Your solutions....

Create new role in wordpress

2014-04-21T14:44:00.001-07:00

By default we have list of roles present in wordpress like administrator, editor, author etc. BY default we cannot add a new role to the current roles displayed in the wordpress system. We have so many pluggins which we need to check and find the suitable. The below solution provides you a quick and better access to add a new role.

1. Open the wordpress folder
2. Select the themes folder and select your current theme.
3. If you have functions.php file open the file, If you dont have functions.php file copy the file from the other theme / base theme and paste in your current theme.
4. At the last line of function.php file add the below lines. "add_role('Role Name', 'Role Display Name', array( 'Capabilities'));"

Just by the above steps you would be able to add the New roles to your current system without any external plugins installation.

Remove spaces between two string

2014-02-03T23:14:00.002-08:00

In PHP we have so many functions which are related to strings. The below examples explains how to remove the spaces between string.

1. str_replace

2. preg_replace.

str_replace:

This replaces the empty spaces. this can be used partially.
Example:
$string = str_replace(' ', '', $string);

preg_replace:

This will replace the nth spaces and removes the white spaces within all the string.

Example:

$string = preg_replace('/\s+/', '', $string);

Php hacking techniques part 1

2010-11-20T21:32:00.001-08:00

Techniques for securing user input, then extended those techniques to applications where database input and output is required, looking at some SQL security issues. next is to deal with file operations and file uploads, looking specifically at the security issues involved with accessing files based on some user supplied filename, and user-supplied files (uploaded files).

What Are Sessions?
Sessions are a PHP construct allowing persistent data to be retained across HTTP connections. In English, sessions allow you to store the values of certain variables across page visits. This is achieved by serializing the data (converting it to some binary representation) and writing it out to a file (or a database, or wherever you tell it), when a page is finished processing in PHP. When the next page (or that same page some time later) is processed, and PHP is told to start a session, it will check if the user already has a session, and read their data back in, unserializing it and assigning the variables. This allows you to keep track of a user across multiple visits, or while browsing multiple pages on your site.

For example, you can create a shopping cart using sessions, storing an array of items added to the cart in a session variable, and loading it on every page. When the user clicks 'Add to cart' you can add the item to the array, and it will be saved for the next page the user goes to. The whole array can be fetched on your checkout page and appropriate processing will take place.

How Do Sessions Work?
As many probably know, HTTP is a stateless protocol. By stateless, I mean that any HTTP connection is unaware of previous connections made by the same client, to the same server (persistent connections excepting). There are two useful ways in which PHP can pass identification information between pages in order to uniquely associate a user with a session.

PHP can use cookies to store a session ID. The cookie value is sent on every request, so PHP can match that up to its session data and retrieve the correct set of variables for that user. Another way is to pass the session ID in URLs. In order to do this, URL rewriting must be enabled.

Passing session data in URLs is not recommended since it is possible to pass your session onto another user if you give them a link which contains your session ID, and the session ID data is more easily attackable than in a cookie. URL-based session tracking should be used only where cookies cannot.

Using $_SESSION
PHP provides a super-global variable named $_SESSION. By super-global I mean it is a global variable which you may access without going via $_GLOBALS or stating global $_SESSION within a function. In this way, it behaves like $_GET and $_POST.

$_SESSION is, in fact, an associative array. The keys are variable names, and the values are the stored session data for that variable name.

Using $_SESSION is preferred over the use of session_register() to register ordinary global variables as session variables, especially when register_globals is enabled, since global variables may be more easily changed inadvertently than the contents of $_SESSION. It is still possible to alias ordinary global variables to their equivalents within $_SESSION,

$username = &$_SESSION["username"];

Here, the & indicates a reference, or alias. It is then possible to use $username instead of $_SESSION["username"], but note that $username is an ordinary variable, and you will have to access as $_GLOBALS["username"] or global $username from within a function.

Trusting Session Data
Since a session ID can be spoofed, it is always wise to perform some extra validation where possible. The simplest mechanism would be to store the IP address of the client to whom the session ID was issued, and compare the client IP against that stored IP every session. This will prevent the basic security problems associated with passing links between computers (though not if the computers are on a private network and share a single public IP address).

Session data is also stored in files on the server. The default location is /tmp on UNIX, or the system temporary file directory on Windows. If /tmp is world-writable (or, in some cases, world-readable), or there are multiple websites hosted on a single server, storing session data in a public location is not secure. PHP provides a way to change the way session data is stored.

Changing The Session File Path
The location in which PHP saves session data can be set using the php.ini directive session.save_path, or the string below in httpd.conf or a virtual host configuration.

php_value session.save_path "/home/test/sessions/"

It is important to ensure that your session data path is included in the paths allowed by open_basedir, if you have open_basedir settings or PHP Safe Mode enabled.

The data representation used for saving session data to files can be controlled with the session.serialize_handler directive in php.ini. By default, PHP uses its own built in format, but the WDDX ( http://www.wddx.org ) format can be used also. Set the type using one of the lines below.

(in php.ini ...)

session.serialize_handler wddx

or

session.serialize_handler php

(or in httpd.conf ...)

php_value session.serialize_handler wddx

or

php_value session.serialize_handler php

Storing Session Data In A Database
When you use on-disk files to store session data, those files must be readable and writeable by PHP. On a multi-user hosting system, it is possible for other users to access your session data through the PHP process (but see the commentary on open_basedir in part 5 of this series. The best way to secure your session data is to store it in a database.

Unfortunately, there is no direct way to store session data in a database using the php.ini directives, but luckily PHP provides a mechanism for customised session storage handlers. The function session_set_save_handler() allows you to register handler functions for session management. These functions must be written in PHP (or made available as a PHP extension).

session_set_save_handler(open_fn, close_fn, read_fn, write_fn,

destroy_fn, gc_fn)

To use these user-supplied session storage handlers, you must set session.save_handler to the value user, and the value of session.save_path should be the name of the database into which you're saving session data (so that the session save handler functions you define can locate and use that database). The value of session.name can be used as the name of the table within the database.

(httpd.conf)

php_value session.save_handler user

php_value session.save_path dbname

php_value session.name session_data

Next, a table for storing session data must exist in the database. At the minimum, your session handler should keep track of the session ID, the expiration time, and the serialized session data. The SQL below creates a simple table for storing this data.

CREATE TABLE session_data (

sessionid text not null PRIMARY KEY,

expiration timestamp,

sessiondata text not null

);

The final task is to create the functions which manage this session store, and register them with session_set_save_handler(). The open_fn must open the database connection, the close_fn must close it and perform any associated cleanup tasks, and the read_fn and write_fn functions must read and write session data respectively. destroy_fn is called when a session ends and is destroyed, and gc_fn is called when session data is garbage collected. These operations must be mapped into database queries by your PHP code. The prototypes for the functions are given below, and parameters passed are explained.

function open_fn($save_path, $session_name)

$save_path is the value of session.save_path, $session_name is the value of session.name

function close_fn()

Takes no arguments

function read_fn($session_id, $data)

$session_id is the session ID for which PHP requests the associated session data to be returned

function write_fn($session_id)

$session_id is the session ID for which PHP requests that $data be associated with in the session store (database)

function destroy_fn($session_id)

$session_id is the ID of a session which may be removed from the store

function gc_fn($max_time)

$max_time is the oldest last modified time to retain in the session store. Sessions with an older modified time than this are to be removed from the store.
-- Continued in Next pPrt

Php hacking techniques part 2

2010-11-20T21:30:00.001-08:00

Implementing the above functions, you are not limited simply to database connections. You could, for instance, connect to some other data storage application, or store the session data in an encrypted virtual filesystem, or on a network file server.

Further Securing Sessions
There are a few remaining PHP directives for controlling sessions, several of these have security implications. Firstly, the session name (set with session.name) should be changed from the default to avoid collisions, especially on servers with multiple users.

The session.cookie_path directive determines the default cookie path, the path for which cookies will be sent in an HTTP request. If you have a forum at somedomain.com/forum, and somedomain.com/ does not require session management, you can change session.cookie_path as shown below.

php_value session.cookie_path /forum/

This prevents sections of your site which do not require the session cookie from being sent it, and limits exposure of the session IDs to those parts of a site where sessions are actually being used. This is especially important if some sections of your site have pages provided by other users, who could use those pages to steal session IDs from your visitors.

