MySQL is a lovely way to store data, however as soon as we let users adjust the queries we use it can go pear shaped. Here are some really easy ways to protect yourself from those evil users.
Check Everything!
Seriously, never trust user input. They may not intend to do a SQL inject, but they could still end up doing it anyway. Any data coming from an uncontrolled source should be checked. In the below example I am going to use the if() function:
<?php if(!is_numeric($_GET['ID'])){ // If it's not a number
echo 'Sorry you ID is not a number.'; die();
}
// Do the SQL here.
?>
Hash/Encrypt It
Hashing or encrypting something is essentially changing a string of data into something more manageable. In the below example, I’ll use MD5 as my hashing method. This should remove any dangerous characters which could lead to a SQL error.
<?php
$password = md5($_POST['password']); // run a MD5 on the password
// If the password was 1234, it will now be 81dc9bdb52d04dc20036dbd8313ed055
// do the SQL Query
?>
Of course there are other functions to hash or encrypt something. Take a look at the PHP manual for more of them.
Serialize Serializing a string creates a storable representation of a value, personally this is my favorite way of putting some data into SQL because it can store arrays (So when I select the field, I get a big array of data). Here is a very quick example on how to do it.
<?php
$data = serialize($_POST['data']);
// do the SQL Query
?>
RSS (Really Simple Syndication) is used to publish frequently updated content such as blog entries, news headlines or podcasts, XDnet uses the inbuilt RSS feed which wordpress generates – http://xdnet.co.uk/blog/feed/ so you can subscribe and always stay up-to-date with the going on’s at XDnet.co.uk
The RSS feed, which is also called a “web feed,” or “channel,” contains a summary of the blog post or news and a link to the full page with the info and if avalible articles about the event/news. RSS makes it possible for you to keep up with the latest content from your favourite sites in a format which is easier than checking them manually.
How do I use it?
RSS content can be read using software called an “RSS reader”, “feed reader” or an “aggregator”. You can subscribe to our feed by entering the feed’s link into the reader or by clicking on the RSS icon (right) or the Orange RSS icon which appears in the top tabs bar. Which ever reader you use it will check our feed, once you have subscribed, regularly for new content, downloading any updates that it finds.
Using Internet Explorer for feeds
You can use Internet Explorer 7 to read and manage your RSS feeds and keep you updated. Click to find out how!
Make sure you can concentrate, try to get rid of distracting things such a MSN, email and RSS while you work. Interestingly enough, I recently monitored the ratio of work applications to other applications, my results were about 1:5 which was shocking!
This varies from person to person, but music and podcasts can be a distraction. Avoid anything which could need extra attention (such as news programs or music which has lots of lyrics).
Avoid taking regular coffee and toilet breaks. It can be difficult to keep your trail of thought if you keep needing to go off and do something.
Make sure you have had enough to eat and drink before you work. Like scientists always say “If you miss breakfast, it’s hard to concentrate”. If you really want to go crazy, have some small nibbles near by to keep you full up.
Know what your doing! If you are unsure of what you need to do, you could end up just making a pile of crap. So when you start, make notes of what you need to do, so you know what you have done and what is still to be done.
So you have got your self one of our streaming packages, now how do you make this avalible to users?
Embedding your stream into a web page, or creating an online player is a very good idea. During this example i will be using one of our clients, Swindon 105.5′s online player as an example.
So firstly, its always good to give your users choice as to the player, and there for the plug-in they use to listen to your stream. It is important to remember that just because you prefer using Windows Media Player for example that everyone will have that plug-in installed for their chosen browser, there are many players so give them a choice, on Swindon 105.5′s online player when you first open the player you are given the choice of Windows Media Player or Quick-Time this option is then saved in a cookie. Which then makes further user experience much better, as repeat users (which for online radio and broadcasting in general is important) can just click and listen to your station, how they want to.
Now we get to the actual player, but of course with the web we can be much more interactive with the user, and you as a webmaster, and/or a radio station can provide information about what they are listening to, who’s on air and whats next.
As you can see on the right this is the player window, and this webmaster as kept things simple, as they should be. However some radio stations have their players clogged up with all sorts of rubbish and unrelated information where as this is clean, and to the point.
We have an easy switch player link in the corner to change your player preference, there-fore giving the user more choice.
Also we have information about the current program on air, “The Big Weekender”, we can see the show title and the presenters, which helps listeners to know who and what they listen to and form a stronger bond with the presenters and your station.
Quick Plug: You have taken a little look at Swindon 105.5′s online player so take a look at their site and have a listen!
The code:
So far i have briefly looking at what a good player might include, so design aside we will look at the code you need to embed a player into your web-page for them to listen.
The above code will embed a Windows Media Player into your webpage, so lets break this down and little and look at the parts which make it up and control how it behaves.
Breaking it down.
So you may have noticed that much of the code seems to do the same job, we have the <object> tag and then we have the <embed> tag within that which seems to duplicate some of the variables. This is because FireFox and Internet Explorer can have problems understanding the code, Internet Explorer likes having the <object> tag where as FireFox (and other browsers) are happy with <embed> for this reason we include both.
codebase:
Codebase which is a attribute in object provides a URL where the exe or plugin can be downloaded, so if a user does not have Windows Media Player installed this can help them find and install the required plugin.
