Friday, October 19, 2012

create wsdl for sending email using soap and php

create simple wsdk webservice using php
--------------------------create wsdl using my code simple php --------------------------------------------
//step 1 create index.php
// Author by bikash ranajn nayak

$server = new nusoap_server;

$server->configureWSDL('server', 'urn:server');

$server->wsdl->schemaTargetNamespace = 'urn:server';
'To' => array('name' => 'ToEmailid','type' => 'xsd:int'),
'From' => array('name' => 'FromEmailid','type' => 'xsd:string'),
'Subject' => array('name' => 'Subject','type' => 'xsd:string'),
'Message' => array('name' => 'MessageBody','type' => 'xsd:string')


            array('servicebybikash' => 'xsd:string'),   
            array('return' => 'xsd:string'),

function Emailsend($to,$from,$subject,$messagebody)

$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
  return true;
return false;



-----------call wsdl index.php service using  php soap------------------------------------

 create a page call the wsdl service using php

 *   auther by bikash
 *    Client sample.
 *    Service: SOAP endpoint
 *    Payload: rpc/encoded
 *    Transport: http
 *    Authentication: none
$client = new soapclient('');
$htmldbody="<h1>helow bikash kese ho</h1>";
'','helo i shamaim',$htmldbody));
      echo "Fault: <p>Code: {$client->faultcode}<br>";
      echo "String: {$client->faultstring}";
   echo '<pre>' . htmlspecialchars($client->return, ENT_QUOTES) . '</pre>';
    echo "success fully sent mail";


json return using soap server and soap client using php

How to get JSON response from SOAP Call in PHP
copy soap_server page like (index.php);

$server = new nusoap_server;

$server->configureWSDL('server', 'urn:server');

$server->wsdl->schemaTargetNamespace = 'urn:server';

            array('name' => 'xsd:string'),       
            array('return' => 'xsd:string'),

function getrequest($value,$address)
   return json_encode($getval);


create soap client page (get json data form soap)getdata.php
$client = new soapclient('');

      echo "Fault: <p>Code: {$client->faultcode}<br>";
      echo "String: {$client->faultstring}";
    echo $res;

how to create nusoap_server and nusoap_client implemention using php

1st-> download nusoap class library 
2nd->create wsdl function "getrequest()" using below code
your WSDL url could be (

$server = new nusoap_server;

$server->configureWSDL('server', 'urn:server');

$server->wsdl->schemaTargetNamespace = 'urn:server';

            array('value' => 'xsd:string'),
            array('return' => 'xsd:string'),

function getrequest($value){

     return "well come  bikash";
       return "not bikash";


------------------------------end nusoap server-------------------------------------------------------

3rd-> call  the wsdl what you create

create nusoapcallwsdl.php
past below my code

$client = new soapclient('');


Wednesday, October 17, 2012

how to get post image from attached using id in wordpress

how to get post image in wordpress 
how to  get attached id through post id in worpress

$args = array(
    'numberposts' => 1,
    'order'=> 'DESC',
    'post_mime_type' => 'image',
    'post_parent' =>$post->id,
    'post_type' => 'attachment'

$get_children_array = get_children($args,ARRAY_A);  //returns Array ( [$image_ID]...
$rekeyed_array = array_values($get_children_array);
$child_image = $rekeyed_array[0];
echo '<img src="'.wp_get_attachment_thumb_url($child_image['ID']).'" class="current">';

