Monthly Archives: March 2011

Avoid MySql Injection

Avoid MySql Injection

Before we can Avoid MySql Injection, we have to know what is MySql Injection. MySql  Injection is an action performed by system user to make harm to the Database system. User will input MySql statement into an input tag that most of the tag type is text. However there is a browser that can manipulate the html element that will make more easier to connduct MySql Injection. On the other hand, MySql Injection can be conducted by using variable get from url.

Exp you have code:

$search = $_GET['search'];
$query = "Select * from `member` where `username` = '".$search."'";
//if user input just a simply name then it will be ok $search = septiadi
$search ="Select * from `member` where `username` = 'septiadi' "; //this will be ok
//if user input nasty statement $search = ' or '1' = '1
$search ="Select * from `member` where `username` = '' or '1' = '1' "; //this will be bad

If the user input ” ‘ or ‘1’ = ‘1’ ”  the statement will always true. If you use it for authentication process, you will gain access easily. On a very extreme condition, user may give statement  to delete table or drop database. Such as ” ‘; DROP TABLE `member` where  ‘1’ = ‘1″.

To Avoid MySql Injection, we simply add a function for every input from user in our php files. Exp:

$search = mysql_real_escape_string($_GET['search']);//for php 4.3.0 and above
//if magic_quotes_gpc is enabled, first apply stripslashes() to $search
$query = "Select * from `member` where `username` = '".$search."'";

For you that use ajax or jquery, I recomend that you put all of the executing code into one php file. In this case, it will be easier to implement mysql_real_escape_string to Avoid MySql Injection. I’ll give an aditional function that automaticlally implement mysql_real_escape_string to any input.

function clean_query($query){
if(get_magic_quotes_gpc()){
$result = stripslashes($query);
}
else {
$result = $query;
}
$result = mysql_real_escape_string($result);
return $result;
}
/* the above function is to avoid mysql injection */
foreach($_POST as $key => $val){
$_POST[$key] = clean_query($_POST[$key]);// change all $_POST with clean_query function
}

Place the above code into the frist line of your php file. It will replace all $_POST with $_POST that has been implemented by mysql_real_escape_string to Avoid MySql Injection. You can change $_POST into $_GET based on your coding.

MySql Injection is quiet simple but indeed very dangerous. Therefore, Avoid MySql Injection is an absolute needs for web developer that use database.

 

http://septiadi.com/2011/03/31/avoid-mysql-injection/


How To Start Blogging

How To Start Blogging

Start blogging is not a hard task, all you have know is ‘How To Start Blogging‘. Before you start blogging, indeed you have to know what blog is.

Blog is the abreviation of ‘Web Log’. It is a web based jurnal where people can post their ideas of everything. They can either share the jurnal to the public or keep it as a private jurnal.

Some people become blogger for share their idea/opinion or just for save it for future purpose. In other cases, people that share their jurnal, can get money by puting advertisement on their blog.

Lets just jump to the steps How To Start Blogging.

How To Start Blogging – Step 1 – Choose your blog provider

You can either chose paid blog provider or free blog provider. In my own blog, I choose WordPress. If you have  enough money, you even can make your own blog site. In this case you can instal free blog into your site such asWordPress Installer. After that, you choose your blog to be public or private.

How To Start Blogging – Step 2 – Choose your main idea of your blog

The idea will reflect the overal jurnal that you will post. Chose it carefully, you can chose it based on your hobbies or mastered field. For example, if you are a programmer, you can chose the topic of IT.

How To Start Blogging – Step 3 – Choose the domain name

When you choose your domian name, the name MUST have strong related to your main idea. Make the name not to long and to short, and make it easy to remember. For example, if your main idea is IT, then you can chose the name of your idea such as ‘ittutorial’.

How To Start Blogging – Step 4 – Configure the blog layout

Usually, blog provider will also provide layout themes to be choose by the blogger. Choose, one layout that best suited for you. If you already know about web development, you can make your own layout.

How To Start Blogging – Step 5 – Post something

Anything that you post in your blog, MUST have reltion to the blog name and the main idea, except your blog is private one. Just imagine if a visitor visit your blog and read the name of your blog such as ‘ittutorial.blogprovider.com’, they will expect to read jurnal about IT. And what if they found gardening jurnal in your blog, or coocking jurnal, they will be disapointed, and more likely they wont visit your blog in the future.

On other cases, in the early day, you will be easily post something in your blog because you have lots of idea. However, in several weeks or months, you might feel difficult to post something. In this case, you search some idea on the internet. You an also search some article in the internet, and expand it more or talk about it more deep than post it in your blog in different ways. In some case, you may add the source of your idea.

