24 Jan

Moving from md5 towards a more secure hashing technique

Moving from md5 towards a more secure hashing technique

If you have an old website or a web application with some user-base and you have encrypted user passwords with md5, sha1, sha256, etc. With the knowledge about md5 or that, old hashing techniques been compromised with brute force attacks, collision attacks, etc., you are searching for a way to convert your hashing technique to something more secure like bcrypt or crypt_blowfish. This article talks about how to do that.

Read More

21 Jan

Developing “Keep Me Logged In” / “Remember me” / “Stay signed in”option

stay signed in

I recently had to develop above feature couple of times in past few weeks. I came across several issues while implementing this feature. Most of these issues did not have any thing do with the programming language I used (i.e. they are not implementation related issues) but had to do with the concept of development (i.e. design issues). As these are concept level issues, I can make this article more abstract and do not have to couple with a programming language I used (PHP). However will show some code segments in PHP + pseudo, which will be very basic and can be easily translated to any other language.

First, I must emphasize that this method is based on one basic idea. “DO NOT PUT USER DATA IN COOKIE”, even in encrypted format. If you are OK with putting some user data in the cookie, because you believe that encryption cannot be broken or the information is useless to an attacker, jump to the “Not Recommended but Easy Solution” section at the end of the article

Read More

16 Jan

[Highcharts] Shared tooltips only in overlapping points

Shared tooltips only in overlapping points

Hope you understand the basics of the Highcharts tooltips. Highcharts has a shared tooltip option but it will be shared on all points. What if you want to have a shared tooltip only when points are overlapping? There is no such an option in Highcharts to get a shared tooltip only when the points are overlapping.

Below I have shown a work-around to get a shared tooltip only when the points overlap (graphs intersect).

http://jsfiddle.net/Malinga/2jbdqe6x/7/

Read More

16 Dec

How to use tooltip shape feature in the highchart version 4

How to use highchart tooltip shape

This article is going to talk about the tooltip shape feature in the Highcharts version 4 (And what are the available values for shape parameter). In early Highcharts versions tooltip shape is always rectangular. With this new feature, user can choose between few shapes that are defined in Highcharts. At the same time user can add new paths to the collection as functions. I haven’t done it so not going to talk about custom shapes.

Available shapes

  • ‘circle’
  • ‘diamond’
  • ‘square’
  • ‘triangle’
  • ‘triangle-down’

Jsfiddle: http://jsfiddle.net/Malinga/oo2njkhs/2/ (try changing the shape value)

12 Jun

What to check after building a brand new website [New WebSite Checklist]

What to check after building a brand new website [New WebSite Checklist]

Once you have built a brand new site for anything, you might need to check on some general things that improve the site quality, maintainability and usability. As an example, did you place the author tag in your site (Google Rich Snippets )? Have you created a beautiful 404 page? Have you configured traffic analytical engine? You might forget some of these. Therefore, I decided to create a small checklist.

Tire One (If you forget these you might be in trouble)

  • You need to choose between www subdomain and bare domain (www.malinga.me vs. malinga.me). After deciding make sure, you build the other and redirected to your favorite domain.
  • Always test in all major browsers and screen resolutions
  • Always have a site search
  • Use readable (Human and SEO friendly) URLs
  • Verify your robots.txt and have a site map
  • Use security tools to assess any vulnerability (OWASP cheat sheet)

Read More

27 Feb

My First Post in Malinga.Me [.Com Vs .Me]

'Domain_ME' - domain_me

I always wanted to start a technical blog with my name. Unluckily .com version was not available. Therefore, I decided to go for another TLD. There I got to know that .me and .name are normally used for personal sites. I decided to go with a .me domain.

.me or .com

Main problem I had was whether to get a .me of my middle name (malinga) or go for a lengthy name with .com (malingaperera.com). After lot of research I got to know that .me don’t have any issue with Google ranking. There has been a problem in the early stages of the .me domain there was a issue with Google ranking. (dot)me is the Internet country code top-level domain (ccTLD) for Montenegro. So content in (dot)me sites tend to got higher rank in Montenegro but lower in other parts of the world. However now (dot)me is considered as a generic top level domain (gTLD). Simply, there is no difference between a .com site and .me site. Only issue is once your site is popular people might accidentally go to the .com site. With the arrival of new domain extensions people are getting use to other extensions.

Conclusion

I will write one more article about this later with first hand experience of .me domain. For now I recommend to use .me if .com is not available.