Monday, August 8, 2011

Enable GZIP in PHP Application

Already i shown how to enable GZIP in YII Framework application, To enable GZIP in general PHP Application include the below code at the top of the document you want to gzip:

if( isset( $_SERVER['HTTP_ACCEPT_ENCODING'] ) && substr_count( $_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip' ) )
 ob_start( 'ob_gzhandler' );

Deleting files in server without any error using php

To delete files in server and avoid "denied access to file" error to unlink file.

To delete file, you must to change file's owernship .

An example:


How to minify Javascript, CSS files automatically in YII Framework

We are going to reduce the HTTP calls for resources files by merging several resources files into a single (or more) files, so that the application load faster. E Client Script can automatically detect the required list of files, and generate a unique filename hash, so boldly ease of use.

CSS Files:

CSS files are merged based on there media attribute, background images with a relative path in file can also be displayed correctly.

Script files:

Script files are merged based on their position, If you use the 'CClientScript::POS_HEAD' you will end up with a single file for all the script files you've used on that page.

If you use 'CClientScript::POS_HEAD' and 'CClientScript::POS_END' for example then you'll end up with two files for each page on that request, Since those resources are located in different positions.

Add the following code to components array in protected/config/main.php

Add to configuration:
First you have to download EClientScript extension

 'clientScript' => array(
            'class' => 'ext.minify.EClientScript',
            'combineScriptFiles' => true,
            'combineCssFiles' => true,
            'optimizeCssFiles' => true,
            'optimizeScriptFiles' => false,

Then you'd use the regular 'registerScriptFile' & 'registerCssFile' methods as normal and the files will be combined automatically

Enable GZIP in YII Application

Just add the following lines to protected/config/main.php,

add the below 2 lines after   'preload' => array('log'),

'onBeginRequest' => create_function('$event', 'return ob_start("ob_gzhandler");'),
'onEndRequest' => create_function('$event', 'return ob_end_flush();'),

Prevent right click in browser using Javascript

Just add the following code inbetween section of your html file

 <script language="javascript">
            var message="Sorry, you do not have permission to right click.";
            function RestrictIE(){
                if (event.button==2){
                    return false;
            function RestrictNS(e){
                if (document.layers||document.getElementById&&!document.all){
                    if (e.which==2||e.which==3){
                        return false;
            if (document.layers){
            else if (document.all&&!document.getElementById){
            document.oncontextmenu=new Function("alert(message);return false;")

now you can test in your browser.

TESTED WITH : IE 8.0, Firefox 3.5+, Chrome 12.0

Saturday, August 6, 2011

Enable HTTPS in Apache localhost using WAMP Server 2.1

Step 1

Download and install WAMP Server 2.1 from this link

Step 2
Generate a SSL certificate
Generate Key
Go to command prompt (Start Menu->Accessories->Command Prompt) type
Then type
Type C:\wamp\bin\apache\Apache2.2.17\bin
Go to C:\wamp\bin\apache\Apache2.2.17\bin and run the following command:

openssl req -new > webserver.csr

The command runs and prompts you to enter a PEM pass phrase and verify it. Write down the phrase because you will need it later.

It will then ask you to enter information that will be incorporated into your certificate request. When the command finishes, it has created several files, including privkey.pem, in


Remove Passphrase

Run the following command:
openssl rsa -in privkey.pem -out webserver.key

You will be prompted for the pass phrase from the previous step. The RSA key is written and the file webserver.key is now available in the folder.

Convert Into Signed Certificate

Run the following command to create a certificate which expires after one year:
openssl x509 -in webserver.csr -out webserver.cert -req -signkey webserver.key -days 365

Store Certificate Files
Create a folder ssl in  C:\wamp\bin\apache\Apache2.2.17\conf\  copy all generated files to ssl

Step 3

Modify conf/extra/httpd-ssl.conf
Change the following lines, adjusting the email address and the paths to your settings:

# General setup for the virtual host
SSLSessionCache "shmcb:C:/wamp/Apache/logs/ssl_scache(512000)"
SSLMutex default
# General setup for the virtual host

DocumentRoot "C:/wamp/www/"
ServerName localhost:443
ErrorLog "C:/wamp/logs/sslerror.log"
TransferLog "C:/wamp/logs/sslaccess.log"
SSLCertificateFile "conf/ssl/webserver.cert" 
SSLCertificateKeyFile "conf/ssl/webserver.key" 
CustomLog "C:/wamp/logs/sslrequest.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Modify httpd.Conf
Make sure your secure site is part of the virtual hosts in Apache:

# Secure (SSL/TLS) connections

#Include conf/extra/httpd-ssl.conf

Include conf/extra/httpd-ssl.conf

Step 4

Test https

Run httpd –t and make sure the syntax is OK.

