File uploaded code-with-validation-PHP

 PHP File uploaded code-with-IMAGE EXTENSION Validation

<?php
 session_start();
 include "include/connection.php";
 include "include/functions.php";
 $userId=$_SESSION['userId'];
 if(!isset($_SESSION['userId'])){
  header("Location:index.php");    
 }
 $prof_type=@$_REQUEST['tp'];
 $msg='';

 if(isset($_POST['subProfileImage']))
 {
  $extArray=array("jpg","jpeg","png","gif");    
  $profImageName=$_FILES['profImage']['name'];
  $fileSize=$_FILES['profImage']['size'];
  $ext =strtolower(pathinfo($profImageName, PATHINFO_EXTENSION));
 
  if($profImageName=='')
  {
      $msg='Please select an image';
  }
  else if(!in_array($ext,$extArray))
  {
     $msg="Please select 'jpg','jpeg','png','gif' type image extension";
  }
  else if($fileSize > 13072400)
  {
    //$msg='Please select image size lessthan 300kb';
  }
  else{
    $imageName=time().$_FILES['profImage']['name'];
    if(move_uploaded_file($_FILES['profImage']['tmp_name'],"upload/prof_photo/".$imageName))
    {
      $oldImgLink=getProfImageLink($userId);  
      $sql="update `user_profile` set `imageLink`='$imageName' where `userId`='$userId'";
      mysql_query($sql);
      @unlink("upload/prof_photo/".$oldImgLink);
    }    
  }    
 }

 $sql_prof="select * from `user_profile` where `userId`='$userId' ";
 $res_prof=mysql_query($sql_prof);
 $r_prof=mysql_fetch_array($res_prof);


 ?>

HTML   form

 <form name="profImageForm" id="profImageForm" action="" method="post" enctype="multipart/form-data">
<h3 id="myModalLabel">Change Profile Pictute</h3>
</div>
<div class="modal-body">
<p>
 <input class="btn btn-primary" type="file" name="profImage" placeholder="Browse for File">
</p>
</div>
<div class="modal-footer">
<input type="hidden" name="tab" id="tabProfileType"  value="<?php echo $prof_type;  ?>" />
<input type="hidden" name="subProfileImage" id="subProfileImage" value="subProfile" />
<button class="btn btn-primary" onClick="return profImageSubmit()">Save changes</button>
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</form>
</div>
</div>
     <div class="span7">
       <div id="personalDetails" style="display:<?php echo $t = ($prof_type=="") ? "none" : "none" ; ?>;" >
         <form class="form-horizontal" name="profileForm" id="profileForm" action="#" method="post">
          <!-- <input type="hidden" name="persionalStatus" id="persionalStatus" value="<?php //echo $r_prof['status'];  ?>" >-->
           <legend>Your Contact Information</legend>
           <div class="control-group">
             <label class="control-label" for="inputEmail">First Name</label>
             <div class="controls">
               <input type="text" name="fname" id="p_fname" value="<?php echo $r_prof['firstName']; ?>" placeholder="Full Name">
             </div>
           </div>
           <div class="control-group">
             <label class="control-label" for="inputEmail">Last Name</label>
             <div class="controls">
               <input type="text" name="lname" id="p_lname" value="<?php echo $r_prof['lastName']; ?>"  placeholder="Last Name">
             </div>
           </div>
           <!--<div class="control-group">
             <label class="control-label" for="inputEmail">Nickname</label>
             <div class="controls">
               <input type="text" name="nickname" id="p_nname" value="<?php //echo $r_prof['nickName']; ?>"  placeholder="Nickname">
             </div>
           </div>-->
           <div class="controls">
             <div class="radio">
               <label>
                 <input type="radio" name="gender" id="p_gender" value="m" <?php if($r_prof['gender']=='m'){ echo 'checked'; }?> >
                 Male</label>
             </div>
             <div class="radio">
               <label>
                 <input type="radio" name="gender" id="p_gender" value="f"  <?php if($r_prof['gender']=='f'){ echo 'checked'; }?>>
                 Female</label>
             </div>
           </div>
           <p></p>
           <div class="control-group">
             <label class="control-label" for="inputEmail">Date of Birth</label>
             <div class="controls">
               <input type="text" name="dob" id="p_dob" value="<?php echo getRevDate($r_prof['dob']); ?>"  placeholder="DOB">
             </div>
           </div>
           <div class="control-group">
             <label class="control-label" for="inputEmail">Mobile No</label>
             <div class="controls">
               <input type="text" name="phoneNo" id="p_phoneNo" value="<?php echo $r_prof['phoneNo']; ?>"  placeholder="Mobile No">
             </div>
           </div>
           <div class="control-group">
             <label class="control-label" for="inputPassword">Capital City</label>
             <div class="controls">
               <select name="capital_city" id="p_capital_city" onChange="return getLocalityList()">
                 <option value="">Select capital city</option>
                  <?php echo getCapitalCityList($r_prof['capital_city']);  ?>
                </select>
             </div>
           </div>
           <div class="control-group">
             <label class="control-label" for="inputPassword">Locality</label>
             <div class="controls">
               <select name="locality" id="p_locality">
                <option value="">Select locality</option>
                  <?php  echo getLocalityList($r_prof['capital_city'],$r_prof['locality']);  ?>
                </select>
             </div>
           </div>
           <div class="btn-group" >
             <input type="hidden" name="updateProf" id="updateProf" value="updateProf" />
             <button type="submit" class="btn btn-primary" id="" onClick="return submitProfile()">Submit</button>
             <button type="reset" class="btn">Reset</button>
             <!--<button type="reset" class="btn">Cancel</button>-->
           </div>
         </form>

