1. Multi-terminal access.
2. Auto-Backups, so your data is always backed up and safe. With desktop/installable softwares you will have to manage your data, backup and make sure everything is safe which is hard work and time consuming.
3. Access from anywhere, no need to install. With a desktop software, your access point is “one” but with web based, you can access from anywhere and everywhere.
4. You will need to produce and distribute physical or digital copies of the software to each individual machine in order to run the software. So, if there is an update or a patch, you now need to update or patch “each” individual machines.
5. There are some other benefits like relief from platform dependance issues, social networking, marketing and integrations, the software
cannot be pirated, it can scale more with cloud based storage and architectures provided by companies like amazon and rackspace. There
wont be virus or malware issues and ofcourse its easier to make your web apps mobile ready while it would be quite difficult to adapt your
desktop based applications on your mobile.

Let us know about your thoughts in the comments :)

A cheap oscilloscope can be made using a PC and mic. However it is limited to low frequencies at around 25Khz (the audible range).

Things needed :

1. A PC with a sound card
2. A mic wire (TRS plug)
3. A sound application – Audacity

Simple plug the mic into the mic socket of the sound card. Remove the mic from the wire and open out the inner wires. You would get 2 thin wires in it. If your circuit is on a breadboard, then put one thin wire into the Vout or output voltage and other into ground.
Start the application Audacity. Recording should be done from “Line In”.

Start recording. You should get the output waveform of the circuit recorded into audacity. You can magnify the waveform in audacity to analyse it.

Note :

1. The supply voltage should be less than 900mV or around 775 Vrms. To reduce the voltage of the circuit output , use a voltage divider made using 2 resistances. High voltage should not be fed into the sound card.

2. This oscilloscope can pick frequencies in the audible range. Starting from 10-20 Hz and upto 250Khz. Anything lower or higher than that would not be picked up by the sound card.

3. Before feeding the circuit output into this oscilloscope , first verify that it is working. This oscilloscope should pick up noise signals when nothing is fed into it. You should see Audacity recording noise signal. And when you hold the wire in your hands , it should pick up a lot of noise signals which would look like square waves. If the wire is not picking any signals and showing a straight line in audacity then probably it needs to be fixed before using with any circuit.

Mobile phone radiation is measured using SAR value. It is Specific Absorption Rate
More SAR information

This page http://www.sarshield.com/english/radiationchart.htm
gives the SAR rating for some Indian brands like Videocon , Micromax , Lava , Karbonn etc.

SAR values of various mobile phones :

1. http://www.ewg.org/cellphoneradiation/Get-a-Safer-Phone?allphones=

2. http://www.mobile-phones-uk.org.uk/sar.htm

3. Nokia provides SAR values here http://sar.nokia.com/sar/index.jsp

Sony Ericsson also provides lot of SAR information here :
http://www.sonyericsson.com/cws/support/phones/detailed/sarinformation/

For Samsung :
http://www.samsungmobile.com/sar/sar_main.jsp

4. http://www.mobilemag.com/2010/03/19/the-20-most-hazardous-cellphones-on-the-market/

5. http://www.ewg.org/cellphoneradiation/Get-a-Safer-Phone?phone_function=PDA

6. http://www.ewg.org/cellphoneradiation/Get-a-Safer-Phone
7. http://www.ewg.org/cellphoneradiation/newecellphonesin2010
8. http://sarvalues.wordpress.com/
9. http://sarvalue.blogspot.com/

Other international brands like Motorola , Blackberry etc are discussed in this article :
http://blogs.techrepublic.com.com/hiner/?p=2888

The SAR rating should be as low as possible. SAFE range is below 1.0. Anything above that would give problems.
1.5+ is very high and should not be used.

0.5 or below is safe range , still best policy is to keep mobile away from body as much as possible.

Other links explaining SAR :

http://articles.mercola.com/sites/articles/archive/2009/09/03/Brain-Damage-From-Mobile-Phone-Radiation.aspx

http://articles.mercola.com/sites/articles/archive/2009/11/05/Top-Safe-Cell-Phones-That-Arent-Safe.aspx

In countries like USA , the SAR rating is printed on the mobile phone cover and its illegal if its not there. However in India no such law being there , companies and bring out any SAR rating in market and consumers not being aware are purchasing them. There is a need for wider public awareness in regard to mobile phone radiation.

