Cookie and Session Fixation

Cookies or sessions are used with all membership scripts, whereby allowing the Website user to stay logged in. It’s a personal preference whether to use cookies or sessions but sessions add extra end-user security, where the session will always expire should the browser be closed (and for those using Windows-based servers, after a specific period of time).

There are many different types of security exploitations hackers can sink their teeth into, some of the most common are SQL injections, where the hacker exploits SQL statements by adding extra code to the statement that tampers with the existing statements within. This can be easily rectified and many new programmers think this is the end of their worries with security-related issues in PHP - but unfortunately there’s more. Don’t blame PHP, these apply to every single programming language out there (especially ASP, too). In-fact, we blame it on the browser really as this is where Cookie Fixation really happens.

Cookie Fixation is where cookie values are tampered with to make it look like the hacker is logged in as a specific user of the site. So they could login as ‘hacker123′ and they see another user is logged in too, they’d use a simple software (or add-on in Firefox) to modify the cookie’s value to change it to that specific username. This is, if the cookie value is assigned to the users’ username.

Most scripts apply permissions based on whether they’re “logged in” and who they’re logged in as. So you’d add $_COOKIE['LoggedIn'], for instance to a SQL statement, and if that username in the database has a value of 2 in field ‘permissions’, then give them administrative permissions. Hence, if some kiddie-hacker changed the session or cookie value, well - its obvious!

So, this is obviously something we don’t want therefore we need to take some measures when setting cookies, etc. It’s a pretty simple task and really, no-one needs to be an expert to fixate cookies/sessions so its best to take action to prevent such thing occurring - it may have bad consequences to your database should administrative powers allow database modification via the application.

So first of all we want to add md5 a random password to a seperate cookie, as well as the users’ password (which is also md5 hashed). This may not be the most secure solution but its better than not having it at all. Research on Google is also essential. So that being said, for every page that the user can be logged in on, we include a seperate file that checks that the seperate cookie is set (active), and that the cookie equals the password or value you have made, and the password of the user (and you’d get this by SELECTing it in a query based on the users’ username in the other cookie). That other cookie will just have the username of the user that is logged in. But if you think logically, if they try to change this cookie’s value, it won’t work.

$_COOKIE['LoggedIn'] // this is the cookie with just the username
$_COOKIE['CheckValidation'] // this is for validation, the cookie with your value and the users’ password

Why won’t it work? Basically because if they try changing $_COOKIE['LoggedIn'], unless their password is the same as the previous user, they’ll be refused entry. This is because we’ll include the seperate file at the top of each page, if everything doesn’t work out and it seems the LoggedIn cookie has been tampered with, then we’ll display an error and use the exit() function below to prevent anymore code from being executed by PHP. Pretty simple stuff huh? Of course, this is not the best way of preventing Cookie Fixation but of course its a start for you which you can upgrade by with research!

So first of all when the user logs in, we’ll add the following two cookies:

setcookie("LoggedIn",$username,time()+604800);
setcookie("CheckValidation",md5("this is your md5 password, make it something random!").$query_username_ob->password,time()+604800);

Note: as you can see ($query_username_ob->password) I have queried for the password from the new account in the database, then fetch_objected it, to return values of the specific fields. This is just an extra security measure just in-case you’re trying to figure out what it is for.

Obviously we’d do this once we validate the user and password matches in the database. After, create a seperate file that is included in each page, with the following code:

$session=$_COOKIE['LoggedIn'];
include(”config.php”);
if($session) { // is user is logged in
$password_check=mysql_query(”SELECT `password` FROM `users` WHERE `username` = ‘”.mysql_real_escape_string($session).”‘”) or exit(include(”error.php”)); // SELECT the password followed by a fetch_object to get it from the database
$pw=mysql_fetch_object($password_check);
if(!$_COOKIE['CheckValidation']) { // so if they tried deleting the cookie, don’t let them in
echo “< p style='font-size:20pt;font-weight:bold;color:red;'>UNAUTHORISED ACCESS: You need both cookies active to use this site! If you received this message in error, < a href = 'logout.php'>Logout and log back in.“;
exit();
}
elseif($_COOKIE['CheckValidation']!=md5(”your-password-here”).$pw->password) { // or if they’ve tried sneakily changing the CheckValidation cookie, say byebye!
echo “< p style='font-size:20pt;font-weight:bold;color:red;'>UNAUTHORISED COOKIE: You have tried logging in with an UNAUTHORISED cookie. You do not have permission to access this site!< / p>“;
exit();
}
}

And that’s how simple it is! Good luck!

Secure PHP Hosting

Security is the utmost importance to us but sometimes security is relied solely on you, the Customer. If you create your own PHP applications; maybe you’re a new PHP developer, you’ll need to take into consideration security of your PHP applications. Some of them include:
• SQL Injections
• HTML & Javascript vulnerabilities in MySQL database values.