Make a target is a good way to improve your blog. Let say make a target to post atleast one jurnal each day. In this case, you can have 364 jurnals in one year. Be ready of time consuming, because force your self to post something when there is no idea will be time consuming. However, dont wait till the idea come out. Waiting the idea for comeout, will make you post your jurnal very slow. On the contrary, the idea may come out when you start writing jurnal.

How To Start Blogging – Step 6 -Make your blog popular

The last two steps are the hardest steps. To make your blog popular, you have to implement several stategies such as SEO and Blog Cirlce. SEO it self have many method that I wont descrive it here. However, you can do Blog Circle easily. In this case, what you need to do is visit others blog and leave comment there and also give your blog address. Becareful, dont leave a spamming massage. It will make your comment wont be published either by the system or the blogger.

I think that is all of 6 steps How To Start Blogging. Just keep in mind, that building a greag blog is not a one day task, you need patient to build it. It may takes days, months or even years. Hope this How To Start Blogging will be usefull for you.

 

http://septiadi.com/2011/03/31/how-to-start-blogging/


Cloud Computing

Cloud Computing

Have you heard about Cloud Computing? Actualy, I just heard Cloud Computing several week ago. However, I already use Cloud Computing for a long time.

Cloud Computing is a general term for anything that involves the provision of services that hosted over the Internet. These services are broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The term cloud computing itself inspired by the symbol of the cloud (hereafter still referred to as “cloud” for its understanding remains on track) are often used to represent the Internet in the flow charts and diagrams.

Cloud Computing has three special characteristics that distinguish it from traditional hosting. The service is sold on request, which is usually per minute or per hour; is flexible – that user is allowed to have any desired service according to the time given, and the service is fully managed by the provider (customer only need a computer and Internet access). Significant innovations in terms of virtualization and distributed computing, including improved access to high-speed Internet and economic improvements, have increased interest in people to cloud computing.

Cloud Computing can be labeled private or public. Public Cloud sell the service to anyone on the Internet. (Currently, Amazon Web Services is the largest provider of public cloud.) Private Cloud is a proprietary network or a data center that supplies services including host to people in limited numbers. If a service provider using the resources of private property cloud, then the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy access, scalable to computing resources and IT services.

Here are some breakdowns of the above understanding of Cloud Computing.

  • SAAS (Software As A Service), a concept which the company service providers (providers) have an application that can be used by multiple clients, with this client does not need to set up a server and software licenses purchase, they simply buy the service from the application, of course this will cut the operating costs of the company.
  • PAAS (Platform As A Service), is a type of cloud computing service that menyedikan form application development environment, an application development environment where developers can run applications on the server provider and submitted to his client over the Internet.
  • IAAS (Infrastructure As A Service), is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.

That is it my explanation about  Cloud Computing. Hope this Cloud Computing article will be useful for you.

 

http://septiadi.com/2011/03/30/cloud-computing/


Improve Windows 7 Performance

Improve Windows 7 Performance

In this articel, I ll try explain about Improve Windows 7 Performance. This article suitable for you that using windows 7. Usually windows 7 is more faster and more lighter thant windows vista. However, if you feel that your windows 7 become slow, then it is time to Improve Windows 7 Performance.

There are several ways to Improve Windows 7 Performance.

Improve Windows 7 Performance in Booting

  1. Run ‘msconfig’ by type it on run box in start.
  2. Click tab ‘boot’, then click ‘advance options’.
  3. Check ‘number of processors’ and change the number bellow it into some number that match with your processor.
  4. Check ‘maximum memory’ and increase the number bellow it. In my case, I double the number.
  5. Click ‘OK’, then click ‘Apply’, then click ‘OK’.
  6. Restart you computer.

Improve Windows 7 Performance in Shutdown

  1. Run ‘regedit’ by type it on run box in start.
  2. Click on ‘HKEY_LOCAL_MACHINE’, then ‘SYSTEM’, then ‘CurrentControlSet’, then ‘Control’.
  3. In right side coloumn, double click on ‘WaitToKillServiceTimeOut’.
  4. Change the value into smaller number. Exp. 7000 that means 7 second.
  5. Close the window and restart.

Improve Windows 7 Performance in Using Application

  1. Right click on your desktop background.
  2. Chose ‘personalize’
  3. Set ‘Basic and High Contrast Theme’ for ‘Windows Classic’ or High contras type theme.
  4. Close the personalization window.

There is many other steps that can you use to Improve Windows 7 Performance. However, the above three steps are simple and need no additional programs to implement it. Hope this Improve Windows 7 Performance article will be useful for you.

