關於 write to file ，我們在網路上蒐集到這些相關的討論、資訊與評價

<脫口秀小訣竅中英翻譯-靈感篇>

文長注意!

之前小歐在脫口秀社團po了外國佛心大神脫口秀演員Gary Gulman，在twitter上連載的366個脫口秀小訣竅。

小妹就認領了靈感篇來翻譯。以下為22個小訣竅的中英文對照，若有翻的不盡理想的地方，請留言詳述，我會再看怎麼修改。原文和網誌版會放在留言處，方便大家查看。

---
Ideas
靈感

Tip No. 41: You know those quirky little things you do and think? Collect them in a file or on paper. Even if you’re a storyteller, you can use these as details to add depth and distinction to your jokes.
你了解自己做或想的古怪小事嗎? 把他們記錄在紙上或檔案夾裡。即使你是講故事的人，也可以將這些內容作為細節，以增加笑話的深度和特色。

GARY'S FAVORITES
Gary(原作者)的最愛
Tip No. 45: Don’t Hoard Jokes
Don’t worry about “burning” material on a special or album. Hoarding jokes may signal to your brain that you’re out of ideas. “You can’t use up creativity. The more you use, the more you have.” — Maya Angelou.
不要囤積笑話。不要怕在演出或專場用光自己累積的材料。囤積笑話會對你的大腦發出信號，暗示你已經沒有想法。如同Maya Angelou所說:”你無法耗盡創意。 你使用的越多，你擁有的就越多。”

Gary’s thoughts on Tip No. 45: This attitude has been crucial to an unprecedented streak of creativity over the last two years. I’ve written four hours of material, which is almost as much as I wrote in my first 23 years of comedy. Most important has been my health, this idea may be second.
Gary對此建議的想法: 在過去兩年中，這種態度對我的前所未有的創造力，有著至關重要的影響。我已經寫了四個小時的素材，這幾乎與我前23年的喜劇寫作一樣多。最重要的是我的健康，這個想法則排名第二位。

Tip No. 62: Look for inspiration everywhere. Paintings, music, poetry, rap, novels, nonfiction, short stories, theater, philosophy, etc. can all provide a spark for creativity. Cross-pollinate your work with broad influences and watch your creativity grow.
在各處尋找靈感。繪畫、音樂、詩歌、饒舌、小說、非小說、短篇故事、戲劇、哲學..等，都可以為創造力提供火花。以廣泛的影響力對你的工作進行異花授粉(原文:cross pollination，藉由風或昆蟲從別的花獲得繁衍的花粉)，並觀察你的創造力增長。

Tip No. 63: Write it all down while the coffee is still telling you you’re mighty. Reread after you’ve turned back into Dr. Banner (yes he’s a genius, but not as self-confident in that condition). That buzz is so valuable but needs editing.
在咖啡發揮效果告訴你”你超棒”的時期，把所有想法寫下來。當你回復成原本的自我 (原文: Dr. Banner，也就是尚未變身成綠巨人浩克的班納博士，是個缺乏自信的天才)時，重讀一次剛才的寫作。思緒激昂(原文:buzz，也有微醺、很鏘的意思)很珍貴，但需要編輯。

GARY'S FAVORITES
Gary(原作者)的最愛
Tip No. 90: After a Good Set, Brainstorm
You just had a great set. Instead of celebrating, use that hour or so after when the synapses are still firing and your confidence is soaring to voice record or write down the ideas that pop up during that especially fertile creative time.
如果你剛完成一場精采的表演，不用太早慶祝，要在大腦突觸仍在觸發、信心爆發、靈感特別豐腴的創作時間裡，把突然出現的想法錄音或寫下，再多花一個小時左右的時間繼續創作吧。

Gary’s thoughts on Tip No. 90: Huge help in making jokes that work longer and coming up with tangents and inspired ideas.
Gary對此建議的想法: 這建議在創作笑話的過程中提供巨大幫助，並提供變化和啟發性的想法。

Tip No. 92: Notice where you do your best thinking. The shower? Running? Listening to music? Not listening to music? Driving? Walking? Make sure to put yourself in the places where you’re doing your best thinking as frequently as possible.
你有注意過你在哪個’場景最能好好思考嗎。沐浴時？跑步時？聽音樂時？不聽音樂時？開車時?走路時？請盡量把自己放在最適合思考的場域。

Tip No. 132: I think you can limit frustration and discouragement by writing just a page on a new premise before trying it out onstage. See if there’s anything there before you spend a day on a new joke. But if you’re truly excited by the new idea, keep going!
我認為你可以在上台試笑話之前，先寫一頁的新前提，這可以限制你的挫敗感和沮喪感。在你花一整天開發新笑話之前，先研究前提是否可挖掘。但是，如果你真心對這個新點子感到興奮，那就放手去做吧!

