GIT – Cheat Sheet

 

Google Map – Info Window

Demo | Download

Contact me “svnlabs@gmail.com” for google map customization 🙂

Never feel sad on losing anything in ur life, Because whenever a Tree loses its leaf, A new leaf is ready to take it’s place…

 

Custom Google Search – setQueryAddition

Google Custom Search service provide customized search for web on your site or blog.
We can filter Google Custom Search results on filetype like PDF 🙂

http://www.svnlabs.com/demo/cse.php

You have to initiate below JavaScript on event…

// create a tabbed mode search control
var tabbed = new GSearchControl();

tabbed.setResultSetSize(GSearch.LARGE_RESULTSET);

// add an additional term to the query
// in this case filetype:pdf
var searcher = new GwebSearch();

//searcher.setResultSetSize(GSearch.LARGE_RESULTSET);

searcher.setUserDefinedLabel("svnlabs (pdf)");
searcher.setQueryAddition("filetype:pdf");

//searcher.setResultSetSize(GSearch.LARGE_RESULTSET);

var searcherOptions = new GsearcherOptions();
searcherOptions.setExpandMode(GSearchControl.EXPAND_MODE_OPEN);

tabbed.addSearcher(searcher, searcherOptions);

// draw in tabbed layout mode
var drawOptions = new GdrawOptions();
drawOptions.setDrawMode(GSearchControl.DRAW_MODE_TABBED);
tabbed.draw(document.getElementById("search_control_tabbed"), drawOptions);

// PHP keyword in search box
tabbed.execute("PHP");

Every day do one thing that you think you cannot do. Soon you will realize that there is nothing that you can not do…

http://rcm.amazon.com/e/cm?t=svnlabs09-20&o=1&p=12&l=ur1&category=apparel&f=ifr

 

How to clean malware from website?

Malware, short for malicious software, is a software designed to secretly access a computer system without the owner’s informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

You have seen above warning many times when you want to browse website using web browsers. This is the warning from search engine bots like Google for website is affected from malwares or viruses. If you still want to access website, it can affect your system or system resources.

Most of times websites are hacked or unauthorized accessed from hackers or cross-site scripting (XSS) or cross-site request forgeries (CSRF).

There may be lot of “holes” in website security that invite hackers to play their game.

The possible HOLES may be:
1. File/Folder permissions
2. Poor authentication for application
3. Cross-Site Scripting
4. Cross-Site Request Forgeries
5. Anti-Virus Software
6. File formats
7. Network “Firewalls/Filters”
8. Shell access & Logs

Please check some link to make web application secure and safe 😉
* http://advosys.ca/papers/web/61-web-security.html
* http://www.claymania.com/safe-hex.html
* http://shiflett.org/articles/foiling-cross-site-attacks
* http://www.ehow.com/how_6804695_remove-malware-website.html
* http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

You can review online Virus & Threat Scanner for cleaning malwares & viruses. These softwares are designed to run on your web server and scan your public web files for malicious code.

Google Safe Browsing Tool
http://www.google.com/safebrowsing/diagnostic?site=yoursite.com

Norton Safe Web
http://safeweb.norton.com/

You can search for more tools like…
“Security Pro | SiteMonitor | IP trap | htaccess | AntiXSS | Check Permissions | KISS FileSafe”

If you are running PHP website under Apache & MySQL, make sure file and folder should not be access public. You have to check PHP function’s security for more secure access.

PHP Functions may be used in hacking:
1. file_get_contents()
2. base64_decode()
3. eval()
4. exec()
5. preg_match()
6. gzuncompress()
7. urldecode()
8. error_reporting()
9. shell_exec()
10. setcookie()
11. chmod()
12. is_writable()
13. move_uploaded_file() and copy()

The above functions can be used by hackers to write malicious code to your files. The malicious code executed using eval() that will execute every run of website. So, disable eval(), file_put_contents(), file_get_contents(), exec() etc. You can check safe_mode in php.ini for disabling shell access 😉

Most of the time websites are hacked using file_get_contents(), eval(base64_decode()), urldecode(), include() or iframes.

You can search infected file on web server “/var/www/” using below command:

# grep -iR ‘eval(base64_decode(‘ /web-root
# grep -iR ‘ # grep -iR ‘urldecode(‘ /web-root
# grep -iR ‘file_get_contents(‘ /web-root
# grep -iR ‘exec(‘ /web-root

As soon as infection found, you have to backup all application running on web server, now you have to remove infected files manually or using scanner.
Now all up to you how you can manage your web server more securely…

I’ve found that luck is quite predictable. If you want more luck, take more chances. Be more active. Show up more often. 😀

 

json_add for php

JSON (JavaScript Object Notation) is a lightweight data-interchange format.

