Digicorp - Archives: 2009 May

Overview of Flex

May 29th, 2009 by nishant.shah § 1

What is Adobe Flex ?

Adobe Flex is a software development kit released by Adobe Systems for the development and deployment of cross-platform rich Internet applications based on the Adobe Flash platform. Flex applications can be written using Adobe Flash Builder or by using the freely available Flex compiler from Adobe.

Adobe Flex takes you to the next level of web application development with the concept of Rich Internet Application(RIAs).You may have seen applications developed natively in Flash itself and realized that it offers a much more robust experience for the user where productivity is bolstered by ease of use,streamlined workflow,and real time interactivity that is impossible to accomplish in HTML itself. However developing rich applications in Flash for those who are core developers is daunting and unintuitive. The Flash development tool is geard for designers, and developing on a timeline is a strange concept. Flex removes that barrier entry by providing a programmatic way for developing these RIAs.

Flex is very prominent and familiar with professional developers. Flex is a set of products designed in an effective way based on efficient delivery of high performance.

Flex is a standard-based programming model for high performance rich internet applications. Flex application will take advantage of adobe flash player 9 and this will enable developer to extend the capabilities enables the client with richer applications in real time.

Flex is a cross-platform development framework for creating Rich Internet Applications(RIAs). A component based tool that you can use to develop apps that run using Flash player or Adobe Air. Adobe Flex Builder software is an Eclipse based IDE for developing RIAs.

Basics of Flex :

Runs in the Flash Player or AIR.
Tag based markup MXML serves as the basis for Flex Projects.
MXML is a custom XML namespace,looks like <mx:MyTag></mx:MyTag>.
Component based development : Containers / Layouts Components , UI Elements , Data Connectors.
ActionScript 3 can be used to add behaviors or other interactivity not covered by MXML.
Supports common OOP practices like MVC patterns,code behind,etc.
MXML components can be brought onto the canvas via the GUI similar to Dreamweaver or VisualStudio.
Markup can be written by hand with code assist, too. Again, similar to Dreamweaver or VisualStudio.
MXML components have attributes that allow for modification of appearance or behavior.
Components can be extended for additional capabilities or reuse via MXML or AS or a combo of both.
Containers control layout (Canvas, Vertical Box, Horizontal Box)
UI components display data, control interactivity or display states or other visual feedback (Datagrids, lists, buttons, selects menus,radio buttons, etc.).
Data components load or send data (Services, XML, Remoting, etc).
Other tags include: Script, Style, etc.
Tags can be nested similar to HTML/XML.

Release history :

Flex 1.0 – March 2004
Flex 1.5 – October 2004
Flex 2.0(Alpha) – October 2005
Flex 2.0 Beta 1 – February 2006
Flex 2.0 Beta 2 – March 2006
Flex 2.0 Beta 3 – May 2006
Flex 2.0 Final – June 28,2006
Flex 2.0.1 – January 5,2007
Flex 3.0 Beta 1 – June 11,2007
Flex 3.0 Beta 2 – October 1,2007
Flex 3.0 Beta 3 – December 12,2007
Flex 3.0 – February 25,2008
Flex 3.1 – August 15,2008
Flex 3.2 – November 17,2008
Flex 3.3 – March 4,2009

What is Flex Builder ?

Macromedia recently released Flex Builder (formerly known as “Brady”), an IDE based on Macromedia Dreamweaver MX 2004. Bundled with the Flex application server, Flex Builder provides a WYSIWYG environment for creating Flex applications, an integrated debugger, and code hinting for ActionScript and MXML (plus all of the features supported by Dreamweaver).

The IDE still shows some rough edges. For example, clicking “Help” in the “Manage Sites” dialog launches “Using Dreamweaver,” not “Using Flex Builder.” So, if you get stuck in the middle of defining a new Flex site, you won’t have access to Flex Builder’s excellent support documents. In test instances, opening any “On Demand” video tutorials launched Mozilla-even though it wasn’t set as the default browser.

Perhaps the best way to get a sense of the productivity benefits of Flex Builder is to compare it to Macromedia’s other Flash IDE, Macromedia Flash MX 2004 Professional. Both IDEs support a component called “Accordion” that provides a compact interface widget for showing and hiding information. A Flash developer can drag the Accordion component to the stage, but to populate it with data must use the ActionScript Accordion.createChild() method to instantiate a UIObject or link an existing symbol. It’s not rocket science, but it is time consuming. A developer working with Flex Builder, on the other hand, can simply drag an Accordion container to the stage and populate it with drag-and-drop controls such as form widgets or images. The difference in productivity is an order of magnitude. Think of Flex Builder as Visual Studio.NET Light for Flash.

