Secure Programming Techniques

I can’t control how people run my programs or what input they give it, and given the chance, they’ll do everything I don’t expect. This can be a problem when my program tries to pass on that input to other programs. When I let just anyone run my programs, like I do with web applications, I have to be especially careful. Perl comes with features to help me protect myself against that, but they only work if I use them, and use them wisely.

Advanced Regular Expressions

Regular expressions, or just regexes, are at the core of Perl’s text processing, and certainly are one of the features that made Perl so popular. All Perl programmers pass through a stage where they try to program everything as regexes, and when that’s not challenging enough, everything as a single regex. Perl’s regexes have many more features than I can, or want, to present here, so I include those advanced features I find most useful and expect other Perl programmers to know about without referring to perlre, the documentation page for regexes.

Simple word matching

The simplest regex is simply a word, or more generally, a string of characters. A regex consisting of a word matches any string that contains that word:

    "Hello World" =~ /World/;  # matches

In this statement, World is a regex and the // enclosing /World/ tells perl to search a string for a match. The operator =~ associates the string with the regex match and produces a true value if the regex matched, or false if the regex did not match. In our case, World matches the second word in "Hello World", so the expression is true. This idea has several variations.
Expressions like this are useful in conditionals:

A Beginner's Introduction to Perl 5.10, part 2

The first two articles in this series (A Beginner's Introduction to Perl 5.10 and A Beginner's Introduction to Files and Strings in Perl 5.10) covered flow control, math and string operations, and files. (A Beginner's Introduction to Perl Web Programming demonstrates how to write secure web programs.) Now it's time to look at Perl's most powerful and interesting way of playing with strings, regular expressions, or regexes for short. The rule is this: after the 50th time you type "regular expression", you find you type "regexp" ever after.
Regular expressions are complex enough that you could write a whole book on them (Mastering Regular Expressions by Jeffrey Friedl).

Beginner's Introduction to Perl 5.10

By chromatic on May 7, 2008 12:00 AM

A Beginner's Introduction to Perl 5.10 talked about the core elements of Perl: variables (scalars, arrays, and hashes), math operators and some basic flow control (the for statement). Now it's time to interact with the world. (A Beginner's Introduction to Regular Expressions with Perl 5.10 explores regular expressions, matching, and substitutions. A Beginner's Introduction to Perl Web Programming demonstrates how to write web programs.)
This installment discusses how to slice and dice strings, how to play with files and how to define your own functions. First, you need to understand one more core concept of the Perl language: conditions and comparisons.

REGEXES

Pattern matching against strings

1. Lexical conventions
2. Literals
3. Wildcards and character classes
1. Dot to match any character
2. Backslashed, predefined character classes
3. Unicode properties
4. Enumerated character classes and ranges
4. Quantifiers
1. One or more: +
2. Zero or more: *
3. Zero or one match: ?
4. General quantifier: ** min..max
5. Modified quantifier: %
5. Alternation
6. Anchors
1. ^, Start of String
2. ^^, Start of Line and $$, End of Line
3. << and >> , left and right word boundary
7. Grouping and Capturing
1. Capturing
2. Non-capturing grouping
3. Capture numbers
4. Named captures
8. Subrules
9. Adverbs
1. Regex Adverbs
1. Ratchet
2. Sigspace
2. Matching adverbs
1. Continue
2. Exhaustive
3. Global
4. Pos
5. Overlap
10. Look-around assertions
1. Lookahead assertions
2. Lookbehind assertions
11. Best practices and gotchas
1. Code layout
2. Keep it small
3. What to match
4. Matching Whitespace

Regular expressions are a computer science concept where simple patterns describe the format of text. Pattern matching is the process of applying these patterns to actual text to look for matches.
Most modern regular expression facilities are more powerful than traditional regular expressions due to the influence of languages such as Perl, but the short-hand term regex has stuck and continues to mean regular expression-like pattern matching.
In Perl 6, although they are capable of much more than regular languages, we continue to call them regexes.