Setting session.use_only_cookies to true disables the passing of session IDs in URLs, at the cost of losing sessions support for users with cookies disabled, or on browsers not supporting cookies. Setting session.cookie_domain to the most restrictive domain name possible (e.g. forum.somesite.com instead of somesite.com) also helps to minimise exposure of session IDs. Of course, if you have a single login for an entire range of subdomains, you will have to set the domain as somedomain.com to ensure that the sessions are correctly managed across all of the subdomains.

Finally, it is possible to set the hash function used when creating session IDs. The default is to use MD5 (hash function 0), but SHA1 may also be used (hash function 1). SHA1 is a 160-bit hash function, whereas MD5 is only a 128-bit hash function, so using SHA1 for session hashes improves security slightly over using MD5. You can set the hash function using This setting was introduced in PHP 5.

php_value session.hash_function 1

Beyond PHP Security
Everything I've covered so far has been directly related to PHP and SQL security. The best situation we can manage here is PHP Safe Mode, which uses self-imposed restrictions to improve security. That this is the best we can achieve is due to the server architecture currently in use. There are, however, a few options for taking security a little further, and imposing the restrictions at a lower level than PHP itself. To conclude this series, I'll mention some of these briefly here.

Chroot
Chroot changes the "root" directory that a process can see. This effectively locks it into a certain directory structure within the overall filesystem. With this approach, you can lock a web server into some directory such as /home/www and it will not be able to access anything outside of that structure.

There are several advantages to doing this. The first is that the web server, PHP, any user scripts, and also any attackers, will be contained within this chroot "jail", unable to access files outside of it. Furthermore, you can remove all but the most essential software from the chroot environment. Removing any shells from the environment prevents a large number of exploits which attempt to invoke a remote shell. The minimal environment inside a chroot makes life very difficult for attackers, no matter whether their method of attack is through a vulnerability in your PHP code, or a vulnerability in the underlying web server.

Apache mod_security and mod_chroot
mod_security and mod_chroot are extension modules specifically for the Apache web server. These two modules provide chroot support for Apache without externally applying a chroot technique. mod_security also provides several other security features. Further information is available at http://www.modsecurity.org/ for mod_security and at http://core.segfault.pl/~hobbit/mod_chroot/ for mod_chroot.

suEXEC and Multiple Server Instances
Using a chroot to lock your web server into a restricted environment helps to prevent some security problems, but one of the big issues is shared hosting. Running multiple websites on the same server requires that the web server process has access to each user's files. If the web server has access, so do the other users (subject to PHP Safe Mode restrictions, of course). There are two ways around this, one which is Apache specific, and one which may be deployed on any server environment.

suEXEC, specific to Apache, switches an Apache process to be owned by the same user as the script it is executing, losing any escalated permissions. This locks that Apache instance into the permissions held by that user, rather than the permissions held by the master web server process itself. This mechanism allows a return to the more traditional permissions system, and each user can be reasonably sure his or her files are protected. The cost of this is that an Apache process may not then be promoted back to regain permissions and switch user again to serve a different user's files. This system works best when there will be many requests for pages owned by the same user. suEXEC is explained in more detail at http://httpd.apache.org/docs/1.3/suexec.html

The alternative is to use multiple instances of the web server, each one running with the permissions of a different user. Each server then only has the permissions it needs to serve a single website, so a reverse proxy must be used as a front to all of these server instances, redirecting requests for a virtually hosted website to the Apache instance responsible for actually serving that site. This solution is the most secure, but also the most resource-hungry. Information about using Apache as a reverse proxy is available at http://httpd.apache.org/docs/1.3/mod/mod_proxy.html

How to check for PHP vulnerabilities
The best way to check whether your web site & applications are vulnerable to PHP security attacks is by using a Web Vulnerability Scanner. A Web Vulnerability Scanner crawls your entire website and automatically checks for vulnerabilities to PHP attacks. It will indicate which scripts are vulnerable so that you can fix the vulnerability easily. Besides PHP security vulnerabilities, a web application scanner will also check for SQL injection, Cross site scripting & other web vulnerabilities.

The Acunetix Web Vulnerability Scanner scans for SQL injection, Cross site scripting (XSS), Google hacking and many more vulnerabilities. For more information & a trial download click here.

Check if your website is vulnerable to attack with Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner ensures website security by automatically checking for SQL injection, Cross site scripting and other vulnerabilities. It checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist. Take a product tour or download the evaluation version today!

Scanning for XSS vulnerabilities with Acunetix WVS Free Edition!
To check whether your website has cross site scripting vulnerabilities, download the Free Edition from http://www.acunetix.com/cross-site-scripting/scanner.htm. This version will scan any website / web application for XSS vulnerabilities and it will also reveal all the essential information related to it, such as the vulnerability location and remediation techniques. Scanning for XSS is normally a quick exercise (depending on the size of the web-site).

Final Words
This concludes the tour of PHP and SQL security. There is much more information available on the web about each security issue covered in this series, and many other issues also. In particular, several Apache modules exist for improving security through chrooting, reverse proxies, or simply checking requests for attacks such as directory traversal.

The PHP manual over at php.net points out any security concerns relating to most functions, and the comments posted by users below the reference pages often contain useful security hints and code samples

Cookies in PHP

2010-06-29T05:09:00.000-07:00

The better and simple solution for sending the user input values from one page to another page is using COOKIES. We can send data easily from page to page and can be easily retrieved and used.

Setting Cookies

setcookie():This method is used for creating the Cookies. Important note is that Cookies are sent with the HTTP headers,so setcookie() must be called before any output is generated.

Example:
setcookie('Variable','Value');

This is the default syntax declaration, We have another parameters which has its own importance but they are not mandatory.

The third argument to setcookie() is an expiration time,expressed as an epoch timestamp.For example, this cookie expires at noon GMT on December 3, 2004:

setcookie('flavor','chocolate chip',1102075200);

If the third argument to setcookie() is missing (or empty),the cookie expires when
the browser is closed. Also,many systems can’t handle a cookie expiration time
greater than 2147483647,because that’s the largest epoch timestamp that fits in a
32-bit integer

The fourth argument to setcookie() is a path. The cookie is sent back to the server
only when pages whose path begin with the specified string are requested. For example, the following cookie is sent back only to pages whose path begins with /products/:

setcookie('flavor','chocolate chip','','/products/');

The page that’s setting this cookie doesn’t have to have a URL that begins with /products/, but the following cookie is sent back only to pages that do.

The fifth argument to setcookie() is a domain. The cookie is sent back to the server
only when pages whose hostname ends with the specified domain are requested. For
example,the first cookie in the following code is sent back to all hosts in the example.com domain,but the second cookie is sent only with requests to the host test.example.com:
setcookie('variable','value','','','.example.com');
setcookie('variable','value','','','test.example.com');

If the first cookie’s domain was just example.com instead of .example.com,it would
be sent only to the single host example.com (and not www.example.com or test.
example.com).

The last optional argument to setcookie() is a flag that if set to 1,instructs the
browser only to send the cookie over an SSL connection. This can be useful if the
cookie contains sensitive information,but remember that the data in the cookie is
stored in the clear on the user’s computer.

Reading Cookie Values
A cookie’s value isn’t available in $_COOKIE during the request in which the cookie isset. In other words,the setcookie() function doesn’t alter the value of $_COOKIE. On subsequent requests,however,each cookie is stored in $_COOKIE. If register_globals
is on, cookie values are also assigned to global variables.