Advantages of Flex :

Flex applications can be intuitive, easy to use, and almost have the feel of the desktop.
Easy to program and deploy.
Can be deployed right now on 50% or more of the world’s browsers, with ubiquity increasing daily.
Dedicated IDE based on Dreamweaver available now.
Doesn’t require a large client installation like the .NET runtime.
Extensive Visual component library.
Powerful coding tools.
Scalable and reliable solution.
Superb Flex programming model.
Easy Integration into a server application.
High performance data synchronization engine.
Interactivity due to video, audio, streaming and messaging components.

Disadvantages of Flex :

Macromedia has poor track record with servers and server tools.
Expensive.
No free developer download.

Examples :

To get record from DataGrid from particular row and column :
- var SelectedData:String = DataGrid.dataProvider[event.rowIndex][DataGrid.columns[event.columnIndex].dataField];
To create Custome Menu on right click :
- private var cm:ContextMenu = new ContextMenu();
  cm.hideBuiltInItems();
  
  var newMenu:ContextMenuItem =
  newMenu.addEventListener(ContextMenuEvent.Menu_ITEM_SELECT,
  
  doMenuFunction);
  
  cm.customItems.push(newMenu);
- private function doMenuFunction():void
  {
  }
  
  It Shows Selected Menu Item.

ASP.NET Security

May 29th, 2009 by nikunj.padaliya § 0

Security is one of the most important concerns in application software development. Building a robust security model is one of the most important factors that drive the success of application software. As far as security in ASP.NET is concerned, three terms come into my mind, i.e., Authentication, Authorization and Impersonation. Put simply, authentication authenticates the user’s credentials and authorization relates to the resources that an authenticated user has access to. This article is the first in a series of articles on ASP.NET security and discusses these concepts and their applicability.

Let us start our discussion with a brief outline on the sequence of events are as far as authentication and authorization are concerned when a new request comes in. When a new request arrives at IIS, it first checks the validity of the incoming request. If the authentication mode is anonymous (default) then the request is authenticated automatically. But if the authentication mode is overridden in the web.config file settings, IIS performs the specified authentication check before the request is passed on to ASP.NET.

Authentication

Authentication determines whether a user is valid or not based on the user’s credentials. Note that a user can be authorized to access the resources provided the user is an authenticated user. The application’s web.config file contains all of the configuration settings for an ASP.NET application. An authentication provider is used to prove the identity of the users in a system. There are three ways to authenticate a user in ASP.NET:

Forms authentication
Windows authentication
Passport authentication

Forms Authentication

This is based on cookies where the user name and the password are stored either in a text file or a database. It supports both session and persistent cookies. After a user is authenticated, the user’s credentials are stored in a cookie for use in that session. When the user has not logged in and requests for a page that is secured, he or she is redirected to the login page of the application. The following code snippet illustrates how this can be implemented in ASP.NET.

Windows Authentication

Windows Authentication is used to validate a user based on the user’s Windows Account; however, this is only applicable in intranet environments where the administrator has full control over the users in the network. The following code snippet illustrates how we can implement Windows Authentication in ASP.NET.

Passport Authentication

Passport authentication is a centralized authentication service that uses Microsoft’s Passport Service to authenticate the users of an application. It allows the users to create a single sign-in name and password to access any site that has implemented the Passport single sign-in (SSI) service. The following code snippet illustrates how we can implement Passport Authentication in ASP.NET.

Authorization

Authorization is the process of determining the accessibility to a resource for a previously authenticated user. Note that authorization can only work on authenticated users, hence ensuring that no un-authenticated user can access the application. The syntax for specifying authorization in ASP.NET is as follows.

<authorization>
< [ allow | deny ] [ users ] [ roles ] [ verbs ] />
</authorization>
In ASP.NET, there are the following types of authorizations.

URL Authorization
File Authorization
Authorization based on ACL (Access Control List)

Impersonation

According to MSDN, “When using impersonation, ASP.NET applications can optionally execute with the identity of the client on whose behalf they are operating. The usual reason for doing this is to avoid dealing with authentication and authorization issues in the ASP.NET application code. Instead, you rely on Microsoft Internet Information Services (IIS) to authenticate the user and either pass an authenticated token to the ASP.NET application or, if unable to authenticate the user, pass an unauthenticated token. In either case, the ASP.NET application impersonates whichever token is received if impersonation is enabled. The ASP.NET application, now impersonating the client, then relies on the settings in the NTFS directories and files to allow it to gain access, or not. Be sure to format the server file space as NTFS, so that access permissions can be set”.

Note that Impersonation is disabled by default and can be specified in the web.config file as shown in the code snippet given below.

To impersonate a particular identity, specify the following in your application’s web.config file.

Suppress a Section That Contains a Blank Subreport

May 29th, 2009 by kuldip.bhatt § 14

How can you suppress a blank sub report from displaying on the main report.

