Welcome to my blog!

Hi! My name is Resnef

Thank you for visiting my blog. I hope you'll get something helpful here. Please subscribe also to my Youtube Channel.

Looking for something?

What Can I Find Here?

Subscribe to this blog!

Receive the latest posts by email. Just enter your email below if you want to subscribe!

Enter your email address:

Delivered by FeedBurner

How to Create and Submit a Blogger Sitemap




Undeniably, every blogger want to get a high traffic of their site. So many try to do every possible way to get a chance to attract more viewers to their blog or website. 



One of the effective way to do this is to index your site to Google by submitting a sitemap of your indexed website pages. Submitting a sitemap to Google Webmaster will help expose your site which leads to being shown in search results.



The process is quite easy. All you need to do is create - test - and submit.


So, let's go directly to the point and start to expose our site.


CREATE SITEMAP


  • Open a Sitemap Generator and enter the complete url address of your blogspot site.


          example: 
   

  • Click Create Sitemap button to generate your sitemap text file.
         

  • Go to your Blogger dashboard (consider to login first to your Blogger account to open your blogger dashboard), click Settings > Search Preferences >> Crawling and Indexing >>> Edit Custom robots.txt. Paste the sitemap text file you copied earlier into the text box and click Save changes to update robots.txt of your blog.
         



TEST SITEMAP


         

  • Click ADD/TEST SITEMAP button found on the right side of the page and enter the complete url of your sitemap generated earlier.To know your complete sitemap url, go to your Blogger dashboard (consider to login first to your Blogger account to open your blogger dashboard), click Settings > Search Preferences >> Crawling and Indexing >>> Edit Custom robots.txt. Copy the last line of the robots.txt file content.

       


  • Go back to your Google Webmaster account, paste your sitemap url. Click Test Sitemap and click View Test.

  • You should see result like this.


SUBMIT SITEMAP

  • To submit your sitemap, go to your Google Master Account and under Crawl > select Sitemaps.
    •          

    • Click ADD/TEST SITEMAP button found on the right side of the page and enter the complete url of your sitemap generated earlier.To know your complete sitemap url, go to your Blogger dashboard (consider to login first to your Blogger account to open your blogger dashboard), click Settings > Search Preferences >> Crawling and Indexing >>> Edit Custom robots.txt. Copy the last line of the robots.txt file content.

           


    • Go back to your Google Webmaster account, paste your sitemap url. Click Submit Sitemap.

    • You should see result like this.


    Congratulation!. You have created your own blog sitemap.

Read More »

5 Steps to Remove Blogger Footer Credit Link


Some newbie blogger like me can't afford to buy a website template so we don't have other choice but to create our blog for free on Google Blogger or in any other blogging site that offers free blog creation and free templates.

There are many good reasons for a newbie blogger to use a free template but it will surely come with an attribution on the footer recognizing the owner of the template.

You cannot remove or hide the attribution widget on the layout of your blog  but I found a way to do it.

I think some of you might still be looking where and how. :) 

So here is how I did it. I'm sure this will not take you for more than 3 minutes. Just follow this 5 easy steps to remove a blogger footer credit link.



Step 1.

Go to www.blogger.com and login to your blogger profile then select your blog to edit.



Step 2.

Go to Template located on the left side of your blogger dashboard and click Edit HTML.






Step 3.

 Click anywhere inside the code window and press Ctrl + F on your keyboard to show code search box and type either of these 2 line then press enter on your keyboard to find it:

<footer>
or
<!-- outside of the include in order to lock Attribution widget -->



Now you should see this code:
Step 4.

Replace or comment the code section as shown on the image below.



with this




Step 5.

Finally, click Save Template to apply changes.


Read More »

Auto Search Textbox on VB.Net


Most of data-driven software application or web application has a search box or a search engine for the user to easily find what they are looking for. In a Student Information System for example, a user can find the record  of a student by typing the keyword (like for example student ID) on the search textbox and clicks on the ‘Search’ button to command the program to start looking for the data matching that keyword from the database. If the search command found a result using that student ID entered, the result data will then be fetched and could be shown on a particular application form.

In this article, I will discuss you a better way to implement a search engine on your project. Have you tried searching for something on Google search box and it shows you list of suggested or related searches like the image shown below?




The image you see above is what I am going to show you how to do it on VB.Net using a text box and a button.

Note: This example work for projects with database involved.

Please follow this simple step by step instruction to successfully implement the auto-search.


Step 1.

Create a database on Microsoft SQL Server 2005 or use any existing SQL database if you want.

In this example, I will use my own database. You may follow if you want.

Database name: SMIS

Table name
Fields
Data Type
db_info
user_id
Varchar(10)

fname
Varchar(15)

lname
Varchar(15)

mname
Varchar(15)

age
int

gender
Varchar(8)

Step 2.

Create a Visual Basic – Windows project and name it auto_search. On the form, drag a textbox and name it txt_search. Then drag a button, name it btn_search and place it beside the textbox. See sample image below.



Step 3.

In your project solution, right click Form1 and choose ‘view code’. 


Then write or copy the code below.

