Aug 26

What you really need to learn in Javascript? #13 

What you really need to learn in Javascript? 
1. Where you can place JavaScript codes? 
Anywhere in the web-pages, ideally in the header section, or in an external file. If you keep javascript codes in an external file, the codes will be re-usable from different web-pages2. Some basic programming: 

 
 
 document.write('Hello World'); 
 
This will only be displayed in javascript enabled browsers.
 
 document.write('Page Requiring Javascript'); 
 
3. Variables and their scopes 
 
  var hello = 'Hello World'; 
   document.write(hello);
 
var mynum = 5; 
var smokes = false; 
var riches = null; 
var today = new Date;
 Example use of variables: 
 
  var questions = 'If you have any questions about this 
     please email me.'; 
 document.write(questions);
 
Another block can refer to questions variables without reassigning the value
 
    document.write(questions);
 
variables declared within a function is recognized only withing that function. Variables declared outside of a function is recognized anywhere in the webpage within javascript code from the declaration place. 
4. Operators 
Assignment operators 
 
 var rich = 5000; 
 var lotsOfMoney = 100000; 
    rich = lotsOfMoney; 
  document.write(rich);
 
Arithmetic and concatenation operators 
five = two + three; 
profit = income - expenses; 
income = sales * price;
payment = total / instalments; 
option = randnum % choices; 
b = ++a;
c = a++;
d = --a;
e = a--; 
Combination of Operators like c/c++ 
joy += happiness; 
price -= discount; 
capital *= interest; 
pie /= slices;
options %= choice; 
Example use:
 
    var singlePrice = 8;
  var bulkPrice = singlePrice * 9;
  document.write('
Buy our Widgets $'
 +singlePrice+' for one, $'+bulkPrice+' for ten
'); 
 
5. Comparing Variables, Logical statements 
 
 var red = 5;
  var blue = 3;
 var match = null;
 if (red == blue) 
 {
     match = 'equal'; 
 } 
    else 
 {
     match = 'unequal'; 
   }
 document.write(red + ' and ' + blue + ' are ' + match); 
 
Other comparison operators: 
if (red > blue)
if (red >= blue)
if (red < blue)
if (red < = blue)
if (red != blue) 
Combining more than one comparison 
if ((red == blue) || (red == green)) 
 
    var red = 5;
  var blue = 3;
 var green = 3;
    var match = null;
     if ((red == blue) && (red == green)) 
 {
     match = 'equal';
  } 
    else 
 {
     purple = 'unequal';
   }
 document.write(red + ' and ' + blue + ' are ' + match);
 
Comparison in short
red == blue ? match = 'equal' : match = 'unequal'; 
instead of
if (red == blue) 
{
    match = 'equal';
} 
else 
{
      match = 'unequal'; 
}
Example Use:


    var discPrice = 25;
   var regPrice = 25;
    var discount = regPrice - discPrice;
  if (discount > 0)
      document.write('
Save $'+discount+ ' off the normal price of $' +regPrice+ 'now only $'+discPrice+'.
');
 else
      document.write('
Buy now at our regular cheap price of $' + regPrice+'.
' ); 

6. Switch statement in Javascript, very similar to C/C++/Java
use switch instead of multiple if/else if

  var red = 1;
  var result = null;
    switch (red) 
 {
     case 1: result = 'one'; break; 
       case 2: result = 'two'; break;
        default: result = 'unknown';
  }
 document.write(result);
 
Example:
 
   var message = 0;
  switch (message) 
 {
     case 1: document.write('Merry Christmas'); break;
     case 2: document.write('Happy New Year'); break; 
     case 3: document.write('Happy Easter'); break;
        case 4: document.write('Happy Holidays'); break;
      default: document.write('Welcome');
   }
 