Moreover, you want to suppress the sections within a subreport, if there is no data, so that it does not display on the main report?

For Example:

There is a subreport contained in the main report. If the subreport does not contain any data, you do not want it to display in the main report. You want to suppress the sections of the blank subreport.

Solution

A subreport is an object within the Crystal Reports designer. Since the subreport is inserted into the main report, it cannot be entirely suppressed.

Even when a subreport does not have any records, the subreport object still exists within a section of the main report. This means the Crystal Reports designer does not consider a section that contains a subreport as a blank section.

You notice that by selecting the ‘Suppress if blank’ option, from the ‘Section Expert’ does not work.

To workaround this, you must first suppress the blank subreport, then shrink the blank section.

Suppressing a Blank Subreport

To suppress the blank subreport, complete the following:
1. In the main report, right-click the subreport object and click ‘Edit Subreport’. This takes you to the ‘Subreport’ tab of the main report.

2. On the ‘File’ menu, click ‘Report Options’.

3. Select the ‘Suppress Printing if No Records’ checkbox, and then click ‘OK’.

4. Return to the ‘Preview’ tab of the main report.

5. Refresh the report.
Blank subreports now appear as empty boxes on the report.

Shrinking a Blank Section

To shrink the blank section, complete the following:

1. Format the subreport object so there are no borders:

· on the main report, right-click the subreport object and click ‘Format Subreport’.

· on the ‘Borders’ tab, select ‘None’ from the Top, Bottom, Right and Left boxes.

· Click ‘OK’ to return to the report.

2. In ‘Design’ tab of the main report, resize the height of the subreport object so it is as short as possible.

3. Move the subreport object so it is at the very top of the section.

4. On the ‘Format’ menu of the main report, click ‘Section’.

5. Select the section containing the subreport, select the ‘Fit Section’ checkbox, and then

click ‘OK’ to return to the report.

Now when you preview the main report, the blank subreports are hidden from view.

Two Crucial Debugging Tools

May 29th, 2009 by nilesh.shamnani § 1

There are two crucial debugging tools. Debugging Ajax applications presents challenges not present in a normal server-side application. If an Ajax call fails, you won’t necessarily know. You need a way of monitoring the Ajax calls that happen between the browser and server. The first tool is called Fiddler. You can download this tool (for free) at http://www.fiddler2.com. Fiddler enables you to view HTTP requests and responses, including Ajax calls. Fiddler works by installing itself as a proxy between your web browser and the rest of the universe. You can use Fiddler with Internet Explorer, Mozilla Firefox, Opera, Safari, and just about any other browser. After you install Fiddler, you can launch the tool by selecting the menu option Tools, Fiddler2 from within Microsoft Internet Explorer. After Fiddler launches, every browser request and response is recorded in the Fiddler Web Sessions pane. You can click a request and then click the Session Inspector tab to see the full request and response

NOTE :

If you can’t get Fiddler to capture page requests from localhost, try adding a period directly after localhost in the browser address bar. For example, make a request that looks like this: http://localhost.:6916/Original/Feedback.aspx If you are using Microsoft Vista, you might need to disable IPv6 support. In Fiddler, select the menu option Tools, Fiddler Options, and uncheck the Enable IPv6 check box.

The other critical Ajax debugging tool is Firebug, which is a free Firefox extension. You can download Firebug by launching Firefox and selecting the menu option Tools, Addons. Next, click the Get Extensions link. Finally, enter Firebug into the search box and follow the installation instructions. Firebug, like Fiddler, enables you to monitor Ajax calls, but it enables you to do much more. After you install Firebug, you enable it by selecting the menu option Tools, Firebug and unchecking Disable Firebug. After Firebug is enabled, you can click the green check box at the bottom right of the Firefox browser to open Firebug . Firebug has several very useful features for debugging JavaScript applications. For example, it enables you to set breakpoints in JavaScript scripts, inspect DOM elements, and determine which CSS rules apply to which elements in a page. Right now, however, I want you to notice that you can use Firebug to monitor Ajax requests and esponses. If you click the Net tab and the XHR tab, then every Ajax call will appear in the Firebug window. You can click a particular Ajax request to see the full request and response interaction between browser and server.

Things to take care while developing Arabic Sites and Applications

May 26th, 2009 by devdatt.mehta § 0

We are working with clients in Middle East for almost 5 years now and we have learned lot of things about development in Arabic language.

Following are some points which will help you in developing any website or application in Arabic.

Arabic is written right to left
If you are developing it for Kuwait clients price should be in KD and with 3 Decimal pleases.
How to display Arabic word in html ? Should I use UTF-8 charset to display Arabic in html page ?

