PHP Web Tricks/Tips

Some Web PHP Tricks/Tips

Database:
1. Delete all information from databse related to, if deleting user or any content from CMS.
2. Use PDO, ADO, Pear, Zend etc. library to connect to database.
3. Take regular backup for database.
4. Use better naming convension.

Folders:
1. Use better naming convension.
2. Take regular backup for folders.
3. Protect project’s folder to unauthorized access, just put index.html or use apache security.
4. Folder name are case sensitive on servers like linux.
5. Don’t use 0777 permission on any folder use 0755.

Files:
1. Use better naming convension.
2. Use better documentation for web files, apply comments for coding and indent it.
3. Make consistency in DB, Filesnames, Variables, Page design.
4. Take regular backup for files.
5. Use caching for file to make site speed more fast.
6. Create debug files .txt, .log, .html etc. (fopen() | fwrite()) for tracking logical bugs.

Images:
1. Use version number in image URL to avoid image caching. (<img src=”san.jpg?ver=123″ alt=”san” />)
2. Images should have Etags, Max Age and far future expired header for caching.
3. Use a global funtion to display images ( draw_images($src, $attr); )

Class:
1. Use better naming convension.
2. Use encryption class (md5, sha, base64 etc. with salt) for storing password and important data into database.
3. Spidering web page (Curl, Pear etc.) is used for getting content of web page.

Functions:
1. Use function or include files for multiple use of web data to make reusability, integrity and productivity.
2. Use PHP session ID, remote IP and page name on increment views/hits.
3. Make function to load CSS, JS, Links, Forms & Elements, Images, Iframes etc. on webpage. (load_css_file(), load_js_file()….)
4. Looping should be start from Left to Right…

Variables:
1. Use better naming convension.
2. Use defined variables/constants for folder names, DB table names, Files and global variables (avoid hard coding, be happy coder).

CSS:
1. Avoid inline CSS on pages because it effect the page load time & speed also it matter in W3C validation.
2. Combine multiple CSS file in a single file with cached version.
3. Avoid conflict in CSS.
4. Avoid CSS expressions.
5. Use CSS Sprite for images.

JS:
1. Avoid inline JS on pages because it effect the page load time & speed also it matter in W3C validation.
2. Combine multiple JS file in a single file with cached version.
3. Use valid syntax for browser checking in javascript.
4. Avoid duplicate JS function.

Ajax:
1. Minimize the errors in HTML closing tags etc.
2. Use proper hyrarchy for HTML tags.
3. Use Math.random() in Ajax URL as parameter.
4. Send URL as parameter after encodeURIComponent() similar to urlencode() in PHP.
5. Use file_get_contents($url) for first time filling Ajax DIV.
6. Use new window to display javascript alert debug messages as append messages in log files.
7. Use Ajax Cached version.

WebPage:
1. On login page username/password should be case sensitive.
2. Open terms of use page in popup window on registration page.
3. Use better UI for Errors/Success messages.
4. Use cancle button near submit button.
5. Use captcha code on pages by session value to avoid Spams.
6. Put valid ALT values in IMG tags.
7. Use Enter button event on form’s submit control.
8. Use scrolling DIV on webpages for better GUI.
9. Use returnto parameter for redirecting page after login.
10. Use remember option on login page.
11. Use valid/correct statements in error/success/warning messages.
12. Use dynamic Title and Meta tags on page.
13. Use error pages like 404, 500 etc. by .htaccess
14. Use good NO/Blank image for image not found.
15. Use htmlspecialchars() in strings displayed on webpages for W3C validations.
16. Use favicon for webpages for better GUI.

Emails:
1. Use good words like Dear, Regards, Thanks etc. in emails.
2. Attach some links, images, videos etc. for proper understanding.
3. Use reference and ref. # in emails.

Tools:
1. Use IDE like APTANA, Dreamweaver, Zend Editor.
2. Use DW’s context menu for HTML/PHP code to avoid W3C errors/warnings.
3. Use FireFox plugins for development (Web Developer, Firebug, Scribefire, ColorZilla, FireFTP, S3Fire, ElastoFox, Gtalk, GrabScreen, YSlow, FireShot etc.) for site’s speed, performance and optimization.
4. Make sure we are using secure FTP, Email Client….
5. Command Line tools (putty, CMD etc.) are very good utilities for batch processes and large files.