When a browser sends a cookie back to the server,it sends only the value. You can’t
access the cookie’s domain,path,expiration time,or secure status through $_COOKIE
because the browser doesn’t send that to the server.
To print the names and values of all cookies sent in a particular request,loop
through the $_COOKIE array:

foreach ($_COOKIE as $cookie_name => $cookie_value) {
print "$cookie_name = $cookie_value
";
}

Deleting Cookies
Call setcookie() with no value for the cookie and an expiration time in the past:

setcookie('flavor','',time()-86400);

It’s a good idea to make the expiration time a few hours or an entire day in the past,in case your server and the user’s computer have unsynchronized clocks. For example,if your server thinks it’s 3:06 P.M. and a user’s computer thinks it’s 3:02 P.M.,a cookie with an expiration time of 3:05 P.M. isn’t deleted by that user’s computer even though the time is in the past for the server.
The call to setcookie() that deletes a cookie has to have the same arguments (except
for value and time) that the call to setcookie() that set the cookie did,so include the path, domain, and secure flag if necessary.

Different browsers handle cookies in slightly different ways,especially with regard to how strictly they match path and domain strings and how they determine priority
between different cookies of the same name.

PHP working with Files and Directory

2010-06-16T04:24:00.000-07:00

Below are some of the important methods used when working or manipulating the files or folders

parse_ini_file($filename)
parse_ini_file() loads in the ini file specified in filename, and returns the settings in it in an associative array.
Example
// Parse without sections
$ini_array = parse_ini_file("sample.ini");
print_r($ini_array);

// Parse with sections
$ini_array = parse_ini_file("sample.ini", true);
print_r($ini_array);
O/P
Array
(
[one] => 1
[five] => 5
[animal] => Dodo bird
[path] => /usr/local/bin
[URL] => http://www.example.com/~username
[phpversion] => Array
(
[0] => 5.0
[1] => 5.1
[2] => 5.2
[3] => 5.3
)

)
Array
(
[first_section] => Array
(
[one] => 1
[five] => 5
[animal] => Dodo bird
)

[second_section] => Array
(
[path] => /usr/local/bin
[URL] => http://www.example.com/~username
)
)

basename($path)
Given a string containing a path to a file, this function will return the base name of the file.
Example
$path = "/home/httpd/html/index.php";
$file = basename($path); // $file is set to "index.php"

dirname($path)
Given a string containing a path to a file, this function will return the name of the directory.
example
$path = "/etc/passwd";
$file = dirname($path); // $file is set to "/etc"

pathinfo($_SERVER['PHP_SELF'])
pathinfo() returns an associative array containing information about path.
Example
$path_parts = pathinfo('/www/htdocs/inc/lib.inc.php');

echo $path_parts['dirname'], "\n"; //www/htdocs/inc
echo $path_parts['basename'], "\n"; //lib.inc.php
echo $path_parts['extension'], "\n"; //php
echo $path_parts['filename'], "\n"; // lib.inc

realpath($path)
realpath() expands all symbolic links and resolves references to '/./', '/../' and extra '/' characters in the input path and return the canonicalized absolute pathname
Example
echo realpath('/windows/system32'); //C:\WINDOWS\System32

getcwd()
Gets the current working directory.

file_exists
hecks whether a file or directory exists

PHP Magic Methods

2010-06-15T03:34:00.000-07:00

These are the following magic methods available

__construct, __destruct, __call, __callStatic, __get, __set, __isset, __unset, __sleep, __wakeup, __toString, __invoke, __set_state and __clone are magical in PHP classes.

PHP reserves all function names starting with __ as magical.

__sleep
serialize() checks if your class has a function with the magic name __sleep. If so, that function is executed prior to any serialization. It can clean up the object and is supposed to return an array with the names of all variables of that object that should be serialized. If the method doesn’t return anything then NULL is serialized and E_NOTICE is issued.

__wakeup
Conversely, unserialize() checks for the presence of a function with the magic name __wakeup. If present, this function can reconstruct any resources that the object may have.

Example:
class Connection {
protected $link;
private $server, $username, $password, $db;

public function __construct($server, $username, $password, $db)
{
$this->server = $server;
$this->username = $username;
$this->password = $password;
$this->db = $db;
$this->connect();
}

private function connect()
{
$this->link = mysql_connect($this->server, $this->username, $this->password);
mysql_select_db($this->db, $this->link);
}

public function __sleep()
{
return array('server', 'username', 'password', 'db');
}

public function __wakeup()
{
$this->connect();
}
}

__tostring
The __toString method allows a class to decide how it will react when it is converted to a string.

Example
class Member
{
private $m_szEmail;
private $m_szUsername;

public function __construct($szUsername, $szEmail)
{
$this->m_szUsername = $szUsername;
$this->m_szEmail = $szEmail;
}
}

$pMember = new Member('Karl', 'karl@talkphp.com');

echo $pMember;

O/P is object.

Usually, most people would achieve this with code like:

echo $pMember->getUsername() . " (" . $pMember->getEmail() . ")";

However, what we can do is use the __toString() function to change the default behaviour of the object to string conversion. This would allow us to specify exactly
Add this method in your class

public function __toString()
{
return sprintf('%s (%s)', $this->m_szUsername, $this->m_szEmail);
}

__set() is run when writing data to inaccessible properties.

__get() is utilized for reading data from inaccessible properties.

__isset() is triggered by calling isset() or empty() on inaccessible properties.

__unset() is invoked when unset() is used on inaccessible properties.

__call() is triggered when invoking inaccessible methods in an object context.

__callStatic() is triggered when invoking inaccessible methods in a static context.

__invoke() this method is called when a script tries to call an object as a function.

__set_state() This static method is called for classes exported by var_export() since PHP 5.1.0.

The only parameter of this method is an array containing exported properties in the form array('property' => value, ...).

PHP 5 OOPS concepts Key Words

2010-06-01T05:05:00.000-07:00

Extends
In PHP a class a class can inherit methods, functions and members of other class by using the extends keyword in the declaration. In PHP it is not possible to inherit from multiple classes, a class can inherit from only one base class.

The class from which inheritance is done is called the parent class or base class and the class which inherits is called the child class.

Final
The final keyword prevents the child classes from overriding a method. This can be done by prefixing the method with the keyword final. If the complete class is being defined as final then that class cannot be extended.

Abstract
A new concept of abstract classes and methods has been introduced in PHP5. When a class is defined as abstract then it is not allowed to create the instance of that class. A class that contains at least one abstract method must also be abstract. The methods defined as abstract cannot define the implementation; they just declare the method’s signature.

When a child class is inheriting from an abstract parent class, then all the methods marked abstract in parent class declaration must also be additionally defined by the child class. These methods must be defined with the same or weaker access. This means that if an abstract method is declared as protected in the parent class then it must be declared either as protected or public in the child class.

Static
When class members or methods are declared as static then there is no need to instantiate that class. These members and methods are accessible without the instantiation of the class. If a member is declared as static then it cannot be accessed by an instantiated class object, but a method declared as static can be accessed by an instantiated class object.

The static declaration of a class must be after the visibility declaration (means that after the member or method has been declared as public, protected, or private).

The static method calls are resolved at compile time and static properties cannot be accessed through the object through the arrow operator (->).

Interfaces
Object interfaces allow the creation of a code which specifies that which method a class must implement, without having to define how these methods have to be handled.

Interfaces are defined in the same way as a class is defined. These interfaces are defined with the keyword “interface”. In the interface the contents of the methods do not have to be defined and all the methods declared in the interface must be declared as public.

Implementation of Interfaces
To implement an interface, the implements operator is used. The methods must be defined before implementation and all the methods in the interface must be implemented within a class.

Introduction of SOAP Architecture

2010-04-28T05:01:00.001-07:00

Simplified Object Access Protocol (SOAP) is a specification that enables applications to communicate with other applications. It provides a framework for connecting Web sites and applications to create Web services. These Web services link different sites and applications together to perform functions that the individual components or sites are not capable of. SOAP provides a mechanism by which each service can expose its features and communicate with other services. Using SOAP, one can link services offered by different systems together as components and use these components to build a complex information system application in a much shorter timeframe.

High-Level diagram of SOAP in a distributed system

Advantages of SOAP
1. SOAP is an open standard that is built upon open technologies such as XML and HTTP. It is not vendor-specific and therefore less intimidating to smaller players in the industry. As a result it is being accepted uniformly by the industry, thus improving its chances of being the de-facto standard for true distributed interoperability.
2. SOAP based distributed systems are loosely-coupled. As a result they are easier to maintain because they can be modified independently of other systems.
3. When used over HTTP protocol, SOAP packets can easily bypass firewalls if their content is not deemed malicious.

