Mohsin Sumar Zend Certified Engineer, PHP Professional, Designer & Web Developer

23Jul/100

PHP / MySQL eCards tutorial

In 2003, I wrote a tutorial on how to build your own eCards service using PHP/MySQL. It was written and published on Flash-dB Forum. If you have any queries, please direct them to Flash dB - Flash eCards Forum.

The bad news is that the tutorial went off-air and I am unable to find it. If you happen to have a copy, please email it to me and if I do manage to find it, I will make a point to update this post.

However, the good news is that I have the zip archive with the scripts. Click on the link below to download.

Download PHP / MySQL eCards Tutorial

Tagged as: , , , , , No Comments
2Jun/100

You do not get great handwriting if you do not start scribbling

I came up with my first original quote in one of my email correspondences today, and I would like to share it with you.

"You do not get great handwriting if you do not start scribbling"
- By Mohsin Sumar

Tagged as: , No Comments
30May/100

Sponsors of Veterani Sports Club – Gezaulole

Mohsin handing T-Shirt of "Extreme #1" to Goalkeeper

Mohsin handing T-Shirt of "Extreme #1" to the Goalkeeper of Veterani Sports Club - Gezaulole, Kigamboni, Dar es Salaam on 21st May 2010.

Earlier this month, on the 21st May 2010 - Extreme Web Technologies sponsored a local football club called Veterani Sports Club in Gezaulole, Kigamboni, Dar es Salaam.

We sponsored new jerseys, shirts, shorts, socks, goalkeepers gloves, referee uniforms, accessories and most important of all - footballs.

You can see me handing over T-Shirt of "EXTREME #1" in the photo on the right.

Click here to see more photos of this event in Extreme Web Technologies Facebook Page.

Tagged as: , , No Comments
15Mar/100

Hibernate does not work anymore in Microsoft Vista

It's been a while since I blogged last, and even longer since I cleaned and free up some disk space on my laptop. While moving and deleting data last week, I used disk cleanup utility. I cleared couple of GBs using this utility, including Hibernation File Cleaner. Obviously, I had no idea what this would do to my laptops' power settings and realized it after a few days that my laptop doesn't hibernate any more and goes to sleep.

After quite sometime trying to fix this, I stumbled across the following knowledge base article on Microsoft Support site: http://support.microsoft.com/kb/929658

The fix is really simple; all you need to do is log in as Administrator and run the following command:-

powercfg /hibernate on

You'll now be able to hibernate again. I'm going to do just that right now! :)

Tagged as: , , , , No Comments
27Nov/090

Securing PHP application from malicious scripts

If you've stumbled across this post, then you've recently become a victim of the most famous way of uploading a malicious script to a website - PHP file uploads.

Many websites and web applications that are developed using PHP & MySQL allow users to upload files, photos and documents to the server. Normally, the upload script receives the files and moves (or writes) it to a directory (folder) with write permissions. If you are on Linux, then this would mean that your folder CHMOD value is 0777.

The Problem
The changing of CHMOD value to 0777 practically allows anyone in the WORLD to write to your folder and is therefore not recommended. However, many a times we are left with no option but to do so - depending on the servers' environment.

How can this be a problem?
This allows attackers to upload upload a malicious PHP script to your directory, which they will then execute by accessing it. This script could either be a mass-mailing script or a malicious script to gain access to your account (or web server).

The Solution
It is said that prevention is better than cure - and therefore, it is important to prevent these scripts from being executed by the server. This can very simply be done by adding a few lines of code to your .htaccess file. If your directory is supposed to hold photo files only, then the following code is recommended to prevent scripts from being executed.

It is also important to disable directory listing on these folders.

# Disable Directory Listing
Options All -Indexes

# Allow access to these file extensions only
<FilesMatch "\.(htaccess|htpasswd|ini|php|cgi|pl|phps|sh)$">
 Order Allow,Deny
 Deny from all
</FilesMatch>

The above will add an extra layer of security to your web application.

Tagged as: , , , , , , No Comments
   Older Entries »

Calendar

August 2010
M T W T F S S
« Jul    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Archives

Categories

My Tutorials

My Websites

Others

Software

Tutorial Sites