Search:
1. View source and display function (echo, print etc.) are very useful for finding bugs and faults.
2. Try to search visual concept like jQuery, Ajax etc. on google images search engine.
3. Use google operator for getting better results.

Keep browsing, happy coding…….  

Google (The search engine)

Google (The search engine)

1. Crawling: Google create index for websites and webpages, it uses crawling for indexing.

2. Indexing: Google create index based on meta tags and keywords. GoogleBot store indexes for pages.

3. Serving: Google serve the weblinks based on user search keywords.

More search engine:

http://www.pdf-search-engine.com

http://www.docjax.com/home/index.shtml

http://www.docstoc.com/

http://www.tineye.com/  (Image reverse search engine)

http://www.who.is/  (domain search)

Top cricket scores

Top Latest cricket score:

wap.cricinfo.com
www.cricketnirvana.com
www.espnstar.com
www.skysports.com
www.mytoday.com
www.tensports.com

Top 10 Antivirus for web security

Top 10 Antivirus:
1.  Bit defender
2.  Kaspersky
3.  Eset nod32
4.  Trend micro
5.  F-secure
6.  Macfeetop
7.  Norton
8.  AVG
9.  CA antivirus
10. Norman

How To Linux

how-to-linux

>> How To Linux
>> How to configure EC2 Scalr

Reference: http://www.how-to-linux.com/

Handle Mysql special chars

Here you can use couple of line of code for special characters from your webpage, you have to add below 2 line after mysql_connetc() function.

These lines will removed the unsupported characters from web page and set character set to UTF8………

mysql_query(“SET CHARACTER SET utf8″);
mysql_query(“SET NAMES ‘utf8′”);

Enjoy and keep browsing………….. ~SV~

svn

Stand-alone clients

Cornerstone – A GUI Subversion client for Mac OS X.
eSvn – cross-platform QT-based GUI frontend to Subversion
FSVS – fast subversion command-line client centered around software deployment
KDESvn – A Subversion client for KDE
QSvn – A cross-platform GUI Subversion client
RapidSVN – A cross-platform GUI front-end for Subversion
RSVN – Python script which allows multiple repository-side operations in a single, atomic transaction.
SmartSVN – A cross-platform GUI client for Subversion
Subcommander – A cross-platform Subversion GUI client including a visual text merge tool.
SvnX – A Mac OS X Panther GUI client.
Syncro SVN Client – Cross-platform graphical Subversion client.
Versions – A GUI Subversion client for Mac OS X.
WorkBench – Cross platform software development GUI built on Subversion written in Python
ZigVersion – a Subversion Interface for Mac OS X. Aims to design an interface around the typical workflows of programmers.

Desktop-integrated clients

Cascade – Cross-platform file system driver frontend to Subversion, both GUI and command line. Also provides other higher-level functionality.
KSvn – A Subversion client for KDE — a plugin for Konqueror
SCPlugin – Subversion integration for Mac OS X Finder
TortoiseSVN – A Subversion client, implemented as a windows shell extension

more here: http://subversion.tigris.org/

——————————————————————————————–

http://sig9.com/blogs
http://www.petefreitag.com/item/505.cfm
http://www.lasmovies.com/blog/
http://www.sephiroth.it/examples/firefox/extensions/flashtracer.xpi
http://drawlogic.com/2007/08/10/helpful-flash-debugging-tools/
http://www.rapleaf.com/
http://www.visual-blast.com/category/javascript/
http://dev.victorstanciu.ro/experimente/prototype-showcase/
http://www.piksite.com/carousel.us/carousel.us.php
http://www.ajaxrain.com/tag.php?tag=effects&page=3
http://blog.liip.ch/open-source/
http://www.psd2html.com/examples/
http://www.strategyandaction.com.au/slideshow/logogal.html
http://www.classycode.co.uk/CoverFlow/
http://www.linux-sxs.org/networking/openssh.putty.html
http://www.askapache.com/htaccess/apache-authentication-in-htaccess.html
http://xqus.com/archive/2005/02/19/regenerate-php-session-id (session regenerate)

——————————————————————————————

$POST_MAX_SIZE = ini_get(‘post_max_size’);
$mul = substr($POST_MAX_SIZE, -1);
$mul = ($mul == ‘M’ ? 1048576 : ($mul == ‘K’ ? 1024 : ($mul == ‘G’ ? 1073741824 : 1)));

