Archive

Archive for the ‘magento freelancer india’ Category

Choosing An Effective Web Design Company / Freelancer

December 7, 2011 1 comment

 

Web Design Company

As much as the web designing process is itself a complicated one, choosing the right web design company is also very challenging. You need to take a few things into account before you can start off with the search for the right Web Design Company.

In choosing the web Design Company the first step is to look for the most reputable companies through sources and authentic information. 

It is recommended to inquire in your network of contacts related to this business that have had the exposure and experience with a web developer which was worth repeating when in need. A personal experience matters a lot. For the search of potential web designer companies, even the internet, and the news papers can shortlist the worthy ones.


Information Technology Jobs

CakePHP – Import a Controller using App::import()

October 8, 2011 Leave a comment

Hi All,

Have you ever use controller inside another controller(two controllers) in CakePHP ? If you are looking for the same thing, you are at the right place. I was working with CakePHP and i need to use a member info method of member controller in order controller(two controller in CakePHP). Instead of writing a code again in order controller, i searched for using controller inside controller. This can be easily done using App::import method of CakePHP.

App::import('Controller', 'Members');
class OrdersController extends AppController {
    var $Members;
    function beforeFilter() {
        $this->Members =& new MembersController; // Loads the class
        $this->Members->constructClasses(); // Loads the model associations, components, etc. of the Members controller
    }
    function index() {
        $this->Members->memberinfo();
    }
}

 


										

Using regular expressions to extract content – php extract texts from html content

October 3, 2011 Leave a comment

PHP provides a number of really neat regular expression functions. You can find the list of the regex function at the PHP site.

But the one that I’ve had most fun with is the preg_match_all() function which I’ve been using to do content extraction from an HTML page.

I’m not going to explain what Regular Expression (regex) is in this post. There are whole books on just this one topic along; I would be crazy to think I can explain it all in just a few paragraphs. But in order for you to understand how to use the regex functions you need to have a basic understanding of regular expressions.

If you think back to your childhood days, you would remember a toy that you can match holes with shapes with the corresponding blocks – like the picture here. Well, regular expressions is very much like that toy, but instead you have define your own ’shape’ (or pattern as it’s known) and apply your content to it. Any text that matches the pattern will ‘fall’ through it.

Let’s say you have a block of text like below and you want to extract out the all links from, you can use preg_match_all to do just that.

$content = "He's goin' everywhere,
<a href=\"http://www.bjmckay.com\">B.J. McKay</a> and his
best friend Bear. Rollin' down to
<a href=\"http://www.dallas.net\">Dallas</a>, who's providin'
my palace, off to New Orleans or who knows where."

The pattern you want to look for would be the link anchor pattern, like 
<a href=”(something)”>(something)</a>. The actual regular expression might look something like
Once you have your pattern you apply the $content and $regex_pattern to preg_match_all() like this

$regex_pattern = "/<a href=\"(.*)\">(.*)<\/a>/";

Once you have your pattern you apply the $content and $regex_pattern to preg_match_all() like this
preg_match_all($regex_pattern,$content,$matches);
print_r($matches);

preg_match_all will store all the matches into the array $matches, so if you output the array, 
you’ll see something like this.
---------
Array
(
    [0] => Array
        (
            [0] => <a href="http://www.bjmckay.com">B.J. McKay</a>
            [1] => <a href="http://www.dallas.net">Dallas</a>
        )

    [1] => Array
        (
            [0] => http://www.bjmckay.com
            [1] => http://www.dallas.net
        )

    [2] => Array
        (
            [0] => B.J. McKay
            [1] => Dallas
        )
)
---------

From this array, $matches, you should be able to loop through and get the information you need.

I hope this has been useful to you. I know it doesn’t cover all the things this function can do, but for first-timers, it should be a simple look at a very powerful PHP function.

Incidently, PHP also provides the function preg_match(). The difference is preg_match() only matches a single instance of the pattern, whereas preg_match_all() tries to find all matching instances within the content.

