Admin Life Errors, Fixes, and Encounters


Affordable web design

Small business are always looking for affordable web design.

Affordability is our main goal is to help create a professional website for small businesses at an affordable rate.

An option to some of our clients is to access one of 1000's of pre-designed websites created by very talented web designers. This allows us to cut down on the initial design concept cost which saves you money without sacrificing beautiful design. Once a design is chosen we update and customize so it fits your business. We have website templates in almost every category, from agriculture to weddings... we have a great website design for anyone!

Request a free quote today to see how affordable a website can truly be.


PHP MySQL injection

Here is an example of how an SQL injection that was found, monitored, and fixed!

When dealing with a large website with legacy code sometimes it's not possible to check every query after one starts.

One day while reviewing a new clients slow quries via MySQL. I started to notice these types of quries showing up.

# User@Host: test_db[test_db] @ []
# Query_time: 0 Lock_time: 0 Rows_sent: 1 Rows_examined: 48648
select * from serv_main where id = 71261 and 3=8 union select 1,2,3,concat(0x232425,ifnull(`idClient`,0x4E554C4C),char(9),ifnull(`username`,0x4E554C4C),char(9),ifnull(`pass`,0x4E554C4C),char(9),0x252423),5,6,7,8,9,10,11,12,13,14,15,16 from `test_db`.`private` where idClient>2119021 limit 16215,1 --;

# User@Host: test_db[test_db] @ []
# Query_time: 1 Lock_time: 0 Rows_sent: 1 Rows_examined: 48654
select * from serv_main where id = 71261 and 3=8 union select 1,2,3,concat(0x232425,ifnull(`idClient`,0x4E554C4C),char(9),ifnull(`username`,0x4E554C4C),char(9),ifnull(`pass`,0x4E554C4C),char(9),0x252423),5,6,7,8,9,10,11,12,13,14,15,16 from `test_db`.`private` where idClient>2119021 limit 16217,1 --;

Knowing the table serv_main I knew the developer that wrote that code did not use a UNION.
After a few moments of thinking what was going on I tailed Apaches access log and confirmed what I thought. - - [1/Jan/2010:10:08:40 -0500] "GET /viewAd.php?id=71261%20and%203%3D8%20union%20select%201,2,3,concat%280x232425,ifnull%28%60idClient%60,0x4E554C4C%29,char%289%29,ifnull%28%60username%60,0x4E554C4C%29,char%289%29,ifnull%28%60pass%60,0x4E554C4C%29,char%289%29,0x252423%29,5,6,7,8,9,10,11,12,13,14,15,16%20from%20%60test_db%60.%60private%60%20where%20idClient%3E2119021%20limit%2034642,1%20-- HTTP/1.1" 200 1093 "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729)"

It was an SQL Injection attack. so I did the next logical step (to me at least). Block the offender.

I did this by adding his IP to the .htaccess file along with a bigger subnet block.
Order allow,deny
deny from
deny from 120.2.194.
allow from all

Now that the Injections had stopped, the next step was to figure out where it was done, how it was done, and how to fix it.

WHERE was it done)
That was easy to find, it's right there in the access log viewAd.php

How was it done)
$sql = "select * from serv_main where id = " . $_GET['id'];
$result = mysql_query($sql);

That was the easy part, and the hard part.

The EASY part was just to just use mysql_real_escape_string.

we have 2 quick options here.

Option 1.

$_GET['id'] = (int) $_GET['id']; //cat whatever is passed into id as an integer.

Option 2.

$sql = "select * from serv_main where id = " . mysql_real_escape_string($_GET['id']); //escape user input
$result = mysql_query($sql);

The HARD part, fix the whole site...
Not having time to check 1000's of quries, here was what I did in a 30 mintue span.

1) include a function somewhere in a global include that can clean all input (or cast all input)
a good place was in our db_include.php file.

function sanitize_user_input(&$input) {

$int_keys = array ('id', 'item', 'item_id' );

foreach ( $int_keys as $key ) {
if ( isset($input[$key]) ) {
if ( !empty($input[$key]) && !is_numeric($input[$key]) )
$input[$key] = (int) $input[$key];

if (isset($_GET)) sanitize_user_input($_GET);

The hard part was easier than I thought.

But the truly hard part started, going though the 1000's of queries to fix them.

Some interesting points and notes.