Note that all of these vulnerabilities are caused by the programmers themselves in their PHP applications and are not vulnerabilities with the PHP software itself. These vulnerabilities could be prevented in modifications to the PHP configuration but that would mean that 90% of all PHP scripts would probably stop working properly. This is because the 90% of scripts that keep their code secure without the PHP config modification would do the complete reverse and stop working if the config was changed. So this really is an unviable solution for us so therefore it is down to the programmer themself to keep their applications secure. Below we’ll explain about the many vulnerabilities that especiially affect forms used in conjuction with PHP interactivity.
• SQL Injections
This is a big issue and is probably the most lovable thing about PHP to hackers - and it can do disasterous effects to your scripts. SQL injections are where hackers compromise MySQL features in your SQL statements which change the way statements look when executed with a MySQL query. An example being a MySQL comment in a form. Let’s say you had a member system - a hacker could add a MySQL comment to the password field and they’d not need a password at all! If you think logically the SQL statement would be like just SELECTing the username, right? Well the SQL comment does add an AND clause for the password but the value is actually commented out, therefore MySQL accepts it as correct login credentials. To prevent this happening you’d use the mysql_real_escape_string() function which slashes single or double quotations therefore preventing a SQL injection altogether. If you think about it, if the query is like this:

SELECT * FROM `users` WHERE `username` = ‘$value’ AND `password` = ‘$value’

If you slash ‘ it would prevent the value being escaped therefore preventing injections.
• Code in Forms
Imagine you’ve got a form and that form will be submitted to a database and later on retrieved from. If the user adds HTML or even Javascript (which is worst) the user may be able to add redirects or even cause worser attacks using the POST method of the form. If you think about it, a user could be happily submitting data via a form but doesn’t realise there’s a silent Javascript redirect that has a PHP file that’s holding the same POST variables of that page (such as $_POST, $_GET or simply $_REQUEST) and therefore the user’s data is captured quite easily on the external site. To prevent this you can use a variety of options, such as:
• htmlspecialchars() function that turns opening and closing brackets into HTML entities (so it would actually display the brackets and code on the page, instead of parsing it).
• strip_tags() function is a more less-user-friendly option which strips the brackets and HTML/JS code completely.
• preg_match() function is where you can see if the form values have brackets in them and if so refuse the post.

htmlspecialchars syntax: htmlspecialchars($_POST['message'])
strip_tags syntax: strip_tags($_POST['message'])
preg_match syntax:
$str=$_POST['message'];
$look=”/ $look1="/>/”;
if(preg_match($look,$str) || preg_match($look1,$str)) {
echo “Match found!”;
}

For more information you should check out the PHP documentation for list of functions and their uses and explanations at php.net.

Discussion boards or “Forums” play an important role for most successful websites. This provides regular visitors for a website as it covers different topics which are discussed online. It adds a community to the forum which automatically increases traffic and asks visitors to come again and again. Forums have a lot of features for members which include posting, voting, private messaging and lots more.

Forum Web Hosting

Choosing Forum Hosting service for your forum can be a quite a hard experience. Forums have become more popular these days with the advancement of internet technology. One of the most important factors in running  forums is quality of web hosting service. You will need enough disk space and bandwidth for your web hosting account so that huge traffic is supported for your website. Another most important factor is server uptime of the web hosting company. Many web hosting companies claim 99% uptime but thats not always true.

Therefore, always choose a right web host for your Forum hosting needs.

Also along with good web hosting service for your forum there is a need to check the database management system. The web hosting servers should have good database management systems. The availability of MySQL Database and phpmyAdmin is essential to manage your forum properly and with ease. Server Security also plays an important role which helps to run the forum or discussion board smoothly.

Following are the most used Forum softwares. Each one is reviewed below:-

Vbulletin Forum Hosting

vBulletin is one of the best software for creating a web forum produced by Jelsoft Enterprises. All you need to have is a license for using vBulletin. Vbulletin Forum hosting is supported on Linux web hosting and Windows web hosting plans. It is a powerful forum software written in PHP and built with strong back end database MySQL. Many companies choose Vbulletin over other software because of its innovations, security and exceptional performance

Read the rest of this entry »

Using PHPMyAdmin MySQL Database Manager

PHPMyAdmin is the third party web based MySQL database management panel that is provided and installed as standard with both the cPanel and Plesk control panels, and in the case with Plesk it is provided with both versions (Linux and Windows); if you run your own server without a control panel, then it is also available for download and manual installation since it is open source software meaning that anyone is able to download it for use as many times and on as many machines as they want. With the use of PHPMyAdmin, you are able to manage any databases that you have created from either your cPanel or Plesk web hosting account on the fly, since it is an application that is accessible from your control panel’s homepage and can be used through your web browser, which means that you are able to manage your databases from any internet connected location where you are able to use a computer that has a web browser installed on it.

The main features of PHPMyAdmin allow you to create new tables in your database, as well as to edit and delete others which you have created previously in your database; you can also view and modify the data that has been entered into each individual table, which means that you can easily delete a row for example if you think it might be a fraudulent sign up, in the case that you are running an online shop or some sort of membership system for your website or online community. If you have decided to go with your own install of PHPMyAdmin on your control panel-less server, then you are also given the ability to create new databases on the fly through the system if you are logged into it as the server administrator, or if you are running it on a Linux machine - ‘root’; this makes PHPMyAdmin an all in one solution for someone who wants to be able to manage their stand-alone MySQL databases server on the fly without having to use a desktop database management system.