using post id get image form post data wordpress

Monday, October 15, 2012

point to currency convert from payal to customer using php

point convert to currency to  paypal using php
$success = false;
if($task == 'pay' && $point && $user_points > $point && $mail != '' && $point >= 1000)
    $environment = 'live';    // or 'beta-sandbox' or 'live'
    function PPHttpPost($methodName_, $nvpStr_) {
        global $environment, $setting;
        $API_UserName = urlencode($setting['setting_paypal_api_user']);
        $API_Password = urlencode($setting['setting_paypal_api_pass']);
        $API_Signature = urlencode($setting['setting_paypal_api_sign']);
        $API_Endpoint = "";
        if("sandbox" === $environment || "beta-sandbox" === $environment) {
            $API_Endpoint = "https://api-3t.$";
        $version = urlencode('51.0');
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
        curl_setopt($ch, CURLOPT_VERBOSE, 1);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_POST, 1);
        $nvpreq = "METHOD=$methodName_&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";
        curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
        $httpResponse = curl_exec($ch);
        if(!$httpResponse) {
            exit("$methodName_ failed: ".curl_error($ch).'('.curl_errno($ch).')');
        $httpResponseAr = explode("&", $httpResponse);
        $httpParsedResponseAr = array();
        foreach ($httpResponseAr as $i => $value) {
            $tmpAr = explode("=", $value);
            if(sizeof($tmpAr) > 1) {
                $httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
        if((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr)) {
            exit("Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.");
        return $httpParsedResponseAr;
    $emailSubject =urlencode($setting['setting_paypal_api_user']);
    $receiverType = urlencode('EmailAddress');
    $currency = urlencode('USD');
    $receiverEmail = urlencode($mail);
    $amount = urlencode($point / 100);
    $uniqueID = urlencode($user->user_info['user_id']);
    $note = urlencode('note');
    $nvpStr .= "&L_EMAIL0=$receiverEmail&L_Amt0=$amount&L_UNIQUEID0=$uniqueID&L_NOTE0=$note";
    $httpParsedResponseAr = PPHttpPost('MassPay', $nvpStr);
    if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) {
        $success = true;
        $cash = ($point / 100);
        $msg = "You have successfully exchanged $point points for $$cash!";
          userpoints_deduct($user->user_info['user_id'], $point);
        $database->database_query("INSERT INTO `ememo_socialdb`.`se_redeem_points` (`redeem_id`, `redeem_user`, `redeem_points`, `redeem_cash`, `redeem_date`) VALUES (NULL, '{$user->user_info[user_id]}', '$point', '$cash', UNIX_TIMESTAMP());");
    } else  {
        $success = true;
        $msg = 'Enter valid transaction information';
elseif($task == 'pay' && $user_points < $point)
    $success = true;
    $msg = 'You don\'t have enough points';

elseif($task == 'pay' && $point < 1000)
    $success = true;
    $msg = '1000 points is the minimal amount to redeem';

elseif($task == 'pay' && $mail == '')
    $success = true;
    $msg = 'Enter a valid PayPal e-mail address';


Wednesday, October 10, 2012

how to encode and decode html tag using php

how to encode and decode html tag using php
you can encode using ->

you can decoe using

Tuesday, October 9, 2012

how to remove html tag in a string using php

    $input = "<div id='bikash'><b>this is the html tag remove in php</b></div><strong>me use for html you do nt use</strong>";

   echo  $b = strip_tags($input, "<strong><em>");

Saturday, October 6, 2012

how to add new custom field virtuemart product category fields in joomla administrator

how to add new field from category virtuemart joomla
execute query for add new category fields
1stp->   ALTER TABLE `jos_vm_category` ADD ` cat_wholesaler` VARCHAR( 1 ) NOT NULL DEFAULT 'N' AFTER `products_per_row` ;

2stp-> GO TO D:\xampp\htdocs\mil-bar\administrator\components\com_virtuemart\html\product.product_category_form.php open
add your field in product.product_category_form.php

      if ($db->sf("cat_wholesaler")=="Y")
          echo "<input type=\"checkbox\" name=\"accesscat\" value=\"Y\" checked=\"checked\" />";
          echo "<input type=\"checkbox\" name=\"accesscat\" value=\"Y\" />";