Tip No. 143: Listen to strangers’ conversations. (I tell myself it’s not impolite if they’re being super-loud.) I got “How Dottie is that?” when a supercilious woman named Jodi bragged “How Jodi is that?” “So Jodi,” her friend replied.
偷聽陌生人的對談(我都告訴自己偷聽並不是沒禮貌的行徑，是他們講話太大聲了)。我有一次聽到一個名叫Jodi的膚淺女人吹噓"How Jodi is that?"，她朋友回覆:"So Jodi"，我因此想出了我的 “How Dottie is that?” 笑話。

Tip No. 157: Need new joke ideas? Be sensitive. If you’re uncomfortable with that word, use “irritable” (or grow up). A lot of good comedy comes from reaction to injustice or discomfort large and small, which requires being hypersensitive to those feelings.
需要新的笑話創意嗎？保持敏感。如果你對這個詞不滿意，請使用“煩躁”(或成長)。 許多優秀喜劇源自於對不平等或不適的大大小小的反應，產生這些感覺都需要保持敏感。

Tip No. 217: “All art is autobiographical. The pearl is the oyster’s autobiography.” — Federico Fellini. Purposefully mine your personal history for your act. Your life is a wellspring. Dig deep.
Federico Fellini說過:“所有藝術都是自傳。珍珠是牡蠣的自傳。”有目的得挖掘你的個人經歷，以作為你的演出。你的生活是靈感之源。請深入挖掘。

Tip No. 241: Many of your favorite writers include the same themes/subjects/objects/interests repeatedly in their work. Don’t be afraid to return again and again to your passions and obsessions to explore and expound.
你最愛的許多作家，都會在他們的作品裡重複探討相同的主題/目標/對象/興趣。不要害怕在你的熱情和沉迷之處，一次又一次得重複探索和闡述。

Tip No. 285: Explore unusual angles in a joke. Example: Examine things from the POV of a child or an Expert. My man Jimmy P and I still laugh over his “Martian response to high school football practice: Why are the hard-heads (players) taking orders from the small soft-heads (coach)?”
在笑話中探索不尋常的觀點。例如：從孩子或專家的視角觀看事物。我和我的兄弟Jimmy P仍會為他的笑話大笑:“火星人對高中足球訓練的反應：為什麼硬頭(球員)會從小型軟頭(教練)那裡得到命令？”

Tip No. 297: One of the miracles of comedy is that you can get redemption for suffering, small and large, by making something funny with it. When you are ready, try to write something funny about your mistakes, setbacks, or even tragedies.
喜劇的奇蹟之一是，藉由使事情變得有趣，你可以從大大小小的苦難中得到救贖。 當你準備就緒時，請嘗試寫一些有關你的錯誤、挫折甚至悲劇的有趣訊息。

Tip No. 298: Skim your life for the unusual events and activities that you can’t believe you were a part of or that people can’t believe you were a part of. Then write about it! Back row No. 93 MULLET:
No. 93後衛MULLET: “瀏覽你一生經歷過的、你或別人不敢相信你參與其中的奇特事件和活動。然後把它寫下來吧!“

Tip No. 310: When it comes to solving the puzzles that are our jokes, draw on every area of knowledge, expertise, and talent. It’s so gratifying to use a fact, a lesson, or a memory from elementary school, high school, or elsewhere to fill in the joke.
在解決我們玩笑的難關時，請利用各個領域的常識、專業知識和才能。用小學、高中或其他地方的事實、課業或回憶來充實笑話，會非常令人滿足。

Tip No. 311: Some of your best ideas will come to you in the shower. There’s science behind why it happens. Get a shower notepad if you have trouble remembering your ideas. Don’t listen to music. Listen to your thoughts. Ruminate on tonight’s set or a new joke.
洗澡時，你可能想到一些最好的點子。這現象的發生原因有科學依據。如果你難以記住自己的想法，請準備淋浴記事本。不要聽音樂。聽你的想法。用今晚的場景或一個新的笑話來反思。

