Devit!

First Grab the latest copies of the following:

Apache (MSI with OpenSSL): http://httpd.apache.org/download.cgi
PHP Windows Binary (Zip Package): http://www.php.net/downloads.php
MySql Community Engine (MSI): http://dev.mysql.com/downloads/mysql/5.1.html#win32
MySql Tools (MSI): http://dev.mysql.com/downloads/gui-tools/5.0.html

Once you’ve downloaded the latest files follow these steps below:

1. Install Apache
   1. Network Domain: it doesn’t matter
   2. Server Name: it doesn’t matter
2. Unzip PHP into c:\php
3. Install MySql
4. Install MySql Tools
5. Create a folder c:\websites (or call it what you want)
6. Go to My Computer -> Right Click Properties -> Advanced -> Environment Variables
   1. Select Path -> Click Edit
   2. Add a ;c:\php on the end
7. Restart your computer!
8. Browse to the Apache Folder (Should be in Program Files\Apache Software Foundation\Apache
   1. Go into conf and open httpd.conf
   2. Change the following and Save
      1. ServerRoot (Should be set to your Apache folder – nothing should be changed here)
      2. Listen (In the event you want your Apache WebServer to not run at localhost:80 – you can specify a specific ip/port here
      3. In the LoadModule section you might want to enable rewriter_module (not necessary!)
      4. DocumentRoot "C:\websites"
      5. <Directory "C:\websites"> <– This is about ~15lines below the document root (REQUIRED CHANGE)
      6. Under the DirectoryIndex save yourself some time and add index.php after index.html with a space separating them
9. All Done making configuration changes to Apache
10. Copy the index.html file in htdocs to c:\websites
11. Click on the Apache Server Monitor in your TaskBar and restart Apache (if you have any problems check the logs folder in the Apache directory)
12. Open your Web Browser and Browse to http://localhost – You should see ‘It Works’
    1. If this failed to work – check the settings you’ve changed (typo’s will break things) also check the error logs in the apache\logs folder (Post any problems you can’t resolve in the comments)
13. Now that you have Apache working – lets get PHP working so you can start coding with php/mysql
14. Rename php.ini-distribution to php.ini
15. Open php.ini
16. Change the following and Save
    1. max_execution_time (Suggested for development to increase to 60)
    2. max_input_time (Suggested for development to increase to 120)
    3. memory_limit (Suggested for development to increase to 256M – great for any type of video conversion)
    4. error_reporting = E_ALL & ~E_NOTICE (Un-comment this and ensure other error_reporting lines are commented
    5. display_errors = On
    6. log_errors = On
    7. session.save_path = "c:\tmp"
    8. post_max_size = 16M (Suggested for development)
    9. doc_root = (You can leave this blank)
    10. extension_dir = "c:\php\ext" (Required)
    11. upload_max_filesize = 16M (Suggested for development)
    12. Un-comment the following extensions:
        1. extension=php_curl.dll
        2. extension=php_gd2.dll
        3. extension=php_mbstring.dll
        4. extension=php_mcrypt.dll
        5. extension=php_mssql.dll
        6. extension=php_mysql.dll
        7. extension=php_openssl.dll
    13. If you have access to an SMTP server configure SMTP
17. Re-open the httpd.conf for apache and add the following lines after the end of the LoadModule section
    1. LoadModule php5_module "C:/php/php5apache2_2.dll"
    2. AddType application/x-httpd-php .php
    3. PHPIniDir "C:/php"
18. Restart Apache
19. Create a file in c:\websites called test.php
20. Put <?php phpinfo(); ?> in the file and save
21. Access http://localhost/test.php
22. You should see a dump of all the information – All the extensions you’ve loaded above should have a section within the information displayed (If you can’t find mysql on the page for example then the .dll did not load properly – Verify your Environment Path variable (restart if you change it) and try again)
23. Don’t forget to look at your log files if you’re having problems – and if php says it can’t load a module that exists in a specific path then it’s likely an Environment Path issue.
24. Happy Coding!

