Load and initializing the library
#include
int MathLibRef = -1;
...
// is library already loaded?
err = SysLibFind("MathLib", &MathLibRef);
if (err != 0) {
// negative, load
err = SysLibLoad('libr', 'MthL', &MathLibRef);
if (err == 0) {
err = MathLibOpen (MathLibRef, 1);
}
}
Closing library
if (MathLibRef != -1) {
Err err;
UInt16 usecount;
err = MathLibClose (MathLibRef, &usecount);
if (usecount == 0) {
SysLibRemove (MathLibRef);
}
}
Preferences structure definition
typedef struct {
int skeletonData;
} Prefs;
Prefs prefs;
Open preferences
void startApp() {
Int16 prefSize = sizeof(Prefs);
if ((PrefGetAppPreferences (AppCreator,
1000, // pref database id
&prefs,
&prefSize,
true) // saved during Hotsync
== noPreferenceFound)
|| (prefSize != sizeof(Prefs))) {
// default initialization, since discovered
// Prefs was missing or old.
prefs.skeletonData=1;
}
}
Write preferences
void stopApp() {
PrefSetAppPreferences (AppCreator,
1000, // pref database id
1, // version of pref database
&prefs,
sizeof(Prefs),
true); // saved during hotsync
}
I’ve created (after some weird experiences with users in my hosting) small php patch (for version 4.3.10), which disables remote includes.This patch doesn’t work with Zend Optimizer enabled unfortunately :(
Download the patch there. After applying, see php.ini-dist and readme.security
example of bad code:
<?php $page = $_GET['page']; include ($page); ?>
example of better code:
<?php
// filter all unneeded characters
$page = eregi_replace("[^a-z0-9_]","", $_GET['page']).".inc.php";
// test if $page exists and is file
if (strlen($page) && @file_exists($page) && @is_file($page)) {
require_once ($page);
}
?>
Wanna be fired for your blog entries? Don’t write anything about your employer. Read more.
Steve Fossett landed (19:48:56 UTC) at Salina airport after successfull flight around the world. See more information at GlobalFlyer website.