Tip No. 313: Try teaching or informing the audience about something through some of your jokes. We love to learn while being entertained and vice versa. You have knowledge? Put it in your act! Just make sure it’s funny.
試試看通過講笑話來教導或告知聽眾新知識吧。我們喜歡在娛樂的同時學習，反之亦然。你有新知識嗎？把它放在你的演出！只要確保它很有趣就行。

Tip No. 327: Going home for Thanksgiving? Take copious notes! Your family is unique. Being reminded of the dynamics and adding new memories will be great resources for your act. “Family isn’t a word. It’s a sentence.”
逢年過節你會回家和家人團聚嗎？做大量筆記！你的家人是獨一無二的。記住動態場景並添加新的記憶，這會是你表演的寶貴資源。“家庭不是一個詞。 而是一個句子。”

Tip No. 331: There are great stories from our lives that we’re not able to translate into stand-up. Don’t throw them out. Collect those stories in a file for radio and TV and other interview situations.
我們生活中有許多很棒的故事，但我們無法將其轉化為脫口秀。可是不要把它們丟掉。要將這些故事收集在資料夾裡，以後在進行廣播和電視或採訪時可能用的到。

Tip No. 340: Volunteer! Especially if you don’t have a day job. There are so many opportunities to help. You will do good and have something new to write about. In NYC we have New York Cares. One year we decorated an elementary school for Halloween.
如果你沒有正職工作，當志工吧！你會有很多機會能幫助別人。你會做得很好，並有新的事情能寫。在紐約，我們設有紐約關懷中心。今年我們為萬聖節裝飾了一所小學。

Tip No. 358: I have recently started audio recording all notes sessions (for projects), and next time I pitch jokes with a friend I will record that too. It’s very helpful. You will be surprised at what you forgot when you listen back. Ask permission first.
我最近開始錄製所有筆記會話(用於專案)的錄音檔，並且下次我與朋友開玩笑時，我也會錄音。這非常有幫助。當你回聽時，你會驚訝於你忘記了什麼。但錄音前請先徵得許可。

Tip No. 360: Spending holidays with kids? Pay attention to them. Listen to them. Take note and embrace their curiosity and enthusiasm within your writing. (Also avoid the “kids these days” writing. It’s lazy.) Merry Christmas from your second favorite long-haired Jew.
和孩子一起度假嗎？注意觀察他們。聽他們說話。寫下你觀察到的東西並注意，並在寫作中懷抱孩子們的好奇心和熱情。(不要流水帳的寫“現在的小屁孩都如何如何”。這很懶。)你第二喜歡的長髮猶太叔叔在此祝你聖誕快樂(註，原作Gary是猶太人)。

[English Club HEC] REVIEW KÌ THI IELTS TRÊN MÁY TÍNH VÀ KINH NGHIỆM ÔN THI IELTS 8.0

Nếu cả nhà đang phân vân và chưa hiểu rõ thi IELTS trên máy tính là như thế nào thì hãy nhào vào đây đọc bài chia sẻ của bạn Nguyễn Văn Thắng nhé. Không chỉ là kinh nghiệm thì IELTS computer-based mà còn là tài liêụ, cách học hiệu quả nhất để đạt overall 8.0 đó.

Cả nhà join https://bit.ly/2IHCnfO để học thêm nhiều kinh nghiệm thiết thực như thế này nữa nha ;)

Chào mọi người, hôm 15/10 mình có đi thi IELTS hình thức trên máy tính ở IDP Hà Nội và đạt được kết quả 8.0 Overall. Nói qua về background của mình thì là dân khối A, hồi vào ĐH thì trình độ gần như là 0. Sau đó năm 2 lần đầu thi được 6.0 và năm cuối đạt được 7.5. Nếu mọi người quan tâm thì mình sẽ chia sẻ cách học ở một bài khác nhé! Còn ở bài viết này thì mình xin review lại một chút về bài thi hôm đó cũng như một vài tips nho nhỏ để các bạn sắp thi nắm được nha!

VỀ ĐỀ ÔN LUYỆN THÌ NẾU MỌI NGƯỜI KHÔNG CÓ NHIỀU THỜI GIAN THÌ CHỈ CẦN LÀM ĐỀ Ở QUYỂN CAM VÀ QUYỂN OFFICIAL CAMBRIDGE TO IELTS LÀ ĐỦ.