Video Application

http://blog.kovyrin.net/2006/10/08/lighttpd-memcoder-flvtool-for-streaming/

http://www.flashinsider.com/2006/07/26/how-to-create-your-own-youtube-site/

http://blog.kovyrin.net/2006/10/14/flash-video-flv-streaming-nginx/

http://www.boutell.com/newfaq/creating/video.html

http://www.funnymonkey.com/diy-private-video-sharing

http://www.yvoschaap.com/youtube/   (YouTube Drag-Drop)

Some Google Tricks

Some Google Tricks revealing sensitive data
Everyone knows google in the security sector…and what a powerful tool it is,just by entering certain search strings you can gain a vast amount of knowledgeand information of your chosen target…often revealing sensitive data…thisis all down to badly configured systems…brought on by sloppy administrationallowing directory indexing and accessing , password files , log entrys ,files , paths ,etc , etc
Search Tips
so how do we start ?
the common search inputs below will give you an idea…for instance if youwant to search for the an index of “root”
in the search box put in exactly as you see it below

Search Strings :

“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
“Index of /” +password.txt
“Index of /” +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto

administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index

allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

inurl:passwd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:”auth_user_file.txt”
inurl:”wwwroot/*.”

top secret site:mil
top secret site:mil
confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history

intitle:”Index of” .sh_history
intitle:”Index of” .bash_history
intitle:”index of” passwd
intitle:”index of” people.lst
intitle:”index of” pwd.db
intitle:”index of” etc/shadow
intitle:”index of” spwd
intitle:”index of” master.passwd
intitle:”index of” htpasswd
intitle:”index of” members OR accounts
intitle:”index of” user_carts OR user_cart

Let me show how it works.

1# Enter the search string in the search box of google.

2# Now we check search results one by one.

For more visit http://badmash-orkut.blogspot.com/2008/07/some-google-tricks-hacks.html

http://badmash-orkut.blogspot.com/

Wap Push Short Code

A short code is a 3-6 digit phone number that is used for sending and
receiving premium or non-premium SMS. Most customers are familiar
with a full phone number, known as a long code, that is typically 7 or
more digits in length depending on the numbering plan of the home
country. For example, in North America, a long code is 11 digits in
length (the first digit is the country code followed by a national
number of 10 digits). In order to send and receive premium SMS or
receive high volumes of non-premium SMS, network operators
require the activation of a short code.
A short code is usually 5 digits in length, such as 55424, and is
activated on a specific wireless network. The same 5 digit code can
be activated with more than one operator, allowing user’s to be able
to interact with your application across carriers.

Short codes can be configured to support premium billing, or the
ability to charge the recipient a fee for your service. Premium
messaging fees may be triggered on either mobile terminated
(outgoing SMS to phone) or mobile originated (incoming SMS from
phone) SMS.

http://www.codeproject.com/KB/IP/wappush.aspx

http://forums.devshed.com/mobile-programming-20/wap-push-over-smpp-mblox-395786.html

http://dev.sellingsource.com/2006/12/07/sending-wap-push-messages-with-kannel-php/

http://www.workingsoftware.com.au/index.php?h=WebLog&author_id=1&entry_id=65  ()

http://dev.sellingsource.com/2006/11/13/configuring-kannel-to-send-sms/

http://www.blogalex.com/archives/12

http://php-classes.de/class/wap-push/

http://pomoc.alombra.de/About/WAPPushSMS

http://www.activexperts.com/activsms/sms/wappushsi/  (Description)

http://www.codango.com/php/dir/webapps/industry/mobileco/?pg=1&tab=refined&order=desc

http://wiki.triangle-solutions.com/index.php/SMS_WAP  (Toturial)

http://www.intellisoftware.co.uk/sms-gateway/php-sdk/

katana

http://sprintdevelopers.com/node/271
http://ra.pcslab.com/upload/index.php  (gcd uploader)
http://sprintdevelopers.com/node/270
http://www.sprintusers.com/forum/archive/index.php/t-42076.html  (addtype)
http://www.netmask.com/pcsdownloads.html
http://www.tech-recipes.com/rx/531/setting-up-your-own-server-to-download-ringerwallpapers-sprintpcs/
http://www.star-webs.com/sprint-pcs/
http://dev.sellingsource.com/2006/12/07/sending-wap-push-messages-with-kannel-php/
http://pcs.cruz-network.net/faq.php#gcd
http://rumkin.com/tools/sprint/faq/index.php  (Faq)
http://www.docstoc.com