Php Get Security

March 23, 2009 in Security | No comments

It is very important to check your data that you take with $_GET before use.

You can use $_Get in some cases , in each case there are some different measures to be taken.

For example if you use sth like that

if(isset($_GET[ex]))

   include($_GET[ex]);

If you use this codes, bad users can include any page that they want in your web page

?ex=http://www.example.com/bad_page.php

With this they can include any page that they want.

$operation =array(‘add’,'delete’,'edit’,’save’);

if (in_arrray($_GET[ex],$operation))

.. make sth…

Also you can use switch,or if..

switch($_GET[ex]){
case ‘add’:  something…
break;
case ‘delete’: something…
break;
default: something…

with if

if($_GET[ex] == "add"){

Do something..
}

else if($_GET[ex] =="delete"){
Do something..
}

else
die("possible hack attempt");

Related posts

Tags: , ,

Some Changes..

March 22, 2009 in My news | No comments

I noticed that i write maximum 3 entry in a month. I decided to change this situation so i made some changes. I want to write something everyday. I hope i can :)

Firstly,i installed new theme, and some new plugin. I changed some place of theme you can download and wiev from here but you have to register first to download.

I installed:

simple tag plugin for related post and tags

pagenavi plugin for changing paging style

poll plugin ( don’t forget to vote my poll :) )

Also i was using these plugin:

All in one seo: very usefull plugin, you can chane your post , index, and archive pages descriptions,meta and titles.

Dean’s Code Highlighter: to make my codes colorful, it has some other features to.

Postwievs: It shows the most wieved pages and some other statistics about wievs.

I don’t know, did you notice but http://lesterchan.net has lots of plugin, and they are very usefull. :)

I used widgets for layouts.

Also i add my sites blog list for pagerank, you can see these blog list at footer.

I am thinking of write about php lessons, or how to make a cms with php, or php and security. I will be happy if you write your ideas as a comment

Related posts

Tags: , ,

Some tips for Pardus

March 11, 2009 in Linux | No comments

There are some tips for Pardus ,

1. How to chane linux root password in Pardus

write su root to login as root

write your password

type sudo passwd

type new password

confirm new password

2. How to terminate , kill a program

press ctrl+alt+esc and click the program that you want to kill

3. How to install program

Open pisi from pardus menu, search for a program for example amsn, check it and click install than you can use it or you can open console and write “sudo pisi it amsn” then write your password.

Related posts

Tags: , , , , ,

Adding two array

February 4, 2009 in Php | No comments

To add a array with a array, you can use array_combine(),but to use this function arrays size must be same.
for example:

$array1=array(1,4,5,6);
$array2=array(A,K,M,P);
$array3= array_combine($array1,$array2);

//array3 will be
$array3=
array(
[1]=>A,
[4]=>K,
[5]=>M,
[6]=>P,
)

for more information you can visit php.net/array_combine

Related posts

Tags: , , ,

Unlimited Subcategory with Adjacency List Model

February 1, 2009 in Php | 6 comments

I found two model two make to make category system with unlimited category one oft them is Tree traversal, and other is Adjacency list model.

I will use adjacency list model  because it is more understandable than tree traversal. In tree traversal model , insterting and editing categories is unclear , also this model is for bigger database.  However, i advice you to look  up Tree traversal’s logic, i liked it :) .

Let’s start with creating database;

CREATE TABLE IF NOT EXISTS `category` (
  `id` int(11) NOT NULL auto_increment,
  `name` varchar(128) NOT NULL,
  `top_id` int(11) NOT NULL,
  PRIMARY KEY  (`id`),
  KEY `id` (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ;


– Tablo döküm verisi `category`

INSERT INTO `category` (`id`, `name`, `top_id`) VALUES
(1, ‘Computer’, 0),
(2, ‘Laptop’, 1),
(3, ‘Asus’, 2),
(4, ‘Phones’, 0);
 

We want to make sth like this:

-Computer

— PCS

——Laptop

———Asus

-Phone

We use functions that call itself named recursive functions.

