i open r studio and get an absolute rush of joy so much i have to close it again cuz i cant figure out wtf i was going to do anymore

Database design and management course and Assignment help

Contact me through : [email protected]

I will provide advice and assistance in your database and system design course. I will handle everything including;

Normalization

Database design (ERD, Use case, concept diagrams etc)

Database development (SQL and Sqlite)

Database manipulation

Documentation

MS SQL Tutorial in Bengali | সহজ বাংলায় শিখুন MS SQL Server - Part-1

“Not enough free space to download” IS THE DEATH OF ME 😭

Well this internship is gonna be tough if I gotta download any programs lmao

What are some of your favorite skins you've made?

I thought about the answer to this question for a very long time. I want to tell you a story about a skin that broke the site.

(I think this has been fixed now, which is the only reason I'm posting about it.)

Up until around March of this year, skin names weren't sanitized. I wasn't aware of this and continued to be unaware of this until the day I asked for my Valentine's pearlcatcher skins (named <3 and </3 respectively) to be renamed. Special characters often break when you submit them through the queue, so you have to go and ask the mods in the skroblems thread to fix apostophes for you so they display properly. I went and asked them to fix my pearlcatcher skin's names for me, since they weren't displaying correctly either. This lead, by accident, to the most interesting way I've gotten the site to break in a while.

My friend noticed first when they got a subscribed notification to my skin shop thread. They realized there were two pages that were completely gone.

Then they realized that the front page didn't look right either. My catalogue posts had completely vanished. Only to find... when you hovered over the thumbnail of the </3 skin's icon, my posts had hopped into the item description.

We experimented a little more before realizing this thing was... very, very powerful! You could put the skin into a den tab description, and it would put every single dragon in that tab into the space of the description box. You could break your userpage for ANYBODY on site. Your entire dragon could get swallowed up if you put it into their bio. And because the skin deleted the edit button, you couldn't get it back out.

Little did I know, the </ part of the skin name - when posted using [skin=skinid] or [item=skin: </3] - would act as an HTML tag anywhere it was posted, and completely mess up how the site displayed! I compiled everything I found and sent it into the bug forums and the contact team box for review. The thread got deleted almost immediately, confirming what I suspected: skin names aren't sanitized, and this could very easily be exploited with malicious intentions or SQL injects.

Luckily, they fixed it pretty quickly! I hope the way the site handles skin names has been updated now too. This sort of thing wouldn't have happened even if I had named the skin </3 or, god forbid, dropTable(); in the first place. I do think it was because I had the mods go in and edit the skin name that allowed the unclosed </ to display in the skin's item icon and then break the site.

So that's the story of one of my favorite skins I've made! <3 and </3 are now LOVE and LOVE(LESS) respectively. The designs themselves didn't sell too well, but for a glorious 16 hours, they contained all the power of little nuclear bombs detonating on various HTML-dependent sitepages.

The next rule we created was named “../”, and upon deleting that rule, the entire test SQL Server was also suddenly deleted, and we found ourselves in need of a new test server! The cause of the deletion of our test server can be found in the URL to which the DELETE request is sent. The URL the DELETE request was sent to is:  /subscriptions/<subscriptionId>/resourceGroups/<rg>/providers/Microsoft.Sql/servers/test-4ad9a/firewallRules/../?api-version=2021-11-0. The firewall rule name “../” within the URL is treated as if it refers to the parent directory and to the SQL Server itself, which leads to the entire server being deleted.

With a little effort, it’s possible to create a rule that deletes any resource in the Azure tenant with the following name: ../../../../../../../<theResourceURL>?api-version=<relevant_version>#”.