7. Function 
        Defining a function 
function myCode() 
{
   document.write('Hello World'); 
} 
calling a function
myCode()
Example:
function displayMessage() 
{
 switch (message) 
 {
     case 1: document.write('Merry Christmas'); break;
     case 2: document.write('Happy New Year'); break;
      case 3: document.write('Happy Easter'); break;
        case 4: document.write('Happy Holidays'); break;
      default: document.write('Welcome');
   }
}     
var message = 0;
displayMessage(); 
parameter passing
function writeSentence(argument1,argument2) 
{
   document.write('The '+argument1+' is '+argument2+'.
'); 
} 
var a = 'table';
var b = 'chair';
var c = 'red';
var d = 'blue';
writeSentence(a,c);
writeSentence(b,c);
b = 'other ' + b;
writeSentence(b,d); 
writeSentence('table',b); //passing the value directly
Example:
function displayMessage(m) 
{
   switch (m) 
   {
     case 1: document.write('Merry Christmas'); break;
     case 2: document.write('Happy New Year'); break;
      case 3: document.write('Happy Easter'); break;
        case 4: document.write('Happy Holidays'); break;
      default: document.write('Welcome');
   }
} 
In Javascript functions can also return values 
function validField(fld) 
{
  if (fld == '') return false; 
 return true;
} 
function validField(fld) 
{
    return (fld != '');
} 
How to receive returned values and process 
document.write(myField + ' is ');
if (!validField(myField)) 
{
    document.write('not '); 
}
document.write('empty'); 
8. Alert and confirm 
 alert('Alert Message');  
Will display a message box with the message. Very useful in debugging javascript applications. 
use confirm(), when you need user agreement on an issue. like: 
if (confirm('Select a button'))
{
   alert('You selected OK'); 
}
else 
{
   alert('You selected Cancel'); 
}
9. comments 
// Scrolling Ad Javascript
// copyright 3rd September 2004, by Stephen Chapman 
// permission to use this Javascript on your web page is 
// granted provided that all of the code in this script (including 
// these comments) is used without any alteration 
or
/* Scrolling Ad Javascript
copyright 3rd September 2004, by Stephen Chapman
permission to use this Javascript on your web page is
granted provided that all of the code in this script (including
these comments) is used without any alteration */ 

10. Debugging JavaScript
    Test in different browsers like IE, Mozilla, Firfox, Netscape 
    Enable Javascript and script debugging
    Script debugging usually reside under tools menu under browsing or web development sub-options

            Using alert to check variable values or if you can reach to a particular point of your code
        use bookmarklets, these are small scripts that can be used as plug in into browsers to provide error information.
            Use firebug in firefox, also use error console under tools menu to debug javascript error.
        Visual interdev provides Javascript debugging you may also enable external debugging by such programs
        11. External javascript

You can place all of your javascript codes to an external file. and use the file scripts/functions from any webpage. 
You just need to provide a reference to that external file.
You can provide reference as follows:
<script language="javascript" type="text/javascript" 
  src="hello.js">
 
Note:  do not include any  or  in the external file. 
12.  Using  tag:  this tag may help you to provide some information to the visitors  
when javascript is disabled or not supported by the browsers.

  document.write('Hello Javascript World'); 

Hello World Without Javascript 

    This page uses Javascript. Your browser either
    doesn't support Javascript or you have it turned off.
 To see this page as it is meant to appear please use
  a Javascript enabled browser.

13. Objects and properties in Javascript 
var strlen = myField.length; 
var str = mynum.toString(); 
function theLetter(num) 
{
  var str = 'abcdefghijklmnopqustuvwxyz';
   return str.substr(num-1,1);
}
document.write(theLetter(5)); 
14. Arrays in Javascript 
var myArray = new Array(); 
var myArray = new Array('message one',
'message two','message three'); 
document.write(myArray[0]); 
myArray[3] = 'message four'; 
function displayMessage(m) 
{
 var greeting = new Array('Welcome','Merry Christmas',
 'Happy New Year','Happy Easter','Happy Holidays');
    if (m  greeting.length) m = 0;
    document.write(greeting[m]); 
} 
15. Loops
for (var i=0; i<10; i++) 
{
 document.write(i);
} 
var x = 0;
while (x<10) 
{
   document.write(x); 
   x++;
} 
var x = 12;
do 
{
 document.write(x); 
   x++;
} while (x<10) 
16. Date and Time in Javascript
//current date
var myDate = new Date; 
myDate.setDate(15);
myDate.setMonth(3); // January = 0
myDate.setFullYear(2006); 
myDate.setDate(myDate.getDate()+7);