1. Easy for humans to read and write.
2. Easy for machines to parse and generate.
3. Collection of name/value pairs.
4. Used for C, C++, C#, Java, JavaScript, Perl, Python, and many others.
5. Compatible with universal data structures – array, vector, list, or sequence.

json_decode — Decodes a JSON string
json_encode — Returns the JSON representation of a value
json_add — Review below code 😉

<?php
function json_add($old, $new) {  // function to add json strings  $old, $new are arrays
        $old_arr = json_decode($old, true);
        if(is_array($old_arr)) {
            $new_arr = array_merge($old_arr, $new);
            return json_encode($new_arr);
        }
        else {
            // it means first column updation
            return json_encode ( $new );
        }
    }

/*
here $json_str is json formated string in which we have to add new $array
*/
json_add($json_str, $array);    
    
?>

Every opportunity is trouble… Every trouble is opportunity 😉

 

Custom Google Search

Google Custom Search service provide customized search for web on your site or blog.

1. We can add site’s links to get fast and relevant search results
2. We can make money with AdSense for Search
3. We can invite friends and community to contribute
4. We can include one or more websites, or specific webpages
5. We can host the search box and results on your own website
6. We can customize the look and feel of the results to match your site

http://www.google.com/cse/

We can make topic / site specific search on google see below

Magento Search Engine

We can integrate custom google search with our site search, we have to add below to our site…

<script type=”text/javascript”>

window.onload = function()
{

jQuery(“.gsc-input”).focus();  // google search input box

jQuery(“.gsc-input”).val(‘<?php echo isset($_REQUEST[‘q’])?$_REQUEST[‘q’]:”; ?>’); // auto fill site’s search keyword to custome search

jQuery(“.gsc-search-button”).click(); // trigger submit event

}

</script>

Waves are my inspiration, not because they rise and fall, but each time they fall They Rise Again… 🙂

 

Recursive Replace in Files Folders

Hello Friends,

Some time we want to change branding of web based softwares. Open source web based software have GNU License. We can modify the code and launch versions.
We can use PERL (Perl is a highly capable, feature-rich programming language with over 22 years of development.)

Here are some basic steps to Recursive Replace Rename Files, Variables, Folder Name etc.

Let you have a project in folder "/root/svnlabs"

To replace search string in all filename and foldernames recursively

# chmod a+x ./RecursiveRegexpRename.pl

# perl RecursiveRegexpRename.pl -m g 'search_text' 'replace_text'

# chmod a+x ./SearchAndReplaceInMultipleFiles.pl

# perl SearchAndReplaceInMultipleFiles.pl -m g 'Search' 'Replace'

# grep -iRl 'Search' /root/svnlabs  (Now search in your project)

If you would hit the mark, you must aim a little above it 😉

 

Google Ads PHP Class

Google AdSense: AdSense is an ad serving application run by Google Inc. Website owners can enroll in this program to enable text, image, and video advertisements on their websites. These advertisements are administered by Google and generate revenue on either a per-clickor per-impression basis.

<?php
/*
Normal Ad Unit:
728x90_as (Leaderboard)
468x60_as (Banner
)
234x60_as (Half Banner)
125x125_as (Button)
120x600_as (Skyscraper)
160x600_as (Wide Skyscraper)
180x150_as (Small Rectangle)
120x240_as (Vertical Banner)
200x200_as (Small Square)
250x250_as (Square)
300x250_as (Rectangle)
336x280_as (Large Rectangle)

Link Unit:
120x90_0ads_al (4 links)
120x90_0ads_al_s (5 links)
160x90_0ads_al (4 links)
160x90_0ads_al_s (5 links)
180x90_0ads_al (4 links)
180x90_0ads_al_s (5 links)
200x90_0ads_al (4 links)
200x90_0ads_al_s (5 links)
468x15_0ads_al (4 links)
468x15_0ads_al_s (5 links)
728x15_0ads_al (4 links)
728x15_0ads_al_s (5 links)

google_ad_client = “pub-XXXXXXXXXXXXXXXX”;
google_ad_width = 300;
google_ad_height = 250;
google_ad_format = “300x250_as”;
google_ad_type = “text_image”;
google_alternate_ad_url = “http://www.svnlabs.com/&#8221;
google_ad_channel = “XXXXXXXXXX”;
google_color_border = “FFFFFF”;
google_color_bg = “FFFFFF”;
google_color_link = “0000FF”;
google_color_text = “000000”;
google_color_url = “005577”;

