php-windows Digest 9 Dec 2003 21:04:37 -0000 Issue 2034
Topics (messages 22342 through 22352):
Re: php.ini
22342 by: Svensson, B.A.T. (HKG)
22345 by: Frank M. Kromann
22351 by: Hayden Kirk
cUrl
22343 by: Kimberly Tully
22348 by: Sven Schnitzke
22349 by: David Felton
Re: md5 password with javascript
22344 by: Rolf van de Krol
I cant run shell command on win2003 with iis6
22346 by: s
22347 by: s
22350 by: Paul J. Smith
page cannot be displayed
22352 by: Hayden Kirk
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Ignorant question: why would the web server like to read the php.ini
file?
On Tue, 2003-12-09 at 06:47, Frank M. Kromann wrote:
> Hi,
>
> The php.ini file ies read on startup. If you make changes to the ini file
> after the web server was started, you need to restart the web server to
> get the latest ini settings.
--- End Message ---
--- Begin Message ---
Hi,
The settings are not read by the web server, but by PHP. When PHP is
instaled as an ISAPI module (or an apache module) it is loaded into memory
when the web server is started (or on the first php request). When PHP is
in memoryit will not read the php.ini settings again. This is one of the
benefits of using ISAPI, but if you make changes to php.ini you have to
restart the web server.
- Frank
> Ignorant question: why would the web server like to read the php.ini
> file?
>
> On Tue, 2003-12-09 at 06:47, Frank M. Kromann wrote:
> > Hi,
> >
> > The php.ini file ies read on startup. If you make changes to the ini
file
> > after the web server was started, you need to restart the web server
to
> > get the latest ini settings.
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Ya I know, but theres nothing much on it so im not too fussed. Id rather
sort this problem out.
Its not reading any ini at all...
"B.A.T. Svensson" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Even though it might be helpful, I would not recommend to display
> your internal server settings in public - its a security risk.
>
> On Tue, 2003-12-09 at 03:46, Hayden Kirk wrote:
>
> > settings are at www.ixon.co.nz/*******
--- End Message ---
--- Begin Message ---
Hello,
I am trying to use cURL with php 4.3.1. I downloaded CURL
curl-7.10.8-win32-ssl-devel-mingw32 and have no idea what to do with it.
I unzipped it into a CURL directory and need help getting it set up. Can
anyone help or direct me to some documentation. I looked on the curl site
but the documentation said to run mingw32.bat which I can't find in the
files I unzipped. Any help is appreciated!!
thanks!
Kimberly
--- End Message ---
--- Begin Message ---
Hi,
apparently you downloaded the source - which you are supposed
to compile yourself, using the MINGW toolset (http://www.mingw.org).
But you might want to look for curl-7.10.8-win32-ssl.zip, if you trust
your source in using a precompiled program. It contains a compiled
Win32 CURL.EXE bundled with some explaining text files.
--
Sven
> -----Ursprüngliche Nachricht-----
> Von: Kimberly Tully [SMTP:[EMAIL PROTECTED]
> Gesendet am: Dienstag, 9. Dezember 2003 11:20
> An: [EMAIL PROTECTED]
> Betreff: [PHP-WIN] cUrl
>
> Hello,
>
> I am trying to use cURL with php 4.3.1. I downloaded CURL
> curl-7.10.8-win32-ssl-devel-mingw32 and have no idea what to do with it.
>
> I unzipped it into a CURL directory and need help getting it set up. Can
> anyone help or direct me to some documentation. I looked on the curl site
> but the documentation said to run mingw32.bat which I can't find in the
> files I unzipped. Any help is appreciated!!
>
> thanks!
> Kimberly
>
>
>
--- End Message ---
--- Begin Message ---
I recommend subscribing to the cURL and PHP mailing list at
[EMAIL PROTECTED] for all you cURL and PHP needs.
PS you should be using for cURL PHP extension for working with PHP, not the
standalone version.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 09 December 2003 4:11
To: '[PHP-WIN]'
Subject: AW: [PHP-WIN] cUrl
Hi,
apparently you downloaded the source - which you are supposed
to compile yourself, using the MINGW toolset (http://www.mingw.org).
But you might want to look for curl-7.10.8-win32-ssl.zip, if you trust
your source in using a precompiled program. It contains a compiled
Win32 CURL.EXE bundled with some explaining text files.
--
Sven
> -----Ursprüngliche Nachricht-----
> Von: Kimberly Tully [SMTP:[EMAIL PROTECTED]
> Gesendet am: Dienstag, 9. Dezember 2003 11:20
> An: [EMAIL PROTECTED]
> Betreff: [PHP-WIN] cUrl
>
> Hello,
>
> I am trying to use cURL with php 4.3.1. I downloaded CURL
> curl-7.10.8-win32-ssl-devel-mingw32 and have no idea what to do with it.
>
> I unzipped it into a CURL directory and need help getting it set up. Can
> anyone help or direct me to some documentation. I looked on the curl site
> but the documentation said to run mingw32.bat which I can't find in the
> files I unzipped. Any help is appreciated!!