class CATEGORY
{
function cat($cat_id, $space= 1, $x =”) // cat id, space to add "_" degree of categoreis times, list of categories
{
$sql = mysql_query("SELECT * FROM category WHERE top_id=’$cat_id’");

while($select = mysql_fetch_assoc($sql))
{

$this->x = $this->x.str_repeat(‘_’, $space).$select['name'].’-';  // making a list with all categories names. we add "_" to in front of category name. It adds degree of category times. For example asus deggre is 2 therefore it will be __asus, pda’s degree is one therefore it will be _pda

$this->x = $this->cat($select['id'], ($space+1), $this->x);  // function calls itself, with this, it finds subcategory of a category.
}
return $this->x; // This is list of all categories. Each category is separating with "-", be careful this is not an array , this is a string
}

function get_cat($cat_id)
{
$list = $this->cat($cat_tid);
$arr = explode(‘-’, $list); // making array with categories
unset($arr[count($arr-1]);// deleting last element of array, because it is a blank
return $arr // return a array;

}

}

To use it

$example = new CATEGORY;
$get_array_categories = $exapmle ->get_cat(0);
print_r($get_array_categories);

I wrote this to show you how you can make a category system with unlimited subcategory. If my codes don’t woking fine, please
inform.

Related posts

Tags: , , ,

Codeigniter

January 30, 2009 in Php | No comments

While i was talking to mehmet ,he mentioned about php frameworks.  I heard somethings about them but not realy knew what they do.

After some research i found codeigniter. Codeignter is an open source php framework. You can use it to make faster, easier web applications. Also it has rich php library. To understand how it works , you can watch video tutorial of Codeigniter from here

This code gets all information from your database table named category

$data['query'] = $this->db->get(‘category’);

To get last 2 data i used only this code:

$data['query'] = $this->db->get(‘category’,2);

Codeigniter makes up a form for your database tables to instert your data, you don’t have to write any mysql, and html code :)

i hope you like it

Related posts

Tags: , , ,

mysql_insert_id

January 25, 2009 in Php | No comments

mysql_insert_id() is a very usefull function..

what does it do ?

it returns id generated from previous insert query.

Could you give some example ?

mysql_query("insert into product (name) values(aflower)");
if you want to print id of "aflower" you can use mysql_insert_id
echo mysql_insert_id();

!: to use mysql_insert_id your cloumn should be an auto_increment cloumn

Related posts

Tags: , , ,

install php apache mysql phpmyadmin

January 1, 2009 in Linux | 1 comment

On ubuntu and kubuntu systems you can install php5 apache2 mysql and phpmyadmin with this command

sudo apt-get install apache2 php5 php5-mysql php5-gd mysql-server phpmyadmin

To enable mod_rewrite run this:

sudo ln -sfn /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/
sudo /etc/init.d/apache2 restart

Related posts

Tags: , , , , , ,

Mysql password reset,change

December 29, 2008 in Php | No comments

Q. How do I change MySQL root password under Linux, FreeBSD, OpenBSD and UNIX like operating system over ssh / telnet session?

A. Setting up mysql password is one of the essential tasks. root user is MySQL admin account. Please note that Linux / UNIX login root account for your operating system and MySQL root are different. They are separate and nothing to do with each other (indeed some admin removes root account and setup admin as mysql super user).
mysqladmin command to change root password

Read the rest of this entry »

Related posts

Tags: , , , ,

C++ Friend Functions

December 15, 2008 in C++ | No comments

A class can allow non-member functions and other classes to access its own private data, by making them as friends. This part of C++ tutorial essentially gives two important points.

  • Once a non-member function is declared as a friend, it can access the private data of the class
  • similarly when a class is declared as a friend, the friend class can have access to the private data of the class which made this a friend

Here is an example

/* Onur AKTAS – alonon.net
 * 15/12/2008
 * Friend Functions
 */
#include <iostream>
using namespace std;
class INTEGER
{
        int num; // private variable
public:
        INTEGER(int n=0) {num = n;} // constructor to assign n to num
        friend void add(INTEGER &x,INTEGER &y); // this is friend function, it is not a member function, and can not write in class
};
void add (INTEGER &x,INTEGER &y) // do not write friend at the begining
{
  cout<<"Addition is: "<<x.num+y.num<<endl; // plus x’s num with y’s num
}
int main ()
{
        INTEGER x(5);
        INTEGER y(6);
        add(x,y);
        return 0;
}

Related posts

Tags: , , ,

§