Mohtashim Jamal

Never trust user input, it may be malicious, always check your php input.
Check all global arrays like $_GET, $_POST, $_REQUEST, $_COOKIE, allow only known variables and make sure that they contain the right type of data.
What does this mean ? It means that if you have a $_GET['id'] variable in your script which has to be an integer, always check it and make sure it is an integer.
Also don't allow other variables in $_GET or other globals, keep only variables that your scripts need. So, if your script only uses only one variable $_GET['id'] then dispose other variables.
You can also use php filter to implement your sanitization code.

This is a simple function that sanitizes the data before sending it to MySQL. First it removes whitespaces from the beginning and ending of the string. If magic_quotes_gpc is enabled and the data has been already escaped we will apply stripslashes() to the data. This way the data won’t be escaped twice when mysql_real_escape_string() is called.

function sanitize($data)
{
// remove whitespaces (not a must though)
$data = trim($data);

// apply stripslashes if magic_quotes_gpc is enabled
if(get_magic_quotes_gpc())
{
$data = stripslashes($data);
}

// a mySQL connection is required before using this function
$data = mysql_real_escape_string($data);

return $data;
}
The function mysql_real_escape_string() escapes special characters in a string for use in a SQL Statement. Unlike the deprecated function mysql_escape_string(), which doesn’t take a connection argument and does not respect the current charset setting, mysql_real_escape_string() calls MySQL library’s function mysql_real_escape_string, which prepends backslashes() to the following characters: \x00, \n, \r, \, ‘, ” and \x1a. It’s strongly recommended to use this function before sending any query to the mySQL database.

[refer http://www.codeassembly.com/How-to-sanitize-your-php-input/]

Fatal error: imagepng() [<a href='function.imagepng'>function.imagepng</a>]: gd-png: fatal libpng error: zlib error in...

Here is some info I found on another site:
Since PHP v5.1 the GD function imagepng() accepts compression argument. The compression argument must be from 0 to 9.
For images is using the compression settings when creating thumbnails or image resizing for jpeg images which can be from 0 to 100.
Because of that using imagepng() function will return fatal error

As a web developer, you’re probably among the earliest adopters of new browser technologies. Google’s (Google) relatively new Chrome (Chrome) browser is one of those products that developers jumped all over as soon as it became available, but its initial lack of extensions was a dealbreaker for many.

Now extensions are supported in Chrome and some of the tools you’re accustomed to using in Firefox (Firefox) have become available, plus a few unique to Chrome. We’ve compiled a list of ten of the most useful Chrome extensions for web developers right here; if you use these extensions, you might even be able to make Chrome your main workhorse. Maybe!

Look at the list and give it a try — and if there are any great ones that we missed, be sure and share them with us and the other readers in the comments.
1. Firebug Lite

Arguably the most popular Firefox extension for web developers, Firebug lets you look at and edit the HTML, CSS and JavaScript of any page on the fly without leaving your browser. Firebug Lite is a scaled-down version of Firebug made for Chrome. You can inspect a page for errors then quickly edit to fix them.

Though Firebug Lite doesn’t have all the same features as Firebug, it has most of the essentials, and there’s a console interface for power users.
2. IE Tab

Microsoft’s Internet Explorer (Internet Explorer) web browser is not at all popular with web developers, but it’s by far the most popular browser for the general population. With IE Tab you can open any website in a tab that’s actually running Internet Explorer instead of Chrome. You can make sure your website runs correctly for those millions of people who aren’t using Firefox, Safari (Safari), Chrome, or Opera (Opera).
3. Eye Dropper

With EyeDropper, you can find useful information on any color on a website you’re viewing in Chrome. Click the extension button and a color wheel interface drops down. From there, you can click the color picker button, then click anywhere on the site to see where the color for that pixel falls in the wheel, what its RGB levels are, and what its HTML color code is.
4. Chrome SEO

Tapping the Chrome SEO button after the extension has been installed will give you website information that’s important for search engine optimization. You can check backlinks, traffic measures like the Alexa Rank and Google PageRank, popularity on social bookmarking sites like Delicious (Delicious), and more.
5. Lorem Ipsum Generator