Disadvantages of SOAP
1. SOAP’s relied on HTTP for transport of XML data in the version 1.0 of its specification. HTTP requires a stateless request/response architecture that is not appropriate under all circumstances. While one can work around the state problem it requires additional coding.
2. All SOAP data is serialized and passed by value and currently there is no provision for passing data by reference. This could lead to synchronization problems if multiple copies of the same object are being passed at the same time.

SOAP Architecture

Configure Virual host in Apache

2010-04-27T00:01:00.001-07:00

Virtual hosting is a method for hosting multiple domain names on a computer using a single IP address. This allows one machine to share its resources, such as memory and processor cycles, to use its resources more efficiently.

One widely used application is shared web hosting. Shared web hosting prices are lower than a dedicated web server, because this allows many customers to be hosted on a single server.

Setting Up A Virtual Host in Apache
Setting up a virtual host in the Apache web server is not exactly a PHP topic, but many PHP developers use the Apache web server to test web pages on their development machine.

There is a lot of information around on how to do this, but the first time I tried it, I found the existing information to be more confusing than helpful. Hopefully, this page will simplify the process a bit. Please note that this information pertains to setting up a virtual host in Apache on a Windows machine for use as a local testing server.

Configuring Apache

The first file we'll need to edit is the Apache httpd.conf file. If you installed the Apache software using the download from the Apache web site, you should have a menu item that will open this file for editing. Click Start->Programs->Apache HTTP Server->Configure Apache Server->Edit the Apache httpd.conf Configuration File. If you don't have that start menu item, start your text editor and open the file. It will be in a sub-folder named conf of your Apache folder. For example, mine is here:

C:\Program Files\Apache Group\Apache\conf\httpd.conf

Notes for Apache Server Versions Since 2.2 Configuration

Note that Apache changed the preferred method for configuring the Apache server with the release of Apache 2.2. For versions beginning with 2.2, the peferred configuration is more modular. Setting up a virtual host as described here will still work with the newer versions, but to follow the modular approach, the editing of httpd.conf is only to uncomment (remove the # from the beginning of the following line:

#Include conf/extra/httpd-vhosts.conf

Everything else is entered in the file httpd-vhosts.conf, which will be located in the extra folder below the below the folder containing httpd.conf. As mentioned, the method described here will still work.
Security

Version 2.2 also changed some of the default security configuration parameters. To set things up the way you'll need them, you'll need to add the following block to either your httpd.conf file, just above the virtual hosts, or to your httpd-vhosts.conf file:

<Directory "C:\ My Sites ">
Order Deny,Allow
Allow from all
</Directory>

Simple Steps are:

1. Open the vhosts file in the apache folder and create a virtual path and the name which will be map the related folder and the server name for example

<VirtualHost 127.0.0.1>
DocumentRoot "C:\My Sites\Site1"
ServerName original
</VirtualHost>

<VirtualHost 127.0.0.1>
DocumentRoot "C:\My Sites\Site2"
ServerName testing
</VirtualHost>

2. Open 'hosts' file which is present in path "C:\WINNT\system32\drivers\etc\hosts"
add the server name to them. This will tell the apache that both the server
names should be responded For example

127.0.0.1 original
127.0.0.1 testing

Restart the apache server and your done

PHP OOPS - Polymorphism

2010-04-20T07:01:00.000-07:00

What is Polymorphism?
Polymorphism in PHP5 is a technique where the function to be called is detected based on the class object calling it at runtime. The basis of Polymorphism is Inheritance and function overridden.

Example – Basic Polymorphism

class BaseClass
{
public function myMethod()
{
echo "BaseClass method called";
}
}

class DerivedClass extends BaseClass
{
public function myMethod()
{
echo "DerivedClass method called";
}
}

function processClass(BaseClass $c)
{
$c->myMethod();
}

$c = new DerivedClass();
processClass($c);

Output:
DerivedClass method called

Here i am declaring BaseClass and DerivedClass but i am calling the the processClass with the Derived Class Object.

Jooma Events

2010-04-19T13:35:00.000-07:00

The events triggered in Joomla! are:

These are the related methods trigged when a particular event occurs

Authentication

* onAuthenticate

Content

* onPrepareContent
* onAfterDisplayTitle
* onBeforeDisplayContent
* onBeforeContentSave (new in 1.5.4)
* onAfterContentSave (new in 1.5.4)

Editors

* onInit
* onGetContent
* onSetContent
* onSave
* onDisplay
* onGetInsertMethod

Editors XTD (Extended)

* onDisplay

Seach

* onSearch
* onSearchAreas

System

* onAfterInitialise
* onAfterRoute
* onAfterDispatch
* onAfterRender

User

* onLoginUser
* onLoginFailure
* onLogoutUser
* onLogoutFailure
* onBeforeStoreUser
* onAfterStoreUser
* onBeforeDeleteUser
* onAfterDeleteUser

XML-RPC

* onGetWebServices

What is DTD? Types of DTD?

2010-04-19T13:26:00.000-07:00

The doctype declaration should be the very first thing in an HTML document, before the html tag.

The doctype declaration is not an HTML tag; it is an instruction to the web browser about what version of the markup language the page is written in.

The doctype declaration refers to a Document Type Definition (DTD). The DTD specifies the rules for the markup language, so that the browsers can render the content correctly.

Doctypes Available in the W3C Recommendations
HTML 4.01 Strict

This DTD contains all HTML elements and attributes, but does NOT INCLUDE presentational or deprecated elements (like font). Framesets are not allowed.

HTML 4.01 Transitional

This DTD contains all HTML elements and attributes, INCLUDING presentational and deprecated elements (like font). Framesets are not allowed.

HTML 4.01 Frameset

This DTD is equal to HTML 4.01 Transitional, but allows the use of frameset content.

XHTML 1.0 Strict

This DTD contains all HTML elements and attributes, but does NOT INCLUDE presentational or deprecated elements (like font). Framesets are not allowed. The markup must also be written as well-formed XML.

XHTML 1.0 Transitional

This DTD contains all HTML elements and attributes, INCLUDING presentational and deprecated elements (like font). Framesets are not allowed. The markup must also be written as well-formed XML.

XHTML 1.0 Frameset

This DTD is equal to XHTML 1.0 Transitional, but allows the use of frameset content.

What is Http? Types of Headers in HTTP

2010-04-17T06:47:00.000-07:00

The Hypertext Transfer Protocol (HTTP) is an Application Layer protocol for distributed, collaborative, hypermedia information systems.

HTTP is a request-response standard typical of client-server computing. In HTTP, web browsers or spiders typically act as clients, while an application running on the computer hosting the web site acts as a server. The client, which submits HTTP requests, is also referred to as the user agent. The responding server, which stores or creates resources such as HTML files and images, may be called the origin server. In between the user agent and origin server may be several intermediaries, such as proxies, gateways, and tunnels.

HTTP is not constrained in principle to using TCP/IP, although this is its most popular implementation platform. Indeed HTTP can be "implemented on top of any other protocol on the Internet, or on other networks." HTTP only presumes a reliable transport; any protocol that provides such guarantees can be used.

Resources to be accessed by HTTP are identified using Uniform Resource Identifiers (URIs)—or, more specifically, Uniform Resource Locators (URLs)—using the http or https URI schemes.

Requests Headers:
These are the following request headers:
Accept Content-Types that are acceptable
Accept-Charset Character sets that are acceptable
Accept-Encoding Acceptable encodings
Accept-Language Acceptable languages for response
Cache-Control Used to specify directives that MUST be obeyed by all caching
mechanisms along the request/response chain
Content-Type The mime type of the body of the request (used with POST and PUT
requests)
Host The domain name of the server (for virtual hosting), mandatory since
HTTP/1.1
Pragma Implementation-specific headers that may have various effects
anywhere along the request-response chain.