With the use of PHPMyAdmin in conjunction with a hosting control panel, such as cPanel or Plesk, you are able to manage all the MySQL databases that you have created without the need to open a new window or new program session each time you want to administer a different database; this means that if you are wanting to mange multiple databases that you have created for different purposes throughout your website, you are able to do so without having to use a complicated desktop database management system that might not even let you administer multiple databases, forcing you to open a new session to the server that you are wanting to use each time you want to manage a different databases, even if all the databases that you want to manage are hosted on the same server.

If you are using a control panel in conjunction with PHPMyAdmin, then you will not be able to use it to create new databases for your hosting account, since it is a limit that most web hosts choose to put on the web based administration program since it easily allows customers to create more databases than they are allowed to limited by the amount that has been assigned to their web hosting account; in this case you will have to use your web hosting control panel to add, edit and delete MySQL databases for your web hosting account.

In most cases, you will be using PHPMyAdmin to manage MySQL databases that you have created to be used in conjunction with your PHP based website or application that you are hosting within your web hosting account, which in most cases should be either Plesk or cPanel based to give you the most functionality; this is because PHP and MySQL are known to be the best combination when it comes to databases and scripting languages, since both are open source and can run on either the Linux operating system or on Windows based systems, meaning that PHP and MySQL based websites and applications can be hosted in almost any environment - other combinations are only able to run in certain environments, for example MSSQL and ASP.NET based applications will only run on Windows based servers.

As previously mentioned, MySQL is a database technology that is commonly used in conjunction with the PHP server side scripting language to give developers maximum flexibility when it comes to building their websites and what functionality they are able to achieve with the use of MySQL as the database engine to drive the backends of their websites and projects.

Launching PHPMyAdmin From cPanel

PHPMyAdmin comes installed as default with any cPanel installation, meaning that once you have cPanel installed and configured correctly, you can quickly and easily setup a web hosting account and start adding the databases that you want or need; once you have done that, you can then start using PHPMyAdmin to administer your MySQL databases. Launching PHPMyAdmin from cPanel is a relatively easy task, and is one that can be carried out from any internet connected location, just so long that you can access cPanel from the web browser that you are using; in order to launch PHPMyAdmin from cPanel, you will need to select the icon labeled ‘PHPMyAdmin’ from the ‘databases’ section of cPanel:

One thing to note is that through PHPMyAdmin in cPanel, you are able to administer all the MySQL databases that you have created under your web hosting account, meaning that you don’t have to launch a new window of PHPMyAdmin each time you want to administer a different MySQL database that you have under your web hosting account. Once you have selected the appropriate icon, you should be directed to a page notifying you that PHPMyAdmin is loading, then after that to the PHPMyAdmin homepage:

Launching PHPMyAdmin From Plesk

PHPMyAdmin is also available with both the Linux and Windows versions of the Plesk control panel to allow you to manage any MySQL databases that you have created or want to create within your Plesk based website hosting account; this means that you are able to host your PHP based website or application in a Windows or Linux based environment just so long as the Plesk control panel is installed and that the web server has been appropriately configured to allow this. In order to launch PHPMyAdmin for a MySQL database that you have created through Plesk, you will first need to select the ‘databases’ icon from the hosting control panel for the domain that you want to manage the database for:

You will then be presented with a list of databases that you have previously created in your Plesk website hosting account, the following features are displayed along with the databases name:

• database type (circled red) - this is shown as an image: if the database is a MySQL database then a dolphin will appear in the column concerned, and if it is a Microsoft SQL database then the Microsoft Windows logo will be displayed within this column
• name (circled green) - this is the name of the actual database which you chosen when you were creating it, this is the name that you will need to use in your server side scripts if you are wanting to use them in conjunction with a database that you have created
• server (circled blue) - this is the server that the database is hosted on, in most cases this is the local server on which your website is hosted, although the name of the external database hosting server will be displayed if different
• web admin (circled purple) - if you click on the image in this column, it will load the necessary web administration panel for the database that you have selected it for.

In order to launch PHPMyAdmin for a MySQL database that you have hosted within your website hosting account, you will need to select the web administration icon for a MySQL database that you have hosted within your web hosting account; PHPMyAdmin should then load for the database that you have selected to administrate. One thing to note is that unlike the cPanel version of PHPMyAdmin, the Plesk version will only administer one database at a time meaning that you will have to go back to the Plesk control panel and launch a new session of PHPMyAdmin for each individual database that you want to administer.