>
> thanks!
> Kimberly
>
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
**********************************************************************
--- End Message ---
--- Begin Message ---
Hi Roy,
I'm using Javascript MD-5 encoding for sending my passwords. For each
session I generate simply a random string of 5 chars. I use this functions:
// generate login-id
function random_char($string) {
return $string[mt_rand(0,(strlen($string)-1))];
}
function random_string($charset_string,$length) {
mt_srand((double)microtime()*1000000);
$return_string = "";
for($x=0;$x<$length;$x++) {
$return_string .= random_char($charset_string);
}
return($return_string);
}
$alphabet = "abcdefghijklmnopqrstuvwxyz";
I generate the string by using this code:
$randomstring = random_string($alphabet,5);
I register this string as session var. I called this var $loginid.
This is the code for my login-form:
<form name="login" method="post" action="login.php" onSubmit="return
hash()">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td><strong>Username </strong></td>
<td>
<input name="form_username" type="text" id="username" maxlength="10">
</td>
</tr>
<tr>
<td><strong>Password </strong></td>
<td>
<input name="form_password" type="password" id="password"
maxlength="10">
</td>
</tr>
</table>
<input name="form_loginid" type="hidden" id="loginid" value="<?php
echo($loginid); ?>">
<input name="form_md5" type="hidden" id="md5" value="">
<p>
<input type="submit" name="Submit" value="Login">
</p>
</form>
And now the code of the javascript functions hash():
<script language="JavaScript" type="text/javascript">
function hash() {
if(document.login.form_username.value != '') {
if(document.login.form_password.value != '') {
dom = findDOM('message',1);
dom.display = 'block';
normalstring = document.login.form_password.value +
document.login.form_loginid.value;
hashstring = hex_md5(normalstring);
document.login.form_md5.value = hashstring;
document.login.form_password.value = '';
return true;
} else {
alert("You must type a password.\nWithout password the login will not
work.");
return false;
}
} else {
alert("You must type an username.\nWithout username the login will not
work.");
return false;
}
}
</script>
When the user clicks on 'Login' the function hash will be called. If the
fields username and password are filled, Javascript will combine the
password and the loginid to one string. This string will be encrypted and
putted in the field form_md5 of the loginform. The passwordfield will be
cleared. Then the data will be sended to the server.
The server does properly the same. It will searches in the database for the
password of the user, combines password and loginid and encrypts it.
$md5_data = $database_password . $loginid;
$password_md5 = bin2hex(mhash(MHASH_MD5,$md5_data));
If password_md5 and form_md5 are equal the password is correct.
When the hacker captures the encoded password, he can't do anything with it.
If he tries to login he must use another loginid and the server won't accept
the previous code he captured.
Rolf van de Krol
--- End Message ---
--- Begin Message ---
My phpscript with external command ran OK on Win2K server with IIS5
but when I moved them to Win2K3 and IIS6
none shell command could not be executed.
exec("dir f:", $out);
$out1=`dir f:\imail\users /b`;
echo "x<pre>".$out.$out1."</pre>y" ;
Have anyboby same ideas?
--
Simos Anagnostakis
Dept. of Primary Education
University of Crete
Campus Rethymno 74100
tel +302831077623 fax 77596
--- End Message ---
--- Begin Message ---
My phpscript with external command ran OK on Win2K server with IIS5
but when I moved them to Win2K3 and IIS6
none shell command could not be executed.
exec("dir f:", $out);
$out1=`dir f:\imail\users /b`;
echo "x<pre>".$out.$out1."</pre>y" ;
Have anyboby same ideas?
--
Simos Anagnostakis
Dept. of Primary Education
University of Crete
Campus Rethymno 74100
tel +302831077623 fax 77596
--- End Message ---
--- Begin Message ---
I'd check the file permissions on cmd.exe or command.com. I think this
is likely to be the problem. 2k3 security has been tightened a lot.
Regards,
Paul Smith
Microtech Limited, http://www.microtech.co.gg
Suppliers of innovative IT solutions including DNS, Mailscan and backup
email services.
-----Original Message-----
From: s [mailto:[EMAIL PROTECTED]
Sent: 09 December 2003 15:15
To: [EMAIL PROTECTED]
Subject: [PHP-WIN] I cant run shell command on win2003 with iis6
My phpscript with external command ran OK on Win2K server with IIS5
but when I moved them to Win2K3 and IIS6
none shell command could not be executed.
exec("dir f:", $out);
$out1=`dir f:\imail\users /b`;
echo "x<pre>".$out.$out1."</pre>y" ;
Have anyboby same ideas?
--
Simos Anagnostakis
Dept. of Primary Education
University of Crete
Campus Rethymno 74100
tel +302831077623 fax 77596
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi
Im using php.exe on win2k. When I visit a php page i get page cannot be
displayed. Other pages work fine. Any ideas? the php dll wont work at all,
it refuses to read the ini file at all.
Really anonying, cant figure this out.
--- End Message ---