Best things to keep in mind before buying a mobile handset :

1. Check SAR rating of the particular model/make and also the SAR ratings of other models by a particular brand to get an idea about the average SAR.

2. Mobiles with more wireless features like Wi-fi , bluetooth , GPS , 3G are likely to have higher SAR rating. Avoid such features unless absolutely necessary. Look out for specific models which have the features yet with a smaller SAR value.

3. Do use hands free whenever possible to keep the mobile away from yourself.

index.php/controlller/method/param1/param2
or
/controlller/method/param1/param2

Now if the parameters contain a forward slash then you would urlencode it as :

index.php/controlller/method/par%2Fam1/param2

But opening that kind of URL would give an error : Page Not Found

This happens if AllowEncodedSlashes directive of Apache is not turned on. More Here. This directive should be turned on to allow those sort of Urls. And for codeignitor $config['permitted_uri_chars'] should also be checked to allow forward slash in uri characters.

Reference :
1. Apache Documentation

Moneybookers charges 1.9% + 0.29 EU for receiving commercial payments compared to ~ 4% in paypal. In Moneybookers the payer is also charged. Moneybookers account needs verification before it can be used fully.

The first simple option is to verify address by requesting a letter. In there moneybookers would send a letter with a verification code to the account holder’s address. Upon receiving the letter the account holder must type in the code back into moneybookers. By doing this the address gets verified and limits are lifted so some extent.

Now if transactions exceed euro 1000 in a 90 day period or something similar then moneybookers requests further verification of bank account or credit card. To verify bank account a withdrawal of < $15 should be made from moneybookers to bank account. In this transaction moneybookers would send a reference number which is to be used to verify the bank account.
The $15 withdrawal method of verifying bank account doesnt seem to work for all.

The best way to verify a bank account is :
1. Contact moneybookers and send them a screenshot / scanned copy of you latest bank statement. They may verify it within 2 hours!!
2. Or send them a scanned copy of a FIRC certificate that you may have received while make smaller withdrawal.

Either way would work and bank account would be verified quickly. This would lift the limits further and enable good volume of transactions.

Another good aspect of moneybookers is that it can send dollars directly to your bank account if you have dollar as your currency in moneybookers. USE dollar as your currency in moneybookers as you would save more. If you use inr as your currency in moneybookers then when you receive a dollar payment it would be converted into rupees at higher currency conversion charges. Instead if you receive dollars directly in your bank accounts then banks would charge less for the currency conversion , giving very good forex rates. Hence KEEP you currency DOLLAR in moneybookers. Paypal doesnt have the option to withdraw dollars. It forcefully converts dollars to inr at very low forex rates.

Moneybookers also charges 2.29$ per withdrawal. So making large withdrawals with moneybookers can save money as compared to Paypal. Also there is no issue of chargebacks with moneybookers. In paypal if someone files a chargeback , then no matter what you do , you account will be debited. Sellers have no protection in Paypal. Paypal will happily pay back the payer and seller will simply stand and stare. No such problems exist with moneybookers.

When receiving dollars in Indian banks there are varying charges. For e.g. HDFC bank charges Rs. 90 + s.t. when receiving dollars whereas ICICIBank charges Rs. 600 + s.t.

So for e.g. Scriptlance > Moneybookers > HDFCBank is really a optimum , fast and low fee solution for freelancers.

www.site.com/index.php/class_name/method?id=15
or
www.site.com/index.php/controller/action?id=15 in the MVC style
or
localhost/project/index.php/class_name/method?id=15

PHP MVC frameworks like codeigniter use urls like that.

Apache makes available a variable called PATH_INFO to PHP which stores
the portion of the url between script and query string that is /class_name/method

On Localhost

index.php
print_r($_SERVER)

shows :

     [SERVER_SIGNATURE] => <address>Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch Server at localhost Port 80</address>
     [SERVER_SOFTWARE] => Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch
    [SERVER_NAME] => localhost
    [SERVER_ADDR] => 127.0.0.1
    [SERVER_PORT] => 80
    [REMOTE_ADDR] => 127.0.0.1
    [DOCUMENT_ROOT] => /var/www/
    [SCRIPT_FILENAME] => /var/www/project/index.php
    [REMOTE_PORT] => 39733
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => id=15
    [REQUEST_URI] => /project/index.php/class_name/method?id=15
    [SCRIPT_NAME] => /project/index.php
    [PATH_INFO] => /class_name/method
    [PATH_TRANSLATED] => /var/www/class_name/method
    [PHP_SELF] => /project/index.php/class_name/method

Next using .htaccess to redirect localhost/project/class_name/method to localhost/project/index.php/class_name/method and again viewing the $_SERVER variable with url : localhost/project/class_name/method

shows :

     [SERVER_SIGNATURE] => <address>Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch Server at localhost Port 80</address>
     [SERVER_SOFTWARE] => Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch
    [SERVER_NAME] => localhost
    [SERVER_ADDR] => 127.0.0.1
    [SERVER_PORT] => 80
    [REMOTE_ADDR] => 127.0.0.1
    [DOCUMENT_ROOT] => /var/www/
    [SCRIPT_FILENAME] => /var/www/project/index.php
    [REMOTE_PORT] => 39734
    [REDIRECT_QUERY_STRING] => id=15
    [REDIRECT_URL] => /project/class_name/method
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => id=15
    [REQUEST_URI] => /project/class_name/method?id=15
    [SCRIPT_NAME] => /project/index.php
    [PATH_INFO] => /class_name/method
    [PATH_TRANSLATED] => /var/www/class_name/method
    [PHP_SELF] => /project/index.php/class_name/method

In both the above PATH_INFO is identical results , REQUEST_URI is different.

On Webserver
Now when the same code was put up on the webserver ::::

without .htaccess redirect , url like domain.com/project/index.php/class_name/method?id=15

shows :

    [SERVER_SOFTWARE] => Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
    [PATH_INFO] => /class_name/method
    [PATH_TRANSLATED] => /home/celcscom/public_html/project/index.php
    [QUERY_STRING] => id=15
    [REDIRECT_STATUS] => 200
    [REMOTE_ADDR] => 59.93.245.243
    [REMOTE_PORT] => 60157
    [REQUEST_METHOD] => GET
    [REQUEST_URI] => /project/index.php/class_name/method?id=15
    [SCRIPT_FILENAME] => /home/celcscom/public_html/project/index.php
    [SCRIPT_NAME] => /project/index.php
    [SERVER_ADDR] => 216.67.245.98
    [SERVER_PORT] => 80
    [PHP_SELF] => /project/index.php/class_name/method

PATH_INFO is same as localhost.

The difference came when using .htaccess redirect , the output

shows :

    [SERVER_SOFTWARE] => Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
    [QUERY_STRING] => id=15
    [REDIRECT_QUERY_STRING] => id=15
    [REDIRECT_STATUS] => 200
    [REDIRECT_UNIQUE_ID] => SsI359hD9WIAAHMWpgEAAAAD
    [REDIRECT_URL] => /project/class_name/method
    [REQUEST_METHOD] => GET
    [REQUEST_URI] => /project/class_name/method?id=15
    [SCRIPT_FILENAME] => /home/celcscom/public_html/project/index.php
    [SCRIPT_NAME] => /project/index.php
    [SERVER_ADDR] => 216.67.245.98
    [ORIG_PATH_INFO] => /class_name/method
    [ORIG_PATH_TRANSLATED] => /home/celcscom/public_html/project/index.php
    [PHP_SELF] => /project/index.php

PATH_INFO is missing but ORIG_PATH_INFO is there with the information PATH_INFO was supposed to have.

So the php code had to be changed to check for $_SERVER['ORIG_PATH_INFO'] when $_SERVER['PATH_INFO'] is absent

PATH_INFO relies on the Apache AcceptPathInfo Directive

LoadModule rewrite_module modules/mod_rewrite.so

by removing the # sign before it.