The PHPMyAdmin Homepage

Once you have launched PHPMyAdmin from either Plesk or cPanel, you should be taken to the homepage where you can then start to administer the database or databases concerned, with ease. PHPMyAdmin is able to provide you with many different details about the server on which you are hosted, and specifically the MySQL installation that is hosted on the same server as your website, these details might be needed when you are developing your PHP based website or application; the main details that the PHPMyAdmin homepage is able to provide you with include:

• MySQL server version (circled red) - this piece of information is important when developing PHP based websites and applications, since newer versions of PHP might not be compatible with older versions of MySQL and newer versions of MySQL might notbe compatible with older versions of PHP, which is normally the case in most situations
• server and username (circled green) - these two pieces of information are important since you will need them when developing server side PHP based scripts and applications which are going to be utilizing the MySQL database that you are administrating - the server name is the server on which the database is hosted, and the username is what you will need to gain access to the database concerned along with the password that you have specified for the username
• MySQL character set (circled blue) - this piece of information might be important to you when you are developing language related applications, which might be using a range of different languages and characters.

If you have decided to go with a stand-alone MySQL server with a manual PHPMyAdmin installation, then you will also be given the ability to create new MySQL databases through the PHPMyAdmin control panel, although this isn’t possible if you are using a cPanel or Plesk installation meaning that you will have to use your hosting control panel if you want to create new databases for use with your dynamic websites or applications. Links are also provided on the homepage to take you to different parts of the control panel to allow you to manage and administer different features of your MySQL databases, these will be discussed further on.

Administrating a Database

To administrate a MySQL database that you have hosted within your web hosting account, you will need to select one that you have created from within PHPMyAdmin. You will see that all the MySQL databases you have created under your hosting account are listed down on the left hand side of PHPMyAdmin if you are using the cPanel version, and if you are using the Plesk version you should notice that the MySQL database that you have chosen to administrate is listed down on the left hand panel as well:

Once you have clicked on the name of the database that you want to administrate, you should be redirected to the following management page for the database that you want to administrate:

From the management page for the database that you have chosen to create, you are able to carry out the following actions to help administrate your MySQL database effectively:

• create new tables - you will probably find that you will need to create new tables for your database every so often if you are looking to expand the functionality of your PHP based website or application, and new tables will be needed to hold the data so that the new parts of your website or application are able to function dynamically like the rest of the website or application
• management of existing tables - if you already have tables created in the MySQL database that you are managing, then you are able to edit and delete them from the same screen where you can create them from - this means that you can manage your tables easily and effectively through your web browser with the help of PHPMyAdmin.

The above options are available under the ’structure’ tab of the database management panel, other available options include:

• SQL (circled red) - you can use this part of the database management panel to execute SQL queries on your database, for example to create a mass of a new tables without doing it manually, or to do a lookup on your database so that you can search and pull up a specific record that you might have stored within your MySQL database
• search (circled green) - you can use this feature of the database management panel to search through all the records which you have stored in your database, and pull up a specific one for modification or deletion if needed
• query (circled blue) - this feature works in the same way as the SQL feature does, although it is much more manual an better for beginners since it allows you to specify the actual search parameters yourself, meaning that PHPMyAdmin will automatically create the necessary SQL query - basically it works in the same way but without the need for you to enter your own complete SQL query
• export (circled purple) - the export feature of PHPMyAdmin creates a ‘dump’ of your database which is basically an SQL file which you can download and use as a backup of your database, meaning that if your database does happen to get deleted for any reason then all you have to do is run the SQL query contained within the dump file which will then automatically recreate your original database for you
• import (circled yellow) - the import feature of PHPMyAdmin is the opposite to the export feature, meaning that it allows you to import any dumps that you have taken of your database.

Creating a New Table

As mentioned previously, you may want to be creating new tables for your database from time to time so that you are able expand the functionality of your PHP based website or application that is interacting with the MySQL database that you are currently managing through PHPMyAdmin. With expanded functionality, you might be able to bring in more visitors to your website if you are expanding it by increasing the number of services that you are able to provide your customers with, for example. In order to create a new table, you will first need to select the structures tab from the database management panel of the database that you are managing:

Once on the structure page, you will then need to scroll down to the section labeled ‘create a new table on database x’, and will need to enter the following details to aid in the creation of your new table:

• name (circled red) - this is the name that you want to give your table, you should make the name relevant to what the table is going to be used for - i.e. you should call it ‘members’ if it is going to be holding information related to the members of your website
• number of fields (circled green) - this is the number of different rows of data that you want your new table to have, a field is individual meaning that one field is dedicated to one piece of information i.e. a telephone number.

You will then be redirected to the management screen for the table that you have just created, where you will be able to create and manage the fields that you want your new table to contain and in order to help manage and organize the data that you want to store in your new MySQL database efficiently. You should create new tables for each different section of your website to help keep the stored data as segregated as possible to ensure maximum ease when administrating your MySQL database in the future. You should also use as many fields as possible to help keep the stored data segregated, just as you would with tables; if you keep your data organized then will be easier to view and find through the PHPMyAdmin MySQL database management system, and it will be much easier for your scripts and web pages to find the data that you want.

