SQL injection happens when user provided input through forms or query string is directly used in a SQL query without any sanitation done to it. For example a badly coded login script would allow an attacker to login without knowing the username/password or login with full rights of admin users. Though this can happen to any web page developed in any language, this issue seems to be affected more PHP pages than .NET applications. Perhaps simplicity of PHP programming and inexperience coders are reasons for this. In any case, keeping following poins in mind while developing PHP sites should help avoid mistakes which can be prevented easily.

More...

If you like to use smarty for designing your views while developing codeigniter applications, just read on. Smarty is a powerful templating engine for php. Its template language is simple yet powerful. By default, codeigniter doesn't use any templating system. Instead it relies on plain old php for designing views. Integrating smarty into codeigniter is rather simple. First, download the latest smarty version and copy the libs folder into /system/application/libraries/.

Now create a new file “View.php” inside the /system/application/libraries folder. Note: the case of the filename is important it must be “View.php”. Now put the following code inside the View.php file.

More...

The System.Reflection.Emit namespace provides us the tools required to generate .NET code on the fly. Especially the DynamicMethod class makes the job of creating small code snippet easier. In this post I’ll show a simple example of dynamically creating a method which takes a string as its argument and returns a string “hi “prepended to it. First, we will create the DynamicMethod object specifying the argument list and the return

More...

If we have an object of a type, we can easily check if that object implements a particular type by using is operator.

if(o is IExample)

Console.WriteLine("Yes");

Here the If statement will evaluate to true if the object o implements the interface IExample or the object is a derived object of IExample.

However, we cannot use is operator if all we got is a type and we want to find whether that type implements a particular interface.

Type.IsAssignableFrom()

The System.Type class has an IsAssignableFrom() method which does exactly what we want. The IsAssignableFrom() method takes a type as its argument and returns true if the object of the provided type can be assigned to a variable of the current type. See the following example:

interface IExample

{

 void Do();

}

class Example : IExample

{

    #region IExample Members

    public void Do()

    {

        throw new Exception("The method or operation is not implemented.");

    }

    #endregion

}

Here we are declaring an interface IExample and a class Example which implements the IExample interface. Now let us see how we can check that the type Example implements IExample interface.

if(typeof(IExample).IsAssignableFrom(typeof(Example)))

Console.WriteLine("Yes");

This will output “yes” to the console as the interface IExample is implemented by class Example class. For more information on Type.IsAssignableFrom() method, visit this MSDN page.

Happy coding!

What is PHP?

PHP is a high level scripting language particularly used in developing websites. PHP is very powerful and easy to learn. PHP is platform independent that is, PHP can run on either Linux or Windows and many other OS. Unlike C or C++, PHP is an interpreted language that is, the PHP code we write doesn’t get converted into machine code. Instead the PHP reads and executes the source code when we run the script. For more information about PHP and its history, visit http://en.wikipedia.org/wiki/PHP

More...