Then comes a section which looks like this :

<Directory "C:/Apache2.2/htdocs">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

The line :
AllowOverride None

should be made :
AllowOverride All

Restart Apache. Create a .htaccess file somewhere in htdocs and write some garbage text in it like akjsnajknda and save. Create a index.php along with the .htaccess file. Now open the index.php file in browser and you should get an Internal Server Error. This indicates that .htaccess file is wrong , which means that mod_rewrite is now active.

select
    concat(table_name, '.', column_name) as 'foreign key',
    concat(referenced_table_name, '.', referenced_column_name) as 'references'
from
    information_schema.key_column_usage
where
    referenced_table_name is not null;

which is found here

and gives an output like this :

+-----------------------+-------------+
| foreign key           | references  |
+-----------------------+-------------+
| orders.client_id      | clients.id  |
| line_items.order_id   | orders.id   |
| line_items.product_id | products.id |
+-----------------------+-------------+

Another way would be to :

SHOW CREATE TABLE tablename;

which displays the sql query to create the table and has the foreign key constraints too.

Apart from this phpmyadmin too shows the foreign keys on the top of a table structure.

References :
1. Mysql Docs

#1449 – There is no ‘projects’@'localhost’ registered

So I opened the dump file and found that the error was being caused by a line which looks like this :

/*!50013 DEFINER=`projects`@`localhost` SQL SECURITY DEFINER */

This line appeared in every view definition. So the simple reason was that projects@localhost was the user which had created the view (on the server) and when importing the database on local system there was no user named ‘projects’ in mysql.

There appeared to be no way by which this line could be prevented from coming up in the dump file. So a possible solution was to erase it from the dump file.

On ubuntu like this :

sed ‘/^\/\*\!50013/d’ backup.sql > backup_without_50013.sql

in PHP I tried this :

$contents = file_get_contents('backups/backup.sql');
$contents = preg_replace('@\/\*\!50013 DEFINER.*?\*\/@' , '' , $contents);
file_put_contents('backups/backup.sql' , $contents);

The above solutions worked.
But I was still looking for a technique where I didnt have to modify the dump file.

The solution is to create a view with sql security invoker like this :

CREATE SQL SECURITY invoker VIEW my_view as select …….

The above statement allows this view to be viewed by any user who invokes the view.By default the SQL SECURITY is DEFINER which means the definer user can only view it.

First of all it should be noted that getting someone’s password out of a server is something impossible for the very simple reason that in most cases the password is stored no-where. Newbies think and make attempts to get the some one’s password from the target server. But yes this is not possible. Passwords are not stored directly, but as hashes (if you are a web developer then you must be knowing this). Hashing is basically a one way algorithm to turn a string of any size into a fixed sized string. For more on hashing get to wikipedia. Hashes cant be reverted to get back the original string. Now when a user logs into a system, he provides his username and password. Now the password is hashed again and compared with the hash that was stored during registration. If both match then access is granted.

But yes there are techniques to get some one’s password or rather “steal” them from the original user. Thats the only way to get the password.

Some common techniques are :

1. Phishing : Now “phishing” it basically “tricking” , to trick a user into providing his login details to you. The most popular way to do this is by creating a fake login page which looks like the login page of the original system and make the user login through this fake login page. When the user attempts this then the login details he provides go to the hacker rather than the actual system. Phishing issue arise in a lot of situations e.g. email logins , bank logins etc.

2. Social Engineering : This technique involves collecting some information about the user which can provide access to his system. The best possible extent of doing this would be to get the password itself from the user but in most cases this is not possible. Most email systems for example provide a password recovery mechanism which involves answering certain questions like Your birthdate , phone number , pet name etc. Now a hacker clever at social engineering would talk with the user directly and during the conversation would try to make the user speak out the information that is useful to get access to the user’s mail. For e.g. a hacker could ask the birthdate some where in the conversation and if the user tells it, then the user can use it. Social engineering aims at collecting as much information as possible from the user which can be useful to get the login or access to his mailbox.

3. Trojans/Keyloggers/Spyware : This is a software based technique. It involves installing a piece of software on the victim’s computer so that the activity on the target computer can be recorded and read by the hacker. For e.g. logging all keyboard activity and then searching them for usernames and passwords.