This is not a required attribute and can be left out if desired.
filename:
This is the location of the file (or stream) you wish to play. You can use the direct source of your stream, which will be something like myradio.com:8000, however many users may wish to use playlist files instead, we will explain more about these and how you can use and build these later.
autostart:
This dictates if the stream/file should automatically play on loading or if the user should click play first.
Generally sounds should not be automatically played on websites as it can be offensive and annouying to users, however because in this context we know the user wants to listen to your stream (after all they have opened your player) it would be advised to set auto start to true.
showcontrols:
This option controls if the controls, the buttons like volume, play, stop etc should be shown to the user.
However note that in most modern browser this (along with many other attriubutes) may be ignored and not take effect.
As i mentioned because of browser differences it is important to try and make the code understandable to all browsers.
Attributes should be included in different ways, within <param> tags:
The code for a quick-time player is almost identical to Windows Media Player with small differences most of the parameters/attributes are the same, however obviously there is a difference codebase:
You should now be equip with the basic code you need to get your stream on you website or online player, we can go into further detail, but that’s another article.
And of course, we are always happy to help with programming and code writing for our customers, just get in contact for more information.
Domains are a pain to pick, it always seems that the good ones are taken. However here are some great tips I have for creating a domain that is right for you.
Be creative
Keep it relevant
.com it!
Be Creative
Coming up with a domain is hard work, but you don’t need to limit yourself to obvious words. Google.com is (believe it or not) a typo, it was going to be registered as Googol. Try and avoid common domains words (such as design, games and free) as this could lead to greater composition in your rankings.
Keep it relevant
If you website is about web hosting, make sure you have something about hosting in the name. Don’t what ever you do call it something completely irrelevant such as newtech or easypeazy, as this could making initial rankings hard to come by.
.com it!
If you have ever saw an average user at work they never seems to notice that you can have different extensions to a domain. In fact I was once telling something about a website (which ending in the .co.uk tld) and when they went to type it in they put sitename.co.uk.com. It could be that I work with tech-tards alot, but it’s safe to assume that if you can’t get your domain as a .com, it’s not worth the time.
And don’t forget, you can easily register your domain (in a large variety of different tlds) with XDnet so you can easily manage it within our client panel.
I’m sure we have all been on this topic, where you need help and a forums seems the best place to ask. Here are some tips to make sure you get a good response.
Check your spelling – The amount of times I’ve read a post on a forums and the poster has abbreviated/misspelled so many words that I just think “screw this guy, he clearly does not care” is insane.
Check you make sense - It could just be the forums I visit, it I seems to read lots of posts in which the poster has written a load a nonsense which I cannot be bothered to read.
Use examples (and if possible include them in your post) – Again, another little pet hate of mine. I don’t want to have to guess the problem with your website. I want to see the code your using and find the bug (and not have to leave the page). If possible use relevant forums tags (For example, if your posting PHP, use the [php] tag supplied).
On a sub note to this, if their is a PHP error, include it in your post and point out the line where the problem is. Just saying “I’m getting some problem, here is my code” will most likely result in a verbal backlash (from someone like me).
Search! - Make sure you have search the forums with a fine tooth comb before you post (and make an idiot out of yourself). If a similar problem has been asked and fixed then your just wasting peoples time.
On another sub note, make sure you have read the manual. If something has been well documented their is likely to be a solution hanging about.
Be thankful - Just saying “thank you for your help” at the end of a post goes a long way. Need I say more?
Be Helpful -If you do find the answer else where, be helpful, make sure you go back and explain how you solved the problem, this is helpful to the users who tried to help you and also helps to improve the forum as when people search for that problem they can then find your solution.
Keep it clean – No one wants to have to read though a load of unnecessary text, keep to the point but still make sure you explain yourself. Also don’t put lots of unnecessary adjustments to the font.
(Finally) Be pactient – Don’t expect a response less then 5 minutes, just wait about for a few hours. What I normally do is I take a break from looking at the PC then take a look at the code with a fresh head (normally I find the problem).
If you anything like me, picking keywords for your website is a big hassle, especially if you run a dynamic website. You might start thinking “Search engines don’t really care why should I?”…Don’t! The moment you think this, your website will crash and burn. Even though the keyword Meta tag is redundant you do need optimise a page for certain words.
Let me explain, Say you page has the following text:
PHP is a scripting language used for making fun websites. It was made in 1995 by Rasmus Lerdorf and currently it is very popular with people new to programming website. I like it as it is easy to make cool websites.
This text is fulgy to read and to spider. But we can clearly see how we can fix it up, it should be optimised for the the main keyword “PHP”. The first thing we should do for this piece of text is change all the “it’s” to our keywords and add a nice little definition.
PHP stands for Hypertext pre-processor and is a popular scripting language used for making fun websites. PHP was made in 1995 by Rasmus Lerdorf and currently PHP is very popular with people new to programming website. I like it as PHP is easy to make cool websites.
As you can see the keyword PHP has gone up from 1 reference to 4, which should improve its ranking. However we could improve the text a lot more, I have used lots of simple words which make for dull reading and poorer optimisation. Let me try again
PHP (Hypertext pre-processor) is a popular scripting language used for making dynamic websites. PHP was created in 1995 by Rasmus Lerdorf to help maintain his website. Currently PHP is very popular with freelance web developers and large technologies companies. PHP is very easy programming language to learn, as it is very well documented and their are many tutorials on programming with PHP on the net. Current PHP is the most popular programming language for making a dynamic website.
As you can see, I’ve increased the amount of times the keyword “PHP” appears, put in words such as “dynamic”, “website” and “programming”. This should help search engines realise the page this text would be on should have something to do with programming dynamic websites with PHP.
Getting statistics about your site is always useful and interesting for every type of site, be it personal or an e-commerce money making machine knowing who, how, what, when and even why your visitors decided to take a look at your site. For e-commerce this can be vital and for personal/non-commerce sites its just interesting!
So today we are going to take a look at Google Analytics this is probably the best service for providing easy to read information about how your site is doing, like with Awstats and Webalizer which is provided with XDnet’s cPanel accounts, watch this space for articles about how you can use these to take a look at your site stats soon.
What browser are your visitors using?
Check out exactly how many visitors have been looking at your site.
How fast is visitors connections?
Look at how people navigate through your site and where they exit.
How do people find your site? What keywords are they using to get to your site?
These important facts about your site can help you make informed decisions about the direction of your website, find problems users face and fix them – notice users aren’t finding that page you want? which pages make users leave? whats wrong with it? All these questions and more can be answered with the information gathered after just a few months of using analytics tools.
Log Files…
For basic web statistics, you can download your site’s log files. Access is included with all our packages. Log files are simple, they take a note of all page accesses, but the downside is they are not user friendly. There are software available to make them into a more friendly format, but why bother when there are tools which are easy to understand and more importantly use “out of the box”.
Using Google Analytics
Google Analytics is a great tool, and one of the many great sites which we have and will look into on XDnet, which really can help make your site great.
Small catch, unlike with Awstats and Webalizer which comes with XDnet’s hosting, you will have to do a little more than just activate it in cPanel, you have to add a code snippet to the bottom of every page on your website… which can be a long and tedious process, especially if your site is not template based.
Many people simply do not have the time (or patience) to do this, especially if they are not code litterate, and can end up paying a lot of money for this to be done. However XDnet offers this service for a fraction of the price - Just open a Technical ticket.
Map Overlay:
Now this could be one of the most helpful and interesting features that comes with Google Analytics, and appears to have incredible accuracy most likely because Google is a multi-billion dollar company which can afford the very best Geo-location databases I am sure.
With this tool you can see exactly where visitors come from instantly, but of course that’s not all, you can get even deeper and get close up views of what town or city your users are from, and of course like with colour coding you can easily see which cities have the most visitors, to the right is another screenshot of a website i run. London obviously has is the most visitors which will probably be the case with most sites simply because London is a very big city, but second is Swindon (home of XDnet) and also where the sites organisation is based.
Of course you can break this down even further and take a look at how many visitors you get per day for an individual city and much more.
How users view your site:
You can also check out how your users are viewing your site, find out what browsers they are using, what screen resolution, what colours and so much more.
Google Analytics takes everything you can possibly know about your visitors and makes it into an easy to read, easy to understand and most importantly useful format.
With useful information like user connection speeds, if you find 99% of your visitors are on dial-up, maybe you should think about streamlining your site to be more low-band friendly? And vica versa, as much more likely in today’s market you find all you users are on Broadband (or higher) then maybe you can start thinking more about quality, use a slightly high resolution of images – your users are unlikely to notice a great difference so long as they have a fast Internet connection, but they will notice shiny new images where pixelated pictures used to be, however don’t forget to use caution everyone wants fast websites, and only sites with good, interesting and useful content are worth the wait of loading images.
I feel like I am starting to repeat myself a little so all i can say is, check it out, give it a try!
A few years ago I used to own a website which was forever having it’s email spoofed. How ever I only found out about the problem after someone emailed me complaining. Naturally I rushed to find a solution to the problem. Below is the solution I found:
SPF (Sender Policy Framework)
Essentially this is an insanely technologically confusing method, but to put it simply…Only the server you specify can send email from your domains. It’s useful when it comes to the bigger mail services out their as they like to confirm that the email’s source is correct.
If you are using cPanel you can enable SPF by going to the “Email Authentication” page and clicking enable.
Receiving spam is always a pain. But here is quite a nice way to authenticate an email has come from where it says it has. This fantastic solution is called DomainKeys (and is this fantastic feature is available with XDnet)!
DomainKeys can be enabled in cPanel in the “Email Authentication” page.
Client Login
Contact Us
System Status
Blog
Affiliates
Knowledge Base
Twitter
Facebook
Google+
Blog