Responses
These are the response headers

Accept Content-Types that are acceptable
Accept-Charset Character sets that are acceptable
Accept-Encoding Acceptable encodings
Accept-Language Acceptable languages for response
Cache-Control Used to specify directives that MUST be obeyed by all caching
mechanisms along the request/response chain
Content-Type The mime type of the body of the request (used with POST and PUT
requests)
Host The domain name of the server (for virtual hosting), mandatory since
HTTP/1.1
Pragma Implementation-specific headers that may have various effects
anywhere along the request-response chain.
WWW-Authenticate Indicates the authentication scheme that should be used to access
the requested entity.
Set-Cookie an HTTP cookie

Send Mail using SMTP Authentication

2010-04-17T06:46:00.000-07:00

Sending Mail from PHP Using SMTP Authentication - Example

require_once "Mail.php";

$from = "Sandra Sender ";
$to = "Ramona Recipient ";
$subject = "Hi!";
$body = "Hi,\n\nHow are you?";

$host = "mail.example.com";
$username = "smtp_username";
$password = "smtp_password";

$headers = array ('From' => $from,
'To' => $to,
'Subject' => $subject);
$smtp = Mail::factory('smtp',
array ('host' => $host,
'auth' => true,
'username' => $username,
'password' => $password));

$mail = $smtp->send($to, $headers, $body);

if (PEAR::isError($mail)) {
echo("
" . $mail->getMessage() . "
");
} else {
echo("Message successfully sent!
");
}
?>

Sending Mail from PHP Using SMTP Authentication and SSL Encryption - Example

require_once "Mail.php";

$from = "Sandra Sender ";
$to = "Ramona Recipient ";
$subject = "Hi!";
$body = "Hi,\n\nHow are you?";

$host = "ssl://mail.example.com";
$port = "465";
$username = "smtp_username";
$password = "smtp_password";

$headers = array ('From' => $from,
'To' => $to,
'Subject' => $subject);
$smtp = Mail::factory('smtp',
array ('host' => $host,
'port' => $port,
'auth' => true,
'username' => $username,
'password' => $password));

$mail = $smtp->send($to, $headers, $body);

if (PEAR::isError($mail)) {
echo("" . $mail->getMessage() . "
");
} else {
echo("Message successfully sent!
");
}
?> Reference URL is http://www.9lessons.info/2009/10/send-mail-using-smtp-and-php.html

Sql Comands DDL , DML ,DCL , TCL

2010-01-20T04:51:00.000-08:00

In Sql(Structured Query Language) we have different type of commands available:

DDL

DDL (Data Definition Language)

These statements are used to define the database structure or schema. Some examples:

* CREATE - to create objects in the database
* ALTER - alters the structure of the database
* DROP - delete objects from the database
* TRUNCATE - remove all records from a table, including all spaces allocated for the records are removed
* COMMENT - add comments to the data dictionary
* RENAME - rename an object

DML

Data Manipulation Language (DML) statements are used for managing data within schema objects. Some examples:

* SELECT - retrieve data from the a database
* INSERT - insert data into a table
* UPDATE - updates existing data within a table
* DELETE - deletes all records from a table, the space for the records remain
* MERGE - UPSERT operation (insert or update)
* CALL - call a PL/SQL or Java subprogram
* EXPLAIN PLAN - explain access path to data
* LOCK TABLE - control concurrency

DCL

Data Control Language (DCL) statements. Some examples:

* GRANT - gives user's access privileges to database
* REVOKE - withdraw access privileges given with the GRANT command

TCL

Transaction Control (TCL) statements are used to manage the changes made by DML statements. It allows statements to be grouped together into logical transactions.

* COMMIT - save work done
* SAVEPOINT - identify a point in a transaction to which you can later roll back
* ROLLBACK - restore database to original since the last COMMIT
* SET TRANSACTION - Change transaction options like isolation level and what rollback segment to use

PHP & MQUERY

2010-01-15T01:40:00.000-08:00

MQUERY

mQuery is a dynamic image generation script written in PHP with heavy bindings to ImageMagick. I insist that anyone be able to use it, which is why I've decided to make available under an open source BSD 2-clause license.

Why

I often found myself having to strugle with the GUIs of a certain pair of industry standard vector and scalar graphics editors to generate relatively simple images, mQuery aims to streamline the generation of images used within CSS to produce complex designs without the need for an editor.

It's not a complete replacement, especially for heavy path-based designs and artwork that requires constant visual feedback, but in most cases a finely crafted URI can produce the same results with much less effort, while minimizing the grunt work that coincides with evolutionary-design to a simple query tweak.

mQuery is arguably even more useful for manipulating images that must be generated dynamically, such as user-submitted photos.

Known Issues

mQuery is currently in pre-alpha. Not ready for production use. Some vital features are not fully implemented. Here is a list of known issues:

* stroke() on groups strokes all subshapes, rather than the collective group.
ImageMagick's stroking is limited to only a center-aligned variable width stroke. To make aligned, offset, inner and outer strokes I composite multiple center strokes of different width together. It's hacky and creates a lot of problems. I should be able to make this work with groups but I will have to rewrite the stroke algorithm when I get the time.
* 1 pixel strokes are too wide or too thin.
Again the stroke() implementation is hacky. I think this is a rounding error in ImageMagick. The only workaround right now is to use decimal widths like 1.1 or 0.9 to get it looking right. I am still debating weather or not to do this number fudging in the implementation.
* Text gets cut off
Apparently some fonts don't respect their bounding box and exceed the clipping region. Please let me know if you have a particular font that does this a lot, as it would help me debug the problem. I attemped to fix this by painting into a buffer 1 pixel too large on each side and correcting if any of the sides were not empty, but it was too slow, and tended to make the resulting font size incredibly small (explains why the fonts do it). I think the best solution may be to allow the overflow and then give text shapes special treatment for painting, but this is complicated and requires some architectural changes. It will also create new corner cases in certain brushes.
* No multiline text
I have to implement this on my side because ImageMagick's implementation is buggy. Different text alignments paint strokes in the wrong position.
* contrast() has a limited range
For some reason this is how ImageMagick is. I might be able to make this work with composition, or if need be an fx expression. It's on the list.
* rotate()
The ImageMagick rotate API doesn't take an origin, so I need to do the math myself and haven't gotten to it yet.

For futher Details Please visit Mquery

Error Handing in PHP

2009-12-24T01:12:00.000-08:00

Here are some of the Error Handling Techniques

It is important to configure PHP's error reporting settings depending on which phase of development the web application is currently in. Generally, the programmer wants to see all warnings and errors in the web browser during the initial phase of development, and later, once the site has launched, send error messages to a log file so that visitors do not see them.
Error Reporting for Development

During development, you want to display all errors and warnings to the browser.

// Report all PHP errors
ini_set('error_reporting', E_ALL);

// Set the display_errors directive to On
ini_set('display_errors', 1);

Error Reporting for Production

In production, you may want to lower the error reporting level and not display errors to the browser.

// Report simple running errors
ini_set('error_reporting', E_ALL ^ E_NOTICE);

// Set the display_errors directive to Off
ini_set('display_errors', 0);

// Log errors to the web server's error log
ini_set('log_errors', 1);

Logging errors

You can use the PHP function error_log() to send errors to your own log file or an e-mail address. This is particularly important since most developers on campus do not have access to the web servers logs. Used in conjunction with a custom error handler, error_log() is especially useful.

// Destinations
define("ADMIN_EMAIL", "test@test.com");
define("LOG_FILE", "/error/errors.log");

// Destination types
define("DEST_EMAIL", "1");
define("DEST_LOGFILE", "3");

/* Examples */

// Send an e-mail to the administrator
error_log("Please fix this!", DEST_EMAIL, ADMIN_EMAIL);

// Write the error to our log file
error_log("Error", DEST_LOGFILE, LOG_FILE);

Create a custom error handler

It is possible to override PHP's default mechanism for handling errors. This option gives the programmer full control over what actions to take when an error is raised. Note that since this method completely replaces PHP's native functionality, it is important to pay special care when writing a custom error handler.

