How do you call a constructor for a parent class?

Here is common question in PHP
class masterClass
{
function masterClass()
{
//…
}
}

class childClass extends parentClass
{
function childClass()
{
parent::masterClass();
// …
}
}

understanding of PHP serialize()

Hello All,

Glad to see you, Today I am going to write about serialize () in PHP, We often used it but still many of us need it 🙂

its better if I explain it using example

<?php
echo "Serialize";
echo "
“;
$test_array = array( “Laxman”, “Dev”, “Vimal” );
$string_serialized = serialize($test_array);
echo $string_serialized;
?>
Output will come something like given below.

a:3:{i:0;s:6:”Laxman”;i:1;s:3:”Dev”;i:2;s:5:”Vimal”;}

Here is explanation of output
A:3 : describe that its array with 3 elements
i:0;s:6:”Laxman”; : i:0 describe 0 index,s:6 describe string with 6 char length and after that its value “laxman” and terminated with semicolon and so on.

We can get original array using unserialize();

<?php

echo "Serialize";
echo "
“;
$test_array = array( “Laxman”, “Dev”, “Vimal” );
$string_serialized = serialize($test_array);
echo $string_serialized;
echo “
“;
echo “Unserialize”;
echo “
“;
print_r(unserialize($string_serialized));

?>

Output will come something like given below.

Array ( [0] => Laxman [1] => Dev [2] => Vimal )

Hope it will help you,

Thanks,
Laxman

How to Set 404 page not found in cakephp

its has been long time I had written last blog but I back with new post.

Better developer should have take care of 404 page not found exception,here is solution how to resolve that issue in cakephp

Step 1 : Put following code into your app controller

function _setErrorLayout() {
if ($this->name == ‘CakeError’) {
$this->layout = ‘error404’;
}
}

function beforeRender () {
$this->_setErrorLayout();
}
Step 2: Add new layout to your layout

Add new layout to your layout folder name with “error404.ctp” and add the following code into it.

 

<!DOCTYPE html>
<html lang=”en”>
<head>
<meta charset=”utf-8″>
<title>Page Not Found :(</title>
<style>
::-moz-selection {
background: #b3d4fc;
text-shadow: none;
}

::selection {
background: #b3d4fc;
text-shadow: none;
}

html {
padding: 30px 10px;
font-size: 20px;
line-height: 1.4;
color: #737373;
background: #f0f0f0;
-webkit-text-size-adjust: 100%;
-ms-text-size-adjust: 100%;
}

html,
input {
font-family: “Helvetica Neue”, Helvetica, Arial, sans-serif;
}

body {
max-width: 500px;
_width: 500px;
padding: 30px 20px 50px;
border: 1px solid #b3b3b3;
border-radius: 4px;
margin: 0 auto;
box-shadow: 0 1px 10px #a7a7a7, inset 0 1px 0 #fff;
background: #fcfcfc;
}

h1 {
margin: 0 10px;
font-size: 50px;
text-align: center;
}

h1 span {
color: #bbb;
}

h3 {
margin: 1.5em 0 0.5em;
}

p {
margin: 1em 0;
}

ul {
padding: 0 0 0 40px;
margin: 1em 0;
}

.container {
max-width: 380px;
_width: 380px;
margin: 0 auto;
}

/* google search */

#goog-fixurl ul {
list-style: none;
padding: 0;
margin: 0;
}

#goog-fixurl form {
margin: 0;
}

#goog-wm-qt,
#goog-wm-sb {
border: 1px solid #bbb;
font-size: 16px;
line-height: normal;
vertical-align: top;
color: #444;
border-radius: 2px;
}

#goog-wm-qt {
width: 220px;
height: 20px;
padding: 5px;
margin: 5px 10px 0 0;
box-shadow: inset 0 1px 1px #ccc;
}