Bộ đề Cambridge và quyển The Official Cambridge Guide to IELTS này thì rất dễ tìm nên mọi người tự tải nha, hoặc có thể ra hiệu sách mua :D

PHẦN LISTENING
Section 1: Hai người nói chuyện về mua bán một cái xe ô tô. Có gồm cả đánh vần và điền chữ cũng như số. Mình nhớ là có 2 bộ phần của ô tô mà phải điền hôm đó là light (cái đèn - ở trong câu one light is broken) và tyre (bánh xe).

TIPS ĐỂ LÀM TỐT PHẦN 1:
· Đọc nhanh các câu từ 1 đến 10 (thường sẽ là chỉ điền một từ ở Section 1 này), cố gắng xác định dạng từ cần điền là gì, số ít hay số nhiều (nếu chỗ nào có thể số nhiều thì mình thường đánh dấu ở câu đó để nghe kỹ hơn)
· Chú ý spelling của mấy từ mà hay sai như accommodation, passport, bicycle, communication, towel, furniture, diary, delivery, textile, desert (và dessert), …
· Phân biệt phát âm giữa các cặp hay nhầm như 15 và 50, 8 và H, m và n, …
Section 2: Bài hướng dẫn của manager cho những nhân viên mới.
+ Câu 11 đến 16 là Multiple Choice
+ Câu 17 đến 20 là Matching thông tin
Đối với phần Multiple choice thì mình sẽ đọc câu hỏi trước còn câu trả lời chỉ lướt qua thôi cũng đc. Lúc nghe thì mình sẽ chọn cách take note những ý chính rồi xong mới nhìn vào câu trả lời để chọn đáp án.
Section 3: Đoạn hội thoại giữa hai người về một cái project mới ở công ty
+ Câu 21-24: mình không nhớ phần này lắm.
+ Câu 25-30: Câu 25-26 là chọn 2 trong 5 đáp án. Tương tự với 27-28 và 29-30.
Section 4: Một bài độc thoại về một chất kim loại. Cả 10 câu đều là điền đúng một từ. Mình chỉ nhớ có câu điền là “magnet” và “statue”.
PHẦN READING
Cả ba bài đọc mình nghĩ là mức độ ngang cuốn Cambridge.
Passage 1: Nói về hệ thống giao thông ở thành phố. Các câu hỏi gồm có điền từ T, F, NG.
Passage 2: Phần này thật sự là mình không nhớ gì cả nữa =)))
Passage 3: Nghiên cứu về tiếng cười. Câu hỏi gồm Multiple choice, T, F, NG với cả Matching tên người. Mình thấy khó nhất là phần Multiple Choice vì có 2 câu khá dễ nhầm lẫn.
Phần Reading thì mình làm khoảng 40 phút là xong, cơ mà được có 8.5 nên mình nghĩ là sai 2 câu multiple choice =))

PHẦN WRITING
Task 1: Mô tả một cái map ở thời điểm hiện tại và trong tương lai. Map về vị trí các địa điểm của một thành phố.
Task 2: Some people think that countryside life is healthier while others believe that city is better in order to have a healthy lifestyle. Discuss both views with your own perception.
Hôm thi thì mình quyết định làm Task 2 trước. Vì đề bài có khá nhiều ideas nên mình đã dành tận 48 phút để viết với số lượng từ là khoảng 480 từ. Thế nên Task 1 mình viết vội vội vàng vàng được 5 câu thì hết giờ. Kinh nghiệm là các bạn nên căn thời gian chuẩn hơn: Task 2 chỉ nên dành 40 hoặc cùng lắm là 45 phút để có đủ thời gian cho Task 1 nữa.
Mình học Writing chủ yếu từ một số nguồn chính như thầy Simon (https://ielts-simon.com/), cô Liz (https://ieltsliz.com/). Nhờ học cách viết của thầy Simon mà mình đã đạt được 7.5 Writing ở lần thi trước đó. Cách học viết của mình ngày xưa là đọc các bài mẫu ra rồi tập viết lại rồi đối chiếu với bài mẫu của giám khảo =))) Mình sẽ chia sẻ kỹ hơn về Writing ở một bài khác vì đây là kỹ năng ưa thích của mình.