From: http://sitestree.com/?p=4732
Categories:13
Tags:
Post Data:2011-02-12 19:58:06

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

Little note on CVS #14

CVS Version Control System:

  • There will be a repository where the files(of different versions) will be saved. Its just like a central storage of files. You will need a software that will provide this facility.
  • You also need a client software. The client software can get copies of the repository files. After, modifying clients can update/save to the repository. While saving from clients steps are needed so that version control is maintained [no inconsistency arises].
  • Linux has command based clients, also there are CVs servers for linux. Download them from the internet.
  • I have some experience of using WinCVS – a windows based CVS client.
  • In WinCVS, You can set command line parameters using Admin->commandline parameters option. You have to provide some information like: CVS server, repository path, username, password.
  • In WinCVS, you can checkout files from the CVS server using the checkout option from the menu (tools). You need to specify local path to store the files. Also, you need to mention some information like the previous step (or you can copy a string from the previous step and provide here):

From: http://sitestree.com/?p=4777
Categories:14
Tags:
Post Data:2008-07-13 11:35:14

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

Quick reference to sub version’s repository administration commands #14

Sub version administration related commands

  • svnlook:to examine various revisions and transactions in a repository. No change is made by this command. Just analyze near to commit or committed changes.
  • svnadmin:
  • ls repos: check sub version repository
  • svnadmin create “path to repository”
  • svnadmin create –fs-type fsfs /path/to/repos: creates repository that uses FSFS file system
  • svnadmin create –fs-type bdb /path/to/repos : creates repository that uses BDB in the backend
  • ls repos/hooks/: This displays the hooks for the repository. Hooks are scripts that run in different repository events. You can write or use third party hooks as well
  • svnadmin help: provides information on how to use svnadmin command
  • svnadmin –version
  • Available subcommands of svnadmin: crashtest, create,deltify
  • svnlook info /path/to/repos:
  • svnlook info /path/to/repos -r 19
  • svnlook youngest /path/to/repos: younest revision number
  • svnsync: Creates read only mirror of the sub version repository
  • svnsync:subcommands:synchronize (sync),copy-revprops,help (?, h)
  • svnadmin setlog myrepos newlog.txt -r 388 :
  • svnadmin lstxns myrepos:outlisted transactions
  • svnadmin rmtxns myrepos `svnadmin lstxns myrepos`
  • svnadmin list-unused-dblogs /path/to/repos: display unused log files
  • svnadmin list-unused-dblogs /path/to/repos | xargs rm: restore disk space from unused log files
  • svnadmin recover /path/to/repos : BDB repository recover
  • svnadmin dump myrepos > dumpfile: dump svn repository
  • svnadmin load newrepos < dumpfile :effectively replays those dumped revisions into the targetrepository for that operation
  • svnadmin create newrepos
    $ svnadmin dump myrepos | svnadmin load newrepos
  • svnadmin hotcopy /path/to/repos /path/to/repos-backup:backup repository
  • $ svnadmin hotcopy –clean-logs /path/to/bdb-repos /path/to/bdb-repos-backup

Sub version repository strategies

You may create three folders: trunk, branch, tags. Trunk->main development, bracnch->to create various named brances of the main trunc, tags->collection of free snapshots that are created and destroyed

Subversion repository may make use of backend database like berkeley DB or it can just use a file system like FSFS

From: http://sitestree.com/?p=4736
Categories:14
Tags:
Post Data:2008-05-30 10:27:31

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

Introduction to software version control #14

Version control software are used to maintain and create different versions of the same software. It allows parallel software development and facilitates collaboration and team based software development. In addition, it provides features so that integration among different people’s work can be made. Also, tracking back to an early stage of the software becomes possible.