Little Bobby Tables strikes again

lol we love my colleague who's leaving next Wed accidentally deleting all the data in our SQL tables as a last hurrah

work rant but like the data still exists in a certain format, but now it's not in our SQL tables and buggy 2023 files mean we can't get it back *in* to the SQL tables

ughhhhhhhhhhhhhhhhhh

our boss is off until Tuesday and she will not be pleased

I'm not a happy bunny rn

omg i gotta tell u something crazy that happened at work. ok so we have to assign managers some stuff to review im certain cases (being vague here just to be safe i don’t want to let people know too much about me.) this is automatically generated based on a python script + sql query. on friday i noticed that we assigned something to the fucking COO and just to be clear this is a fortune 100 company so this guy is a Big Deal. we reassigned that shit so fast and deleted any record of us contacting him (bc i need to contact dozens of people a day we run a bot instead of contacting individually so i didn’t notice.) we still don’t know what to do about this bc we need the reviews completed for compliance reasons but we can’t like. contact this guy

webdev log 2

implemented a gallery. I originally wanted it to be more grid-like but I decided I didn't want to mess too much with that, and I like the simple look anyways. forces you to really take in every shitty drawing.

it features a search function that only works for tags. its purpose is mostly just to search multiple tags, because I couldn't be fucked to add a feature where you could click on multiple tags there at the tags list at the top. it lists out all used tags in the table that stores art so you have an idea of what there all is.

at the bottom there's pagination. it's INSANELY easy to do with this framework I'm using. I was gushing about it to my partner on call!! they made fun of me but that's okay!!!!

anyways, clicking on the date underneath the drawing takes you to a view with the image itself (a kind of "post", if I can call it that) here you can view comments and leave one yourself if you so desire. guests are NOT allowed to reply to existing comments because I'd rather things not get too clogged up. I can't stop anyone if they did an "@{name} {message}" type comment, but I don't think anyone is gonna be chatting it up on my site, so idc. I just want it very minimal, and no nesting beyond one single reply.

of course, you can comment on story chapters too so here's what it looks like for a user (me). of course, if a user (me) posts then it gets automatically approved.

the table that stores comments differentiates story comments and art comments with foreign keys to the primary keys of the the chapter and art tables. it's a little convoluted and I kind of wish I didn't do it this way but it's too damn late isn't it. but honestly it might've been the only way to do it. the problem is just repeating code for both chapter and art views.. making a change to one means I gotta manually make the same change to the other. huge pain..

added user authentication and a really shitty bare bones dashboard for myself to approve/reject comments directly on the site in case someone comes along and wants to be mean to me :( rejecting a comment deletes it OFF my site forever. though I kind of want to be able to keep hate mail so I dunno.. oh, and also a big fat logout button because I have nowhere else to put it.

I'll spare everyone the more technical ramblings.

anyways, I'm hoping to add more things later. these are my plans:

allow users (me) to post stories/art through the site itself instead of doing it manually in the vscode terminal for every. single. story. and drawing. (probably took me 6+ hours total just doing this. I don't know why I did it.) (btw this consists of writing commands to store information via the terminal. also, sql and similar databases don't store things like markup or even line breaks. I had to alter all my stories and put \n every time there was a line break... and you have to escape apostrophes (or quotes, depending on which you use) so every "it's" had to be made into "it\'s" HUGE. PAIN. I didn't do this manually obviously but sifting and plugging my stories into character replacers was so time consuming)

delete comments button.... For my eyes and fingers only

make an About page. I've been avoiding all the fun things and doing just the scary stff

figure out SSH stuff...

clean up the shitty css. I refuse to use tailwind even tho it's trying to force me.. I don't want some sleek polished site I want it look like it's in shambles, because it is

but yeah thanks for reading about my webdev and coding journey. even though using the laravel framework made things a thousand times easier it's still a crazy amount of work. let's say building a site completely from scratch means buying every material and designing the house yourself, and using a website builder like wix is just like buying a pre built home and you're just decorating it. using this framework is like putting together a build-your-own-house kit. you're still building a fucking house.

I feel crazy. it felt like the site was close to breaking several times. been sleep deprived for several days working on this nonstop I think I'm getting a little sick 😵‍💫

going to bed now. it's 9 am.