# 0x232425 = #$%
# 0x252423 = %$#
# 0x4E554C4C = NULL
# 0x4E554C4C = NULL
# CHAR(9) = Tab
# CHAR(10) = Line feed
# CHAR(13) = Carriage return
select concat(0x232425,

Filed under: Errors, MySQL, PHP No Comments

Creating a successful homepage

What makes a successful homepage for a website? I have the answer for you!

All successful homepage's for a website convey 5 messages.

  • Website Logo & navigation
  • Main Benefit Statement
  • Call to Action
  • Show Website Popularity
  • Credibility

Now lets talk in detail for each point.

Website Logo & navigation
Always let the users know where they are, and how to get to the home page. Always make the logo clickable to the homepage.

Main Benefit Statement
So What, Who cares?? answers those 2 questions and you have your benefit statement.

  1. Example: Need new breaks on your car? We'll fix your breaks in 30 minutes or less.
  2. Example: Looking to advertise for free? Click here to get started.

Call to Action
Tell the user what to do next or where to go. Yes, people need to be told what to do next.

  1. Example: Click Here
  2. Example 2: Start Now
  3. Example 3: View Now

Show Website Popularity
Who wants to go into an empty bar or nigh club? NO ONE! it's the same thing for a website. Users need to sense that this website exists because it's popular. So show it to them.

  1. Example: Over 500 visits per day
  2. Example 2: Over 43,302 Members
  3. Example 3: 10,000+ products and growing

People hesitate to do business with you if they don't know you. When your getting started with a website that will almost always be the case. Show credibility with user testimonials or years in business.
Facebook like buttons also help with credibility as it shows people like your business.

  1. Example: "I love your cleaning products, it saved me so much time on the weekends" - Mandy
  2. Example 2: In business for over 15 years
Filed under: General No Comments

Rate limit e-mail providers

If you're like me and need to manage large amounts of emails, one thing that must be done is limiting the speed email providers like,,,, get your email.

I don't go into much detail here but this is the setup I've researched and currently use.

First we edit and go to line 561 (i just like to keep things together)

vi /etc/postfix/

Add the following lines into

transport_maps = hash:/etc/postfix/transport

smtpslow_destination_concurrency_limit = 2
smtpslow_destination_recipient_limit = 15
smtpslow_destination_rate_delay = 2s
smtpslow_destination_concurrency_failed_cohort_limit = 2

Edit the transport file and add the domains we'd like to slow sending with.

vi /etc/postfix/transport smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow: smtpslow:

Go to the postfix directory and postmap(hash) the transport file

cd /etc/postfix && /usr/local/sbin/postmap transport

Now we need to change the following in

vi /etc/postfix/

Make sure you have space or tabs before -o as it will not work if you don't.

smtpslow unix - - n - - smtp
-o smtp_helo_timeout=5
-o smtp_connect_timeout=5

Restart postfix and we're done.

/usr/local/sbin/postfix reload


setup jails on freebsd

we'll be creating 4 jails + main host (5 machines in total)

First, lets create some folders where the jails will be stored.

mkdir /usr/jails && mkdir /usr/jails/mail1 && mkdir /usr/jails/mail2 && mkdir /usr/jails/mail3 && mkdir /usr/jails/mail4

then we add some settings to rc.conf

# vi /etc/rc.conf

Add these line right after (remember, every machine has a differnt network card reference (bge0)). Change it to your machines network card.

ifconfig_bge0="inet netmask"

ifconfig_bge0_alias0="inet netmask 0xfffffff8"
ifconfig_bge0_alias1="inet netmask 0xfffffff8"
ifconfig_bge0_alias2="inet netmask 0xfffffff8"
ifconfig_bge0_alias3="inet netmask 0xfffffff8"

if you don't want to reboot, you'll also have to setup the alias now so you can ssh in later...
ifconfig bge0 inet alias netmask
ifconfig bge0 inet alias netmask
ifconfig bge0 inet alias netmask
ifconfig bge0 inet alias netmask

near the bottom of the file, add following and makre sure you change the IP's & paths if different than above.