2stp->  administrator/components/com_virtuemart/classes/ps_product_category.php in (function add( &$d ))

a. first get new field value for insert paste below code line 253

      if (vmGet($d,'accesscat')==''){

$fields = array('vendor_id' => $ps_vendor_id,
    'category_name' => vmGet( $d, 'category_name' ),
    'category_publish' => vmGet( $d, 'category_publish' ),
    'category_description' => vmGet( $d, 'category_description', '',VMREQUEST_ALLOWHTML ),
        'category_browsepage' => vmGet( $d, 'category_browsepage' ),
    'products_per_row' => vmRequest::getInt( 'products_per_row' ),
    'category_flypage' => vmGet( $d, 'category_flypage' ),
    'category_thumb_image' => vmGet( $d, 'category_thumb_image' ),
    'category_full_image' => vmGet( $d, 'category_full_image' ),
    'cdate' => $timestamp,
    'mdate' => $timestamp,
    'list_order' => $list_order,

b. for update field value from database same page line  315(function update(&$d))

                       if (vmGet($d,'accesscat')=='')

$fields = array('category_name' => vmGet( $d, 'category_name' ),
           'category_publish' => vmGet( $d, 'category_publish' ),
           'category_description' => vmGet( $d, 'category_description', '',VMREQUEST_ALLOWHTML ),
       'category_browsepage' => vmGet( $d, 'category_browsepage' ),
                                        'products_per_row' => vmRequest::getInt( 'products_per_row' ),
                                        'cat_wholesaler'=> $waccess,
                                        'category_flypage' => vmGet( $d, 'category_flypage' ),
                                        'category_thumb_image' => vmGet( $d, 'category_thumb_image' ),
                                        'category_full_image' => vmGet( $d, 'category_full_image' ),
                                        'mdate' => $timestamp,
                                        'list_order' => vmRequest::getInt('list_order'),

lastly enloy your custom field has been added you can insert value and update successfully in virtuemart

Thursday, October 4, 2012

How to prevent mysql injection in Php before it is submitted

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.

 This is the important bit, we take the $username and $password variables that we just filled with data, and we use the function mysql_real_escape_string
on it, what this does is remove and characters that should not be in there, it actually does the same job as stripslashes() apart from this is the correct
method used for MYSQL Databases.

The rest of the code is pretty much self explanatory, after we have checked all the data and made it A-Z characters, we then perform the mysql
query on the database and then we just check the returned information with a series of IF statement, these are all very self explanatory.

This concludes this article, for more information on this subject, checkout this website is filled with information on everything php.

Use prepared statements and parameterized queries. These are SQL statements that are sent to and parsed by the database server separately from any parameters. This way it is impossible for an attacker to inject malicious SQL.
You basically have two options to achieve this:
  1. Using PDO:
    $stmt = $pdo->prepare('SELECT * FROM employees WHERE name = :name');
    $stmt->execute(array(':name' => $name));
    foreach ($stmt as $row) {
        // do something with $row
  2. Using mysqli:
    $stmt = $dbConnection->prepare('SELECT * FROM employees WHERE name = ?');
    $stmt->bind_param('s', $name);
    $result = $stmt->get_result();
    while ($row = $result->fetch_assoc()) {
        // do something with $row


Note that when using PDO to access a MySQL database real prepared statements are not used by default. To fix this you have to disable the emulation of prepared statements. An example of creating a connection using PDO is:
$dbConnection = new PDO('mysql:dbname=dbtest;host=;charset=utf8', 'user', 'pass');

$dbConnection->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$dbConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
In the above example the error mode isn't strictly necessary, but it is advised to add it. This way the script will not stop with a Fatal Error when something goes wrong. And gives the developer the chance to catch any error(s) (which are throwed as PDOExceptions.
What is mandatory however is the setAttribute() line, which tells PDO to disable emulated prepared statements and use real prepared statements. This makes sure the statement and the values aren't parsed by PHP before sending it the the MySQL server (giving a possible attacker no chance to inject malicious SQL).
Although you can set the charset in the options of the constructor it's important to note that 'older' versions of PHP (< 5.3.6) silently ignored the charset parameter in the DSN.


