHAR 變成 BLOB.
中文字就能正常顯示了.

這樣做的缺點是資料格式若是BLOB則會減低效率,
而且用PHP函式對中文字作字串處理時會有問題.

僅供參考囉~

如果有用PHPINFO的人都會常常看到JSON這個模組吧? 究竟JSON是甚麼呢?

看了以下的文章, 你就會恍然大悟了:

三分鐘告訴你甚麼是JSON,

http://secretgeek.net/json_3mins.asp

另外JSON的官網:

http://www.json.org

簡單的來說Json就是一種資料結構,
他類似XML, 能夠存放資料, 可再用程式語言去讀取他..
XML與JSON得比較可以參考上面的文章~

為了避免使用者取得他們不應該存取的資料,

.NET FRAMEWORK提供了安全性的物件, 限制使用者的存取權限.
這跟Windows本身的帳戶安全性有些不同, 是針對程式而言.

SecurityAction 屬性有三種:

  • RequestMinimum(M) 正常執行的最小權限
  • RequestOptional(O) 可有可無的權限
  • RequestRefuse(R) 絕對不能有的權限

*P = Security Policy (也就是Enterprise, Machine, User三者的交集)

最終權限的決定放程式為:  (P 交 ((M 聯 O) – R))

以下範例顯示:只允許使用者存取特定的資料表, 如果不是指定的資料表, 就無法執行程式:

注: RequestOptional, Unrestricted應設為False, 才表示不允許給予其他的權限; 如果設為True, 則表示沒有限制, 所有權限的給了(很危險, 容易造成駭客的入侵).

Imports System.Security.Permissions
Imports System.Data.SqlClient

<Assembly: UIPermission(SecurityAction.RequestMinimum, Window:=UIPermissionWindow.SafeTopLevelWindows)>
<Assembly: SqlClientPermission(SecurityAction.RequestMinimum, _
         ConnectionString:=”server=.;database=pubs;integrated security=true”)>

<Assembly: SecurityPermission(SecurityAction.RequestOptional, Unrestricted:=False)>

Public Class Form1

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim cn As New SqlConnection(TextBox1.Text)
        Try
            cn.Open()
            MessageBox.Show(“連線成功”)
        Catch ex As Exception
            MessageBox.Show(ex.Message)
        End Try
    End Sub

End Class

方法的權限安全種類:

有六種SecurityAction 可用再宣告式或命令式安全性

  • Assert
  • Demand
  • InheritanceDemand
  • LinkDemand
  • PermitOnly
  • Deny

Imports System.Security.Permissions
Imports System.IO

Public Class Form1

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

    End Sub

    <FileIOPermission(SecurityAction.Demand)> _
    Sub CreateFile()
        Try
            File.CreateText(“C:\test\b.txt”)
            MessageBox.Show(“b.txt has been created”)
        Catch ex As Exception
            MessageBox.Show(ex.Message)
        End Try
    End Sub

    ‘DENY表示不允許使用這個METHOD
    <FileIOPermission(SecurityAction.Deny, Write:=”C:\test”)> _
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        CreateFile()
    End Sub

    ‘SecurityAction.Demand的另一種寫法
    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Dim fp As New FileIOPermission(FileIOPermissionAccess.Write, “C:\test”)
        fp.Demand()
        CreateFile()
    End Sub
End Class

使用Visual Studio 來開發程式, 不只在ASPX有很不錯的功能, 再WINFORM方面也是學幾年都學不完.

以下是一個簡單的範例程式, 作用是監控自己的電腦如果建立一個帳號了, 就會顯示一個對話框, 告訴你所建立的帳號名稱及SID.

當然如果你會舉一反三, 也可以寫類似的程式(利用System.Management的namespace)來玩很多的花樣.

WinForm 程式:

Imports System.Management

Public Class Form1

    Dim watcher As ManagementEventWatcher

    Private Sub Form1_FormClosed(ByVal sender As Object, ByVal e As System.Windows.Forms.FormClosedEventArgs) Handles Me.FormClosed
        Button2.PerformClick()
    End Sub
    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim equery As New WqlEventQuery(“__InstanceCreationEvent”, New TimeSpan(0, 0, 2), “TargetInstance isa “”Win32_Account”””)
        watcher = New ManagementEventWatcher(equery)
        AddHandler watcher.EventArrived, AddressOf watcher_EventArrived
        watcher.Start()
        Button1.Enabled = False
    End Sub

    Sub watcher_EventArrived(ByVal sender As Object, ByVal e As EventArrivedEventArgs)

        Dim mbo As ManagementBaseObject
        mbo = CType(e.NewEvent, ManagementBaseObject)

        Dim serviceMO As ManagementBaseObject
        serviceMO = CType(mbo(“TargetInstance”), ManagementBaseObject)
        MessageBox.Show(String.Format(“Create a New Account: {0}” & vbCrLf & “SID:{1}”, serviceMO(“Name”), serviceMO(“SID”)))
    End Sub

