php-windows Digest 4 Apr 2002 11:35:45 -0000 Issue 1077
Topics (messages 12923 through 12927):
Re: Any credability lost...
12923 by: Brad Thomas
Re: testing for value in $HTTP_COOKIE_VARS
12924 by: Steve Yates
Re: Configuring securely in IIS5
12925 by: olinux
Random "CGI Error" ???
12926 by: Fabio
update?'
12927 by: Sandeep Murphy
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
"Ross Fleming" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> It is after 6am, I am just going to bed after several friends have left my
> flat after copious amounts of vodka consumed. Just thought people might
be
> interested to hear and share any similar stories! :) OK, bed now, up-time
> and hang-over in 4½ hours now. Yeeeeeeeeeeeeeeeeha!!!!
>
> R
>
Right :)
Vodka + PHP = Brainhurt
--- End Message ---
--- Begin Message ---
To follow up with the group, I received an answer via e-mail within a
few minutes with two methods (thanks AB).
(1)
$foo = @$HTTP_COOKIE_VARS["foo"];
# Where the @ suppresses the warnings on the call.
if ($foo)
{
}
(2) The one I ended up using (modified a bit):
if ((isset($HTTP_COOKIE_VARS["foo"]) and ($HTTP_COOKIE_VARS["foo"] ==
'value'))
{
}
PHP short circuits the logic so method 2 doesn't throw the error on the
value test. Or of course you can put the test for the value inside the if
{}. Also for environment variables you can use getenv() rather than the
array.
- Steve Yates
- * <- Tribble. ! <- Tribble With A Mohawk.
/ Taglines by Taglinator 2.5 - www.srtware.com /
--- End Message ---
--- Begin Message ---
Eric,
I am in the beginning of the same process. I do php,
unfortunately our company has just made a large
investment in an ASP/MSSQL based directory. I will be
building a content management system and moving site
from static to database driven
(www.insurancejournal.com). I'd love to share tips on
how to do this most effectively. I have heard that the
most recent build is much more stable as ISAPI module
so that's what I'll be trying - another issue I need
to sort out is how to keep url's search engine
friendly - ie. website.com/news/article_id/123
I will be using the latest php build from this site. I
think that this will probablybe much better configured
than whatever I would come up with.
http://www.php4win.com
Later,
Josh
--- Eric Gentry <[EMAIL PROTECTED]>
wrote:
> I have looked at the tool already, and it doesn't
> reference security for
> any issues with php.
>
> I know what to do to the IIS server to secure it, my
> concern is over the
> addition of the php module and how it effects the
> security of the
> system.
>
> -----Original Message-----
> From: Robin Bolton [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 01, 2002 10:52 AM
> To: Eric Gentry; [EMAIL PROTECTED]
> Subject: RE: [PHP-WIN] Configuring securely in IIS5
>
>
> A good place to start may be the IIS Lockdown Tool:
>
>
http://www.microsoft.com/WINDOWS2000/downloads/recommended/iislockdown/d
> efau
> lt.asp
>
>
> -----Original Message-----
> From: Eric Gentry
> [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 01, 2002 8:15 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP-WIN] Configuring securely in IIS5
>
>
> I have been able to install php and get it running
> on our test server
> running IIS5. Everything is going fine, but now I am
> beginning to ponder
> the question, how do I secure this when it goes
> live?
>
> I have read through the installation documentation,
> and read the
> security chapter of the php manual that I downloaded
> from the php.net
> website.
>
> Various queries to Google have been unproductive, so
> I thought I may
> check here.
>
> Now, I am not talking about script internals
> security (that will be
> handled more by our development team), just mainly
> how to configure php
> on the server so that I don't have people tearing
> the darn thing down
> when this site goes live. We are using the ISAPI
> module.
>
> I have seen numerous tidbits on Apache, but we are
> going to be using
> IIS.
>
> Can anyone point me to a book, FAQ, examples,
> anything to set me on the
> way?
>
> Thanks a ton
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
--- End Message ---
--- Begin Message ---
I have a php page that is invoked as method in a form. It happens that (it
seems randomly) I obtain a :
---
CGI Error
The specified CGI application misbehaved by not returning a complete set of
HTTP headers. The headers it did return are:
---
If I try to post it again, then the page probably is displayed ok
(...probably)
I use some session function at the start of this page, but I can't
understand why this page works good in a "ghost"-ed but slower server.
The session parameters seems to be ok, since they work fine on the other
server.
Anyone have some idea?
Thanx, Fabio
--- End Message ---
--- Begin Message ---
[Sandeep Murphy]
Hi,
I need to update an entire table in one database with the values from
another database... My query reads like this:
update palmeira.t_colaboradores t, hr.member_status s, hr.member_data d
set t.structure=s.structure, t.depart_area=s.area where t.cs_id=d.cs_id
and d.cs_id=125
[Sandeep Murphy]
in the query, plameira and hr are the 2 diff databases....
any suggestions as to how to make this work???
tia,
sands
--- End Message ---