What happens is that the SQL statement you pass to prepare is parsed and compiled by the database server. By specifying parameters (either a ? or a named parameter like :name in the example above) you tell the database engine where you want to filter on. Then when you call execute the prepared statement is combined with the parameter values you specify.
The important thing here is that the parameter values are combined with the compiled statement, not a SQL string. SQL injection works by tricking the script into including malicious strings when it creates SQL to send to the database. So by sending the actual SQL separately from the parameters you limit the risk of ending up with something you didn't intend. Any parameters you send when using a prepared statement will just be treated as strings (although the database engine may do some optimization so parameters may end up as numbers too, of course). In the example above, if the $name variable contains 'Sarah'; DELETE * FROM employees the result would simply be a search for the string "'Sarah'; DELETE * FROM employees", and you will not end up with an empty table.
Another benefit with using prepared statements is that if you execute the same statement many times in the same session it will only be parsed and compiled once, giving you some speed gains.
Oh, and since you asked about how to do it for an insert, here's an example (using PDO):
$preparedStatement = $db->prepare('INSERT INTO table (column) VALUES (:column)');

$preparedStatement->execute(array(':column' => $unsafeValue));


MySQL & PHP Code:

// a good user's name
$name = "timmy"; 
$query = "SELECT * FROM customers WHERE username = '$name'";
echo "Normal: " . $query . "<br />";

// user input that uses SQL Injection
$name_bad = "' OR 1'"; 

// our MySQL query builder, however, not a very safe one
$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";

// display what the new query will look like, with injection
echo "Injection: " . $query_bad; 


Normal: SELECT * FROM customers WHERE username = 'timmy'
Injection: SELECT * FROM customers WHERE username = '' OR 1'' 

MySQL & PHP Code:

//NOTE: you must be connected to the database to use this function!
// connect to MySQL

$name_bad = "' OR 1'"; 

$name_bad = mysql_real_escape_string($name_bad);

$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";
echo "Escaped Bad Injection: <br />" . $query_bad . "<br />";

$name_evil = "'; DELETE FROM customers WHERE 1 or username = '"; 

$name_evil = mysql_real_escape_string($name_evil);

$query_evil = "SELECT * FROM customers WHERE username = '$name_evil'";
echo "Escaped Evil Injection: <br />" . $query_evil;


Escaped Bad Injection:
SELECT * FROM customers WHERE username = '\' OR 1\''
Escaped Evil Injection:
SELECT * FROM customers WHERE username = '\'; DELETE FROM customers WHERE 1 or username = \''

prime number using for loop in php

php using prime number program
// you can check instead if($i==$j)
echo $i.",";

what is main difference between php4 and php5

PHP5 introduces many new features, I have mentioned some of them:

Unified Constructors and Destructors:
In PHP4, constructors had same name as the class name. In PHP5, you have to name your constructors as  __construct() and  destructors as __destruct().

In PHP5 you can declare a class as Abstract.

Startic Methods and properties:
Static methods and properties are also available. When you declare a class member as static, then you can access members using :: operator without  creating an instance of class.

PHP5 introduces a special function called __autoload()

PHP5 allows you to declare a class or method as Final 

Magic Methods
PHP5 introduces a number of magic methods.
__call, __get, __set and __toString

In PHP5, There are 3 levels of visibilities:
    Public: Methods are accessible to everyone including objects outside the classes.
    Private: only available to the class itself.
    Protected: accessible to the class itself and inherited class.

PHP5 has introduced ‘exceptions’(exception errors)

Passed by reference
In PHP4, everything was passed by value, including objects. Whereas in PHP5, all objects are passed by reference.

PHP5 introduces interfaces . An interface defines the methods a class must implement. All the methods defined in an interface must be public.