Lexical conventions

Perl 6 has special syntax for writing regexes:

m/abc/;         # a regex that is immediately matched against $_
rx/abc/;        # a Regex object
/abc/;          # a Regex object

The first two can use delimiters other than the slash:

m{abc};
rx{abc};

Regular Expressions

You can use a regular expression to find patterns in strings: for example, to look for a specific name in a phone list or all of the names that start with the letter a. Pattern matching is one of Perl's most powerful and probably least understood features. But after you read this chapter, you'll be able to handle regular expressions almost as well as a Perl guru. With a little practice, you'll be able to do some incredibly handy things.
There are three main uses for regular expressions in Perl: matching, substitution, and translation. The matching operation uses the m// operator, which evaluates to a true or false value. The substitution operation substitutes one expression for another; it uses the s/// operator. The translation operation translates one set

Perl Regular Expression Syntax

The Perl regular expression syntax is based on that used by the programming language Perl . Perl regular expressions are the default behavior in Boost.Regex or you can pass the flag perl to the basic_regex constructor, for example:

// e1 is a case sensitive Perl regular expression: 
// since Perl is the default option there's no need to explicitly specify the syntax used here:
boost::regex e1(my_expression);
// e2 a case insensitive Perl regular expression:
boost::regex e2(my_expression, boost::regex::perl|boost::regex::icase);

String matching

---

One of the most useful features of Perl (if not the most useful feature) is its powerful string manipulation facilities. At the heart of this is the regular expression (RE) which is shared by many other UNIX utilities.

---

Regular expressions

A regular expression is contained in slashes, and matching occurs with the =~ operator. The following expression is true if the string the appears in variable $sentence.

$sentence =~ /the/

The RE is case sensitive, so if

$sentence = "The quick brown fox";

then the above match will be false. The operator !~ is used for spotting a non-match. In the above example

$sentence !~ /the/

Regular expressions in Perl

This document presents a tabular summary of the regular expression (regexp) syntax in Perl, then illustrates it with a collection of annotated examples.

Metacharacters char meaning ^ beginning of string $ end of string . any character except newline * match 0 or more times + match 1 or more times ? match 0 or 1 times; or: shortest match | alternative ( ) grouping; “storing” [ ] set of characters { } repetition modifier \ quote or special To present a metacharacter as a data character standing for itself, precede it with \ (e.g. \. matches the full stop character . only). In the table above, the characters themselves, in the first column, are links to descriptions of characters in my The ISO Latin 1 character repertoire - a description with usage notes. Note that the physical appearance (glyph) of a character may vary from one device or program or font to another.

Repetition a* zero or more a’s a+ one or more a’s a? zero or one a’s (i.e., optional a) a{m} exactly m a’s a{m,} at least m a’s a{m,n} at least m but at most n a’s repetition? same as repetition but the shortest match is taken Read the notation a’s as “occurrences of strings, each of which matches the pattern a”. Read repetition as any of the repetition expressions listed above it. Shortest match means that the shortest string matching the pattern is taken. The default is “greedy matching”, which finds the longest match. The repetition? construct was introduced in Perl version 5.

Special notations with \

Single characters \t tab \n newline \r return (CR) \xhh character with hex. code hh

“Zero-width assertions” \b “word” boundary \B not a “word” boundary

Matching

\w	matches any single character classified as a “word” character (alphanumeric or “_”)
\W	matches any non-“word” character
\s	matches any whitespace character (space, tab, newline)
\S	matches any non-whitespace character
\d	matches any digit character, equiv. to [0-9]
\D	matches any non-digit character

Character sets: specialities inside [...]

