PHP, like any language has its particularities. One of the them is the inability to understand escaped characters which aren’t in double quotes. So yes, there is a technical difference between a quote and a double quote in a programming language, in PHP at least, if anyone asks.

How does it work? Let’s look at some examples!

$stringData = '<?xml version="1.0" encoding="UTF-8"?> \n SoraGami';
fwrite($fh, $stringData);

So, that PHP script generates an XML file as you can see in our variable $stringData. However I’ve omitted the other code as it isn’t the focus of this article. So, highlighted in blue is the famous escaped character which, in PHP and in all C-insipired languages creates a new line. However, to use it, you must put it inside double quotes (“) and not single quotes (‘). Unfortunately, in the scenario presented here, we needed to put the whole string inside single quotes so that PHP wouldn’t mess itself up with the double quotes inside the XML doctype.

In case you didn’t know, if you have elements with quotes in your string, you can use a combination of double and single quotes to make it work, like this:

'  "..."  '
"  '...'  "

Maybe that helped. Anyway, back to our previous example. The way we made it, because \n is within single quotes, it won’t work and appear as text instead. In this case, $stringData would give this:

<?xml version=”1.0″ encoding=”UTF-8″?> \n SoraGami

Unfortunately this is far from what we wanted to achieve, which was to have SoraGami on a new line. We could do the following:

$stringData = "<?xml version='1.0' encoding='UTF-8'?> \n SoraGami";
fwrite($fh, $stringData);

That would work, but in my opinion Single Quotes don’t look like XML. So, instead, you can do it like in two sequences:

$stringData = '<?xml version="1.0" encoding="UTF-8"?>';
fwrite($fh, $stringData);

$stringData = "\n SoraGami";
fwrite($fh, $stringData);

While this works, you might be wondering why the second sequence doesn’t overwrite what we did before. Our PHP $fh variable is written like this:

$fh = fopen($myFile, 'w') or die("can't open file");

‘w’ says to write, but PHP is session-based in the browser, and so as long as we are in the same session and didn’t explicitly fclose() our writing script, PHP is going to append whatever we write to the file. To overwrite, either reload the page (new session) or fclose() the file and make a new fopen() and fwrite().

If you want to append to the file, just changed the ‘w’ parameter for ‘a’. Tizag has a nice tutorial for PHP File Handling that explains further on what we did here.

You might also be wondering why ‘\n’ doesn’t work and “\n” works. The reason is simple, PHP will escape \n regardless of context when inside double quotes. That means if you wrote that:
“The server can be found through Windows on \\nopi”, you would obtain that:

The server can be found through Windows on \
opi

However, since you don’t want PHP to escape the \n in this situation, you would write the following:
‘The server can be found through Windows on \\nopi’, which would give the correct:

The server can be found through Windows on \\nopi

Wireless network security is something often overlooked. Network is already complicated enough, most will simply bypass the complicated setups and go along with unprotected network access for years. But even if you go through the trouble, there’s a tone of ways to secure your router, some better than others, and sometimes choosing the correct solution is not easy. This is why I decided to create this short guide through which I’ll explain security solutions, what’s good about them, and what’s bad.

Unsecured Access

Although maybe not the best idea, unsecured access guarantees compatibility, speed and ease of use. No complicated key to enter, your network is always available no matter what. This is the worst solution of course, but something to consider if you live in a remote farm area.

SSID (Service Set IDentifier) Broadcast Hiding

Your SSID is your network name. Through your router’s setup, you can choose anything you like. This facilitates recognizing which network is yours when having to connect between multiple networks. It’s also how Windows or other OSes will be able to remember your network settings and automatically connect you. Your SSID is always broadcast over the air so that devices scanning for your network can find it. One easy technique to augment network security has been to stop broadcasting your SSID. This is an easy thing to do. What it does is it hides your router from scanning. That way, only people knowing what your SSID is can access your network.

SSID hiding is however flawed. Each time a user connects to your network, be it you turning on your laptop or a gaming console, your SSID is transferred in the clear, even on an encrypted connection. Widely available software allows to sniff network connections and easily retrieve the SSID. Additionally, most of the time your network isn’t even hidden, it simply comes up as a blank wireless entry, which, however requiring to enter an SSID to connect to, allows a cracker to trick your connection into reconnecting you, broadcasting your SSID in the clear when you connect.

In my opinion, SSID hiding more of a bother than a useful thing. I never hide my SSID, it would just make my already long connection setup longer, and for no real security benefit.

