Defining session timeout thresholds for PHP scripts is a security “must”. I recommend that you consider the purpose of your script before applying a session timeout function. For instance, if your site has a secure login and security requirements, it’s important to include the timeout function. However, it’s often an inconvenience to end-users. Use the [...]

If you don’t backup your databases regularly, shame on you. You should! The code below will allow you to generate a backup as often as you’d like. It only makes sense to run this via a CRON job. This is pretty easy to do and you can set the frequency as you wish. The backup [...]

More and more internet traffic is generated by the iPhone and iPod touch. The PHP snippet below shows you how to automatically redirect your users to a page which is optimized for the iPhone Safari browser. if(strstr($_SERVER['HTTP_USER_AGENT'],’iPhone’) || strstr($_SERVER['HTTP_USER_AGENT'],’iPod’)) { // Change your URL below header(‘Location: http://www.domain.com/iphone’); exit(); }

XSS attacks plague beginner programmers and are a significant vulnerability for commercial web hosts & website operators.  XSS means “cross-site scripting“.  These exploits work on the client side. Often, hackers put some type of JavaScript in content that users submit that allow them to steal the data from a cookie.  XSS attacks are pretty difficult [...]

This tutorial demonstrates how to execute an external PHP function by clicking a simple link within HTML.  The method uses AJAX so that the page doesn’t refresh and doesn’t require a form submission. 1) Paste the following code into a .js file.  For demonstration purposes, we have named it “ajax_click.js”. /* * ajax_click.js * chriscook.me [...]