Archive

Archive for the ‘Web development India’ Category

CodeIgniter – Extending the native ‘Model’ and make it your own.

October 3, 2011 Leave a comment

Hi All,

Today I took advantage of CodeIgniter’s ability to extend the native libraries, and I was well satisfied that it just works.

Codeigniter Development India

Let me elaborate, I’m in the process of creating models for my CI project, and realized that certain functions within the models were getting repetitive. Using CI’s ability to create my own custom libraries, I was able to create my own custom ‘Model’ which extends from the core ‘Model’ object. How this simple architecture has cleaned up my code is simply remarkable.

So read on…

CI has some pretty great documentation to get a beginner CI coder up to speed. In the case of using models, the docs says you need to extend from the CI’s core ‘Model’ object.Typically the code will be something like this:

—–

class Model_name extends Model {
	function Model_name() {
		parent::Model();
	}
}
-----
Given that Models are generally library functions to your database, certain 
functions like create,  read, update and delete would be common across all models.
 In which case the code will probably  start to look like this:
------
class Model_name extends Model {

	function Model_name() {
		parent::Model();
	}

	function create() {
		//do insert data into database
	}

	function read() {
		//do get data into database
	}

	function update() {
		//do update data into database
	}

	function delete() {
		//do delete data from database
	}
}
------

Imagine having to repeatedly write (opps, cut-and-paste) that same 4 (or more) functions to every model you create. A better way would be to consolidate those functions into a parent Model, and your models inherit from the parent their ability to create, read, update and delete.

One way you can do this is to just edit and insert these functions into CI’s native Model code which you can find in system/libraries/Model.php. But when it comes to upgrading the core when a new version is released, you may end up overriding those changes you need.

A much better way is to create your own model object called MY_Model and inherit it’s capabilities from the core Model. (Do note that ‘MY_’ is the default prefix set in CI for extending native libraries, but the prefix can be changed. Read the docs.)

This is how you do it, you create a new php file, MY_Model.php in the applications/libraries/folder. The code for MY_Model would look something like this:

——–

class MY_Model extends Model {

	function MY_Model() {
		parent::Model();
	}
	function create() {
		//do insert data into database
	}

	function read() {
		//do get data into database
	}

	function update() {
		//do update data into database
	}

	function delete() {
		//do delete data from database
	}
}
--------
Now, within your models at applications/models folder, you would do something like this:
class Model_name extends MY_Model {
	function Model_name() {
		parent::MY_Model();
	}
}

And within your controllers at applications/controllers folder, you would be able to access 
the common functions of create, read, update and delete as you would normally.
------
class Blogs extends Controller {
	function view() {
		$this->Model_name->read();
	}
}
------

And that’s it. I know it’s very skeletal, but it should give you some ideas on how to proceed to extend the native core libraries CI comes with. Of course, this method doesn’t just apply to ‘Model’, you can extend any of the CI core objects. The CI docs have a good intro to extending the native library.

Also, I would like to give a nod to Emram at PHPFour for his Extended Model for CodeIgniter which basically incorporates CakePHP-like model capabilities into the CI Model.

Do bear in mind his method is to replace the system/libraries/Model.php file which is not recommended, for reasons I mentioned before. However, you should be able to incorporate his work by extending from the native library.

Contact:

bhavinran07[@]gmail.com

Advertisements
Categories: CakePHP, CakePHP Developer India, freelance developer, Freelance PHP Developer, Freelance PHP Programmer, Freelance Programmer India, Hire Dedicated Programmer, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, iphone developer, JavaScript, joomla, joomla customization india, Joomla Developer, joomla developer india, joomla freelancer india, jquery, mysql, open sources developer india, oscommerce Customization, oscommerce developer, php, PHP Development, PHP Freelance, PHP Freelancer, PHP Freelancer India, php freelancing india, php freelancing india mumbai, Php programming, web designer, web designer india, Web Developement Company USA, web developer, web developer ahemdabad india, web developer india, Web development India, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india Tags: , , , , , , , , , , , , , , , , , , , , , ,

Hardening Your Web Application Against SQL Injections

October 2, 2011 Leave a comment

[The information provided is for educationally purposes only and not to be used for malicious use]

Hi All,

Before digging what actually SQL Injection is, let me explain you what is SQL it self.