Creating a Field

Fields are the individual table rows in which MySQL stores your data, whether it be the data that you have entered into it through PHPMyAdmin or the data that has been added when visitors sign up to your website. Fields are needed to ensure that your database can be used properly, to store data; without fields in tables, data can’t be stored in your database since there isn’t any way that the data can be categorized and stored in the correct place as would be possible with the use of fields. In order to create a new field under the table that you have previously created, you will need to select a table from the ’structure’ tab of the management panel for the database that you are administrating; you will then be prompted to enter the following data in order to create a new field for the table concerned:

• field (circled red) - this is the name that you want to give your new field, you should make the name relevant to the data that is going to be stored within it - you need to give a field a name since it needs to be identifiable so that it can be used in conjunction with your PHP based websites and applications
• type (circled green) - this is the type of data that you are going to be storing in your new field - the two main types of data are varchar and int, a varchar being just regular words including numbers and int being short for ‘integer’ which in other words is a number which means that this would be the type if you are storing phone numbers under your new field
• length/values (circled blue) - this is what you want to limit the length of the data in the field to - if you are going to be using your database in conjunction with a PHP based website or application then you needn’t worry about this option since you can use your own code in your scripts to limit the length of certain fields
• null (circled purple) - if you choose to make the field null, then you are allowing for the field to be empty when used, meaning that you could end up having many blank fields - if you choose to make it not null then there will have to be data in the field for it to be entered into the MySQL database properly
• extra/auto-increment (circled orange) - if you want to make this the primary field which will be the id field for each separate database record, then you might want to turn on auto increment to ensure that each individual record receives an individual id when it is created or entered into the MySQL database that you are managing
• primary key (circled pink) - if you choose to make the field that you are creating the primary key field, then it will be the one which holds the individual key to identify each different record if needed, it is recommended that you make this field auto-increment as well to ensure that each record receives an individual id.

Once you click ‘create’, you should then be redirected to a page hopefully telling you that your new field has been successfully created and that you can start adding data using it. In most cases you are able to create as many different fields in your database tables as you want, although it is recommended that you only create the ones which you need, since too many can start to affect the performance of your database as well as MySQL in general. One thing to note is that every table needs a primary key field which should auto increment to ensure that each individual record which is created within the table receives a unique id so that they can easily distinguished between and sorted easily.

With the use of MySQL databases, you can easily expand the possibilities and functionality of your PHP based website or application since you are able to make use of the dynamics of having a database and using server side components to make the most out of your web hosting account. For example, you could start a membership system for your website to allow visitors to sign up and view premium content, and in this case a MySQL database would come in handy since you would need somewhere to centrally store the details of all the people who have signed up to your website.

Creating a Dump/Backup

You should regularly backup the contents of your database to ensure that if it does happen to get deleted or corrupted for some reason or another, you can easily restore it without experiencing too much unneeded downtime allowing you to get your website up and running again quicker than others who don’t have any sort of database backup might be able to. In most cases, the database is the centre or heart of your website and without it your website wouldn’t be able to run since all the website’s content is stored within it, and if your website has no content or is broken then you ight find your visitors going elsewhere - it is because of this that you should always take regular backups of your database to ensure that you don’t loose any website critical data or information that can’t get deleted. In order to create your dump/backup, you will first need to navigate to the ‘export’ tab of the database that you want to backup:

You will then be asked to select which tables you want to backup in the case that you are backing up an entire database, by default all the tables that your database contains are selected. You are given a number of different formats that your dump or backup can be downloaded as, some of these different formats being:

• CSV - comma separated values - this is a common file format that is usable on almost any operating system because of its age, dating back to the early days of business computing - is normally used with tabular data, such as that which you are trying to backup from your MySQL database
• CSV for MS Excel 2000 - comma separated values for Microsoft Excel 2000 - see above, the only difference being that this one is designed for use with Excel 2000
• Microsoft Word 2000
• PDF - portable document format - created by Adobe to allow easy exchange of documents, in most cases it is a read-only format meaning that you will be unable to modify the data contained within the backup
• SQL - structured query language - this will create an SQL file which will contain the code which you can easily run as an SQL query on another database or on a new one if the database that you happen to be administrating gets deleted or lost for some reason or another - will restore all original data in seconds, although the timescale does depend on the amount of data being backed up or restored
• XML - extensible markup language - this is normally used by developers since it allows them to specify and create their own tags when they are coding websites or applications - with a backup it utilizes custom tags to arrange the data efficiently within the file that you will be able to download.

Conclusion

In conclusion, PHPMyAdmin is a powerful third party web based database administration tool that will allow you to effectively manage all of your MySQL databases with ease from any internet connected location in the world, thus allowing you to manage your MySQL databases whilst you are on the move. With its management features you are given the ability to create and manage both tables and fields within your MySQL databases so that you can effectively manage and organize the data which you want them to hold; this means that can easily access the information held by your database from your PHP based websites and applications, giving your website maximum flexibility when it comes to expanding the functionality of it. You are given many different expansion options for your PHP based website or application when it comes to MySQL since you can easily create different features that utilize a database to hold your data in either the short term or the long term.

PHPMyAdmin is also an industry leader when it comes to open source database management systems, since it is bundled with both the cPanel and Plesk web hosting control panels, meaning that you are given a large amount of freedom to configure your MySQL databases the way you want them to be when it comes down to being hosting on a shared hosting package utilizes either Plesk or cPanel to manage your website as well as the other on the server as well as the server itself on which you are hosted. If you choose to use PHPMyAdmin on a stand-alone MySQL server then you are given even more advanced functionalities, such as the ability to use it to create new databases if you are logged into it as the root or administrator user thus meaning that you don’t need a third party control panel if you just want to administrate the databases that you are hosting on your server.