Why do software companies need it? Let you may develop a software and release it. Then you may still want to keep the same version along with improving it. You want a new improved version for future release. You may want further improvements, hence further versions. Also, in internal development, several programmer may collaborate to work on different/same parts in parallel. Then they can merge them to a merged and stable/workable/reliable stage. They can create a version of the software at this moment. If any crap happens, they can come back to this stable version and continue improving/re-developing.

Among the version control software some popular ones are CVS,Subversion,Visual Source Safe, and Starteam. I personally have some working experience with starteam and subversion. In subversion, there is a repository of codes. Subversion is totally file system and directory based. Repository needs to be well designed. It may contain all projects in one folder or all projects in separate folder. Both has advantages and disadvantages. A good approach may be using them in mix. Keep similar projects in one folder and create separate folders for non-similar projects. As there are some administrative tasks that can be applied to the root folder/a folder thats why grouping may be need as project requirements may be different. It also affects the version number, usually version number is increased by the base/root folder. Still the increase may be because of another project.

A project usually contains two folders. Trunc folder is the main development folder. Branch folder is the new version/working folder.Each programmer usually creates his own copy of the branch and work on the copy. Sometimes, programmers merge their changes and keep it to the branch. While anyone wants to save his work to the branch, it will display the changes made to the same file by other programmers. Then he/she can decide how to integrate all changes into the file. The branch changes may be transferred to the main trunc folder to create a new version of the software.

From: http://sitestree.com/?p=4734
Categories:14
Tags:
Post Data:2007-07-15 12:24:21

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

Some random information regarding commenting your code #15 

Some random information regarding commenting your codeIs commenting required? or suggested?Simply yes. Always comment your code.Note: Commenting is always useful only when it is done right. Bad commenting is worse than not commenting.What should you write in the comment?--------------------------------------Write why the section of the code is required.write-What does the code section do.Write it in plain english. Don't use any language syntax.If you do not find what to write...then better check did you understand the requirements of the assignment/section? Also check, are you sure your design/logic will work? Also, why your design/code will work -- did you really understand. Do not write how the code works in comments but write why and what it does.Why commenting is useful?-------------------------Commenting will make your code more readable to others.Commenting will help others to find out the right section of code to edit/modify. Also, understand the purpose of the program as well as sequence of the logic.It will also help you to review/(work on) your own code laterIn many or most companies, you will hardly write codes from scratch, you have to work on others' code. So commenting is required.Random:--------Use a clear commenting style - easy to editComment as you go/code - do not leave commenting until the end of writing codeIf you are worried that commenting will reduce performance...rather comment and use tools to create release codes without commentscomment above the code -- not at the rightvariable declaration may have comment at the rightif you use any special trick that is not ovbious from the code -- write it in comments [a trick:we can do a right shift for divide by 2]Comments and Pseudocode Programming Practice (PPP)----------------------------------------------------Comments and Pseudocode Programming Practice (PPP) go hand in hand.what is Pseudocode Programming Practice (PPP)?1. Write your logic in plain english may be as a paragraph2. Decompose it step by step into as fine grained that it can not be decomposed further. (The paragraph will be converted to lines of steps)3. comment each line/step (use comment sign like //)4. After each line/comment write the corresponding code.

From: http://sitestree.com/?p=4786
Categories:15
Tags:
Post Data:2011-10-01 17:18:46

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

Good Coding Style in PHP + Other languages #15

Style 1.1: Use proper indenting

while ($x < $z) {    if ($a == 1)    {       echo 'A was equal to 1';  }   else    {       if ($b == 2)        {           //do something      }       else        {           //do something else     }   }}

1.2
while ($x < $z) { if ($a == 1) {      echo 'A was equal to 1';  } else {        if ($b == 2) {          //do something      } else {            //do something else     }   }}

Style 2.1: Properly indent conditional statements. Always use braces, it will make later additions of more statements easier.

while ($x < $z) {   if ($a == 1)    {       echo 'A was equal to 1';  }   else    {       if ($b == 2)        {           //do something      }       else        {           //do something else     }   }}

Style 2.2

while ($x < $z) {   if ($a == 1) {      echo 'A was equal to 1';  } else {        if ($b == 2) {          //do something      } else {            //do something else     }   }}

3.1 Function Calls
No space between function names and parenthesis.

   $var = myFunction($x, $y);

3.2 Function declarations

Use braces properly, give meaningful names to the parameters, always return values from functions. Avoid printing/echoing inside functions.

function myFunction($province, $city = ''){   //indent all code inside here   return $result;}

4. Use comments before a function. Also, use comments before a block [especially if it uses some difficult to understand logic]use PHPDoc style comments that may work like Javadoc to create documentation from your source files

/** *  short description of function * *   Optional more detailed description. * * @param $paramName - type - brief purpose *  @param ... *    ... *   @return type and description */

5. Use include_once or require_once instead of include or require to include a file that contains common variables, functions, classes.
6. Php tags: always use

instead of

7. to enclose strings use single quote ‘ ‘ rather than double quotes ” “. Try to use . to concate string variables. You can use double quote and put variables inside.

 $associative_array['name']; $var='My String';   $var2='Very... long... string... ' . $var . ' ...more string... ';  $sql="INSERT INTO mytable (field) VALUES ('$var')";

8. Follow some conventions for variable and function names

  • Class name start with uppercase letter. Each word should start with uppercase letter
  • Variable and function name may start with lower case letters. Then each word will start with a capital letter
  • give meaningful names to variables and functions
  • Do not make them too lengthy. I prefer less than 12-15 character names
  • Do not abbreviate words in variable or function names. Use $url or $articleUrl as variable names, not $URL or $articleURL as

From: http://sitestree.com/?p=4741
Categories:15
Tags:
Post Data:2006-08-07 13:22:40

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

IT Startup ideas #155

Some IT startup ideas

From: http://sitestree.com/?p=5338
Categories:155
Tags:
Post Data:2008-12-19 06:44:39

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 26

PHP Security – Guidelines #16

PHP Security – Guidelines

  • Do not store sensitive information in Cookies
  • Instead of cookies, store sensitive information in Sessions
  • Sessions can also be hacked though safer than cookies
  • PHP session id is pretty random; so in general this is not a problem.
  • Reducing the session security problem: determine current user is the one who originally initiated session. if not, deny access
  • Regenerate session ids after login, on initialization
  • Change the session variable name and the path to save [session_save_path(), session_name (“xyz”) ]
  • Reduce session runtime [session.gc_maxlifetime]
  • use SSL [force users to use SSL]
  • do not use .inc files and do not keep php code inside them
  • Do not use dynamic file path for require and include
  • Do not use relative file path [use absolute file path]
  • Do not trust user input to prevent XSS
  • use htmlspecialchars(). strip_tags(), htmlentities() on the user input
  • To prevent Cross-site Request Forgeries (CSRF), check $_SERVER [‘HTTP_REFERER’]
  • You may want to use token in your session to prevent CSRF. Re-authenticate for sensitive operations
  • When you use third party tools, do not install them in their default loation
  • When error situation occurs in your code, just stop
  • Use authorization to allow a user the minimal right he/she needs
  • Double check where you are using eval()
  • use mysql_real_escape_string() on the user provided data to be used in Databasequeries
  • Use prepared statements or stored procedures
  • Double verify the data types. do not accept string where the data has to be integer [ctype_digit()., filter_var() do not use is_int() and is_numeric()]
  • Keep log files and check your log files time to time
  • do not display detail error messages in your live site. But you can log the erros for your own checking
  • do not use standard login names such as administrator, root
  • do not put your administration module under folder named admin
  • You can even use a different file extension other than .php [but not .inc]
  • Stop spamming using your contact form. Validate email address. use filter_var()
  • encrypt sensitive information
  • initialize variables when first declared
  • Disable register_globals in php.ini
  • do not use $_REQUEST, instead use $_GET and $_POST
  • When developing use E_ALL to know all the possible errors. but turn off E_ALL in live site
  • Type Cast and verify data. Only allow the appropriate data type
  • use ctype_alnum(), ctype_alpha(), ctype_xdigit()
  • Use htmlspecialchars() and htmlentities() more than using strip_tags()
  • SQL escaping (to prevent SQL Injection): mysql_escape_string(), mysql_real_escape_string(), pg_escape_string(), pg_escape_bytea(), sqlite_escape_string()
  • to avoid double escaping use get_magic_quotes_gpc()
  • Session security technique: compare with the browser signature headers. if no match, destroy the session.
  • for shared hosting use the following two php.ini directives properly: open_basedir, safe_mode

