PHP Archives - Page 3 of 4

Custom PHP version on IIS Express and WebMatrix 3

PHP 7 with OPcache in IIS Express for Microsoft WebMatrix 3: learn how to create your own PHP development environment easily with Microsoft WebMatrix and IIS Express and your own custom PHP version. Note: this guide also applies to newer PHP versions, just change the version numbers. (outdated)

By Jan Reilink 19/08/2014Windows Server

Web application security

Increase in SQL injection attacks

Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity - on various web sites and databases - has the following characteristics

By Jan Reilink 07/08/2014Web application security

Web application security

MySQL sleep() attacks

MySQL sleep() command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting "AND sleep(3)" in the address bar... Here is how to put a MySQL server to sleep, happy SQL injection!

By Jan Reilink 05/08/2014Web application security

Code base

Magento maintenance script for IIS

Optimize the speed and performance of your Magento ecommerce webshop by carrying out important maintenance. Now for Windows Server IIS too. Remove old MySQL database log files and Magento cache data on a regular basis.

By Jan Reilink 25/07/2014Code base

WordPress

Huge increase in WordPress xmlrpc.php POST requests

WordPress xmlprc.php DDoS and brute-force attacks. How to identify, block, mitigate and leverage these xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites... Secure WordPress xmlprc.php interface and reduce service disruption.

By Jan Reilink 07/07/2014WordPress

Code base

How to: Test MySQL database connectivity in ASP.NET, PHP, ASP

Test MySQL database connectivity in ASP.NET, PHP, ASP; Simple MySQL connection test from your website with ASP.NET, PHP & classic ASP. Whenever you need a MySQL connectivity test from a website or server, it's handy to have various test scripts nearby. Whether it is because you are setting up a new website or you have just installed a new server and are running your tests.

By Jan Reilink 26/05/2014Code base

Windows Server

How to hide the .php file extension with IIS URL Rewrite Module

How to hide file extensions, such as .php or .asp, with URL Rewrite Module in IIS. This example will hide the .php extension using IIS URL Rewrite Module, in a ready to use web.config & .htaccess example: extension less URLs in IIS.

By Jan Reilink 23/05/2014Windows Server

WordPress

How to clean up Contact Form 7 temporary captcha files on IIS web servers

Contact Form 7 is a WordPress plugin that provides a simple but flexible contact form. On IIS, Contact Form 7 captcha has one HUGE disadvantage: temporary captcha files placed in wp-content/uploads/wpcf7_captcha, are not automatically removed. The files are made read only. Here is how to remove Contact Form 7 temporary captcha files on IIS...

By Jan Reilink 28/04/2014WordPress

Code base

Set or remove the read-only attribute assigned to files with PHP chmod

Chmod.php, change file attributes with PHP, to make files read only or normally accessible on Windows IIS servers. Sometimes you need chmod to make files read only on your website, or make them normally accessible in case they already are read only. For instance Drupal's settings.php configuration file, or WordPress Contact Form 7 temporary captcha files, are examples of read-only files.

By Jan Reilink 27/04/2014Code base

Code base

Validate MIME types with PHP Fileinfo

How to check the file type in PHP and secure file uploads: it is important to validate MIME types in PHP. Especially of files uploaded through an upload form to your website. Using PHP, the best way to validate MIME types is with the PHP extension Fileinfo. Any other method might not be as good or secure as you might think.

By Jan Reilink 27/04/2014Code base

Code base

Optimize all MySQL tables with PHP/MySQLi multi_query

PHP script to make your MySQL database smaller, leaner and faster! The PHP MySQLi extension supports multiple queries, which are concatenated by a semicolon, with mysqli->multi_query. We use this to optimize all MySQL tables, in a single multi-query statement. Neat! Optimizing MySQL tables is important to keep tables small and fast. This boosts MySQL, PHP and website performance and we all love that, don't we?

By Jan Reilink 23/04/2014Code base

WordPress

WordPress plugin “In Over Your Archives” Call-time pass-by-reference fix for PHP 5.4

How to fix PHP Call-time pass-by-reference has been removed in errors. The following PHP fix goes for nearly all PHP Call-time pass-by-reference errors: The WordPress plugin In Over Your Archives is a plugin to display your archive page in a nice way, just like on inoveryourhead.net. The plugin hasn't been updated in quite some time and breaks with PHP version 5.4.

By Jan Reilink 23/04/2014WordPress

WordPress

How to load google-code-prettify syntax highlighting without plugins

If you run a WordPress blog where you display (parts of) source code, syntax highlighting is a must! It prettifies the code which makes it easier to read and it distinguishes code from text. However, most syntax highlighting is made available through plugins, and we all know too many plugins bring a lot of overhead to your blog. So, conditional load in WordPress: Load javascript only on posts in WordPress.

By Jan Reilink 23/04/2014WordPress

Windows Server

How to fix Joomla HTTP 500 errors after updates

Over the last week, at Vevida, we received quite some problem reports from customers who updated Joomla to version 3.2.0. After logging on to their administrator back-end, they received an HTTP 500.0 error with error code 0x8007000d. Let's investigate and resolve this Joomla Administrator login HTTP 500 error.

By Jan Reilink 12/11/2013Windows Server

WordPress

WordPress CMS admin password reset

How to reset your WordPress password? If you’ve lost or forgotten your WordPress admin password, you can easily reset the password. Either use the following MySQL statement to reset your WordPress admin password, or change it through functions.php

By Jan Reilink 22/07/2013WordPress

PHP

Custom PHP version on IIS Express and WebMatrix 3

Increase in SQL injection attacks

MySQL sleep() attacks

Magento maintenance script for IIS

Huge increase in WordPress xmlrpc.php POST requests

How to: Test MySQL database connectivity in ASP.NET, PHP, ASP

How to hide the .php file extension with IIS URL Rewrite Module

How to clean up Contact Form 7 temporary captcha files on IIS web servers

Set or remove the read-only attribute assigned to files with PHP chmod

Validate MIME types with PHP Fileinfo

Optimize all MySQL tables with PHP/MySQLi multi_query

WordPress plugin “In Over Your Archives” Call-time pass-by-reference fix for PHP 5.4

How to load google-code-prettify syntax highlighting without plugins

How to fix Joomla HTTP 500 errors after updates

WordPress CMS admin password reset

Windows Server

Web applications

PowerShell