Một số tài liệu mà mọi người có thể nghiên cứu là:

1. TOEFL WRITING
Cuốn này tuy dành cho Toefl nhưng mà các bạn học viết IELTS vẫn có thể dùng tốt. Sách chia ra các bài để củng cố lại ngữ pháp cơ bản rồi cách viết câu, diễn đạt đưa ra quan điểm cũng như là từ vựng một vài topic cơ bản.
Link tải:
https://drive.google.com/file/d/1X6cBSGrQeK8o73BRPe_6QyCkZKUHzKnc/view?usp=sharing

2. IELTS ADVANTAGE WRITING SKILLS
Sách này sẽ hướng dẫn mọi người cách viết đoạn cũng như trả lời các dạng cho Task 1 và Task 2
Link tải:
https://drive.google.com/file/d/1O-DlhxqXlExRQkAuI8QvipV4esxwGpMe/view

3. ESSAY FROM EXAMINERS
Sách là sự tổng hợp bài mẫu đến từ các nguồn chính:

- Thầy Simon
- HowtodoIELTS. com (Ex-examiners)
- Cambridge IELTS
- Cô Pauline Cullen
- Bài mẫu từ sách của nhà xuất bản Macmillan (Ready for IELTS 2nd Edition, Improve your Skills Writing for IELTS)
Link tải:
https://drive.google.com/file/d/1J91uv_W8sBZ9BE4z4ZoW1ooDtJQ1-ln8/view?fbclid=IwAR0u7qZXRURohEq01CrTqP0J7tg66Bhz6URZ_-nuf6sX0EHyd8E_lbXMwMQ

PHẦN SPEAKING
Mình thấy đa số các câu hỏi hôm đó đều nằm trong bộ dự đoán đề hết

Part 1:
Home
What do you like about the place where you live now?
Is there anything you don’t like about it?
Is this an ideal place for young people?
Handwriting
Do you often write with a pen?
Can we tell someone’s personality from his or her handwriting?
What’s the difference between writing with a pen and typing on a computer?
Is your handwriting easy to read for other people?

Part 2:
Describe a person who shows their feeling openly
You should say
Who this person is
How you knew this person
Why you think this person is very open
And explain how you feel about this person

Part 3:
Is it difficult for Vietnamese people to express their feelings?
Who do you think talks more? Children or grown-ups?
What’s the difference between males and females in terms of expressing their feelings?
Why do you think people these days are not that open compared to those in the past?

Mọi người có thể tìm thấy bộ đề cho quý này ở đây (cùng với một ít lời giải mình đã soạn và tổng hợp lại. Mình đang cố hoàn thiện lời giải cho cả đề, nếu xong sẽ gửi lại sau :D )
https://drive.google.com/file/d/1_RD-AQ0a8NwJl6j22L0eTsv9IdLD7blV/view?usp=sharing

Sách tham khảo thì nhiều nhưng mình highly recommend cuốn IELTS RECENT ACTUAL TEST. Sách hướng dẫn cách trả lời từng dạng câu hỏi khá đầy đủ.
Link tải: https://drive.google.com/file/d/1Mo08A8CAbIb9tgH3BI4pk1sdAPSkM9M4/view
Nếu có thời gian thì mn xem thêm kênh IELTS SPEAKING SUCCESS trên Youtube cũng rất ok!
https://www.youtube.com/channel/UCiVm8XcbwS8-pcDEa5lFXIA

Trên đây là một số chia sẻ của mình về bài thi :D Nếu bạn nào có câu hỏi gì thì có thể ib mình hoặc viết ở phần comment nhé. Chúc mọi người sớm đạt điểm IELTS mong muốn của mình :)

❤ Like page, tag và share cho bạn bè cả nhà nhé ❤
#HannahEd #duhoc #hocbong #sanhocbong #scholarshipforVietnamesestudents