 

http://septiadi.com/2011/03/29/improve-windows-7-performance/


Free Online Cronjob

Free Online Cronjob

Free Online Cronjob is one of many services provided in Internet execute Cronjob. Indstead executed by the site server, the cronjob is executed by other site. However, not all of them and all of their feature are free. You can still use fully Free Online Cronjob if you met some criteria.

May be some of you still new about conjob. Therefore, I have to explaine little bit about cronjob. Cronjob is a task that executed by server continously for a particular of time or set interval of time. Instead of user/admin trigering the task, the task will be executed automatically.

May be some people ask, “why do we need Free Online Cronjob while we can do it in our server?”. Indeed, you dont need if you can do it from your own server. However, if you user hosting that dont provide cronjob scheduler, then you need thisFree Online Cronjob.

Lets just jump to the list.

Free Online Cronjob – Cronjobs.org

Cron service provided can be free if it don’t take a great resource. There is a direct calculation of costs that may be imposed if the cronjob options and settings are included. So just set the settings for fees charged fixed 0 or free. For example, the cronjob for every 30 minutes is free but more often than it will cost more. Likewise with expired period of the cronjob, if less than 49 days was calculated for free, and longer will be charged. Other settings are varied as the size of data download, action, notification, and others.

Free Online Cronjob – scheduler.webgrid.com

Interface is so simple. However, the services provided are free, with no payment option. To create a new task, input interval, input URL that will be called, and an email address for sending notification of the results when executed. The most often possible interval is once an hour, no more often than that.

Free Online Cronjob – Webcron.org

Website default language of instruction is French, but there are options to change it into other languages ​​including English. Besides its common features, there are interesting features which are history that allows viewing any time that the cronjob executed and result for HTTP headers and content information. The period of the smallest possible interval itself is one hour.

Free Online Cronjob – Onlinecron.com

The only language used is French. The advantages compared to the previous service is cronjob can be executed more frequently at intervals of 5 minutes.

Free Online Cronjob – Cronjob.de

The only language used is Germany and no other language options. Just like Onlinecron.com, URLs most frequently executed 5 minutes once. There are prerequisites to enable the cron job, you must create an HTML file containing the specified name and text “cronjob.de” on the website where the URL that will be executed. In addition to this cron service, there are also other services which are server monitoring and backlink check.

There are many other Free Online Cronjob provided in Internet. You can use whatever you like and neede. For an advice, because this cronjob are free, make sure that your cronjob is executed. You can check by inserting a mysql query in cron file that will insert to cron databaser while the file executed. In addition, Free Online Cronjob my change its service in the future.

http://septiadi.com/2011/03/28/free-online-cronjob/


CSS Round Border With No Image

CSS Round Border With No Image

CSS Round Border With No Image is one of many technique to improve the appearance of your website. Different with other css round border, css round border in this article will use no image. Therefore it will reduce the bandwidth needed to load the page.

If we search in the internet, many css round border tutorials will use image in their corner. Therefore, in this article I will try to explain about how to make CSS Round Border With No Image. And I will try to make it as simple as i can.

First, we need the css code:

.septiadi{width:350px;}
.septiadi .r1{height:1px;margin:0 9px;background-color:black;}
.septiadi .r2{height:1px;margin:0 6px;border-width:0 3px;border-style:solid;}
.septiadi .r3{height:1px;margin:0 4px;border-width:0 2px;border-style:solid;}
.septiadi .r4{height:1px;margin:0 3px;border-width:0 1px;border-style:solid;}
.septiadi .r5{height:2px;margin:0 2px;border-width:0 1px;border-style:solid;}
.septiadi .r6{height:3px;margin:0 1px;border-width:0 1px;border-style:solid;}
.septiadi .content{margin:0;border-width:0 1px;border-style:solid;padding:10px;max-width:100%;overflow:hidden;}
.septiadi .header, .septiadi .footer {margin:0;border-width:0 1px;border-style:solid;padding:0 10px;max-width:100%;overflow:hidden;}

.septiadi .header{ background-color:#bbb;border-color:#aaa;padding-bottom:5px;font-size:20px;color:white;}
.septiadi .top .r2,.septiadi .top .r3,.septiadi .top .r4,.septiadi .top .r5,.septiadi .top .r6{ background-color:#bbb;border-color:#aaa;}
.septiadi .footer{ background-color:#bbb;border-color:#aaa;padding-top:5px;font-size:10px;}
.septiadi .bottom .r2,.septiadi .bottom .r3,.septiadi .bottom .r4,.septiadi .bottom .r5,.septiadi .bottom .r6{ background-color:#bbb;border-color:#aaa;}
.septiadi .content{ background-color:#eee;border-color:#aaa;}
.septiadi .r1{ background-color:#aaa;}

Then the next code, is the HTML. In this case, I divide the HTML code into three session that are Header, Content, and Footer.