What is SQL?

Structured Query Language (SQL) is a specialized programming language for sending queries to databases. Most small and industrial- strength database applications can be accessed using SQL statements. SQL is both an ANSI and an ISO standard. However, many database products supporting SQL do so with proprietary extensions to the standard language. Web applications may use user-supplied input to create custom SQL statements for dynamic web page requests.

What is SQL Injection?

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of a web application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

“SQL Injection” is subset of the unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

Many organization’s web servers has been compromised just because of SQL Injections, including big names which I would not like to mention here, you can search it easily on Internet.

What is Blind SQL Injection?

This particular type of attack is called a blind SQL injection attack, because the attacker cannot take advantage of detailed error messages from the server or other sources of information about the application. Getting the SQL syntax right is usually the trickiest part of the blind SQL injection process and may require a lot of trial and error. But, by adding more conditions to the SQL statement and evaluating the Web application’s output, an attacker will eventually determine whether the application is vulnerable to SQL injection.

Blind SQL injection a special case that plays on the web developers or website owners sense of security. While they may think that everything on the server is tightly guarded a Blind SQL injection attack will silently be playing truth or consequences with the web server. This type of attack though very time consuming is one that provides the most potentially damaging security hole. This is because an attacker gets not only access but is provided with an enormous amount of knowledge about the database and can potentially gain access to a servers file system. This type of attack is one that is automated and requires good amount of setup to succeed. But once it is done it does not require a great deal of effort to repeat.

What is Error message SQL Injection?

Web applications commonly use SQL queries with client-supplied input in the WHERE clause to retrieve data from a database. When a Web application executes such queries without validating or scanning the user-supplied data to ensure it’s not harmful, a SQL injection attack can occur. By sending unexpected data, an attacker can generate and submit SQL queries to a web applications database. A test for SQL injection vulnerabilities takes place by sending the application data that generates an invalid SQL query. If the server returns an error message, that information can be used to try to gain uncontrolled access to the database. This is the basis of one of the most popular SQL injection attacks.

Hiding error messages does not stop the SQL injection attack. What typically happens is the attacker will use the knowledge gained from the failure of this attack to change tactics. What they turn to is blind SQL injection.

Why SQL Injection?

When a web application fails to properly sanitize user-supplied input, it is possible for an attacker to alter the construction of backend SQL statements. When an attacker is able to modify a SQL statement, the process will run with the same permissions as the component that executed the command. (E.g. Database server, Web application server, Web server, etc.). The impact of this attack can allow attackers to gain total control of the database or even execute commands on the system.

 

Contact : 

bhavinrana07[@]gmail.com

Categories: CakePHP, CakePHP Developer India, drupal freelancer india, freelance developer, Freelance PHP Developer, Freelance PHP Programmer, Freelance Programmer India, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, Hire Web developer, india web development, iphone application developer, iphone developer, JavaScript, joomla, joomla customization india, Joomla Developer, joomla developer india, joomla freelancer india, jquery, Magento, magento freelancer india, mysql, oscommerce Customization, oscommerce developer, php, PHP Developer, PHP Developer India, PHP Development, PHP Freelancer India, Php programming, SQL, Web Developement Company USA, web developer, web developer ahemdabad india, web developer india, Web development India, wordpress, Wordpress Blog Developer, Wordpress Customization Services, Wordpress Developer, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india, x-cart Tags: , , , , , , , , , , , , , , , , , , , , ,

PHP Web Development, Custom PHP Development of India based OPS – Instant, Interactive, Inexpensive (freelance php developer programmer wordpress joomla drupal and many open sources, cakephp and many frameworks)

October 2, 2011 3 comments

PHP Web Development, Custom PHP Development of India based OPS – Instant, Interactive, Inexpensive (freelance php developer programmer wordpress joomla drupal and many open sources, cakephp and many frameworks).

