Tuesday, 24 December 2013

PHP Functions And their usages- learn more with @s.shivasurya

power of php
Just like real life we assign functions to be executed by passing inputs as hardwork and outcome as happiness :) by the way integrating them to programming languages functions are important tasks to be provided with input and obtain outputs in desired manner.


PHP FUNCTIONS

PHP is known For it's inbuilt power of functions.The fact is You can design your own function in php and they too can be passed with arguments to execute the corresponding statements!.And this is kn own as USER DEFINED FUNCTIONS.those functions work only when they are called from the program.defining a function in php program is easy job to run a code straight away.It is very helpful when we run a large files in a simpler manner.programmers can feel easy while using functions assigning to different functions and determining the way to be executed while the code runs on the machine.Usage of functions reduce the time and coding lines.Just like we could pass arguments and run the codes to attain desirable results.

For the beginners may fing difficult with moving through the functions of PHP.but when you integrate yourselves,mostly You will find out functions to execute in better manner & you could manage the codings efficiently and fix the bugs in all possible ways.it will be very helpful while arranging in a squence and calling a function and execution.

let's have a small example here about the simple program in php:

this is how beginners write their coding:

<?php
echo "shivasurya.s is a programmer & skilled person.<br>";
echo "boyka is a programmer & skilled person.<br>";
echo "sharukh khan is a programmer & skilled person.<br>";
echo "muzzamil musthafa is a programmer & skilled person.<br>";
?>

this is how experienced programmers write their coding:

<?php
function familyName($fname)
{
echo "$fname is a programmer & skilled person.<br>";
}

familyName("shivasurya.s");
familyName("boyka");
familyName("shahrukh khan");
familyName("muzzamil musthafa");

?>

in this example both generates same results, but the usage of functions plays a vital role and helps to fix the bug in the code easier and identify.This may also Reduce Your coding lines and makes the program to work efficient manner.

Let's see a real life Example here:


A small snippet to Insert Database with functions :

Here we could assume that we can insert the database with consumers data after complete validation and cleaning  :P :P

<?php
function insertdb_user($name,$company,$age,$website,$income)
{
 $update=mysql_query('insert into users (name,comapny,age,website,income)  values("$name","$company","$age","$website","$income")');
 echo "Updated successfully here.";
}

insertdb_user($userpostedname,$userpostedcompany,$userpostedage,
$userpostedwebsite,$userpostedincome
);

?>

here programmer can use many arguments as their wish and create many functions of their own and execute to obtain desired results.apart form the user defined functions ,there a huge amount of PHP inbuilt functions You can read it in Documentation or Manuals of PHP websites.

here is a small example of PHP inbuilt function date()  :

<?php

// Assuming today is March 10th, 2001, 5:16:18 pm, and that we are in the


// Mountain Standard Time (MST) Time Zone


$today date("F j, Y, g:i a");                 // March 10, 2001, 5:16 pm


$today date("m.d.y");                         // 03.10.01


$today date("j, n, Y");                       // 10, 3, 2001


$today date("Ymd");                           // 20010310


$today date('h-i-s, j-m-y, it is w Day');     // 05-16-18, 10-03-01, 1631 1618 6 Satpm01


$today date('\i\t \i\s \t\h\e jS \d\a\y.');   // it is the 10th day.


$today date("D M j G:i:s T Y");               // Sat Mar 10 17:16:18 MST 2001


$today date('H:m:s \m \i\s\ \m\o\n\t\h');     // 17:03:18 m is month


$today date("H:i:s");                         // 17:16:18


$today date("Y-m-d H:i:s");                   // 2001-03-10 17:16:18 (the MySQL DATETIME format)


?>

here in the above pre defined functions are already built inside PHP ,we just call them with suitable arguments and they provide us the correct,desired results in the form of html codes and they are displayed in browsers.thus we can learn more function using the MANUAL website by PHP. & soon you too can create your own functions in PHP and implement in your php websites!



yup!You guys Gone through functions in this tutorial! functions are quite easy according to me,they are easy to handle and maintain huge set of codes and makes the task simpler and easier!

human errors are common!lets make it error free by helping one another!.so,
feel free to comment below!

Friday, 20 December 2013

Root Your Android Phone Samsung galaxy S Duos- learn more with @chandeesh.android



How to root Samsung galaxy s duos





Rooting is meant to gain access to the system files by creating a new administrator.After rooting superuser app will be created.
1.Download the rooting kit for Samsung galaxy s duos and extract it to your computer.The rooting kit contains recovery tar.zip file,odin.zip,cwm super user and stock recovery.zip files.putCWM-SuperSU-v0.96file in root of the sd card. LINK

2:charge your phone to atleast 60%.Enable usb debugging in your phone.Install Samsung galaxy s duos usb driver in your computer.connect your phone to pc via usb
3:Extract odin.zip to your computer and open odin.exe.
4:switch off your phone remove the battery and insert.Now go to the download mode by pressing volume down+home button +power button
5:If your phone has been connected, one of the COM port turns yellow

6:Now ensure that Auto reboot and F.reset Time check boxes are ticked.
7:click on PDA and select cwm recovery .tar file
8:Click start and be ready to remove the battery when it shows the result PASS.
When it shows PASS remove the battery wait for few seconds and insert it.Now boot to clockworkmod recovery(volume up+home+power button).The touch screen will not work use volume up and volume down keys to move up and down home button to select.


