Setup a web server in Linux Ubuntu

Try the following code in terminal:

That’s It! In the installation you may be asked for mysql password for root. Set as you wish but remember it as you will need it.

Thanks: Ronju vai

Some Security Issue (php)

Never, Ever, Trust Your Users

It can never be said enough times, you should never, ever, ever trust your users to send you the data you expect. I have heard many people respond to that with something like “Oh, nobody malicious would be interested in my site”. Leaving aside that that could not be more wrong, it is not always a malicious user who can exploit a security hole – problems can just as easily arise because of a user unintentionally doing something wrong.

So the cardinal rule of all web development, and I can’t stress it enough, is: Never, Ever, Trust Your Users. Assume every single piece of data your site collects from a user contains malicious code. Always. That includes data you think you have checked with client-side validation, for example using JavaScript. If you can manage that, you’ll be off to a good start. If PHP security is important to you, this single point is the most important to learn. Personally, I have a “PHP Security” sheet next to my desk with major points on, and this is in large bold text, right at the top.

Global Variables

In many languages you must explicitly create a variable in order to use it. In PHP, there is an option, “register_globals”, that you can set in php.ini that allows you to use global variables, ones you do not need to explicitly create.

Consider the following code:
[php]
if ($password == “my_password”) {

$authorized = 1;

}

if ($authorized == 1) {

echo “Lots of important stuff.”;

}
[/php]

To many that may look fine, and in fact this exact type of code is in use all over the web. However, if a server has “register_globals” set to on, then simply adding “?authorized=1″ to the URL will give anyone free access to exactly what you do not want everyone to see. This is one of the most common PHP security problems.

Fortunately, this has a couple of possible simple solutions. The first, and perhaps the best, is to set “register_globals” to off. The second is to ensure that you only use variables that you have explicitly set yourself. In the above example, that would mean adding “$authorized = 0;” at the beginning of the script:

[php]
$authorized = 0;

if ($password == “my_password”) {

$authorized = 1;

}

if ($authorized == 1) {

echo “Lots of important stuff.”;

}
[/php]

Source: http://www.addedbytes.com/writing-secure-php/writing-secure-php-1/

Comments are appriciated.

Face Ditector Jquery Plugin

Face detection is a common feature in most digital cameras today; the white or red square that pops around someones face when we are focusing the camera on that person. Face detection algorithms enables the software to pinpoint the locations and sizes of human faces in digital images, whatever the surrounding objects may be.

Face-Detection is a jQuery plugin that enables you to detect human faces in images. Besides the crucial algorithm that does the main work it uses HTML5 Canvas element to grab the image data. This means that the plugin only works on browsers that support the HTML5 Canvas element. A immediate application I thought of was to use it to automatically crop faces from pictures to be used as profile photos.

I tried it on various types of images – groups of people, individuals, portraits – and it got a detection success of around 85%. As you can see from the demo given, it fails to detect the face on the extreme right. Still, quite nice for such a small piece of Javascript; with some more tweaks to the detection code by the author, the accuracy will get better over time and we can think of more browser applications of these concepts.

Source:

http://www.codediesel.com/javascript/face-detection-using-jquery/

header() function in the middle of a php page

We can’t use header() function in the middle of a page in php. header() function is used for redirection. If the page prints something before this function then we get a message like “header already sent by….blablabla”.

But we have another way to use header() function in anywhere of a page. We have to use two more function to make it working perfectly. Those two are: ob_start() in the first line of a page a and ob_flush() in the last line of that page We can omit the second one but there are some problem. I will discuss it later.

So, the final syntax is:

[php]

[/php]

This is one type of buffering. The server will buffer all the content and then print together. If there is any header() function then it works first. But of course keep it in mind that, this method will increase program run-time. So, enjoy.

Any comments are appreciated…