We first got involved with Kiva in 2006. The agency runs a person-to-person micro-lending website that lets visitors help alleviate poverty by lending directly to unique entrepreneurs around the globe. The fantastic thing is, any investment that goes through Kiva is re-invested over and over. We initially invested over $1000, and those funds are still being reinvested to help more and more people become self-sufficient through small businesses. It’s a great model.

We have three $25 investment gift certificates, and we want your help choosing how to use them. To take part:

1. Reply to our tweet about Kiva (www.twitter.com/rtraction) saying that you want to take part.
2. We’ll send a $25 Kiva gift certificate to the first three respondents.
3. Visit www.kiva.org (withing 72 hours) and choose an entrepreneur or activity you want to support.
4. Tweet about your investment.
5. Monitor your investment over time and re-invest or withdraw your money.

** If you don’t use your gift certificate within 72 hours, it will be passed on to the next eligible contestant.

We’ve been noticing a lot of traffic related to a new virus that has been attacking users/websites recently.

The virus works to exploit your system is several distinct ways.

1. An infected PC transmits FTP information to Gumblar.cn
2. Gumblar.cn connects to FTP’s submitted from infected pc’s and injects code into any php/html pages it finds
3. Any user visiting a site will have JavaScript run in their browser that does the following:
   1. Loads obfuscated JavaScript to connects to gumblar.cn if your running windows and not infected
   2. This in turn loads a nice piece of JavaScript that will load an SWF file
   3. This SWF file is the virus payload – it contains a byteArray that will inject a virus onto the computer (I believe it’s another SWF file being loaded as the byteArray)
4. If this computer is running windows and has flash it will become infected
5. See Step #1

The JavaScript code you’re looking for will look something like this:

One thing to note in the above code is the words gumblar in plain text.

When it comes to cleaning your webhost up you should take the following steps.

1. Take your website down (turn the web server off – stop infecting your users)
2. Remove the FTP information from your PC
3. Change the FTP username/password on your webhost
4. Look for new files created (image.php, etc…) that shouldn’t be there
5. Now that you’ve removed the backdoor & changed the password you need to perform cleanup
6. Find any PHP or HTML pages injected with the virus code and remove it

Once you’ve done this – everything should start getting back to normal.

There have been some useful scripts posted in the comments about this virus at blog.unmaskparasites.com.

If you’ve had any success or troubles with this virus please post your comments below.

If anyone knows of an easy way to convert a byteArray that’s being passed to an ActionScript Loader back into readable text please leave me a comment below.

Good Luck!

Have you ever thought about adding a Easter Egg to your website?

Using a Cheat Code such as the Konami Code you can now easily add one to your website using jQuery and the plugin that Trevor Morris developed.  Get the plugin here.

The code is simple and easy to follow.  Here’s a snippet to demonstrate how simple it is to perform a basic javascript action.

	$(document).ready(function() {
		$(document).cheatCode({
			code : '38,38,40,40,37,39,37,39,66,65',
			activated : function(){
				alert('Hidden');
			}
		});
	});

Don’t forget you’ll need to grab a copy of jQuery if you don’t already have it loaded up!

Please let us know if you like our Easter Egg.

UPDATE – The movie was fantastic and we all had a great time. We’ll be having another even later this summer so keep your eye on our blog or our Twitter feed for more info.

We’re considering 3 flicks for the next outing – District 9, Terminator Salvation and Transformers: Revenge of the Fallen – e-mail (email hidden; JavaScript is required) or tweet (www.twitter.com/rtraction) your opinion.

CONTEST CLOSED – We’re all pretty pumped about this Friday’s launch of the new “Star Trek” movie, and we want to share the joy. We’ve got 25 free tickets* to give away. If you’re available to join us in London, Ontario on Friday May 8th for a 3:30pm showing of Star Trek, you can join us for at SilverCity Masonville. Just send an email to rtraction at email hidden; JavaScript is required and tell us the middle name of Captain James Kirk. Easy, right? The first 25 people to submit correct answers will win.

Live long and prosper!

* And we mean FREE – no presentations, no sales pitches and definitely no spamming you later. No strings – we’re just looking for some good company for what promises to be a great flick.

· Sorry no rainchecks but keep your eye on our Twitter feed throughout the summer for more events.