Category Archives: PHP Tutorial

How to Highlight PHP Source Code in WordPress Post

PHP Source Code Highlighter (syntaxhighlighter) WordPress plugin allow you to post php code inside your wordpress post with syntax highlight and line number. The plugin preserve code formatting and do not encode character until you do manually.

Supports the following languages:

* C++ — `cpp`, `c`, `c++`
* C# — `c#`, `c-sharp`, `csharp`
* CSS — `css`
* Delphi — `delphi`, `pascal`
* Java — `java`
* JavaScript — `js`, `jscript`, `javascript`
* PHP — `php`
* Python — `py`, `python`
* Ruby — `rb`, `ruby`, `rails`, `ror`
* SQL — `sql`
* VB — `vb`, `vb.net`
* XML/HTML — `xml`, `html`, `xhtml`, `xslt`

How to Use WordPress Syntax/Source Code Highlight Plugin

This plugin do not add any button in the editor to wrap code automatically. Hope this feature will be added soon. You need to wrap you code within [source code language='php'] </strong>add your php code here <strong>[/source code] tag.

Download: http://downloads.wordpress.org/plugin/syntaxhighlighter.zip
Live Demo/Screenshot: http://www.bala-krishna.com/how-to-clean-special-characters-from-php-string

How To Clean Special Characters From PHP String

If you are looking for the PHP special characters clean function then this post might be useful for you. This function can used to remove special character as well as able to replace specific character with other equivalent character or string.

Here is detailed explanation of function:

$specialCharacters Array: This array used to replace special character with other character or string. if you want to interchange (+) with (plus) then you need to specify in the array. You can add/remove array element according to your requirement.

strtr function: This function used to replace other language special characters to plain English character. You can remove this line safely but ensure before that these characters not in your string and you don’t need to remove them.
Last 4 line used to remove other unknown unwanted special characters.
Continue reading

WordPress 406 Not Acceptable Error Fix

I just received “Not Acceptable Error while i tried to edit post in Word Press 2.5. Earlier, It was working fine but in the previous post i get annoying error when i tried to save and continue my article. But soon i realize cause of the error. Again, the error was due to apache web server mod-security rules SecFilterEngine On. The exact text of the error is “Error 406, Not Acceptable. An appropriate representation of the requested resource /wp-admin/post.php could not be found on this server.”


Here is the quick fix the error:

  1. Download .htaccess file from your root directory or create one if not exist.
  2. Add following Line in .htaccess file.
  3. <IfModule mod_security.c>
    <Files post.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </Files>
    </IfModule>
  4. If <IfModule mod_security.c> line already in your .htaccess file then place only <Files..></Files> block inside if module block.
  5. Save file and upload file to your host root directory.
  6. All done..

PHP Fatal Error Fix: Can’t use method return value in write context

PHP compiler generate fatal error if you use function return value in read/write context. Although this is not applicable for all PHP supported function but PHP function like empty does not support use of the function in this way. In other words, php empty function cannot check the return value of a function or method. It can only check variables so use only variable inside empty function. Any other function or expression inside empty function will lead to generate fatal error.

Example Problem Solution:

Wrong
if(empty(trim($testimony))) echo “Empty”; else echo “Not Empty”;

Correct
$testimony = trim($testimony);
if(empty($testimony)) echo “Empty”; else echo “Not Empty”;

Wrong
if(empty($bobj->get_results(‘post’)) { // Processing Code }

Correct
$tmp = $bobj->get_results(‘post’);
if(empty($tmp)) { // Processing Code }

WordPress 2.5 Popularity Contest Plugin Fatal Error Fix

If you are using Alex popularity plug-in then you might face this error while upgrading plug-in automatically in WP 2.5. This error generate due to invalid wp-header file path in plug-in file. Unfortunately, Alex not released new fixed version of the this popular plug-in. However, fix is really very simple and anyone can fix issue just by editing one single plug-in file. Please follow steps below to fix this error in your installation:

  1. Deactivate older version of the plugin. If you are installing first time skip this step.
  2. Download the latest release from wordpress.org or plugin author website.
  3. Open popularity-contest.php in your favorite editor and scroll down to line 59. Replace
    require('../../wp-blog-header.php');

    with

    require('../wp-blog-header.php');
  4. Save file and upload file to your plugins folder.
  5. Reactivate the plugin

CubeCart 4.x.x Cross-Site Scripting Vulnerabilities

Two vulnerabilities has been discoverd in CubeCart 4.xx by Russ McRee that can be use by hackers to exploit website by cross-site scripting attacks. The search input string is not properly sanitised before passed to script for execution. This behaviour can be used by attacker to execute malicious script code in the browser to affect website. This may allow to hacker to acess administration by stealing cookies-based aunthentication scheme and destroy website.

Solution:

CubeCart has been released security patch to fix this problem that can be download from following location.

Also, CubeCart user can fix this manually by editing a single file. Please follow steps described below:

Open ini.inc.php and find at around line 134:

$data[$key] = $this->safety($val);
}

return true;

Replace with:

$data[$key] = $this->safety($val);
}

All done.

 

 

Google Custom Search Engine Plugin for WordPress

Google Custom Search

Google CSE is very nice plug-in to create Google custom search engine from your wordpress blog roll. This plug-in uses xml file for configuration. With this plug-in visitors will be able to search your blog roll and your blog instead of searching entire world wide web. The 2.0 version is widget ready make very easier to add custom search engine in your side bar.

Download Google Custom Search Engine Plugin

Connect to your PC over internet with SynXro

SynXro is another web based product to connect, a PC to PC; or PC to LAN connection. SynXro allows you to access all the drives of your PC and all the network drives of all PCs connected to your Local Area Network from anywhere in the world. You only need to have access of internet and modern web browser to connect to your PC. No additional software or hardware is required.

Features:

  • Navigate through your Local Area Network.
  • Remote access to LAN and/or Computer.
  • Remote upload and download capabilities.
  • Remote execution of commands.
  • Accessible from any location through the internet via any browser.

Get 7 Days SynXro Trail Version

ClipShare 2.6 uprofile.php SQL Injection Vulnerability

This is the security issue primarily reported by Krit. and Pr0metheuS. ClipShare leading PHP video sharing script has an SQL injection exploit in user profile page(uprofile.php). ClipShare application does not properly sanitize user supplied UID data before using in an SQL query. Hackers can use this exploit to access or alter user database.

Exmple URI:

http://www.example.com/uprofile.php?UID=1+and+1=2+union+select+1,2,concat(uid,char(58),username,char(58),pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,2

0,21,22,23,24,25,26,27,28,29,30,31,32+from+signup+limit+0,20/*

ClipShare not issued any patch to fix this issue. If you have any idea to fix this issue or have patch please share it here so others can benifited from your contribution.