Archive for March, 2007

PHP Mime Mail Class

March 28th, 2007 No comments

There are a lot out there; but my favourite is been PHPMailer

I was always on the look for a decent php mail class with smtp auth and mime mail support.  Then one day stumbled on this sourceforge project. There it was with other features too which I wished to have

  1. Can send emails with multiple TOs, CCs, BCCs and REPLY-TOs,
  2. Redundant SMTP servers, Multipart/alternative emails for mail clients that do not read HTML email,
  3. Support for 8bit, base64, binary, and quoted-printable encoding,
  4. Uses the same methods as the very popular AspEmail active server (COM) component,
  5. SMTP authentication,
  6. Word wrap,
  7. Address reset functions,
  8. HTML email,
  9. Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Imail, Exchange, etc,
  10. Works on any platform,
  11. Flexible debugging,
  12. Custom mail headers,
  13. Multiple fs, string, and binary attachments (those from database, string, etc),
  14. Embedded image support
Categories: Code Snippets, PHP Tags:

Friendly URLs or furl – How to approach

March 27th, 2007 No comments

There is been a lot of hype of late about having Friendly URLs, or in short furl. What is so fancy about these ? Oh yeah! they help the search engines, they help your visitors. On an after thought, do they help the search engines? I would say no and a big blatant NO.

Why? First of all, search engines as the biggest of it all claims, they do not have a difference between a url that has a query string or that does not have a query string, other than that bots will be a bit more light on any url with a query string, ie a ‘?‘, with inducing a small delay between queries. And those with query strings will be considered as changing content, whereas those with out query strings are considered as static or stationery content. So by forcing a search bot to index your site using furl, you would be deceiving the bot by showing it the furl, where as internally you would be using dynamic content.

Now a days most of the content management systems, blog packs, and open packages do offer furl as an integrated part.  Most of the packages implement this using some sort of pluggable techniques, but some notably do have neatly planned and implemented furl support. Actually the furl support is provided to help you and not the search engine. Once you enable this in the software, the search bots will be deceived to index your pages as static content, inducing heavy load on your servers. This does not imply that we should avoid using furls, no but we should plan well ahead to make sure that our servers are the least loaded.

For implementing furl in your package or application, either you should design it from the basics, or you should revert to some sort of plugs, but still if you can redo the basic parts of your application, use some global replaces for durls, to corresponding furls, and take the pains to absolute link all media, I mean images, css, swf etc. I would recommend doing so, and giving it a full integrated test before releasing the pack.

Two methods are being practiced the most, though there are other derivatives being used.  The first one being using mod_rewrite (a plug), to change the url into a var=value pair internally. The second one is to force all calls through a single php file, and to parse the QUERY_STRING super global. Still both methods require the durl to furl conversion in the code.

Categories: General Articles Tags:

JavaScript Object Oriented

March 25th, 2007 No comments

It may be shocking news, but JavaScript is a very powerful object-based (or prototype-based, whatever you wish to call it) language. Yes, JavaScript is a powerful language, not just something that’s handy for image rollovers and other corny, flashy effects. However, very few people who have used JavaScript realize its capabilities. If you’re one of these people, this tutorial is aimed at you.

First of all, JavaScript is not a full-blown OOP (Object-Oriented Programming) language, such as Java, but it is an object-based language. So, why should you use objects? Not only do they help you better understand how JavaScript works, but in large scripts, you can create self-contained JavaScript objects, rather than the procedural code you may be using now. This also allows you to reuse code more often.

Read the full article by Ryan Frishberg

Categories: Javascript Tags:

Easy way to make your website render same across browsers

March 16th, 2007 No comments

Even if it is not yet proved beyond doubt that W3C validation grabs better search engine rankings, it is sure that errors in your code will surely cause problems. Converting website pages to XHTML will help to reach more customers, as the site will work in more browsers and even non-traditional devices.

W3C, the World Wide Web Consortium, provides guidelines based on best practice, towards how websites and web pages should be authored in a structured manner to ensure long–term compatibility. The W3C validation is a standard for specified machine language, checking web documents, code grammar, syntax etc.

Read more…

Categories: General Articles Tags:

PHP HTML Form Generation and Validation

March 16th, 2007 No comments

A PHP class for HTML easy form generation and validation. It provides an easy and intuitive way of handling both HTML form design (based on templates) and basic server-side form validation. Custom validation (both server-side and client-side) can also be implemented very easily. It provides all the basic controls available in an HTML form like text controls, textarea controls, submit buttons, reset buttons, standard buttons, drop down boxes, radio buttons, checkboxes, image controls, hidden controls, file upload controls, password controls and a date picker control.

View Website

Categories: Code Snippets Tags:

Form Tools

March 11th, 2007 No comments

Form Tools is written for web developers who work on online registration sites, or sites that require any form of information gathering from their online visitors. Put simply, it is a form processor, storage and data access script written in PHP and MySQL, designed to work with any existing web form. With a few minor changes to your form, you can stop using old-fashioned form-mail scripts and instead store form submissions in a database, instantly providing your clients with options such as mass data export via Excel, printer-friendly pages, data searching and sorting, form submission editing and optional email of form submissions to administrators and users. Form Tools is available for free under the GNU public license. See the website for an online demo, documentation, support forums or just to download the code!

Visit Website

Categories: Code Snippets Tags:

Month of PHP Bugs started

March 9th, 2007 No comments

The Hardened-PHP Project is proud to announce the beginning of the Month of PHP Bugs. This initiative is an effort to improve the security of PHP. However we will not concentrate on problems in the PHP language that might result in insecure PHP applications, but on security vulnerabilities in the PHP core. During March 2007 old and new security vulnerabilities in the Zend Engine, the PHP core and the PHP extensions will be disclosed on a day by day basis. We will also point out necessary changes in the current vulnerability managment process used by the PHP Security Response Team.

Categories: PHP Tags:

AJAXification by js graceful degradation

March 9th, 2007 No comments

Now the question was about a suggestion to have a balance between best designs considering a friendly URL, Ajax, and SEO. It was implied about some contradictory indications. With the discussion passing on to friendly URLs are great if for no reason than log analysis, however, friendly URLs are supposedly better for SEO also (besides all
the other stuff for SEO).

Suppose if you would like to start moving over to AJAX for CMS-related, stuff, such as loading a news article when the user clicks on a headline, and stil make the site really search engine friendly.

Basically, you have a regular tag link that goes to the location you want, but you also have an onclick javascript event for that link that does the ajax stuff and returns false so that the browser doesn’t request the href part of the tag. Ideally, you’ll have an onload event to your page that attaches all these onclick events to your links so that you don’t even have inline javascript. (Rob Marscher at NYPHP).

The added benefit to backloading your ajaxification is that regardless of js enablement, the user could right click your link and open in new tab or window or even bookmark it and it’s still a plain link that will open normally. (Mark Armendariz at NYPHP).

The overall suggestion is to use prototype.js, and some implementation to use asynchronous fetch.

Categories: Javascript Tags: ,

Security Issues by PHP applications

March 5th, 2007 No comments

PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here’s how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.

PHP became one of my favorite languages because of how quickly one can write a highly functional, standards-based web application with a database back-end. Unfortunately, attackers are taking these applications down even faster than they appear.

Writes Kelly Martin, SecurityFocus read the full article

Categories: General Articles Tags: