How do I set application_name so that it doesn’t get the “?” characters?

I have this UTF-8 string in PHP:

$  test_title = 'My criticál business applicätiön'; 

If I send that to PostgreSQL to set the application_name, it then looks like this:

My critic?l business applic?ti?n 

If I try to salvage it by transliterating like this before sending to PG:

$  test_title = iconv('UTF-8', 'US-ASCII//TRANSLIT', $  test_title)); 

Then I get:

My critic'al business applic"ati"on 

Basically just as bad. It tries its best to represent the UTF-8 characters as the US-ASCII charset that PG demands for the application_name, but it just doesn’t look right. It cannot possibly look right because US-ASCII simply doesn’t contain all the non-USA characters.

Unfortunately, there also exist people outside of the USA. (I know, it’s annoying, but it’s sadly true.)

I refuse to believe that application_name must be ugly like this. It cannot be. It’s too stupid to be true. I must be missing something. There has got to be some way to set application_name to the actual application name and not have it butchered in the above manner.

Basically, I don’t "buy" that PG would be this primitive and crippled still in year 2020.

Box2D simulation doesn’t work

I previously used Box2D and it always worked fine until recently I decided to test how it would work in my custom 2D game engine, I just wanted to test the physics updates without any GUI interaction, as you can see in the below code I just try to print the plain position values of the dynamic body and it just doesn’t move. All it does is print the initialisation position I set in the initialiser, afaik all I’m trying to do it print the values in a simple loop that runs more than 60 times per frame, the box2d code doesn’t interact with the rendering in anyway. IDK what’s wrong with box 2d to run fine in a simple loop. I’m really confused why the simulation isn’t happening. Let me know if you need more info about anything.

Freefall.h

 #include <fireworks/fireworks.h>  #include <box2d/box2d.h>  using namespace fireworks;  class FreeFall : public Fireworks { private:     Window*         m_Window;     Layer*          defaultLayer;      b2Vec2          m_Gravity;     const double    m_PhysicsTimeStep = 1.0f / 60.0f;     unsigned int    m_VelocityIterations;     unsigned int    m_PositionIterations; public:     b2World* world;      b2BodyDef       groundBodyDef;     b2Body*         groundBody;     b2PolygonShape  groundShape;     b2FixtureDef    groundFixtureDef;      b2BodyDef       dynBoxBodyDef;     b2Body*         dynBoxBody;     b2PolygonShape  dynBoxShape;     b2FixtureDef    dynBoxFixtureDef;      Sprite*         ground;     Sprite*         dynBox; public:     FreeFall()         : m_Gravity(b2Vec2(0.0f, -29.81f)), m_VelocityIterations(6), m_PositionIterations(2)     {         world = new b2World(m_Gravity);         // Static ground body         groundBodyDef.position.Set(0.0f, -10.0f);         groundBody = world->CreateBody(&groundBodyDef);         groundShape.SetAsBox(20.0f, 4.0f);         groundFixtureDef.shape = &groundShape;         groundFixtureDef.density = 1.0f;         groundFixtureDef.friction = 0.3f;         groundBody->CreateFixture(&groundFixtureDef);          // Dynamic simulation box         dynBoxBodyDef.type = b2_dynamicBody;         dynBoxBodyDef.position.Set(-1.0f, 4.0f);         dynBoxBody = world->CreateBody(&dynBoxBodyDef);         dynBoxShape.SetAsBox(2.0f, 2.0f);         dynBoxFixtureDef.shape = &dynBoxShape;         groundFixtureDef.density = 1.5f;         dynBoxFixtureDef.friction = 0.25f;         dynBoxBody->CreateFixture(&dynBoxFixtureDef);     }      ~FreeFall()     {         delete defaultLayer;         delete world;     }      // Runs once per initialisation     void init() override     {         m_Window = createWindow("Freefall physics sim", 800, 600);         glClearColor(0.8, 0.8f, 0.2f, 1.0f);               }     // Runs once per second     void tick() override { }      // Runs 60 times per second     void update() override { }      // Runs as fast as possible     void render() override     {         //Physics Update         world->Step(m_PhysicsTimeStep, m_VelocityIterations, m_PositionIterations);         b2Vec2 dynPos = dynBoxBody->GetPosition();         std::cout << "dynnamic Box2d Box position X : " << dynPos.x << " and Y is : " << dynPos.y << std::endl;     } }; 

MainGame.cpp

#include "physics-sims/Freefall.h"  int main() {     FreeFall game;     game.start();     return 0; } 

This is the output I get : dynnamic Box2d Box position X : -1 and Y is : 4 for as long as the loop runs, this is soo infuriating, IDK what’s breaking what.

Ways to run net runners that doesn’t monopolize time?

