A quick article on how I displayed feeds from the company's social network pages in one page.

There are 3rd-party apps that let you do this, some paid, some not. This was for a staff portal so I wanted this at no extra cost. This is read-only so actual editing of the feed would be done on the respective social network's site.

This simply displays the feed.

  • Facebook
    Replace https://www.facebook.com/myfacebookpage with your facebook URL and replace My Facebook Page with the title of your facebook page.
    (You may need to specify the app in the Facebook developers tools but this may be for the write-back version).
            window.fbAsyncInit = function() {
                            appId      : 'myfacebookpage.com',
                            xfbml      : true,
                            version    : 'v2.5'
            (function(d, s, id){
                    var js, fjs = d.getElementsByTagName(s)[0];
                    if (d.getElementById(id)) {return;}
                    js = d.createElement(s); js.id = id;
                    js.src = "//connect.facebook.net/en_US/sdk.js";
                    fjs.parentNode.insertBefore(js, fjs);
            }(document, 'script', 'facebook-jssdk'));
    <div id="fb-root"></div>
            (function(d, s, id) {
                    var js, fjs = d.getElementsByTagName(s)[0];
                    if (d.getElementById(id)) return;
                    js = d.createElement(s); js.id = id;
                    js.src = "//connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.5";
                    fjs.parentNode.insertBefore(js, fjs);
            }(document, 'script', 'facebook-jssdk'));
            <div class="fb-xfbml-parse-ignore">
                    <blockquote cite="https://www.facebook.com/myfacebookpage">
                            <a href="https://www.facebook.com/myfacebookpage">My Facebook Page</a>

  • Twitter
    Replace https://twitter.com/MyTwitterAccount with your twitter URL and replace MyTwitterAccount with the title of your twitter page.
    (You may need to specify the app in the Twitter developers tools but this may be for the write-back version).
    <a class="twitter-timeline" href="https://twitter.com/MyTwitterAccount" data-widget-id="123456789012345678">Tweets by @MyTwitterAccount</a>
                    var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';

  • Instagram
    Not sure on this one as I could only embed a specific video manually. Will update this if ever a free method for embedding the page comes up.
    1. Go to Instagram and open the video/picture to embed
    2. Click the 3 dots (ellipsis) at the bottom right of the description.
    3. Click Embed
    4. From the box that appears, Copy & Paste the code into your blog or website HTML.

  • YouTube
    1. Go to YouTube and browse to your channel
    2. Hover the mouse over Uploads and click on the Play All button
    3. Click Share
    4. Click Embed
    5. From the box that appears, Copy & Paste the code into your blog or website HTML.
    <iframe width="560" height="315" src="https://www.youtube.com/embed/UW08aMIYomQ?list=UU0YFOXplJkxvUF_jRjdAaTQ" frameborder="0" allowfullscreen></iframe>

  • Pinterest
    1. Browse to Pinterest Developer Tools - Widget Builder
    2. Include the javascript file '//assets.pinterest.com/js/pinit.js' once in the page
      <script async defer src="//assets.pinterest.com/js/pinit.js"></script>
    3. Customize your feed and Copy & Paste the code where you want it to appear
      // example: replace myPinterestAccount with your account
      <a data-pin-do="embedBoard" data-pin-board-width="300" data-pin-scale-height="300" data-pin-scale-width="80" href="https://www.pinterest.com/myPinterestAccount/"></a>

I'm putting this article here so that I can run through a checklist when I am adding an input field to an interface.

There is a strange complacency in many applications released for public use which are vulnerable to SQL Injection. According to industry reports over 60% of attacks on websites is through SQL-Injection alone.

SQL-Injection is not as complicated as it is made out. An input field in a website form is where the hacker can add code that is submitted to the website and processed by the hosting server. Take a search engine for instance, this is a field which the end-user can freely enter any text they want, especially any code. The Google Search Engine has undergone a lot of work to prevent people from injecting code into their search function. But a search engine is just one example, on your website, you need to test EVERY input field the end-user can access. For an introduction on SQL-Injection, please read my article "Anti-SQL Injection Basics".


A quick note on a htaccess rewrite rule I'm liking.

What does it do?
What I type:

Sends this to server:

A quick article on how to create a middleware script which accepts the values from a submitted HTML form and sends it to a server on another domain for processing. This applies to Linux Apache MySQL and PHP (LAMP) setups.

A customer wanted to connect their Mobile App to a third-party API. The third-party only accepts requests from a static and permitted IP address. If the end-user were to make the request, then their own IP address would be the one checked against, and it just wouldn't be manageable to add every new user's IP address to their service. The request has to come from a permitted server with a single IP address.

It's likely that you already know how to submit a HTML form to a server via your Mobile application so the following will only document the process of sending data under the server IP address. We're going to use a PHP script with the cURL function to receive and send the data. cURL is a standard feature on most LAMP setups. If not you can install it from here: http://curl.haxx.se/download.html