The Lorem Ipsum Generator extension will generate filler text for your websites so you can make sure your formatting works well without wasting time typing several paragraphs of text. This extension is lightweight and minimalistic, so it’s easy to use and it won’t take up a lot of memory. That means it’s easy to pop in and out of as needed.
6. Resolution Test

Resolution Test’s purpose is right there in the name — it re-sizes the browser window to show what your website will look like at various popular screen resolutions. As a web developer, you probably have a very high-resolution display. Good for you! But most of the visitors to your site don’t; this extension will help you make sure the site’s formatting looks ok to them.
7. Speed Tracer

Speed Tracer uses the browser’s built-in metrics tools to record how much time your web application is spending on various tasks so you can find out what the hang-up is if your site is running slowly. It can tell you how much time the browser is spending interpreting layout, Javascript, and other details.

The only downside to this useful tool is that for it to work, you have to run the browser with the command line flag “–enable-extension-timeline-api.” But if you’re a developer, that’s probably not a big issue, right?
8. MeasureIt!

MeasureIt! is pretty straightforward — it gives you the dimensions (pixel width and height) of any element present in a website you’re looking at. Like a lot of the other extensions on this list, it was previously available for Firefox.
9. Pendule

Pendule pops up an easy-to-use, well-laid-out control panel full of miscellaneous tasks helpful to developers. Examples include reloading or disabling CSS, viewing JavaScript scripts, hiding images, a color picker, a display ruler, viewing source, and several script validators. It works well as your basic, catch-all web developer’s extension.
10. BuiltWith

BuiltWith gives you a profile of the website you’re hanging out at, including a list of all the technologies it can find there. It will tell you what widgets the site is using, which analytics tracker the webmaster is using, which frameworks are present, which advertising platforms are in use, and so on.

----------------------------------------------------------------
You can read the full article at:
http://mashable.com/2010/02/24/developer-chrome-extensions/

Every plug-in on the list offers outstanding utility to developers who install them in their browsers. In fact, some of them are even considered indispensable. And they’re all available as free downloads for Firefox, right now.

If you know any other developer staples that didn’t make our top 10, be sure to share them with us and our other readers in the comments. And if you’re more into Google Chrome (Google Chrome), be sure to check out our list of 10 essential Chrome extensions for developers.
1. Firebug

With Firebug, you can edit the CSS, HTML, and JavaScript on any web page live without navigating to a different application. Changes can be made and previewed in real-time. The add-on also comes with network activity analysis tools and a JavaScript performance profiler. Like the Firefox browser itself, Firebug can be extended with plug-ins that add new features.
2. Web Developer

The Web Developer add-on is the most powerful and dynamic extension in this list; it adds a toolbar that lets you do numerous useful things.

You can disable Java, disable or view cookies, disable CSS, view styles, see detailed information on forms, disable images, find broken images, view JavaScript, display all kinds of behind-the-scenes information, edit HTML, show hidden elements, resize the window to a specified resolution, validate code and much more.
3. ColorZilla

ColorZilla is a color picker that lives down in your browser’s status bar. Just click the ColorZilla button and move the cursor over the color you want to find out about; you’ll be given a reading that includes the color’s RGB values and the hexadecimal code you need to duplicate the color on your own site. ColorZilla also includes a color wheel, a page zoomer and a measuring tool.
4. HTML Validator

HTML Validator appears as an icon in the status bar, and displays the number of HTML errors Firefox encountered when opening up a web page. You can then dive into the HTML code to investigate what caused the errors.

Be warned that when you navigate to the Firefox add-on page for HTML Validator, you’ll be told that the add-on isn’t available for download for your operating system if you’re a Mac or Linux (Linux) user. Take a quick trip to the developer’s website and you’ll find versions for several platforms, though.
5. FireFTP

FireFTP is an adequately featured FTP (File Transfer Protocol) client that runs inside Firefox. When you execute it, it appears as an extra window just like Firefox’s bookmark or download managers. Features aren’t just limited to the basics; you can perform integrity checks or searches, sync directories while navigating, compare directories and so on. This add-on should meet the needs of the majority of FTP users.
6. IE Tab

Microsoft’s Internet Explorer (Internet Explorer) web browser is barely used by web developers, but it’s the most popular browser in the world at large. With IE Tab you can open any website in a tab that’s actually running IE instead of Firefox. That way, you can more easily make sure your website runs correctly for millions of people who aren’t using Firefox.

