Development Tools
FreeMind - free - mind mapping
FileZilla - free - file transfers to server
HTML-Kit - free - file editor, for coding any files
phpDesigner - commercial - for enhanced productivity coding php
7-Zip - for dealing with compressed files such as .zip and .tar
Skype - free and commercial - for internet phone
EverNote - free - for excellent note taking, searching, bookmarking, etc
XAMPP - free - php/mysql server for localhost developing
encrypted cookies
Cookies can be manipulated to hijack accounts. So for sensitive accounts, it's good to include a members password in the cookie itself. Include the password in a state of md5 encryption, then encrypt the entire cookie and validate the user each time they arrive at your site according to cookie being found, and password being accurate.
Here are some functions that will help to do this.
when they login, if they had checked 'remember'
// Encodes data and Creates Persistant Cookie
function bakecookie($username, $password, $ulevel, $uid) {
global $user;
$info = encryptCookie("$username:$password:$ulevel:$uid");
setcookie( "user","$info",time()+15552000, "/", "domainname.com");
return $user;
}//here is the encryptCookie function
function encryptCookie($value){
if(!$value){return false;}
$key = 'The Line Secret Key';
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return trim(base64_encode($crypttext)); //encode for cookie
}//and when we check to see if they're logged in://first check for the user cookie-
if (isset($_COOKIE['user']))
{
$info = decryptCookie($_COOKIE['user']);
$data = explode(":", $info);
$username = $data[0];
$password = $data[1];
$ulevel = $data[2];
$uid = $data[3];
$tz = $data[4];}
}//and here is the cookie decrypt function:
function decryptCookie($value){
if(!$value){return false;}
$key = 'The Line Secret Key';
$crypttext = base64_decode($value); //decode cookie
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv);
return trim($decrypttext);
}
$key is any sentence you wish, which is used to encrypt and decrypt the cookie. The idea is that a hacker would need to know this key in order to decrypt the cookie. But even then, if you have the password in the cookie md5 encrypted, it will be hard for them to get a hold of the password itself.
If a hacker were somehow able to decrypt the cookie, they could use the md5 version of the password to spoof the correct users identity. This would require a successful decryption of the base64 encoded data.
more info here:
http://php.net/manual/en/function.base64-decode.php
One additional security precaution which has gained popularity on banking sites is the use of image keys. This involves having the user setup a security image ahead of time, chosen from some assortment. Once the image is set, in order to access the account, the user must click on the correct image. For instance: a cow. Where the other images are of other animals. With this precaution, a hacker would need to know the username, password, and security image. Most sites requiring this level of security, however, would not allow the setting of cookies to 'remember' a user.
Encrypted cookies is a good idea for any sites requiring security beyond simple cookies, where it is advantageous or convenient to the users to have their login info saved on their local computer so they don't have to enter their username and password each time they visit the site.
fetch RSS feeds and input content to MySQL DB
This is a script I put together which does as the tittle suggests. Grabs a list of RSS feeds from the database and loads them as DOMDocument(), then parses them out using getElementsByTagName() and standard RSS feed structure.
See table names and etc which will need to be set up appropriately, also as always it is a good idea to do input cleansing. Good Luck and Have Fun!
include("$droot/includes/connect.php");//database connection functions and vars
include("$droot/includes/security/class.inputfilter.php"); // input cleansing//select * form rssFeeds where approved = 1 AND user is active
$sql = "SELECT * FROM rssFeeds, Users WHERE rssFeeds.approved = 1 AND Users.active = 1";
$query = sql_query($sql,$dbi);
//And we display the results
while($result = sql_fetch_array($query)) {$rssFeed = $result['rssFeed'];
$feedID = $result['ndx'];
$uid = $result['uid'];$doc = new DOMDocument();
//go fetch the feed and create array
$doc->load(''.$rssFeed.'');
$arrFeeds = array();
//loop though the array
foreach ($doc->getElementsByTagName('item') as $node) {
$itemRSS = array (
'title' => $node->getElementsByTagName('title')->item(0)->nodeValue,
'desc' => $node->getElementsByTagName('description')->item(0)->nodeValue,
'link' => $node->getElementsByTagName('link')->item(0)->nodeValue,//needs to have date converted to fit with db standard
//this is fine for now for testing only, needs translations
//'date' => $node->getElementsByTagName('dc:date')->item(0)->nodeValue
);
array_push($arrFeeds, $itemRSS);//now loop through and cleanse the array
//could this be done once to the whole array?
//good question buddy..