#only have 5 IP's. 1 for the main server and 4 for the jails
#jail_list="mail1 mail2 mail3 mail4"

jail_list="mail1 mail2 mail3 mail4"

jail_mail1_start="/bin/sh /etc/rc"

jail_mail2_start="/bin/sh /etc/rc"

jail_mail3_start="/bin/sh /etc/rc"

jail_mail4_start="/bin/sh /etc/rc"


Make the virtual system

cd /usr/src
make world DESTDIR=/usr/jails/mail1

if you get this error "make: don't know how to make world. Stop"
it's because you don't have to source tree installed...
look at cvs-supfile blog post to know how to do it...

cd etc
make distribution DESTDIR=/usr/jails/mail1
cd /usr/jails/mail1
ln -sf /dev/null kernel

touch /usr/jails/mail1/etc/fstab
cat /etc/resolv.conf > /usr/jails/mail1/etc/resolv.conf
mount -t procfs proc /usr/jails/mail1/proc
mount -t devfs dev /usr/jails/mail1/dev
mkdir /usr/jails/mail1/usr/ports
mount_nullfs /usr/ports /usr/jails/mail1/usr/ports

Once the first jail is created, we can just copy jails and not have to redo "make world" which takes awhile.


Configuration of the jail
Start the jail for the first time

# /etc/rc.d/jail start mail1

If you try to SSH into the jail, you will end up in the main machine and not in the jail.
To fix this add the following line to /etc/rc.conf


vi /etc/ssh/sshd_config

Port 22
Protocol 2

Now we jump into the jail for some 1st step configurations

# jail /usr/jails/mail1 /bin/sh

now you are inside the jail:

change the root password
# passwd

add a new user and invite the user to the wheel group (so you can su to root)
# adduser

So we can ssh into the jail

# echo 'sshd_enable="YES"' >> /etc/rc.conf

install bash, change the users shell to bash
if you are in a jail and ports doesn't exit you have to remount the ports Filesystem
# cd /usr/ports/shells/bash
# make clean; make install clean
# chsh
change the shell to: /usr/local/bin/bash

Host environment syslogd
This entry in /etc/rc.conf tells syslogd to not listen on any IP address.


That allows syslogd to run in both the host and the jail environments.

Host environment inetd

This entry in /etc/rc.conf tells inetd to listen on a specific IP address. This address is that of the host environment:

inetd_flags="-wW -C 60 -a"

You should note that the first part of the above flags is from /etc/defaults/rc.conf:

inetd_flags="-wW -C 60" # Optional flags to inetd


jail_mail_1_ip="" jail_mail_1_start="/bin/sh /etc/rc"

if you forget root password
jail /dumpdrive500/jails/devbox2 devbox2 /usr/bin/passwd root


Clone the Jails

mkdir /usr/jails/mail2
cd /usr/jails/mail1
tar -cpf - . | tar -C /usr/jails/mail2 -xpf -

Mount all the needed directories for the cloned jails

mount -t procfs proc /usr/jails/mail1/proc
mount -t devfs dev //usr/jails/mail1/dev
mount_nullfs /usr/ports /usr/jails/mail1/usr/ports

vi /etc/rc.conf
added in -------------
jail_devbox5_start="/bin/sh /etc/rc"

/etc/rc.d/jail start devbox5
ref: [[BR]]


freebsd cyrus sasl2 saslauthd

Here is a step by step setup of what I did to get cyrus sasl2 saslauthd working on Freebsd

You'll notice that i reinstall postfix due to the fact that I needed it compiled with sasl2 which I didn't have.

# cd /usr/ports/security/cyrus-sasl2-saslauthd
# make install clean
# cd /usr/ports/mail/postfix
# make config (make sure you check on cyrus-sasl2-saslauthd)
# make
# make FORCE_PKG_REGISTER=yes install clean

now you edit /etc/rc.conf and add the following lines near the top of the file.


#If you not need sendmail anymore, please add in your rc.conf:

# And you can disable some sendmail specific daily maintenance routines in your system
# If /etc/periodic.conf does not exist please create it and add those values.

/etc/periodic.conf file:


After installing saslauthd

/usr/local/etc/rc.d/saslauthd start
vi /etc/postfix/

Add this to the end...

# sasl config
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =

smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

/usr/local/sbin/postfix stop && /usr/local/sbin/postfix start

/usr/local/sbin/saslpasswd2 -c -u -a smtpauth usernameeee

/usr/local/etc/rc.d/saslauthd restart

Filed under: FreeBSD, Unix No Comments

I've updated the Wedding guest section with some more user friendly UI. Hope bride's & Grooms like it. It should help them greatly with wedding planning and making sure everything gets done on the wedding check list.