9:Now choose “install from sd card” option then select “choose zip from sdcard”.selectCWM-SuperSU-v0.96 navigate to yes option and click home button to select.After the setup is finished go back and select reboot system now.Now super user app is installed.


NOTE:ROOTING MAY VOID YOUR WARRANTY OR MAY BRICK YOUR PHONE.TRY AT YOUR OWN RISK.

Monday, 16 December 2013

PHP Top vulnerability methods - learn more with @s.shivasurya i-vision blog





We are living in the challenging world,where one Amazes peoples by creating New tecnology ,where the other tries to crack and reveal the secret.The developer tries to fix them by implementing new techniques and hackers tries to explore the vulnerability and this game always go on. Does'nt Ends :P

so lets here some glance about top vulnerabilities!


SQL Injections:



Sql injection is the first black listed here.sql injection occurs when the user doesnt sanitize his user input values and directly updates or inserts in Database.It is mostly commonly seen vulnerability in PHP sites!so,to prevent this now PHP has introduced Prepared statements PDO ,which can let the developers with low level of vulnerability.once the hacker identifies the vulnerability in codings then he could access the database like an ADMIN and he could retrieve data and update data of the users.


XSS




Cross Site Scripting (generally called as XSS) is also a famous well known attack.generally before SQL injection is done XSS plays a vital role in verifying the vulnerability in coding of developers.If so then the hackers start their nasty attacks on the Database.when a programmer doesn't cleans the input values retrieved from users and verifies using preg_match() then he would be surely down by XSS attacks.these attacks are commonly done by two methods $_POST & $_GET in PHP.

for example in $_POST : 


when the user(YOU) submit username and password through this types of forms:

<form action="post.php" method="post">
<input type="text" name="comment" value="">
<input type="submit" name="submit" value="Submit">
</form>

when the processing script process like this:
-------------------------------------------------------
"<?php
echo $_POST["comment"];
"
-------------------------------------------------------
and the hackers can just submit this form like this :

--------------------------------------------------------
"<script>alert("hacked")</script>"
--------------------------------------------------------
this may be not vulnerable untill the QUERIES are unmodified ! :D

for example in $_GET : 


when the user searches by get method in PHP:
------------------------------------------------------------------------------------------

"<?php
// Get search results based on the query
echo "You searched for: " . $_GET["query"];
// List search results
..."
--------------------------------------------------------------------------
The example can be a very unsecure results page where the search query is displayed back to the user. The problem here is that the $_GET["query"] variable isn’t validated or escaped, therefore an attacker could send the following link to the victim:

so he might the targeted people may get link like this:
------------------------------------------------------------
"http://example.com/search.php?query=<script>alert("hacked")</script>"
------------------------------------------------------------
and output would be like this :
----------------------------------------------------------------------------
"You searched for: <script>alert("hacked")</script>"
----------------------------------------------------------------------------

Data Sanitization:


Data Sanitization is mainly focus on cleaning the variable with unwanted scripts inside them.the are just converted in to special format rather than from their native form and inserted in database.
example follows here!
-----------------------------------------------------------
"<?php
// sanitize HTML from the comment
$comment = strip_tags($_POST["comment"]);"
-----------------------------------------------------------

Data validation:




Data validation is an important key factor in terms of PHP to prevent attacks on Database and to maintain the quality of Database just like unfilled columns and other updation in Database.so here nowadays experts in PHP recommend to use preg_match() function to verify the user input details to utmost level and send them for further proccessing and updation.
-----------------------------------------------------------------

have a quick example below:

"<?php
// validate a US phone number
if (preg_match('/^((1-)?d{3}-)d{3}-d{4}$/', $phone)) {
    echo $phone . " is valid format.";
}"
-------------------------------------------------------------------

Data encryption using PHP :


As you may know that how much extent the techniques are developed to prevent such activities the hacker tries to break the mechanism and enters the database to steal the information.so Here Encryption of data plays a vital role here.Facebook & Google heavily encrypt the users database through their own encryption techniques like making it as functions and implementing them. encrypting the data is very easy for developers but decrypting the data by their own is a big part unless they are expert in PHP and logics.PHP has some encrypting functions such as HASH SALT methods, the popular MD methods and so on,refer here for complete guidance.
--------------------------------
example before encryption :

username :s.shivasurya  || password :i_know_u_would_lookup_here:D

after Encryption:

username:s.shivasurya || password :5dsfcv82fvbd2fvsdfv52dvsdv512vsdfv
-------------------------------

thus YOU may GET slight thinking of your vulnerabiltiy in your codings.just get updated with PHP website manual .if the function is no longer supperted then it will be noted as "This function has been DEPRECATED as of PHP 5.5.0. Relying on this function is highly discouraged."

