PHP Programming

SQL Injection is a technique used by hackers to attack websites that accept GET or POST data. This is typically submitted to the server from web forms, but can be submitted directly to the web server using other methods besides a browser. The results of successful SQL Injection (and Code Injection) include accessing/modifying the MySQL Database, accessing/modifying the file system, viewing and stealing scripts, passwords, and other private information, and some others. Whatever the case may be, you do not want an attacker to successfully submit an SQL Injection against your website and there are steps you can take to prevent this security vulnerability from being exploited. (more…)

Creating secure passwords to prevent brute force attacks is in contrast to secure passwords that users can remember and enter correctly. Users tend to forget mixed upper case and lower case letters, especially if mixed with numbers and even more with non-alphanumerics. Captchas enhance the security of PHP web forms by blocking brute force attacks that enlist the power of automation. Where you draw the line between user friendly passwords and truly secure passwords is a personal and business choice. (more…)

Part of security software vendor CA’s Web site was hacked earlier this week and was redirecting visitors to a malicious Web site hosted in China. (more…)

The letter below has been circulating the Internet and has not been verified by us. However, who the heck would not support our troops! Sounds like a bunch of hypocritical communists at Starbucks. Regardless of the political affiliations and tendencies one might have, it is a core requirement as a US Citizen to maintain and support the safety and sanity of our country. Starbucks must hate our great country to ignore our valuable citizens who fight for our freedom regardless of their own political affiliations or tendencies. Perhaps Starbucks has grown complacent from the vast revenues generated by those same offended citizens of the United States who they would ignore and offend. What are the odds that those offended citizens would act in response to Starbucks’ egregious behavior? (more…)

The following list is taken from W3 and posted here for easy reference. These are to be used for various situations when you want to override the default status sent by the server. Situations include when your content is deleted, but you do not want the search engine to see a broken link or missing page. If your content moves to a new location, you can inform browsers and engines to permanently look to the new location, not the old one. Keep the original page and return a header with the example below. Make sure your headers are sent BEFORE any content is sent, else you will likely get an error, or the header may be ignored. Explanations of each Status Code is included below. Please refer to W3 for latest updates and additions.

Example: header(’HTTP/1.1 301 Moved Permanently’); (more…)