Read More

php include file-dem-code

PHP include file-dem-code

<?php
include "include/connection.php";
 include "include/functions.php";

?>


----------------------------->
<?php
 session_start();

/* if(@$_REQUEST['userId']!='')
 {
 $_SESSION['showUserId'] = $_REQUEST['userId'];   
 header("Location:showUserProfile.php");   
 }*/
 if(@$_SESSION['userId']=='')
 {
 header("Location:index.php");   
 }
 include "include/connection.php";
 include "include/functions.php";
 $msg='';
// $userId=$_SESSION['showUserId'];
 $userId=$_SESSION['userId'];
 $sql_prof="select * from `user_profile` where `userId`='$userId' ";
 $res_prof=mysql_query($sql_prof);
 $count=mysql_num_rows($res_prof);
 $r_prof=mysql_fetch_array($res_prof);

 if($count < 1){
  header("Location:index.php");   
 }

 ?>

Read More

simple contactus page-php-code-demo

 Simple contactus page-php-code-demo 

 with javascript validation

<?php
 session_start();
 include "include/connection.php";
 include "include/functions.php";
 include "include/header.php";
//$r=getCMSPageContent(8);
 $current_date=date('Y-m-d');
 $msg='';

 if(isset($_POST['submit_contact']))
 {
  $fname=trim($_POST['fname']);
  $lname=trim($_POST['lname']);
  $email=trim($_POST['email']);
  $contact_no=trim($_POST['contact_no']);
  $address=addslashes(trim($_POST['address']));
  $ip_add=$_SERVER["REMOTE_ADDR"];
 
  $sql="insert into `sp_contactus` set `fname`='$fname',
                                          `lname`='$lname',
                                          `email`='$email',
                                          `contact_no`='$contact_no',
                                          `address`='$address',
                                          `ip_add`='$ip_add',
                                          `creation_date`='$current_date'
                                          ";
   
    $res=mysql_query($sql);
    if($res)
    {
      $msg="Your contact details are recive ..";   
    }
 }

 ?>

<div class="container">
<div class="row" style="margin-top:30px;">
<div class="span6">
<div class="thumbnail" style="padding:30px;">
      <h4>We are Located at :-</h4>
      <p style="text-align:justify;">
          <address>
    <strong>TestTeam</strong><br>
            PO Box 654, Westmead,<br>
            NSW, 26545<br>
            Australia<br>
           
    </address>
    
    <address>
    <strong>Email us at</strong><br>
    <a href="mailto:#">info@test.com</a>
    </address>
      </p>
</div>
</div>
<div class="span6">
<p>

