Browsing all articles in Web Development

Humans and bots will do similar things, but bots will do things that humans don’t. Let’s try to identify those things. Before we look at behavior, let’s accept RayQuang’s comment as being useful. If a visitor has a bot’s user-agent string, it’s probably a bot. I can’t image anybody going around with “Google Crawler” (or something similar) as a UA unless they’re working on breaking something. I know you don’t want to update a list manually, but auto-pulling that one should be good, and even if it stays stale for the next 10 years, it will be helpful.

Some have already mentioned Javascript and image loading, but Google will do both. We must assume there are now several bots that will do both, so those are no longer human indicators. What bots will still uniquely do, however, is follow an “invisible” link. Link to a page in a very sneaky way that I can’t see as a user. If that gets followed, we’ve got a bot.

Bots will often, though not always, respect robots.txt. Users don’t care about robots.txt, and we can probably assume that anybody retrieving robots.txt is a bot. We can go one step further, though, and link a dummy CSS page to our pages that is excluded by robots.txt. If our normal CSS is loaded but our dummy CSS isn’t, it’s definitely a bot. You’ll have to build (probably an in-memory) table of loads by IP and do an not contained in match, but that should be a really solid tell.

So, to use all this: maintain a database table of bots by ip address, possibly with timestamp limitations. Add anything that follows your invisible link, add anything that loads the “real” CSS but ignores the robots.txt CSS. Maybe add all the robots.txt downloaders as well. Filter the user-agent string as the last step, and consider using this to do a quick stats analysis and see how strongly those methods appear to be working for identifying things we know are bots.

– This answer is found on Stackoverflow, and I have pasted it here for my easy reference – you can also find it here.


To add/install MSSQL support in PHP5 on Debian linux server, follow the below steps:

  1. Install FreeTDS and the PHP MS SQL extension

sudo apt-get install freetds-common freetds-bin unixodbc php5-sybase
Note: That is correct, the MS SQL extension is in the “php5-sybase” package.

  1. Restart Apache

sudo /etc/init.d/apache2 restart

If everything went fine then you will be able to connect to your MSSQL Server using mssql_connect().


In cakephp most of us use ACL with Auth component to manage logins and access to various pages. When we need to implement this feature based on User Roles only. Sometimes the ARO checking gives error – that the User not exist for the foreign key. This is because if the role does not have required permission then the ACL tries to find the permission for logged user.

To prevent ARO from checking for user permissions when only role based access is needed, we need to add following lines in the User model. Please replace “Group” and “group_id” with your Model name used to manage the Role and foreign key name in User table for that respectively.

public function bindNode()  {
$data = AuthComponent::user();
return array('model' => 'Group', 'foreign_key' => $data['User']['group_id']);

This worked for me. It took me many hours to find this somewhere in Google. I am posting here so, you do not have to waste hours for this.


For one of my project I was required to upload files on an FTP server from the PHP script. Searching on Google I found code required but it was not completely available at one place. So I thought to share this here for use by others as tried and tested code, working on a live website.

This script was created for moving the just uploaded file to FTP server. That is why it uses $_FILES[“tmp_name”] as local file. You can change to your file location, if it is already uploaded.


Please replace the variables in first four lines according to the settings you have for your target FTP server.

$ftp_server = "";
$ftp_user_name = "ftpuser";
$ftp_user_pass = "ftppassword";
$remote_dir = "/target/folder/on/ftp/server";

// set up basic connection
$conn_id = ftp_connect($ftp_server);

// login with username and password
$login_result = @ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);

//default values
$file_url = "";

if($login_result) {
//set passive mode enabled
ftp_pasv($conn_id, true);

//check if directory exists and if not then create it
if(!@ftp_chdir($conn_id, $remote_dir)) {
//create diectory
ftp_mkdir($conn_id, $remote_dir);
//change directory
ftp_chdir($conn_id, $remote_dir);

$file = $_FILES["file"]["tmp_name"];
$remote_file = $_FILES["file"]["name"];

$ret = ftp_nb_put($conn_id, $remote_file, $file, FTP_BINARY, FTP_AUTORESUME);
while(FTP_MOREDATA == $ret) {
$ret = ftp_nb_continue($conn_id);

if($ret == FTP_FINISHED) {
echo "File '" . $remote_file . "' uploaded successfully.";
} else {
echo "Failed uploading file '" . $remote_file . "'.";
} else {
echo "Cannot connect to FTP server at " . $ftp_server;


Today, the usage of mobile is increasing day by day and most of the users are preferring mobile device over desktop. Therefore it is almost necessary to check how a web page looks on a mobile device and make adjustments using the mobile specific CSS. But it is not every time possible to have all different mobile devices handy to test. Here comes the mobile device emulators for help.

