SEARCH KEYWORD -- SQL injection


  Handy PHP functions should be in your toolkit

When developing projects, there are always some common work should be accomplished, for example, encrption/decryption, get IP. As a PHP developer, you should have a list of the handy functions in your toolkit so that you can pick up in every project you work on. Here is a summary of some handy PHP functions. 1. PHP encryption/decryption Encryption/decryption can be used when storing user confidential information such as passwords. Below function uses base64 and MD5 to accomplish encryption/decry...

   PHP,function,real IP,SQL injection     2014-12-06 08:46:08

  Simple PHP paging class

Frequently in our web applications, we may have many records in the database to display. In order to imrpove loading speed and efficiency, we may need to display some records at a time, so we need to paginate the records. For example, if we have 1 million book records and when users want to view the book list, it's inefficient to display all the records on the same page, we may need to have some pagination to allow displaying a portion of the records such as 20 records per page. This is a simple...

   PHP,Paging,Class     2012-09-10 20:23:33

  How to optimize MySQL insert statement

For a big data system, one problem is the data access efficiency, one more problem is that the data insertion is very slow. We had a service system, the data loading process would take 4-5 hours. This time consuming operation is risky since if the program is interrupted during the loading process, it might be rerun, this will be troublesome. So it's necessary to improve the insertion efficiency for big data systems. Here we provide two optimization suggestions. 1. Combine multiple insert stateme...

   MySQL,insert,optimization     2012-10-24 22:03:13

  Statistics on StackExchange

StackExchange is the most popular and professional IT Q&A site, Under StackExchange, there is StackOverflow and other sub sites. Many of us may wonder how this mega site is maintained and what its performance is. A performance page has been released by StackExchange recently. Below is some statistic about this mega site. 560 million page views per month, i.e around 1.9 million PVs per day. For such as big site, it has only 9 web servers and 4 SQL servers(while two of them are in backup mode...

   Stackoverflow,statistic     2015-01-05 02:47:01

  How to reset root password in MySQL 8

The user password in MySQL is stored in the user table, the password reset is actually to change the value of record in this table. To change the password in case the password is forgotten, the idea is to bypass the authentication of MySQL and get into the system and update the record password value with SQL command. In MySQL 5, one can start MySQL service with --skip-grant-tables option, this option will tell the service to skip loading the grant tables when starting, hence the root user can lo...

   MYSQL,PASSWORD,MYSQL 8     2018-12-24 21:27:13

  Workaround size limit of phpMyAdmin import sql file

When doing website development with MySQL, we often need to do database backup and restore. For website, the data in database will grow quickly, so when we back up the database, the size of the generated sql file may be over 80MB which is the max allowed size when we want to import a sql file for restoring our database using phpMyAdmin. To workaround this limit, we need to review the documentation of phpMyAdmin. Fortunately, I found an online article written by David Pratt  which gave us a ...

   MySQL,phpMySQLAdmin,80M,import,solution,limit     2014-08-14 09:59:27

  Guide on recovering data in MySQL

In our daily work, there might be mistakes made which got some data or even databases deleted in MySQL. If this happens on production, it would be a nightmare. In case this happens, normally DBA would jump in to save the world. And they would try to recover the data from the backup if there is any. But if there is no backup, then the show stops. Hence database backup is necessary on production environments to avoid such awkward situation. Also normally in MySQL, binlog should be enabled as well ...

   MYSQL,DATABASE,BACKUP,BINLOG,EXAMPLE     2020-08-26 07:50:30

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Computer skills one can learn within one day

Computer related technical skills are usually thought as complicated and difficult to understand. It's very difficult for one to get hands on one skill or master one skill. But if you really do want to learn something useful within one day, there are some good choices which will not take too long to get to know and use.. Version control:- Git, GitHub and SVN Regular expressions AWK sed Grep Learn how to do things with Vim that you never knew could be done. Set up a crawler that can scrape some ...

   Computer skills,Learn     2013-09-16 08:51:35

  A trap in PDOStatement::bindParam

First, let's check out below codes: <?php $dbh = new PDO('mysql:host=localhost;dbname=test', "test"); $query = <<prepare($query); $bind_params = array(':username' => "laruence", ':password' => "weibo"); foreach( $bind_params as $key => $value ){ $statement->bindParam($key, $value); } $statement->execute(); What is the SQL executed finally? Is there any problem with above codes? Many people may think the query executed is : INSERT INTO `user` (`username`, `password...

   PHP,Trap,bindParam     2013-08-29 10:48:55

RECENT