Different meanings apply inside a character set (“character class”) denoted by [...] so that, instead of the normal rules given here, the following apply:

[characters]	matches any of the characters in the sequence
[x-y]	matches any of the characters from x to y (inclusively) in the ASCII code
[\-]	matches the hyphen character “-”
[\n]	matches the newline; other single character denotations with \ apply normally, too
[^something]	matches any character except those that [something] denotes; that is, immediately after the leading “[”, the circumflex “^” means “not” applied to all of the rest

Examples

expression	matches...
abc	abc (that exact character sequence, but anywhere in the string)
^abc	abc at the beginning of the string
abc$	abc at the end of the string
a|b	either of a and b
^abc|abc$	the string abc at the beginning or at the end of the string
ab{2,4}c	an a followed by two, three or four b’s followed by a c
ab{2,}c	an a followed by at least two b’s followed by a c
ab*c	an a followed by any number (zero or more) of b’s followed by a c
ab+c	an a followed by one or more b’s followed by a c
ab?c	an a followed by an optional b followed by a c; that is, either abc or ac
a.c	an a followed by any single character (not newline) followed by a c
a\.c	a.c exactly
[abc]	any one of a, b and c
[Aa]bc	either of Abc and abc
[abc]+	any (nonempty) string of a’s, b’s and c’s (such as a, abba, acbabcacaa)
[^abc]+	any (nonempty) string which does not contain any of a, b and c (such as defg)
\d\d	any two decimal digits, such as 42; same as \d{2}
\w+	a “word”: a nonempty sequence of alphanumeric characters and low lines (underscores), such as foo and 12bar8 and foo_1
100\s*mk	the strings 100 and mk optionally separated by any amount of white space (spaces, tabs, newlines)
abc\b	abc when followed by a word boundary (e.g. in abc! but not in abcd)
perl\B	perl when not followed by a word boundary (e.g. in perlert but not in perl stuff)

Examples of simple use in Perl statements

These examples use very simple regexps only. The intent is just to show contexts where regexps might be used, as well as the effect of some “flags” to matching and replacements. Note in particular that matching is by default case-sensitive (Abc does not match abc unless specified otherwise).
s/foo/bar/;
replaces the first occurrence of the exact character sequence foo in the “current string” (in special variable $_) by the character sequence bar; for example, foolish bigfoot would become barlish bigfoot
s/foo/bar/g;
replaces any occurrence of the exact character sequence foo in the “current string” by the character sequence bar; for example, foolish bigfoot would become barlish bigbart
s/foo/bar/gi;
replaces any occurrence of foo case-insensitively in the “current string” by the character sequence bar (e.g. Foo and FOO get replaced by bar too)
if(m/foo/)...
tests whether the current string contains the string foo

---

Perl Regular Expressions (With Snippets)

Copyright (C) 1998-2001 by Steve Litt

Contents

• Introduction
• What They Are
• Doing String Comparisons
• Simple String Comparisons
• Using Simple "Wildcards" and "Repetitions"
• Using Groups () in Matching
• Using Character Classes []
• Matching: Putting it All Together
• Doing String Selections (parsing)
• Doing Substitutions
• Doing Translations
• Greedy and Ungreedy Matching
• Resolving Doubledots in A Filepath
• Kewl Splitpath One Liner Regex
• Using a Variable as a Match Expression:
• Symbol Explanations:
• =~
• !~
• /
• m
• ^
• $
• i

Introduction

Berkenalan dengan Perl

Hasanuddin Tamir

Bagian: 1—Pengenalan Perl dan CGI

Tingkat: Dasar

Tujuan: Setelah membaca tutorial ini, pembaca diharapkan mengetahui secara garis besar tentang elemen-elemen dasar Perl dan dapat membuat program CGI sederhana.

Abstrak: Apa itu Perl, bagaimana cara menjalankan skrip Perl, elemen-elemen dasar bahasa Perl (variabel, fungsi, operator, definisi, pernyataan, ekspresi dan kontrol), CGI, menulis program CGI sederhana.

Prasyarat: mampu memahami logika dan algoritma, tidak wajib punya pengalaman dengan bahasa lain, tapi akan sangat membantu bila pembaca mengenal C dan shell. Mengerti HTML.