You can use following FREE web tools to test your web page, without installing any software on your PC. Hence these will work on Windows, MAC or Linux.

1. MobilePhoneEmulator – Here you can select your device and different parameters, including the screen orientation.

2. Opera Mini Simulator – As one of the most favored browser for mobile devices, it is very much possible that most of your users are visiting your website using this fast browser. So it is very useful to check your web page to work correctly in this browser.

3. iPhone Tester – This is only for iPhone browser. Remember to run this page in a Safari browser so that the rendering is same as you see in iPhone.

4. Opera Mobile Emulator – This is a downloadable desktop application, you can use to test your pages on Opera mobile. The download size for windows is approx 13MB.

Let me know in comments if you are using or know some other great tools for this purpose. Happy Coding!!!


While browsing thorough my emails today morning. I found a link to wordpress plugins for blog administrators. This is a well categorized list and have plugins listed for User interface improvement, security, collaboration, editing support etc.

Let me know if you like it or not. Or which plugins do you use on every wordpress site created by you?


Recently I need to upgrade one Joomla 1.0.x installation to the new installation. If you are also dealing with Joomla 1.0 installation to upgrade or maintain and missed the password for admin user.  This can also be useful if you need to add new admin user, without disturbing the old user records. Then here are the simple steps to reset the same. It took me some time to find the correct hard way to do it.

To just reset the password and user name to admin, execute the following query in the phpMyAdmin or MySql command prompt:

UPDATE `jos_users` SET `password` = MD5( ‘<new_password>’ ) WHERE `jos_users`.`username` = “admin” ;

Do remember to change the table prefix and username to whatever you have in your database. This is quiet easy. But if need to add a completely  new user to database without admin access then following steps will help you –

1. First create a new user record in users table. You can use the insert method of the phpMyAdmin when jos_users table is open. Input following values:

Name: admin
Username: admin
Password: af9083d4b82dbc0745b124db3b3cf15d:M0WuLowO4rtRTddG
User Type: Super Administrator

Then click on Go. This will set the user name and password to “admin”.  Note the new Id assigned to the user, you will need that in next step.

2. Now add a record in the ACL for new user, created above. Open the “jos_core_acl_aro” table and insert a new record:

Section Value: users
Value: <Generated id of the new user in previous step>
Order Value: 0
Name: admin

Click on Go button to save the data. Note the ID of new inserted record, this will be needed in next step.

3. Map the new ACL record to group. Open “jos_core_acl_groups_aro_map” table and insert a new record:

Group ID: 25
ARO ID: <New generated ID from previous step>

Click on Go to save the record. That’s it.

Now you should be able to log-in to administration panel by entering User name: admin and Password: admin.



With the advent of modern browsers, web pages are using more and more javascript and stylesheets to make applications work faster and look better. And this is achieved with caching the Javascript, images and CSS files in the browser cache in user’s machine. This is great for speeding up page load for end user, but this causes problems when we update these files on server but browser keeps using the old file from cache.

To trick browser to load the same file again we can add a parameter with the file name like my_javascript.js?v=123 and keep changing the value of v whenever the file changes. This tricks browser as new URL and it reloads the same file again with changes. But this poses another issue to update the include links every time whenever the corresponding file is changed.

So here is an automated solutions for PHP developers. Just define following function in a location where it is accessible in all scripts specially View files – which generate the HTML.

function auto_version($file) {
return $file;
$mtime = filemtime($file);
return $file."?v=" . $mtime;

Now modify your include links as given below:

<script type="text/javascript" src="<?php echo auto_version("js/custom.js") ?>"></script>

Now you never have to update the include link to force the file reload, it will automatically check the file modification timestamp and append that to URL.


