Remember to check numeric data as well. If an application generates a query such as SELECT * FROM table WHERE ID=234 when a user enters the value 234,the user can enter the value 234 OR 1=1 to cause the application to generate the query SELECT * FROM table WHERE ID=234 OR 1=1.As a result, the server retrieves every row in the table. This exposes every row and causes excessive server load. The simplest way to protect from this type of attack is to use single quotes around the numeric constants: SELECT * FROM table WHERE ID='234'.  If the user enters extra information, it all becomes part of the string. In a numeric context, MySQL automatically converts this string to a number and strips any trailing nonnumeric characters from it. It means that if the user enters 234myname the value remains 234. Another option is to do a check before the mysql query if the value is numeric.

Source http://dev.mysql.com/doc/refman/5.0/en/security-guidelines.html

Javascript Confirm Form Submission

Many times you may wish to have the user confirm, before they process a form’s action. For instance, clicking the button may activate a deletion process which you wish to have the user confirm before proceeding.

This code allows your users to confirm whether they wish to proceed when processing a form with serious consequences, such as DELETE. Read more…

On default valeu of timestamp add this  CURRENT_TIMESTAMP

suppose you want /articles.php?cat=$1&art=$2 to become magazine/1/2

then you need these two rules:

#articles.php?cat=$1&art=$2
RewriteRule ^magazine/([^/]*)/([^/]*)$ /articles.php?cat=$1&art=$2&marker [L]

RewriteCond %{REQUEST_URI} /articles\.php [NC]
RewriteCond %{QUERY_STRING} ^cat=(.*)&art=(.*)
RewriteCond %{QUERY_STRING} !marker

RewriteRule (.*) http://mydomain/%1/%2? [R=301,L]

Glossary

Unique Visitor:
A unique visitor is a host that has made at least 1 hit on 1 page of your web site during the current period shown by the report. If this host make several visits during this period, it is counted only once.
The period shown by AWStats reports is by default the current month.
However if you use AWStats as a CGI you can click on the “year” link to have a report for all the year. In a such report, period is full year, so Unique Visitors are number of hosts that have made at least 1 hit on 1 page of your web site during those year. Read more…

You might be aware of mod_rewrite rule and .htaccess file if you are using wordpress as your Blogging platform, .htaccess is the apache’s default directory level configuration files which can be used to password protect and redirect requests. Webmasters need to give special attentions to .htaccess on apache webserver as its very difficult to enforce all policies using just httpd.conf file. Read more…

In the VMWare Server GUI, select host in the “Inventory” panel (root node of the tree), to the right “Commands” panel should appear with “Edit Virtual Machine Startup/Shutdown Settings”. There will be an option to autostart the guest VM.

So, i managed to get the server starting-up when electricity is back .. using a BIOS setting that lies there in almost all the modern Motherboards nowadays. Read more…

With a terminal window open, type this command:

ssh -l (username) panix1.panix.com

(Use your actual Panix login instead of “(username)”, of course.)This will take you to panix1, and give you a password prompt right away. Just enter your usual Panix password, and you’re in business.

NOTE: You can go to panix2, panix3, or panix5 just by replacing “panix1″ with the one you want.

http://www.panix.com/help/sw.macosx-ssh.html

Getting FreeNAS

FreeNAS is available as a free download from the FreeNAS SourceForge site. Download the latest ISO image file. Be aware that this is a 34 MB file so it may take some time if you are on dial-up. Read more…