Belajar Regex

Steven Haryanto

Bagian: 1—Pengenalan dan Karakter Meta Sederhana

Tingkat: Dasar

Tujuan: Setelah membaca bagian pertama ini, pembaca diharapkan memahami beberapa metakarakter regex sederhana: dot, set karakter, alternasi, jangkar, shortcut quantifier +, *, ?, serta pengelompokan.

Abstrak: Apa itu regular expression (regex), mengapa regex perlu, beberapa contoh awal.

Prasyarat: Kenal dengan salah satu bahasa pemrograman Perl, PHP, atau Python. Ini tidak wajib, tapi akan membantu dalam memahami contoh-contoh.

Kuis berhadiah BMW portal Astaganaga.com hari ini ditutup dan akan diundi dua minggu lagi. Ternyata jumlah formulir yang disubmit mencapai lebih dari 40 ribu! Sukses besar. Kebetulan, karena Anda seorang programer PHP yang telah mengerti tentang SQL dan RDBMS (meskipun hanya MySQL), data tiap formulir online sudah masuk semua dengan rapi ke database. Dengan bangga Anda membuka browser dan mengakses URL phpMyAdmin dan bermaksud melihat-lihat data yang telah terkumpul.

Nama propinsi kebetulan seragam semua, karena Anda telah membuat field isian berupa kotak select, sehingga pengisi formulir tinggal memilih dari daftar propinsi yang disediakan. Tapi, wah, ternyata nama kota

Dasar Perl

Tujuan: Setelah membaca tutorial ini, pembaca dapat memahami manipulasi array dan manipulasi file di Perl, serta melakukan IPC sederhana.

Abstrak: Belajar Perl dengan contoh kasus manajemen user di Linux.

Dalam buku klasik The C Programming Language, Kernighan dan Ritchie pernah mengatakan, “Satu-satunya cara belajar bahasa pemrograman yaitu dengan membuat program dalam bahasa tersebut.” Anda akan melihat bahwa pernyataan itu sangat benar ketika Anda belajar Perl.

Setelah Anda membaca tutorial pertama mengenai Perl, kemungkinan Anda sudah pusing melihat keanehan dan kerumitan sintaks Perl. Kebanyakan orang akan berpikir kok ada bahasa pemrograman dengan sintaks yang aneh seperti ini? Memangnya ini bakal terpakai di dunia nyata?

Squid Proxy Sever View logs / log files

Q. How do I view squid proxy server log files under CentOS Linux server 5.0?
A. squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, squid handles all requests in a single, non-blocking, I/O-driven process.

/var/log/squid/ log file directory

The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (eg, memory, disk space). There are several log file maintained by Squid. Some have to be explicitely activated during compile time, others can safely be deactivated during.

• /var/log/squid/access.log : Most log file analysis program are based on the entries in access.log. You can use this file to find out who is using squid server and what they are doing etc
• /var/log/squid/cache.log : The cache.log file contains the debug and error messages that Squid generates. If you start your Squid using the default RunCache script, or start it with the -s command line option, a copy of certain messages will go into your syslog facilities. It is a matter of personal preferences to use a separate file for the squid log data.
• /var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones. As a kind of transaction log it is ususally used for debugging purposes. A definitive statement, whether an object resides on your disks is only possible after analysing the complete log file. The release (deletion) of an object may be logged at a later time than the swap out (save to disk).

How do I view Squid Log files / logs?

You can use standard UNIX / Linux command such as grep / tail to view log files. You must login as root or sudo command to view log files.

Display log files in real time

Use tail command as follows:
# tail -f /var/log/squid/access.log
OR
$ sudo tail -f /var/log/squid/access.log

Search log files

Use grep command as follows:
grep 'string-to-search' /var/log/squid/access.log

View log files

Finally you can use text editor such as vi to view log files:
# vi /var/log/squid/access.log

referensi : http://www.cyberciti.biz/faq/category/nginx/

Squid URL rewrite Untuk Partial Content PERL

IDE diambil dari update accelerator di coding ulang lebih simple dan gampang dimengerti untuk dioprek2 lebih lanjut. untuk kasus pertama caching content 206 (partial content) perview streaming 4shared.