#goog-wm-sb {
display: inline-block;
height: 32px;
padding: 0 10px;
margin: 5px 0 0;
white-space: nowrap;
cursor: pointer;
background-color: #f5f5f5;
background-image: -webkit-linear-gradient(rgba(255,255,255,0), #f1f1f1);
background-image: -moz-linear-gradient(rgba(255,255,255,0), #f1f1f1);
background-image: -ms-linear-gradient(rgba(255,255,255,0), #f1f1f1);
background-image: -o-linear-gradient(rgba(255,255,255,0), #f1f1f1);
-webkit-appearance: none;
-moz-appearance: none;
appearance: none;
*overflow: visible;
*display: inline;
*zoom: 1;
}

#goog-wm-sb:hover,
#goog-wm-sb:focus {
border-color: #aaa;
box-shadow: 0 1px 1px rgba(0, 0, 0, 0.1);
background-color: #f8f8f8;
}

#goog-wm-qt:hover,
#goog-wm-qt:focus {
border-color: #105cb6;
outline: 0;
color: #222;
}

input::-moz-focus-inner {
padding: 0;
border: 0;
}
</style>
</head>
<body>
<div>
<h1>Not found <span>:(</span></h1>
<p>Sorry, but the page you were trying to view does not exist.</p>
<p>It looks like this was the result of either:</p>
<ul>
<li>a mistyped address</li>
<li>an out-of-date link</li>
</ul>
<script>
var GOOG_FIXURL_LANG = (navigator.language || ”).slice(0,2),GOOG_FIXURL_SITE = location.host;
</script>
<script src=”http://linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js”></script&gt;
</div>
</body>
</html>

Its done,Let me know if you have any suggestion or ideas

 

Add Extension in Dreamweaver for cake or other framework

go to installed folder of dreamweaver->configuration->document

types->MMDocumentTypes.xml

find “PHP_MySQL” change parameter
winfileextension ->add ‘ctp,thtml’ after ‘php,php3,php4,php5’ parameter look
like this “php,php3,php4,php5,ctp,thtml”

macfileextension->add ‘ctp,thtml’ after ‘php,php3,php4,php5’ parameter look
like this “php,php3,php4,php5,ctp,thtml”

open Extensions.txt in configuration folder
find “All Documents” add “CTP,THTML” before “All Documents”
save it.

Enjoy

.htaccess or search engine friendly URL

.htaccess or search engine friendly URL

.htaccess is the filename of a special configuration file that provides a number of directives (commands) for controlling and configuring the Apache Web Server, and also to control its many modules like mod_rewrite (for htaccess rewrite), mod_alias (for htaccess redirects), and mod_ssl.

Htaccess allows for decentralized management of configuration when placed inside the web tree. Htaccess is sometimes called: “HyperText Access”because one of the main functions of Htaccess files are to control access of HTTP (HyperText Transfer Protocol), which we know as the WWW. Htaccess is a very ancient configuration file, and is also one of the most powerful configuration files you will ever come across.

The Apache Web server provides a feature called .htaccess file, which provides commands to control a Web site. This file is simply a text file containing Apache directives. Those directives apply to the documents in the directory where the file is located, and to all subdirectories under it as well. Other .htaccess files in subdirectories may change or nullify the effects of those in parent directories.

You have to be careful when editing .htaccess files, as a small mistake can make your Web site stop working. You should immediately test the site to be sure it works.

 

.htacce mostly uses for the extension hidding for example if websites are running on php and developer are not want to display .php extension then it is useful to use .htaccess file and make it as directory structure or you can also display as .html or .hml

.htm or .html file are search engine friendly so it is useful for SEO working

 

Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:

RewriteEngine On 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Please, note that the .htaccess should be located in the web site main folder.

In case you wish to force HTTPS for a particular folder you can use:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} somefolder
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]

The .htaccess file should be placed in the folder where you need to force HTTPS.

Here are the most notable and useful .htaccess examples…

Custom error pages

The most common errors are 404 (Not Found) and 500 (Internal Server Error). Design your custom Web pages for these errors (you aren’t limited to these errors, you can create an error page for each and every error). Add the following commands to your .htaccess file…

RewriteEngine On

ErrorDocument 404 /404.html
ErrorDocument 500 /500.html

Redirects

You can use .htaccess file to redirect any request for a specific page to a new page…

Redirect /domain/old.html http://site.com/new.html

Server-side redirects are very useful for shortening affiliate links. Your visitors won’t be turned off by long links that are obviously affiliate links. For example, to create a redirect at the URL:

 

Redirecting domain.com to http://www.domain.com

If search engines find both www and non-www links from other sites to your site, they may treat http://domain.com and http://www.domain.com as two different websites with the same content. This means that your site can be penalized for duplicate content.

Many experts recommend to set up a 301 redirect (permanent redirect) from YourSite.com to http://www.domain.com&#8230;

RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain\.com [nc]
RewriteRule (.*) http://www.domain.com/$1 [R=301,L]

Replace “domain.com” with your real domain name.

The .htaccess file is very obscure and extremely useful when used properly. The above htaccess examples cover only a few possible uses of this powerful tool. For more information, see…

http://httpd.apache.org/docs/1.3/howto/htaccess.html

 
 

Installing Sql Server

Essential Guides

 

How to Install SQL Server 2005 – A Quick Guide

Purpose: To describe how to perform a basic installation of

SQL Server 2005.

Version Information: Although this document addresses

SQL Server 2005

Developer Edition, the instructions are very similar or the

same for other editions

of SQL Server 2005.

Important Notes: Before installing SQL Server 2005,

SQL Server 2000 databases
should be backed up (if they are required), and the SQL Server 2000

software should be completely un-installed through the Control Panel,

UNLESS there is a technical requirement for it to exist on the same machine.

Although SQL Server 2000 and 2005 can exist side by side on the

same machine, they have to be installed as separate named instances.

This document does not attempt to address the details of SQL

Server named instances – if in doubt, consult the DBA for the project for which the installation is being performed.

Should a user require SQL Server 2000 AFTER SQL Server 2005

has been installed, it can be installed as a separate named instance,

however a check should be made to ensure that any critical applications

that require SQL Server 2000 are capable of

supporting named instances – not all are.

Insert the DVD into the DVD drive
The SQL Server installation screen appears

For most installations, if installing on standard 32 bit Windows XP

Professional, click on the x86-based operating systems option.

Click on Server components, tools, Books online and samples
Read and accept the terms and conditions of the license agreement
Then click Next.
The Installing Prerequisites screen

Click on the Install button and wait whilst the system

components are configured. This may take 10-20 seconds.

Prerequisites are installed
Welcome to the Microsoft SQL Server Installation Wizard
The System Configuration Check screen
If the configuration check completes successfully (Success appears in the top panel, all ticks in the Details panel), click on Next.
Fill in the Registration Information details
Click on Next.
Select the components to install

Note that the components selected in the screen shot above

are the most common components that will be needed

for most developers and development DBAs. However,

if another component such as Analysis Services is needed,

it can be added easily afterwards by re-inserting the installation

DVD and re-running the setup program.

Click on the Advanced button to open up further options.

Feature selection

IMPORTANT NOTE

As a general rule it is not necessary to change the default installation

path or the Developer Edition installation, unless your

organisation has a standard which is different. If in doubt,

check an existing PC or server at your site.

Click on Next.

Select the Default instance

IMPORTANT NOTE

If the Default instance radio button is disabled, this probably means

that there is another, default instance of SQL Server 2000 or SQL

Server 2005 already installed on this machine. In this case,

consult the DBA for the project as it may not be necessary or

desirable to re-install the database components.

Click on Next.

Select the radio button Use the built-in System account

The first step will change the Windows account under which

the SQL Server service executes to the Local System account.

