Since Alexa stopped offering their free thumbnail service last year a lot of thumbnail services are available now. Some of them offering limited free services and others only a paid premium version. On of the bigger and better services is Girafa, a thumbnail service with a free service and also premium services for users with more then 2000 image requests a month.

Read more...

These days I needed a script to backup only a part of a customers website using a CRON. Most of the control panels I know allow only a complete website backup and this is not what I needed. While plaaning the script, I thought about a solution for webmaster without full SSH access to their hosting account. A typical situation could be:

• A shared hosting account that allows only backups for the whole site incl. database, emails and other settings
• No administration rights via SSH
• A FTP host for the storage of the the backup files
• Support for cURL and a default PHP5 configuration (sorry no more code for PHP4).

Read more...

The ColdFusion tag CFDBInfo was introduced in ColdFusion 8. I finally got around to playing with it and thought someone other than me might find this useful. I was thinking of using it for creating a dynamic SQL dump for some of my projects I'm currently writting, and thought I should share it with the world.

There are a ton of uses for this excellent CF Tag, and I've included a few samples below.

Read more...

Just like its predecessor, SQL Server 2008 is taking its sweet time to actually ship.  However, unlike its predecessor, it won't just be a "worthwhile upgrade".  It will kick ass. I've already downloaded the SQL SErver 2008 RC0, and it will indeed kicked ass.

Here are the top 10 reasons why.

Read more...

Well, it's been a week since my wife and I landed in Tennesee. It's quite a culture shock especially considering we're of the metropolitian types and we're smack dab in the buckle of the bible belt.

Life here is substantially simpler, and the People are very, very friendly (Trust me, my wife and I have been adapting to the change of people waving and saying hello...). The Town we're in, Church Hill is located in South East Tennessee, in a region locally called as the Tri-Citites (nustled Between Kingsport, Bristol and Johnson City).

Read more...

>How to have both WAMP and IIS web servers running in the same server together.

Read more...

Well for anyone following the progression of our move to Tennesee, here's some GREAT news.

Let me actually start with the good stuff:
- We have the hitch installed on our truck so we can pull a trailer.
- We have new tires so moving up north (with ice/snow) won't be an issue.
- We've shaved our out-of-round rotor so breaking distances are proper again.
- Ourr truck's AC works just fine, we didn't blow the A/C compressor like we initially thought...

So that's all the good news. Now onto the rest of the story ::

Read more...

Guess what, Using CFPARAM in your ColdFusion code, may not always save you from SQL Injection.

"How?", you may ask. Let me give you an example of an SQL injection attack that's not caught by cfqueryparam.

SQL injection can occur any time cautions are not taken to completely separate your SQL code from its parameters and the parameters being passed in are allowed to flow into the SQL statement itself. SQL injection can also occur when building the SQL statement's table and column names dynamically.

Read more...

Most web applications interact with a database, and the data stored therein frequently originates from remote sources. Thus, when creating an SQL statement, you often use input in its construction. A typical SQL injection attack exploits this scenario by attempting to send fragments of valid SQL queries as unexpected values of GET and POST data. This is why an SQL injection vulnerability is often the fault of poor filtering and escaping, and this fact cannot be stressed enough.

I'm going to explains SQL injection by looking at a few example attacks and then introducing some simple and effective safeguards. By applying best practices, you can practically eliminate SQL injection from your list of security concerns.

Preventing SQL Injection in PHP & Coldfusion

Read more...

Look beyond politics and hype when deciding which to use.

Takeaway: MySQL may be free, but what if money isn't the only determining factor? Find out how these two database heavyweights stack up against each other and how to decide which one to use as your database system.

Two of the most popular back-end data stores Web developers work with today are MySQL and SQL Server. They are fundamentally similar in that both are data storage and retrieval systems. You can use SQL to retrieve data with either because both claim support for ANSI-SQL. Both database systems support primary keys and key indices, so you can also create indices used simply to speed up queries and for constraining input. Further, both provide some form of XML support.

Aside from the obvious difference of price, what distinguishes these two products from each other, and how do you choose between them? Let's take a look at the core differences between these two products, including licensing costs, performance, and security.

Read more...