As a web programming language, one of PHP’s strengths traditionally has been to make it easy to write scripts that access databases so that you can create dynamic web pages that incorporate database content. This is important when you want to provide visitors with information that is always up-to-date, without hand tweaking a lot of static HTML pages. However, although PHP is easy to use, it includes no general-purpose database access interface. Instead it has a number of specialized ones that take the form of separate sets of functions for each database system. There is one set for MySQL, another for InterBase, and another for PostgreSQL—and others as well.
Read the rest of this entry »

• 0 Comments

We present a practical protection mechanism against SQL injection attacks. Such attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts. We apply the concept of instruction-set randomization to SQL, creating instances of the language that are unpredictable to the attacker. Queries injected by the attacker will be caught and terminated by the database parser. We show how to use this technique with the MySQL database using an intermediary proxy that translates the random SQL to its standard language. Our mechanism imposes negligible performance overhead to query processing and can be easily retrofitted to existing systems.
Read the rest of this entry »

• 0 Comments

O*NET, the Occupational Information Network, is replacing the Dictionary of Occupational Titles (DOT) as a source of occupational information. O*NET is a database—not a book, like the DOT. This database has the qualities of both an interactive library and a language.

Serving as a library for information on the working world, O*NET allows everyone to access data on job characteristics and worker attributes. It includes information on the knowledge, skills, abilities, interests, preparation, contexts, and tasks associated with 1,122 O*NET occupations.
Read the rest of this entry »

• 0 Comments

The combination of evolving ICT standards that increase the interoperability between applications and the ever-increasing need for a more seamless access to and exchange of information is a major driver in the OECD ICT strategy. This paper describes the role and use of web services in the context of recent developments at the OECD to improve the accessibility of statistical information. It follows up on a paper presented at the 2002 ISIS meeting about “Improving Access to Statistical Information at OECD in Response to Users’ Requirements” and describes a technology framework – called “dot.STAT” – that has been devised for the implementation of applications that enable easy access to certain OECD reference data. The concepts outlined in this paper have been developed in close collaboration with the Statistics Directorate, specialised OECD-internal groups and task forces 2, as well as members of the SDMX Consortium3.
Read the rest of this entry »

• 0 Comments

Nowadays, transacting business through E-commerce platform has become an important business trading way in modern society. E-commerce has been applied to literally every aspect of our society. The requirements of users are variable, different methods are in need of realizing E-commerce, even the deployment platforms are different. The JSP, ASP, HTML and other traditional scripting language has become unable to meet the needs of designing a complex system, even if it has been realized, the coupling between codes, the configuration environment and system deployment dependency fall far short of various requirements of users. It is a highly skilled work which demands good conception of beauty and much professional knowledge of the program designers. However, it is difficult to fulfill the needs in reality.
Read the rest of this entry »

• 0 Comments

Although traditional firewalls have effectively prevented network-level attacks, most future attacks will be at the application level, where current security mechanisms are woefully inadequate. Application-level security vulnerabilities are inherent in a Web application’s code, regardless of the technology in which the application is implemented or the security of the Web server and backend database on which it is built. A recent advisory published by Internet Security Systems (see the “Internet Resources” sidebar, p. 44) claims that 11 widely deployed shopping cart applications are vulnerable to a simple attack that lets hackers pur- chase goods for much less than their listed price. Worryingly, the attack does not require particular technical skill; it suffices to save the shopping cart’s HTML confirmation form to disk, use a text editor to modify the price of the goods (stored in a hidden form field), and load the HTML form back into the browser.
Read the rest of this entry »

• 0 Comments

Foxit PDF IFilter is an application designed to help users to index a large amount of PDF documents and then quickly find text within these documents. The PDF documents can not only be files, but also email attachments or database records.

Foxit PDF IFilter supports PDF 1.7 specification and can be used in many Microsoft search engines, such as Windows Indexing Service, MSN Desktop Search, Internet Information Server, SharePoint Portal Server, Windows SharePoint Services (WSS), Site Server, Exchange Server, SQL Server and all other products based on Microsoft Search technology. With Foxit PDF IFilter, all these search engines can find PDF files with ease.
Read the rest of this entry »

• 0 Comments

With Dynamic Forms and Open Web Studio, you can create a workflow to view / edit / delete records from a database table. Assuming you already have Dynamic Forms and Open Web Studio (OWS) installed on your Dot Net Nuke website, as well as created a page and imported both modules into that page. To access “Administration” control of OWS, you will need “HOST” privilege.
Read the rest of this entry »

• 0 Comments