What is CodeIgniter?

CodeIgniter is a free, open-source, easy-to-use, object-oriented PHP web application framework, providing a ready-to-use library to use with your own PHP applications. For example, there is a Database API to make it easier and more convenient to execute SQL queries, such as SELECT, UPDATE, DELETE, INSERT, etc., without having to create a lot of repetitive code yourself. This is how an application framework is useful in application development.

CodeIgniter is object-oriented

Using CodeIgniter requiring knowledge of using the object-oriented programming technique in order to be able to use CodeIgniter effectively, and to understand what happens when you are using certain features in CodeIgniter.

But, what is object-oriented programming?

It’s quite difficult to explain object-oriented programming because from a conceptual point of view, it is difficult to understand. However, the main purpose of object-oriented programming is to make application development easier, especially as applications become bigger, with large structures. Object-oriented programming allows application code and logic to be easier to understand, structured and coherently in place, making it easier to develop and extend your application’s features and functionality. With procedural programming (which is merely standard code executed line-by-line with the use of functions as a container for code that help prevent repetitiveness and “reinventing the wheel”), applications can become a mess if they aren’t developed in a way where everything is well laid out, coherent and structured, and can be more difficult to extend and add new features and functionality to your applications later on. With object-oriented programming, in a way, you are forced to be coherent and have your code structured correctly.

Classes and Methods

What are classes and methods? These are the first concepts you’ll be introduced to if you are learning object-oriented programming from most books or online resources. Say you’re creating a framework. You’ll have different classes for different parts of your framework. One being a “Database Class”, one being an “E-mail Class”, and so forth. Of course, in this case, the Database Class is like the CodeIgniter Database Class, providing a set of ready-made methods for you to use so you don’t have to create them yourself in order to execute certain application logic, such as inserting, updating and removing database records quickly, without having to “reinvent the wheel”.

The methods are what contain the application logic, and the class merely holds many related methods together. And this is exactly how your applications would work with the use of the object-oriented programming techniques.

How does CodeIgniter work?

CodeIgniter has a very extensive user guide, which is much better than documentation on some other frameworks, such as CakePHP (which is another PHP framework).

CodeIgniter has classes and helpers.

Classes

Classes contain a collection of methods and properties (properties are essentially variables in an object-oriented context).

For example, here is an example using the Database library within CodeIgniter:

$this->db->get(‘users’,$data);

In any application you make using CodeIgniter, your own classes inherit (or extends) the CodeIgniter class, and so this is why the $this variable is used, which refers to the current class/object. So to call another method within your class, you would use $this->method_name().

Helpers

Helpers contain ordinary PHP functions. Such as the Form Helper.

Other interesting features of CodeIgniter

While this is by no means unique to CodeIgniter, and other web application frameworks use this approach to application development, CodeIgniter primarily uses the Model, View, Controller (MVC) approach to application design and development. It essentially separates application logic from the application design/view. The application logic is the Controller, whereas the application design/view is the View. The Model is for database interactions. There are more complex scenarios where the MVC approach is used, but for basic to intermediate CodeIgniter applications, the Model would contain database interactivity logic of sorts.

Active Record

When you saw an example of using the Database Class above, that code is actually part of the Active Record Class that is part of the Database library.

Active Record is where your work can be shortened by providing an easy and convenient way to execute certain SQL queries without having to write out the entire SQL query yourself. Active Record essentially allows information to be updated, retrieved, added and removed conveniently.

More information on CodeIgniter

The CodeIgniter framework works on all of our shared and reseller servers, and can be installed on pretty much any server with PHP installed. As of writing, CodeIgniter requires PHP version 5.1.6 or higher and obviously a database will be required for any database-driven PHP application (as of writing, MySQL 4.1 or higher). CodeIgniter also supports PostgreSQL, Oracle, SQLite and ODBC. For up to date server requirements, see the CodeIgniter user guide.

Visit the CodeIgniter website

Related Posts:

• No Related Posts

The PEAR stands for PHP  Extension and Application Repository, which is a repository of PHP software code. Installing PEAR package for PHP is very simple. It allows you to install various PHP extensions without compiling the source packages.

Go to the command line and enter the following command.

pear
pear – command not found

If you get a message “command not found” as shown above, it means PEAR is not installed on your server.

In order to install it, follow the steps given below:

Visit the following link and download the installation php file:

http://pear.php.net/go-pear

To download it, enter the following command line:

wget http://pear.php.net/go-pear

Once it downloads rename the file to .php using the following command:

cp go-pear go-pear.php

Enter the following command to run the php script:

php go-pear.php

The installation will start and the binary will get installed successfully. You can also check if there are any existing packages installed. To check, enter the following command:

pear list-all

The above command will list all the packages that are already installed. See examples below:

PACKAGE                  LATEST                   LOCAL
pear/Auth_HTTP        2.1.6                       HTTP authentication
pear/LiveUser           0.16.14                   User authentication and permission management framework

To check whether a specific package is installed on the server, use:

pear list-all | grep [Enter Package Name]

If you want to check information about a package, use the following command:

pear info [Enter Package Name]

If there are no packages installed, it will show a blank output once you enter the “list-all” command.

