| Subcribe via RSS

Super-Simple Wordpress RSS Syndication For Your Site

August 21st, 2008 | 4 Comments | Posted in Articles, Code, Computers, Linkification, PHP, WWW

If you’re like me you probably have a blog as well as another site. I have found that an effective way to get vistiors to the blog is to link to it from the main site, assuming that that site is more popular. RSS (Really Simple Syndicate) is a way of syndicating your blog to other areas of the web. It is based on XML and generated automatically by Wordpress.

A PHP RSS parser is MagpieRSS. We will be using it in the following tutorial.

  1. Download the most recent version of MagpieRSS from the above website.
  2. Upload the “rss” folder to your web server.
  3. Next we need to make a PHP include file for displaying the posts. Use the following code 
    <?php
require_once('rss/rss_fetch.inc'); //Include the MagpieRSS include file
$url = 'http://yoursite.com/blog/?feed=rss2'; //Set a variable containing the URL to your blogs RSS feed
$rss = fetch_rss($url); //Retrieve the posts
$items = array_slice($rss->items, 0, 5); //Only show the first 5 posts (the second number can be customized to suit your needs)
$posts = '';
foreach ($items as $item) { //Loop through the items
	$href = $item['link'];
	$cat = $item['category'];
	$title = $item['title'];
	$date = $item['pubdate'];
	$text = $item['content']['encoded'];
	$text = preg_replace('/<img [^>]+\/?>/', '[image]', $text); //Replace images with [image]
	$text = preg_replace('/<\/?[^>]+>/', '', $text); //Get rid of HTML
	$posts .= "<li><a href=$href>$title</a> <em>".substr($text, 0, 100)."</em></li>"; //Print the current post title linked to the page on your blog, and the first 100 chars of the post
}
echo $posts;
?>
  4. Now you can include that file into your site wherever you want the feed to appear. Enjoy the free traffic!
Tags: , ,

How to Catch Hackers, Pt. 2

August 9th, 2008 | No Comments | Posted in PHP 
if(stristr($_GET['p'], 'order by') || stristr($_GET['p'], '--') || stristr($_GET['p'], '\'') || stristr($_GET['p'], '../'))
{
		echo '

No Script Kiddies Allowed


Checking user IQ...
User IQ < minimum. Page not loaded.
Sending e-mail to webmaster (I\'m not kidding)...
Success!
If you want to hack this page, please type the following in a terminal: sudo rm -rf /';
		$text = 'IP Address: '.$_SERVER['REMOTE_ADDR'].'
Query string: '.$_GET['p'];
		mail('you@gmail.com', 'SQL Hacker', $text, "From: you@gmail.com\n");
}

This does not actually protect your site, if you’re using SQL you should properly escape your input. This site uses flatfiles so it’s interesting how many people try an SQL injection (3 so far) — but since I put this up they always leave after the first attempt!

Update (8/10): I forgot the most important part of the code… fixed now >_<

Tags: ,

Keep Spambots Out with a Simple Math CAPTCHA

July 19th, 2008 | 5 Comments | Posted in Articles, Code, PHP

Spambots are undoubtably among the most annoying problems for web developers. They look for forms on your site, and submit links to their own websites, repeated many times and mixed with keywords. One way to deter them is a CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart). One common form of this is an image with distorted letters, and the user has to type in the letters. I find those really annoying, and unless you are very popular you probably don’t need something so difficult to crack. Our CAPTCHA will ask the user to answer an addition problem.
More »

Tags: ,

Pagination in PHP

July 18th, 2008 | 6 Comments | Posted in Articles, Code, PHP

If you are going to have a site where users can submit stuff, and the stuff is listed on one page, you definitely need pagination. Pagination scripts consist of two main parts: getting the correct records and displaying them, and displaying the page links at the bottom.
More »

Tags: ,

Creating a Login Script in PHP

July 9th, 2008 | 4 Comments | Posted in Articles, Code, PHP

A user authentication system is required for most large webapps. The login script we will make in this tutorial will be flatfile based, and contain login, register, and logout features.

More »

Tags:

Some Random PHP Functions

July 8th, 2008 | No Comments | Posted in Code, PHP

Please use these :)

Math Functions:

function distance($x1, $y1, $x2, $y2)
{
	$x = pow($y2 - $y1, 2);
	$y = pow($x2 - $x1, 2);
	$distance = sqrt($x + $y);
	return $distance;
}
function midpoint($x1, $y1, $x2, $y2)
{
	$x = ($x1 + $x2)/2;
	$y = ($y1 + $y2)/2;
	$midpoint = '('.$x.','.$y.')';
	return $midpoint;
}
function calculate($equation)
{
	$equation = ereg_replace('([A-Z]|[a-z])', '', $equation);
	$answer = eval('return '.$equation.';');
	return $answer;
}

String Functions:

function array_stristr($text, $search)
{
    $num_matches = 0;
    for($i = 0; $i < count($search); $i++)
    {
        if(stristr($text, $search[$i]))
        {
            $num_matches++;
        }
    }
    return $num_matches;
}
function get_words($text, $offset, $length=null)
{
	$text = explode(' ', $text);
    if($length)
        $text = array_slice($text, $offset, $length - $offset + 1);
    else
        $text = array_slice($text, $offset);
    $text = implode(' ', $text);
    return $text;
}

Text Functions:

function alternating_caps($text)
{
	$text = strtolower($text);
	$x = 1;
	for($i = 0; $i < strlen($text); $i++)
	{
		if($x == 1)
		{
			$text{$i} = strtoupper($text{$i});
			$x = 2;
		}
		elseif($x == 2)
		{
			$x = 1;
		}
	}
	return $text;
}
function random_caps($text)
{
	$text = strtolower($text);
	for($i = 0; $i < strlen($text); $i++)
	{
		$x = round(rand(0, 1));
		if($x == 1)
		{
			$text{$i} = strtoupper($text{$i});
		}
		elseif($x == 2)
		{
		}
	}
	return $text;
}

Hopefully these will be useful for somebody.

Tags: ,

How To Catch Hackers

July 6th, 2008 | 1 Comment | Posted in PHP

How to catch hackers

(click for full size)

Tags: ,

Introduction to Templating with PHP

July 6th, 2008 | 7 Comments | Posted in Articles, Life, PHP

Templating is important to nearly every website now. It allows you to use the same
design on all your pages, while having different content. There are many ways of
doing it; this article will focus on the most common

Method 1: File Inclusion

Read the paragraph below before using this code!

[header code]
<?php
include($_GET['file']);
?>
[footer code]

This is the most simple templating system. Pages are accessed by going to the
URL

http://domain.com/index.php?file=aboutus.php

, etc. However, you should
not use this code. Why? People could use a URL such as

http://domain.com/index.php?file=/etc/passwd

or even

http://domain.com/index.php?file=http:/ … ngtool.php

, and
include any file they want from your server or elsewhere.

One way to prevent hacking with this method is to create a file list, and
prevent files other than those in the list from being accessed.

[header code]
<?php
$allowed = array('aboutus.php', 'products.php', 'home.php', 'contact.php');
if(in_array($_GET['file'], $allowed))
include($_GET['file']);
else
die('You are not allowed to access that file!')
?>
[footer code]

Method 2: Single File

In this method, all the pages are stored in one PHP file.

[header code]
<?php
$pages = array(
'aboutus' > '
Page contents 1
',
'products' > '
Page contents 2
',
'home' > '
Page contents 3
',
'contact' > '
Page contents 4
'
);
if(in_array($_GET['page'], $pages))
echo $pages[$_GET['page']];
else
echo 'The page you tried to access does not exist.';
?>
[footer code]

This can be easier to edit, because you only need to edit one file, but you also
have to remember to escape your quotes, e.g. don\’t, I\’ve, etc. as the pages
are stored as PHP strings.

Method 3: Content Management System

A content management system is a pre-made PHP script that makes it easy to setup
a website. You can usually download more templates, or make your own, although
it is usually more difficult than if you were making a template system from
scratch. These script also contain many features, called modules or plugins,
that allow you to add new stuff to your site–forum, poll, blog, directory,
store, etc. and you can also download more of these.

Method 4: Template File

Template files contain all the necessary information for a page’s structure and layout,
and placeholders for the content. They need a method of storing the page data as
well. Here is an example of a template file:

My Site - [pagetitle]

[pagetitle]


[pagecontent]

In this example, the data files are stored in separate files, similar to method 1. However,
the files contain a PHP array rather than the page contents.

1<?php
$page = array(
'title' > 'About Us',
'content' > 'This is our about us page!'
);
?>

A PHP script ties it all together.

<?php
$allowed = array('aboutus', 'products', 'home', 'contact');
if(in_array($_GET['file'], $allowed))
include($_GET['file'].'.php');
else
die('You are not allowed to access that file!')
$template = file_get_contents('template.html');
$replace = array('[pagetitle]', '[pagecontent]');
$replacements = array($page['title'], $page['content']);
$template = str_replace($replace, $replacements, $template)
echo $template;
?>

This method is the most flexible, as you can easily add new template variables (the text
in brackets in the above example). There are also PHP templating libraries available,
however these are often hard to use, and you can easily make your own.

Tags: