As a web programming language, one of PHP’s strengths traditionally has been to make it easy to write scripts that access databases so that you can create dynamic web pages that incorporate database content. This is important when you want to provide visitors with information that is always up-to-date, without hand tweaking a lot of static HTML pages. However, although PHP is easy to use, it includes no general-purpose database access interface. Instead it has a number of specialized ones that take the form of separate sets of functions for each database system. There is one set for MySQL, another for InterBase, and another for PostgreSQL—and others as well.
Read the rest of this entry »

• 0 Comments

eXtc Web Developer (EWD) is a very high productivity, enterprise-grade platform for developing web applications. It includes an advanced but extremely easy to use Ajax Framework, allowing sophisticated, modern web applications to be built almost as quickly and simply as static web pages. EWD has been designed to be technology-independent, and is potentially capable of working with any web application front-end environment (eg PHP, Java Server Pages, ASP.Net), any scripting language and any database.
Read the rest of this entry »

• 0 Comments

We present a practical protection mechanism against SQL injection attacks. Such attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts. We apply the concept of instruction-set randomization to SQL, creating instances of the language that are unpredictable to the attacker. Queries injected by the attacker will be caught and terminated by the database parser. We show how to use this technique with the MySQL database using an intermediary proxy that translates the random SQL to its standard language. Our mechanism imposes negligible performance overhead to query processing and can be easily retrofitted to existing systems.
Read the rest of this entry »

• 0 Comments

Borland Delphi is known to be a great environment for the development of stand-alone and client-server applications on the Microsoft Windows platform. Its virtues range from full OOP support to visual development, in a unique combination of power and ease. However, the new frontier of development is now Internet programming. What has Delphi got to offer in this new context? Which are the features you can rely upon to build great Internet applications with Delphi? That’s what this paper intends to reveal. We’ll see that Delphi can be used:
• For direct socket and TCP/IP programming;
• In conjunction with third-party components that implement the most common Internet protocols, on the client or the server side;
• To produce HTML pages on the server side, with the WebBroker and Internet Express architectures;
• As well as to work with Microsoft’s core technologies, including MTS, COM, ASP, and ActiveX.
Read the rest of this entry »

• 0 Comments

Nowadays, transacting business through E-commerce platform has become an important business trading way in modern society. E-commerce has been applied to literally every aspect of our society. The requirements of users are variable, different methods are in need of realizing E-commerce, even the deployment platforms are different. The JSP, ASP, HTML and other traditional scripting language has become unable to meet the needs of designing a complex system, even if it has been realized, the coupling between codes, the configuration environment and system deployment dependency fall far short of various requirements of users. It is a highly skilled work which demands good conception of beauty and much professional knowledge of the program designers. However, it is difficult to fulfill the needs in reality.
Read the rest of this entry »

• 0 Comments

This paper briefly describes several common classes of coding error generally encountered when auditing web applications running on the Active Server Pages (ASP) platform. The paper is broken down into three broad sections, each of which addresses several common coding problems. The following is a list of the common errors that are discussed in this document, divided into three broad categories. The remainder of the document deals with each of these problems in turn. Any ASP code samples assume that the default language is VBScript, but all of the points apply equally to JavaScript. Equally, all occurrences of the SQL language assume that Microsoft SQL Server is being used as the back – end database.
Read the rest of this entry »

• 0 Comments

With Dynamic Forms and Open Web Studio, you can create a workflow to view / edit / delete records from a database table. Assuming you already have Dynamic Forms and Open Web Studio (OWS) installed on your Dot Net Nuke website, as well as created a page and imported both modules into that page. To access “Administration” control of OWS, you will need “HOST” privilege.
Read the rest of this entry »

• 0 Comments

RealObjects PDFreactor is a powerful formatting processor that enables server-side PDF creation from XML and XHTML/HTML documents using Cascading Style Sheets (CSS) to define page layout and styles. You can dynamically generate PDF documents such as reports, invoices, statements and others on-the-fly. Since PDFreactor runs on your server, the end-user does not need any software other than a Web browser with a free PDF viewer.
Read the rest of this entry »

• 0 Comments