// Destinations
define("ADMIN_EMAIL", "test@test.com");
define("LOG_FILE", "/error/errors.log");

// Destination types
define("DEST_EMAIL", "1");
define("DEST_LOGFILE", "3");

/**
* my_error_handler($errno, $errstr, $errfile, $errline)
*
* Author(s): thanosb, ddonahue
* Date: May 11, 2008
*
* custom error handler
*
* Parameters:
* $errno: Error level
* $errstr: Error message
* $errfile: File in which the error was raised
* $errline: Line at which the error occurred
*/

function my_error_handler($errno, $errstr, $errfile, $errline)
{
switch ($errno) {
case E_USER_ERROR:
// Send an e-mail to the administrator
error_log("Error: $errstr \n Fatal error on line $errline in file $errfile \n", DEST_EMAIL, ADMIN_EMAIL);

// Write the error to our log file
error_log("Error: $errstr \n Fatal error on line $errline in file $errfile \n", DEST_LOGFILE, LOG_FILE);
break;

case E_USER_WARNING:
// Write the error to our log file
error_log("Warning: $errstr \n in $errfile on line $errline \n", DEST_LOGFILE, LOG_FILE);
break;

case E_USER_NOTICE:
// Write the error to our log file
error_log("Notice: $errstr \n in $errfile on line $errline \n", DEST_LOGFILE, LOG_FILE);
break;

default:
// Write the error to our log file
error_log("Unknown error [#$errno]: $errstr \n in $errfile on line $errline \n", DEST_LOGFILE, LOG_FILE);
break;
}

// Don't execute PHP's internal error handler
return TRUE;
}

// Use set_error_handler() to tell PHP to use our method
$old_error_handler = set_error_handler("my_error_handler");

Error Report levels

These error report levels are the different types of error the user-defined error handler can be used for:
Value Constant Description
2 E_WARNING Non-fatal run-time errors. Execution of the script is not halted
8 E_NOTICE Run-time notices. The script found something that might be an error, but could also happen when running a script normally
256 E_USER_ERROR Fatal user-generated error. This is like an E_ERROR set by the programmer using the PHP function trigger_error()
512 E_USER_WARNING Non-fatal user-generated warning. This is like an E_WARNING set by the programmer using the PHP function trigger_error()
1024 E_USER_NOTICE User-generated notice. This is like an E_NOTICE set by the programmer using the PHP function trigger_error()
4096 E_RECOVERABLE_ERROR Catchable fatal error. This is like an E_ERROR but can be caught by a user defined handle (see also set_error_handler())
8191 E_ALL All errors and warnings, except level E_STRICT (E_STRICT will be part of E_ALL as of PHP 6.0)

Curl Setting in PHP

2009-12-07T05:33:00.000-08:00

Below are the steps to configure the CURL option

1. Locate XAMPP install directory
2. open php/php.ini (probably C:\xampp\php\php.ini
or C:\ program files\apachefriends\xampp\php\php.ini)
3. do a search for the word ‘curl’ and uncomment (remove the leading semicolon) that line
before removing ;extension=php_curl.dll
after removing: extension=php_curl.dll
4. save & close
5. open apache/bin/php.ini (probably C:\xampp\apache\php.ini
or C:\ program files\apachefriends\xampp\apache\php.ini)
6. search for curl, uncomment as before (step 3)
7. save & close
8. Do not forget!javascript:void(0) restart apache

Using SimpleXML To Read & Parse XML in PHP

2009-10-12T03:56:00.000-07:00

Using PHP we can read and execute the XML files. We can use the XML files to store the information as we do with the database.

PHP provides all the methods needed for the reading, writing and executing the XML files.Before that we need to know the XML.

An XML document comprises elements, attributes, processing instructions, comments, and entities

Element: Text delimited by an opening and a closing tag. A tag is a name enclosed within angle brackets.

Attribute: A piece of qualifying information for an element. An attribute consists of a name, an equals sign, and an attribute value delimited by either single-quotes or double-quotes.

Processing instruction: The software that is reading an XML document is referred to as a processor. A processing instruction is additional information embedded in the document to inform the processor and possibly change its behaviour.

Comment: An XML comment begins with the characters: less-than, exclamation mark, minus, minus; and ends with the characters: minus, minus, greater-than. Any text within a comment is intended for a human reader and is ignored by the processor.

Entity: An entity is a compact form that represents other text. Entities are used to specify problematic characters and to include slabs of text defined elsewhere. An entity reference consists of an ampersand, a name, and a semi-colon.

A simple XML file we will

<?xml version="1.0" encoding="utf-8" ?>

<people title="students"
>

<name1> student name 1
</name1>

<name2> student name 2
</name2>

<name3> student name 3
</name3>

</people>

Steps for reading this simple XML file is:

$xml = simplexml_load_file('names.xml');
This step will load the xml files. It Interprets an XML file into an object.Returns an object of class SimpleXMLElement with properties containing the data held within the XML document. On errors, it will return FALSE.

To read the data from the simple xml file we write code as
$xml = simplexml_load_file('names.xml');
print $xml->name1;
# Seperates outputs (easier to read & understand)
print "

";
# You call an attribute just like you would with an array: $array['arrayname/number']
print $xml['title'];

outputs : student name 1 ## Title output is -- name1

For an XML with multiple Items we write code as

<?xml version="1.0" encoding="utf-8" ?>
<student title="students">

<item id="1">
<name>
<first>ram</first>
<last>test</last>
</name>
<ageᡢ</age>
</item>

<item id="2">
<name>
<first>prince</first>
<last>kumar</last>
</name>
<ageᡃ </item>

<item id="3">
<name>
<first>raju</first>
<last>ramesh</last>
</name>
<ageᡍ</age>
</item>

</student>

# Load the test.xml file
$xml = simplexml_load_file('test.xml');
# Start a foreach loop. Translation: for every in the xml file put it into the var $item.
# now the $item can display all the elements inside the
foreach($xml->item as $item) {
# These three print's will display the attribute of the (ID), display the first and last name joined together
# and then the age. The
and

are for spacing out the results
print "ID: " . $item['id'] . "
";
print "Name: " . $item->name->first . " " . $item->name->last . "
";
print "Age: " . $item->age . "

";
}

If we want to provide the conditions when executing the XML files then the code will be

# Load the test.xml file
$xml = simplexml_load_file('test.xml');
# Start a foreach loop. Translation: for every in the xml file put it into the var $item.
# now the $item can display all the elements inside the
foreach($xml->item as $item) {
$age = $item->age;
if ($age >= 10) {
if ($age <= 21) {
# These three print's will display the attribute of the (ID), display the first and last name joined together
# and then the age. The
and

are for spacing out the results
print "ID: " . $item['id'] . "
";
print "Name: " . $item->name->first . " " . $item->name->last . "
";
print "Age: " . $item->age . "

";
}
}
}

Download functionality in PHP

2009-10-05T05:09:00.000-07:00

The common usable component in any of the website is to provide the user with the download option. when providing the download option we cannot restrict the user with one the specific type like doc or ppt or pdf... We need to provide the most convenient way to the user so that the user can easily download the files.

Below is such script where we can have the multiple options provided.

$filename is the file name which we want to download

$file_extension = strtolower(substr(strrchr($filename,"."),1));

$folderpath="foldername/".$filename;

if( $filename == "" )
{
echo "No File Found";
exit;
} elseif ( ! file_exists( $folderpath ) )
{
echo "File Not Found";
exit;
};

// If file exits then it is ready for download.

switch( $file_extension )
{
case "pdf": $ctype="application/pdf"; break;
case "exe": $ctype="application/octet-stream"; break;
case "zip": $ctype="application/zip"; break;
case "doc": $ctype="application/msword"; break;
case "xls": $ctype="application/vnd.ms-excel"; break;
case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
case "gif": $ctype="image/gif"; break;
case "png": $ctype="image/png"; break;
case "jpeg":
case "jpg": $ctype="image/jpg"; break;
default: $ctype="application/force-download";
}

// Decides the header... which type if download you are providing to the user.

header("Pragma: public"); // required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false); // required for certain browsers
header("Content-Type: $ctype");
// change, added quotes to allow spaces in filenames, by Rajkumar Singh
header("Content-Disposition: attachment; filename=\"".basename($filename)."\";" );
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($filename));
readfile("$folderpath");
exit();

Copy the above code if you want to download any type of the file in the given options

Php Arrays

2009-09-25T02:39:00.000-07:00

An array is a data structure that stores one or more values in a single value.An array in PHP is actually an ordered map. A map is a type that associates values to keys. This type is optimized for several different uses; it can be treated as an array, list (vector), hash table (an implementation of a map), dictionary, collection, stack, queue, and probably more. As array values can be other arrays, trees and multidimensional arrays are also possible

Each element in the array has its own index so that it can be easily accessed.