++++🔥 ความปลอดภัยกับการโค้ดดิ่ง 🔥+++
การเขียนหน้าเว็บ ที่มีแบบฟอร์มให้กดอัพโหลดไฟล์
...พอกด upload
...ไฟล์นั้นจะถูกนำไปวางบน server ปั๊บ
.
ถ้าเราเขียนโค้ดฝั่ง server ไม่ระมัดระวัง ตัวละก็ ...ฮึๆๆๆ
ก็จะมีรูรั่ว เมื่อhacker เห็น
ก็จะยิ้มหน้าบานเป็นจานดาวเทียม
เขาสามารถโจมตีช่องโหว่ได้ไม่ยากเย็นอะไรนัก
.
ซึ่งจะขอยกตัวอย่างภาษา PHP มาเป็นกรณีศึกษาแล้วกัน
:
😉 สำหรับวิธีโจมตีนี้
อาศัยความง่ายของ php ที่แค่วางไฟล์บน server ในทันใด
เราก็สามารถเรียกไฟล์นั้น ผ่าน url ให้ทำงานได้เลย ในทันที
...ดูง่ายมั๊ยละ!!!!!
.
*** หมายเหตุ แต่ถ้าเป็นภาษาโปรแกรมมิ่งบางภาษา
ที่เข้มงวดความปลอดภัย
การโจมตีแบบนี้จะยาก
เพราะโปรแกรมเมอร์ต้อง config ไฟล์สคริปต์ก่อน
สคริปต์นั้นถึงจะประมวลผลได้
:
:
แต่ในโพสต์นี้จะขอยกตัวอย่างโค้ด PHP ที่มีช่องโหว่นะครับ
ก็ตามรูปที่โพสต์ จะประกอบไปด้วย
:
1) หน้าฟอร์ม HTML (index.html) เอาไว้ให้อัพโหลดไฟล์ (ฝั่ง browser)
2) เมื่อ user กดอัพโหลดไฟล์ ...ไฟล์นั้นจะถูกส่งไปยัง server
3) ฝั่ง server จะใช้ภาษา PHP ง่ายๆ (upload.php) รับไฟล์ที่ส่งเข้ามา แล้วนำไปวางไว้ที่โฟล์เดอร์ใดที่หนึ่งในเครื่อง เช่น uploads
:
😱 ซึ่งการเขียนโค้ดที่ง่ายเกิ๊นไปเช่นนี้
จะเป็นช่องโหว่ให้ hacker
สามารถอัพโหลดไฟล์อันตรายขึ้นไปวางบน server ได้ชิวๆๆ
:
🤔 ดังนั้นเราต้องป้องกันการโจมตีด้วยวิธีนี้ อาทิ
- ต้องเข้มงวดเรื่องนามสกุลไฟล์ว่า ไฟล์ชนิดอะไรที่ห้าม upload (เช่น .php ห้ามทำเด็ดขาด)
- หรือจะใช้ API หรือไลบรารี่ ทำการเชคไฟล์ให้ดีๆ ว่ามีชนิดถูกต้อง
- เชค contet-type ใน header request
- จำกัดขนาดไฟล์ รวมทั้งตรวจสอบชื่อไฟล์ดีๆ
- ไดเรคทอรี่ที่จะอัพโหลดไฟล์ขึ้นไปวาง ควรไม่มีสิทธิในการรันสคริปต์ใดๆ
- ฝั่ง server ควรติดตั้งซอฟต์แวร์ scanner เอาไว้สแกนหาไฟล์แปลกปลอมของ hacker ที่หลอกเข้ามาฝั่งตัว
- ในหน้าฟอร์ม (HTML) เปลี่ยนวิธีส่ง request จากเดิม ที่ใช้ put หรือ get ให้หันมาใช้วิธี post แทน
- และวิธีการอื่นๆ ที่ไม่ได้กล่าวถึง

+++++++++++++++
เขียนโดย โปรแกรมเมอร์ไทย thai programmer
รักกันก็กระทืบ like ชังกันอย่าด่าเยอะมันเจ็บ
.
รายละเอียดเพิ่มเติม
https://www.defensecode.com/…/web_vul…/form-file-upload.html
.
++++ ++++ Safety with the code 🔥 +++
Writing pages with forms to upload files
... Poke upload
... That file will be put on a pump server
.
If we write server side code, I'm not careful. I'm not careful. Haha.
There will be a leak when hacker sees it
I'll smile on my face as a satellite dish
He can attack the loophole. It's not that difficult.
.
Which one would like to sample PHP language as a case study.
:
😉 for how to attack this
Live the simplicity of php that just puts a file on server instantly.
We can call that file through url to work instantly.
... How easy is it!!!!!
.
*** note but if it's some programming language
Safety strictly
This kind of attack will be hard.
Because the programmer has to config the script file first.
That script is processed.
:
:
But in this post, I will give you an example of a PHP code that has a loophole.
As photos posted will include.
:
1) HTML (index. html) to upload file (browser side)
2) When user presses upload file... that file will be sent to server.
3) server side will use PHP language simply (upload. php) Receive the file sent in and put it on a folder of any of the devices such as uploads.
:
😱 Which one of these simple code writing goes like this?
Gonna be a loophole for hacker
Can upload a dangerous file to place on server. Chilling.
:
🤔 So we need to prevent attack this way. This week.
- Must be strict on file extensions. What type of file that cannot upload (e.g.. php don't do it.)
- or use API or Library to check your file correctly.
- contet-type shake in header request
- limit file size and check good file name
- Directory to upload file over to lay should not have any script running rights.
- server side should install scanner software to scan for foreign file of hacker who has tricked into his side.
- In the form (HTML), change the way to send request from the original put or get, turn to the post method instead.
- And other ways not mentioned