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        If watcher Is Nothing Then

            Exit Sub

        End If
        watcher.Stop()

        Button1.Enabled = True
        Button2.Enabled = False
    End Sub
End Class

PHP 的 STRING FUNCTION

php 的string function 一直是處理字串的好幫手. 對於各種需求都可以在這個列表中找到.
以下列表取自: http://tw2.php.net/manual/en/ref.strings.php

Table of Contents

addcslashes — Quote string with slashes in a C style
addslashes — Quote string with slashes
bin2hex — Convert binary data into hexadecimal representation
chop — Alias of rtrim
chr — Return a specific character
chunk_split — Split a string into smaller chunks
convert_cyr_string — Convert from one Cyrillic character set to another
convert_uudecode — Decode a uuencoded string
convert_uuencode — Uuencode a string
count_chars — Return information about characters used in a string
crc32 — Calculates the crc32 polynomial of a string
crypt — One-way string encryption (hashing)
echo — Output one or more strings
explode — Split a string by string
fprintf — Write a formatted string to a stream
get_html_translation_table — Returns the translation table used by htmlspecialchars and htmlentities
hebrev — Convert logical Hebrew text to visual text
hebrevc — Convert logical Hebrew text to visual text with newline conversion
html_entity_decode — Convert all HTML entities to their applicable characters
htmlentities — Convert all applicable characters to HTML entities
htmlspecialchars_decode — Convert special HTML entities back to characters
htmlspecialchars — Convert special characters to HTML entities
implode — Join array elements with a string
join — Alias of implode
lcfirst — Make a string’s first character lowercase
levenshtein — Calculate Levenshtein distance between two strings
localeconv — Get numeric formatting information
ltrim — Strip whitespace (or other characters) from the beginning of a string
md5_file — Calculates the md5 hash of a given file
md5 — Calculate the md5 hash of a string
metaphone — Calculate the metaphone key of a string
money_format — Formats a number as a currency string
nl_langinfo — Query language and locale information
nl2br — Inserts HTML line breaks before all newlines in a string
number_format — Format a number with grouped thousands
ord — Return ASCII value of character
parse_str — Parses the string into variables
print — Output a string
printf — Output a formatted string
quoted_printable_decode — Convert a quoted-printable string to an 8 bit string
quotemeta — Quote meta characters
rtrim — Strip whitespace (or other characters) from the end of a string
setlocale — Set locale information
sha1_file — Calculate the sha1 hash of a file
sha1 — Calculate the sha1 hash of a string
similar_text — Calculate the similarity between two strings
soundex — Calculate the soundex key of a string
sprintf — Return a formatted string
sscanf — Parses input from a string according to a format
str_getcsv — Parse a CSV string into an array
str_ireplace — Case-insensitive version of str_replace.
str_pad — Pad a string to a certain length with another string
str_repeat — Repeat a string
str_replace — Replace all occurrences of the search string with the replacement string
str_rot13 — Perform the rot13 transform on a string
str_shuffle — Randomly shuffles a string
str_split — Convert a string to an array
str_word_count — Return information about words used in a string
strcasecmp — Binary safe case-insensitive string comparison
strchr — Alias of strstr
strcmp — Binary safe string comparison
strcoll — Locale based string comparison
strcspn — Find length of initial segment not matching mask
strip_tags — Strip HTML and PHP tags from a string
stripcslashes — Un-quote string quoted with addcslashes
stripos — Find position of first occurrence of a case-insensitive string
stripslashes — Un-quote string quoted with addslashes
stristr — Case-insensitive strstr
strlen — Get string length
strnatcasecmp — Case insensitive string comparisons using a “natural order” algorithm
strnatcmp — String comparisons using a “natural order” algorithm
strncasecmp — Binary safe case-insensitive string comparison of the first n characters
strncmp — Binary safe string comparison of the first n characters
strpbrk — Search a string for any of a set of characters
strpos — Find position of first occurrence of a string
strrchr — Find the last occurrence of a character in a string
strrev — Reverse a string
strripos — Find position of last occurrence of a case-insensitive string in a string
strrpos — Find position of last occurrence of a char in a string
strspn — Find length of initial segment matching mask
strstr — Find first occurrence of a string
strtok — Tokenize string
strtolower — Make a string lowercase
strtoupper — Make a string uppercase
strtr — Translate certain characters
substr_compare — Binary safe comparison of 2 strings from an offset, up to length characters
substr_count — Count the number of substring occurrences
substr_replace — Replace text within a portion of a string
substr — Return part of a string
trim — Strip whitespace (or other characters) from the beginning and end of a string
ucfirst — Make a string’s first character uppercase
ucwords — Uppercase the first character of each word in a string
vfprintf — Write a formatted string to a stream
vprintf — Output a formatted string
vsprintf — Return a formatted string
wordwrap — Wraps a string to a given number of characters