For example =>

HTML HEAD TAG definition.

<head>

<title>الاختبار</title>

</head>

الاختبار

</body>

</html>

How to convert direction in html for Arabic ?

Arabic script is written from right to left direction of the page so to Display Arabic content use dir=’rtl’ attribute in html tag or direction=’rtl’ for css/inline style sheet. It is always right aligned.

For example

<head>

<title>الاختبار</title>

الاختبار

</div>

<tr>

<td align=’right’>الاختبار</td>

</tr>

</table>

</body>

</html>

Which format of Arabic words are displayed properly and in readable format ?

Use Font to display Arabic words in “Tahoma: font size 12”.

For example

<head>

<title>الاختبار</title>

<div style=”direction:rtl;text-align:right;”>الاختبار</div>

</body>

</html>

How to save Arabic data in MySQL or database ?

Use following step to insert, save and retrieve Arabic data.

Step – 1 Table collection should be in “utf8_unicode_ci”

Step – 2 Field collection should be in “utf8_unicode_ci”

Step – 3 Use following code after connection with database. it will

set MySQL server in “utf8 character set”.

mysql_query(“SET NAMES ‘utf8′”);

For Ref:http://dev.mysql.com/doc/refman/5.0/en/charset-unicode-sets.html

How to search Arabic word in php scripts?

or

How to develop Arabic search functionality in php scripts ?

If you are not storing data in UTF-8 then you must use “urlencode” and “urldecode” function

For example

At the time of request.

$keyword = urldecode($_POST['keyword']);

SELECT * FROM <table_name> WHERE <Field Name> LIKE ‘%$keyword%’

At the time of redirect.

$keyword = urlencode($keyword);

header(‘location: file.php?keyword=$keyword’);

window.location.href = “file.php?keyword=<?=$keyword?>”;

</script>

Suggestion for multi language application setup

For example English and Arabic

1. Use prefix/LANG_CODE “ar_” and “en_” concat with field name.</

2. Query format

SELECT LANG_CODE.”field1″, LANG_CODE.”field2″,….

3 Multi language application folder structure. It is better that you should store css and images in different folder.

For example

Folder Structure

-CSS_EN

-CSS_AR

-IMAGES_EN

-IMAGES_AR

4. Words module

- Give rights to administrator to edit Arabic and English word to rectify any mistake, if any.

- For retrieve data rapidly must store all Arabic and English word in .xml file.

For example

<?xml version=’1.0′ encoding=’UTF-8′?>

<lang>

<words>

</words>

</lang>

Create PHP constant file for words.

ar_words.php

<?php

define(SIGNIN,trim(str_replace(‘#’,'&#’,$p->output['0']['child'][0]['child'][3]['attrs']['ARABIC'])),” “);

en_words.php

<?php

define(SIGNIN,$p->output['0']['child'][0]['child'][3]['attrs']['ENGLISH']);

Let us know if you feel some important points are missing here.

How to Install and Configure MySql, Apache2, PHP, ffmpeg on Fedora Linux

May 26th, 2009 by bhumish.shah § 3

Following Are The Steps for MySql Server Installation

1. To download MySql Source Go To Below link

Note: There Are 2 Versions Available For MySql

1) Community Edition: (It’s a Free Edition)

2) Enterprise Edition: (You Have To Purchase License For MySql)

http://dev.mysql.com/downloads/

2. In This Example We Are Going To Install Mysql-communitiry Edition

Rpm Package for MySql MySQL-server-community-5.1.34-0.rhel5.i386.rpm

Note: For Example if you are Using Fedora, Redhat, CentOS, Then You Have to Download RPM Package .

If You Are Using Debian, Ubuntu Then You have to download deb Package

3. For Mysql-Server Installation Type the Following Command on Terminal

rpm -ivh MySQL-server-community-5.1.34-0.rhel5.i386.rpm

You Can Also Install MySql Server on Server Using the Following command

yum install mysql-server

To start Mysql Automatically After System Reboot

chkconfig mysqld on

To Check Whether mysql Server is Installed or Not

rpm -q mysql

This command Give the Output of Mysql Installed Version on Server

To Restart, Stop, Start Mysql Use the Following Command

/etc/init.d/mysqld restart

/etc/init.d/mysqld stop

/etc/init.d/mysqld start

4. For MySql Administration you have to install Mysql-administrator And MySql-Query-Browser

To Do This

Yum install mysql-Query-browser

Yum install mysql-administrator

How to Install Apache2 on Linux Server ?

