Archive for May, 2005

31MayLet’s have order and safety

Giving users the ability to sort tables could hold some risks if actual field names are used as URL parameters.

Re-coding my user management made me want to write this. It not only allows tables to be viewed in any sort order, but also checks to see if the user request to sort is actually valid…Just to make sure.

The request format is “?orderby=fieldname:sort”, eg. fieldname “?orderby=Id:DESC”

The code is pretty self explanatory.

/* function to check if a fieldname is valid */

function isDBfield($tablename,$fieldname){
if (isset($fieldname) && isset($tablename)){
$tmp = $this->DoQuery('SHOW COLUMNS FROM '.$tablename,1);
foreach ($tmp as $s){
if ($s[Field]==$fieldname) return true;
}
return false;
}
return false;
}

/* getting/setting the "ORDER BY" string asuming $_GET[orderby] to be in "field:order" format */

$defaultSortField = 'Id';
$defaultSortOrder = 'ASC';

if (strstr($_GET[orderby],':')){
$orderarray = explode(':',$_GET[orderby]);
} else {
$orderarray   = Array();
$orderarray[] = $defaultSortField; //default field
$orderarray[] = $defaultSortOrder; // default order
}
/* checking the validity of the "orderarray"  */

if ( ($mpage->isDBfield(PREFIX.'TableName',$orderarray[0]) ) && ($orderarray[1]=='ASC' || $orderarray[1]=='DESC')) {
$orderstr = ' ORDER BY '.$orderarray[0].' '.$orderarray[1];
} else {
$orderstr = ' ORDER BY '.$defaultSortField.' '.$defaultSortOrder;
}
/* Fetching data */
$sql = "SELECT * FROM ".PREFIX."TableName".$orderstr;
$r = $mpage->DoQuery($sql, 1);

/* Fetching fieldames */
$fieldname = array_keys($r[0]);

/* function to create sorting links */

function createOrderLink($fieldname,,$orderstr){
$order='ASC';
$classStr = '';
if (strstr($orderstr)){
if (strstr(,$orderstr,$fieldname.' ASC')) {
$order='DESC';$classStr=' orderdesc';
} else if (strstr(,$orderstr,$fieldname.' DESC')) {
$order='ASC';$classStr=' orderasc';
}
}
$str = '
<a href="javascript:void(0);" class="sortable'.$classStr.'" onclick="getHTML(\'?orderby='.$fieldname.':'.$order.'\',\'corecontent\');this.blur;return false;">
'.$fieldname.'
</a>';
return $str;
}

/* creating the table head row */
$page_content .= '
<table style="width:100%" class="listtable">
<tr>
<th>'.createOrderLink($fieldname[0],$orderstr).'</th>
<th>'.createOrderLink($fieldname[1],$orderstr).'</th>
<th>'.createOrderLink($fieldname[3],$orderstr).'</th>
<th>'.createOrderLink($fieldname[4],$orderstr).'</th>
<th>'.createOrderLink($fieldname[6],$orderstr).'</th>
<th>'.createOrderLink($fieldname[7],$orderstr).'</th>
<th>'.createOrderLink($fieldname[8],$orderstr).'</th>
<th>'.createOrderLink($fieldname[9],$orderstr).'</th>
<th>...</th>
</tr>';
Posted by Tanin in Coding. Comments

30MayRAF bombing raids tried to goad Saddam into war

By Michael Smith / Sunday Times

THE RAF and US aircraft doubled the rate at which they were dropping bombs on Iraq in 2002 in an attempt to provoke Saddam Hussein into giving the allies an excuse for war, new evidence has shown.

The attacks were intensified from May, six months before the United Nations resolution that Tony Blair and Lord Goldsmith, the attorney-general, argued gave the coalition the legal basis for war. By the end of August the raids had become a full air offensive.

The details follow the leak to The Sunday Times of minutes of a key meeting in July 2002 at which Blair and his war cabinet discussed how to make “regime change” in Iraq legal.

Geoff Hoon, then defence secretary, told the meeting that “the US had already begun ’spikes of activity’ to put pressure on the regime”.

The new information, obtained by the Liberal Democrats, shows that the allies dropped twice as many bombs on Iraq in the second half of 2002 as they did during the whole of 2001, and that the RAF increased their attacks even more quickly than the Americans did.

During 2000, RAF aircraft patrolling the southern no-fly zone over Iraq dropped 20.5 tons of bombs from a total of 155 tons dropped by the coalition, a mere 13%. During 2001 that figure rose slightly to 25 tons out of 107, or 23%.

However, between May 2002 and the second week in November, when the UN Security Council passed resolution 1441, which Goldsmith said made the war legal, British aircraft dropped 46 tons of bombs a month out of a total of 126.1 tons, or 36%.

By October, with the UN vote still two weeks away, RAF aircraft were dropping 64% of bombs falling on the southern no-fly zone.

Tommy Franks, the allied commander, has since admitted this operation was designed to “degrade” Iraqi air defences in the same way as the air attacks that began the 1991 Gulf war.

It was not until November 8 that the UN security council passed resolution 1441, which threatened Iraq with “serious consequences” for failing to co-operate with the weapons inspectors.