Note: The sqldata is a string variable declared where data source string is stored. Change the data source value with the actual data source of your project.  Data source used in this example is: Data Source=LOCALHOST\SQLEXPRESS;Initial Catalog=SMIS;Integrated Security=True’

Imports System
Imports System.Data
Imports System.Data.SqlClient
Imports Microsoft.VisualBasic
Imports Microsoft.SqlServer.Server
Public Class Form1
Private sqldata as string =”data source here”
  Sub openConnection()
        cnn = New SqlConnection
        cnn.ConnectionString = sqldata
        cnn.Open()
End Sub
Public Sub SetAutoComplete()
        Try
            Dim AutoComp As New AutoCompleteStringCollection()
            Dim ConStr As String = sqldata
            Dim sqlCon As New SqlClient.SqlConnection(sqldata)
            sqlCon.Open()
            Dim dsSerch_id As New DataSet
 Dim dsSerch_Lname As New DataSet
            Dim dsSerch_Fname As New DataSet
            Dim dsSerch_Mname As New DataSet

            'Auto Searcn ID number
            Dim Str_sid As String = "select user_id from db_info"
            Dim SqlCom_sid As New SqlClient.SqlCommand(Str_sid, sqlCon)
            Dim sqlAdap_sid As New SqlClient.SqlDataAdapter(SqlCom_sid)
            sqlAdap_sid.Fill(dsSerch_id)
            For i As Integer = 0 To dsSerch_id.Tables(0).Rows.Count - 1
                AutoComp.Add(dsSerch_id.Tables(0).Rows(i)(0).ToString())
            Next
            'Auto Search Lname
            Dim Str As String = "select lname from db_info"
            Dim SqlCom As New SqlClient.SqlCommand(Str, sqlCon)
            Dim sqlAdap As New SqlClient.SqlDataAdapter(SqlCom)
            sqlAdap.Fill(dsSerch_Lname)
            For i As Integer = 0 To dsSerch_Lname.Tables(0).Rows.Count -             1
            AutoComp.Add(dsSerch_Lname.Tables(0).Rows(i)(0).ToString())
            Next
            'Auto Search Fname
            Dim Str_gen As String = "select fname from db_info"
            Dim SqlCom_gen As New SqlClient.SqlCommand(Str_gen, sqlCon)
            Dim sqlAdap_gen As New SqlClient.SqlDataAdapter(SqlCom_gen)
            sqlAdap_gen.Fill(dsSerch_Fname)
            For i As Integer = 0 To dsSerch_Fname.Tables(0).Rows.Count -             1
            AutoComp.Add(dsSerch_Fname.Tables(0).Rows(i)(0).ToString())
            Next
            'Auto Search Mname
            Dim Str_brgy As String = "select mname from db_info"
            Dim SqlCom_brgy As New SqlClient.SqlCommand(Str_brgy, sqlCon)
            Dim sqlAdap_brgy As New SqlClient.SqlDataAdapter(SqlCom_brgy)
            sqlAdap_brgy.Fill(dsSerch_Mname)
            For i As Integer = 0 To dsSerch_Mname.Tables(0).Rows.Count -             1
            AutoComp.Add(dsSerch_Mname.Tables(0).Rows(i)(0).ToString())
            Next
           
            'Set the some propersties of the text box to allow auto                   search
            'Or you may set this manaully on the textbox property window
            txt_search.AutoCompleteMode = AutoCompleteMode.Suggest
            txt_search.AutoCompleteSource =                                           AutoCompleteSource.CustomSource
            txt_search.AutoCompleteCustomSource = AutoComp

        Catch ex As Exception
MessageBox.Show(ex.Message, prog_message_caption, MessageBoxButtons.OK, MessageBoxIcon.Information)
        End Try
    End Sub
Private Sub main_form_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
'Call the auto search code on form load
SetAutoComplete()
End Sub

End Class


Here is a sample image of the running Auto-Search program. The search box can search 

 record using id number, first name, last name or middle name. 


Read More »

Prevent SQL Injections using SQL Parameters on VB.Net



Making a good quality software application does not focus only on delivering a complete working program with an awesome user interface but must also consider the most ever important topic – Security.

In this article, I will discuss on how to secure your codes from SQL Injection attacks. But first let me give you a clear definition of what is a SQL Injections and why is it important not to ignore it?

What is SQL Injection?



SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). – Wikipedia.org

How to know if my SQL statements are vulnerable to these attacks?

If the data input is not properly validated and sanitized. Let say, If a user inputs a single quote (‘) character, the original SQL statement would be modified and could possibly reveal sensitive information or otherwise compromise the server.


Example of a Vulnerable Code:
conn = New SqlConnection(constr)

conn.Open()

comm = New SqlCommand("Insert into tbl_info(name,age,gender,address) values('" & txtname.Text & "','" & txtage.Text & "','" & txtgender.Text & "','" & txtadd.Text & "')", conn)

affector = comm.ExecuteNonQuery


How to prevent these attacks?

To prevent this to happen, you may use a parametized statements.

  • Example of a Parametized SQL statement to save data.
 conn = New SqlConnection

conn.ConnectionString = constr

conn.Open()

comm = New SqlCommand("Insert into tbl_info           values(@id,@name,@age,@gender,@address)", conn)

comm.Parameters.Add(New SqlClient.SqlParameter("id", txtid.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("name", txtname.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("age", txtage.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("gender", txtgender.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("address", txtadd.Text))

comm.ExecuteNonQuery()

  • Example of a Parametized SQL statement to update data.
conn = New SqlConnection

conn.ConnectionString = constr

conn.Open()

comm = New SqlCommand("Update tbl_info set 

 name=@name,age=@age,gender@gender,address@address where id ='"

 get_old_ID & "')",conn)

comm.Parameters.Add(New SqlClient.SqlParameter("name", txtname.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("age", txtage.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("gender", txtgender.Text))

comm.Parameters.Add(New SqlClient.SqlParameter("address", txtadd.Text))

comm.ExecuteNonQuery()


Try to implement parametized SQL statements the next time you develop an application to avoid the consequences of being attacked by a malicious SQL statement that could happen by accident or the worst - intentional.
Read More »
Subscribe to: Comments (Atom)