In PHP, there are three kind of arrays:

* Numeric array - An array with a numeric index
* Associative array - An array where each ID key is associated with a value
* Multidimensional array - An array containing one or more arrays

Numeric array
A numeric array stores each array element with a numeric index.

Example:

General:
$example=array("abc",123,"xyz","test");

In the following example we assign the index manually:
$example[0]="abc";
$example[1]=123;
$example[2]="xyz";
$example[3]="test";

we call the Indexed array as
echo $example[0] . " and " . $example[1] ;

or

foreach ($example as $i => $value) {
echo $value;
}

Associative Array
An associative array, each ID key is associated with a value.

Initializing an Associative Array

The following code creates an associative array with product names as keys and prices as values.

$prices = array( 'test1'=>100,
'test2'=>10, 'test3'=>4,'test4'=>5 );

There are different ways we can initialize the associative array

$prices = array( 'test1'=>100 );
$prices['test2'] = 10;
$prices['test3'] = 4;

Using Loops with Associative Arrays
Because the indices in this associative array are not numbers, we cannot use a simple counter in a for loop to work with the array. We can use the foreach loop or the list() and each() constructs.

The foreach loop has a slightly different structure when using associative arrays. We can use it exactly as we did in the previous example, or we can incorporate the keys as well:

foreach ($prices as $key => $value)
echo $key.'=>'.$value.'
';

The following code lists the contents of our $prices array using the each() construct:

while( $element = each( $prices ) )
{
echo $element[ 'key' ];
echo ' - ';
echo $element[ 'value' ];
echo '
';
}

Some of the Usefull methods are:

$b = array_values($a);

This will assign the the array a to the b and b will be considered as a array.

unset($arr[5]);
This will removes the particular element in the array

Why File Upload Forms are a major security threat part2

2009-09-11T04:55:00.000-07:00

Case 4: Double extensions (part 1)

This case’s security measures, as a concept are very similar to that one used in case 3. Though instead of simply checking the extension string present in the filename, the developer is extracting the file extension by looking for the ‘.’ character in the filename, and extracting the string after the dot character.

The method used to bypass this approach is a bit more complicated, but still realistic. First, let’s have a look at how Apache handles files with multiple extensions. A quote from the Apache manual states:

“Files can have more than one extension, and the order of the extensions is normally irrelevant. For example, if the file welcome.html.fr maps onto content type text/html and language French then the file welcome.fr.html will map onto exactly the same information. If more than one extension is given which maps onto the same type of meta-information, then the one to the right will be used, except for languages and content encodings. For example, if .gif maps to the MIME-type image/gif and .html maps to the MIME-type text/html, then the file welcome.gif.html will be associated with the MIME-type text/html.”

Therefore a file named ‘filename.php.123’, will be interpreted as a PHP file and will be executed. This only works if the last extension (in our case .123), is not specified in the list of mime-types known to the web server. Web developers, usually are not aware of such ‘feature’ in Apache, which can be very dangerous for a number of reasons. Knowing this, an attacker can upload a file named shell.php.123 and bypass the file upload form protection. The script will compute the last extension (.123), and concludes that this extension is not in the list of dangerous extension. Having said that, it is impossible to predict all the possible random extensions a malicious user will use to be able to upload a file on your web server.

Case 5: Double extensions (part 2)

A better approach to securing file upload forms is the white list approach. In this case, the developer defines a list of known/accepted extensions and does not allow extensions that are not specified in the list.

However, in some cases this approach will not work as expected. When Apache is configured to execute PHP code, there are 2 ways one can specify this: to use the AddHandler directive, or to use the AddType directive. If AddHandler directive is used, all filenames containing the ‘.php’ extension (e.g. ‘.php’, ‘.php.jpg’) will be executed as a PHP script. Therefore, if your Apache configuration file contains the following line, you may be vulnerable:

AddHandler php5-script .php

An attacker can upload a file named ‘filename.php.jpg’ and bypass the protection, and will be able to execute the code.

Case 6: Checking the image header

When images only are allowed to be uploaded, developers usually validate the image header by using the PHP function called getimagesize. When called, this function will return the size of an image. If the image validation is invalid, which means that the header is incorrect, the function will return a false. Therefore a developer typically checks if the function returns a true or false, and validate the uploaded file using this information. So, if a malicious user tries to upload a simple PHP shell embedded in a jpg file, the function will return false and he won’t be allowed to upload the file. However, even this approach can be easily bypassed. If a picture is opened in an image editor, like Gimp, one can edit the image comment, where PHP code is inserted, as shown below.

The image will still have a valid header; therefore it bypasses the getimagesize PHP check. As seen in the screen shot below, the PHP code inserted in the image comments still gets executed when the image is requested from a normal web browser:

Case 7: Protecting the upload folder with .htaccess

Another popular way of securing file upload forms, is to protect the folder where the files are uploaded using .htaccess file. The idea is to restrict execution of script files in this folder. A .htaccess file typically contains the below code when used in this kind of scenario:

AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi
Options –ExecCGI

The above is another type of blacklist approach, which in itself is not very secure. In the PHP manual, in the move_uploaded_file section, there is a warning which states ‘If the destination file already exists, it will be overwritten.’

Because uploaded files can and will overwrite the existing ones, a malicious user can easily replace the .htaccess file with his own modified version. This will allows him to execute specific scripts which can help him compromise the server.

Case 8: Client-side validation

Another common type of security used in file upload forms, is client-side validation of files to be uploaded. Typically, such approach is more common in ASP.NET applications, since ASP.NET offers easy to use validation controls.
A malicious user can easily bypass this type of validation. It is possible to write a short client side script that will do the validation instead of the script provided by the web application. Without using a web browser, the attacker can use an application that allows sending of HTTP POST requests to be able to upload the file.

Suggested Solution

Below is a list of best practices that should be enforced when file uploads are allowed on websites and web applications. These practices will help you securing file upload forms used in web applications;

*
Define a .htaccess file that will only allow access to files with allowed extensions.
*
Do not place the .htaccess file in the same directory where the uploaded files will be stored. It should be placed in the parent directory.
*
A typical .htaccess which allows only gif, jpg, jpeg and png files should include the following (adapt it for your own need). This will also prevent double extension attacks.

deny from all

<Files ~ "^\w+\.(gif|jpe?g|png)$">

order deny,allow

allow from all

</Files>

*
If possible, upload the files in a directory outside the server root.
*
Prevent overwriting of existing files (to prevent the .htaccess overwrite attack).
*
Create a list of accepted mime-types (map extensions from these mime types).
*
Generate a random file name and add the previously generated extension.
*
Don’t rely on client-side validation only, since it is not enough. Ideally one should have both server-side and client-side validation implemented.

Why File Upload Forms are a major security threat

2009-09-10T04:24:00.000-07:00

To allow an end user to upload files to your website, is like opening another door for a malicious user to compromise your server. Even though, in today’s modern internet web applications, it is a common requirement, because it helps in increasing your business efficiency. File uploads are allowed in social network web applications, such as Facebook and Twitter. They are also allowed in blogs, forums, e-banking sites, YouTube and also in corporate support portals, to give the opportunity to the end user to efficiently share files with corporate employees.

Users are allowed to upload images, videos, avatars and many other types of files.
The more functionality provided to the end user, the greater is the risk of having a vulnerable web application and the chance that such functionality will be abused from malicious users, to gain access to a specific website, or to compromise a server is very high.

While testing several web applications, we noticed that a good number of well known web applications, do not have secure file upload forms. Some of these vulnerabilities were easily exploited, and we could gain access to the file system of the server hosting these web applications. In this whitepaper, we present you with 8 common ways we encountered of securing file upload forms. We also show how a malicious user, can easily bypass such security measures.

