Must have htaccess file for every website

I have come across some client websites which do not have the proper rules in place and due to this their websites are exposed to attacks from hackers. I have put together a basic htaccess file what each website must have from security and SEO point of view. Of course this may not be suitable for every website as each one may have it’s own specific requirements however the one below will get the basic job done.

You are welcome to provide further additions to the one below.

# Disallows directory browsing
Options -Indexes

Options +FollowSymLinks

# Telling Apache which page to render when some one browses the home page
DirectoryIndex index.php

# Telling Apache where to send the visitor upon a 404 page
ErrorDocument 404 /404.php

RewriteEngine On
RewriteBase /

# Disallows htaccess to visitors
RewriteRule ^\.htaccess$ - [F]

# Redirects non-WWW URLs to www URLs
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

How to offer discounts and coupons to customers using Facebook Like

I have come across some businesses offering discounts, offers, video downloads, documents etc. to users on Facebook and in return they ask them to simply Like their page. This is quite a good idea as it helps them to attract leads/sales from Facebook and it serves as an additional revenue generation model apart from search engines.

Take for example the following application on Facebook for a UK based retailer

They are offering discounts to Facebook users who Like the above URL. Once you click on
the Like button on the top right the page will display the discount code which customers
can then use to get discount on their purchase.

I was fascinated by this and was curious to know more about how they were doing it as
store owners would definitely benefit from this. I set about creating an application and
after it was done I tried using the FB.Event.subscribe method which was being advocated
by everyone to use to track the click event on the Like button. Though they were correct,
this was working only when the Like button was embedded on the actual page but was not
working in the above case.

I then tried to check whether any thing was being passed to my application from Facebook
and sure enough a signed_request variable was being sent but it was sending a long
alphanumeric string. I sensed that this was encrypted so I Googled and found a method to
decrypt the string.

$signed_request = $_REQUEST["signed_request"];
list($encoded_sig, $payload) = explode('.', $signed_request, 2); 
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

When I dumped the $data variable it printed out the complete array and displayed it as follows:

    [algorithm] => HMAC-SHA256
    [issued_at] => 1353404943
    [page] => Array
            [id] => 
            [liked] => 
            [admin] => 

    [user] => Array
            [country] => pk
            [locale] => en_US
            [age] => Array
                    [min] => 0
                    [max] => 12



From above we can check for the value returned in $data[‘page’][‘liked’]. If it’s 1 then
the page is liked by the user other wise the page is not liked.

In this way you can display two different pages to the Facebook user depending on their

Hopefully this would have helped any one facing problem while implementing this.

Please contact me if you still face any issues and I will try my best to help you.

List of test credit card numbers for Sage Pay

If you are using Sage Pay Form and wish to test whether the integration is working correctly or not you can use the following test credit card numbers for placing orders.

Visa (VISA)

MasterCard (MC)

Visa Debit / Delta (DELTA)

Solo (SOLO)
Issue 1

UK Maestro / International Maestro (MAESTRO)
Issue 01

American Express (AMEX)

Visa Electron (UKE)

Please enter a future credit card expiry date.

Integrate Zen Cart store to eBay with eBay Zen Cart module

Store owners who use Zen Cart for running their stores on the web can now enjoy the luxury of listing, revising and de-listing products on eBay all from their Zen Cart admin panel. Gone are the days when you needed to add products twice (one in each Zen Cart and eBay) and then constantly worry that you do not oversell an item on eBay if the stock inventory has exhausted for that product.

In short, you will need to list your products once and earn forever*.

This facility is tried and tested and running in production environments on Zen Cart stores based in the USA and UK and clients have been more than happy with the results.

You will be able to do the following when you use this module

1. List/revise/delist items on eBay from your Zen Cart admin panel.
2. Maintain separate product title, product price and product description fields for your products on eBay in your Zen Cart Add/Edit product page.
3. Automatic download of orders from eBay to your Zen Cart orders listing page.
4. Automatic creation of customer accounts on your Zen Cart website as soon as order is downloaded from eBay.
5. Automatic synchronization of product stock and price on your eBay store with the price in your Zen Cart store.

Please see attached snap shot for more detail

List/revise/delist items on eBay from your Zen Cart admin panel

eBay order downloaded to your Zen Cart orders listing page

If you would like to have more information regarding this then please contact me today and I will be more than happy to help you out.

* As long as you have inventory for that product -:)

Too many cookies is never a good thing

We all know websites store cookies so that they can identify the visitor, his preferences, his shopping behavior and so on. These cookies are stored on the visitor’s browser and websites read these cookies to determine visitor information. Nearly every other website stores cookies on the visitor’s browser. Due to this reason browsers place a limit on how many cookies they can store. This limit is not uniform across all browsers. Web servers too have a limit on how much information they can process. Cookies are sent in the header request to the web server and the web server reads it from there and continues to act based on that information. However web servers place a limit on the size of the header that is being sent to it and if the size of the header increases than the maximum limit then you will receive the following error message on the web page.

400 – Bad Request
Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.

If you ever face this issue then you simply need to clear your browser cookies and re-try. Chances are it will work after that.

You can increase the limit of the header size at the web server level however most people don’t need this.

Recursion example using PHP

Recursion is a data structure by which a function is called several times till the condition which calls the function becomes true. I have seldom used it while coding but I would like to show you one particular instance where I used it to display a category level structure in a drop down.

First you need to create the table in mySQL. I have named the table as categories for the purpose of this example. You can name it anything you like.

CREATE TABLE `categories` (
`categories_id` int(11) NOT NULL auto_increment,
`categories_name` varchar(64) default NULL,
`parent_id` int(11) NOT NULL default '0',
PRIMARY KEY (`categories_id`)


After that run the following INSERT queries which will create some sample data for this table

insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (65,'Top Level 1',0);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (66,'Top Level 2',0);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (67,'Sub Level 1-1',65);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (68,'Sub Level 2-1',66);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (69,'Sub Level 2-2',66);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (70,'Top Level 3',0);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (71,'Sub Level 3-1',70);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (72,'Top Level 4',0);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (73,'Top Level 5',0);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (74,'Sub Level 2-3',66);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (75,'Sub Level 3-1-1',71);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (76,'Sub Level 2-2-1',69);
insert into `categories` (`categories_id`,`categories_name`,`parent_id`) values (77,'Sub Level 2-2-1-1',76);

Finally you need to create a PHP script and enter the following bit of code to it.

// open the database connection

function get_rec($parent, $strCategory) {
$sql = "select * from categories where parent_id = ". $parent;
$rs1 = mysql_query($sql) or die(mysql_error());
$num1 = mysql_num_rows($rs1);

if ($num1 != 0) {
while ($data1 = mysql_fetch_object($rs1)) {
$strTempCategory = $strCategory ." -> " . $data1->categories_name;
echo "<option value=". $data1->categories_id .">". $strTempCategory ."</option>";
if (get_rec($data1->categories_id, $strTempCategory) == "") {
else {
return "";
<select name="cboCategory" size="1">
<option value="0">Select</option>
$sql_cat="select * from categories where parent_id = 0 order by categories_name asc";
$result_cat = mysql_query($sql_cat) or die (mysql_error());
while ($data_cat = mysql_fetch_object($result_cat)) {
echo "<option value='".$data_cat->categories_id."'>".$data_cat->categories_name ."</option>";
echo get_rec($data_cat->categories_id, $data_cat->categories_name);

Save the PHP file and run it. You should be able to view a drop down on the web page which will show the data you have just inserted in a tree view.

For ease I have provided the complete PHP code as well as the SQL file which you can then run and test on your computer.

Download the PHP Recursion Example by Adeel Sarfraz

Increase sales conversion with relevant product search results

Website conversion has always been important for website owners as they look for ROI on their investment. Rightly so as they spend thousands on developing a website and they expect a financial return so they could cover up their costs. They invest on a slick design, catchy graphics and nice behaviors which should attract any visitor who visits their website. Most of the time this logic works and it does keep the visitor on the website and the longer the visitor is on the website the more chances of conversion.

This logic however fails if the visitor is not able to find what he is looking for. Why?

If you have a website which sells products or in other words an e-commerce website then it is very important that your Site search (this is the search box on your website) facility provides targeted results. Most websites are being developed on some type of framework these days and due to this the problem is wide spread. Website owners have come across comments from several potential customers complaining that they were not able to find a specific product on the website even though that product existed on the website.

After investigation it was found that:

  1. Site search provided results which were not entirely related to the product that was actually being searched for by the visitor.
  2. Actual product searched was found to be way down in the search results where in fact it should have been at the top.
  3. In some cases even entering the actual product name did not provide any result and visitor was asked to search again for that product.

One can see how frustrating this can be to the visitor. You can liken the above to the following example

Suppose you need to buy a pair of jeans. You go to a departmental store. You give your query to the sales representative and expect him to show you the products you are interested in. If the sales representative starts to show you shirts or trousers instead of jeans would you not be frustrated? How about you ask for a specific brand jeans and he instead shows you jeans of some other brands? How would you feel if you ask for your favorite jeans and he says that they don’t have it even though you can see that they do?

You would most probably think that the store doesn’t want to make money and you would most probably not return to that store in the near future.

Seeing how important search is website owners need to check the site search results to make sure that they don’t lose a customer.

If you are owner of a website where the site search is not giving the right results then let me know and I can help you to sort it out.

Impact of EU Cookie Directive on your website

The EU passed a law over a year back which required website owners based in the EU to notify visitors that they are using cookies on their website.

Cookies are basically text files stored on the visitor’s browser. Websites use these cookies to identify visitors. Sometimes they use them to store visitor information that may be further used to identify visitor likes and dislikes with out the visitor himself knowing what is being saved on his browser.

The EU cookie law wants website owners to inform their visitors whether they are using cookies on their website or not and if they are using cookies then what type of information are they storing on them. The law also requires the website owners to inform whether the visitor information they are storing in cookies would be made available to 3rd party marketing companies or not.

Visitors can then make an informed decision on whether to continue browsing the website or not once they know what type of information is being saved and how it’s going to be used.

If you are based in the EU and have a website then I can audit your website for free. Feel free to contact me for cookie review of your website.

Wish happy birthday to your customers from Zen Cart

Zen Cart by default requests a customer to enter his/her date of birth during registration. This is optional of course and can be removed from the Zen Cart admin panel. However one can make good use of this to regularly wish their customers a happy birthday thereby keeping in touch with them.

I have developed a script which will send a birthday wish to the customer when their birth date comes along. You will need to setup a cron job on your hosting server to run the script each day. You are also free to make changes to the script according to your needs.

Here is the Zen Cart birthday script and hope it helps some one.

Remember to copy it to your root folder and then setup a cron job to execute it daily.

How to get the customer email address in Magento

I was recently working on a payment module for Magento and I needed to fetch the customer email address to submit it along with the other payment details.

I found a method by which I could get the email of the customer who was already registered on the website and was shopping after logging in with his/her details.

$cusemail = Mage::getSingleton('customer/session')->getCustomer()->getEmail();

However the above line returned empty in case of a first time customer. So I modified the code as follows

$cusemail = Mage::getSingleton('customer/session')->getCustomer()->getEmail();

if (strlen($cusemail) > 0) {
	// Do nothing
else {
	//Get the current order details in a $order variable and fetch the customer email from there 
	$cusemail = $order['customer_email'];	

Hope the above helped.