Check HTTP headers with cURL

September 8, 2019September 8, 2019 by Zilli

Open terminal:

curl -I https://www.apple.com

Removes old simulators Xcode

May 27, 2019April 6, 2019 by Zilli

This command via terminal removes old simulators Xcode no longer use:

$ xcrun simctl delete unavailable

How to move bootstrap carousel caption below images?

August 4, 2018August 4, 2018 by Zilli

.carousel-control.right
# view hero-carousel.bloc# https://forum.blocsapp.com/t/automatically-changing-background-of-a-page/1313/7
.hero-carousel { margin-bottom: -100px; }

I’ve just added the navigation bloc above fullscreen carousel, and used negative margin custom class to hide this nav bloc behind carousel.

WordPress auto update config

July 28, 2018May 20, 2017 by Zilli

1. disable FTP commands from config.php
2. add to config.php

// Update core
define( 'WP_AUTO_UPDATE_CORE', true );

optionally for Synology NAS

# reset chown for Synology user nobody
chown -R nobody:nobody /web/wordpress/dir

# reset files and folders chmod in /web/wordpress/dir
find . -type f -exec chmod 0644 {} \;
find . -type d -exec chmod 0755 {} \;

Xcrud layout – Search and Pagination to the top

January 17, 2017April 14, 2016 by Zilli

Edit this file:
xcrud/themes/your_theme/xcrud_list_view.php

Startup Design Framework – slide autoscrolling

January 17, 2017June 22, 2015 by Zilli

Startup Framework – How to implement Parallax

January 17, 2017June 22, 2015 by Zilli

PHP / SQL data protection – anti SQL-Injection function

January 17, 2017May 23, 2015 by Zilli

SQL Injection

SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input.
Injected SQL commands can alter SQL statement and compromise the security of a web application.

SQL Injection Based on 1=1 is Always True
Look at the example above, one more time.
Let’s say that the original purpose of the code was to create an SQL statement to select a user with a given user id.
If there is nothing to prevent a user from entering “wrong” input, the user can enter some “smart” input like this:

UserId:

How to protect

PHP functions

The function

//Blind SQL-INJECTION Escape sequence. Line codes anti SQL-Injection
function anti_injection($input){
$clean=strip_tags(addslashes(trim($input)));
$clean=str_replace('"','\"',$clean);
$clean=str_replace(';','\;',$clean);
$clean=str_replace('--','\--',$clean);
$clean=str_replace('+','\+',$clean);
$clean=str_replace('(','\(',$clean);
$clean=str_replace(')','\)',$clean);
$clean=str_replace('=','\=',$clean);
$clean=str_replace('>','\>',$clean);
$clean=str_replace('<','\<',$clean);
return $clean;
}

How to use

$id=$_GET['id'];
$id_clean=anti_injection($id);

Hide email headers in Postfix

January 17, 2017April 28, 2015 by Zilli

Write this code in /etc/postfix/header_checks

/^Received:/                    IGNORE
/^X-PHP-Originating-Script:/    IGNORE
/^X-Originating-IP:/            IGNORE
/^X-Mailer:/                    IGNORE
/^Mime-Version:/                IGNORE

Apache – mod_rewrite rules

September 8, 2019April 18, 2015 by Zilli

Examples to configure rewrite rules in .htaccess file:

http://example.com/page.php

RewriteEngine On
RewriteRule ^demo/?$ /page.php [L,NC]

—
Rewrite localization url with $_GET[‘lang’] variable
http://example.com/english

RewriteEngine On
RewriteRule ^(.*)/$ /$1 [R=permanent]
RewriteRule ^([a-z]{2})$ /index.php?lang=$1

—
Redirect 301
http://www.example.com/ to http://example.com/

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]