易栈网-膘叔

新闻来源:itnews.com.au
内容管理公司 Jadu 最近发布了一个工具，可以让 PHP 和 .NET 这对冤家和平共处。他们开发了一个叫做 Phalanger PHP compiler 的工具，可以将 PHP 程序编译成本地 .NET 程序执行。他们还准备将这一工具开源。

据 Jadu CEO Suraj Kika 介绍，这个工具对 PHP 程序进行编译，编译成 .NET 框架下下的本地程序。比如，你想用 WordPress，但你属于微软阵营，你可以将 WordPress 编译成可执行文件，放到 .NET 中并在 Visual Studio 中针对这个编译过的 WordPress 做进一步开发。

这个工具将为 PHP 和 .NET 开发工程师带来职业上的便利，避免在各自对方的技术领域内再培训。Kika 表示，我们会看到大量 PHP 开发者在微软阵营找到客户群。

Kika 还表示，开源和商业软件之间向来泾渭分明，这一工具将让这两个阵营的开发者走到一起。

本文来源：http://www.itnews.com.au/News/90129,jadu-brings-php-and-net-closer-together.aspx
中文翻译：COMSHARP CMS
膘叔：好妖的功能呀，一直以为PHP要想在windows下独立运行，得使用php GTK的，结果现在居然有人编译成.net，真是心有多大，世界有多大呀

突然发现wine的中文显示其实很简单
从1.1.4开始wine的界面就已经支持中文了，但是对于软件中的中文支持并不太好，主要原因。还是字体。。。
Let's go
首先，copy一下字体：把simsun.ttc （即宋体）复制到 ~/.wine/drive_c/windows/fonts
然后：

by Kevin Yank

The following is republished from the Tech Times #165.

When interviewing a PHP developer candidate for a job at SitePoint, there is one question that I almost always ask, because their answer tells me so much about the kind of programmer they are. Here’s the question: “In your mind, what are the differences between good PHP code and bad PHP code?”

The reason I like this question is because it tests more than just a candidate’s encyclopedic knowledge of PHP’s functions. Zend’s PHP certification does a good job of that (as does the test that Yahoo! issues to applicants for its PHP developer jobs, apparently).

Rather, the answer to this question tells me whether a PHP developer has, for example, experienced the pain of working with poorly-written code inherited from a careless predecessor, and whether he or she will go the extra mile to save the rest of the team from that same pain.

I don’t have a set notion of the perfect answer to the question, but I do know the kinds of things I’m hoping to hear. Just off the top of my head:

Good PHP code should be structured. Long chunks of code can be broken up into functions or methods that achieve sub-tasks with simple code, while non-obvious snippets should be commented to make their meaning plain. As much as possible, you should separate frontend HTML/CSS/JavaScript code from the server-side logic of your applications. PHP’s object oriented programming features give you some especially powerful tools to break up your applications into sensible units.

Good PHP code should be consistent. Whether that means setting rules for the names of variables and functions, adopting standard approaches to recurring tasks like database access and error handling, or simply making sure all of your code is indented the same way, consistency makes your code easier for others to read.

Good PHP code should be portable. PHP has a number of features, such as magic quotes and short tags, that can break fragile code when they are switched on or off. If you know what you’re doing, however, you can write code that works by adapting to its environment.

Good PHP code should be secure. While PHP offers excellent performance and flexibility out of the box, it leaves important issues like security entirely in the hands of the developer. A deep understanding of potential security holes like Cross-Site Scripting (XSS), Cross-Site Request Forgeries (CSRF), code injection vulnerabilities, and character encoding loopholes is essential for a professional PHP developer these days.

Once a candidate has answered this question, I usually have a pretty good idea of whether they’ll be hired or not. Of course, there’s always the possibility that an interviewee simply isn’t able to articulate these types of things, so we also have our candidates sit a PHP developer exam.

Many of the questions in this exam seem straightforward on the surface, but they give candidates plenty of opportunity to show how much they care about the little details.

The following “bad” code is a highly simplified example of the sort of thing we might put in our PHP developer exam. The question might be something like “How would you rewrite this code to make it better?”
 
<?php
    echo("<p>Search results for query: " .
        $_GET['query'] . ".</p>");
?>

<?php
    echo("<p>Search results for query: " .     $_GET['query'] . ".</p>");
?>

The main problem in this code is that the user-submitted value ($_GET['query']) is output directly to the page, resulting in a Cross Site Scripting (XSS) vulnerability. But there are plenty of other ways in which it can be improved.