Contact:

bhavinrana07[@]gmail.com

Categories: CakePHP, CakePHP Developer India, freelance developer, Freelance PHP Developer, Freelance PHP Programmer, Freelance Programmer India, Freelance web developer, Hire Dedicated Programmer, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, india web development, iphone developer, JavaScript, joomla, joomla customization india, Joomla Developer, joomla developer india, jquery, Magento, magento freelancer india, mysql, open sources developer india, oscommerce Customization, php, PHP Developer, PHP Developer India, PHP Development, PHP Freelance, PHP Freelancer, PHP Freelancer India, php freelancing india, Php programming, web design india, web designer, web designer india, Web Developement Company USA, web developer, web developer ahemdabad india, wordpress, Wordpress Blog Developer, Wordpress Customization Services, Wordpress Developer, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india, x-cart Tags: , , , , , , , , , , , , , , , , , , ,

Hardening Your Web Application Against SQL Injections

October 2, 2011 Leave a comment

[The information provided is for educationally purposes only and not to be used for malicious use]

Hi All,

Before digging what actually SQL Injection is, let me explain you what is SQL it self.

What is SQL?

Structured Query Language (SQL) is a specialized programming language for sending queries to databases. Most small and industrial- strength database applications can be accessed using SQL statements. SQL is both an ANSI and an ISO standard. However, many database products supporting SQL do so with proprietary extensions to the standard language. Web applications may use user-supplied input to create custom SQL statements for dynamic web page requests.

What is SQL Injection?

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of a web application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

“SQL Injection” is subset of the unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

Many organization’s web servers has been compromised just because of SQL Injections, including big names which I would not like to mention here, you can search it easily on Internet.

What is Blind SQL Injection?

This particular type of attack is called a blind SQL injection attack, because the attacker cannot take advantage of detailed error messages from the server or other sources of information about the application. Getting the SQL syntax right is usually the trickiest part of the blind SQL injection process and may require a lot of trial and error. But, by adding more conditions to the SQL statement and evaluating the Web application’s output, an attacker will eventually determine whether the application is vulnerable to SQL injection.

Blind SQL injection a special case that plays on the web developers or website owners sense of security. While they may think that everything on the server is tightly guarded a Blind SQL injection attack will silently be playing truth or consequences with the web server. This type of attack though very time consuming is one that provides the most potentially damaging security hole. This is because an attacker gets not only access but is provided with an enormous amount of knowledge about the database and can potentially gain access to a servers file system. This type of attack is one that is automated and requires good amount of setup to succeed. But once it is done it does not require a great deal of effort to repeat.

What is Error message SQL Injection?

Web applications commonly use SQL queries with client-supplied input in the WHERE clause to retrieve data from a database. When a Web application executes such queries without validating or scanning the user-supplied data to ensure it’s not harmful, a SQL injection attack can occur. By sending unexpected data, an attacker can generate and submit SQL queries to a web applications database. A test for SQL injection vulnerabilities takes place by sending the application data that generates an invalid SQL query. If the server returns an error message, that information can be used to try to gain uncontrolled access to the database. This is the basis of one of the most popular SQL injection attacks.

Hiding error messages does not stop the SQL injection attack. What typically happens is the attacker will use the knowledge gained from the failure of this attack to change tactics. What they turn to is blind SQL injection.

Why SQL Injection?

When a web application fails to properly sanitize user-supplied input, it is possible for an attacker to alter the construction of backend SQL statements. When an attacker is able to modify a SQL statement, the process will run with the same permissions as the component that executed the command. (E.g. Database server, Web application server, Web server, etc.). The impact of this attack can allow attackers to gain total control of the database or even execute commands on the system.

 

Contact : 

bhavinrana07[@]gmail.com

Categories: CakePHP, CakePHP Developer India, drupal freelancer india, freelance developer, Freelance PHP Developer, Freelance PHP Programmer, Freelance Programmer India, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, Hire Web developer, india web development, iphone application developer, iphone developer, JavaScript, joomla, joomla customization india, Joomla Developer, joomla developer india, joomla freelancer india, jquery, Magento, magento freelancer india, mysql, oscommerce Customization, oscommerce developer, php, PHP Developer, PHP Developer India, PHP Development, PHP Freelancer India, Php programming, SQL, Web Developement Company USA, web developer, web developer ahemdabad india, web developer india, Web development India, wordpress, Wordpress Blog Developer, Wordpress Customization Services, Wordpress Developer, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india, x-cart Tags: , , , , , , , , , , , , , , , , , , , , ,
%d bloggers like this: