RE: [PHP] PHP priviledges
Hello, I have similar concerns with the host I'm trying out right now - though they're running Linux/Apache. My problem is with lack of security with shell access (i.e. access to other client's directories and key server files) and apparently lax monitoring of its privacy policies. I'm not a sys admin so I don't know exactly what is achievable, but I was surprised by the loose config of the server I'm on. I'm looking for a Virtual-Host provider running PHP/MySQL who has mastered the concept of providing a secure, shared environment to it's clients - including ssh/scp access restricted to only what's owned by me, secured administration tools, secured email communication with its clients, and complete logical and physical security of the server and data center. Does anyone have a recommendation? I've seen providers that address these issues for dedicated server configs - but not virtual server configs. Best Regards, bd -Original Message- From: José León Serna [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 09, 2001 6:57 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP priviledges Hello: In my host, the php is installed in a way that I have access from a php script to all the webs on that server, (there are almost 60) and I can delete/copy any file of other servers. I don't like this because other user of that server can do the same as I. I have contacted with my host and they doesn't know how to prevent php/IIS to have access to other directories on the server, Is this possible? Best Regards Visual PHP Studio, RAD development with PHP http://www.visualphpstudio.f2s.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] If else question
Is this a nested if? (inside another if statement?)
- Original Message -
From: "Jennifer Downey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 23, 2002 1:05 PM
Subject: Re: [PHP] If else question
>
> I just looked at my hosting service thinkg it may have been because they
> just upgraded to 4.1 php. so I dumped my database and loaded it to my
> machine at home and find that it does the same thing.
>
> I have 4.06 php on win me my hosting service is 4.1 php on redhat linux so
> I'm thinking that is not the case.
>
> I have used this code through out my site and this is the only part it
does
> this on and I am not understanding why.
>
> Jennifer
>
>
>
>
> "Natalie Leotta" <[EMAIL PROTECTED]> wrote in message
> 7546CB15C0A1D311BF0D0004AC4C4B0C024ABFC4@SSIMSEXCHNG">news:7546CB15C0A1D311BF0D0004AC4C4B0C024ABFC4@SSIMSEXCHNG...
> > My officemate and I talked about this and the only thing he could come
up
> > with was a possible problem with your parser. Are you using a beta
> version
> > or something unusual? I don't know if you have a way to know this - the
> > programmers didn't set up PHP where I work, but I know our web server is
> > apache and it's on a unix box. I've never run into this problem before.
> > Have you had it happen in other programs? Have you ever used this code
in
> > another program? If it's consistently incorrect then it may be a
problem
> > with your parser. That's not really my area of expertise, but it's
> > something you could look into if no one else has any better ideas :-)
> >
> > -Natalie
> >
> > -Original Message-
> > From: Jennifer Downey [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, April 23, 2002 12:26 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] If else question
> >
> >
> > It shows both.
> >
> > "Natalie Leotta" <[EMAIL PROTECTED]> wrote in message
> > 7546CB15C0A1D311BF0D0004AC4C4B0C024ABFC3@SSIMSEXCHNG">news:7546CB15C0A1D311BF0D0004AC4C4B0C024ABFC3@SSIMSEXCHNG...
> > > Does it show the message and the form or just the message?
> > >
> > > -Natalie
> > >
> > > -Original Message-
> > > From: Jennifer Downey [mailto:[EMAIL PROTECTED]]
> > > Sent: Tuesday, April 23, 2002 12:23 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: [PHP] If else question
> > >
> > >
> > >
> > > > If and else expect to be followed by exactly 1 statement. To
> > > > aggregate multiple statements as one, surround them with {curly
> > > > braces}. I'm guessing you didn't do that, and you're seeing the
> > > > execution of all but the first of the statements following the else.
> > > >
> > > > So it should be:
> > > >
> > > > if ($var<1)
> > > > echo "can't be found";
> > > > else
> > > > {
> > > > echo "first line of form";
> > > > echo "second line of form";
> > > > }
> > > This is what I have:
> > >
> > > if($quantity < 1)
> > > {
> > > echo "Sorry I can't seem to locate this item";
> > > }
> > > else
> > > {
> > > do this
> > > }
> > > So yes I have done exactly as you have stated and it still shows the
> > > form.
> > >
> > > Jennifer
> > >
> > >
> > > ---
> > > Outgoing mail is certified Virus Free.
> > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > Version: 6.0.351 / Virus Database: 197 - Release Date: 4/19/2002
> > >
> > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.351 / Virus Database: 197 - Release Date: 4/19/2002
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.351 / Virus Database: 197 - Release Date: 4/19/2002
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] If else question
am i off on the wrong track here? i thought the original problem was that
both clauses in the if statement were exectuting (the 'if' and the 'else')?
> Now, we're getting somewhere!!!
>
> First, have you printed out $query to ensure it contains what you
expected?
> Show us.
>
> Second, are you certain the mysql_query() is successful? I ask, because
you
> don't have the "or die()" that SHOULD be on all queries.
>
> Third, have you printed out all the values fetched via mysql_fetch_array()
> to ensure they contain valid data?
>
> - Original Message -
> From: Jennifer Downey <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, April 23, 2002 12:48 PM
> Subject: Re: [PHP] If else question
>
>
> Ok you asked for it.
> Don't say I didn't warn you.
>
> session_start();
> $query = "SELECT name FROM {$config["prefix"]}_users WHERE
> uid={$session["uid"]}";
> $ret = mysql_query($query);
> while($row = mysql_fetch_array($ret))
> {
>
> $user = $row['name'];
>
>
>
> $query = "SELECT uid, id, iname, image, quantity, type FROM
> {$config["prefix"]}_my_items WHERE uid={$session["uid"]} AND id = '$id'
> ORDER BY id";
> $ret = mysql_query($query);
> while($row = mysql_fetch_array($ret))
> {
> $uiid = $row['uid'];
> $iid = $row['id'];
> $image = $row['image'];
> $iname = $row['iname'];
> $quantity = $row['quantity'];
> $type = $row['type'];
> // this is the problem if statement. Please don't yell at me for my style.
> It is easy for me to read so I'm sorry if it's not for you.
> if($quantity < 1)
> {
> echo "Sorry I can't seem to locate this item";
> }
> else
> {
>
> session_register("uiid");
> session_register("iid");
> session_register("image");
> session_register("iname");
> session_register("quantity");
> session_register("type");
>
>
>if($iid == $id)
>{
>
> $display_block .=" 2>$iname$quantity$type";
>
> echo "$display_block";
>
> if($type == "food")
> file://if the item food is present then set an option and include in
> the
> form later
> {
>$thisoption="Feed my pet\n";
> }
> else
> {
> file://if book or weapon is present then set a blank
> $thisoption="";
>}
> }
> }
> }
> }
> file://check if form has been submitted
> if($submit)
> {
>
> }
> else
> {
>
> file://if the form has not been submitted run the following
>
>
>echo "";
>echo "";
>echo "$thisoption";
>echo "Put in my shop";
>echo "Put into my Footlocker";
>echo "Discard this item";
>echo "Donate this item";
>echo "";
>echo "";
>echo "";
>
>
> }
>
> Jennifer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP software tool
I use 1stpage from evrsoft.com .. not a "real" php editor, but does a pretty good job... > Does anybody know of or can recommend any freeware text editing tools for > editing PHP code in Win32? > I can manage with Windows' Notepad but something with code highlighting etc > and of a similar footprint to notepad would be useful. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