$title = $itemRSS['title'];
$myFilter = new InputFilter();
$title = $myFilter->process($title);
$title = addslashes($title);$desc = $itemRSS['desc'];
$desc = substr($desc, 0, 8000);
$myFilter = new InputFilter();
$desc = $myFilter->process($desc);
$desc = addslashes($desc);$link = $itemRSS['link'];
$myFilter = new InputFilter();
$link = $myFilter->process($link);
$link = addslashes($link);//check if one of same title already exists
$sql8 = "SELECT * FROM `BlogPosts` WHERE `title` = '$title' LIMIT 1";
$query8 = sql_query($sql8,$dbi);
$rows = mysql_num_rows($query8);if($rows != "1") {//if it's not already in there
//insert to BlogPosts table
$sql7 = "INSERT INTO BlogPosts (`uid`,`feedID`,`title`,`desc`,`link`,`approved`) VALUES ('$uid','$feedID','$title','$desc','$link','1')";/* for testing
echo $title;
echo "<br>";
echo $desc;
echo "<br>";
echo $link;
echo "<br>";
//echo $date;
echo "<hr>";*/sql_query($sql7,$dbi);
}
}
}
XML to PHP Array
Mission: Send data from an XML file to the Database. We will be converting the XML to a PHP Array in order to get this done. This will be made possible by using the PHP fuction: simplexml_load_string
Check out this function which takes the contents of an XML file returns an array. Notice how the function receives the data in the form of a local variable. We'll go over how to get the contents of the XML file into a variable in a minute.
So here's the function that converts XML to PHP Array:
function XML2Array($xml,$recursive = false) {
if (!$recursive ) { $array = simplexml_load_string ($xml); }
else { $array = $xml ; }$newArray = array();
$array = $array ;foreach ($array as $key => $value) {
$value = (array) $value;if (isset($value[0])) { $newArray[$key] = trim($value[0]); }
else { $newArray[$key][] = XML2Array($value,true) ; }
}return $newArray;
}
And here's a function we can use to bring in the contents of a web page, or in this case an XML file online, and return the contents in the form of a local PHP variable.
function get_web_page( $url )
{
// Use Curl to return the raw source of a webpage to a variable called
$result;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$result=curl_exec ($ch);
curl_close ($ch);
return $result;
}
Now we'll execute these functions to return and print the array. This array of course could be used instead in any fashion you might use an array.
//first we get the contents of the online xml file
$XMLFile = get_web_page('http://www.yourdomain.com/filename.xml');//echo $XMLFile; //test to make sure the file is there
// call the XML2Array function with the file contents of the.xml file
$XML_as_Array = XML2Array($XMLFile);
//print the array to make sure, then create the insert..
print_r($XML_as_Array);
Building a multi-site search function
Looked into:
Google Custom Search Engine - either has to show ads or paid version. paid version is too expensive if you have lots of sites with lots of pages. simply not cost effective. many features available though. and there is an ajax version which is very smooth. highly customizable.
Yahoo Build your Own Search Service, can't handle major volumn..
Searchblox - a good search engine. a good company. again, can't handle major volumn without price inhibiting proportions.
Ended up building my own. First we created a sitemap maker.. This script builds an xml sitemap for each domain listed in our database table 'Sites'. The sitemap is then stored in a folder on our server. Then the sitemaps are crawled and each url is accessed using 'Curl' and the text from that page is grabbed and stuffed into our 'index' table. All this happens on a daily cron job running of the siteMapMaker.php script and the mainIndex.php script. Finally, we search our index table using php and present the results on our site.
Tracking Website Traffic
This wonderful free tool tracks traffic for multiple websites from one interface.
collects and presents tons of data including country of visitors origin, average amount of hits per hour, etc etc etc. too much to list.
Oh yeah, one of the most useful features, is the visitor path tracker, which shows you which pages each person visited, how long they stayed on that page, and which page they went to next.
For all your website traffic monitoring needs, check out tracewatch.com
Excavating Contractor - rising in searches
Excavating contractor who is expert at grading, digging ponds, pools, basements, etc - seeks to rise up in the organic search engine results..
Here's some advice for the Excavating Contractor!
Two things to know for getting high in search results:
1> CONTENT IS KING.
search engines main goal is to deliver quality information that is on topic.
2> quality (high authority, related) LINKS ARE GOLDEN.
one link from the front page of a high ranking site about excavating contracting is worth more than thousands of links from unrelated sites or sites that are about 'everything' and full of links but no real information...
Write up some text that's about nine paragraphs long, for the front page, need content to appeal to the search engines, use all combos of desired key phrases in the text, but write very naturally because the search engines look for forced keyword insertions..
Links from big directory sites won't help search results much at all. But they're worth getting if you have the time, cuz links are good! Especially links from directory sites that come up when u search for your keywords.. these will help.. Rule of thumb: if a link would be appropriate and useful to the sites visitors, it'll help your search results.
Target your very specific niche
Other thing to remember, 'excavating contractor' search phrase is too broad, nation wide, nay- world wide, and is gonna have big company competitions in the search placement. Companies with lots of resources to hire search engine position experts.., content writers, link getters, etc.. Competition which has established their web presence over the years, and has accumulated large assets of content and link properties..