    <form class="form-horizontal" name="contact" id="contact" action="" method="post">
    <legend>Contact Us</legend>
    <div class="control-group">
    <label class="control-label" for="inputEmail">First Name</label>
    <div class="controls">
    <input type="text" name="fname" id="fname"  placeholder="First Name">
    </div>
    </div>
    <div class="control-group">
    <label class="control-label" for="inputEmail">Last Name</label>
    <div class="controls">
    <input type="text" name="lname" id="lname" placeholder="Last Name">
    </div>
    </div>
    <div class="control-group">
    <label class="control-label" for="inputPassword">Email Id</label>
    <div class="controls">
    <input type="email" name="email" id="email" placeholder="Email Id">
    </div>
    </div>
    <div class="control-group">
    <label class="control-label" for="inputPassword">Contact No</label>
    <div class="controls">
    <input type="text" name="contact_no" id="contact_no" placeholder="Contact No">
    </div>
    </div>
    <div class="control-group">
    <label class="control-label" for="inputPassword">Address</label>
    <div class="controls">
    <textarea name="address" id="address" rows="5"></textarea>
    </div>
    </div>
    <div class="control-group">
    <div class="controls">
    <input type="hidden" name="submit_contact" value="submit_contact" >
    <button type="button" class="btn btn-primary" onClick="return submit_contact_us()">Send</button>
    </div>
    </div>
    </form>
</p>
    </div>
</div>
<?php include("include/footer.php");?>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>

<script language="javascript">
function submit_contact_us()
{
 var fname=$("#fname").val();
 var lname=$("#lname").val();
 var email=$("#email").val();
 var contact_no=$("#contact_no").val();
 var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
 
 if(fname=='')
 {
   alert('Please enter first name');   
   $("#fname").focus();
   return false;
 }
 else if(lname=='')
 {
   alert('Please enter last name');   
   $("#lname").focus();
   return false;
 }
 else if(email=='')
 {
   alert('Please enter your email');   
   $("#email").focus();
   return false;
 }
 else if(!filter.test(email))
 {
   alert('Please provide a valid email address');   
   $("#email").focus();
   return false;   
 }
 else if(contact_no=='')
 {
   alert('Please enter your contact no');   
   $("#contact_no").focus();
   return false;
 }
 else if(isNaN(contact_no))
 {
   alert('Contact no should be numeric');   
   $("#contact_no").focus();
   return false;
 }else {
  document.contact.submit();
 }
}


<?php if($msg!=''){ ?>
 alert("<?php echo $msg; ?>");   
<?php } ?>

</script>

Read More

mysql_fetch_array-code-demo

 Example-1

 mysql_fetch_array  code demo

<?php
//error_reporting(0);
 session_start();
 include "include/connection.php";
 include "include/functions.php";

 if(@$_REQUEST['act']=='confregis')
{
 $user_id=urldecode($_REQUEST['a']);
 $confirm_code=$_REQUEST['b'];
 $sql="select * from `users` where `id`='$user_id' and `confirm_code`='$confirm_code'";
 $res=mysql_query($sql);
 $count=mysql_num_rows($res);
 $r=mysql_fetch_array($res);

 if($count > 0)
 {
   
        $sql1="update `users` set `status`='1' where `id`='$user_id'";
        mysql_query($sql1);
       
        $sql2="select * from `users` where `id`='$user_id' and `status`='1'";
        $res2=mysql_query($sql2);
        $row2=mysql_fetch_array($res2);
        $_SESSION['userId']=$row2['id'];
        $_SESSION['UserName']=getUserNameByuserId($r['id']);
        //$_SESSION['adviser_email']=$row['email'];
        header('Location: Location:profile.php');
   
 }
}


header('Location: index.php');
 ?>

Example-2

<?php
echo  $sql="select * from `user_profile` up,`user_freelance` uf,list_industry ind,list_functional_area fa
                                    where up.userId=uf.userId
                                    and uf.industryName=ind.id
                                    and uf.functionalArea=fa.id
                                    and (ind.`industryName` like '%$attrName%' or fa.functionalArea = '%$attrName%')
                                    and up.`status`='1'
                                    and uf.`status`='1' ";

  $sql="select * from `user_profile` up,`user_freelance` uf,list_industry ind,list_functional_area fa
                                    where up.userId=uf.userId
                                    and uf.industryName=ind.id
                                    and uf.functionalArea=fa.id
                                    and (ind.`industryName` like '%$attrName%' or fa.`functionalArea` like '%$attrName%')
                                    and up.`status`='1'
                                    and uf.`status`='1' ";

$res= mysql_query($sql);
$count=mysql_num_rows($res);
while($r=mysql_fetch_array($res)){

?>

Read More

Most poisonous snakes

Most poisonous snakes

Read More

Advanced SQL

Many of the features shown in this chapter are specific to MySQL's
 version of SQL. For example, MySQL's functions are useful tools for
 working with strings, dates and times, and math. Also, we'll show some
 ways to tune MySQL in order to improve application performance.