Structured Query Language (SQL): A Comprehensive Guide

 Structured Query Language, popularly called SQL (reported "ess-que-ell" or sometimes "sequel"), is the same old language used for managing and manipulating relational databases. Developed in the early 1970s by using IBM researchers Donald D. Chamberlin and Raymond F. Boyce, SQL has when you consider that end up the dominant language for database structures round the world.

Structured query language commands with examples

Today, certainly every important relational database control system (RDBMS)—such as MySQL, PostgreSQL, Oracle, SQL Server, and SQLite—uses SQL as its core question language.

What is SQL?

SQL is a website-specific language used to:

Retrieve facts from a database.

Insert, replace, and delete statistics.

Create and modify database structures (tables, indexes, perspectives).

Manage get entry to permissions and security.

Perform data analytics and reporting.

In easy phrases, SQL permits customers to speak with databases to shop and retrieve structured information.

Key Characteristics of SQL

Declarative Language: SQL focuses on what to do, now not the way to do it. For instance, whilst you write SELECT * FROM users, you don’t need to inform SQL the way to fetch the facts—it figures that out.

Standardized: SQL has been standardized through agencies like ANSI and ISO, with maximum database structures enforcing the core language and including their very own extensions.

Relational Model-Based: SQL is designed to work with tables (also called members of the family) in which records is organized in rows and columns.

Core Components of SQL

SQL may be damaged down into numerous predominant categories of instructions, each with unique functions.

1. Data Definition Language (DDL)

DDL commands are used to outline or modify the shape of database gadgets like tables, schemas, indexes, and so forth.

Common DDL commands:

CREATE: To create a brand new table or database.

ALTER:     To modify an present table (add or put off columns).

DROP: To delete a table or database.

TRUNCATE: To delete all rows from a table but preserve its shape.

Example:

sq.

Copy

Edit

CREATE TABLE personnel (

  id INT PRIMARY KEY,

  call VARCHAR(one hundred),

  income DECIMAL(10,2)

);

2. Data Manipulation Language (DML)

DML commands are used for statistics operations which include inserting, updating, or deleting information.

Common DML commands:

SELECT: Retrieve data from one or more tables.

INSERT: Add new records.

UPDATE: Modify existing statistics.

DELETE: Remove information.

Example:

square

Copy

Edit

INSERT INTO employees (id, name, earnings)

VALUES (1, 'Alice Johnson', 75000.00);

three. Data Query Language (DQL)

Some specialists separate SELECT from DML and treat it as its very own category: DQL.

Example:

square

Copy

Edit

SELECT name, income FROM personnel WHERE profits > 60000;

This command retrieves names and salaries of employees earning more than 60,000.

4. Data Control Language (DCL)

DCL instructions cope with permissions and access manage.

Common DCL instructions:

GRANT: Give get right of entry to to users.

REVOKE: Remove access.

Example:

square

Copy

Edit

GRANT SELECT, INSERT ON personnel TO john_doe;

five. Transaction Control Language (TCL)

TCL commands manage transactions to ensure data integrity.

Common TCL instructions:

BEGIN: Start a transaction.

COMMIT: Save changes.

ROLLBACK: Undo changes.

SAVEPOINT: Set a savepoint inside a transaction.

Example:

square

Copy

Edit

BEGIN;

UPDATE personnel SET earnings = income * 1.10;

COMMIT;

SQL Clauses and Syntax Elements

WHERE: Filters rows.

ORDER BY: Sorts effects.

GROUP BY: Groups rows sharing a assets.

HAVING: Filters companies.

JOIN: Combines rows from  or greater tables.

Example with JOIN:

square

Copy

Edit

SELECT personnel.Name, departments.Name

FROM personnel

JOIN departments ON personnel.Dept_id = departments.Identity;

Types of Joins in SQL

INNER JOIN: Returns statistics with matching values in each tables.

LEFT JOIN: Returns all statistics from the left table, and matched statistics from the right.

RIGHT JOIN: Opposite of LEFT JOIN.

