theCancerus

Blog

  • Debugging PHP using Xdebug and Notepad++ : Part I

    I am sure all of you have used ‘echo’ and ‘print_r’ to debug PHP.

    We all know that this way debugging is hard and you need to remember to remove them from production server.

    Well, thanks to xdebug you can now debug, and you don’t need expensive or blotted IDE for that, just plain and simple Notepad++ can do the job.open php.ini in wamp

    In this post we will setup xdebug and DBGp plugin with Notepad++.

    Let’s start by installing xdebug.

    1. Download the latest release of xdebug for PHP version you are using.
    2. Copy xdebug dll file into php’s extension directory, in my case, as I use wamp, it is c:wampphpext .
    3. Now we need to configure xdebug so that it get recognized by PHP, so open php.ini
    4. Add following at the end of your php.ini file 
      [xdebug]
zend_extension_ts="c:/wamp/php/ext/php_xdebug-2.0.3-5.2.5.dll"
xdebug.profiler_output_dir = "c:/wamp/tmp/xdebug"
xdebug.profiler_output_name = "cachegrind.out.%p"
xdebug.profiler_enable = 0
xdebug.profiler_append=0
xdebug.extended_info=1
xdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_mode=req
xdebug.remote_host=127.0.0.1
xdebug.remote_port=9000
xdebug.idekey=xdebug
xdebug.remote_log="c:/wamp/tmp/xdebug/xdebug_remot.log"
xdebug.show_exception_trace=0
xdebug.show_local_vars=9
xdebug.show_mem_delta=0
xdebug.trace_format=0
    5. Just create a folder ‘xdebug’ in ‘c:wamptmp’ folder.
    6. Finally restart Apache service .

    With these steps you have, finished xdebug installation, it is configured for profiling application and remote debugging. Check documentation to know what all these configuration do, and tweak according to your preference.

    (more…)

  • Round off

    Their are lot’s of tech events happening in Pune.

    Recently Concluded was IdeaCamp 2, you can read about it on Bhavya’s blog post.

    Upcoming events that I know of

    1. WATBlog Wednesday Pune on 21st January,
    2. Drupal Camp Pune, it is going to happen on 31st January,
    3. On 13th – 14 Feb( yes !!!) we are having Gnunify’09.  and
    4. Joomla Day India, for the first time in India, we will have a day dedicated to Joomla. This will happen on 25th April.  Announcement about it should happen in a day or two.

    Too know about more tech events that are happening or happen in Pune, keep checking Pune Tech Events Calendar.

    For last few week I have been doing lot of things and learned a lot, stay tuned..  till then

    Have fun

  • India I Care, So Let’s Be Social..

    We are happy to announce the success of Opensocial Developer Garage.

    We were able to prototype the ‘India I Care’ orkut app for IOFC. It will be soon released for everyone to use. We build this app with active contribution from Shardule, Rohan, Parag and our speaker Shishir.

    Priyank and Aman has already covered the event in detail, also check what another speaker Arpana has to say about it.

    Photos of the event :

    http://picasaweb.google.co.in/thecancerus/OpensocialDeveloperGarage08

    From Opensocial Developer garage’08

    I would like to thank everyone who made this event possible.

    Have fun.

  • FireUnit

    Today John Resig, Jan Odvarko released ‘FireUnit’ a very useful JavaScript unit testing extension for Firebug.

    Fireunit will make JavaScript logging very easy, and we will not have to use alert boxes any more.

    You can download the extension at http://fireunit.org/

  • Step By Step Guide To Install Memcache On Linux

    This post is more like a note to me, so that in future I can look up for steps involved in installing memcache on Linux servers like Centos or RHEL.

    Those of you who follow me on twitter, will know that me and my friends spends hours trying to install memcache on one of our web server. Normally this is a five minute job, but unfortunately for us those tricks did not work out.

    So if you have tried YUM and APT-GET and still could not install the memcache then read on, to find the alternate( read manual, without magic ) way of doing it.

    When we talk about Memcache their two things that needs to be installed

    1. Memcache Daemon know as memcached, and
    2. Memcache client for your programing language, in this case PHP.

    (more…)

  • The List of 5 Pune Tech Events and Their Twitter Accounts

    After creating a list of people, who are very active in Pune tech scene, to follow on twitter, I thought a list of technology events happening in Pune with their own twitter account is also due. twitter

    So here is the list of events with their twitter accounts

    1. Barcamp Pune @barcamppune
    2. PHPCamp @phpcamp
    3. ClubHack @clubhack
    4. JoomlaDay Pune @jugpune
    5. OpenSocial Developer Garage @devgarage
    6. Gnunify @gnunify (tip by @abhisheknagar)
    7. Pune Flex User Group @punefug (added on 28th Feb 2009)

    Off course there are more events happening in Pune, but these five seven have a Twitter account that I know off.

