Recently, we have run into an issue with some Magento E-Commerce carts with regard to their shipping and billing addresses. The cart defaults to prompting the customer to enter a billing address and a shipping address. However, under most circumstances, the addresses match. I have updated my clients cart to default the shipping address to match the billing address. If a customer would like to separate the two, they have that option; although, most don’t utilize it. In this article, I explain the simple solution.

Here are the simple instructions to update your Magento Commerce website to default the shipping address to match the billing address:

The organization I work for has recently determined that we have had a significant loss in revenue due to pirated or unlicensed copies of electronic books/publications that we sell. with the loss being so substantial we needed to find a work-around. It wasn’t realistic to eliminate electronic copies as they are much more profitable and in some cases desirable than their hard-copy equivalents.

We discussed DRM and it was decided that the implementation was too expensive and not restrictive enough as the restrictions we can place on PDF files require that the end-user have software that also recognized these protection restrictions.

We opted for a solution that allows us to continue to offer PDF formats, is the most cross-software friendly and least cumbersome on our customers. Here’s the solution we decided on:

First, I should let you know that we control our own servers so we have access to install the software that we deem necessary. We are running PHP as the Web Application Language. We installed software that allows us to append text above the content of the existing PDF. In the text we indicated that the document is only licensed for individual use and that re-distribution is not authorized. Since we sell these documents, we also have their billing information, so within the same statement, we place the purchasers name on the document.

This procedure is performed on every page of the electronic document, which makes it very cumbersome to remove should an individual decide they want to redistribute it. In addition, we can lock the document and provide license terms upon download to remind the customer of these terms.

Hopefully, this helps to address some of the electronic PDF document concerns with regard to DRM that are out there. There are various applications that provide support for webservers to modify/write to PDF documents. I have found this support for PHP and Coldfusion, although asp, aspx,ruby on rails and the like should also offer support.

If you have found this information helpful, please assist us by clicking our sponsor ads below. These sponsors help to recover the cost of hosting and development.

Data validation and sanitizing is extremely important in all server-side scripting languages. It protects the database from malicious website attacks as well as unintentional/unexpected errors for website visitors. This article is in no way all-inclusive, but will provide a couple tips on how you can better protect your database.

First, it’s important that you check that the data that is provided by he site visitor matches the data format that is expected. For this, I suggest using sprintf(), a built-in PHP function. You can use regular expressions to check data format, but this, I’ve found is a safe method to validate data formats.

Sprintf() works as follows:
$my_text = “The quick brown fox jumps over the lazy dog.”;
$letters_in_alphabet = “26″;
Sprintf(“The following text uses all %d letters of the alphabet: %s”, $letters_in_alphabet, $my_text);
In the previous example, you provide the string and all of the % indicators will be replaced with the following variables in the order they appear. With this in mind, the %d validates that digits are being placed in that position of the string. The %s does the same, but validating that the provided data is a string.

The above example doesn’t interact with a database, so I’ll provide another that does:
$sql_text = sprintf(“SELECT * FROM tbl_users where username = ‘%s’ AND user_id = %d;”, $_POST);
The above $sql_text variable replaces the %s and %d with the corresponding values in the value list. So there are the basics of the Sprintf() function.

The above illustrates the data validation part of protecting the database. The following will briefly provide instruction on how to sanitize the database. For the purpose of the following examples, we’ll assume your using MySQL. PHP offers a variety of sanitization methods based on the database technology being used.

mysql_real_escape_string() escapes the MySQL reserved characters, such as apostrophes, quotes, @, etc. For example:

User types:That’s great, he said, “This is a good example.”

When the above is sent to a MySQL database, the apostrophe or quotes could cause MySQL errors. It’s important that we escape the reserved characters to allow it to be entered into the database as the user typed it. The above example would be replaced as follows:
User types: That’s great, he said, “This is a good example.”
$user_data = $_POST; (we are assuming that user_text is the name of the user populated form field)
$safe_data = mysql_real_escape_string($user_data);

echo($safe_data); // displays: That\’s great, he said, \”This is a good example.\”
The backslashes protect the database to prevent malicious or unintentional database errors related to user provided input. If you put bothof the security measures in place, you substantially improve the stability of your database and the security of your data. Lastly, I’ve provided an example utilizing both methods:
$user_data = $_POST;
$safe_data = mysql_real_escape_string($user_data);
$note_id = $_GET; // we’ll assume the value of id in the url is 4
$sql_statement = sprintf(“UPDATE tbl_notes SET body = ‘%s’ where id = %d;”, $safe_data, $note_id);
echo($sql_statement); // displays: UPDATE tbl_notes SET body = ‘That\’s great, he said, \”This is a good example.\’ where id = 4;
Again, by no means is this article intended to be all-inclusive of database security but is a great addition to any website to improve stability. Hopefully, this will help to better secure some of the websites out there. If you have any questions or additional suggestions, feel free to leave a reply.

So as I’ve mentioned in many of my other posts, I’ve been using linux for the last couple of years. I’ve found that there are a number of editors available and everybody has their own preference. Ultimately, the best editor depends on what your goals are for the editor. It’s hard to get ahold of the complete package with an open-source solution. Especially, if you want something you can open and use immediately, without much of a tutorial.

I primarily use these editors for PHP, ColdFusion, Ruby on Rails, Javascript, SQL, HTML and CSS.

I have used the following editors, so I’ll cover my experiences with them briefly.

I’m looking for frequently run into issues or questions to write posts that will help others that are either learning or are having problems. Do you have a topic that might help others? Leave a comment. I’ll even give you credit for the suggestion. The community has offered many resources to us as developers, and I’m happy to return the favor. Let’s see if we can’t help others too.

Do you have quite a bit of experience with technical issues, but haven’t quite found the forum to help others? Register and leave a comment, I’ll email you directly with more information.