FULL JOIN: Returns all records while there is a in shape in either desk.

SELF JOIN: Joins a table to itself.

Subqueries and Nested Queries

A subquery is a query inside any other query.

Example:

sq.

Copy

Edit

SELECT name FROM employees

WHERE earnings > (SELECT AVG(earnings) FROM personnel);

This reveals employees who earn above common earnings.

Functions in SQL

SQL includes built-in features for acting calculations and formatting:

Aggregate Functions: SUM(), AVG(), COUNT(), MAX(), MIN()

String Functions: UPPER(), LOWER(), CONCAT()

Date Functions: NOW(), CURDATE(), DATEADD()

Conversion Functions: CAST(), CONVERT()

Indexes in SQL

An index is used to hurry up searches.

Example:

sq.

Copy

Edit

CREATE INDEX idx_name ON employees(call);

Indexes help improve the performance of queries concerning massive information.

Views in SQL

A view is a digital desk created through a question.

Example:

square

Copy

Edit

CREATE VIEW high_earners AS

SELECT call, salary FROM employees WHERE earnings > 80000;

Views are beneficial for:

Security (disguise positive columns)

Simplifying complex queries

Reusability

Normalization in SQL

Normalization is the system of organizing facts to reduce redundancy. It entails breaking a database into multiple related tables and defining overseas keys to link them.

1NF: No repeating groups.

2NF: No partial dependency.

3NF: No transitive dependency.

SQL in Real-World Applications

Web Development: Most web apps use SQL to manipulate customers, periods, orders, and content.

Data Analysis: SQL is extensively used in information analytics systems like Power BI, Tableau, and even Excel (thru Power Query).

Finance and Banking: SQL handles transaction logs, audit trails, and reporting systems.

Healthcare: Managing patient statistics, remedy records, and billing.

Retail: Inventory systems, sales analysis, and consumer statistics.

Government and Research: For storing and querying massive datasets.

Popular SQL Database Systems

MySQL: Open-supply and extensively used in internet apps.

PostgreSQL: Advanced capabilities and standards compliance.

Oracle DB: Commercial, especially scalable, agency-degree.

SQL Server: Microsoft’s relational database.

SQLite: Lightweight, file-based database used in cellular and desktop apps.

Limitations of SQL

SQL can be verbose and complicated for positive operations.

Not perfect for unstructured information (NoSQL databases like MongoDB are better acceptable).

Vendor-unique extensions can reduce portability.

Java Programming Language Tutorial

Dot Net Programming Language

C ++ Online Compliers 

C Language Compliers 

Five Love Languages of Danmei: Flirting Bracket

Yuling from Everywhere in Jianghu is Wonderful

Characters: Qin Shaoyu and Shen Qianling

Submission:

I'm guessing few people know this couple especially considering good TL was deleted(sob) so first a quick intro: Shen Qianling is an actor from the modern world who transmigrated into a wuxia world. Worst part? The person he transmigrated as is engaged to a man! And the man is a huge weirdo! So Shen Qianling resolves to do everything in his power to break the engagement. You Can Guess How Well That Works Out for the MC of a danmei novel lol So the annoying flirt in question is exactly SQL's husband-to-be, Qin Shaoyu. He's constantly going "wife~" and making dramatic declarations of love... especially in front of others. Shen Qianling is onto his insincere ass! (They're really kinda theater kid x theater kid tbh, both are acting and pretending a lot.) Later it's actually revealed that Qin Shaoyu had a reason to act like that and provoke SQL all the time, but by that time SQL's (lack of) swag has deeply captivated him, so he just goes from annoying flirting(insincere) to annoying flirting(affectionate).