SEKILAS SQUID

quid.conf adalah file configurasi dari squid yg terletak di direktori /etc/squid

sekilas configurasi minimal dan penjelasannya :

http_port 3128
Penjelasan :
Adalah port http yang digunakan oleh squid. Port 3128 adalah defaultnya, ada pilihan lain yaitu port 8080, jadi silakan saja anda memilih yang mana, dalam hal ini dipilih port 3128 saja.

Delay Pool Squid

Latar Belakang
Bandwidth merupakan barang yang mahal. Untuk saat ini kisaran 64 kps dihargai sekitar 4 jt perbulan. Permasalahnnya bandwith 64 kbits itu bukan nilai yang besar. Rata-rata yang didapat pelanggan adalah 64 1:2. Artinya 1 jalur 64 kbits digunakan untuk 2 pelanggan sekaligus.
Sudah bandwidthnya dibatasi terkadang pula disisi user ada yang bertingkah seenaknya. Merasa ada koneksi internet gratis, beberapa user mulai menggunakannya untuk membuka situs-situs tertentu atau mengkoleksi file-file tertentu. Tentu saja alokasi bandwidth yang tersedia semakin menyusut. Yang merasakan adalah golongan user yang biasa-biasa saja (bukan mania internet), mereka hanya bisa mengelus dada.

Belajar Regex

apa itu regex?? regular expression.. sebuah pengolahan text yang sering dipakai pada beberapa bahasa pemrograman. tanpa menggunakan regex ini, refresh pattern di squid jadi panjang banget.. pokoknya regex mengenali pola-pola data dengan proses matching.. dalam sebuah url yang panjang dan bertele-tele ternyata ada kunci untuk menyimpulkan data apa yang sedang direquest.. atau sedang di download, kunci inilah yang dirumuskan dalam regex, seperti seorang kriptografer.. :P

Pemrograman Perl Dasar

SYNOPSIS

Teks PPP ini ditulis dengan tujuan untuk membantu orang Indonesia yang baru belajar menggunakan Perl. Latar belakang bahasa C akan sangat membantu, meskipun bukan syarat mutlak, akan tetapi pengalaman pemrograman dalam sekurang-kurangnya satu bahasa lain diperlukan. Sebagai bahan tutorial, teks ini dirancang untuk digunakan bersama dengan perlop. Jika dokumen tersebut dirasa sulit dibaca karena terlalu teknis, Appendix A disediakan untuk membantu memahami sejumlah istilah teknis di sana.

Rencananya teks ini akan disampaikan sebagai salah satu materi pada Pelatihan/Tutorial Linux KPLI Jateng (Kelompok Pengguna Linux di Indonesia area Jawa Tengah, http://jateng.linux.or.id/), tanggal: m#\d+/

Bagian 1: Dasar-Dasar Pemrograman Ruby

Sekilas Ruby

Ruby merupakan bahasa pemrograman yang interpreted, dinamis, dan open source. Ruby berfokus pada kesederhanaan dan produktivitas, sehingga Ruby merupakan sahabat baik programmer. Ruby mensupport multiparadigma: berorientasi objek, imperatif, reflektif, dan fungsional.
Pada bagian ini, kamu dapat mencoba-coba kode di bawah dengan mengklik tombol "Jalankan".

Perl Contoh test regex lain yang sayang dibuang

#!/usr/bin/perl

# skrip utk ngetest regex dan pengambilan konten statis dari web imdb.com

# simpan skrip ini dgn nama file regex.pl

# jalankan dr command prompt ketik : Perl regex.pl

print “masukkan link video dari imdb dibawah ini utk di test regexnya\n”;