It's important to know how to choose and design indexes for fast querying,
 and how to use MySQL's query cache for fast results.


Exploring your database, tables, indexes, and performance with SHOW

More on SELECT queries, including advanced join types, aliases, nested queries,
 user variables, and the limitations of MySQL.

More on manipulating data and databases, including finding out about tables
 and databases, creating tables with queries, altering tables, more on the
 UPDATE and DELETE statements, and bulk loading and exporting data.

Functions and operators in SQL and MySQL

Automatically running queries

MyISAM, InnoDB, and Heap table types

Backup and recovery, and transferring data between database servers

Managing database server users and privileges, and creating users for web
 database applications.

Basic tuning of MySQL, including index design, using the query cache,
 and, miscellaneous tips for speed.



The SHOW command is useful for exploring the details of databases, tables,
 indexes, and MySQL. It's a handy tool when you're writing new queries,
modifying database structure, creating reports, or understanding how your
MySQL server is performing. The SHOW command isn't part of the SQL
standard and is MySQL-specific. It can be used in several ways:




SHOW DATABASES

Lists the databases that are accessible by the MySQL server. You will only
 see those databases that you have access to, unless you have the
SHOW DATABASES privilege;
privileges and user rights are discussed later in this chapter.




SHOW TABLES

Shows the tables in the database, after a database has been
 selected with the use command.




SHOW TABLE STATUS

Provides information about all tables in the current database,
 including the table type, number of rows, how the rows are stored,
 average row length, size of the datafile, next auto_increment value if applicable,
 creation time, last modification time, and any extra options
 used with CREATE TABLE.




SHOW CREATE TABLE tablename

Shows the CREATE TABLE statement that was used to create the table tablename.
The output always includes any additional information automatically added or
changed by MySQL during the creation process, such as the table type and
character set used.




SHOW OPEN TABLES

Shows which tables the server currently has open and which tables are locked.




SHOW COLUMNS FROM tablename

Shows the attributes, types of attributes, key information, whether NULL
is permitted, defaults, and other information for a table tablename.
The alias DESCRIBE table produces the same output.




SHOW INDEX FROM tablename

Presents the details of all indexes on the table tablename, including the
 PRIMARY KEY. It shows amongst other information what the attributes are
that form each index, whether values in the index uniquely identify rows,
 how many different values there are in the index the cardinality,
 and the index data structure used usually a B-tree.




SHOW PRIVILEGES

Lists the access privileges that can be given or denied to users of the
 version of MySQL server that you've installed.




SHOW PROCESSLIST

Lists the current MySQL processes or threads that are running,
and what query they're carrying out on which database.




SHOW STATUS

Reports details of the MySQL server performance and statistics.
 Selected statistics .




SHOW TABLE TYPES

Lists the possible table types that are available in the version
 of the MySQL server that you have installed, and notes alongside
 each whether you have compiled-in support for that table type.





SHOW VARIABLES

Reports the values of most MySQL system variables.



SHOW WARNING and SHOW ERRORS
Reports warnings or errors from the last command or statement
 that was run on a table

Read More

Madhuri Dixit-the eyes

Read More

How to promote my website

Create RSS feeds. Try registering with Feedburner
Publish free newsletters.Recruit site visitors to your
 free benefit-packed newsletter and you are building an
 emailing list. Use your newsletter to promote your
 content.Post on your site/blog.You’re doing that anyway,
 of course. But it’s amazing what people forget if it’s
not on a checklist.

Submit content to generic social siteseg,
 Twitter, LinkedIn, Facebook, StumbleUpon, Digg and now
Google +,social-bookmarking.


Submit to your specialist social networking sites
Use your specialist contactsby email, direct tweets
 and even telephone.


If your content is good and your network strong then
you will get links from your immediate contacts.

Then their readers and others will find your site,
 visit and perhaps link to it.


Check visits, Google ranks for target keywords, response
 rates and numbers for different metrics including goals
like email recruitment, sales numbers and revenue.

Check whatever measures you’ve got. If you don’t have
Goals or Ecommerce configured then use bounce rate,
average time on site and pages per visit.

Check seasonal demand and trends in your target niches
 with Google Insights.

Long tail content absolutely must still be high quality
 but its job for SEO is to target many thousands of your
 target keyword niches long tail keywords.

SEO never stops because your competition never stops.
Continue on the SEO Circle of Response.

Look for the latest most-responsive short term target
keyword niches. Chase short term target keyword niches
for fast results, maximum response rates, and quick profits.

