Description: Add additional feature to the existing theme. Modified the plugin to display slider images.

Visit the site

Description: Install wordpress, create and design the whole theme.

Visit the site

I’m currently in the middle of my wordpress plugin development and I encountered a problem in using .append(). The problem is that whenever I called the .append() many times without refreshing the page cause the message to duplicate itself.

Solution

Gladly, there’s the .empty() to support the process and solve my problem.

This original code, if you put this to a click even wherein you will have to click on something, this will cause the .append msg to appear many times.

[php]

jQuery(function($) {
var msg = ‘Hello World’;
$(‘.msg’).append(msg);
});
[/php]

This is the solution to this….

[php]

jQuery(function($) {
var msg = ‘Hello World’;
$(‘.msg’).empty(); // empty first
$(‘.msg’).append(msg); // then call out the .append();
});
[/php]

Conclusion

jQuery really became much popular than mootools and scriptaculous in general have a flexible solution to almost everything. But every ups has its own downs. But for now, I’m consistent in using jQuery in my development.

Happy coding.

While a good majority of the users enjoyed the article, the experience for some was reduced by an intersitual ad. I don’t rely on advertising to put food on my table, it’s just nice to have that money coming in every month. I feel the four second ad is fair for the free content accessible on every page here, and barring any issues with the browser, only displays once every six hours.

However, the main intention of many pages here is to help the user improve their computing experience. With that in mind, here are a couple methods of blocking the advertisements around the Internet.

Solutions

Firefox – Adblock Plus

Adblock Plus is generally the most recommended method online, so I’ll go over that one first. If you are using the Firefox browser, you may have already heard of this very popular extension.

A huge advantage of Adblock Plus is the subscription feature. A precompiled list of most advertising sites is included in that list, and will automatically block them for you if you wish.

Opera – Content Blocker

Opera belongs in this article as well, as they actually have an ad blocker built-in to their broswer. The usage is as simple as right-clicking an empty spot on the page and selecting Block Content… Once you select that, a notice will come up asking you what content you wish to block. Click the ad or element you need blocked and it is done. You can read more info about it at the Opera Wiki.

Alternatives

Solutions

• Create the __construct() function in your PHP Class

• Add Parameters to the __construct() function

• Make your function

• Add support for PHP 4

• Final Code - finish product

Who?

Spreading the love, check this out!

Twitter In Love

Sheep In Love

Seriously In Love

Love Under the Light

Hear my Love

Fairy In Love

Cupid of New Generation?

Puppy Love

Bunny In Love

Andy's Web wishes everyone a very Happy Valentine's Day.

Trium Mobile Phone

Trium Mobile Phone

Check this out!

• If the 7th and 8th digits are 02 or 20 this means your cell phone was assembled in China which is low quality
• If the 7th and 8th digits are 08 or 80 this means your cell phone was manufactured in Germany which is fair quality
• If the 7th and 8th digits are 01 or 10 this means your cell phone was manufactured in Finland which is very good
• If the 7th and 8th digits are 00 this means your cell phone was manufactured in original factory which is the best mobile quality
• If the 7th and 8th digits are 13 this means your cell phone was assembled in Azerbaijan which is very Bad quality and also dangerous for your health

Cross-site scripting vulnerability is the most common form of attack on websites. The mistake made by developers is not filtering input data from web forms and not escaping the output.

For example, you have a form like this:

[html]

[/html]

The app will display something like this:

[php]
echo $_POST['txtMessage'];
[/php]

The vulnerability is that the application doesn’t filter the input and escape the output. Let’s say someone writes the following javascript in the comment textarea:

[javascript]
alert (‘hacked’);
[/javascript]

If an application doesn’t escape this output on every page request a Javascript alert box will pop up. The best a developer can do is to filter out any HTML tags from the data with:

[php]
$clean_message = strip_tags($_POST['txtComment']);
[/php]

And escape it when outputting the date with htmlentities:

[php]
htmlentities($clean_message, ENT_QUOTES, ‘UTF-8′);
[/php]

A better solution is to use HTML Purifier to filter out any unwanted malicious input and to test your web forms that it’s XSS proof use the XSS cheat sheet.

