RSS

Kurinchi Blogger Scribbles …

On Open Source Technologies

Archive for the ‘PHP’ Category

Jul 21
2009

CakePHP: Multi-validatable Behavior

Last updated: August 5th, 2009

Consider the following scenario where we have a database table:users and that we need carry the validations for the following forms
i) Login
ii) Change password
iii) Add/Edit user records
iv) Forgot password

You can either write separate controllers and have each controller call a model based on table: users to validate each input field or use the same user model to carry out different validations which sounds logical.

It is easy to carry out different validations in a cakephp model by using the Multi-validatable Behavior by having different validation sets for different testing conditions.

Key things to note here …

i) Download the code for Multivalidatable Behavior and have it placed under /models/behaviors/ folder

ii) In the model where you want to have multi validation, you need to include multivalidatable behavior like
var $actsAs = array(“Multivalidatable”);

iii) Add validation rulesets array like
var $validationSets = array(‘login’ => array(‘name’=>array(‘rule’=>’alphanumeric’)),
‘changepassword’ => array(‘password’=>array(‘rule’=>’notEmpty’))
);

iv) In the controller where you want to apply the validation rule set, you need to add the respective validation like

function login(){
$this->User->setValidation(‘login’);
}

function changepassword(){
$this->User->setValidation(‘changepassword’);
}

For more info visit CakePHP Bakery

Tags: , , , , ,
Posted in PHP | No Comments »

Jul 16
2009

How to turn off register_globals via php.ini?

Last updated: July 15th, 2009

It is always secured to turn OFF register_globals in PHP applications. Earlier, we have seen how to turn OFF register_globals setting via .htaccess file and in this blog we will use php.ini instead.

Using a text editor create a file called php.ini. This will be our first step.

Next, we need to add the following line of code in php.ini
register_globals = off

Upload php.ini file to the root folder where your application resides.

Tags: , , , ,
Posted in PHP, Security | No Comments »

Jul 09
2009

PHP Image Upload and Security

Last updated: July 9th, 2009

List of steps to take care when using PHP to upload images or documents

i) use is_uploaded() function to check if the file is uploaded before moving the file from temporary location

ii) sanitize the name of the file before moving the file from the temporary location by executing the ‘mv’ system command (use escapeshellargs, escapeshellcmd as needed)

iii) chmod the file setting to 644 if needed

iv) the directory from where the file will be moved and the destination directory should be initialized beforehand in order to prevent users from altering the path where the files could be stored

Tags: , , , , ,
Posted in Apache, PHP, Security, Tips, Tricks, Guides | No Comments »

Jul 07
2009

CakePHP: Caching and issues related to it

Last updated: July 7th, 2009

There may be occasions that the programs that you develop in your development environment does not fetch the desired results when the programs are moved to the production environment.

The possible cause of this problem may be due to active caching in cakePHP which tends to bring in copies of text from older program revisions.
(more…)

Tags: ,
Posted in PHP | No Comments »

Jul 05
2009

Configuring CakePHP in localhost

Last updated: July 9th, 2009

Quick and easy steps

Grab a copy of cakePHP from cakephp.org website

You can either create the new cakephp website in the root (http://localhost/) or by adding it as a subfolder (http://localhost/mycakesite/)

If you create it as a subfolder, then configure the appropriate path settings for linking images in the web pages.
(more…)

Tags: , ,
Posted in MySql, PHP | No Comments »

Jul 01
2009

PHP Parse error unexpected T_STRING

Last updated: July 2nd, 2009

Sample error message that you may have come across when designing php pages …

Parse error: syntax error, unexpected T_STRING in C:\wampserv\www\my_program.php on line 4

Solution:
Check your program to see if there is a missing semi-colon at the end of line 3. Php need the character “;” at the end of the statements to indicate the end of php command.

Tags: ,
Posted in PHP | No Comments »

Jun 28
2009

PHP: Buffer Overflow

Last updated: June 29th, 2009

PHP Program Flow
A call that is made to execute a sequence of code in PHP program is sent to PHP core library written in C programming language which in turn would talk with the underlying operating system to get the results of its execution.

What is buffer?
A buffer is a temporary memory location to hold data for faster program execution time. The data may be stored as a heap or as a stack. Stack can be visualized as a FILO array of data and heap as a linked list of data.

Why we need to take care of buffer overflows?
Programmers who know about certain loop holes can exploit this feature in by pointing a record in the heap or stack to prewritten block of hackable code. These are called buffer overflow attacks.
(more…)

Tags: , ,
Posted in PHP, UI, CSS | No Comments »

Jun 18
2009

Cross site scripting Attack – XSS

Last updated: July 27th, 2009

Cross-Site Scripting (XSS) is the method of code injection whereby a malicious user injects code (html, javascript) which would get executed from the site on the users browser. When Google finds this, it will show up a warning message in its search results if the users had searched for a specific term for which your site is indexed. This can harm your user base.

XSS attacks are classified as
- Persistent attacks
- Non-persistent attacks
(more…)

Tags: , , , , ,
Posted in PHP, Security | No Comments »

Jun 12
2009

cakePHP: Static page handling tips

Last updated: June 17th, 2009

You can create static pages in cakePHP by adding .ctp files under /app/views/pages folder and can access it using the URI http://sitename/pages/pagename.ctp.

Try creating two files page1.ctp and page2.ctp and add those files under /app/views/pages folder.

page1.ctp

<h1>Page 1</h1>
<p>Static Content for page 1 goes here</p>

page2.ctp

<h1>Page 1</h1>
<p>Static Content for page 1 goes here</p>

(more…)

Tags: , , ,
Posted in PHP | No Comments »

Jun 09
2009

cakePHP: Session enabled messages using Session->setFlash

Last updated: June 9th, 2009

There are different ways to flash or publish the messages for a user action. Usability plays a major role in determining how the navigation pattern for a web application takes place.

  • publishing the outcome of user action on the same page
  • designing a single page to flash all success, error, warning, notice level messages
  • designing a separate page for each message that gets published for the user

(more…)

Tags: , , ,
Posted in HTML, PHP, UI, CSS | 1 Comment »

Older Entries Newer Entries

Copyright ©2008 - 2012. Kurinchilion Inc.

Valid HTML 4.01 Strict  Valid HTML 4.01 Strict