Posts by Dani - Page 14

A lot of what you have written here is beyond what I'm familiar with since I haven't used iframes in well over a decade.

However, let me start with first thing's first: What is your goal in including iframes for pages on your website on your website? The typical use case for iframes would be to include third-party content embedded in your site, and that's when there's lots of security vulnerabilities you need to be careful of. If you have 100% control over the content in the iframe as well as the content hosting the iframe, then I don't see much of a security concern (perhaps there is and I just don't know about it), although I don't quite see the point? Iframes might not be the best tool for the job.

Also, to the best of my knowledge, there is no way to edit text or content within an iframe that you don't have control of. For example, you can't load daniweb.com in an iframe on your site, and change content in the iframe to say BoroWeb instead.

Hi and welcome to DaniWeb. My first thoughts, while spending a moment or two browsing your site, is it appears at first glance that the game descriptions are low quality content / spun content / content that is copied/pasted from elsewhere on the web / written by AI bots.

I'm not sure if this is true, but that's the impression that I get. Perhaps something to work on improving?

I also noticed that most of your pages are not indexed by Google. Is that intentional? I'm curious if you are using Google Search Console and have submitted your sitemap there?

Hi Sanjay! Welcome to DaniWeb! What brought you here?

    $sql_count = "SELECT COUNT('id') FROM domains WHERE (domain = ? OR domain_email = ?) AND password = ?";

It looks fine. However, it's not as secure as using password_hash() and password_verify() because you can then use BCRYPT with a salt. SHA256 is designed for encrypting large amounts of data efficiently and quickly, and is not as ideal for passwords, although you can definitely use it. Especially be wary of the unsalted way you're using it.

If I look at your SQL query SELECT COUNT('id') FROM domains WHERE domain = ? OR domain_email = ? AND password = ? it's ambiguous if you mean (domain = ? OR domain_email = ?) AND password = ? or domain = ? OR (domain_email = ? AND password = ?.

However, you shouldn't be retrieving a row with a password passed in anyways.

Nothing strikes me as obvious as to why the MySQL query may be failing.

Online reputation management is when you put out a bunch of positive articles and content about your brand (business profiles, press releases, etc.) with the goal of having them rank higher in the search results any negative press you may want to bury from being easily discovered when people Google you or your brand.

I don't use PDO.

I use MySQLi but I don't use prepared statements. I just use manual queries and make sure to properly escape all user-input passed into the queries. I also use my own ORM that I wrote.

When looking at the code block you have posted above, what does it spit out on lines 102 as the password? Is MySQL successfully returning a row with the domain being passed in? It's possible that the MySQL query is succeeding but there's simply zero rows returned, and therefore $db_password is null.

Perhaps I'm missing something, but you are setting the unencrypted password that the end user types in into $password. You're then using an SQL query to select a row where the password is the value of that unencrypted password. If your passwords are stored in the database encrypted, it would result in no rows being retrieved.

Instead, please look into PHP's password_hash and password_verify functions.

What I have experience doing is save the password to the database with the password_hash() function. This encrypts the password with a unique salt. Then, when it comes time to logging in, I retrieve the row from the database that has the correct username (or in your case, domain). Then, use password_verify() to compare the password field retrieved from the database with the unencrypted one retrieved via POST, and check for a match.

It looks like people are typing random spam into your search queries. Your search results page should be noindexed or blocked in robots.txt.

That should work, yes.

The date has to be formatted in W3C Datetime format.

That means it needs to be YY-MM-DD and you currently have YY-DD-MM.

Also, the times are formatted incorrectly as well. Try using ISO 8601 date @ https://www.php.net/manual/en/datetime.format.php

Hi and welcome to DaniWeb!! Funny you should join today. DaniWeb just launched a backlink checker last night, the first of a handful of SEO and other dev tools I'm starting to build out targeting the DaniWeb audience.

User profile spam is different than user profile thin content. ;) I'm not talking about user profiles that include links or self-promotion.

That being said, I actually recently started working on creating some tools to hopefully make DaniWeb more engaging. I started with an SEO tool since that's one of my main interests. You can check it out here. It actually just went live yesterday.

First, just find all the thin pages of your websites, and remove those that are just created for the purpose of SEO

Removing pages created for the purpose of SEO. The hard part is figuring out what constitutes a thin page but is created for users. For example, I've found that Google looks at all DaniWeb member profiles as thin pages, so I needed to take care of that to recover from a penalty back in the day.

It’s not considered new content if there isn’t a substantial change to the content of the page. Google has reiterated this recently as well, specifically going after blogs that have articles such as “Top X of 2022” and then update it to be “Top X of 2023” and make a couple small changes. That was the example Google mentioned, anyways, but I suspect the algorithm would extend to what you’re doing as well.

Google catches onto those tricks very, very quickly. It’s a sure way for Google to start not trusting your sitemap. And it also makes your content easily detectable as automated. I highly suggest not doing it, but of course you’re free to do a test run and see what works for you.

Search for trending techniques in SEO that worked in 2021 and then factor in the helpful content update, and there ya go.

I replied to you directly via chat already, but I'll just copy what I wrote there, for the benefit of others: SEO is a multi-year long process so have patience. However, when I navigate your website, I'm not seeing a lot of content outside of adds and syndicated feeds. Google wants to see a lot of rich content (unique articles, etc.) to rank you for.

I would definitely build your own dynamic sitemap if the list of pages on your site change frequently (e.g. a blog or user generated content). I'm glad you were able to get it working.

I was just thinking … can you show me the PHP code you’re using to generate the MySQL query?

Plausible starts at $9/mo and goes up from there. As I had mentioned, there are a handful of paid Google Analytics alternatives, but nothing else free the way GA is.

Since changing the folder name, what does your .htaccess look like?

What did the .htaccess look like when it semi-worked? (e.g. it worked as long as there was no hyphen in the name?)

Your webpage has the line:

<meta name="robots" content="noindex">

in the <head> ... </head> section. Remove that line and Google will be able to index that page.

You can set up a simple website yourself, with little technical knowledge, at Wix.com. That should be more than enough for your needs.

Bring back the fail whale! Bring back the fail whale!

I can’t possibly be the only person thinking this.

In other words, if it ain't broke, don't fix it.

Who said it wasn't broke? Elon acquired a failing company. Twitter might have been making gross ad revenue, but it was never profitable, and it was bleeding a LOT of money every month. If I suddenly acquired a company that was losing millions every month, the first thing I'd look to do is see where I could cut. He saw a lot of employees who either didn't share his vision, weren't willing to stand behind him, or who he felt weren't up to snuff. Sometimes what you adopt is such a complete mess, it makes sense to just scrap everything down to the bare bones and start from scratch. In his case, it does him no favors to be spending millions of dollars on employees that don't share his vision, don't stand behind him, and aren't pulling their weight. Honestly, I would have done the same thing.

I'm really sorry. I didn't get much sleep and admit I'm a little loopy, but i really don't see what is wrong with:

Options +FollowSymLinks
RewriteEngine on
RewriteRule ^([a-z0-9]+)/([a-z0-9]+)$     $1/index.php?name=$2 [L]

That should work, as should the rule I provided before. (This one is a little more flexible)

Update: I just noticed you mentioned you're using Litespeed, not Apache. I have no experience at all with Litespeed, but a little Google research shows that Litespeed does support .htaccess, but you need to enable it by specifying the location of the .hataccess file in your litespeed config. I wish I could help more but I have literally no experience with litespeed. It apparently also works differently depending on if you are using openlitespeed or litespeed enterprise.

The recent debacle at Twitter is not COVID related. It's Elon and soon after the purchase I immediately wondered if car makers would advertise on the Twitter platform. This was easy to see coming.

As I mentioned in my previous post, the recent goings on with Twitter and Elon have not yet fully played out, and can't quite agree that what's happened so far has had an impact on the overall importance of social media as a whole. Not yet, anyways. I think we're quite aways away from that.

While the billions lost on the metaverse is interesting what I'm been meaning to ask is why that Daniweb Facebook page looks inactive. Facebook clicks and such were a big thing. Might still be. Or did that pass into the void?

I have never managed a Facebook profile for DaniWeb. A former DaniWeb employee created a Facebook page, but it was never really maintained. Years ago, a few different DaniWeb members created and did actively maintain Facebook fan pages, but I was never affiliated with any of them.

The simple answer to your question is that Facebook just isn't an effective marketing strategy for DaniWeb anymore. Facebook is for light reading when you're bored. Facebook feeds are a mix of your friends' personal lives, news articles, clickbait, op-eds, fluff pieces, entertainment stories, etc.

Back when Davey (happygeek) was contributing lots of random news stories, then sure, those would make good Facebook fodder. But without any paid op-ed …

I'm not sure, but maybe this could help you?

rproffitt provided a link to the code for a simple encryption function. However, there are also many pre-existing python encryption libraries.

https://docs.python.org/3/library/crypto.html

You can also check out https://www.pycryptodome.org/src/introduction

Of course I am not blocking favicon.ico with robots.txt. I am aware of the importance of favicon. That’s why I was worried when I posted this topic.

However, it appears to have fixed itself. Apparently it was a bug on Google’s end. I will mark this as resolved.

Congratulations on graduating and good luck! Now that school is behind you, are you submitting your resume to different places to start out your career?

I think you are completely misunderstanding me.

Our robots.txt file exists for a reason. It is designed to block pages we don't want to be crawled by Googlebot. My question was entirely related to unexpected behavior in Google's search console report.

I believe you can still target global clients, even with a .in extension. Keep in mind that lots of popular modern tech apps nowadays have domains with .io extensions, even though .io was initially created as a domain for a British Indian Ocean territory. In fact, tech apps have .io extensions more than sites targeted to the Indian Ocean territory does.

I think the question is obvious. Cloud kitchens (or ghost kitchens) are commercial kitchens that don't have a sit down restaurant. Rather, they rely 100% on food delivery apps such as Grubhub or Doordash to bring the food straight to your door. In the app, you order delivery from a virtual restaurant.

One really good use for these types of kitchens is to expand the service area of local restaurants or test new markets. For example, suppose a local chain only has restaurants in Northern California, and they do very well. They have found that people travel sometimes for over an hour to go to their restaurant. They think they would get significantly more business by being able to offer a much larger delivery radius, but they're not ready to front the money to open up a brand new restaurant. So they partner with a cloud kitchen 50 miles away to cook their dishes and bring their food to a wider market.

Another use case is a nationally recognized chain that doesn't have brick 'n' mortar locations in certain areas. For example, In-n-Out Burger is a well known chain that doesn't currently have a presence in the northeast of the US.

Another use case is the small independent chef who doesn't have the capital or manpower to open up their own brick 'n' mortar sit down restaurant.

What do you mean by a Mario game? Do you mean a game with a little graphical guy that walks across the screen? If so, that's a pretty involved project.

Pretty much any fully functioned app nowadays that does anything will include classes and some level of abstraction.

As to backlinks, don't those break over time and you have to continually work at that?

Here at DaniWeb, we completely automate that process. Most people use a tool such as Screaming Frog, or even Ahrefs, to find broken backlinks.

I looked at your site and for me it's nothing I'd use.
Explain to me as a seasoned coder what this tool is for since at first glance it doesn't seem useful.

This is the Search Engine Strategies forum and you don't work in the SEO industry. The tool isn't useful for you because it's not targeted for people like you, and it's certainly not targeted towards coders. It's an SEO tool.

On Daniweb you should use the tagline in your profile. Due to changes since I last looked at that, maybe a note to Dani where it is now.

Click on your avatar in the top right corner of the page and then click on Control Panel. From there, click on "Community Profile" and update your post signature to include a link to your site at the bottom of all your posts.

I’m not sure as it’s not something I’ve ever done, and I’m not near a computer (typing this from my phone while in bed). However, you might want to check this out.

There also seems to be a lot of helpful CDATA unescaping help here if you read all the comments.

That’s my sitemap contents, not theirs. Either way, the problem is your sitemap scraper code needs to be able to successfully handle CDATA encoded strings, which yours does not.

They aren’t writing it this way to confuse anyone from reading their sitemaps. They are encoding strings that might have invalid characters, which should never hurt.

What is your website?

Also, can you explain what you mean by "responsive"? When a web design is responsive, it usually means that the design renders nicely at any browser resolution and across phones, tablets, and desktops. On the other hand, responsiveness can also be related to speed. Google's algorithm, which takes core web vitals into account, means that a site's speed affects its performance in the search results.

Well is that code the entire thing? The </urlset> is never closed. Also, why is the <loc> and all wrapped in ![CDATA[]]? Typically that is only done when you have paragraph blurbs of text that you wish to escape. I suspect that they just thought it can't hurt to escape everything, whether it needs it or not.

I did not bother testing the BJ_Crawler as I know it will do all the job I want since you built it.

I did not build it. It was code provided on a webpage that YOU had linked to, so you found it.

And remember, that code that was posted the other day (the BJ_Crawler one you were scared of because it was OOP) already correctly handles an infinite depth of sitemap index files and sitemap files. It also handles an unlimited number of sitemap or sitemap index files (from different websites) as starting points.

As far as where to get these starting points, users of your app can submit their sitemaps to you, or you can auto-detect sitemap files as they're often recorded in the website's robots.txt file, which is always located at domain.com/robots.txt

Because, as much of the web does nowadays, we use URI routing to dynamically build our URLs. They don’t map one-to-one with actual files on our web server.

I’m sorry. I ended up coming down with a bad cold and I’ve been stuck in bed all day yesterday and today.

you have to pinch them directly.

I think you mean you have to pitch them directly ;)

I think there are a lot of people who are actively looking to hire SEO firms for their website, but they either are overwhelmed with the options and don't know where to start, or they are looking for a very specific type of SEO who focuses just on their niche, etc.

I think SEOs have an easier time when they dominate a specific niche. For example, be the SEO firm for law firms, and then every law firm will come to you, or be the SEO firm for sites who suffered Panda penalties, and then everyone with EAT issues will come to you because you will supposedly know more than generic SEOs do about how to cure their issues.

I think that I took your comment personally because running social media campaigns is my livelihood, as well as the livelihoods of pretty much everyone who posts in this Digital Marketing forum. So it felt kinda like you were walking into our party just to shit on how we earn a living and basically accuse us of being scammers and spammers. Take your rude, negative energy elsewhere.

It's interesting that folk think SocMe is a way to connect. I've seen 99% of the scams come across my Facebook/Twitter account. So it is what it is

Sounds to me like the words of someone so stuck in the past they can't appreciate what today's technology has to offer. I interpret your statement to be synonymous with, "It's interesting that folks think anyone can learn anything from TV shows. 99% of things that I tend to disagree with are things that came across my television set. I prefer to live in a silo and get all of my information from my immediate neighbors."