1. Apache2 Is Installed by Default in Many Version of Linux If You Select WebServer Option during Your Linux Server Installation

2. You Can Also Manually Install Apache2 using Following RPMS on your Linux distribution CD

rpm -ivh httpd

rpm -ivh httpd-devel

3. To Install Apache2 with Yum Type The Following Command

Yum install httpd

To check whether apache2 is installed or not

rpm -q httpd

To Start Apache2 When System boots

Chkconfig httpd on

To Restart , Stop , Start apache2 Use The Following command

/etc/init.d/httpd restart

/etc/init.d/httpd stop

/etc/init.d/httpd start

Note: /var/www/html/ is Root Folder for Apache2. You have To Put Your Application In /var/root/html/ Folder To Run Your Site

How to Install PHP on Linux Server ?

PHP Is Installed By Default In Many Linux Edition. To Install PHP Type The Following Command

1. Yum install php

Note : php.ini File Is Located On /etc/ Folder .

How to Install FFMPEG on Linux Server ?

1. Install PHP, necessary extensions and supporting software.

Open Terminal & Type the Following Command

2. Yum -y install php-devel php-gd php-mbstring gcc gcc-c++ libtool svn git yasm gsm-devel libogg-devel libvorbis-devel libtheora-devel;

3. wget http://downloads.sourceforge.net/ffmpeg-php/ffmpeg-php-0.5.3.1.tbz2; \

4. tar -jxvf ffmpeg-php-0.5.3.1.tbz2; \

5. cd ffmpeg-php-0.5.3.1; \

6. phpize; \

7 ./configure –prefix=/usr; \

8. make; \

9. make install; \

10. cd ..;

11. add ffmpeg.so extension to php.ini file

Extension=ffmpeg.so

12. Restart httpd Service

/etc/init.d/httpd restart

13. To Verify ffmpeg Installation run phpinfo file on server & Find ffmpeg Entry

14. To download ffmpeg php Extension Go to Below Link

http://sourceforge.net/projects/ffmpeg-php/

open above link and click in Download ffmpeg-php -0.6.0

Why say NO to tables for layout formation?

May 26th, 2009 by Supriya Agnihotri Jagani § 0

Tables existed in HTML for one reason: To display tabular data. But then border=”0″ made it possible for designers to have a grid upon which to lay out images and text. Still the most dominant means of designing visually rich Web sites, the use of tables is now actually interfering with building a better, more accessible, flexible, and functional Web. Find out where the problems rise from, and learn solutions to create transitional or completely table-less layout.

The problem with using tables:

1. Mixes presentational data in with your content.
- This makes the file sizes of your pages unnecessarily large, as users must download this presentational data for each page they visit.
- Bandwidth ain’t free.
2. This makes redesigns of existing sites and content, extremely labor intensive (and expensive).
3. It also makes it extremely hard (and expensive) to maintain visual consistency throughout a site.
4.Table-based pages are also much less accessible to users with disabilities and viewers using cell phones and PDAs to access the Web.

View this example below.
When we use tables for creating a layout, we lose the semantic nature of the page. If a page follows this semantic order:

Title of Page
Primary Navigation
Content
Secondary Navigation
Copyright Notice

But is marked up this way:

<table>
<tr>
<td colspan=”2″> Title </td>
</tr>
<tr>
<td width=”20%”>
Navigation
item
item
item
item
</td>
<td>
Primary content
—
Secondary Navigation
</td>
</tr>
<tr>
<td> </td>
<td>(c) 2002</td>
</tr>
</table>

All semantic meaning is lost. Speech or text-only browsers would not enjoy this layout very much. Switching to CSS can be the perfect way to turn that jumble into an accessible, easy to decipher page.

Rescue is at hand

Instead of nesting tables within tables and filling empty cells with spacer GIFs, we can use much simpler markup and CSS to lay out beautiful sites that are faster to load, easier to redesign, and more accessible to everyone.

The solution: CSS and structural markup

By using structural markup in our HTML documents and Cascading Style Sheets to lay out our pages, we can keep the actual content of our pages separated from the way they are presented.

This has several advantages over using tables.

Some argue that CSS posesses no replacement for table-based layout. However, it can be easy (if the browsers get their act together!) to create a simple layout.

If we take the previous structure:

Title of Page
Primary Navigation
Content
Secondary Navigation
Copyright Notice

and then implement the following HTML in the <body>:

<h1 id=”top”>Title</h1>

<div id=”main”>
The main content
<div id=”secondary”>
secondary navigation
</div>
</div>

This is so much simpler, and you are able to see the clearly marked sections. Now to style this so it looks similar, or better, than the table-based version:

h1
{
border: 1px solid black;
}

#navigation
{
float: left;
width: 20%;
padding: 5px;
border: 1px solid black;
}

#copy
{
border: 1px solid black;
}

This creates a simple and easy to change layout. You will never need to modify every page, as you would with tables. Adding extra sections is very easy.

