Creating RSS Feed [Beganing]

RSS Feed is one of the best thing in modern web world. But most of the time we are not able to create our own RSS Feed. But can you imagine its simply easy when you know how to write them. Here is a beganing example to write a RSS Feed:

<?php

header( ‘Content-type: text/xml’);

?>

<rss version=”2.0″>
<channel>
<title> WordPress </title>
<description> This is a test site for WordPress </description>
<link> phpprogrammerofbangladesh.wordpress.com </link>

<?php

mysql_connect( ‘localhost’, ‘root’, ” ) or die( mysql_error() );
mysql_select_db( ‘wordpress’) or die( mysql_error() );

$sql_query = “select ID, post_date, post_title, post_content from wp_posts ORDER BY post_date DESC LIMIT 0,5”;

$result     = mysql_query( $sql_query );
while( $row = mysql_fetch_row( $result ) )
{
?>
<item>
<title>       <?=htmlentities(strip_tags($row[2]));?>             </title>
<description> <?=htmlentities( strip_tags($row[3]) );?>           </description>
<link> http://localhost/wordpress/index.php?post_id=&lt;?=$row[0];?> </link>
<pubDate>     <?=$row[1];?>                                       </pubDate>
</item>
<?php
}
?>
</channel>
</rss>

You can have more details about RSS Feed Creation from the following links

• http://www.tiffanybbrown.com/2005/12/22/dynamic-rss-feeds-using-php-mysql-and-apache
• http://www.owalog.com/blog.php?myess1=47
• http://www.tutorialized.com/view/tutorial/Creating-Dynamic-RSS-Feeds-with-PHP-and-MySQL/15948
• http://www.devshed.com/c/a/MySQL/Creating-an-RSS-Reader-the-Reader/

Regular Expression Example

Here i am providing some useful regular Expression which are acceptable by most of the web developers. I have found them in web.

Email Address validation

Expression: ^.+@[^\.].*\.[a-z]{2,}$

Description:

Most email validation regexps are outdated and ignore the fact that domain names can contain any foreign character these days, as well as the fact that anything before @ is acceptable. The only roman alphabet restriction is in the TLD, which for a long time has been more than 2 or 3 chars (.museum, .aero, .info). The only dot restriction is that . cannot be placed directly after @. This pattern captures any valid, reallife email adress.

Date and Time

Expression: ^\d{1,2}\/\d{1,2}\/\d{4}$

Description:

This regular expressions matches dates of the form XX/XX/YYYY where XX can be 1 or 2 digits long and YYYY is always 4 digits long.

You can have more information about RegX in the following site: http://regexlib.com/DisplayPatterns.aspx?cattabindex=1&categoryId=2

My Time with RBS

Last Friday i have the opportunity to visit one of the on growing Outsourcing firm called RBS(Right Brain Solution). There i meet with Mr. Emran Hasan,who is probably the CEO of the firm. They have a strong dream to come up to the front. We have discuss for while and i am able to know about their plan to upgrade firm. The people in RBS are really technically sound and they have a strong command over latest technologies.

I am very much pleased to visit such a firm and i wish my all the best to RBS.

Apache 2 with SSL/TLS-Step by Step

 Secure Sockets Layer (SSL) is the most widely known protocol that offers privacy and good reliability for client-server communication over the Internet. SSL itself is conceptually quite simple: it negotiates the cryptography algorithms and keys between two sides of a communication, and establishes an encrypted tunnel through which other protocols (like HTTP) can be transported. Optionally, SSL can also authenticate both sides of communication through the use of certificates.

Details configuration is attached. How will have a clear information about how to configure all this.

Attached document:  apache-2-with-ssl.doc

Ref: http://www.securityfocus.com

SECURING PHP & APACHE

Few weeks ago i realized the importance of securing php and apache. But that time i know very little about security issue of php & apache. then i am jumped to google to know about this. then i found several things and i found something very interesting, but very important. here is some brief… and details will be found in the attached document.

PHP related Security assumptions

In case of security assumptions, the following have been added:

• The PHP configuration should take advantage of built-in security mechanisms
• PHP scripts must be executed in a chrooted environment
• The Apache server must reject all requests (GET and POST), which contain HTML tags (possible Cross-Site-Scripting attack) or apostrophe/quotation marks (possible SQL Injection attack)
• No PHP warning or error messages should be shown to the web application’s regular users

It should be possible to store incoming GET and POST requests into a text file which will make it possible to use additional, host-based intruder detection system (HIDS), e.g. swatch.

Apache Security Assumptions

One of the most important elements of every computer project is the specification of security assumptions. This must be fulfilled before the project is implemented. The security assumptions for our Web server are as follows:

• The operating system must be hardened as much as possible, both against local and remote attacks;
• The server must not offer any network services except HTTP: (80/TCP);
• Remote access to the server must be controlled by a firewall, which should block all outbound connections, and allow inbound connections only to the 80/TCP port of the Web server;
• The Apache Web server must be the only service available on the system;
• Only absolutely necessary Apache modules should be enabled;
• Any diagnostic Web pages and automatic directory indexing service must be turned off;
• The server should disclose the least amount of information about itself (security by obscurity);
• The Apache server must run under a unique UID/GID, not used by any other system process;
• Apache’s processes must have limited access to the file systems (chrooting); and,
• No shell programs can be present in the Apache’s chrooted environment (/bin/sh, /bin/csh etc.).

Attached File: SECURING PHP & APACHERef: http://www.securityfocus.com