Additional Propaganda: Qin Shaoyu did not annoyingly flirt to the point of giving his (male) fiancé a pregnancy scare to lose the annoying flirt competition (via @verycharismaticdragon)

Carrd Link 

Manhua Screenshots

Liushen from The Scum Villain’s Self-Saving System

Characters: Liu Qingge and Shen Qingqiu (Shen Yuan)

Submission: 

SQQ loves to be Constantly Be Annoyingly Flirtatious to his poor, flustered shidi, though the jury is very still out on how much of that is intentional/he is aware he is doing. (Denial is not just a river in Egypt to Shen Yuan.)

["Anti-Propaganda" that attacks other characters is NOT allowed. Please only give reasons to vote FOR a character/ship.]

I'm very good at "professionalism" I was trained from a young age. If I get an interview, I'm getting the job. I sit upright in my chair and wear a collared shirt and my employer thinks, "wow! She has a lot of passion for this role!" Buddy, you don't know the start of it. You don't even know my gender.

I'm OSHA certified. I got my 24-hour GD&T training. They can see this. What they don't see is me waxing poetical about surface finish or some shit on this website. When I was in 6th grade, I was exposed to Autodesk Inventor and it changed me fundamentally as a person. Whenever I look at any consumer good (of which there are a lot) I have to consider how it was made. And where the materials came from and how it got here and really the whole ass process. It's fascinating to me in a way that can be described as "intense". I love looking at large machines and thinking about them and taking pictures of them. There are so many steps and machines and people involved to create anything around you. I think if any person truly understood everything that happened in a single factory they would go insane with the knowledge. But by god am I trying. My uncle works specifically on the printers that print dates onto food. There are hundreds or even thousands of hyperspecific jobs like that everywhere. My employer looks away and I'm creating an unholy abomination of R and HTML, and I'm downloading more libraries so I can change the default CSS colors. I don't know anything about programming but with the power of stack overflow and sheer determination I'm making it happen. Is it very useful? No. But I'm learning a lot and more importantly I don't give a fuck. I'm learning about PLCs. I'm learing about CNC machines. I'm fucking with my laptop. I'm deleting SQL databases. I'm finding electromechanical pinball machines on facebook marketplace. I'm writing G-code by hand. I'm a freight train with no brakes. I'm moving and I'm moving fast. And buddy, you better hope I'm moving in the right direction. I must be, because all of my former employers give me stellar reviews when used as a reference. I'm winning at "career" and also in life.

SQL Fundamentals #2: SQL Data Manipulation

In our previous database exploration journey, SQL Fundamentals #1: SQL Data Definition, we set the stage by introducing the "books" table nestled within our bookstore database. Currently, our table is empty, Looking like :

books

| title | author | genre | publishedYear | price |

Data manipulation

Now, let's embark on database interaction—data manipulation. This is where the magic happens, where our "books" table comes to life, and we finish our mission of data storage.

Inserting Data

Our initial task revolves around adding a collection of books into our "books" table. we want to add the book "The Great Gatsby" to our collection, authored F. Scott Fitzgerald. Here's how we express this in SQL:

INSERT INTO books(title, author, genre, publishedYear, price) VALUES('The Great Gatsby', 'F. Scott Fitzgerald', 'Classic', 1925, 10.99);

Alternatively, you can use a shorter form for inserting values, but be cautious as it relies on the order of columns in your table:

INSERT INTO books VALUES('The Great Gatsby', 'F. Scott Fitzgerald', 'Classic', 1925, 10.99);

Updating data

As time goes on, you might find the need to modify existing data in our "books" table. To accomplish this, we use the UPDATE command.For example :

UPDATE books SET price = 12.99 WHERE title = 'The Great Gatsby';

This SQL statement will locate the row with the title "The Great Gatsby" and modify its price to $12.99.

We'll discuss the where clause in (SQL fundamentals #3)

Deleting data

Sometimes, data becomes obsolete or irrelevant, and it's essential to remove it from our table. The DELETE FROM command allows us to delete entire rows from our table.For example :

DELETE FROM books WHERE title = 'Moby-Dick';

This SQL statement will find the row with the title "Moby-Dick" and remove it entirely from your "books" table.

