It’s not well known but this feature was invented by Microsoft and has been implemented across all major modern browsers ever since IE 5.5. Adding an attribute of contenteditable and assign a value of “true” to it makes the content value / inner text of that element editable by a single click:
{ 3 comments }
It may considerably reduce XSS attack possibilities if not completely eradicate it. XSS, or Cross Site Scripting, is probably the most common security problems in web applications that engage in heavy user input. If you’ve ever tried to build a web application that users can input data in a lot of different venues, chances are it has a security hole somewhere that allows XSS attacks. Don’t panic though. Most web applications, even the most sophisticated ones developed by the best programmers such as vBulletin and WordPress release patches from time to time to fix XSS holes.
{ 1 comment }
It goes without saying that sensitive information such as passwords or pass phrases should never be stored in plain text in the database in the first place. The common practice is to hash the user password and store the resulted hash string. When the user tries to log in and supplies his password, it is used to generate a hash string to be compared to the one stored in database. If they are identical, the password is matched and the user authenticated because the chance of 2 distinct strings having the same hash string is so low that it’s deemed mathematically impossible.
{ 12 comments }
To send parameters to a PHP script, you can either fabricate a form and post a few variables by the POST method or simply send a request of a URL full of GET value pairs. This way, in the server side PHP script code, you can retrieve these parameters sent from the client in $_POST or $_GET. The trick is, other than receiving the values from client requests, you can manually assign values to them in your code. For example, click to continue
{ 2 comments }
To check if a URL or an email address is valid, the common solution is regular expressions. For instance, to validate an email address in PHP, I would use:
{ 4 comments }
It may seem simple at first because most of us should be relying on the server side environmental variable REMOTE_ADDR solely for client IP addresses:
{ 13 comments }
With a Quantcast world traffic rank of less than 1000, Stack Overflow has become the most visited website for developers and software engineers. It doesn’t require a genius to figure out that the site is raking in tremendous advertisement revenues while the full potential of its monetizing capacity hasn’t been unleashed yet because the creators decided that the user experience comes a much higher priority.
{ 0 comments }
If you were like me who accidentally closed the browser window of his PayPal account AND immediately tried to reopen it by typing in www.paypal.com in the browser address bar, chances are your PayPal account is instantly limited.
{ 6 comments }
A quick post to share with my readers some interesting findings regarding email marketing. Outlined by the ninth bi-annual Email Marketing Metrics Report by MailerMailer, these data is based on 300,000 email messages dispatched over a period of 6 months that ended on December 31, 2008. Here are some key statistic discoveries from the report that can be used to optimize your email marketing campaigns and improve the results.
{ 3 comments }
While you can always use .htaccess and the mod_rewrite module to map SEO friendly URLs to actual PHP parameterized URLs with question marks and ampersands, you can simply put these lines in .htaccess and then rely on PHP entirely to recognize and handle all incoming URL requests of any kind / form: click to continue
{ 10 comments }
PHP file upload max size is determined by 3 configuration values in php.ini, namely upload_max_filesize, post_max_size and memory_limit. You can get the maximum file size allowed in uploading by this snippet:
{ 6 comments }
I guess most of the websites out there are using plain strings for the years of footer copyright because many of them are still showing 2009 right now. If you have quite a few websites as I do, it’d be kind of intimidating to manually update the copyright years for all of them. So why not use PHP to output the current year automatically? The code is dead simple:
{ 1 comment }
PHP has a stat() function that returns an array containing the meta information of a file such as owner, size, time of last access, last modification or last change. It’s basically the stat command under Linux that returns and shows the file system meta information of any file or directory:
{ 0 comments }
Googlebot is the indexing program of Google that visits your site to fetch the content to determine your search engine rankings. With a popular website, tens of thousands of pages can be a problem in that Googlebot may visit more than you want because it’s expending your precious bandwidth and even crashing your server. Every crawler bot visit is no different than a user one and your site has to perform all necessary actions and logics to render the web page to the search engine crawler bot such as Googlebot including searching through a database with potentially millions of records which could take a while. Imagine, the Googlebot pays 300,000 visits a month to your site. That’d be a substantial expenditure in bandwidth and server computing resources.
{ 0 comments }
Facebook
Twitter
Google Plus