+++++++++++++++
Written by Thai programmer thai coder
If you love each other, stomp like each other. Don't scold too much. It hurts.
.
More details.
https://www.defensecode.com/public/web_vulns/form-file-upload.html
.Translated

► Learn piano songs quick and easy: http://tinyurl.com/flowkey-marioverehrer1 *
► Submit Your Music: https://marioverehrer.aidaform.com/contact-form
► iTunes: https://apple.co/2HdMswA
► Spotify: https://spoti.fi/2JqvMVq
► Sheet Music: https://www.musicnotes.com/l/Marioverehrer
► Classical Sheet Music: https://gumroad.com/marioverehrer
► Support me on Patreon: http://www.patreon.com/Marioverehrer
► Facebook: http://www.facebook.com/Marioverehrer2
► Twitter: https://twitter.com/Marioverehrer
* Affiliate Link

This traditional sea shanty was made popular this year because of amazing covers by The Longest Johns and Nathan Evans and went viral on TikTok. Enjoy my arrangement for it!

#Wellerman #SeaShanty

♫ Promote Your Music ♫

To submit your music on my channel:

➝ Send me a message with my contact form: https://marioverehrer.aidaform.com/contact-form

➝ Write me a PM on Facebook: https://www.facebook.com/Marioverehrer2
➝ Always send a link or music file of your work.
➝ If I'm interested, I will message you back.

Composer(s): Unknown

Arrangement © Marioverehrer (2021)
Original Music © Unknown

► Learn piano songs quick and easy: http://tinyurl.com/flowkey-marioverehrer1 *
► Submit Your Music: https://marioverehrer.aidaform.com/contact-form
► iTunes: https://apple.co/2HdMswA
► Spotify: https://spoti.fi/2JqvMVq
► Sheet Music: https://www.musicnotes.com/l/Marioverehrer
► Classical Sheet Music: https://gumroad.com/marioverehrer
► Support me on Patreon: http://www.patreon.com/Marioverehrer
► Facebook: http://www.facebook.com/Marioverehrer2
► Twitter: https://twitter.com/Marioverehrer
* Affiliate Link

Enjoy the Moment Musicaux No. 4 in E Minor by Sergei Rachmaninoff.

♫ Promote Your Music ♫

To submit your music on my channel:

➝ Send me a message with my contact form: https://marioverehrer.aidaform.com/contact-form

➝ Write me a PM on Facebook: https://www.facebook.com/Marioverehrer2
➝ Always send a link or music file of your work.
➝ If I'm interested, I will message you back.

Composer(s): Sergei Rachmaninoff

Original Music © Sergei Rachmaninoff (1896)

♫ Spotify: https://spoti.fi/2JqvMVq ♫ iTunes: https://apple.co/2HdMswA
► Learn piano songs quick and easy: http://tinyurl.com/flowkey-marioverehrer1 *
► Submit Your Music: https://marioverehrer.aidaform.com/contact-form
► iTunes: https://apple.co/2HdMswA
► Spotify: https://spoti.fi/2JqvMVq
► Sheet Music: https://www.musicnotes.com/l/Marioverehrer
► Classical Sheet Music: https://gumroad.com/marioverehrer
► Support me on Patreon: http://www.patreon.com/Marioverehrer
► Facebook: http://www.facebook.com/Marioverehrer2
► Twitter: https://twitter.com/Marioverehrer
* Affiliate Link

Enjoy my arrangement of the song "Breaking Free" from High School Musical!

♫ Promote Your Music ♫

To submit your music on my channel:

➝ Send me a message with my contact form: https://marioverehrer.aidaform.com/contact-form
➝ Write me a PM on Facebook: https://www.facebook.com/Marioverehrer2
➝ Always send a link or music file of your work.
➝ If I'm interested, I will message you back.

Composer(s): Jamie Houston

Arrangement © Marioverehrer (2021)
Original Music © The Walt Disney Company (2006)