PHPMyAdmin is the right solution for you if you are looking to administrate your databases whether you are on the fly, at home or in your office; it contains features that make it superior to may desktop database management systems which gives one advantage, but the best advantage has to be the fact that it is web based meaning that you can access it from any internet connected location, and use any of its features - meaning that for example you could be sitting on a beach in Hawaii with a wifi laptop and be creating new tables for your database so that at the same time you are able to expand the functionality of your PHP website or application - although thats the last thing almost anyone would be doing! PHPMyAdmin is an open source application, meaning that it is freely available for download and use by anyone and can be used as many times as one wants to, meaning that you aren’t restricted by any license terms as you would be with a commercial application of the same type.

As mentioned previously, PHP and MySQL make the best programming and database combination since they are both open source and come with a range of tools and add-ons that allow you to make the most out of both. If you are looking to learn a dynamic server side language which you can use in conjunction with a database system, then you should look no further than PHP and MySQL - there are also a wide range of tutorials available in this blog and on the internet that you can use to aid you in the learning process. You can also buy a wide range of commercial books based around teaching you PHP and MySQL.

Scripting languages are a type of programming language that controls a specific software application. One example is JavaScript, that controls slight behaviour of a Web browser. For example, JavaScript in a particular fashion is an event-driven scripting language, so in this way, upon an event taking place, JavaScript “springs into action”. One JavaScript code could wait for an event when the user tries to close the tab or browser, and a message box will appear upon the event happening. As such, JavaScript is a client-side scripting language.

What is a client-side scripting language?

Client-side scripting languages are like any form of scripting language but the browser in some form is the interpreter. As such, a server-side scripting language would be a different type of scripting language genre, but in this case the interpreter is a virtual machine inside a server. In this case, the server is a physical machine that has the virtual interpreter installed on it. Basically, a virtual interpreter reads the scripting code, and translates it to HTML code of that specific result, which the browser can understand, and the same pattern would happen with the browser (HTML code -> bytecode -> screen). In this case, the screen part is where the text is displayed on the users screen.

Why have scripting languages?

Unfortunately computers aren’t like humans, and as a result can’t understand human speech commands that we say. For example, in a command-line interface, if we wanted the computer to open a specific file, we couldn’t just say “open notepad.exe” - the computer would just respond and say “unknown command”. The reason there are scripting languages are for a computer to accomplish a specific task. There are many variety of scripting languages out there, and different scripting languages are for different tasks. For example, JavaScript is a client-side scripting language and mainly an event-driven scripting language, and hence, it usually waits for events to happen. JavaScript is commonly known to be used for pop-ups, and in use with web-forms for validation purposes. Another good purpose of JavaScript is that it is capable of changing images as the mouse moves over them. Much like desktop programming languages which are mostly event-driven as well.

There are other scripting languages that are used for general-purpose activities, for example creating dynamic Web pages to create interactivity to the visitor. In such a sense, we mean that, for example, a page could display two different things. If the user is using Firefox, some text with “You are using Firefox” would be displayed, conversely, if the user is using Internet Explorer, some text would display “You are using Internet Explorer” instead. This is one form of dynamic Web pages, but of course many scripting languages could do things at a much higher-level scale than just this. Another example is creating a text-based game, completely coded in a scripting language.

Just for your information, there is a distinct differentiation between scripting languages and good old HTML. HTML alone cannot create dynamic Web pages, as such some of the examples explained in the preceding sections. HTML was created for the building of Web pages, and as a result, it is a static language, and is the structuring of Web pages (and in some cases the styling of Web pages, too).

How do I learn a scripting language?

First of all you need to understand whatever scripting language you want to go for and what exactly it does. If you want to go for client-side scripting languages, JavaScript may be a good option. And in another criteria, for server-side scripting, PHP may be a good option, as a general-purpose scripting language. Nonetheless, whatever scripting language you go for, you need to look into what exactly it is, and understand the concepts of it first. If you want more information on PHP, you can pop on over to PHP’s official Website, PHP.net and JavaScript resources and tutorials can be found with a little searching with Google.com.

Good luck!