From: http://sitestree.com/?p=5336
Categories:16
Tags:
Post Data:2013-05-05 00:07:23

    Shop Online: <a href='https://www.ShopForSoul.com/' target='new' rel="noopener">https://www.ShopForSoul.com/</a>
    (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http://Training.SitesTree.com' target='new' rel="noopener"> http://Training.SitesTree.com</a> 
    In Bengali: <a href='http://Bangla.SaLearningSchool.com' target='new' rel="noopener">http://Bangla.SaLearningSchool.com</a>
    <a href='http://SitesTree.com' target='new' rel="noopener">http://SitesTree.com</a>
    8112223 Canada Inc./JustEtc: <a href='http://JustEtc.net' target='new' rel="noopener">http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning) </a>
    Shop Online: <a href='https://www.ShopForSoul.com'> https://www.ShopForSoul.com/</a>
    Medium: <a href='https://medium.com/@SayedAhmedCanada' target='new' rel="noopener"> https://medium.com/@SayedAhmedCanada </a>

Aug 25

#Engineering: #Canada: #Job/Contract/Project: Any #Engineering: #Computer, #Electrical, #Electronics, #Civil, #Chemical, #Mechanical, #Naval, #Biomedical, and misc Engineering

Date Posted:2021-08-26 .Apply yourself, or submit others as candidates; Build a recruitment team to submit others as candidates; submit RFP to be considered for projects in future; Try to become a vendor so that you are asked to submit consultants/resources in future. If these work for you. This list is posted in this blog everyday provided there are new projects under the criteria