Filed under: Errors No Comments

Online wedding planner that's the new site I've been working on... it's a free online wedding planner software, wedding planning, guests, seating advice, etiquette, budget, vendors, timetable, invitations.

If it helps anyone, it would have been worth the time doing a wedding planner.

Filed under: Code, General, PHP No Comments

John Isner won the longest-running Wimbeldon tennis match in history

John Isner won the longest-running Wimbeldon tennis match in history today...USA

WIMBLEDON, England – On and on and on, and on some more, they played — longer than anyone ever had before. And still there was no winner.

John Isner of Tampa, Fla., and Nicolas Mahut of France were tied at 59-59 in the fifth set at Wimbledon after exactly 10 hours of action when play was suspended because of darkness Wednesday night. It is by far the longest match in terms of games or time in the century-plus history of tennis.

"Nothing like this will ever happen again. Ever," Isner said.

The first-round match already had been suspended because of fading light Tuesday night after the fourth set.

The 23rd-seeded Isner and the 148th-ranked Mahut, who needed to qualify to get into the tournament, shared a court for 7 hours, 6 minutes in Wednesday's fifth set alone, enough to break the full-match record of 6:33, set at the 2004 French Open.

Never before in the history of Wimbledon, which first was contested in 1877, had any match — singles or doubles, men or women — lasted more than 112 games, a mark set in 1969. Isner and Mahut played more games than that in just the fifth set, and still did not determine a victor, although the American came close: He had four match points — four chances to end things by winning the next point — but Mahut saved each one.

"He's serving fantastic. I'm serving fantastic. That's really all there is to it," Isner said. "I'd like to see the stats and see what the ace count looks like for both of us."

Well, here they are: Isner hit 98 aces, Mahut 95 — both eclipsing the previous high in a match at any tournament, 78. All the numbers were truly astounding: They played 881 points (Mahut took 452, Isner 429), 612 in the fifth set (315 for Mahut, 297 for Isner).

Isner compiled 218 winners, Mahut 217. Isner made only 44 unforced errors, Mahut 37.

There were zero service breaks in the fifth set, which is why the end never arrived Wednesday.

Even a courtside electronic scoreboard couldn't keep up, getting stuck at 47-47 when the score really had risen to 48-48, then eventually going dark entirely.

Yet the pair played on.

And this cannot be emphasized enough: They are not finished.

After 118 games, no one had won.

The match will continue, stretching into a third day. At least Wimbledon gave them a bit of a break, saying the match would not pick up again before 3:30 p.m. Thursday.

"He's just a champ. We're just fighting like we never did before," Mahut said. "Someone has to win, so we'll come back tomorrow and see who is going to win the match."

At 58-all, more than 6 1/2 hours into Wednesday's action, both players took a bathroom break — and, frankly, who could blame them? Not much later, shortly after 9 p.m., Mahut and Isner approached the net to discuss with a Grand Slam supervisor, Soeren Friemel, whether to keep going.

"I want to play," Mahut said, "but I can't see."

Fans began chanting, "We want more! We want more!" Then they screamed in unison, "Centre Court! Centre Court!" — the only stadium at the All England Club equipped with artificial lights, and therefore the only place play could continue at that hour. When Friemel decided they would stop at that moment and resume Thursday, spectators saluted Isner and Mahut with a standing ovation.

"I have almost no words anymore watching this," 16-time Grand Slam champion Roger Federer said. "It's beyond anything I've ever seen and could imagine. I don't know how their bodies must feel the next day, the next week, the next month. This is incredible tennis."

Other Wimbledon competitors were glued to locker-room TVs, while some players headed out to the court to see if they could catch a glimpse in person. That was easier said than done, because the stands at the relatively tiny Court 18 — its official capacity is 782 — were full, and people packed in three-or-more deep along a railing.

"I don't think I'd move. I think if you moved, you lose your seat," Venus Williams said.

"It's a marathon," she added, then corrected herself: "It's longer than a marathon."

Roddick tweeted that it was "unreal."

Not that anyone will ever remember, but for the record Tuesday's portion of the match went this way: Isner won the first set 6-4, Mahut took the next two 6-3, 7-6 (7), and Isner claimed the fourth 7-6 (3).

That portion lasted 2:54, longer than many entire matches, but these guys were just getting started. The first four sets encompassed a total of 45 games, less than half of the fifth set alone. To put it in some more perspective: The 2009 Wimbledon final between Federer and Andy Roddick was the longest Grand Slam championship match in history, running 77 games in all.