If you want to build a dynamic website which has the ability to communicate with databases and servers to ensure that it is both functional and efficient, then you will need to have knowledge of a programming language to ensure that these tasks can be easily achieved; there are many different programming languages, each of which have been designed for use in specific server environments, and although most possess more or less the same basic features at heart, some do contain more advanced and complicated features that others may not have. When choosing a programming language to learn, you should always consider how easy it will be to learn and ask others who have a good deal of knowledge about the language you are wanting to learn just how long it took them to learn it, and how easy they find it to use within a complicated server environment; you should also take into consideration the server environment in which the code that you produce will be hosted - for example you don’t want to go and learn a language which you then can’t use effectively since it hasn’t been designed to work in a server environment such as the one which you want to host it in. You should also take into consideration the external factors of a programming language which can affect your ability to code in it as well as the dynamic functionality that it is able to achieve; for example you should always consider the external database programs that you are able to use with your chosen programming language - this is because some database programs might not be able to function in the same environment as that in which the programming language that you have chosen to use does, this means that you should consider a database program that it is able to function with both the programming language that you have chosen to use as well as within the same environment as that in which the programming language that you have chosen to learn. Other factors you should consider when choosing a programming language to learn is the amount of support that is available for it; this is because if you are new to programming then you might need some support to help send you in the right direction if you happen to come across a problem or are unable to figure something out when you are in the middle of learning that language that you have chosen to learn. If you are new to programming, and have not learnt any server side scripting language previously, then you will open your website to a whole new set of opportunities which you most likely did not know about previously; this is because with the use of a server side scripting language, you can allow the pages of your website to interact with the server and also configure your pages to work with a database which means that your visitors can have much more interaction with your website if you use these opportunities to add new features to your website such as a password protected area or a forum where people can discuss certain topics with each other.

Features

You should always consider the features that a programming language has when you are looking to learning a language to aid you in the process of a building a dynamic server side script based website; this is because that although more or less every server side scripting language has the core features such as interaction with databases and the server, the more advanced features can settings can easily differ from language to language meaning that some are better suited to one use than another might be. Some languages are starting to incorporate new features that will help them stay up to date with the latest internet trends as they start to grow; for example Microsoft has started to release an AJAX toolkit for its ASP.NET server side scripting language to ensure that developers who use the language for their websites are able to keep their websites up to date in terms of the technology which is used to enable their scripts and web pages to interact with the server on which they are hosted. Most programming languages are able to work with a wide range of database programs which means that you are given a selection of database programs meaning that you can choose one which suits your requirements perfectly, both in terms of specification and the languages that it is able to function with; with the use of a database and a dynamic server side scripting language, you are able to store data which can be accessed by any dynamic script or web page which as the necessary database login details - this means that you could setup a private area on your website which requires a user name and password to gain access, or you could build a content management system to base your website on which will store all the content for your website in a centralized database. Another thing that should you take into consideration is the libraries that are available for the scripting language which you wish to learn; libraries are normally ‘add-ons’ for scripting languages that allow you to expand the capability of the programming language that you have chosen to learn since they are normally made for one purpose which expands on an existing function of the scripting language, or adds a completely new set of functions entirely. You should also consider the operating environment in which the programming language has been designed to run; for example PHP has been designed to allow it to run in both Linux and Windows environments, which means that you can easily install the necessary files in both operating systems to ensure that it can run effectively - on the other hand, ASP.NET has been designed by Microsoft which means that it can only be run on a server which is running Microsoft Windows Server. You should also consider the language’s ability to run alongside other web pages which have been written in different programming languages; for example PHP pages might interfere with the running of ASP.NET scripts and pages within the context of a Windows based web hosting environment.

Environment

One of the main factors that you should consider when choosing a programming language to learn is the environment for which the language you have chosen is able to operate in; this is because some programming languages have been written to allow them to run in a certain operating system only, meaning that you have to be using that operating system in order for you to be able to host and view the files that you have written in the dynamic server side scripting language concerned. For example, if you want others on the internet to be able to view the files or web pages that you have written in either the classic ASP or ASP.NET programming languages, you have to be running a server or computer which has either Microsoft Windows Server installed on it, or Microsoft Windows XP Professional - although it is recommended that you use Windows XP Professional to view server side scripts if you are wanting to test them, since it isn’t as suited to the position as Windows Server is; this is because that Microsoft has designed both programming languages to be run on Microsoft operating systems only and to only be executed through Microsoft’s web server, IIS (Internet Information Services) - this means that you might have to fork out extra for Windows based web hosting in order for you to have the ability to execute and view the classic ASP and ASP.NET web pages and scripts that you have written. On the other hand, programming language such as Ruby on Rails (RoR) and PHP will run on most operating systems, and are open source meaning that they are free; the fact that they are open source means that you can pick up a cheap cPanel and Linux based website hosting account that in most cases should have the ability to run Ruby and PHP based website applications. Although ASP.NET and classic ASP are both free to use programming languages, they are still classed as commercial since the running of them is only possible through the purchase of a Windows Server license, this means that their cores cannot be accessed by the likes of you and me which means that the cores can’t be customized to the way that we want them in order to make the engines behind both languages run more efficiently and faster; however, the source code for both Ruby and PHP can be downloaded which means that any developer with a sufficient amount of knowledge can easily modify the source to the way that they want it to be and then rebuild for use within their own server environment. Other environmental factors for the running of the programming language that you have chosen to learn can include the necessary file permissions which might be required to ensure that the language which you have chosen to learn can run effectively without any problem, which is a must when you are wanting to use the language within your own dedicated server environment; if the correct file permissions are not set then the core of the language might be restricted from accessing the resources that it needs to ensure that it can run effectively and fast.