Apache web server allow directory browsing by default. It’s always good to disable directory browsing in security aspect. To disable directory browsing in apache web server you need to edit the httpd.conf or .htaccess

Solutions

• Using .htaccess… follow the 2 simple steps

1. Open your .htacces file
2. If Options Indexes exists, modify it to Options -Indexes or add the Options -Indexes if not exist as a new line

• Using httpd.conf… follow the 4 simple steps

1. Open your httpd.conf, if you’re using linux; it should be normally located @ /usr/local/apache/conf or /etc/httpd.conf, if you’re using windows (xampp) it should be @ C:\xampp\apache\conf – replace the drive letter with your correct one
2. Go to your own Virtual Host settings and look for Options Indexes
3. Change the Indexes to -Indexes if Option Indexes exist or add the Options -Indexes if not exist
4. Restart your apache web server

• Using Cpanel Share Hosting… follow the 4 simple steps

1. Login to your Cpanel
2. Click on Index Manager
3. Directory will be list. Click on the directory name which you want to disable the directory browsing
4. Select No Index and click save

Recommendation

For techie guy like me, I would recommend using .htaccess to disable directory browsing. Though I’m familiar with Cpanel and use it a lot but I feel more secure to do it via .htaccess. Well, it’s up to you guys on which on the 3 solutions you’re comfortable working with.

Accepting passwords from users comes with great deal of responsibility – just like Spider-Man, “With great power comes great responsibility”.

As web developers, we are generally satisfied when a user provides correct information to gain access to sensitive data contained in the website. It is our duty to protect the end user from attack by entrusting the passwords they provide do not fall into the hands of evil in the even that not only their sacred information becomes compromised but also our application. The best way to protect user passwords is through hashing, and we’ll go over how to do that.

How?

There are several built-in functions for hashing strings in PHP, such as md5(), sha1(), or stronger. There are pros and cons to each of the available methods, but these are beyond the scope of this article. The important thing is that the method we choose only work one-way, in that once we hash the password, we are unable to get the original from the hashed string. Therefore, something like mcrypt() or base64_encode simply will not do.

The following snippet shows how to encode a string using the sha1() function:

[php]
<?php
// Original password
$password = ‘password’;

// Hash that password!
$hashed = sha1($password);

// Now the password is:
// 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
print $hashed;
?>
[/php]

This solution is pretty good and we can put this up in the database and we call it a day.

Problem

The problem is, that people tend to use common passwords: things in the dictionary, commonly-used words, kid’s names, dates, and other easy-to-guess stuff. An attacker knows this, and they may employ a dictionary attack to try and brute-force commonly used passwords encoded with the known hash algorithms. We can thwart this process by adding some additional entropy to our passwords, in the form of a salt.

Solution

Using Salt on a Password

Salt is an extra baggage but really useful and it will give password the extra protection, in short – makes the password more difficult to brute-force. There are countless ways to salt passwords, but whichever method we choose, one thing is certain: we have to store the salt. It is very important that the salt we use be kept in a safe place, or, for maximum security, that the salt be unique for each hashed password. We’ll cover each method separately.

Using salt in the earlier code:
[php]
// Original password
$password = ’password’;

// Add some salt
$salt = ’SecretIngredient’;
$salted_password = $password . $salt;

// Hash that password!
$hashed = sha1($salted_password);

// Now the password is:
// 1ad8b50cb8f1cdbd2536a1efa4ccffcbbe4302d0
print $hashed;
?>
[/php]

Another simple yet complex hashed password:
[php]
// Original password
$password = ‘password’;

// Add some stronger salt
$salt = ‘__PPbdb10_MORE_SALTY!_3&%df9++*$&’;
$salted_password = $salt . $password . $salt;

// Hash that password!
$hashed = sha1(sha1($salt) . md5($salted_password));

// Now the password is much more complex!
print $hashed;
?>
[/php]