Bandwidth ain’t free

Using Web standards reduces the file sizes of your pages, as users no longer need to download presentational data with each page they visit. The Style sheets that control layout are cached by viewers’ browsers.

Reduced file size means faster loads and lower hosting costs.

All pages look like each other!

Using Web standards also makes it extremely easy to maintain visual consistency throughout a site. Since pages use the same CSS document for their layout, they are all formatted the same.

This strengthens your brand and makes your site more usable.

Write once, use anywhere, for everyone

Using Web standards makes our pages much more accessible to users with disabilities and to viewers using mobile phones and PDAs to access the Web.

Visitors using screen readers (as well as those with slow connections) do not have to wade through countless table cells and spacers to get at the actual content of our pages.

In other words, separating content from the way it is presented makes your content device-independent.

Improve your search engine ranking

Speaking of accessiblity, minimizing your markup and using header tags properly will also help improve your search engine ranking.

Reducing the ratio of code to content, using keywords in your header tags, and replacing header GIFs with actual text will all help your sites get better search engine results.

A pleasant enough looking table

table

A look beneath the surface

<td width=”338″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”338″ /></td>
<td width=”20″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”20″ /></td>
<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
</tr>
<tr valign=”top”>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″>This could really be done much more simply.</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″>Guess how much markup there is in this little table? 13.7k. There are 17 rows and 9 columns in this thing. And did I mention all of the spacer GIFs?</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
</tr>
<tr>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”150″ /></td>

<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
</tr>
<tr valign=”top”>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″>There are way too many table cells and spacers in here.</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″>And all of the dotted borders are done with a <code>background</code> attribute on table cells, which won’t validate.
<table summary=”list” width=”338″ border=”0″ cellspacing=”0″ cellpadding=”0″>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>
<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>

<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>A nested table? What for?</td>
</tr>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>
<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>
<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>To make a bulleted list? You’re kidding, right?</td>
</tr>
</table>
</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>

</tr>
<tr>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”150″ /></td>
<td width=”20″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”338″ /></td>
<td width=”20″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
</tr>
<tr>
<td colspan=”9″ width=”553″ height=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
</tr>
<tr>
<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
<td width=”11″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”150″ /></td>
<td width=”20″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>

<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
<td width=”11″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”338″ /></td>
<td width=”20″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
</tr>
<tr valign=”top”>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″>This could all be done with 8 table cells and 4 CSS rules.</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″>Seriously. 8 cells and 4 css rules, that’s all it takes.<table summary=”list” width=”338″ border=”0″ cellspacing=”0″ cellpadding=”0″>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>

<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>
<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>Oh no, another table masquerading as a bulleted list.</td>
</tr>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>
<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>
<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>Just mark up your bulleted lists as bulleted lists and let CSS do the rest.</td>
</tr>
</table>

</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
</tr>
<tr>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”150″ /></td>
<td width=”20″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”338″ /></td>
<td width=”20″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
</tr>
<tr>
<td colspan=”9″ width=”553″ height=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
</tr>
<tr>
<td rowspan=”3″ width=”1″ background=”images/1dot.gif”><img src=”images/spacer.gif” alt=”" height=”1″ width=”1″ /></td>
<td width=”11″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>

<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″>That’s it. Once you have those you’re golden.<table summary=”list” width=”338″ border=”0″ cellspacing=”0″ cellpadding=”0″>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>
<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>
<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>That’s better than using 8 more table cells to make a fake bulleted list, which ends up being much less accessible.</td>
</tr>
<tr>
<td width=”10″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”10″ /></td>

<td width=”328″ height=”10″><img src=”images/spacer.gif” alt=”" height=”10″ width=”328″ /></td>
</tr>
<tr valign=”top”>
<td width=”10″>•</td>
<td width=”328″>Excellent! The last fake bullet.</td>
</tr>
</table>
</td>
<td width=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
</tr>
<tr>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”150″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”150″ /></td>
<td width=”20″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”11″ height=”20″><img src=”images/spacer.gif” alt=”" height=”10″ width=”11″ /></td>
<td width=”338″ height=”20″> </td>

Recapping transitional designs

Use margin and padding instead of extra cells and spacer GIFs.

Use link and @import styles. The first for old browsers, the second for modern browsers.

CSS layouts: the future is here

The browsers that the vast majority of viewers are using today have good CSS support. They all have their quirks, but once you get used to them, you can work around them.

Coding CSS is easy. Even for a guy like me who thinks that most JavaScript looks like swear words.

if(links[x].length > 0);{
for (y=0; y<links[x].length; y++) {

Every CSS rule has a selector and a declaration. The declaration is made up of a property and a value. Properties that sound like they should be 2 words are hyphenated.

body {margin:0; padding:0}

.related {float:right; width: 15em; margin-left:1em; margin-bottom: 1em; color:blue}

#footer {color: gray; font-size: 0.6em; line-height: 1.2em; background-color: white; margin: 0}

Structural markup: code what you mean, mean what you code

While writing the actual CSS is simple, using CSS to do your layouts requires a slightly different way of thinking than most of us are probably used to.