The briefing paper prepared for the July meeting – the same document that revealed the prime minister’s agreement during a summit with President George W Bush in April 2002 to back military action to bring about regime change – laid out the American war plans.

They opted on August 5 for a “hybrid plan” in which a continuous air offensive and special forces operations would begin while the main ground force built up in Kuwait ready for a full-scale invasion.

The Ministry of Defence figures, provided in response to a question from Sir Menzies Campbell, the Liberal Democrat foreign affairs spokesman, show that despite the lack of an Iraqi reaction, the air war began anyway in September with a 100-plane raid.

The systematic targeting of Iraqi air defences appears to contradict Foreign Office legal guidance appended to the leaked briefing paper which said that the allied aircraft were only “entitled to use force in self-defence where such a use of force is a necessary and proportionate response to actual or imminent attack from Iraqi ground systems”.

Click here to read the Iraq memo

http://www.timesonline.co.uk/article/0,,2087-1632566,00.html

Posted by Tanin in I Hate Bushes. Comment

29MayFurther Abuse

THE LATEST FBI documents detailing allegations of prisoner abuse at Guantanamo Bay are, like previous FBI documents, highly disturbing. They contain prisoners’ descriptions of beatings, strippings and abuse of the Koran. Detainees variously claim the Muslim holy book has been thrown on the floor, thrown against a wall and, yes, flushed in a toilet. There are also references to these kinds of events having led to an “altercation” between detainees and guards.

But the status of these documents is nearly as disturbing as their content. They can be found, again like previous FBI documents, only on the Web site of the American Civil Liberties Union, which obtained them by suing the government under the Freedom of Information Act. They did not, in other words, appear in the context of a government or military investigation. After the ACLU released the documents Wednesday, Pentagon spokesman Lawrence T. Di Rita implied that such an investigation would be unnecessary, since these “fantastic charges about our guys doing something willfully heinous to a Koran for the purposes of rattling detainees are not credible on their face.” But then, on Thursday, the commander of the Guantanamo facility, Brig. Gen. Jay W. Hood, acknowledged that incidents “broadly defined as mishandling of a Koran” had in fact taken place. Brig. Gen. Hood made this announcement following an investigation that he said had begun 12 days earlier – which points to the deeper problem.

For the fact remains that although one has been promised, no independent military, Pentagon or other body has yet published an extensive investigation into the multiple accounts of prisoner abuse at Guantanamo Bay. There have been verbal descriptions of investigations and summaries of investigations, but no documents. One consequence is that much of the world believes the misbehavior has been worse, and more extensive, than what has been documented, and people know little or nothing of the corrective action that has been taken. In the case of the Koran, for example, most or all of the offenses appear to have occurred before January 2003, when the Pentagon responded to prisoner protests by issuing strict guidelines for handling the Koran.

If the administration really wanted to prevent the spread of unfounded rumors, and to convince people in this country and abroad that abuses no longer take place, then a public, written report should have been published months ago. The American public has a right to know what mistakes are being made in its name, as well as what improved procedures have been instituted in response.

http://www.washingtonpost.com/

Posted by Tanin in I Hate Bushes. Comments

29MayUS Navy Officer Found not guilty by a US Navy Jury in Prisoner Death Case

iraqi man tortured to deathA Navy Seal lieutenant was acquitted Friday on charges that he had struck a detainee in Iraq in 2003 and failed to restrain his men from hitting the prisoner, who later died at Abu Ghraib prison.

The jury of six Navy officers deliberated for three hours before clearing the defendant, Lt. Andrew K. Ledford, of any misconduct in connection with his platoon’s capture of the detainee, Manadel al-Jamadi, in November 2003. Mr. Jamadi died after he was turned over to the C.I.A. for interrogation.

The 32-year-old SEAL had faced up to 11 years in military prison if he had been convicted of assault, dereliction of duty, conduct unbecoming an officer and making false statements.

Earlier Tuesday, former Petty Officer Dan Cerrillo testified under immunity that he was the SEAL beating the prisoner and pushing his face into the sand.

But Cerrillo, who served under Ledford in Foxtrot Platoon, said he was acting on the orders of “those people we’re not supposed to talk about” – one of the euphemisms witnesses and attorneys use to avoid mentioning the CIA. (Other phrases include “the agency,” “another governmental agency” and “security personnel”.)

Mr. Cerrillo testified that he then administered 10 to 15 hard blows to a hooded and bound prisoner.

C.I.A. officials say the Jamadi case is one of several the agency has referred to the Justice Department for possible prosecution.

The US is known for its poor human rights record concerning the treatment of prisoners, both in its domestic prisons and abroad in POW camps.

In December 2001 the US Senate added an amendment to a military appropriations bill that would make US military personnel who commit war crimes, immune from prosecution from the International Criminal Court, claiming it is capable of addressing allegations of war crimes by US soldiers and citizens, using its own criminal court system.

“I think what makes this country great is that there’s a system in place and it works.” Lieutenant Ledford told reporters after the verdict.

And so, the mayhem continues.

Posted by Tanin in I Hate Bushes. Comments
Previous Entries