Support

If you are new to the world of server side programming languages, then you should always take into consideration the support that is available to you if you find that you need help with a certain feature of the programming language that you have chosen to use; this is important because the best known languages have many forums that are dedicated to them which should more than meet your needs, but on the other hand the lesser known languages don’t have such a good amount of support available for them - or the case may be that there is enough support available for them, but the support just isn’t informative enough which isn’t what you need when you’re starting out with something new. For example, Microsoft’s ASP.NET language may be a commercial one, but the company itself doesn’t provide any official support past the regular documentation that you should be able to find with any programming language that you want to learn, especially the best ones; in this case you should be able to rely on internet based communities to help you out in the learning process, since these communities are normally full of many knowledgable members who can give you tips on how best to learn the language as well, since everyone had to learn the language at some point in their development career. You will never find any source of official support for any open source scripting languages beyond the documentation that you should be able to find for almost any scripting language, regardless of whether you choose to learn it or not since everyone needs some sort of official source which they can refer back to; however, you should be able to find more internet based communities which can help you out with the language that you would for an commercial server side scripting language, this is because that people are able to view the source code of the actual language which in turn means that they should be able to tell you exactly what to do if you happen to run into a problem with the language that you have chosen to learn. If this is your first time learning a programming language, then it is important that you try and learn a language which has lots of support available to you; this is because it is inevitable that you will get stuck during the learning process at some stage or another since programming languages are very complicated things to learn. One thing to note is that the documentation that is provided by the makers of the scripting languages for their products are in most cases very complicated; this means that you should try and gain a good amount of knowledge before attempting to read one of the documentation manuals since you should then be able to solve your problem much more efficiently, and at the same time will be gaining knowledge on the language which you have chosen to learn. If you gain a good amount of knowledge of your chosen language, you might end up becoming a programmer - which in most cases is highly paid job because of the skill that is involved.

Commercial and Open Source

Commercial programming languages are ones which require you to purchase something in order for you to have the ability to run them so that visitors to your website are able to view the finished article, and so that the server which is hosted the script or web page concerned is able to process the file in a correct manner so that it can output it to the visitor’s browser in the correct format. Commercial languages are generally made for use on one operating system only, which restricts you from how and where you are able to use your skills if you choose to learn a commercial server side scripting language; an example of a commercial server side scripting language would be Microsoft’s ASP.NET, this is because you can only use it under Microsoft’s web server, IIS, which itself will only run on a Microsoft operating system such as Windows XP Professional or Windows Server 2003 - their more modern counterparts being Windows Vista Business and Ultimate, as well as Windows Server 2008. On the other hand, open source programming languages generally allow you to run them on any operating system, which means that you are able to apply your knowledge and skills across a wide range of operating systems if you do choose to learn and open source server side scripting/programming language; you can also expand open source scripting languages more easily than their commercial counter parts, this is because many developers have spent their time developing free add-ons for the open source languages to help make them much more feature filled, and in tun allowing people who develop using them to build more feature filled and efficient web based applications and websites. You will also find that the support for open source programming languages is much greater than that of commercial programming languages; the main reason for this is that people and developers tend to go more with open source languages for the simple reason that they are free, and because there is a large number of experienced developers who decide to use open source languages, there is a large amount of people who are willing to help out those who are new to the world of server side programming. The amount of support that is available for commercial server side programming languages is very little when compare to that which is available for open source languages; this is because that most developers don’t have the money to invest in the needed technologies to ensure that their scripts and web pages, which means that they normally take up open source programming languages because of the fact that there is little to no cost of getting started with these - you will also find that larger corporations with money will be utilizing commercial scripting languages, and they will be unwilling to provide any outsiders with any sense of support if they have just started out with a new programming language - if you do want to start with a commercial programming language then you should try and pick up a cheap book from your nearest book store.

Conclusion

In conclusion, if you are new to the world of developing with server side scripting languages then you should take up an open source programming language to learn since there are far more helpful resources available for you than there are with commercial programming languages; this means that you might find it easier to learn your chosen language, and might even be able to get your dynamic website built much quicker than you would with a commercial programming language which has far less resources available regarding information about it. If you start coding in a language, and you fill that your set up might need expanding so that you are able to use many more functions when you code, then you should choose an open source language to learn since you can easily expand these through the use of freely available function libraries which are in most cases open source as well; this means that if you want to expand the interactivity that your website is able to have with the server on which it is hosted, then you can by simply expanding the base of the language in which you are coding with some simple yet effective function libraries. If you do choose to code in a commercial scripting language, then you might find yourself paying high web hosting costs since the cost of the software which is required to enable commercial scripting languages to run is high, and web hosts have to past the costs on to customers; you might also find yourself paying large amounts of money for resources such as books to aid you in the development process because there is a lack of online resources - if you were to code using an open source language then you would be able to use the vast range of free online resources to help you, and would not have to pay large amount of money for thick and complicated and in some cases almost useless books. With the use of this article, you should have been able to discover the power that programming languages have, and how the use of them can help boost your website in terms of how you manage it, and how much interactivity your visitors are able to have with it since you can use the features of programming languages to help add more features to your website. Also, with the use of a programming language, you might be able to get a job in IT since programmers are very skilled people, and positions for them normally accompany high salaries.