Mahut actually has some recent experience in such matters: He won a four-hour match in the second round of qualifying last week that ended 24-22 in the third set.

Isner and Mahut began Wednesday at 2:04 p.m., with the court bathed in sunlight and in heat that topped 80 degrees. As play carried on, shadows crept across the court, and the well-manicured blades of green grass along both baselines wore away, leaving patches of beige dirt. By the time the players left the court, the moon was rising overhead.

Organizers moved other matches that were supposed to be played on the same court, and postponed Isner's doubles match that happened to be on Wednesday's schedule.

While this was only a first-round match, the stakes were big for the participants. Isner lost his only previous match at Wimbledon, exiting in the first round in 2008, while Mahut lost in the first round at the All England Club each of the past two years.

Because Isner served first in the fifth set, Mahut faced the difficult task of always trailing while serving, knowing that if he were to get broken, he would lose.

Both players showed signs of fatigue and frustration.

Seeking some extra energy, Isner wolfed down a sandwich and sipped water during one changeover, and he scarfed down a banana at another. At the end of the day, he was gritting his teeth on serves, rubbing his back or putting his hands on his knees while sucking air between points, and occasionally deciding not to chase shots.

During one break, Mahut was visited by a tournament doctor and given some pills to swallow, and later had a finger taped. After missing one shot, Mahut dropped to his knees and covered his head with both hands. Somehow, Mahut summoned the strength to dive for a shot in the fifth set's 117th game — yes, you read that number correctly.

Even chair umpire Mohamed Lahyani, sitting in his perch long enough to have taken a trans-Atlantic flight, seemed to be tired. He tried to stay loose by massaging his neck or stretching his legs, and as the match dragged on, Lahyani paused while reciting the score, as if to make sure he had the count correct.

"This is one of the few times where I feel bad for the umpire," well-known official-berater John McEnroe joked on BBC's TV coverage.

It might not necessarily have been the most scintillating tennis, given that so many points were so brief, often consisting of merely an unreturned serve, followed by both players shuffling along the baseline to get in position for the next point.

The match was without a doubt riveting from this standpoint: Who would falter, even for a split second, on a solitary stroke — enough to finally turn control one way or the other? Who would wilt first, physically or mentally?

"Maybe they should agree on playing a tiebreak if it's 50-all," 2008 Australian Open champion Novak Djokovic mused. "That's maybe one of the solutions."

It was a test of wills tough to compare to another individual sport — unless, perhaps, a golf tournament's playoff extended for, say, 36 holes. The longest Major League Baseball game in history lasted a mere 8 hours, 6 minutes.

And to think: Isner vs. Mahut could have concluded much, much earlier in the day.

Isner held a match point all the way back in the 20th game of the fifth set, when he was ahead 10-9 with Mahut serving. Mahut double-faulted twice to give Isner a break point and match point, but the Frenchman erased it with an ace.


Hard to believe, perhaps, but there wasn't another break point or match point for either player until the set's 66th game, with Isner ahead 33-32.

Isner smacked a backhand return winner down the line to go ahead 15-40, earning two match points, then waved his right hand to signal to the overflowing crowd to cheer louder. But he couldn't convert either chance. Mahut delivered a volley winner to erase the first, then a service winner on the second.

Two points later, Isner ceded the game by putting a forehand return into the net, prompting some fans backing Mahut to chant, "Nico! Nico! Nico!"


In the 71st game, with Isner serving, he faced a deuce. Two more points for Mahut would have allowed the Frenchman to serve for the match. But Isner delivered a second-serve ace at 124 mph, followed by a service winner.

36-35 for Isner.

Mahut earned his first break points of the fifth set in — believe it or not — the 101st game, when Isner missed a forehand wide to fall behind 15-40. Isner saved the first with a service winner at 132 mph. On the second, Mahut tried a lob — perhaps not the ideal strategy against the 6-foot-9 Isner — and the American hit an overhead winner. Two more service winners ended the game.

51-50 for Isner.

An opening for Isner came in the 108th game, when Mahut missed a backhand, then a forehand, to fall behind love-30, putting the American two points away from victory. But Mahut came up with a volley winner, then three consecutive aces.


