How They Hack Your Website

SQL Injection

SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you've entered against the relevant table in the database. If your input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.

The Simple SQL Injection Hack

In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment. Don't worry, it will all be over soon.

Suppose we enter the following string in a Username field:

' OR 1=1

double-dash-txt.png
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:

SELECT * FROM users WHERE username = ?USRTEXT '
AND password = ?PASSTEXT?

...where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.

So entering `OR 1=1 -- as your username, could result in the following actually being run:

SELECT * FROM users WHERE username = ?' OR 1=1 -- 'AND password = '?

Two things you need to know about this:
['] closes the [username] text field.

'

double-dash-txt.png
' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE username = '' OR 1=1

1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.

How do I get a YouTube video thumbnail from the YouTube API?

Each YouTube video has 4 generated images. They are predictably formatted as follows:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/0.jpg
https://img.youtube.com/vi/<insert-youtube-video-id-here>/1.jpg
https://img.youtube.com/vi/<insert-youtube-video-id-here>/2.jpg
https://img.youtube.com/vi/<insert-youtube-video-id-here>/3.jpg
The first one in the list is a full size image and others are thumbnail images. The default thumbnail image (ie. one of 1.jpg, 2.jpg, 3.jpg) is:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/default.jpg
For the high quality version of the thumbnail use a url similar to this:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/hqdefault.jpg
There is also a medium quality version of the thumbnail, using a url similar to the HQ:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/mqdefault.jpg
For the standard definition version of the thumbnail, use a url similar to this:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/sddefault.jpg
For the maximum resolution version of the thumbnail use a url similar to this:

https://img.youtube.com/vi/<insert-youtube-video-id-here>/maxresdefault.jpg
All of the above urls are available over http too. Additionally, the slightly shorter hostname i3.ytimg.com works in place of img.youtube.com in the example urls above.

Onclick javascript to make browser go back to previous page

1. First Method

 <a href="javascript: history.go(-1)">Go Back</a></div>

2. Second Method

<a href="##" onClick="history.go(-1); return false;">Go back</a> \

3.Third Method

<input name="action" type="submit" value="Cancel" onclick="window.history.back();"/>

if we want to more than one step back then increase

For going 2 steps back history.go(-2)
For going 3 steps back history.go(-3)
For going 4 steps back history.go(-4)
and so on.......

Jquery validation Rule List

Rule Format

To add rules to your input elements follow this format:

data-rule-[rule name separate by dashes]="true" 

Here are some examples:

• Required - data-rule-required="true"
• Email - data-rule-email="true"
• Minimum Length = data-rule-minlength="6"

Message Format

By default the jQuery Validation Plugin will add it’s owne messages, but you can customize them to be whatever you want using another data attribute. To specify messages for each rule with data attributes follow this format:

data-msg-[rule name separate by dashes]="The message you want."

Here are some examples:

• Required - data-msg-required="Madam/sir, this field is required."
• Email - data-msg-email="Let us spam you, enter a valid email address."

Rule List:

If you want to know exactly what the validators are available and what they do look at the code for the validators in core or browse the additional validators.

Here is a list of them that I compiled by looking at the source on GitHub. I marked them with what part of the framework they’re from, and whether or not I tested them:

(Tested, core)

• data-rule-required=”true”
• data-rule-email=”true”

(Untested, core, but should work)

• data-rule-url=”true”
• data-rule-date=”true”
• data-rule-dateISO=”true”
• data-rule-number=”true”
• data-rule-digits=”true”
• data-rule-creditcard=”true”
• data-rule-minlength=”6”
• data-rule-maxlength=”24”
• data-rule-rangelength=”5,10”
• data-rule-min=”5”
• data-rule-max=”10”
• data-rule-range=”5,10”
• data-rule-equalto=”#password”
• data-rule-remote=”custom-validatation-endpoint.aspx”

(Untested, additional, but should work)

• data-rule-accept=””
• data-rule-bankaccountNL=”true”
• data-rule-bankorgiroaccountNL=”true”
• data-rule-bic=””
• data-rule-cifES=””
• data-rule-creditcardtypes=””
• data-rule-currency=””
• data-rule-dateITA=””
• data-rule-dateNL=””
• data-rule-extension=””
• data-rule-giroaccountNL=””
• data-rule-iban=””
• data-rule-integer=”true”
• data-rule-ipv4=”true”
• data-rule-ipv6=”true”
• data-rule-mobileNL=””
• data-rule-mobileUK=””
• data-rule-lettersonly=”true”
• data-rule-nieES=””
• data-rule-nifES=””
• data-rule-nowhitespace=”true”
• data-rule-pattern=””
• data-rule-phoneNL=”true”
• data-rule-phoneUK=”true”
• data-rule-phoneUS=”true”
• data-rule-phonesUK=”true”
• data-rule-postalcodeNL=”true”
• data-rule-postcodeUK=”true”
• data-rule-require_from_group=””
• data-rule-skip_or_fill_minimum=””
• data-rule-strippedminlength=””
• data-rule-time=””
• data-rule-time12h=””
• data-rule-url2=””
• data-rule-vinUS=””
• data-rule-zipcodeUS=”true”
• data-rule-ziprange=””

Facebook Meta tag for Sharing ........