Therefore-
Target more specific searches, like 'excavating contractor lake
minnetonka' or other locations / sub phrases i.e. 'pond excavating'
Once you pick out a hand full of very specific keyword phrases (called 'long tail keywords'), write content and get links that are in line with this. For instance, submit an article about 'excavating a pond in your lake minnetonka yard' (notice the keywords?) send this article to a website that is targeted to lake minnetonka, and see if you can get a link in the article that reads 'excavating contractor lake minnetonka' for the "anchor text" of the link (this is just the words that the link says). This will boost the sites position for this keyword phrase as well as boost the sites position all around for excavating contractor and any other phrases..
Check out this article from a fellow contractor who used long tail keywords and blogging to promote his fiberglass pools installation business.
add the site and your address here..
http://www.google.com/local/add/lookup?welcome=false&hl=en-US&gl=US
and here http://www.dmoz.org/Business/Construction_and_Maintenance/Commercial_Contractors/Excavation/ (dmoz.org is a human edited directory, used by many search engines to add authority to websites.)
not all the search engine strengthening efforts should be done at once, search engines like to see sites that grow consistently over time. so maybe make a plan to write one article every couple weeks, submit that to local papers (with websites) and any other sites you can find that might like to show quality information about excavating, or about 'tips for hiring a excavating contractor' or whatever other topic u can think of that may be useful to people to read. articles are probably the best way to get quality incoming links, cuz you're providing useful info from someone elses site and you're thereby earning a link pointed to your site..
This is a good spot to submit articles
Remember too that text content on Your Website is even more golden if it's got a bit of freshness added to it every once in a while, consistently. Like a new page added to the site added every couple weeks, something like that. More frequent if your competition is strong. If you send articles out to other sites, best to not also place them on your site, cuz that's duplicate content and it's got more value if unique content is pointing to your site....
this is all a bit of work, but don't be intimidated, do a little at a time, on a regular basis, and you're sure to rise up in the search engines. There are no quick fixes or magic tricks. Those days are over. Now it's just a matter of quality content, and authoritative links from related websites.
Worth noting- you can hire someone else to write good articles for you, on topic.. Let me know if you want some links to quality ghost writers...
Key Resources - from seobook.com
keyword popularity / keyword suggestions (requires free acct)
article: 101 ways to build link popularity
the very complete website marketing mindmap
spoofing the MAC address
Why? i donno. to show we know we can. to know we can.
We've all been raised to know the ip address can give away our location. We think that also gives away who we are. In a sense it does, if we consistently use the same ip address we build an identity around that network node. But the MAC address is hardwired into our computer. Anywhere we bring our laptops, wifi at the library or coffee shops, we are surfing under our MAC address...
MAC stands for Media Access Control, and it is physically permanently burned into your computers Network Interface Card (NIC). The best way to wipe your surfing history clean is to get a new NIC. But even then, there may be certian times when you want to fly under a spoofed MAC address. So here's a few links to some tutorials and tools that will empower you to do so.
Methods to spoof the mac address are going to vary depending on the operating system you're using.. .
more info on spoofing mac address in windows
and here's a windows tool for mac spoofing -macmakeup.
another tool for mac spoofing - macshift.
php sql search w relevance
here's what you wanna do:
take the search string and work it so it has pluses instead of spaces and commas:
$search_modded=str_replace(",","",$_GET[search]);
$search_modded=str_replace(" ","+",$search_modded);
$search_modded="+".$search_modded;
then....
SELECT *, ( (1.3 * (MATCH(title) AGAINST
('$search_modded' IN BOOLEAN MODE))) +
(0.6 * (MATCH(description) AGAINST ('$search_modded' IN BOOLEAN MODE)))
) AS relevance FROM jobs
WHERE ( MATCH(title,description) AGAINST
('$search_modded' IN BOOLEAN MODE) ) ORDER BY relevance DESC
in this example you can actually adjust the weight of the 2 columns that are searched...(title and description)...and it sorts it by relevance pretty good...
i got this off of http://dev.mysql.com/doc ... after searching for hours and hours of course...
free bug trackers
researching free bug trackers
flyspray - php
mantis - php - I'm now working with this one on localhost. so far so good.
arctic - php - free for one project. This one has the nicest looking interface, has change log per version, roadmap, search funtionality. I'm gonna try this one out for a while.. Update - decided against arctic because I don't like the way they deliver the free download. You have to go through a shopping cart! and create an account! too much friction. Lost me. Gonna try out Mantis instead.
phpbugtracker - php - opensource
bugzilla - perl
redmine - ruby on rails 
16bugs - hosted, free for one project
informup - havn't looked at it yet.