Skip to content

Instantly share code, notes, and snippets.

View ivanionut's full-sized avatar
🎯
Focusing

Ivan Ionut ivanionut

🎯
Focusing
View GitHub Profile
@ivanionut
ivanionut / reCAPTCHA.cfm
Last active August 29, 2015 14:13 — forked from dkumar431/reCAPTCHA.cfm
<cfparam name="FORM.username" default="" type="string" >
<cfparam name="FORM.password" default="" type="string" >
<cfif structKeyExists(FORM,"submit")>
<cfset recaptcha = FORM["g-recaptcha-response"] >
<cfif len(recaptcha)>
<cfset googleUrl = "https://www.google.com/recaptcha/api/siteverify">
<cfset secret = "6LctadUSAAAAAM7NPoPq5jlbm3a37ib3sHlRFyNE">
@ivanionut
ivanionut / getWeekOfMonth.cfm
Last active August 29, 2015 14:13 — forked from stevewithington/getWeekOfMonth.cfm
<cfscript>
public any function getWeekOfMonth(date d='#Now()#', numeric minDaysInFirstWeek=1) {
var cal = CreateObject('java', 'java.util.GregorianCalendar').init(
JavaCast('int', Year(arguments.d))
, JavaCast('int', Month(arguments.d)-1)
, JavaCast('int', Day(arguments.d))
, JavaCast('int', Hour(arguments.d))
, JavaCast('int', Minute(arguments.d))
, JavaCast('int', Second(arguments.d))
);
@ivanionut
ivanionut / recaptcha.cfc
Last active August 29, 2015 14:13 — forked from stevewithington/recaptcha.cfc
Google ReCAPTCHA v2 for ColdFusion / Railo / CFML. See https://github.com/stevewithington/ReCAPTCHA for example usage.
/**
* This is a CFML library that handles calling reCAPTCHA.
* - Documentation and latest version
* https://developers.google.com/recaptcha/
* - Get a reCAPTCHA API Key
* https://www.google.com/recaptcha/admin#list
* - Discussion group
* http://groups.google.com/group/recaptcha
*
* @copyright Copyright (c) 2014, Stephen J. Withington, Jr.
@ivanionut
ivanionut / nginx-tuning.md
Last active August 29, 2015 14:13 — forked from denji/nginx-tuning.md

Nginx Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was 2xIntel Xeon with HT enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use apt-get

@ivanionut
ivanionut / README.md
Last active August 29, 2015 14:14 — forked from coldfumonkeh/README.md

ColdFusion Server Detection

This is a re-imagineering of a ColdFusion code block found here: https://github.com/webdevsourcerer/CF-Server-Detect

It is actually originally noted as a ColdFusion Scriptlet but we have NO frickin' idea what a ColdFusion Scriptlet is (because there is no such thing).

Credits

It's ALWAYS good etiquette to credit and thank those who gave time, skills and knowledge to advance the community and help to improve shitty code.

@ivanionut
ivanionut / dnsjava.cfm
Last active August 29, 2015 14:16 — forked from JamoCA/dnsjava.cfm
Better ColdFusion DNS Look-ups using dnsjava.
<cfscript>
/* add dnsjava-*.jar to java path. Download from http://www.dnsjava.org/ */
thisDomain = "google.com";
dnsjava = createobject("java", "org.xbill.DNS.Address");
dnsResponse = dnsjava.getAllByName(thisDomain);
ips = [];
if (isArray(dnsResponse)){
for(i=1; i <= ArrayLen(dnsResponse); i++){
arrayappend(ips, dnsResponse[i].getHostAddress());
}
@ivanionut
ivanionut / Verify_Googlebot.cfm
Last active August 29, 2015 14:16 — forked from JamoCA/Verify_Googlebot.cfm
Here's a raw proof-of-concept script written in ColdFusion that identifies & blocks fake Googlebots. This can be easily expanded to cache DNS responses & log new bots.
<cfscript>
/* based on info from http://googlewebmastercentral.blogspot.com/2006/09/how-to-verify-googlebot.html */
badBot = 0;
blockBadBots = 0;
ip = cgi.remote_addr;
userAgent = CGI.Http_User_Agent;
/* Sample request values */
//userAgent = "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)";
//ip = "179.179.65.180"; //bad
@ivanionut
ivanionut / hashids.cfm
Last active August 29, 2015 14:16 — forked from JamoCA/hashids.cfm
Sample Implementation of the ColdFusion hashids library http://www.hashids.org/coldfusion/
<cfscript>
/* Download and install the hashids CFC https://github.com/dswitzer/hashids.coldfusion */
hashids = new Hashids(salt="this is my salt"
,minLen=8
,alphabet="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
id_to_hash = listtoArray("1"); // try "1,2,3" and "3,2,1" and "1,1,1"
writeoutput('original = #arrayToList(id_to_hash)#<br>');
hashed_id = hashids.encrypt(id_to_hash);
@ivanionut
ivanionut / isAjaxRequest.cfm
Last active August 29, 2015 14:16 — forked from JamoCA/isAjaxRequest.cfm
This ColdFusion UDF will query the server's request headers to determine if the request is an Ajax form post from jQuery. (jQuery adds a special header to all ajax requests.)
<cfscript>
function isAjaxRequestPost(){
var headers = getHttpRequestData().headers;
return CGI.Request_Method is "POST" and StructKeyExists(headers, "X-Requested-With") AND (headers["X-Requested-With"] EQ "XMLHttpRequest");
}
</cfscript>
<cfif not isAjaxRequestPost()>
<!--- log attempt, alert admin, etc --->
<cfheader statuscode="403" statustext="Forbidden">
@ivanionut
ivanionut / BlockedCookies.cfm
Last active August 29, 2015 14:16 — forked from JamoCA/BlockedCookies.cfm
Block access to ColdFusion web application based on bogus, pre-existing cookies that aren't used.
<cfscript>
BadCookieList = [
"ASP.NET_SessionID",
"ISFIRSTVISIT",
"PHPSESSID",
"REMEMBERCOUNTRY",
"RESOURCEINFO",
"SESSIONS",
"SS_MID",
"USERINFO",