only hackers can challenge the programmers! :D






PHP Top vulnerability methods - learn more with @s.shivasurya i-vision blog





We are living in the challenging world,where one Amazes peoples by creating New tecnology ,where the other tries to crack and reveal the secret.The developer tries to fix them by implementing new techniques and hackers tries to explore the vulnerability and this game always go on. Does'nt Ends :P

so lets here some glance about top vulnerabilities!



SQL Injections:



Sql injection is the first black listed here.sql injection occurs when the user doesnt sanitize his user input values and directly updates or inserts in Database.It is mostly commonly seen vulnerability in PHP sites!so,to prevent this now PHP has introduced Prepared statements PDO ,which can let the developers with low level of vulnerability.once the hacker identifies the vulnerability in codings then he could access the database like an ADMIN and he could retrieve data and update data of the users.


XSS




Cross Site Scripting (generally called as XSS) is also a famous well known attack.generally before SQL injection is done XSS plays a vital role in verifying the vulnerability in coding of developers.If so then the hackers start their nasty attacks on the Database.when a programmer doesn't cleans the input values retrieved from users and verifies using preg_match() then he would be surely down by XSS attacks.these attacks are commonly done by two methods $_POST & $_GET in PHP.

for example in $_POST : 


when the user(YOU) submit username and password through this types of forms:

<form action="post.php" method="post">
<input type="text" name="comment" value="">
<input type="submit" name="submit" value="Submit">
</form>

when the processing script process like this:
-------------------------------------------------------
"<?php
echo $_POST["comment"];
"
-------------------------------------------------------
and the hackers can just submit this form like this :

--------------------------------------------------------
"<script>alert("hacked")</script>"
--------------------------------------------------------
this may be not vulnerable untill the QUERIES are unmodified ! :D

for example in $_GET : 


when the user searches by get method in PHP:
------------------------------------------------------------------------------------------

"<?php
// Get search results based on the query
echo "You searched for: " . $_GET["query"];
// List search results
..."
--------------------------------------------------------------------------
The example can be a very unsecure results page where the search query is displayed back to the user. The problem here is that the $_GET["query"] variable isn’t validated or escaped, therefore an attacker could send the following link to the victim:

so he might the targeted people may get link like this:
------------------------------------------------------------
"http://example.com/search.php?query=<script>alert("hacked")</script>"
------------------------------------------------------------
and output would be like this :
----------------------------------------------------------------------------
"You searched for: <script>alert("hacked")</script>"
----------------------------------------------------------------------------

Data Sanitization:


Data Sanitization is mainly focus on cleaning the variable with unwanted scripts inside them.the are just converted in to special format rather than from their native form and inserted in database.
example follows here!
-----------------------------------------------------------
"<?php
// sanitize HTML from the comment
$comment = strip_tags($_POST["comment"]);"
-----------------------------------------------------------

Data validation:




Data validation is an important key factor in terms of PHP to prevent attacks on Database and to maintain the quality of Database just like unfilled columns and other updation in Database.so here nowadays experts in PHP recommend to use preg_match() function to verify the user input details to utmost level and send them for further proccessing and updation.
-----------------------------------------------------------------

have a quick example below:

"<?php
// validate a US phone number
if (preg_match('/^((1-)?d{3}-)d{3}-d{4}$/', $phone)) {
    echo $phone . " is valid format.";
}"
-------------------------------------------------------------------

Data encryption using PHP :


As you may know that how much extent the techniques are developed to prevent such activities the hacker tries to break the mechanism and enters the database to steal the information.so Here Encryption of data plays a vital role here.Facebook & Google heavily encrypt the users database through their own encryption techniques like making it as functions and implementing them. encrypting the data is very easy for developers but decrypting the data by their own is a big part unless they are expert in PHP and logics.PHP has some encrypting functions such as HASH SALT methods, the popular MD methods and so on,refer here for complete guidance.
--------------------------------
example before encryption :

username :s.shivasurya  || password :i_know_u_would_lookup_here:D

after Encryption:

username:s.shivasurya || password :5dsfcv82fvbd2fvsdfv52dvsdv512vsdfv
-------------------------------

thus YOU may GET slight thinking of your vulnerabiltiy in your codings.just get updated with PHP website manual .if the function is no longer supperted then it will be noted as "This function has been DEPRECATED as of PHP 5.5.0. Relying on this function is highly discouraged."

only hackers can challenge the programmers! :D