Mac Address Filtering

Every network device in the world has a unique identifier called a Mac Address, something like this: 00-0A-5E-54-59-BF. The theory is, if every adapter has a unique ID, is it possible to enable only the desired network devices to access your network. Fortunately, it is, every single router has that feature, or at least it should. Unfortunately, it’s no means of real protection and again, more a bother than a useful thing. The problem is Mac addresses can be easily spoofed, easier than SSID hiding, and detecting what Mac addresses work on a given network is also pie if you’re the least resourceful as they are transferred in the clear (without encryption).

WEP (Wired Equivalent Privacy)

This deprecated protection scheme for networks (yup, deprecated) is a very flawed but highly compatible security solution for wireless networks. WEP uses the stream cipher RC4, which is unfortunately an old and completely insecure encryption algorithm, so much that WEP’s been delcared deprecated since 2004. In fact, with software mentionned on Wikipedia, I can crack any of your WEP connection under a minute. There’s even step by step articles, not shady and very easy to find, on how to operate the tool that performs Klein’s attack on WEP secured networks. Why isn’t this being pulled down the web? Simply because WEP is deprecated. Such tools are widely available as a proof of concept as to how you should not use WEP protection.

WPA (WiFi Protected Access)

WPA is sort of a half solution. It still uses the RC4 cipher, but unlike its cousin WEP, it implements a different security protocol called TKIP which includes a countermeasure mechanism that makes it impossible to get your network key. However, in 2008, a TKIP vulnerability has been discovered but it only allows an attacker to play with packets on your network (the form in which data is sent out and in). This makes it possible for the attacker to perform ARP spoofing on your network and incidentally sniff data over the air, compromising that data’s security and privacy, and also a DoS attack or denial of service attack (blocking all network traffic, essentially bringing down a server). While a DoS attack may not be of concern for a home network (who would want to DoS attack you, seriously), it certainly is a potential threat for a business.

In other words, WPA remains a perfectly fine solution for home networks and its use of the RC4 cipher makes it compatible with legacy WEP hardware.

WPA2

However similar the name may be, if anything WPA2 is not is similar to WPA. Version 2 is the correctly implemented 802.11i standard. Yes, WPA was made in a hurry before the standard was even finalized so that router makers could address the issues with WEP. This is why WPA support is sketchy, and some routers may offer varients of WPA not intercompatible with other devices. Conversely, WPA2 compliant routers all use the exact same standard, but you have to have recent hardware/firmware for that. Getting WPA2 protection on a computer or router is as simple as having an update firmware, but even recent gaming devices like the PSP 3000, especially due to WPA2′s increased overhead, often do not support it (The Nintendo DSi supports it).

Unlike WPA, WPA2 uses a completely different protocol and cipher, respectively CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code) and AES (Advanced Encryption Standard — AES certification winner Rijndael cipher). Unlike RC4, AES is an extremely sophisticated encryption algorithm used today to encrypt everything from US Government Secret Information to TLS (SSL) secure connections when you shop online.

AES is uncrackable. No one has ever find a way to crack this encryption scheme for the exception of brute-forcing. Brute-forcing a connection involves trying every password possible until you can access the network. However, brute-forcing often implies dictionary attacks, where common words are used against the network’s authentication to find the password. This can be easily avoided with a complete 63 ASCII character key you can make here: https://www.grc.com/passwords.htm

A brute-force on such a key is estimated to take a trillion years, and counter-brute-force mechanisms can slow that down several times. In other words, WPA2 is uncrackable if you use a good key.

The Perfection Solution

Unfortunately, WPA2 is not widely supported on all hardware possible, and making use of combined WPA/WPA2 for increased compatibility breaks your perfect uncrackable unsniffable protection. Fortunately for home users, routers such as the D-Link DIR-655 can handle two networks at the same time. Yup, you can setup a main network in WPA2, and a separate guest network any protection scheme desired for incompatible devices. You can even prevent routing between the two networks so that your secure WPA2 network remains completely isolated from the less secure network.

I use this technique at home to enable compatibility with my PSP, which only supports WPA. My main network is WPA2-only, and my guest network is isolated (not routable) with a WPA-only scheme. This makes my main network, for credit card transactions over the Internet for example, completely secure, while still leaving gaming access for older machines. Since WPA can only be sniffed, it makes also makes it impossible for anyone not authorized to use my own bandwidth, which could happen by leaving the Guest Connection open or on WEP security.