Rather than thinking about things like “this goes here and this goes here” while we are working on a page or a layout, we need to think about the kinds of information in our page and the structure of that information.

We give the most important headline an <h1> tag; subheads get marked up with <h2> tags, etc.; and paragraphs are paragraphs.

This is what is known as “structural” or “semantic” markup.

Instead of putting your content inside of tables and table cells, wrap it in div elements. Give your div elements an id or a class that is descriptive of their content and/or function, rather than their appearance.

Avoid <b> and <br> markup

Think about why you want something to appear a certain way; what does it mean? Your markup can and should convey meaning, even to someone who cannot see your page. Semantic markup makes our pages more accessible to everyone, including search engines.

When you italize something, is that because you want to emphasize it, <em>.

If something is bold, it should probably be marked up as <strong>.

If you want a linebreak after something, chances are it should be marked up as a header element. If it’s not a header, is it part of a class that occurs throughout your site? If that’s the case then use CSS instead of <br>.

.foo {display:block}

What are nav bars?

Think about it: your navigation is actually an unordered list of links.

Mark them up inside <ul> tags.

* link1
* link2
* link3
* link4
* link5

Horizontal Nav bars

We can use CSS to control how these lists are displayed on our pages.

By using display:inline we can create horizontal nav bars.

Breaking down your pages

Once you have a grasp on the types of content in your site, it’s time to analyze your existing pages for logical divisions of content.

* Main navigation
* Subnavigation
* Headers and footers
* Content
* Related information
* Other

Analyze your table structure for nested tables and empty spacer and border cells. (We want to replace these with div tags or with a much simpler table structure.)

Replace presentational tags with structural markup

You can use find and replace (and regular expressions), but the easiest way to do it might be to view your existing page in a browser and copy and paste the text from there into your HTML editor.

Think about the structure of your document! Merely replacing <b> tags with <strong> tags is not enough.

What is the most important header? Mark it up with an <h1> tag. Mark your subheads with <h2> tags and so on. Mark up paragraphs with <p> tags. Mark up your navigation as unordered lists.

Choose a DOCTYPE and use it. (We recommend XHTML transitional, unless you’re hard core, in which case, go for it and use XHTML strict.)

Divide your page into logical divs

Put your main navigation into a div with an id of mainnav; put your subnav inside a div with an id or class of subnav, put your footer in a <div id=”footer”>, and wrap your content inside a <div id=”content”>.

It doesn’t look like much now, but once you start adding rules to your style sheets, things will get better quickly.

It’s time to start writing your CSS

At the begining, give each div a border. For example, div {border: 1px solid #000000; padding: 10px} This will help you see where they begin and end, and also whether or not you have any nesting going on.

Write your CSS for element selectors first (<html>, <body>, <p>, <h1>, <h2>, <ul>, <li>, etc.)

Use contextual or descendant selectors as much as possible. This will keep your markup much cleaner. For example, #subnav li {border: 1px solid #000000; padding: 10px; display: inline} will only affect list items that occur within your subnav div.

Examples of sites that are laid out with CSS

* CSS Zen Garden
* Adobe Studio
* ESPN

Concluding for Now..

I can’t cover everything you need to know about designing with CSS in one post, but you can read books that can help you with using Web standards to make your pages leaner, cleaner, and faster.

Prevention of Sql Injection with PHP

May 22nd, 2009 by divyang.shah § 15

Preventing SQL injection attack is becoming a headache now a days for many application developers and especially for web application developers. Lets explore a scenario where SQL Injection attack is most common and how we can avoid that.

We generally have a login screen with username and password in almost every web application.

Assume that attacker passes values like following:

user name = a’ or ‘t’='t
pass = a’ or ‘t’='t

Generally we have query like following:
“select * from admin where name = ‘”.$_POST['user_name'].”‘ and psw = ‘”.$_POST['pass'].”‘”;

So after passing the value it will look like:
select * from admin where name = ‘a’ OR ‘t’='t’ and psw = ‘a’ OR ‘t’='t’;

If you see properly this will go true and return the first record of the database and set that into session for login and user will be in your system!! It’s so easy, isn’t it?

To avoid this embarrassing situation there are many ways:

1) You can set ON magic quotes of your server. It is same as addslashes() function. It will be there in your php.ini file.

(NOTE : This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.)