In a production environment or certain development environments,

it may be desirable to change this to a domain user account,

but this is not usually necessary for local developer installations.

Note that the service account settings can be changed through the

Services applet in the Control Panel at any point after installation,

however SQL Server will require re-starting in order for these

changes to take effect.

Click on Next.

Change Authentication Mode to Mixed Mode and set a password for the sa logon
Click on Next.
 
Click on Next.
Error Reporting and Usage options
Click on Next.
The SQL Server pre-installation screen
Click on Install.
SQL Server setup progress

This step ususally takes 10-30 minutes, but requires no user

intervention – so now’s a

good time to take a break and make some coffee.

SQL Server setup has finished
Click on Next.
Completing Microsoft SQL Server 2005 Setup

If you only want the database server to be accessible from the machine

on which it is installed, click on Finish.
SQL Server 2005

installation is now complete.

However, if you wish the database server to be accessible from

other machines, click on the Surface Area Configuration tool link.

The Help Protect Your SQL Server screen will appear
Click on the Surface Area Configuration for Services and Connections link.
SQL Server 2005 Surface Area Configuration

Click on the Remote Connections node in the left hand tree pane,

then click on Local and remote connections.
By default, TCP/IP

only is selected and is usually sufficient in most development environments,

but if you suspect that you may need SQL Server 2005 to host legacy

applications which require support for the named pipes SQL Server

communication protocol, click on “Using TCP/IP and Named Pipes”.

If in doubt, consult the DBA for the project.

In addition, if you wish this installation of SQL Server to automatically

announce itself on the network to automatic database server directory queries,

click on the SQL Server Browser Service, set the Startup type to ‘Automatic”,

click on “Apply”, then click on the Start button.

Click on OK, and then close the “Help Protect Your SQL Server” screen.
Finally, click on the Finish button

on the “Completing Microsoft SQL Server 2005 Setup” screen.

SQL Server 2005 setup is now complete.

Top of Page

What is SQL Injection

sql injection

 

SQL Injection happens when a developer accepts user input that is directly placed into a SQL Statement and doesn’t properly filter out dangerous characters. This can allow an attacker to not only steal data from your database, but also modify and delete it. Certain SQL Servers such as Microsoft SQL Server contain Stored and Extended Procedures (database server functions). If an attacker can obtain access to these Procedures it may be possible to compromise the entire machine. Attackers commonly insert single qoutes into a URL’s query string, or into a forms input field to test for SQL Injection. If an attacker receives an error message like the one below there is a good chance that the application is vulnerable to SQL Injectio

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.SQL injection attacks are also known as SQL insertion attacks

Forms of SQL injection vulnerabilities

Incorrectly filtered escape characters

This form of SQL injection occurs when user input is not filtered for escape characters and is then passed into a SQL statement. This results in the potential manipulation of the statements performed on the database by the end user of the application.

The following line of code illustrates this vulnerability:

statement = "SELECT * FROM users WHERE name = '" + userName + "';"
This SQL code is designed to pull up the records of the specified username from its table of users.
 
However,if the "userName" variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example,
setting the "userName" variable as
 	
     
a' or 't'='t


renders this SQL statement by the parent language:

   SELECT * FROM users WHERE name = 'a' OR 't'='t';

If this code were to be used in an authentication procedure then this example could be used to force 
the selection of a valid username because the evaluation of 't'='t' is always true.

While most SQL Server implementations allow multiple statements to
be executed with one call, some SQL APIs such as php's mysql_query do
not allow this for security reasons. This prevents hackers from injecting entirely
separate queries,but doesn't stop them from modifying queries. The following 
value of "userName" in the statement belowwould cause the deletion of the "users" table as well as 
the selection of all data from the "data" table (in essence revealing the information of every user):

a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '%

 

This input renders the final SQL statement as follows:

SELECT * FROM users WHERE name = 'a';DROP TABLE users; SELECT * FROM DATA WHERE name LIKE '%';

 

Incorrect type handling

This form of SQL injection occurs when a user supplied field is not strongly typed or
is not checked for type constraints.