Note that IE Tab is not available for Mac or Linux, since you need to have IE installed for it to work and there are not any currently supported versions of IE for non-Windows (Windows) operating systems.
7. MeasureIt

With MeasureIt, you can draw a rectangular ruler anywhere on the website to get the measurements (height and width) in pixels of any element or space. Similar functionality is offered by ColorZilla, so running both add-ons at the same time would be redundant, but this plug-in is nevertheless hugely popular.
8. Greasemonkey

Greasemonkey allows more advanced customization of your browser by executing custom JavaScript scripts that change the way websites are displayed. Hundreds of scripts are available, and many of them are tailored to specific websites. For example, we’ve covered the Facebook Friends Checker script in the past; it monitors your friends list when you’re logged in to Facebook (Facebook) and notifies you when one has been removed.
9. View Source Chart

When you look at the source for a web page using Firefox’s normal tools, you’re given a massive block of barely-organized text; it’s not very easy to scan and look for something specific. View Source Chart displays a web page’s source code in a set of smartly divided, colored partitions. It visually represents tag boundaries and DOM structure so you can navigate efficiently without getting lost in the noise.
10. Aardvark

Use Aardvark to select elements on a website and perform any one of a broad selection of functions on them. You just click on an element and hit one of several keyboard shortcuts. Possibilities include hitting R to remove the element, W to widen it, I to isolate it or V to view the element’s source. Hitting H for “help” brings up a list of all 14 shortcuts.
----------------------------------------------------------------------------------------------------------------


You can read the full article at:
http://mashable.com/2010/03/03/firefox-plugins-developers/

<style>
.rtop, .rbottom{display:block; }
.rtop *, .rbottom *{display: block; height: 2px; overflow: hidden}
.r1{margin: 0 5px; background:#999999;}
.r2{margin: 0 3px; background:#999999;}
.r3{margin: 0 2px; background:#999999;}
.r4{margin: 0 1px; height: 2px; background:#999999;}
.contain{background:#999999;text-align:center;}

</style>
<div id="container" style="width:100px;">
<b class="rtop">
<b class="r1"></b>
<b class="r2"></b>
<b class="r3"></b>
<b class="r4"></b>
</b>
<div class="contain">Nice One :)</div>
<b class="rbottom">
<b class="r4"></b>
<b class="r3"></b>
<b class="r2"></b>
<b class="r1"></b>
</b>
</div>

if ( strpos($_SERVER['HTTP_USER_AGENT'], 'Gecko') )
{
if ( strpos($_SERVER['HTTP_USER_AGENT'], 'Netscape') )
{
$browser = 'Netscape (Gecko/Netscape)';
}
else if ( strpos($_SERVER['HTTP_USER_AGENT'], 'Firefox') )
{
$browser = 'Mozilla Firefox (Gecko/Firefox)';
}
else
{
$browser = 'Mozilla (Gecko/Mozilla)';
}
}
else if ( strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') )
{
if ( strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') )
{
$browser = 'Opera (MSIE/Opera/Compatible)';
}
else
{
$browser = 'Internet Explorer (MSIE/Compatible)';
}
}
else
{
$browser = 'Others browsers';
}

echo $browser;
?>

ob_start("ob_gzhandler");
header('Content-Encoding: gzip');

$expires = 60*60*24*30;
header("Pragma: public");
header("Cache-Control: maxage=".$expires);
header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$expires) . ' GMT');

Here is a small tips for you which you can use to upload such a large file using file field of the form and move_uploaded_file() function in PHP.

1) Create a .htaccess file in the root folder of web server.
2) Put the following code in side the .htaccess file and save it.

php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200

Now you can upload the file-size up-to 20MB in a simple way using file field in your html form and move_uploaded_file() function available in PHP. In the above .htaccess file, uploading capability is increased by the four parameter first one is maximum file size for uploading, second one is maximum size of the post data , third one is maximum time in seconds a script is allowed to run before it is terminated by the parser and last one is maximum time in seconds a script is allowed to parse input data such as like file uploads, POST and GET data.

You can change the above parameter to upload the bigger file size than 20MB.