We have started a cyberpunk red game and one of our party is a net runner. However we have found the game slows down while he is doing his thing. It doesn’t seem to be the players or DMs fault it is just the nature of the mechanics of hacking to allow us access to somewhere, get information out, turn off alarms or cameras or take control of the systems.

It can result in a 10-15 min break while the DM and Netrunner make all the various rolls and decisions. If there are 3-4 hacking attempts in a session this can eat up slot of time. It isn’t just us that feel this the DM and Netrunner are also conscious of the fact.

Is there a way to streamline this at all? Our netrunner has suggested writing an app linked to roll 20 that the DM can use to set up hacking challenges so the net runner can then sit and do it by himself while the DM carries on with the rest of us. But are there any suggested mechanics or ways to speed up net running?

CharacterController / CameraController for Unity WebGL that doesn’t have the camera spins like crazy issue [closed]

I’m trying to adapt a game for WebGL and it seems that the setup often has the camera spin like crazy? Is there a recommended CharacterController / CameraController setup for WebGL with some ways to prevent the camera gimbal spinning like crazy?

Why Signal doesn’t have web client?

I’ve read about E2EE (end to end encryption) of Signal in web clients on a Signal Community discussion forum, and wonder why they say that the browser is insecure for E2EE and native apps are secure.

I think the security issues for clients are the same. It can be harder in various systems based on their security polices, but all of the clients are prone to various attack surfaces like MITM, viruses and rats and other malware. And something more important they emphasise is the delivery for javascript files, but doesn’t that use HTTPS? I guess if anyone could break the HTTPS security they can do anything more dangerous than what we think about.

Actually, we want to develop some chat service like signal with a web client, but this article made us confused. Should we ship a web client or not? Please explain this.

Is there a desktop browser that doesn’t give out your ip?

I have noticed that since about a year, Firefox is yielding enough informations so that website you connect to know your ip, no matter the fact that you would be using a vpn.
I know there are some heuristics from google that are powerful and use deep learning. But one way or another, there must be a way to avoid ip detection.
The ONLY browser that works in correlation with a vpn is Duckduckgo browser on Android. Don’t be fooled by the tests of dns leak as they will just confirm that there is no dnsleak, the issue is that there is a direct host IP leak. You can check it on the website whatismyipaddress.com. I wish to know how to disable whichever feature is causing this trouble, or if there is another browser available which is trusted.

SQL Injection Doesn’t Sanitize But Doesn’t Execute Commands

I am currently doing a pentesting on a web application and focusing more on SQL Injection. This company I am pentesting have a functionality in which we are allowed to buy things from the vendors/suppliers registered there. When a product is added to our cart and ‘Checkout’ button is clicked, the web application will then communicate to the backend to create a cart based on specified ‘cart_id’ and INSERT it to the database. I know this is the case since when I tried to resubmit the request to the server the following error is specified:

"SQLIntegrityConstraintViolationException: Duplicate entry 'RANDOM_ALPHANUMERIC_CART_ID' for key 'idx_cart_id'" 

I tried checking for SQL Injection by adding a single quote at the end of the ‘cart_id’ and HTTP 200 is returned along with server response of a new cart_id with the single quote included. Does this mean It is not sanitizing input? I tried inserting other SQL Commands, the server will still return 200 and the commands are being printed out on the server response but not being executed. Is this web app vulnerable to SQLi (blind?)? If not, Is it possible for me to achieve other vuln such as Stored XSS?

Thank you

Why doesn’t diagonalization requiring taking a limit?

When we quantify infinite sums, we do so by taking the limit as $ i$ goes to infinity. For example, we look at $ \lim_{i\rightarrow \infty}\sum_{i\in \mathbb{N}}i$ , and then we say that this diverges.

When we do diagonalization, we iterate over an infinite list while indexing each list item by a natural number, and then talk about the result. Why can we do this without invoking limits? Shouldn’t we speak of the result of the diagonalization as a limit?

Why SQLMap Doesn’t Attack Specified Parameter?

I am new to SQLMap. I have setup Kali and OWASPBWA VM. Both VMs are on same NAT Network set in VirtualBox.

When I try to run following command:

sqlmap -u "http://<IP_ADDRESS>/mutillidae/index.php?page=user-info.php?username=111&password=bbb&user-info-php-submit-button=View+Account+Details" -p username 

I get following messages:

  • Previous heuristics detected that the target is protected by some kind of WAF/IPS.
  • Multiple messages – Unable to connect to the targeturl. sqlmap is trying to reconnect.
  • heuristics test shows that GET parameter ‘username’ might not be injectable.

There are several YouTube videos which display same setup with above 2 VMs, and are able to run the command and find injection in username parameter. What am I doing wrong? Please help.