<div class="septiadi">
<div class="top"><div class="R1"></div><div class="R2"></div><div class="R3"></div><div class="R4"></div><div class="R5"></div><div class="R6"></div></div>
<div class="header">Header Here</div>
<div class="content">
Content Here
</div>
<div class="footer">Footer Here</div>
<div class="bottom"><div class="R6"></div><div class="R5"></div><div class="R4"></div><div class="R3"></div><div class="R2"></div><div class="R1"></div></div>
</div>

You can change the class name “septiadi” into other name. The reason I give this name is to avoid crash with other style that you might have already in your website. You can also delete the Header or Footer div if you feel better without it. However, make sure you change the background-color in css for “top” and “bottom” class into “#eee”, so it will match with background-color of the content.

The result will look like:

CSS Round Border With No Image

CSS Round Border With No Image

The explaination about the css:

round corner zoom

round corner zoom

The round corner zoom picture is the zoom preview of right top corner. It made by using seven div with different class, start from class R1 to R6 and class either header, content or footer.

In this CSS Round Border With No Image, I use 6 level of div to build the corner. With little bit experiment, you can make CSS Round Border With No Image with more than 6 level of div to build the corner.

 

http://septiadi.com/2011/03/24/css-round-border-with-no-image/


Types of Dangerous Programs

Types of Dangerous Programs

There is many Types of Dangerous Programs out there in the internet. However there is only few people know what the Types of Dangerous Programs that may harm their computer. Most of them only know about Virus and sometime mistakenly call other Types of Dangerous Programs as Virus. Therefore, it would be best if in this time I explain about Types of Dangerous Programs.

Types of Dangerous Programs no 1 – Virus

In general, viruses are computer program which have the capability to replicate by inserting a different program into a file. Computer viruses can spread speedily around the files inside a laptop or computer, or maybe infect other files in your laptop or computer, either using a network or via the actions of the exchange of files. Some time in the past most viruses have the extension executable file (ending in COM or EXE). This virus can cause damage.

Types of Dangerous Programs no 2 – Trojan Horse

Trojan horse (Trojan horse) is actually not a virus in real terms, because the program does not have the capability to replicate itself to other programs. Even so, the program is no much less dangerous when in comparison with a computer virus. Trojan integrated in RATS (remote accessibility trojans), exactly where a pc may be managed by particular systems, even some trojans enabled so that you can open the computer that has been infected from afar. Trojan Horse is generally packaged in the type of a program that is attractive but has hidden additional purpose to complete the destruction. If the user run the program then instantly the system may be contaminated.

Types of Dangerous Programs no 3 – Worm

The worm can infect computers if the computer we use download packages from the web and do not have excellent security. Popular worm found on has extension executable program file (. EXE datau. SCR). The worm is normally easily spread by way of e-mail at the time of attachment (insert the data in E-mail). Its main function is to conduct attacks and spreads also as retrieve information and deliver e-mail silently and random. The worm generally doesn’t trigger severe damage however the harm brought on worms enough to annoy users since worm will duplicate by itself by instantly sending the file by way of an attachment to every single address inside the address book in your e-mail. However the worm attacks the mailserver is extremely harmful for the reason that the outbreak of the worm brings about the mailserver workload jumped dramatically to affect efficiency.

Types of Dangerous Programs no 4 – Spyware

Spyware is really a software that secretly entered to the personal computer and retrieve critical data that we’ve got such an account and so on.. The first objective with the making of Spyware would be to search information from Online consumers and report the habits of an individual when using the internet. Spyware just isn’t really hazardous, due to the fact it only functioned to spy on one’s personal computer. Spyware is used as being a instrument to search individual data on a computer.

Types of Dangerous Programs no 5 – Adware

Adware actually functioned like a type of promotion or advertisement banners, but Adware is from time to time used to take the bandwidth, so the burden of internet connection is too great and finally make an web connection will become slow and disrupt the user when browsing / surfing the internet. Probably the most irritating thing when a kind of adware that infects our computers cannot be closed. Once a pop ad seems we close, soon will come more new pop. Pop-ups are ads that from time to time a little box pops as much as show the ad.

That is it the most common Types of Dangerous Programs. Similar with war strategy that better to know your enemy, knowing Types of Dangerous Programs will help you alot to overcome it.

 

http://septiadi.com/2011/03/23/types-of-dangerous-programs/