This could take place when a numeric field is to be used in a SQL statement,

but the programmer makes no checks to validate that the user supplied input is numeric. For example:

statement := "SELECT * FROM data WHERE id = " + a_variable + ";"

 

It is clear from this statement that the author intended a_variable to be a number correlating to the "id" field.

However, if it is in fact a string then the end user may manipulate the statement as they choose,
thereby bypassing the need for escape characters.

For example, setting a_variable to

1;DROP TABLE users

 

will drop (delete) the "users" table from the database, since the SQL would be rendered as follows:

SELECT * FROM DATA WHERE id=1;DROP TABLE users;

 

Magic String

The magic string is a simple string of SQL used primarily at login pages. The magic string is

'OR''='

 

When used at a login page, you will be logged in as the user on top of the SQL table.

Vulnerabilities inside the database server

Sometimes vulnerabilities can exist within the database server software itself, as was the case with the
MySQL server’s mysql_real_escape_string() function. This would allow an attacker to perform
a successful SQL injection attack based on bad Unicode characters even if the user’s input is being escaped

Blind SQL Injection

Blind SQL Injection is used when a web application is vulnerable to SQL injection but the results
of the injection are not visible to the attacker. The page with the vulnerability may not be one that displays
data but will display differently depending on the results of a logical statement injected into the legitimate SQL
statement called for that page. This type of attack can become time-intensive because a new statement must be
crafted for each bit recovered. There are several tools that can automate these attacks once the location of the
vulnerability and the target information has been established.

Conditional Responses

One type of blind SQL injection forces the database to evaluate a logical statement on an ordinary application screen.

SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=1

 

will result in a normal page while

SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=2

 

will likely give a different result if the page is vulnerable to a SQL injection. An injection like this will prove that
a blind SQL injection is possible, leaving the attacker to devise statements that evaluate to true or false depending on
the contents of a field in another table.

Conditional Errors

This type of blind SQL injection causes a SQL error by forcing the database to evaluate a statement that causes an error
if the WHERE statement is true. For example,


SELECT 1/0 FROM users WHERE username='Ralph'

 

the division by zero will only be evaluated and result in an error if user Ralph exists.

Time Delays

Time Delays are a type of blind SQL injection that cause the SQL engine to execute a long running query or a time
delay statement depending on the logic injected. The attacker can then measure the time the page takes to load to
determine if the injected statement is true.

Preventing SQL Injection

To protect against SQL injection, user input must not directly be embedded in SQL statements.
Instead, parameterized statements must be used (preferred), or user input must be carefully escaped or filtered.

Using Parameterized Statements

In some programming languages such as Java and .NET parameterized statements can be used
that work with parameters (sometimes called placeholders or bind variables)
instead of embedding user input in the statement. In many cases, the SQL statement is fixed. The user input is

then assigned (bound) to a parameter.
This is an example using Java and the JDBC API:


PreparedStatement prep = conn.prepareStatement
("SELECT * FROM USERS WHERE USERNAME=? AND PASSWORD=?");
prep.setString(1, username);
prep.setString(2, password);

Similarly, in C#:

using (SqlCommand myCommand = new SqlCommand("SELECT * FROM USERS
WHERE USERNAME=@username AND PASSWORD=HASHBYTES('SHA1', @password)", myConnection))

    {                    
        myCommand.Parameters.AddWithValue("@username", user);
        myCommand.Parameters.AddWithValue("@password", pass);
 
        myConnection.Open();
        SqlDataReader myReader = myCommand.ExecuteReader())

        ...................
    }

 

In PHP version 5 and above, you have multiple choices for using parameterized statements.