    If you want to keep an eye on other events without twitter accounts, then you should follow, following twitter accounts which live tweets tech events most of the time.

    1. PuneTech.com @punetech
    2. Pune Tech Live @punetechlive
    3. Dhananjay Nene @dnene_liveblog

    If I am missing any event with twitter account from this list or any one who live tweet the tech events then leave a comment with their twitter ID, along with yours so that we know.

  • 6 Pune Techie’s To Follow On Twitter

    In Barcamp Pune 5, we had our first twitter meet up, where we compiled a list of  twitter users. During that I thought, we also need to have a list of most active tech people in Pune, who also actively use twitter.
    twitter
    So if you want to keep an eye on Pune technology scene, then following these people on twitter is a must

    1. Navin Kabra @ngkabra
    2. Dhananjay Nene @dnene
    3. Rohit Srivastwa @rohit11
    4. Rohan Dighe @irohan
    5. Priyank Kapadia @whereispriyank
    6. Shardul Mohite @shardulmohite

    Apart from them you may also want to follow me ( @thecancerus ) as well 😉

    I know this list is incomplete as I have a very narrow technology vision, so if you follow someone who plays an active role in Pune and is not on the list then leave a comment along with your own twitter id.

    PS: if you have no idea about importance of twitter, then you should check out ‘Why you should be on Twitter – and how best to use it’ by Navin.

  • Preventing SQL Injection Attacks on your Joomla! Websites

    (This is promotional article taken from Joomla! Web Security )

    Joomla!, a very popular content management system (CMS) is as you may know an easy-to-deploy-and-use content management system. This ease of use has lent itself to rapid growth of both the CMS and extensions for it. You can install it on almost any host, running Linux or Windows. This highly versatile software has found itself in such lofty places as large corporate web portals, and humble places such as the simple blog.

    Joomla! itself is inherently safe, but misconfigurations of the CMS, vulnerable components, hosts that are poorly configured, and weak passwords can all contribute to the downfall of your site. Hence, it’s always better to ensure the security of your site.

    In this article by Tom Canavan, we will take a look at how SQL injection attacks can occur to your Joomla website, how we can test for SQL injection attacks, and how to stop SQL injection.

    Introduction

    Mark Twain once said, “There are only two certainties in life-death and taxes.” Even in web security there are two certainties: It’s not “if you are attacked”, but “when and how” your site will be taken advantage of.

    There are several types of attacks that your Joomla! site may be vulnerable to such as CSRF, Buffer Overflows, Blind SQL Injection, Denial of Service, and others that are yet to be found.

    The top issues in PHP-based websites are:

    • Incorrect or invalid (intentional or unintentional) input
    • Access control vulnerabilities
    • Session hijacks and attempts on session IDs
    • SQL Injection and Blind SQL Injection
    • Incorrect or ignored PHP configuration settings
    • Divulging too much in error messages and poor error handling
    • Cross Site Scripting (XSS)
    • Cross Site Request Forgery, that is CSRF (one-click attack)

    SQL Injections

    SQL databases are the heart of Joomla! CMS. The database holds the content, the users’ IDs, the settings, and more. To gain access to this valuable resource is the ultimate prize of the hacker. Accessing this can gain him/her an administrative access that can gather private information such as usernames and passwords, and can allow any number of bad things to happen. When you make a request of a page on Joomla!, it forms a “query” or a question for the database. The database is unsuspecting that you may be asking a malformed question and will attempt to process whatever the query is. Often, the developers do not construct their code to watch for this type of an attack. In fact, in the month of February 2008, twenty-one new SQL Injection vulnerabilities were discovered in the Joomla! land. The following are some examples presented for your edification. Using any of these for any purpose is solely your responsibility and not mine:

    (more…)

  • my article on PuneTech

    I have written a simple introduction to Joomla for PuneTech, check out the article on PuneTech.

    And leave some comments their.

  • Barcamp Pune 5, Back To Basics, No Frills Camp

    Fifth edition of Barcamp Pune is here(on 29th Nov actually) at SICSR, model Colony.

    This time the theme of the event is ‘Back To Basics’ initially it was supposed to mean that focus of this event would be teach basics of technology to youngsters, but with time, its meaning changed to represent ‘No Frills Camp’.

    Yes, you heard me right BCP5 is going to be a Freecamp aka ‘No Frills Camp’, which means if the only reason you used to attend the barcamp’s was t-shirts then you better don’t come, you will be disappointed. Their will also be no free snacks, and lunch will cost you around 60 Rs.

    barcamp pune 5, back to basics

    What it also means is that if you have passion for technology then you will find people who share your passion and no freeloaders. For once, at least, Barcamp is only about technologies and not freebies. And as Tarun rightly said Freedom To Be will be the mantra or this one.

    Now, what are you waiting for, if you have still not registered then head over to http://barcamppune.org/ and register yourself.

    See you all on 29th @ SICSR, do drop by to say hello.