When developing Ajax applications on local machine you may face this error on almost all browsers that cross referring a link from other domain is not allowed. This is mentioned as the “Access-Control-Allow-Origin” on Google Chrome. To work around this issue, temporarily – yes temporarily as this may make your system unsafe – you need to run Chrome with following argument – “–disable-web-security”.

On Linux you can use the following command to sun Google Chrome with web security disabled –

/usr/bin/google-chrome --disable-web-security

On Windows machine you can create a shortcut to Google Chrome and add the above mentioned flag in the command line.

Please remember that do not use your browser for browsing non-trusted sites in this mode. Only use this for testing and development purpose only. This is for your security only.

Update: If you have access to the file server which you are accessing from a different server, then you can use “.htaccess” directive also to allow access from a domain or all domains.

<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"

Suppose you are accessing file “xyz” hosted on server “One” from server “Two” then you need to add the .htaccess directive in the directory of the server “One” to which you want to allow remote access.

To restrict the access from specific domains only you can specify the domain name(s) in place of “*” separated with comma like –,


When working on PHP and MySql development we rarely get a chance to install the application on Windows IIS server. And today I was asked to do the same. The first issue was related with mod_rewrite which is easily solved by un-commenting the line –

Configure::write(‘App.baseUrl’, env(‘SCRIPT_NAME’));

But the big issue came when I found that session is not working. After login the user is immediately redirected back to log-in page. I searched on Google for many solutions related with session.save_path, server time issues, user_agent verification etc., but none of them worked.

The I found a solution and I thought it may be helpful for some of you, or even me in future, if bookmarked here.I found a article in CakePHP Bakery, which suggested to use a separate file to handle session. Although this was not related to this issue, I though to give it a try and it worked for me.

To make it work you just need to create file in the /app/config folder with name, say session_handler.php. You can name it anything you like, and add below code in it:

// You can copy the ini_set statements from the switch block here
// for case 'php' (around line 484) and modify to your needs.

// Lets assume our config value for Security.level is 'medium'

//Get rid of the referrer check even when Security.level is medium
ini_set('session.referer_check', '');
// or you can use this to restore to previous value
// ini_restore('session.referer_check');

//Cookie lifetime set to 0, so session is destroyed when browser is closed and doesn't persist for days as it does by default when Security.level is 'low' or 'medium'
ini_set('session.cookie_lifetime', 0);

//Now this feels a bit hacky so it would surely be nice to have a config variable for cookie path instead.
//Cookie path is now '/' even if your app is within a sub directory on the domain
$this->path = '/';
ini_set('session.cookie_path', $this->path);

//This sets the cookie domain to "" thereby making session persists across all sub-domains
ini_set('session.cookie_domain', env('HTTP_BASE'));

//Comment out/remove this line if you want to keep using the default session cookie name 'PHPSESSID'
//Useful when you want to share session vars with another non-cake app.
ini_set('', Configure::read('Session.cookie'));



//Makes sure PHPSESSID doesn't tag along in all your urls
ini_set('session.use_trans_sid', 0);

Then modify “/app/config/core.php”, and replace below line –

Configure::write('', 'php');


Configure::write('', 'session_handler');

You need to put the name of your session file in place of “session_handler”. Hopefully it will work.

Popular posts

Random Testimonial

  • ~ Elance ID – App_Services

    "Its a real pleasure to get to write this review.. Truth is we kept adding and adding and adding to this project and Rajendra should have gotten 3 or 4 of these reviews by now. I can say with 100% honesty that if your looking for a stress free experience then this is the provider to use. His English is great, and there are none of the "miss-communications" that are known to happen with providers outside the USA. Although there are other providers that are less per hour, I have tried them... and I have seen first hand over billing or very inefficient work. However with this provider, the work is done fast, and its done right (the first time). This provider has been the best coder I have used on Elance, bar none. Thanks Rajendra for doing such a great job, I wish you the best in"

  • Read more testimonials »
  • New post: Fix Error 0x80070424 on windows 2 years ago
  • New post: Configuring Horder Vacation Responder in Plesk 9 2 years ago
  • New post: Wordpress update issue on Plesk 2 years ago
  • I’ve just taken the WordPress 2012 User and Developer Survey, have you? (pass it on!) 2 years ago
  • New post: Mobile device emulators to test web page display 2 years ago