  1. construction-services-10004
  2. Prequalification of Mechanical & Electrical Contractors – Kincardine CT Scanner
  • air-conditioning-and-refrigeration-equipment-10016
  • MECHANICAL COOLING ADDITION
  • Supply And Installation Of Heating, Ventilation And Air Conditioning (Hvac) System Replacement, Electrical Upgrades
  • electrical-and-electronics-10006
  • Upgrade Electrical Panels – Tender Ready
  • BringIt Electrical Installation Project (RE-TENDER)
  • PEAK SHAVERS ELECTRICAL SWITCHGEAR EQUIPMENT SUPPLIER
  • fabricated-materials-10009
  • Mechanical Lock (21401-220001/A)
  • food-preparation-and-serving-equipment-10012
  • Electrical Upgrade
  • industrial-equipment-10014
  • REQUEST FOR PROPOSAL (RFP) for MECHANICAL & ELECTRICAL CONSULTANT SERVICES for FORT SASKATCHEWAN – CORRECTIONAL CENTRE – VARIOUS BUILDINGS – Heating Boilers Replacement
  • REQUEST FOR PROPOSAL (RFP) for MECHANICAL & ELECTRICAL CONSULTANT SERVICES for FORT SASKATCHEWAN – CORRECTIONAL CENTRE – VARIOUS BUILDINGS – Heating Boilers Replacement
  • machinery-and-tools-10015
  • Upgrade Electrical Panels – Tender Ready
  • architect-and-engineering-services-10048
  • RCMP Detachment Architecture & Engineering Services
  • Upgrade Electrical Panels – Tender Ready
  • Provision of Engineering Services for Prospect Park WTP – Ultraviolet Disinfection System Upgrade (HHACT)
  • Taxiways A, B, D & J Rehabilitation – Engineering Services
  • Completion of a Detailed Engineering Design for the Bal Harbour Sewage Pumping Station (PS) Electrical Upgrade
  • ENGINEERING SERVICES FOR DETAILED CONDITION SURVEYS AND DESIGN FOR VARIOUS STRUCTURES
  • Design engineering services Grading and Surfacing reconstruction of Highway No. 51 C.S. 51-01
  • educational-and-training-services-10043
  • One Pilot Instructor and one Combination Instructor Flight Engineer and Instructor Load Master (W0107-21XC39/A)
  • environmental-services-10050
  • Engineering Services for the Design of Former Rossville School Site Remediation
  • professional-administrative-and-management-support-services-10040
  • Engineering Services for the Design of Former Rossville School Site Remediation
  • Mechanical Consulting Services CBC Building – BMS Upgrade, Regina, Saskatchewan
  • quality-control-testing-inspection-and-technical-representative-services-10053
  • IPD Mechanical Contractor Services – RCMP Main Detachment Modern
  • research-and-development-r-d-10036
  • Engineering Consulting Services for Detailed Dam Break Flood Inundation Mapping
  • utilities-10041
  • Request for Proposal for Engineering Services – 2021/2022 Active Transportation Plan
  • undefined-10055
  • PWES/WS/ Mechanical Engineering Services-Kanata West Pumping Station

    • Keywords Used:engineer,civil,mechanical,electrical,electronics,mechatronics,naval,biomedical,computer engineer,software engineer,civil engineer,biomedical,electrical engineer,electronics engineer,mechanical engineer,metallurgical,chemical engineer,industrial engineer,communications engineer,quality assurance engineer,Aerospace engineer,aeronautical engineer,Engineering manager,Agricultural Engineer,Automotive Engineer,Environmental Engineer,Geological Engineer,Marine Engineer,Petroleum Engineer,Acoustic Engineer,Acoustic Engineer,Aerospace Engineer,Agricultural Engineer,Applied Engineer,Architectural Engineer,Audio Engineer,Automotive Engineer,Biomedical Engineer,Chemical Engineer,Civil Engineer,Computer Engineer,Electrical Engineer,Environmental Engineer,Industrial Engineer,Marine Engineer,Materials Science Engineer,Mechanical Engineer,Mechatronic Engineer,Mining and Geological Engineer,Molecular Engineer,Nanoengineering,Nuclear Engineer,Petroleum Engineer,Software Engineer,Structural Engineer,Telecommunications Engineer,Thermal Engineer,Transport Engineer,Vehicle Engineer,engineering

    Aug 25

    #Canada: #IT Jobs:#Consultants, #Contractors, #Analysts, #Engineers, #Developers, #Technology Consultants, #IT-Consultants Opportunities2021-08-26

    Apply yourself, or submit others as a candidate, Build a recruitment team to submit others as a candidate, submit RFP to be considered for projects in future, Try to become a vendor so that you are asked to submit consultants/resources in future