2) You can manually addslashes like following

$user_name = addslashes($_POST['user_name']);
$pass = addslashes($_POST['pass']);

and then pass these parameters into query like this
“select * from admin where name = ‘”.$user_name.”‘ and psw = ‘”.$pass.”‘”;

so now it will look something like this
select * from admin where name = ‘a’ OR ‘t’='t’ and psw = ‘a’ OR ‘t’='t’;

so now it will match whole word (a’ OR ‘t’='t) with database and will return empty result set.

3) If you want to do it in one query then use mysql_real_escape_string.
“select * from tbladmin where name = ‘”.mysql_escape_string($_POST['username']).”‘ and psw = ‘”.mysql_escape_string($_POST['pass']).”‘”;

mysql_escape_string is more appropriate then addslashes().

you can read that thing here

http://shiflett.org/blog/2006/jan/addslashes-versus-mysql-re…

This will also provide the same result as point 2.

4) Another and best solution is Prepared Statements.

Prepared statements can help increase security by separating SQL logic from the data being supplied. This separation of logic and data can help prevent SQL injection attack.

mysql> PREPARE stmt_name FROM "SELECT name FROM Country WHERE code = ?";
//Statement prepared

mysql> SET @test_parm = "FIN";
// set the parameter

mysql> EXECUTE stmt_name USING @test_parm;
+---------+
| Name    |
+---------+
| Finland |
+---------+

mysql> DEALLOCATE PREPARE stmt_name;

Read more about prepared statement from this
http://dev.mysql.com/tech-resources/articles/4.1/prepared-statements.html

5) If you don’t want to use any of the functions then you can break your query in 2 steps like this

“select * from admin where name = ‘”.$_POST['user_name'].”‘”;

So from this you will get first record from the database. Now check $_POST['pass'] with obtain result.

Like you store the query result into $result variable. So in $result[0]['pass'] you will get original password. So now check
if($result[0]['pass'] == $_POST['pass'])

And then do the remaining process.

So by using any of the above steps you can avoid Sql Injection in your login form.

But the best way is to use point 2 and 3 and 4 because if hacker enters a’;drop table users; select * from data where name like ‘%
in user name field then it will look something like this

select * from users where name = ‘a’;drop table users; select * from data where name like ‘%’;

and it will fire 3 queries at same time and it will drop your users table.

1st, 2nd 3rd and 4th points had good results but as you can see the note in 1st point and 3rd point has more advantage then 2nd point. So the 3rd and 4th points are best solution and for more security purpose you can use 3rd or 4th point together.

Like
$format=”select * from users where `user_password` = ‘%s’ and `user_name` = %s
$query=sprintf($format,mysql_real_escape_string($password), mysql_real_escape_string($user_name) );

Good practice is to use use 3rd or 4th point.

Same way you can use this method at any of the user input forms like in user registration or in add product form. Any of the place where you are taking input from user side you have to check the data first and then store that data into database. And same way you can use the htmlentities() function to avoid html code.

Do you know any more methods using which we can prevent it? Let us know.

SQL Server 2005 Upgrade Considerations

May 18th, 2009 by nilesh.shamnani § 0

Problem

Making the decision to upgrade to SQL Server 2005 should be one that is made with sufficient information, not haphazardly. Understanding the changes needed to your SQL Server 2000 environment prior to upgrading should be one of the first sets of information gathered to determine the level of effort needed to upgrade. Scanning your code for issues, reviewing your configurations and DTS Packages can be a time consuming process. As such, how can I gather the needed information about my SQL Server 2000 environment to determine how much work I have to complete before upgrading to SQL Server 2005?

Solution

As SQL Server 2005 was released, Microsoft also released the SQL Server 2005 Upgrade Advisor which can be installed on your desktop and then connect to instances of SQL Server. This application reviews all of your code (T-SQL, Analysis Services, Data Transformation Services, Notification Services, Reporting Services, etc.) in SQL Server as well as externally in Trace and batch files, then outlines all of the issues that need to be resolved before or after the upgrade process.

You can find the steps needed to execute the same from the link given below :

http://www.mssqltips.com/tip.asp?tip=1220

Remove extra spaces from string using regular expression

May 13th, 2009 by dhruval.shah § 0

This is a procedure for removing extra spaces from text and make it exact one.

public string RemoveExtaSpaces(string text)
{

Regex regex = new Regex(@”\s{2,}”, Options);
text = regex.Replace(text.Trim(), ” “); //This line removes extra spaces and make space exactly one.

//To remove the space between the end of a word and a punctuation mark used in the text we will be using following line of code
regex=new Regex(@”\s(\!|\.|\?|\;|\,|\:)”); // “\s” will check for space near all punctuation marks in side ( \!|\.|\?|\;|\,|\:)”); )

text = regex.Replace(text, “$1″);
return text;

}

Where am I?

You are currently viewing the archives for May, 2009 at Digicorp.