😀

Need to develop website in PHP? Want to develop custom applications in PHP? Looking for PHP development services at affordable costs? Then your search ends here.

Outsourcing Programming Services (OPS) – A leading PHP development company from India offers PHP web developmentservices at cost effective rates. Develop your custom high end applications through PHP development services. Increase business efficiency level and reduce business overheads by outsourcing custom PHP development requirements to us.

Request a Quote to know your PHP development costs for FREE, visit: https://bhavinrana.wordpress.com/

PHP Development Services by OPS:

• Custom PHP Development: Customized development with desired features and dynamic functionality
• PHP Application Development: Develop business web applications with elegant application user interface design
• PHP eCommerce Website Development: eCommerce shopping cart development services using Magento, CS Cart, VirtueMart, X-Cart, Zen Cart, etc.
• PHP MySQL Development: Develop dynamic and database driven website applications with PHP and MySQL
• Open Source PHP Implementation and Customization: Helps to develop and implement PHP Open Source Applications for businesses on open source and PHP platform i.e. LAMP, WAMP
PHP Web Development with MVC architecture: Develop web applications using CakePHP, Zend framework and CodeIgniter.

Based in India, leading PHP Development Company provides total PHP development solutions for various businesses & industries. It has a team of best Indian PHP developers who has developed and delivered thousands of custom PHP applications at affordable rates.

Drop a brief of PHP development requirements and get assisted by PHP Development experts in almost no time.

Contact:

bhavinrana07[@]gmail.com

Categories: ajax, Androide developer, CakePHP, CakePHP Developer India, drupal freelancer india, Freelance PHP Developer, Freelance Programmer India, freelance web, freelance web designer, Freelance web developer, get a freelancer, Graphic Designer, Hire Dedicated Programmer, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, iOS, iphone 4, iphone application developer, iphone developer, iphone website designer, JavaScript, joomla customization india, Joomla Developer, joomla developer india, joomla freelancer india, jquery, mysql, open sources developer india, oscommerce Customization, oscommerce developer, php, PHP Developer, PHP Developer India, PHP Development, PHP Freelance, PHP Freelancer, PHP Freelancer India, php freelancing india, php freelancing india mumbai, PHP programmer, Php programming, web design india, web designer, web designer india, Web Developement Company USA, web developer, web developer ahemdabad india, web developer india, Web development India, Word Press Reserch, Wordpress Customization Services, Wordpress Developer, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india, x-cart Tags: , , , , , , , , , , , , , , , , , , , ,

Google new chart API

September 28, 2011 Leave a comment

Hi All,

 

A new API from Google that generates information charts in a dynamic way. its usage is quite straightforward: you link to an image in the form of a parameterized URL, such as http://chart.apis.google.com/chart?cht=p3&chd=t:90,49&chs=400×200&chl=data|bling.

“cht=p3? is the chart type, in this case, a pie chart.

 

“chd=t:90,49? are the chart values, text-encoded, and separated by a comma.

“chs=400×200? is the custom chart size, 400 by 200 pixels.

“chl=Data|Bling” are the different labels for the pie chart sections, separated via the pipe character.

chart types include: line charts, bar charts, pie charts, Venn diagrams & scatterplots.

View Demo

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Categories: Androide developer, CakePHP, CakePHP Developer India, freelance developer, Freelance PHP Developer, Freelance Programmer India, freelance web designer, Hire Dedicated Programmer, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, Hire Web developer, iphone application developer, iphone developer, iphone website designer, JavaScript, jquery, mysql, php, PHP Developer, PHP Developer India, PHP Development, PHP Freelance, PHP Freelancer, PHP Freelancer India, php freelancing india, php freelancing india mumbai, PHP programmer, PHP Programmer India, Php programming, tips & trics, url rewriting, web design india, web designer, web designer india, Web Developement Company USA, web developer ahemdabad india, web developer india, Web development India, Word Press Reserch, wordpress, Wordpress Blog Developer, Wordpress Customization Services, Wordpress Developer, Wordpress Developer India, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india, x-cart Tags: , , , , , , , , , , , , , , , , , , , , ,

PHP Development India – Best Language for Web Development

September 28, 2011 1 comment

Hi All,

In today’s advanced technological world, the popularity of the internet has been increasing and we see millions of websites running on the internet to fulfill the requirement of user and the figure keeps increasing each day. Therefore, the merchants are getting cut-throat competition on the internet. Strong representation of a website is thus necessary for its online success. Hence, merchants have been diverted to web development industry to build the strong online presence.