If you wish to upgrade an existing package use the following command:

pear upgrade [Enter Package Name]

To upgrade all existing packages enter the following command:

pear upgrade all

The above command will upgrade all the existing packages.

If there are no packages installed, you can install various php extensions using the following command:

pear install [Enter Package Name]

To uninstall a package, enter the following command:

pear uninstall [Enter Package Name]

The above command will uninstall that particular package from your Dedicated Server.

Hope it helps!!!

Related Posts:

• Points to Consider Before Moving to Dedicated Server
• What might look like a good backup plan ?
• How To Choose Best Server Operating System ?
• What Type of Hosting Servers Would Be Better ?
• Tasks You Can Perform When Your Server Runs Perfectly

PHP stands for Hypertext Preprocessor is a powerful and popular server-side scripting language which is used for serving dynamic web pages. It is very simple to code and debug and supports several databases like MySQL, MS SQL and Oracle.

But, have you ever pondered that some of the PHP functions can be very dangerous for your server and data stored on it ?

When the PHP code is used in an improper way or any insecure php code, potentially it can messed up with a web hosting server and can simply be hacked by hackers. Insecure PHP code can literally harm your server data at the level you cannot even imagine it.

Using the insecure PHP code, as a security hole hackers could enable some very dangerous and powerful PHP functions and can take control over your web hosting server. There are many such php function which should be disabled in the PHP configuration file. Let’s check out the functions that should be disabled in the php configuration file right away on your web server.

Following is a list of dangerous php functions:

apache_child_terminate
apache_setenv
define_syslog_variables
escapeshellarg
escapeshellcmd
eval
exec
fp
fput
ftp_connect
ftp_exec
ftp_get
ftp_login
ftp_nb_fput
ftp_put
ftp_raw
ftp_rawlist
highlight_file
ini_alter
ini_get_all
ini_restore
inject_code
mysql_pconnect
openlog
passthru
php_uname
phpAds_remoteInfo
phpAds_XmlRpc
phpAds_xmlrpcDecode
phpAds_xmlrpcEncode
popen
posix_getpwuid
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
posix_setuid
posix_uname
proc_close
proc_get_status
proc_nice
proc_open
proc_terminate
shell_exec
syslog
system
xmlrpc_entity_decode

On the cPanel servers where PHP handler is configured to use DSO, PHP runs under nobody ownership. This may become a security hole and create major issue if you have given 777 permission. The 777 permission enables the “nobody” user to read, write and execute the file. So, its better to be careful with the permissions.

It is always recommended to set the permission to 755, so that no one can edit or change the files. The PHPsuexec function disallows the php scripts to run as 777 permissions and the files cannot be read as well. This function should always be enable for ensuring the maximum security.

PHP functions such as “exec” and “system” are always used to execute the external programs. Even a shell command can also be executed. If these two functions are enabled then a user can enter any command as input and execute into your server. The user can also delete all of your data simply by giving “rm -rf *” command. Even the user can enter any command simply by using (;) in the argument area. Thus, it is better to disable the “exec” and “system” functions in your php.ini configuration file.

Enter the following command in ssh to find your php.ini file:

root@server [~]# php -i | grep php.ini

Mostly, you will get it in the /etc/php.ini directory or you may also get in /usr/local/lib/php.ini

Enter the following command to edit the file using your favorite editor. I have used VI editor here:

root@server [~]# vi /etc/php.ini

Search for the following text “disable_functions” in the php.ini file.

disable_functions: is a directive used to disable the insecure php functions.

Once you find the “disable_functions” directive in the configuration file, modify the disable_functions=”” as shown below:

disable_functions = “apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode”

The above mentioned changes can be applied on both Linux as well as Windows servers.

Once you modify the php.ini configuration file, you will need to restart the Apache web server on Linux server and IIS web server on Windows server for changes to take effect.

After disabling the above dangerous php functions, you may encounter a problem with your web applications. For example: when you disable the “shell_exec” and visit Fantastico in the cPanel, you may see the below error:

Warning: shell_exec() has been disabled for security reasons in /tmp/cpanel_phpengine.*.* on line *

In this case, you should run the following from SSH:

/scripts/makecpphp

The above command will install a copy of PHP to use with the cPanel/WHM backend and its addons like Fantastico.