*/

//Fill in Google Adsense Publisher ID.
$google_ad_client = “pub-XXXXXXXXXXXXXXXX”;
//Select Google Adsense Format to display
$google_ad_format = “468x60_as”;
//Fill in Ad Channel ID if you have one. Leave it blank if do not have.
$google_ad_channel = “”;
//Select Ad Type
$google_ad_type = “text_image”;
//Ad Border Color
$google_color_border = “FFFFFF”;
//Ad Background Color
$google_color_bg = “FFFFFF”;
//Ad Link Color
$google_color_link = “0000FF”;
//Ad Text Color
$google_color_text = “000000”;
//Ad URL Color
$google_color_url = “005577”;

switch ($google_ad_format)
{
case ‘728x90_as’:
$google_ad_width = 728; $google_ad_height = 90;
break;
case ‘468x60_as’:
$google_ad_width = 468; $google_ad_height = 60;
break;
case ‘234x60_as’:
$google_ad_width = 234; $google_ad_height = 60;
break;
case ‘120x600_as’:
$google_ad_width = 120; $google_ad_height = 600;
break;
case ‘160x600_as’:
$google_ad_width = 160; $google_ad_height = 600;
break;
case ‘120x240_as’:
$google_ad_width = 120; $google_ad_height = 240;
break;
case ‘300x250_as’:
$google_ad_width = 300; $google_ad_height = 250;
break;
case ‘250x250_as’:
$google_ad_width = 250; $google_ad_height = 250;
break;
case ‘336x280_as’:
$google_ad_width = 336; $google_ad_height = 280;
break;
case ‘180x150_as’:
$google_ad_width = 180; $google_ad_height = 150;
break;
case ‘728x15_0ads_al’:
$google_ad_width = 728; $google_ad_height = 15;
break;
case ‘468x15_0ads_al’:
$google_ad_width = 468; $google_ad_height = 15;
break;
case ‘120x90_0ads_al’:
$google_ad_width = 120; $google_ad_height = 90;
break;
case ‘160x90_0ads_al’:
$google_ad_width = 160; $google_ad_height = 90;
break;
case ‘180x90_0ads_al’:
$google_ad_width = 180; $google_ad_height = 90;
break;
case ‘200x90_0ads_al’:
$google_ad_width = 200; $google_ad_height = 90;
break;
case ‘728x15_0ads_al_s’:
$google_ad_width = 728; $google_ad_height = 15;
break;
case ‘468x15_0ads_al_s’:
$google_ad_width = 468; $google_ad_height = 15;
break;
case ‘120x90_0ads_al_s’:
$google_ad_width = 120; $google_ad_height = 90;
break;
case ‘160x90_0ads_al_s’:
$google_ad_width = 160; $google_ad_height = 90;
break;
case ‘180x90_0ads_al_s’:
$google_ad_width = 180; $google_ad_height = 90;
break;
case ‘200x90_0ads_al_s’:
$google_ad_width = 200; $google_ad_height = 90;
break;
}

?>
<script type=”text/javascript”><!–
google_ad_client = “<?php echo $google_ad_client; ?>“;
google_ad_width = <?php echo $google_ad_width; ?>;
google_ad_height = <?php echo $google_ad_height; ?>;
google_ad_format = “<?php echo $google_ad_format; ?>“;
google_ad_type = “<?php echo $google_ad_type; ?>“;
google_ad_channel = “<?php echo $google_ad_channel; ?>“;
google_color_border = “<?php echo $google_color_border; ?>“;
google_color_bg = “<?php echo $google_color_bg; ?>“;
google_color_link = “<?php echo $google_color_link; ?>“;
google_color_text = “<?php echo $google_color_text; ?>“;
google_color_url = “<?php echo $google_color_url; ?>“;
//–>
</script>
<script type=”text/javascript”
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js”&gt;
</script>

Source: http://www.mydigitallife.info/2009/01/17/google-adsense-legacy-old-generation-code-reference-generate-and-get/

 

Block badAgents on site

PHP is very powerful language to block bad agents. Below is the code to avoid webspider using PHP in_array().