The easiest is to use the PDO database layer:

$db = new PDO('pgsql:dbname=database');

$stmt = $db->prepare("SELECT priv FROM testUsers
WHERE username=:username AND password=:password");
$stmt->bindParam(':username', $user);

$stmt->bindParam(':password', $pass);
$stmt->execute();

Alternatively, you could use a vendor-specific method. For example in MySQL 4.1 and above with the mysqli extension. Example

$db = new mysqli("localhost", "user", "pass", "database");

$stmt = $db -> prepare("SELECT priv FROM testUsers 
WHERE username=? AND password=?");
$stmt -> bind_param("ss", $user, $pass);

$stmt -> execute();

 

In ColdFusion, the CFQUERYPARAM statement is useful in conjunction with the CFQUERY
statement to nullify the effect of SQL code passed within the CFQUERYPARAM value as part of the SQL clause.
An example is below.

<cfquery name="Recordset1" datasource="cafetownsend">
SELECT *
FROM COMMENTS
WHERE COMMENT_ID =<cfqueryparam value="#URL.COMMENT_ID#" 
cfsqltype="cf_sql_numeric">

</cfquery>

 

Enforcing the Use of Parameterized Statements

There are two ways to ensure an application is not vulnerable to SQL injection: using code reviews
(which is a manual process), and enforcing the use of parameterized statements. Enforcing the use of parameterized statements means that
SQL statements with embedded user input are rejected at runtime. Currently only the H2 Database Engine supports this feature.

Using Escaping

A straight-forward, though error-prone way to prevent injections is to escape dangerous characters.
One of the reasons for it being error prone is that it is a type of blacklist which is less
robust than a whitelist. For instance, every occurrence of a single quote (') in a parameter must be replaced by two
single quotes ('') to form a valid SQL string literal. In PHP, for example,
it is usual to escape parameters using the function mysql_real_escape_string before sending the SQL query:

$query = sprintf("SELECT * FROM Users 
where UserName='%s' and Password='%s'", 
                  mysql_real_escape_string($Username), 
                  mysql_real_escape_string($Password));

mysql_query($query);

 

Here is an example of a custom escaping based sql injection filter. It doesn’t rely on built in escaping functions:

<?php
$title = $_POST['title']; // user input from site

$description = $_POST['description']; // user input from site
 
// define the cleaner
 
$dirtystuff = array("\"", "\\", "/", "*", "'", "=", "-", "#", ";", "<", ">", "+", "%");
 

// clean user input (if it finds any of the values above, it will replace 
it with whatever is in the quotes - in this example, it replaces the value with nothing)
 
$title = str_replace($dirtystuff, "", $title); // works!

$description = str_replace($dirtystuff, "", $description); // works!
 
// input: I\ "like/ green<** veg'et=a-bles> ;and< pizza**

// output: I like green vegetables and pizza
 
// input: a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '%
// output: aDROP TABLE users SELECT FROM data WHERE name LIKE 
 
?>

This sort of escaping is error-prone as it relies on the programmer to escape every parameter.

Also, if the escape function (either custom or built-in in the language) fails to handle a special character correctly, an injection is still possible.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



Stop including class files and use __autoload() instead

PHP added several magic methods in PHP5. __autoload(), however, isn’t one of them. But that doesn’t make it any less useful. In fact it’s one of the gems in PHP that I find to be relatively under used. It’s common for PHP applications to break out classes into their own files. This becomes cumbersome when working on large projects as you wind up with numerous include/require calls for any given page. There’s got to be a better way…

Consistency is your friend
I’m sure you name your class files consistently so you can probably skip this section. Apparently, since you’re reading this, you do not have any rhyme or reason for your class file names. It doesn’t really matter what it is as long as it’s consistent and predictable. For example, EpiCode contains a models directory which contains all of the PHP class files. The file names follow the pattern ClassName.php. I know that class A is defined in models/A.php.

