Archive

Posts Tagged ‘PHP’

Provide an option to download an exe file in php

December 20, 2010 Leave a comment

I wanted to provide download option to download a file in PHP.
I got following code on net as follows:

Need to create 2 files:

1. display file:
The following code slh be present in it Download my huge document (PDF)

2. download file:
header(‘Content-disposition: attachment; filename=wrar371.exe’);
header(‘Content-type: application/exe’);
readfile(‘wrar371.exe’);

wrar371.exe is the file i am downlaoding.

Now run the display file.

ref : http://webdesign.about.com/od/php/ht/force_download.htm

 

thanx & regards

Advertisements
Categories: General Tags:

Global Variable in Php

July 7, 2009 Leave a comment

The global variable declaration can be a trap.

In some other languages, global variables are usually declared global outside the functions and then used in the functions.

In PHP, it’s the opposite: to use a global variable inside a function, declare the variable as global inside the function.

Categories: General Tags:

Increasing allocated memory in PHP

May 15, 2009 Leave a comment

You can have three ways:
1. Changing memory_limit globally from php.ini
For ex: memory_limit = 32M
This change is global and will be used by all php scripts running on the system.
2. Changing memory_limit using .htaccess for a single folder/vhost
To do this you have to add to the respective location .htaccess something like: php_value memory_limit 64M
3. This one is my favorite
ini_set(‘memory_limit’, ’64M’);
The advantage of this method is that you have more control and set this value just where you know it is really needed. Also it can be done without having access to the system php.ini, and will become active immediately.

Categories: General Tags: ,

SQL Injection

October 29, 2007 3 comments

SQL injection is a serious concern for webmasters, as an experienced attacker can use this hacking technique to gain access to sensitive data and/or potentially cripple your database.

In PHP the easiest way is to pass your data through the mysql_real_escape_string function. By escaping special characters on fields where the user can manipulate the database, you will avoid being vulnerable.

// This is a vulnerable query.
$query = "SELECT * FROM products WHERE name='$productname'";
mysql_query($query);

// This query is more secure
$query = sprintf("SELECT * FROM products WHERE name='%s'",
mysql_real_escape_string($productname));
mysql_query($query);

You can find the grt help on this link(For .net Programmers):

http://msdn.microsoft.com/msdnmag/issues/04/09/SQLInjection/

Categories: General Tags: , ,