There are many options available for web development like php, asp.net, java, wordpress, etc., from them php becomes a first choice for company websites. Because PHP is an open source server side scripting language, which allows effective web development at affordable rates. PHP support multiple platforms and databases such as Linux kernel, MS Windows, MySQL, MS Access, SQL server & Oracle. It also offers an array of other features which can be used to make a website flexible and user-friendly.

Benefits of PHP Development:

  • Create a dynamic website that has a professional look
  • Its support various OS (operating system) like Windows, Linux and Unix
  • The coding is easily understandable
  • Web development at very affordable rates
  • Increase your ROI (Return of Investment)

Many countries provide php development services, from them India has taken first place in this field because Indian php developers offer excellent designing and development services and take new challenges with open arms and most important thing, you get your application at one-quarter of cost at your current rate.

 

 

Submit Form Using Ajax (Post)

September 24, 2011 1 comment

Post.html

<script type="text/javascript" language="javascript">// <![CDATA[
var h_request = false;
function makePOSTRequest(url, parameters) {
h_request = false;

<!--more-->

if (window.XMLHttpRequest) //MOZILLA
{
h_request = new XMLHttpRequest();
if (h_request.overrideMimeType)
{
h_request.overrideMimeType('text/html');
}
}
else if (window.ActiveXObject) { // IE
try {
h_request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
h_request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {}
}
}
if (!h_request) {
alert('Cannot create XMLHTTP instance');
return false;
}

h_request.onreadystatechange = alertContents;
h_request.open('POST', url, true);
h_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
h_request.setRequestHeader("Content-length", parameters.length);
h_request.setRequestHeader("Connection", "close");
h_request.send(parameters);
}

function alertContents() {
if (h_request.readyState == 4) {
if (h_request.status == 200) {
result = h_request.responseText;
document.getElementById('myspan').innerHTML = result;
} else {
alert('There was a problem with the request.');
}
}
}

function get(obj) {
var poststr = "mytextarea1=" + encodeURI( document.getElementById("mytextarea1").value ) +
"&mytextarea2=" + encodeURI( document.getElementById("mytextarea2").value );
makePOSTRequest('post.php', poststr);
}

// ]]></script>

<form action="javascript:get(document.getElementById('form1'));" name="form1" id="form1">
<textarea id="mytextarea1">testing data
1
2
3
</textarea>
<textarea id="mytextarea2">testing data 2
4
5
6</textarea>
<br>
<input type="button" name="button" value="Submit"
onclick="javascript:get(this.parentNode);">

</form>

<br><br>
Server-Response:<br>
<hr>
<span name="myspan" id="myspan"></span>
<hr>

Post.php

<?
print_r($_POST);
?>
Categories: ajax, Androide developer, CakePHP, CakePHP Developer India, freelance developer, Freelance PHP Developer, Freelance PHP Programmer, Freelance Programmer India, freelance web, freelance web designer, Freelance web developer, get a freelancer, Hire Dedicated Programmer, Hire Dedicated Programmer India, Hire PHP Developer India, Hire PHP Professional, Hire PHP Professional India, Hire PHP Programmer India, Hire Web developer, Hire Web Developer India, india web development, Indian Freelancer, iOS, ipad, iphone developer, JavaScript, joomla, joomla developer india, jquery, mysql, oscommerce Customization, oscommerce developer, php, PHP Freelancer, PHP Freelancer India, php freelancing india, php freelancing india mumbai, PHP programmer, PHP Programmer India, Php programming, PHP Web Development, php web programmer, web designer india, Web Developement Company USA, web developer, web developer ahemdabad india, web developer india, Web development India, Word Press Reserch, wordpress, Wordpress Blog Developer, Wordpress Customization Services, wordpress freelance developer, wordpress freelance programmer, wordpress freelancer, Wordpress Freelancer India, Wordpress Programmer, Wordpress Shopping Cart, Wordpress theme customization, wordpress theme integration, x cart development india Tags: , , , , , , , , , , , , , , , , , , , ,