What can __autoload() do for you?
Did you know that PHP will call __autoload() if you try to call a function which is not yet defined? You simply have to define it and let it know where to find the class file. Let’s use my example of placing all class definitions inside a models directory with the filename being the same as the class name. Your __autoload() function may look something like this.
view plaincopy to clipboardprint?

1. function __autoload($className)
2. {
3. require_once “./models/{$className}.php”;
4. }
5.
6. // Instantiate class A without including it and __autoload() will do so on your behalf
7. $ClassA = new A();

function __autoload($className)
{
require_once “./models/{$className}.php”;
}

// Instantiate class A without including it and __autoload() will do so on your behalf
$ClassA = new A();

Make your code less ugly
If you can’t spare an extra function call here or there then __autoload() may not be for you. Though I would begin to question your reasoning. The upside is that your code could become significantly cleaner and more maintainable. The upside of easy to read code often trumps everything else.

tricks

1 Windows tricks : Lock a Folder in Windows XP
To Lock a folder in windows XP without any software. Follow the steps Below.

1. Make a Folder in C drive rename it as “abc” without quotes.
2. Now open Command Prompt from Start Menu.
3. Type “attrib +s +h C:\abc” without quotes and press enter.
4. This command will Make your folder invisble and it can not be seen even in hidden files and folders
5. To make it visible again type “attrib -s -h C:\abc”
6. You can lock any other folder also by changing the location C:\abc to address of your folder.

2 Windows Tricks and Shortcuts
# To boost performance of your PC or to increase RAM virtually,
Right click on My Computer Icon on Desktop
>> Go to Properties
>> Go to Advanced
>> Go to Performance – Settings
>> Go to Advanced
>> Go to Virtual Memory – Change

Keep the initial size same as recommended and maximum size double of it then restart your system.
It will improve speed of windows and you can play some games which require higher RAM.

# To Minimise all the application and running windows press the “Windows + M ” key together.

3 Windows Tricks : Changing Startup and Log-off screens

Startup Screen

1. Create a 320×400 bitmap in the root directory and name it LOGO.SYS
2. You can use LOGOW.SYS file in the Windows directory as a starter

Logoff Screens

1. There are many system file that constitutes Lofoff screen.
2. They are actually bitmaps 320×400 that just have a different extension
3. The hidden file in the root directory LOGO.SYS is the startup logo.
4. There are two files in the Windows directory.
5. LOGOW.SYS is the Wait while Shutting down … screen.
6. LOGOS.SYS is the You may now shut-off or Reboot screen.
7. Make two new image files of your chice in Paint and name it as LOGOW.SYS and LOGOS.SYS and replce the actual windows file by this two.
8. But make sure they should be of the same size

Warning:

You can try these codes at your own responsibility ! We are not responsible for any malfunction and we don’t accept any complaints.

Important:

If you know any other tips & tricks & secrets about GSM mobile or any other mobile which is not listed here then you can comment and add this i am we are add this tricks on our site

Important Tricks of mobiles

Important Tricks of mobiles

Type *#61# and press call – Check call redirection status.

Cancel all redirections: ##002#

*43# to activate call waiting, to deactivate #43#.

If your phone doesn’t have incoming call barring and outgoing call barring, you can try this. For outgoing call barring dial *33*barcode*# and pres OK. To deactivate it dial #33#barcode*#.

On any phone on any network type in **43# to enable conference calls. You can make up to 7 calls at once

If you need to block SMS reception (if you are spammed by someone) just press this code: *35*xxxx*16# xxxx is your Call Barring code (default is 0000). To remove this barring type: #35*xxxx#

If you want to hide/show your phone number when calling, put one of these codes below in front of the number that you are going to call. (*#30# / *#31# or *31# / #31# ) Works on some networks.

Typing *0# or *nm# on the beginning of a txt message gives you detailed delivery report on some networks.. But turn off reports in message settings before.

When the sim card-pin blocked type **042*pin2 old*newpin2*newpin2*