In what would wind up being the final game of the day, with Isner ahead 59-58, Mahut's double-fault — his 21st — afforded the American one more match point, just over six hours after the first one. Mahut delivered again, smacking an ace to get to deuce. Isner then shanked a return long, crouched, and bit his white T-shirt. On the next point, Isner's backhand return sailed wide.


And that's where they will resume, once more, the 25-year-old Isner and the 28-year-old Mahut, striving to be better than the other just long enough to win.

Filed under: Errors 1 Comment

world cup Slovakia vs Italy

Slovakia 3 : 2 Italy - Italy is out of the world cup!

JOHANNESBURG —No, that’s not another tremor. That’s a shockwave emanating out from College St.

Italy bombed out of this World Cup on Thursday in abominable style, sleepwalking through much of a must-win match against – yes, yes, we must use this word – plucky Slovakia. They were Italy enough to make a match of it after 70 minutes, but – for once that wasn’t enough.

The 3-2 Slovak victory means they will now advance to a likely Round of 16 game against the Netherlands.

Other world giants – England and Germany – have wobbled here. Along with 2006 finalists France, Italy become the second to fall.

The ageing Italians arrived knowing they had to beat Slovakia to ensure advancement. If this game was the place where they mounted their title defence, it ranked somewhere below the Maginot Line.

The Italians have always been expert at paring the game down to its essentials. Airtight defence; ball control; opportunistic counterattack.

Most of this performance was so minimalist it had more in common with orienteering than football. The Italians decided to walk around a football pitch for 70 minutes. Every once in a while, they stumbled over a ball.

Again and again, the Slovaks ran in behind the Italian back four, who could not plug the gaping holes in their set-up.

Another hallmark of Italian football – sacrificing ambition on the altar of exactitude. Italian footballers don’t make mistakes. They take advantage of those made by their opponents.

Yesterday, an elementary error put the Italians on the backheel.

With the game slowed to Italy’s preferred sluggish pace, Daniele De Rossi took a ball just outside his own area. He turned and passed up the middle to Ricardo Montolivo. But the pass was terribly short. Juraj Kucka stepped in front of Montolivo, took the ball and struck it up to the lone Slovak forward, Robert Vittek.

Vittek collected and marched toward one of those aforementioned gaps. The Italians looked on blankly. Vittek’s 25 yard shot sailed into the corner by sprawling Italian keeper Federico Marchetti.

At the outset of the game, it was hard to tell the Italian fans from the Slovak boosters. The two nations share the same colours. By half-time, it was easier. The Italians were the ones staring over the edges of Ellis Park’s terraces, looking for somewhere hard to land.

Manager Marcello Lippi, who often seems as bloodless as a vampire, must have given his team some talking to at half-time.

At the restart, the attitude was suddenly frantic. The introduction of midfield quarterback Andrea Pirlo, who had missed the first two games owing to injury, was supposed to signal a change in approach.

It did. In the 67th minute, Italy nearly pulled an Italy. Substitute Fabio Quagliarella took a lacing shot through a crowd that beat the keeper, but struck Slovak defender Martin Skrtel’s knee as he stood straddling the goal-line. It was a matter of centimeters, but the ball didn’t appear to cross the line.

Six minutes later, Vittek stuck again. A short corner was headed back to taker Marek Hamsik. He stabbed it back toward goal. Again, the Italian defence was napping. Giorgio Chiellini arrived too late to stop Vittek from slotting at unmissable distance.

Italian forward Antonio Di Natale pulled one back in the 81st, and things got silly. Slovak keeper Jan Mucha and Quagliarella tussled inside the net for the ball, both feigning injury in an attempt to get the other sent off. The sight of the pair of them entangled in the net, rolling around, is the sort of thing that allows rubes to run down the sport.

Controversy, which seems to trail Italy like an unpleasant memory, reared its head again in the 85th. Quagliarella penetrated the Slovak defence, took a short pass and struck it past Mucha for the tying goal. But he was ruled off-side on the play. Again, replays showed it was a matter of centimeters.

With the Italians now pressing hard, the Slovaks stuck the knife in at the other end. The most humiliating blow of all came from Kamil Kopunek, who was allowed to run through four Italians and onto the end of a throw-in to lob one over Marchetti.

It hurt all the more when Quagliarella scored from a perfectly struck ball in extra time. Two questions will haunt Italian fans – why didn’t Napoli’s Quagliarella feature in the first two games?

More importantly, why didn’t Italy play the first 70 minutes of this one the way the played the last 20?

Filed under: Errors No Comments