Optimizing PHP Through Habits

September 23, 2011 Leave a comment

What has been a long interest of mine in writing simple, maintainable and secure (a.k.a. Good[tm]) code, has forked off the offspring of optimization.

There are nummerous discussions in the blogosphere about whether to use echo versus print, iffor() is faster than while(), etc. and though the gains are usually very small, I desided to add my thoughts to the debate.

I found an article on optimization through coding habits in Ilia Alshanetsky’s zend performance slides and decided to test some of the claims. My test machine is my MacBook Pro 1.83GHz w. 2GB RAM, MacOS X 10.4.9, Apache 1.3 and PHP 5.2 (with Xdebug 2.0). I also have lots of applications running.

  • Peter Bowyer claims that require_once() is 3-4 times slower than require(). Ilia also says they are bad. My testing reveals the exact opposite with an empty include file. Callingrequire_once() 10000 times in a for() loop with an empty file is 4x faster.
  • Ilia advises against using magic functions like __autoload() and __get(), but the advantage of __autoload() in particular is obvious in any large project and is used by many phpframeworks. My primitive testing, however, shows inverse results. With a simply autoload requiring a class and 10000 loops of new Foo() versus require_once('foo.php'); new Foo() shows that __autoload() is ~3.7 times faster. I saw no difference between real methods and __get(), although the logic inside __get() will add some overhead.
  • If a class method can be static, declare it static. Speed improvement is by a factor of 4. I get a 50% speed increase (614ms vs. 414ms with 100000 iterations).
  • Avoid function calls within for() loop control blocks. In for( $i=0; $i<count($x); $i++ )the count($x) is called at every iteration.
  • Always, always quote array keys. $row['id'] is way faster than $row[id]. Ilia says 700%, I say about 200%.
  • Avoid regex if possible. Use ctype_digit($foo); rather than preg_match("![0-9]+!", $foo);.
  • Get rid of ‘harmless’ error messages – they take time to generate and output. The error supression operator @ is slow, so avoid when possible. With error_reporting set to E_ALL | E_STRICT on my machine, doing echo $rows[id] 10000 times instead of echo $rows['id]takes 38 times longer.

     

    UPDATE: To summarize, this slow code runs in 500ms (although this time will vary a great deal depending on your error_reporting level):

     

     

     

     

    $rows = array_fill(0, 10000, array('id'=>0));
    require_once('foo.php');
    for( $i=0; $i < count($rows); $i++) {
        foo::notdeclaredstatic();
    
        $rows[$i][id] = 0;
    }
    
    
    
    
    By using the techniques above, it can be made to complete in 68ms:
    
    $rows = array_fill(0, 10000, array('id'=>0));
    function __autoload($classname) { require_once( 'foo.php'); }
    $size = count($rows);
    for( $i=0; $i < $size; $i++) {
        foo::declaredstatic();
    
        $rows[$i]['id'] = 0;
    }
    
    
    10000 iterations is a lot for one request to a page. Using the techniques, the code became roughly 7 times faster.
    
    I am not out to prove Ilia wrong - he knows PHP better than most - and 
    for all I know, they could have optimized those very functions in PHP 5.2. I am, however, 
    interested in seeing what can be done to optimize PHP performance simply by doing things differently,
    by tweaking one's coding style. It would appear that there are improvements, albeit small, to achieve 
    from minimal effort. Plus I was surprised by the discrepancies I found compared to Ilia's recommendations.
    
    

     

%d bloggers like this: