database values are in config.php
# $sql_host - DNS name or IP of your MySQL server;
# $sql_user - MySQL user name;
# $sql_db - MySQL database name;
# $sql_password - MySQL password.
usual work flow of authenicated pages is
require "./auth.php";
auth.php includes the following
@include_once "./top.inc.php";
@include_once "../top.inc.php";
@include_once "../../top.inc.php";
if (!defined('DIR_CUSTOMER')) die("ERROR: Can not initiate application! Please check configuration.");
require_once $xcart_dir."/init.php";
important function x_load defined in include/func/func.core.php
it includes file like this
x_load("backoffice");
includes include/func/func.backoffice.php
template engine is smarty
Password encryption is done in function text_crypt in includes/funct/func.crypt.php
Friday, November 27, 2009
Thursday, November 12, 2009
Wednesday, November 11, 2009
Jomsocial
documentation(http://www.jomsocial.com/docs.html)
FAQ(http://www.jomsocial.com/docs/Pre_sales_FAQ)
demo(http://www.jomsocial.com/community.html)
user perspective http://www.jomsocial.com/docs/User_guide
the following are the main functionalities available in default jomsocial component in users perpective
1.add as friend
2.add photos
3.add videos
4.write a private message
5.list friends
6.edit profile,change profile photo
7.configure privacy settings
8.show my updates to others
9.create group
10.wall
11.adjust, arrange, remove, applications (http://www.jomsocial.com/docs/List_of_Applications)
FAQ(http://www.jomsocial.com/docs/Pre_sales_FAQ)
demo(http://www.jomsocial.com/community.html)
user perspective http://www.jomsocial.com/docs/User_guide
the following are the main functionalities available in default jomsocial component in users perpective
1.add as friend
2.add photos
3.add videos
4.write a private message
5.list friends
6.edit profile,change profile photo
7.configure privacy settings
8.show my updates to others
9.create group
10.wall
11.adjust, arrange, remove, applications (http://www.jomsocial.com/docs/List_of_Applications)
Monday, November 9, 2009
Possible attacks on and from websites
Iframe Attack
Solution
change permission of php, htm, html , js and css files to 444
If you need to edit any file, first change its permission to 655
once you completed the changes
set the permission back to 444
also check for joomla
Bloodhound exploits , link2
Solution
change permission of php, htm, html , js and css files to 444
If you need to edit any file, first change its permission to 655
once you completed the changes
set the permission back to 444
also check for joomla
Bloodhound exploits , link2
htaccess,mod rewrite tips
if your intention to code and decode mod_rewrite urls and handle it with php and mysql ,this should work
to convert to url
$url = preg_replace('/[^A-Za-z0-9_-]+/', '-', $string);
And to check in mysql with the url value,use the same expression discounting '-'.first replace the url value with php using preg_replace and use with mysql REGEXP
$sql = "select * from table where fieldname_to_check REGEXP '".preg_replace("/-+/",'[^A-Za-z0-9_]+',$url)."'"
http://www.freewebmasterhelp.com/tutorials/htaccess/
Error display
php_flag display_errors on
#E_ALL ^ E_NOTICE
php_value error_reporting 2039
condtional flag settings based on php version
# PHP configuration values
< IfModule mod_php5.c >
php_flag register_long_arrays On
php_flag register_globals On
php_flag display_errors Off
< /IfModule >
< IfModule mod_php4.c >
php_value session.use_trans_sid 0
php_value register_globals 1
php_flag display_errors On
php_flag track_errors Off
< /IfModule >
enabling url rewrite
RewriteEngine On
RewriteBase /
check for hostname
#RewriteCond %{HTTP_HOST} ^myhostname\.com
#RewriteRule (.*) http://www.myhostname.com/$1 [R=301,L]
Check for Query string
RewriteCond %{QUERY_STRING} ^options\=(.*)$
RewriteRule ^(.*)-p-(.*).html$ script.php?var=$2&%{QUERY_STRING}
Rewrite for file name
RewriteRule ^(.*)-p-(.*).html$ redirect.php?var=$2%1
Rewrite based on browser
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
password protection
http://www.freewebmasterhelp.com/tutorials/htaccess/3
to convert to url
$url = preg_replace('/[^A-Za-z0-9_-]+/', '-', $string);
And to check in mysql with the url value,use the same expression discounting '-'.first replace the url value with php using preg_replace and use with mysql REGEXP
$sql = "select * from table where fieldname_to_check REGEXP '".preg_replace("/-+/",'[^A-Za-z0-9_]+',$url)."'"
http://www.freewebmasterhelp.com/tutorials/htaccess/
Error display
php_flag display_errors on
#E_ALL ^ E_NOTICE
php_value error_reporting 2039
condtional flag settings based on php version
# PHP configuration values
< IfModule mod_php5.c >
php_flag register_long_arrays On
php_flag register_globals On
php_flag display_errors Off
< /IfModule >
< IfModule mod_php4.c >
php_value session.use_trans_sid 0
php_value register_globals 1
php_flag display_errors On
php_flag track_errors Off
< /IfModule >
enabling url rewrite
RewriteEngine On
RewriteBase /
check for hostname
#RewriteCond %{HTTP_HOST} ^myhostname\.com
#RewriteRule (.*) http://www.myhostname.com/$1 [R=301,L]
Check for Query string
RewriteCond %{QUERY_STRING} ^options\=(.*)$
RewriteRule ^(.*)-p-(.*).html$ script.php?var=$2&%{QUERY_STRING}
Rewrite for file name
RewriteRule ^(.*)-p-(.*).html$ redirect.php?var=$2%1
Rewrite based on browser
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
password protection
http://www.freewebmasterhelp.com/tutorials/htaccess/3
Creloaded
Commercial shopping cart
http://www.creloaded.com/
after downloading backup,
import db
edit path and db variables in
configure.php
includes/configure.php
admin/includes/configure.php
UPDATE `admin` SET `admin_password` = 'ac0501ee3073f680a3a77c66d8c3edb1:09' WHERE `admin`.`admin_id` =5 LIMIT 1 ;
for setting password = 123456 as encrypted in function tep_encrypt_password($plain) in includes/functions/password_funcs.php
SEF module
Installation_and_Guide_To_PCI_Compliance_v_1.1.pdf
Shipping module development
it is saved in should contain the functions l\includes\modules\shipping\ folder name of file and class should be same.should contain following functions
http://www.creloaded.com/
after downloading backup,
import db
edit path and db variables in
configure.php
includes/configure.php
admin/includes/configure.php
UPDATE `admin` SET `admin_password` = 'ac0501ee3073f680a3a77c66d8c3edb1:09' WHERE `admin`.`admin_id` =5 LIMIT 1 ;
for setting password = 123456 as encrypted in function tep_encrypt_password($plain) in includes/functions/password_funcs.php
SEF module
Installation_and_Guide_To_PCI_Compliance_v_1.1.pdf
Shipping module development
it is saved in should contain the functions l\includes\modules\shipping\ folder name of file and class should be same.should contain following functions
- constructor(same as classname)
- quote($method = '') :fucntion that returns the text and vlayues to display below shopping cart.should return in the format
$this->quotes = array('id' => $this->code,
'module' => titelOfTheShippingModule,
'methods' => array(array('id' => $this->code,
'title' => $shipping_method,
'cost' => $shipping_cost))); - check() : to check if this module is installed when shown in admin section,basically checks the configuration table
- install() :should enter values into configuration table .contains
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) VALUES ('
- remove() : remove all entries in configuration table
- keys() : returns keys to be stored as 'configuration_key' in TABLE_CONFIGURATION,used in install,remove etc
- $code,
- $title,
- $description
Tuesday, November 3, 2009
Virtuemart
- Trouble shooting? See this thread
- For admin - user manual
- For coding, styling - developer manual
After installing with joomlapack
Edit administrator\components\com_virtuemart\virtuemart.cfg.php
define( 'URL', str_replace("/administrator/","/",JURI::base()));
How to display attributes on the browse page?
Display selectable attributes on main browse page
CLASSPATH is administraor/components/com_virtuemart/classes
payment and shipping gateway files are in subfolders of this folder
'Model' files are in administraor/components/com_virtuemart/html
'View files'(html files) are in /components/com_virtuemart/themes
Attributes with Stock Control (Child and Parent Products),Advanced attributes,Custom Atrribute
Monday, November 2, 2009
javascript tips
date picker with drop downs
default values in textbox,they dissappear on focus
Syntax highlighter
DOM basics
Style Object
Regexp
Email:
check url:
var filter = /^http(s?):\/\/(\w*)\.([\-\+a-z0-9]*)\.(\w*)/;
Iframe handling
String Trim : http://www.somacon.com/p355.php
or as function trim in http://www.webtoolkit.info/javascript-trim.html
strip_tags http://javascript.internet.com/snippets/remove-html-tags.html
Popular javascript Frame works
http://www.ajaxline.com/10-most-popular-javascript-frameworks
http://en.wikipedia.org/wiki/Comparison_of_JavaScript_frameworks
Modal Windows
http://javascript.gakaa.com/window-showmodaldialog-4-0-5-.aspx
Modal windows with frameworks
http://www.designlabelblog.com/2009/03/20-ways-to-create-javascript-modal.html
default values in textbox,they dissappear on focus
Syntax highlighter
DOM basics
Style Object
Regexp
Email:
function checkEmail(emailField) {
var email = emailField;
var filter = /^([a-zA-Z0-9_.-])+@(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})+$/;
return filter.test(email.value);
}
check url:
var filter = /^http(s?):\/\/(\w*)\.([\-\+a-z0-9]*)\.(\w*)/;
Iframe handling
String Trim : http://www.somacon.com/p355.php
or as function trim in http://www.webtoolkit.info/javascript-trim.html
strip_tags http://javascript.internet.com/snippets/remove-html-tags.html
Popular javascript Frame works
http://www.ajaxline.com/10-most-popular-javascript-frameworks
http://en.wikipedia.org/wiki/Comparison_of_JavaScript_frameworks
Modal Windows
http://javascript.gakaa.com/window-showmodaldialog-4-0-5-.aspx
Modal windows with frameworks
http://www.designlabelblog.com/2009/03/20-ways-to-create-javascript-modal.html
Sunday, November 1, 2009
HTML/CSS tips
Input box with rounded corners
using this image as background
/* Rounded Corner */
/*Method 1 set the bg of the imput as the image itself.Drawback is that you should explicitly set the wiidth and height of the input box to match the size og the backgorund*/
.tb5 {
background:url(../images/bgd_input.gif) no-repeat ;
height: 25px;
width: 265px;
color:#FFF;
padding-top:5px;
padding-left:5px;
}
HTML to use
< input type="text" name="email" id="email" class="tb5"/ >
/*Method 2 put the input inside 3 nested divs.containerleft,container right,container as below.set bg of the input box to none.Using this method variable size inputs can have rounded corners*/
#inputContainerLeft{
background:url(../images/bgd_input.gif) no-repeat ;
display:inline-block;
background-position:top left;
padding:0px 0px 0px 5px;
margin:0px;
}
#inputContainerRight{
background:url(../images/bgd_input.gif) no-repeat ;
background-position:right top;
display:inline-block;
padding:0px 5px 0px 0px;
margin:0px;
height:30px;
border:0px solid #FF0;
}
.halfInputContainer{
background:none;
color:#FFFFFF;
margin-bottom:0px ;
padding:5px 0px 5px 0px;
border:0px solid #F00;
}
.halfInput{
background:none;
color:#FFFFFF;
padding:0px;
}
HTML to use
< div id="inputContainerLeft" >
< div id="inputContainerRight" >
< div class="halfInputContainer" >
< input type="text" name="mobile_no" size="10" class="halfInput" / >
< / div >
< / div >
< / div >
for IE6 you shoukld add this addtional block in the html page
< !--[if IE 6] >
< style tpe="text/css" >
.inputContainerRight{
width=10px;
}
< /style >
< ![endif]-- >
using this image as background
/* Rounded Corner */
/*Method 1 set the bg of the imput as the image itself.Drawback is that you should explicitly set the wiidth and height of the input box to match the size og the backgorund*/
.tb5 {
background:url(../images/bgd_input.gif) no-repeat ;
height: 25px;
width: 265px;
color:#FFF;
padding-top:5px;
padding-left:5px;
}
HTML to use
< input type="text" name="email" id="email" class="tb5"/ >
/*Method 2 put the input inside 3 nested divs.containerleft,container right,container as below.set bg of the input box to none.Using this method variable size inputs can have rounded corners*/
#inputContainerLeft{
background:url(../images/bgd_input.gif) no-repeat ;
display:inline-block;
background-position:top left;
padding:0px 0px 0px 5px;
margin:0px;
}
#inputContainerRight{
background:url(../images/bgd_input.gif) no-repeat ;
background-position:right top;
display:inline-block;
padding:0px 5px 0px 0px;
margin:0px;
height:30px;
border:0px solid #FF0;
}
.halfInputContainer{
background:none;
color:#FFFFFF;
margin-bottom:0px ;
padding:5px 0px 5px 0px;
border:0px solid #F00;
}
.halfInput{
background:none;
color:#FFFFFF;
padding:0px;
}
HTML to use
< div id="inputContainerLeft" >
< div id="inputContainerRight" >
< div class="halfInputContainer" >
< input type="text" name="mobile_no" size="10" class="halfInput" / >
< / div >
< / div >
< / div >
for IE6 you shoukld add this addtional block in the html page
< !--[if IE 6] >
< style tpe="text/css" >
.inputContainerRight{
width=10px;
}
< /style >
< ![endif]-- >
Subscribe to:
Posts (Atom)