Invest in your long term target keyword niches with quality
 content, link building, promotion and brand building.

To build quality links:
• Good content
• An understanding of your online community
• To know how to get external sites to link to yours
You can do this, no matter what level of experience you have.

You’ll soon be getting quality inbound links if you approach
 the job systematically and give it sufficient time.


Add Antivirus software: A computer program that scans a computer’s memory and mass storage to identify, isolate, and eliminate viruses, and that examines incoming files for viruses as the computer receives them. 
keep antivirus on pc

Read More

SEO-Blocking Spiders

 SEO-Blocking Spiders

google let webmasters block unwanted links in  you can
 literally block any visitor including search engines
and secure the data or information you have on your
website by the help of htaccess deny from all.

Block spiders from part of a page - webproworld if
for no other reason than this, it is worth setting up
 a robots.txt file to control search engine spiders
 blocking specific robots seo articles rss feed.

Let the spiders in to increase your seo visibility -
youtube trending news about spiders bots search engine
watch is the authoritative guide to search engine marketing -sem
 and search engine optimization.


Blocking robots txt from being indexed using robots txt
 to block spiders from dynamic pages.

Black hat search engine optimization is customarily defined
 as the practice of using unethical techniques to make your
 search rankings go up find out how to spot it.

web analytics  black hat search engine optimization is
customarily defined as the practice of using unethical
 techniques to make your search rankings go up find
 how to spot it.

a search engine spider practical the great thing about
 using the screaming frog seo spider is that within a
couple of collect information for use in blocking
specific urls and folders from.


How to block bad bots - how to protect web page content
 series search results. Seo ranking factors - search engine
 ranking factors robots.txt and search engine spiders -
seo a spider can be defined as which crawls over the web
 and fetches the webpages for search engines it can
virtually start.


robots.txt-Blocking spiders block and stop bots, crawlers and search
engine spiders from using your visitor statistics logs any
 online content is a subject for being indexed by search engines.

Read More

PHP-Session Security

Because a session may contain sensitive information,
 you need to treat the session as a possible security
 hole. Session security is necessary to create and
implement a session. If someone is listening in or
snooping on a network, it's possible that he can
intercept a session ID and use it to look like he
is someone else. It's also possible to access session
 data from the local filesystem on multiuser systems
 such as ISP hosting machines.

Session hijacking is when someone accesses either
 a client's cookie or session ID, and then attempts
to use this data. Session fixation is attempting to set
 your own session ID. Session fixation and hijacking
 are easy to combat. We'll make use of the super global
 variables for the client's IP address and browser
 type to keep things secure.


  <?php

session_start();
$user_check = md5($_SERVER['HTTP_USER_AGENT'] .
 $_SERVER['REMOTE_ADDR']);
if (empty($_SESSION['user_data'])) {
session_regenerate_id();
echo ("New session, saving user_check.");
$_SESSION['user_data'] = $user_check;
}
if (strcmp($_SESSION['user_data'], $user_check) !== 0) {
session_regenerate_id();
echo ("Warning, you must reenter your session.");
$_SESSION = array();
$_SESSION['user_data'] = $user_check;
}
else {
echo ("Connection verified!");
}

?>

When a browser first requests the page,a session is
 started. In that session, we stored the encoded
combination of the IP address and browser type.
That way, when the user returns to this page, we
can compare the value stored in the session versus
 a fresh computation of the IP address and browser
 type. If the two don't match, we potentially
have a hijacker, so we pick a new ID and clear
any saved data for that session. That way, the
hijacker cannot retrieve any of the private
 information stored in the session. This doesn't
cause a problem for legitimate users, because
they aren't going to change browser or IP
 addresses in the middle of a session with
your web site.


You know that trusting data from a user isn't a
 great idea. But what exactly do you consider
to be user data versus system data that you trust?



GET
Data from GET operations is inherently user
 data since it usually comes from form submissions.



POST
Data from POST operations is inherently
data since it usually comes from form submissions.



Cookies
Cookies may seem like they could be trusted
since they are automatically sent, but in reality,
 since they are stored on the client's computer,
they could be intentionally altered. Therefore,
 they're considered user data.



Session data
Session data can be trusted as long as the session
 value is set based on validated data. If it's set
 to a user-supplied value without validation,
 it's not trustworthy.

User input should be checked and escaped properly.
 Data that's bound for the database must have all
special characters such as single and double
 quotes escaped.

Read More