RSS

Kurinchi Blogger Scribbles …

On Open Source Technologies

Archive for July, 2009

Jul 21
2009

CakePHP: Multi-validatable Behavior

Last updated: August 5th, 2009

Consider the following scenario where we have a database table:users and that we need carry the validations for the following forms
i) Login
ii) Change password
iii) Add/Edit user records
iv) Forgot password

You can either write separate controllers and have each controller call a model based on table: users to validate each input field or use the same user model to carry out different validations which sounds logical.

It is easy to carry out different validations in a cakephp model by using the Multi-validatable Behavior by having different validation sets for different testing conditions.

Key things to note here …

i) Download the code for Multivalidatable Behavior and have it placed under /models/behaviors/ folder

ii) In the model where you want to have multi validation, you need to include multivalidatable behavior like
var $actsAs = array(“Multivalidatable”);

iii) Add validation rulesets array like
var $validationSets = array(‘login’ => array(‘name’=>array(‘rule’=>’alphanumeric’)),
‘changepassword’ => array(‘password’=>array(‘rule’=>’notEmpty’))
);

iv) In the controller where you want to apply the validation rule set, you need to add the respective validation like

function login(){
$this->User->setValidation(‘login’);
}

function changepassword(){
$this->User->setValidation(‘changepassword’);
}

For more info visit CakePHP Bakery

Tags: , , , , ,
Posted in PHP | No Comments »

Jul 20
2009

What is Kerberos Authentication System?

Last updated: July 24th, 2009

Kerberos Authentication is a means by which a communicating entity on a non-secure network can prove itself to another entity about its identity in a secured way.

In a system developed for a client-server model, it is inconceivable to identify the threat posed by the network users and the intruders.

Primary goal of Kerberos Authentication System is to prevent free text based transmission of passwords over the network.

Kerberos was created by MIT with a license similar to BSD and the current version is Version 5. It is implemented across various OS – Linux, Unix, Windows, MacOS.

Kerberos system is built on a symmetric key algorithm.
(more…)

Tags: , , ,
Posted in LINUX, Linux Server, Security | No Comments »

Jul 17
2009

Apache: How to save configuration settings without disconnecting users from web server?

Last updated: July 15th, 2009

There are times when you would like to do some changes in your web server configuration file which might necessitate the server to be restarted in order for the changes to take effect.

Issuing a apache restart command will forcefully close all the connections made to the web server which will end any user related activity on the server.

If you would want to avoid such scenarios then issue the following command

$ sudo /etc/init.d/apache2 graceful (in ubuntu)

Tags: , ,
Posted in Linux Server, Tips, Tricks, Guides | No Comments »

Jul 16
2009

How to turn off register_globals via php.ini?

Last updated: July 15th, 2009

It is always secured to turn OFF register_globals in PHP applications. Earlier, we have seen how to turn OFF register_globals setting via .htaccess file and in this blog we will use php.ini instead.

Using a text editor create a file called php.ini. This will be our first step.

Next, we need to add the following line of code in php.ini
register_globals = off

Upload php.ini file to the root folder where your application resides.

Tags: , , , ,
Posted in PHP, Security | No Comments »

Jul 15
2009

How to display the history of commands executed by the user?

Last updated: July 15th, 2009

Linux: History command

Each bash sessions stores the history of commands executed in .bash_history file which in turn in stored under each user’s home directory

usr100@dev01:/tmp/user$ ls
07-14.txt a.txt b.txt d.txt

usr100@dev01:/tmp/user$ cat ~/.bash_history
clear
su root
rm -i d.txt
ls -ltr
touch c.txt

Tags: ,
Posted in Linux Server, Tips, Tricks, Guides | No Comments »

Jul 14
2009

Nagios: Temporary failure in name resolution

Last updated: July 14th, 2009

Troubleshooting the above warning message in Nagios:

i) If you can specify the IP address of the host with its port number try specifying it that way instead of the host name

ii) Check the the time that is set for the http check parameter and based on it try setting the -w (warning message) parameter (sample setting: command_line /usr/lib/nagios/plugins/check_http -H mywebsite.com -t 60 -w 55)

Tags: , ,
Posted in Linux Server, Tips, Tricks, Guides | No Comments »

Jul 13
2009

How to restrict folder, file permission settings for each user?

Last updated: July 13th, 2009

Sticky bit

There may be situation where you wanted all users to store files in a certain folder but might want to restrict users from deleting other users file. For this scenario, you can set the sticky bit of the folder which will serve our purpose.

For example we have created a folder inside /tmp directory called “user”

root@dev:/tmp# ls -l | tail -1
drwxr-xrwx 2 root root 4096 2009-07-13 11:39 user
root@dev:/tmp# cd user

Now create a file called a.txt (you are currently with root privileges)
root@dev:/tmp/user# touch a.txt

Now change to the user with normal privileges (i have created a user called ‘usr100′ for this purpose)
usr100@dev:/tmp/user$ su usr100
password:
usr100@dev:/tmp/user$ whoami
usr100
(more…)

Tags: , , ,
Posted in LINUX, Security, Tips, Tricks, Guides | No Comments »

Jul 11
2009

How to find the environment settings in Linux?

Last updated: July 15th, 2009

The following command will give you the environment settings in Linux

$ env

This is equivalent of PATH in windows.

Tags: , ,
Posted in Linux Server, Tips, Tricks, Guides | No Comments »

Jul 09
2009

PHP Image Upload and Security

Last updated: July 9th, 2009

List of steps to take care when using PHP to upload images or documents

i) use is_uploaded() function to check if the file is uploaded before moving the file from temporary location

ii) sanitize the name of the file before moving the file from the temporary location by executing the ‘mv’ system command (use escapeshellargs, escapeshellcmd as needed)

iii) chmod the file setting to 644 if needed

iv) the directory from where the file will be moved and the destination directory should be initialized beforehand in order to prevent users from altering the path where the files could be stored

Tags: , , , , ,
Posted in Apache, PHP, Security, Tips, Tricks, Guides | No Comments »

Jul 08
2009

Mysql: Test database

Last updated: July 7th, 2009

Ever wondered why there is a “test” database in the list of tables when you install MySQL.

This is to allow users to practice MySQL commands or execute complex queries on the database.

“test” database is accessible to everyone who has access to MySQL in your localhost and hence is not advisable if you were to use it for your development. (more…)

Tags: ,
Posted in Linux Database, MySql | No Comments »

Older Entries Newer Entries

Copyright ©2008 - 2012. Kurinchilion Inc.

Valid HTML 4.01 Strict  Valid HTML 4.01 Strict