    1. communications-detection-and-fibre-optics-10031
    2. Consulting Services – Fibre Optic Design
    3. edp-hardware-and-software-10034
    4. Asset Management Information System (AMIS) Consultant
    5. Drupal Based Cloud Hosted Web Content Management System
    6. PQR – Standing Offer for IT Management Consulting Services
    7. edp-and-office-equipment-maintenance-10035
    8. Drupal Based Cloud Hosted Web Content Management System
    9. electrical-and-electronics-10006
    10. Consultant – LAS – Assessment (Design & Construction Phase)
    11. Lighting System Upgrades – Consulting Services
    12. energy-10007
    13. Advocate Cost Consulting Services for 45 Sacré-Coeur Blvd. Project
    14. Prime Consulting Services – RH Coats – Podium and Curtain Wall Replacement
    15. industrial-equipment-10014
    16. REQUEST FOR PROPOSAL (RFP) for MECHANICAL & ELECTRICAL CONSULTANT SERVICES for FORT SASKATCHEWAN – CORRECTIONAL CENTRE – VARIOUS BUILDINGS – Heating Boilers Replacement
    17. REQUEST FOR PROPOSAL (RFP) for MECHANICAL & ELECTRICAL CONSULTANT SERVICES for FORT SASKATCHEWAN – CORRECTIONAL CENTRE – VARIOUS BUILDINGS – Heating Boilers Replacement
    18. machinery-and-tools-10015
    19. Consultant – LAS – Assessment (Design & Construction Phase)
    20. Consultant – Roof Replacement
    21. textiles-and-apparel-10028
    22. RFP #21.0054 Integrated Project Delivery Team – Turf Consultant and Turf Contractor for the Indoor Fieldhouse
    23. architect-and-engineering-services-10048
    24. Professional Consulting Service for Redevelopment of Old Ex Arena-80 Sinclair St
    25. Consultant – LAS – Assessment (Design & Construction Phase)
    26. educational-and-training-services-10043
    27. Space standards consultant for the university sector
    28. Medical Consulting Services for the Assured Income for the Severely Handicapped (AISH) Program for the of Alberta
    29. One Pilot Instructor and one Combination Instructor Flight Engineer and Instructor Load Master (W0107-21XC39/A)
    30. Assessment Consulting Service for the Assured Income for the Severely Handicapped (AISH) Program for the Province of Alberta
    31. environmental-services-10050
    32. Advance Contract Award Notice for Web Based Retirement Calculator Services
    33. financial-and-related-services-10038
    34. P01AD21429 – CONSULTING SERVICES FOR RETAIL STRATEGY DEVELOPMENT
    35. ERP CONSULTING SERVICES
    36. health-and-social-services-10052
    37. HCP Psychology Consultant Services
    38. Safety Advisory Consultant
    39. information-processing-and-related-telecommunications-services-10049
    40. PQR – Standing Offer for IT Management Consulting Services
    41. operation-of-government-owned-facilities-10039
    42. Professional Food Consulting Services (RE-POSTED)
    43. professional-administrative-and-management-support-services-10040
    44. Space standards consultant for the university sector
    45. Mechanical Consulting Services CBC Building – BMS Upgrade, Regina, Saskatchewan
    46. Professional Consulting Service for Redevelopment of Old Ex Arena-80 Sinclair St
    47. Asset Management Information System (AMIS) Consultant
    48. quality-control-testing-inspection-and-technical-representative-services-10053
    49. Consulting Services for Drone Inspection Studies of Halton Region Open and Closed Landfill Sites
    50. REQUEST FOR PROPOSAL (RFP) for THIRD PARTY MATERIAL TESTING CONSULTANT SERVICES for NEW EDMONTON HOSPITAL PROJECT – CAMPUS SITE WORKS
    51. research-and-development-r-d-10036
    52. Engineering Consulting Services for Detailed Dam Break Flood Inundation Mapping
    53. special-studies-and-analysis-not-r-d-10047
    54. Space standards consultant for the university sector
    55. Consulting Services for Feasibility Study and Public Benefit Review for a Vacant Home Tax in Halton Region
    56. Consulting Services for Landfill Infrastructure Condition Assessments at Halton Region Open and Closed Landfill Sites
    57. P01AD21429 – CONSULTING SERVICES FOR RETAIL STRATEGY DEVELOPMENT
    58. Professional Food Consulting Services (RE-POSTED)
    59. undefined-10055
    60. PT-2020-BUSF-259: CONSULTING SERVICES STORMWATER ENVIRONMENTAL COMPLIANCE APPROV