Author Archives: invtr

Javascript notes

Some notes for me to refer and remind myself

unlike PHP, a variable must be declared first before been assigned. or it can be declared and assigned at the same time
var myVar = 1;

to get string length:
stringLength = aString.length;

to get nth letter in a string
letter = aString[aString.length-1] // get the last letter

array in javascript. array can also contains array as element
myArray = [“this is string”, 200, true, [“Bulls”, 23]];

use .push() to push element to an array. .pop() to remove last element. .shift() to remove first element and return the element (can assign to a variable)
myArray.push(“another element”);
deletedLastElement = myArray.pop();

List of Javascript built-in objects

Using Divi on cPanel share hosting

Download Divi.zip from Divi member page

Install a wordpress using softaculous

Go to Appearance > Themes > Add New > Upload Theme

Choose Divi.zip and click on “Install Now”

If error ““The link you followed has expired.” is displayed, go to cPanel > MultiPHP INI Editor. Change “post_max_size” and “upload_max_filesize” to bigger than Divi.zip file size (e.g. 15MB)

How to manage to do lists

You prepare a to do list to make sure you get things down. End up you have too many items in the list and none gets done.

So now you have to manage the to do list.

Instead of one to do list with lots of items on it. Make 3 lists.

1. List with important and urgent items to do. Must finish it TODAY

2. List with important but not urgent items. Must do but still can wait to finish it. You still have time to plan and do.

3. List with the rest of items. Where you mix all other items in this list. You can then remove any items because they are not important after some time, or you can move items to list number 2 or number 1

Mistakes by startups

  1. Not talking to real customers for features. Too many assumptions made or talk to wrong audiences
  2. Underprice the solutions. Good to start to enter the market, but must adjust quickly
  3. Slow in making sales, do follow ups and other sales and marketing activities. Focus too much on technical and worry too much customers can’t accept what they have
  4. Not focusing on cash flow and fund raising enough. For SaaS the revenue is very slow at start.

Unit apartment untuk dijual di Sri Palma Villa Mantin (owner)

Rumah untuk dijual Sri Palma Villa, Mantin, Negeri Sembilan (direct owner)

  • Blok 1, Tingkat 9
  • Bedroom: 3
  • Bathroom: 3
  • Built Up: ~1000 sqft
  • Price: RM110k cash/140 installment (nego/offer your price)
  • Maintenance: RM130/month
  • Telah habis bayaran loan bank

Kelebihan rumah

  • Dilengkapi table top
  • Rumah dijaga dengan baik
  • Sebab jual – tinggal di rumah lain dan sukar untuk maintain kerana tinggal jauh

Kelebihan Taman

  • Suasana yang tenang dan selamat
  • Kemudahan kolam renang, bbq pit, dewan di club house
  • Kawalan keselamatan 24 jam
  • Surau dalam taman. Boleh jalan kaki
  • Kemudahan kedai runcit, kedai makan di blok dan club house
  • Taman permainan dan court
  • Akses mudah berhampiran jalan besar
  • Berhampiran kolej

Akses

  • Bandar Mantin
  • Bandar Nilai
  • Akses highway LEKAS (Tol Pajam)
  • Akses highway PLUS (Tol Nilai)
  • KLCC
  • Seremban
  • KLIA

Berminat atau ada sebarang pertanyaan boleh hubungi

Azwan 012-2815182 (prefer whatsapp)

kolam renang
Security 24 jam
Play ground
Bilik 1 (attached bath room)
Bilik 2
Bilik 3 (attached bath room)
Ruang Tamu
Ruang makan
Dapur

Securing web application

Below are things to do to secure your web application

  1. Database user user for the system can only has access to insert, select, update, delete. Not other datase utilities like drop, create etc.
  2. Use recaptcha if wrong login attempt exceeds x times
  3. Never display id on url, use hashed id instead – checkout hashids.org
  4. Always check a user can’t view, access or update any data not belong to him/her. Especially on multi-tenant system
  5. Force at least 8 character length for user password. Better to include numbers, capital letters and special symbols
  6. If use cookies, make sure don’t save sensitive data and always save something that is encrypted that need to be decrypted by server in order to use. For example, for a remember me cookie, use user IP plus the username to construct the an encrypted “token” to be stored in cookie.
  7. Check again input at the back end even it has been check on front-end using javascript
  8. Make the 2-FA (2 factor authentication) available for user to choose
  9. Use SSL/HTTPS
  10. Always use production-standard settings. Not development-standard settings. For example, never display detail errors to the users such as sql error that show table and fields.
  11. Give developers/admins different username and access to what they can only do

Prevent form submitted twice

Sometimes there is issue we got double records in the database due to the form submitted twice.

Here is the way how to prevent it. A simple way

session_start();    
if (!$_SESSION['post_data'] == $_POST)
{
// process the data
// after success process, set the session to post value
    $_SESSION['post_data'] = $_POST;
}
else
{
// display a message that the form already submitted. 
}