Restart Apache.

Check that port 443 is open by running the following in the command prompt:

netstat -an | more
Test the https connection from your browser and hopefully it works

I found the article some where in WAMP forum and i made some changes to meet my requirement and fully functional, your feedback is welcome

The above method tested using WAMP Server 2.1 in windows 7, does not applies to wamp1.7 

Friday, August 5, 2011

Country database to use in web applications

you can freely use this country database in your projects Download country database

Module based login in YII Framework

Module based login

What is module?

From YII Framework documentation

 "A module is a self-contained software unit that consists of models, views, controllers and other supporting components. In many aspects, a module resembles to an application. The main difference is that a module cannot be deployed alone and it must reside inside of an application. Users can access the controllers in a module like they do with normal application controllers.

Modules are useful in several scenarios. For a large-scale application, we may divide it into several modules, each being developed and maintained separately. Some commonly used features, such as user management, comment management, may be developed in terms of modules so that they can be reused easily in future projects."

For example
admin users   = > index.php?r=admin/default/login
general users => index.php?r=user/default/login

To add module based login to a site without using RBAC, please follow these guidelines.
Consider the situation where we want to add 3 types of login in a site: customer, dealer, and admin.

Start by generating three modules using GII. (To do this, please refer to this guide for module generation

Step 1
Copy the UserIdentity component to the module/components folder for each module. We will validate each module against its table. For example, customer validation is done using customer table, and admin validation against the admin table

For each module, change its UserIdentity authenticate() function to perform the appropriate validation.

Step 2
For each module, add the following lines to its main page. For example, for the Customer module, add to Customer/CustomerModule.php Add the following lines to init():

'errorHandler' => array(
'errorAction' => 'customer/default/error'),
'user' => array(
'class' => 'CWebUser',             
'loginUrl' => Yii::app()->createUrl('customer/default/login'),


Step 3
Create the login/logout action in each module's DefaultController.
For example, for the Customer module:
Create the actionLogin() in Customer/controllers/DefaultController.php.
Also, create actionLogout() as follows:

public function actionLogout() {

Point sub-domain to module
This tips from the forum URL Subdomain to module
There is a feature called "Parameterizing Hostnames" (described on this pages). add the following lines to main.php

'components' => array(
'urlManager' => array(
'rules' => array(
'' => 'customer/default/index',
'' => 'customer/default/login',
So "customer/default/index" refers to the module "customer" with controller "default" and action "index".

Redirect to respective module login, if user not logged in to a particular model
add following code to customer module CustomerModule.php in beforeControllerAction

do the same for other module
in SiteController's site/login method
public function actionLogin() {

Another method(Recommended)
Redirect to respective module login, if user not logged in to a particular model
add following code to customer module CustomerModule.php
public function beforeControllerAction($controller, $action) {
if (parent::beforeControllerAction($controller, $action)) {
// this method is called before any module controller action is performed
// you may place customized code here
$route = $controller->id . '/' . $action->id;
// echo $route;
$publicPages = array(
if (Yii::app()->user->isGuest && !in_array($route, $publicPages)){            
return true;
return false;

do the same for other module
Thanks to ricardograna for sharing some configurations

Wednesday, August 11, 2010

Restrict unwanted files upload by using FileZilla

By using filters in filezilla we can avoid unwanted files in remote server

Showing Filters

To show and configure filters:

select "View > Filename filters...".

This will bring up the 'Directory listing filters' dialog box, that shows :

  • on the left side : the local filters
  • on the right side : the remote filters.

Multiple filters may be active at a time — those filters that are active will have a check next to them.

We can add/edit/delete filters by clicking edit filters button
once you have finished click apply that's all

Tuesday, August 10, 2010

Fixing Internet explorer Content-type and Content-Disposition issues using PHP

When you add download files option to your pages using PHP. you need to use following code to fix IE related issues

$filename = "myfile" . ".doc";
header('Content-Type: application/msword');
header('Expires: ' . gmdate('D, d M Y H:i:s') . 'GMT');
header('Content-Disposition: attachment; filename="' . $filename . '"');

if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')) {
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
} else {
header('Pragma: no-cache');