To maintain a reader-friendly and approachable tone, I'll save the discussion on the third part of SQL, which focuses on data querying, for the upcoming post. Stay tuned ...

Protect Your Laravel APIs: Common Vulnerabilities and Fixes

API Vulnerabilities in Laravel: What You Need to Know

As web applications evolve, securing APIs becomes a critical aspect of overall cybersecurity. Laravel, being one of the most popular PHP frameworks, provides many features to help developers create robust APIs. However, like any software, APIs in Laravel are susceptible to certain vulnerabilities that can leave your system open to attack.

In this blog post, we’ll explore common API vulnerabilities in Laravel and how you can address them, using practical coding examples. Additionally, we’ll introduce our free Website Security Scanner tool, which can help you assess and protect your web applications.

Common API Vulnerabilities in Laravel

Laravel APIs, like any other API, can suffer from common security vulnerabilities if not properly secured. Some of these vulnerabilities include:

>> SQL Injection SQL injection attacks occur when an attacker is able to manipulate an SQL query to execute arbitrary code. If a Laravel API fails to properly sanitize user inputs, this type of vulnerability can be exploited.

Example Vulnerability:

$user = DB::select("SELECT * FROM users WHERE username = '" . $request->input('username') . "'");

Solution: Laravel’s query builder automatically escapes parameters, preventing SQL injection. Use the query builder or Eloquent ORM like this:

$user = DB::table('users')->where('username', $request->input('username'))->first();

>> Cross-Site Scripting (XSS) XSS attacks happen when an attacker injects malicious scripts into web pages, which can then be executed in the browser of a user who views the page.

Example Vulnerability:

return response()->json(['message' => $request->input('message')]);

Solution: Always sanitize user input and escape any dynamic content. Laravel provides built-in XSS protection by escaping data before rendering it in views:

return response()->json(['message' => e($request->input('message'))]);

>> Improper Authentication and Authorization Without proper authentication, unauthorized users may gain access to sensitive data. Similarly, improper authorization can allow unauthorized users to perform actions they shouldn't be able to.

Example Vulnerability:

Route::post('update-profile', 'UserController@updateProfile');

Solution: Always use Laravel’s built-in authentication middleware to protect sensitive routes:

Route::middleware('auth:api')->post('update-profile', 'UserController@updateProfile');

>> Insecure API Endpoints Exposing too many endpoints or sensitive data can create a security risk. It’s important to limit access to API routes and use proper HTTP methods for each action.

Example Vulnerability:

Route::get('user-details', 'UserController@getUserDetails');

Solution: Restrict sensitive routes to authenticated users and use proper HTTP methods like GET, POST, PUT, and DELETE:

Route::middleware('auth:api')->get('user-details', 'UserController@getUserDetails');

How to Use Our Free Website Security Checker Tool

If you're unsure about the security posture of your Laravel API or any other web application, we offer a free Website Security Checker tool. This tool allows you to perform an automatic security scan on your website to detect vulnerabilities, including API security flaws.

Step 1: Visit our free Website Security Checker at https://free.pentesttesting.com. Step 2: Enter your website URL and click "Start Test". Step 3: Review the comprehensive vulnerability assessment report to identify areas that need attention.

Screenshot of the free tools webpage where you can access security assessment tools.

Example Report: Vulnerability Assessment

Once the scan is completed, you'll receive a detailed report that highlights any vulnerabilities, such as SQL injection risks, XSS vulnerabilities, and issues with authentication. This will help you take immediate action to secure your API endpoints.

An example of a vulnerability assessment report generated with our free tool provides insights into possible vulnerabilities.

Conclusion: Strengthen Your API Security Today

API vulnerabilities in Laravel are common, but with the right precautions and coding practices, you can protect your web application. Make sure to always sanitize user input, implement strong authentication mechanisms, and use proper route protection. Additionally, take advantage of our tool to check Website vulnerability to ensure your Laravel APIs remain secure.

For more information on securing your Laravel applications try our Website Security Checker.