E_STRICT Error Level
PHP5 introduces new error level defined as ‘E_STRICT’
E_STRICT will notify you when you use depreciated code.

PHP5 also introduces new default extensions.

  •     SimpleXML: for easy processing of XML data
  •     DOM and XSL
  •     PDO .
  •     Hash :gives you access to a ton of hash functions.
New Functions
PHP5 introduces new functions. You can get a list of them from the PHP Manual.

PHP5 is a lot different than PHP4. With the vastly improved Object Oriented model in PHP5, PHP is now a lot closer to a fully fledged object orientated programming language and looks more like ASP.NET now. Here are 10 major differences between PHP4 and PHP5 that you need to know:
1. Unified Constructors and Destructors:
In PHP4, constructors had same name as the class name. This used to cause overhead because every time you changed the class name, you had to change all the occurrences of that name.
In PHP5, you simply need to name your constructors as __construct(). (the word ‘construct’ prefixed by double underscores). Similarly you can name your destructors as __destruct(). (the word ‘destruct’ prefixed by double underscores.) In destructors, you can write code that will get executed when the object is destroyed.
2. Abstract Class:
PHP5 lets you declare a class as ‘Abstract’. (i.e. a class whose object cannot be created. You can only extend an abstract class) Also, a class must be defined as abstract if it contains any abstract methods. And those abstract methods must be defined within the class which extend that abstract class. You can include complete method definitions within the abstract methods of abstract class.
3. Final Keyword:
PHP5 allows you to declare a class or method as ‘Final’ now. You just need to use ‘final’ keyword that will indicate that the class cannot be inherited or the method cannot be overridden.
4. Exception Handling:
PHP5 has introduced ‘exceptions’. An exception is simply a kind of error and the ‘exception error’ can be handled in an exception object. By using an exception, one can gain more control over the simple trigger_error notices we were stuck with before.
When you are about to perform something ‘risky’ in your code, you can surround your code with a ‘try…catch’ block. First you surround your code in a ‘try {…….}’ block, then if an exception is thrown, your following ‘catch{……}’ block is there to intercept the error and handle it accordingly. You can write some PHP code in your ‘catch’ block which will get executed when an error occurs in the ‘try’ block. If there is no ‘catch’ block, a fatal error occurs.
5. E_STRICT Error Level:
PHP5 introduces new error level defined as ‘E_STRICT’ (value 2048). This error levels notifies you when you use depreciated PHP code. It is not included in E_ALL, if you wish to use this new level you must specify it explicitly.
6. Autoloading (the __autoload() function):
PHP5 introduces a special function called ‘__autoload()’ (the word ‘autoload’ prefixed by double underscores). This function allows you to avoid writing a long list of includes at the top of your script by defining them inside this function. So you can automatically load object files when PHP encounters a class that hasn’t been defined yet.
function __autoload ($class_name) {
include $class_name . '.php';
7. Visibility:
In PHP5, class methods and properties now have ‘visibility’. There are 3 levels of visibilities:
Public: ‘Public’ is the most visible. Methods are accessible to everyone including objects outside the classes. And properties readable and writable by everyone including objects outside the classes.
Private: ‘Private’ makes class members only available to the class itself.
Protected: ‘Protected’ makes class members accessible to the class itself and any inherited class (subclass) as well as any parent classes.
PHP4′s method of declaring a variable as ‘var’ keyword is still supported in PHP5. The ‘var’ keyword is now a synonym for the ‘public’ keyword now.
8. Pass by Reference:
In PHP4, everything was passed by value, including objects. Whereas in PHP5, all objects are passed by reference. Take a look at this PHP4 code for example -
$peter = new Person();
$peter->sex = ’male’;
$maria = $peter;
$maria->sex = ’female’;
echo $peter->sex; // This will output ‘female’
As you can see in the code above, if you wanted to duplicate an object in PHP4, you simply copied it by assigning it to another variable (Pass by value). But now in PHP5 you must use the new ‘clone’ keyword. So the above PHP4 code, will now look like this in PHP5 -
$peter = new Person();
$maria = new Person();
$peter->sex = ’male’;
$maria = clone $peter;
$maria->sex = ’female’;
echo $peter->sex; // This will output ‘female’
9. Interfaces:
PHP5 introduces ‘interfaces’ . An interface defines the methods a class must implement. All the methods defined in an interface must be public. An interface helps you design common APIs. It is not designed as a blueprint for classes, but just a way to standardize a common API. A big advantage of using interfaces is that a class can implement any number of interfaces. You can still only ‘extend’ on parent class, but you can ‘implement’ an unlimited number of interfaces.
10. New Functions:
PHP5 introduces new functions which are not found in PHP4. You can find the list of these new functions in the PHP manual.