Basic Metadata

To turn your web pages into graph objects, you need to add basic metadata to your page. We've based the initial version of the protocol on RDFa which means that you'll place additional <meta> tags in the <head> of your web page. The four required properties for every page are:

og:title - The title of your object as it should appear within the graph, e.g., "The Rock".
og:type - The type of your object, e.g., "video.movie". Depending on the type you specify, other properties may also be required.
og:image - An image URL which should represent your object within the graph.
og:url - The canonical URL of your object that will be used as its permanent ID in the graph, e.g., "http://www.imdb.com/title/tt0117500/".
As an example, the following is the Open Graph protocol markup for The Rock on IMDB:

<html prefix="og: http://ogp.me/ns#">
<head>
<title>Welcome to my Blog</title>
<meta property="og:title" content="The Rock" />
<meta property="og:type" content="video.movie" />
<meta property="og:url" content="http://www.imdb.com/title/tt0117500/" />
<meta property="og:image" content="http://ia.media-imdb.com/images/rock.jpg" />
...
</head>
...
</html>

Optional Metadata

The following properties are optional for any object and are generally recommended:

og:audio - A URL to an audio file to accompany this object.
og:description - A one to two sentence description of your object.
og:determiner - The word that appears before this object's title in a sentence. An enum of (a, an, the, "", auto). If auto is chosen, the consumer of your data should chose between "a" or "an". Default is "" (blank).
og:locale - The locale these tags are marked up in. Of the format language_TERRITORY. Default is en_US.
og:locale:alternate - An array of other locales this page is available in.
og:site_name - If your object is part of a larger web site, the name which should be displayed for the overall site. e.g., "IMDb".
og:video - A URL to a video file that complements this object.

For example (line-break solely for display purposes):

<meta property="og:audio" content="http://example.com/bond/theme.mp3" />

<meta property="og:description"   content="Sean Connery found fame and fortune as the           suave, sophisticated British agent, James Bond." />

<meta property="og:determiner" content="the" />

<meta property="og:locale" content="en_GB" />

<meta property="og:locale:alternate" content="fr_FR" />

<meta property="og:locale:alternate" content="es_ES" />

<meta property="og:site_name" content="IMDb" />

<meta property="og:video" content="http://example.com/bond/trailer.swf" />

The RDF schema (in Turtle) can be found at ogp.me/ns.

Structured Properties

Some properties can have extra metadata attached to them. These are specified in the same way as other metadata with property and content, but the property will have extra :.

The og:image property has some optional structured properties:

og:image:url - Identical to og:image.
og:image:secure_url - An alternate url to use if the webpage requires HTTPS.
og:image:type - A MIME type for this image.
og:image:width - The number of pixels wide.
og:image:height - The number of pixels high.
A full image example:

<meta property="og:image" content="http://example.com/ogp.jpg" />

<meta property="og:image:secure_url" content="https://secure.example.com/ogp.jpg" />

<meta property="og:image:type" content="image/jpeg" />

<meta property="og:image:width" content="400" />

<meta property="og:image:height" content="300" />

The og:video tag has the identical tags as og:image. Here is an example:

<meta property="og:video" content="http://example.com/movie.swf" />

<meta property="og:video:secure_url" content="https://secure.example.com/movie.swf" />

<meta property="og:video:type" content="application/x-shockwave-flash" />

<meta property="og:video:width" content="400" />

<meta property="og:video:height" content="300" />

The og:audio tag only has the first 3 properties available (since size doesn't make sense for sound):

<meta property="og:audio" content="http://example.com/sound.mp3" />

<meta property="og:audio:secure_url" content="https://secure.example.com/sound.mp3" />

<meta property="og:audio:type" content="audio/mpeg" />

Arrays

If a tag can have multiple values, just put multiple versions of the same <meta> tag on your page. The first tag (from top to bottom) is given preference during conflicts.

<meta property="og:image" content="http://example.com/rock.jpg" />
<meta property="og:image" content="http://example.com/rock2.jpg" />
Put structured properties after you declare their root tag. Whenever another root element is parsed, that structured property is considered to be done and another one is started.

For example:

<meta property="og:image" content="http://example.com/rock.jpg" />

<meta property="og:image:width" content="300" />

<meta property="og:image:height" content="300" />

<meta property="og:image" content="http://example.com/rock2.jpg" />

<meta property="og:image" content="http://example.com/rock3.jpg" />

<meta property="og:image:height" content="1000" />

Dear all, Wish u and your family a very happy diwali & prosperous new year. May God fulfill all your wishes in wealth, health & happiness in your life.