So, what sort of answer are we hoping for?

Good:
 
<?php
     echo("<p>Search results for query: " .
         htmlspecialchars($_GET['query']) . ".</p>");
?>


<?php
    echo("<p>Search results for query: " .
         htmlspecialchars($_GET['query']) . ".</p>");
?>

This is the least we expect. The XSS vulnerability has been remedied using htmlspecialchars to escape dangerous characters in the submitted value.

Better:
 
<?php
     if (isset($_GET['query']))
     {
       echo '<p>Search results for query: ',
           htmlspecialchars($_GET['query'], ENT_QUOTES), '.</p>';
     }
?>


<?php
    if (isset($_GET['query'])) {
        echo '<p>Search results for query: ',
          htmlspecialchars($_GET['query'], ENT_QUOTES), '.</p>';
    }
?>

Now this looks like someone we might want to hire:

    * The “short” opening PHP tag (<?) has been replaced with the more portable (and XML-friendly) <?php form.
    * Before attempting to output the value of $_GET['query'], isset is used to verify that it actually has a value.
    * The unnecessary brackets (()) around the value passed to echo have been removed.
    * Strings are delimited by single quotes instead of double quotes to avoid the performance hit of PHP searching for variables to interpolate within the strings.
    * Rather than using the string concatenation operator (.) to pass a single string to the echo statement, the strings to be output by echo are separated by commas for a tiny performance boost.
    * Passing the ENT_QUOTES argument to htmlspecialchars to ensure that single quotes (') are also escaped isn’t strictly necessary in this case, but it’s a good habit to get into.

Somewhat distressingly, the number of PHP developers looking for work that are able to give a fully satisfactory answer to this sort of question—at least here in Melbourne—are few and far between. We spent a good three months interviewing for this latest position before we found someone with whom we were happy!

So, how would you do when asked a question like this one? Are there any factors that make PHP code good or bad that you feel I’ve left out? And what else would you look for in a PHP developer?

除了http://www.cmd5.com/外，你可以到下面试试

MD5 Reverse Lookup
http://linardy.com/md5.php
Digest-MD5-Reverse-1.3
http://search.cpan.org/~blwood/Digest-MD5-Reverse-1.3/
md5 hash search
http://www.hashchecker.com/index.php?_sls=search_hash
mmkey
http://www.mmkey.com/md5/
Dictionary Based Hash Cracker
http://www.securitystats.com/tools/hashcrack.php

project md5
http://schwett.com/md5/
xmd5
http://www.xmd5.org/index_en.htm
http://www.md5.org.cn/index_en.htm

TMTO[dot]ORG
http://www.tmto.org/home/
md5 rednoize
http://md5.rednoize.com/
MD5 Rainbow
http://passcracking.ru/
Reverse MD5 hash lookup
http://tools.benramsey.com/md5/
md5decrypt
http://www.md5decrypt.com/
md5
http://md5decryption.com/
alimamed
http://alimamed.pp.ru/md5/
md5crack
http://md5crack.it-helpnet.de/index.php?op=add
md5 hash database project
http://shm.hard-core.pl/md5/
Hash Calculator
https://www.astalavista.net/?cmd=rainbowtables
Ice Breaker
http://ice.breaker.free.fr/
md5This
http://www.md5this.com/
MD5 Encryption/Decryption Tool
http://md5.allfact.info/
MD5 Cracker (How safe is your password?)
http://bokehman.com/cracker/
MD5-crack
http://www.tydal.nu/article/md5-crack/

This is the site for Passwords Recovery. MD5 Rainbow Tables are used here.
http://passcracking.com/
http://passcracking.ru/
MD5 :: Reverse engineer your MD5
http://md5.idiobase.de/
The MD5 Collision Database
http://www.md5-db.com/index.php
GData: An Online MD5 Hash Database
http://gdataonline.com/
milw0rm MD5 Cracker
http://www.milw0rm.com/cracker/info.php
milw0rm MD5 checker
https://elitehackers.info/forums/showthread.php?t=5767
原文来自：http://hi.baidu.com/isbx/blog/item/7fcd5d60aa261ad88cb10df6.html
膘叔：其实MD5这东西呀，你可以自己写套程序，把1－0，a-z等一些常用字典遍历一下生成MD5到数据库里，以后自己查起来就方便了。这是最方便的做法，呵呵，在那里跑上个一两天，估计可以跑出几个G的数据了吧？