<?php
$badAgents = array(‘Acunetix Web Vulnerability Scanner’, ‘Bot\ mailto:craftbot@yahoo.com’, ‘ChinaClaw’, ‘Custo’, ‘DISCo’, ‘Download\ Demon’, ‘eCatch’, ‘EirGrabber’, ‘EmailSiphon’, ‘EmailWolf’, ‘Express\ WebPictures’, ‘ExtractorPro’, ‘EyeNetIE’, ‘FlashGet’, ‘GetRight’, ‘GetWeb!’, ‘Go!Zilla’, ‘Go-Ahead-Got-It’, ‘GrabNet’, ‘Grafula’, ‘HMView’, ‘HTTrack’, ‘Image\ Stripper’, ‘Image\ Sucker’, ‘Indy\ Library’, ‘InterGET’, ‘Internet\ Ninja’, ‘JetCar’, ‘JOC\ Web\ Spider’, ‘larbin’, ‘LeechFTP’, ‘Mass\ Downloader’, ‘MIDown\ tool’, ‘Mister\ PiX’, ‘Navroad’, ‘NearSite’, ‘NetAnts’, ‘NetSpider’, ‘Net\ Vampire’, ‘NetZIP’, ‘Octopus’, ‘Offline\ Explorer’, ‘Offline\ Navigator’, ‘PageGrabber’, ‘Papa\ Foto’, ‘pavuk’, ‘pcBrowser’, ‘RealDownload’, ‘ReGet’, ‘SiteSnagger’, ‘SmartDownload’, ‘SuperBot’, ‘SuperHTTP’, ‘Surfbot’, ‘tAkeOut’, ‘Teleport\ Pro’, ‘VoidEYE’, ‘Web\ Image\ Collector’, ‘Web\ Sucker’, ‘WebAuto’, ‘WebCopier’, ‘WebFetch’, ‘WebGo\ IS’, ‘WebLeacher’, ‘WebReaper’, ‘WebSauger’, ‘Website\ eXtractor’, ‘Website\ Quester’, ‘WebStripper’, ‘WebWhacker’, ‘WebZIP’, ‘Wget’, ‘Widow’, ‘WWWOFFLE’, ‘Xaldon\ WebSpider’, ‘Zeus’);
if(in_array($_SERVER[‘HTTP_USER_AGENT’],$badAgents)) {
exit();
}
?>

 

 

Override PHP Function

PHP have PECL (PHP Extension & Community Library) function to override built-in functions by replacing them in the symbol table.

bool override_function ( string $function_name , string $function_args , string $function_code )

1. <?php
2. override_function(‘strlen’, ‘$string’, ‘return override_strlen($string);’);
3. function override_strlen($string){
4. return strlen($string);
5. }
6. ?>

The above function “override_function()” require APD i.e. Advanced PHP Debugger.

We can find more about APD here…
http://pecl.php.net/package/apd

Linux users can install apd using below command

# pecl install apd

There is an alternate way to override PHP functions, we can use below class “override” to override any built-in PHP function if PECL is not installed on server 😉

1. <?php
2. $or = new override ();
3. $or->override_function(‘strlen’, ‘override_strlen‘, ‘return override_strlen($string);’);
4. function override_strlen($string){
5. return strlen($string);
6. }
7. ?>
   
   

<?php

$url = 'http://www.svnlabs.com';
$override = new override();

$override->override_function('file_get_contents','fileGetContents',$url);

if ($over_func_name = $override->override_check('file_get_contents')) {
    $result=call_user_func($over_func_name, $url);
}


function fileGetContents($url)
{
  /// statements
}

?>

PHP Function OverRide Class
 


<?php


class override {


var $functions = array();


var $includes = array();


function override_function($override, $function, $include) {


if ($include) {


$this->includes[$override] = $include;


}


else if (isset($this->includes[$override])) {


unset($this->includes[$override]);


}


$this->functions[$override] = $function;


}


function override_check($override) {


if (isset($this->includes[$override])) {


if (file_exists($this->includes[$override])) {


include_once($this->includes[$override]);


}


if (function_exists($this->functions[$override])) {


return $this->functions[$override];


} else {


return false;


}


} else {


return false;


}


}


}


?>


 
 
 
 
Make a habit of creating things modular, that means “pluggable” and “unpluggable”. 
 
<?php
class override {
var $functions = array();
var $includes = array();
function override_function($override, $function, $include) {
if ($include) {
$this->includes[$override] = $include;
}
else if (isset($this->includes[$override])) {
unset($this->includes[$override]);
}
$this->functions[$override] = $function;
}
function override_check($override) {
if (isset($this->includes[$override])) {
if (file_exists($this->includes[$override])) {
include_once($this->includes[$override]);
}
if (function_exists($this->functions[$override])) {
return $this->functions[$override];
} else {
return false;
}
} else {
return false;
}
}
}
?>