Difference between MySQL function and mysql procedure




What are the differences between stored procedure and functions in mysql

A FUNCTION is always returns a value using the return 
statement. A  PROCEDURE may return one or more values 
through parameters or may not return at all.
b. Functions are normally used for computations where as 
procedures are normally used for executing business logic.
c. A Function returns 1 value only. Procedure can return 
multiple values (max 1024).
d. Stored procedure returns always integer value by default 
zero. Whereas function returns type could be scalar or 
table or table values
e. Stored procedure is precompiled execution plan where as 
functions are not.
f. A function can call directly by SQL statement like 
select func_name from dual while procedure cannot.
g.Stored procedure has the security and reduces the network 
traffic and also we can call stored procedure in any no. of 
applications at a time.
h. A Function can be used in the SQL Queries while a 
procedure cannot be used in SQL queries .that cause a major 
difference b/w function and procedures.
Stored procedures are a set of actions already written and 
stored inside the database for acheiving a particular task 
where as functions are general database objects which are 
used for general purpose programming
there are 3 main differences between sp and function.
1 sp takes input,output parameters, function takes only 
input parameters.
2 temparary variables required to store return values of 
sp. in functions temparary variables will be optinale.
3 sp can not be called directly into DML statements , 
functions can be called directly into DML statements.
1. Functions can be used inline with a select statement 
while sprocs can't.

2. EXEC command can't be used inside a Function where it 
can be used inside an sproc.

Function :
1. Should return atleast one output parameter.Can return more than one parameter using OUT argument.
2. Parsed and compiled at runtime.
3.Cannot affect the state of database.
4.Can be invoked from SQL statement e.g. SELECT.
5. Functions are mainly used to compute values.
1. Doesn't need to return values, but can return value.
2.Stored as a pseudo-code in database i.e. compiled form.
3.Can affect the state of database using commit etc.
4.Cannnot be invoked from SQL statements e.g. SELECT.
5.Procedures are mainly used to process the tasks

difference between unset and unlink in php

unlink() is used to delete physical files...So lets say you have foo.txt somewhere on your server... unlink(foo.txt) would delete it. unset() is used to null out the value of a given variable. So for instance:

x = 200;

echo(x); // 200


echo(x); // null

The difference between the functions unlink and unset
unlink() is a function for file system handling.
It will simply delete the file in context.

Example for unlink() :

$fh = fopen('test.html', 'a');
fwrite($fh, '<h1>Hello world!</h1>');


unset() is a function for variable management.
It will make a variable undefined.

Unset () is used to destroy a variable in PHP. In can be used to remove a single variable, multiple variables, or an element from an array. It is phrased as Unset ($remove).
Also Known As: Unset Variable, Destroy Variable

Example for unset() :

// remove a single variable

// remove a single element in an array

// remove multiple variables
unset($a, $b, $c);

Wednesday, October 3, 2012

retrive frineds list from facebook and post wall easlly

1stp-> create app for your website from facebook

2stp->download facebook library class file and put your connection  information

3rd-> call facebook class object and pass for friend list

4rth->get your friends list from facebook
lastly you post wall to your friends wall