Related Posts:

• How to choose a best hosting solution?
• Importance Of Having Highest Quality Web Hosting UpTime
• Consider Some Of The Advantages Of Using Dedicated Web Hosting Solution | Part 2
• Consider Some Of The Advantages Of Using Dedicated Web Hosting Solution | Part 1
• Dedicated Web Hosting Services | Part 3

How to Encrypt Passwords in your Database/s ?

With the ever increasing rate of hacks and attacks, more and more individuals across the web have started realizing the need for keeping their website(s) secure. One of the ways is to implement an password encryption for your database. Having said that, when building a website that is password protected, it is also important to determine a way to keep the users login details secure from getting in the hands of the attackers.

We hear people saying that they wish to secure their website and the data it includes. But what does the term “Secure” mean ? One should be aware that the data within the websites database isn’t secure. If the database password falls in the wrong hands, all the measures that you’ve taken for securing your site would all go in-vain. We come across many users that use some sort of non-standard ciphering software that uses an algorithm that is of no good. Instead, users can opt for a standardized algorithm for example MD-5 or Message Digest Algorithm 5.

This algorithm is popular and is considered even by the experts in the industry. Message Digest Algorithm 5 is a encryption technique that uses a one-way hash algo. The most beneficial benefits of using MD5 encryption is it capability of not allowing anyone to revert an encrypted output to the initial, plain-text input. Whatever the input be, MD5 would always maps it to the same encrypted value. Hence, assuring the webmasters that the stored passwords would never be disclosed nor accessible to anybody. With this encryption technique, despite if the hacker is able to breach into your database, he would only have the “Read” permissions and not “Write” capabilities hence preventing him to make any changes in it.

Though there are certain drawbacks of MD5 encryption as well. One should not consider the technique of MD5 encryption as completely dependable. Incase, the password that you have set isn’t much strong, there are chances that a brute force attack can help the attacker gets to know it. Therefore, it is utmost important for users to have a complex password set for their websites, which too should be changed on a frequent basis.

It’s obvious to have a spontaneous question arising in the minds that, despite knowing these facts, why must we use MD5 encryption ? Then, reasons for it is that, this algorithm is fast, simple and really powerful.

Most website owners do not realise the basic fact that a password encryption would merely be of little use. It would only keep your passwords protects and not your entire website. If your website is poorly coded and loop holes, then an attacker or the hackers can exploit such weaknesses and cause serious damage, which might even be a compromised list of your highly confidential user details. This can only be avoided if you have a well written/coded website with sufficient information encryption. By doing this, hackers have next to no scope of causing damage. Even if they try to crack the encryption of the password, they would barely achieve success due to the very fact that it requires a lot of time and processing strength to achieve the results as per their expectations. And, thinking from a hackers perspective, no one can spend so long to try to decrypt a strongly encrypted password. Furthermore, it is important to maintain website and database backups on a regular basis. To understand the procedure to take backup of your database please refer :

It wouldn’t matter if your website is hosted on a Dedicated Hosting server or any other Affordable Web Hosting package, MD5 encryption is supported on all the types of packages.

Related Posts:

• No Related Posts

Let’s see, steps to backup your phpBB3 forum database:

Step 1: Login into your phpBB3 administration control panel. The below screen will appear.

Step 2: Now, click on the “Maintenance” tab as shown in the image below:

Step3: Click on the “Backup” on the left of your panel below the “DATABASE” section. The backup options will appear on your screen:

Step4: Choose the “Backup options” according to your requirements.

• Backup Type: Select whether you want to backup everything, just structure of the forum or just the data.
• File Type: You can backup your phpBB3 database in gzip or text format.
• Action: You can choose whether you want to Store and download, just Store file locally or just Download.
• Table Select: You can select the tables within your forum that you want to backup. Tables can be selected individually or all at once by clicking Select all.

Step 4: Click on the “Submit” button to backup your database. A download screen will appear as shown in the image below.

Step 5: Click on “Save” to store your backup on your system.

That’s it! You have successfully backed up your phpBB3 forum database. Now, let’s check out steps to restore your database in phpBB3.

How to Restore your Database in phpBB3

Step 1: Login into your phpBB3 administration control panel.

Step 2: Now, click on the “Maintenance” tab.

Step 3: Navigate to the left of your panel and click on the “Restore” listed under the “DATABASE” section. The following “Restore options” will appear.

Step 4: Select the backup file you want to restore and Click on “Start restore” button. The following confirmation screen will appear:

That’s it! You have successfully restored your phpBB3 forum database from a previous backup.

Now, you know how to backup and restore your forum database in phpBB3. Remember that it’s a good idea to backup your forum’s database often to restore whenever you want. PhpBB3 is a forum script available in the Softaculous Auto Installer having around 176 PHP based scripts offered absolutely free with the domain web hosting package. It is an ideal solution for people having multiple domain names and wish to host them under one single account.

Related Posts:

• No Related Posts