Below are the sample cases:

Case 1: Simple file upload form with no validation

<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" />
<input type="submit" value="Upload File" />
</form>

we use php code for saving the uploaded file is
* $_FILES[‘uploadedfile’][‘name’]: The original name of the file on the client machine
* $_FILES[‘uploadedfile’][‘type’]: The mime type of the file
* $_FILES[‘uploadedfile’][‘size’]: The size of the file in bytes
* $_FILES[‘uploadedfile’][‘tmp_name’]: The temporary filename in which the uploaded file was stored on the server.

In this simple example, there are no restrictions about the type of files allowed for upload and therefore an attacker can upload a PHP or .NET file with malicious code that can lead to a server compromise.

This might look like a naïve example, but we did encounter such code in a number of web applications.

Case 2: Mime Type validation

Another common mistake web developers do when securing file upload forms, is to only check for mime type returned from PHP. When a file is uploaded to the server, PHP will set the variable $_FILES[‘uploadedfile’][‘type’] to the mime-type provided by the web browser the client is using. However, a file upload form validation cannot depend on this value only. A malicious user can easily upload files using a script or some other automated application that allows sending of HTTP POST requests, which allow him to send a fake mime-type.

Case 3: Block dangerous extensions

In other cases, we encountered file upload forms using a blacklist approach, as a security measure. A list of dangerous extensions is compiled from the developer, and the access is denied if the extension of the file being uploaded is on the compiled list.

One main disadvantage of using black listing of file extensions, is that it is almost impossible to compile a list that includes all possible extensions that an attacker can use. E.g. If the code is running in a hosted environment, usually such environments allow a large number of scripting languages, such as Perl, Python, Ruby etc, and the list can be endless.

A malicious user can easily bypass such check by uploading a file called “.htaccess”, which contains a line of code similar to the below:

AddType application/x-httpd-php .jpg

The above line of code, instructs Apache web server to execute jpg images as if they were PHP scripts. The attacker can now upload a file with a jpg extension, which contains PHP code. As seen in the screen shot below, requesting a jpg file which includes the PHP command phpinfo() from a web browser, it is still executed from the web server:

Source taken from http://www.acunetix.com

New features in PHP 5.3 & Improvements in Object oriented concepts

2009-09-08T01:41:00.001-07:00

Late static binding

One of the more annoying things about PHP before V5.3 is how static methods and members are dealt with. Up until now, static references, such as those made with self or __CLASS__, are resolved in the class scope in which the function was defined. The problem is that the reference would be incorrect if the class was extended and the call was made from the new child class. Late static binding has been added in PHP V5.3 to alleviate this problem. To better illustrate, let's create a class with a static method below.

Class Foo with static method test()

class Foo
{
protected static $name = 'Foo';

public static function test()
{
return self::$name;
}
}

Let's extend this class. We'll redefine the member $name in this child class.

Child class Bar that extends parent class Foo

class Bar extends Foo
{
protected static $name = 'Bar';
}

We make the static call below example.

Static method call test()

echo Bar::test();

What is output from that call would be the string Foo. This is because the self::$name reference made in the test() method is done with the Foo class. The binding occurs this way because this is where the function is defined.

PHP V5.3 has added the keyword static to allow you to make a reference against the current class. So you will change the Foo class above to use this keyword in next example, and we'll see that Bar will instead be output.

Using the static keyword

class Foo
{
protected static $name = 'Foo';

public static function test()
{
return static::$name;
}
}

class Bar
{
protected static $name = 'Bar';
}

echo Bar::test(); // outputs 'Bar'

One thing to note about the static keyword is that it doesn't work the same as how this works in the nonstatic context. This means that the normal inheritance rules do not apply to static calls. The static keyword will simply try to resolve the call in the current class instead of the class the function was defined in. This is an important thing to note.

Now that we have seen some enhancements with static methods and members, let's take a look at some new classes added to a very useful part of PHP V5: the Standard PHP Library.

Standard PHP Library

The Standard PHP Library (SPL) is a collection of interfaces and classes added in PHP V5 designed to solve standard problems. These problems include having an object be iterateable, letting an object behave as if it was an array, or implementing a linked list. The advantage of using these classes and methods is that they are native to PHP, which means they are faster than if they were implemented in PHP itself. They also, in many instances, allow many of the internal functions of PHP to use these objects directly, such as how the Iterator interface allows you to use the foreach construct to iterate over the object.

PHP V5.3 adds a few more classes to SPL. One we referenced earlier is the implementation of a doubly linked list in the SPL class SplDoublyLinkedList. It is used by two other new SPL classes: SplStack, which implements a stack, and SplQueue, which implements a queue.

Let's take a look at how you can use the SplStack class to implement a stack.

Using SplStack

$stack = new SplStack();

// push a few new items on the stack
$stack->push('a');
$stack->push('b');
$stack->push('c');

// see how many items are on the stack
echo count($stack); // returns 3

// iterate over the items in the stack
foreach ( $stack as $item )
echo "[$item],";
// the above outputs: [c],[b],[a]

// pop an item off the stack
echo $stack->pop(); // returns 'c'

// now see how many items are on the stack
echo count($stack); // returns 2

The SqlQueue works in a similar fashion, but it works like a queue would (first item in, first item out; instead of last item in, first item out, like the stack). In addition, a heap implementation exists (SplHeap), as well as specific queue and heap implementations for certain situations (SplMinHeap, SplMaxHeap, and SplPriorityQueue).

Another useful addition is the SplFixedArray class, which, as the name implies, is a fixed-size array implementation. It is, however, rather fast — actually so fast that it's been benchmarked to be 10-30 percent faster than the built-in array implementation in PHP. This speedup is due to the fact that the array is a fixed size, not a variable-sized one like the default PHP one is, and that non-numeric indexes are not allowed. Listing 10 shows how it's used.

SplFixedArray

$array = new SplFixedArray(3);
$array[0] = 'dog';
$array[1] = 'cat';
$array[2] = 'bird';
$a->setSize(4); // increase the size on the fly
$array[3] = 'mouse';
foreach ( $array as $value )
echo "[$value],";

Output:
[dog],[cat],[bird],[mouse]

In addition, a few new iterator classes have been added: FilesystemIterator and GlobIterator. These work the same as the other iterator classes in PHP, but they are specially designed for certain instances.

One other change with SPL is that it is always enabled now in PHP V5.3. In previous versions of PHP V5, you could disable SPL at compile time, but as of PHP V5.3, this is no longer possible.

The new additions to SPL add some useful functionality to PHP that is easy to use, as well as implementations of data structures, such as doubly linked lists, stacks, heaps, and queues. These classes can be used to replace user space implementations you may have, which will gain increased speed and better integration with various PHP functions and constructs.

Now that we have seen some new additions to SPL, let's see how OOP in PHP V5.3 has gained an important performance and memory usage improvement with the addition of circular garbage collection.

Circular garbage collection

One problem PHP developers run into from a performance standpoint is garbage collection. PHP has a pretty simple garbage collector, which basically will garbage collect an object when it no longer is in scope. The way it does this internally is by using a reference counter, so that when the counter reaches zero (meaning no more references to this object are available), the object will be garbage collected and expunged from memory.

This works fairly well, but can become a problem in situations where one object references another in a parent-child relationship. In this situation, the reference counter for those object are not collected, so the memory used by these objects stays in unreferenced memory and is not unallocated until the end of the request. Let's take a look at an example of when this problem occurs.

Parent-child class relationship not properly garbage collected in PHP V5.2 and earlier

class Parent
{
public function __construct()
{
$this->child = new Child($this);
}
}

class Child
{
public function __construct(
Parent $parent
)
{
$this->parent = $parent;
}
}

In this instance, every time you create an instance of the Parent class and then subsequently the instance goes out of scope, the memory is never released, so the script will grow and grow in memory usage. There are a few user space solutions to this problem, such as creating a destructor for the parent class that will release the child object directly. This destructor would have to be called specifically before unsetting the parent class reference. While doing all of this works, it complicates your code quite a bit.

In PHP V5.3, the garbage collector will detect these circular references and is able to free up the memory used by them, so the PHP memory usage will remain flat as the script is executed. As each reference to the Parent class is removed, the Child class reference inside the Parent class will also be garbage collected.