Re: [PHP] Nasty DoS in PHP | Windows only?
- Original Message - From: "Jason Murray" <[EMAIL PROTECTED]> To: "'Jason Soza'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, April 17, 2002 11:36 PM Subject: RE: [PHP] Nasty DoS in PHP | Windows only? > > I'd be interested in knowing your versions and the versions > > of the first guy that posted about this. Maybe he has the same > > setup as me, or close enough, but both of us are different > > from you. > > Actually, I just thought about it - maybe you guys are both running > it on Windows (shame on you ;)). > > I *have* actually seen PHP bring down IIS with a setcookie command. > Since a setcookie issues headers, I thought "fine, screw you, I'll > set the headers myself", and it STILL brought IIS down. And indeed, > the load *did* skyrocket and require a reboot of the server. I know what you are saying. I've taken down apache on win32 with setcookie > > I asked around here at the time if anyone had experienced this (look > through the mailing list archive to find it) and at the time got > more of a congratulatory salute from the list members than any real > responses :) > > Maybe this is more of a PHP-on-IIS issue than an actual security > issue in PHP. > I'm pretty sure they ran PHP on apache, not IIS. Maybe this problem is only with the win32 version of the PHP module. Nonetheless, a bug is still a bug. It would be nice if it wasn't there=) > Jason > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] page expired message
try using GET Method instead of POST. It solves the problem, however, the parameters that you pass through will be shown in the address bar. If someone know a way to avoid that page with POST, please let me know too! - Original Message - From: "Gonzalez, Zara E" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 20, 2002 9:56 AM Subject: [PHP] page expired message > Is there any way to avoid getting this message when I hit back on my browser > > "Warning: Page has Expired The page you requested was created using information > you submitted in a form. This page is no longer available. As a security > precaution, Internet Explorer does not automatically resubmit your information > for you. > > To resubmit your information and view this Web page, click the Refresh button." > > I get it when I am using a form with session variables... > > Zara > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to avoid "Warning: Page has Expired" error?
Hi there, i'm building a form that posts to a php page. When I click on back on my browser and then forward. It gives me this warning. Is there anyways to avoid this? thanks! -David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Emulating a browser, parse cookies with PHP
Hi, I'm trying to make a PHP script that would go in a website and log in. The website uses cookie to authenticate with its services. I made HTTP GET requests using fsockopen and parsed the results back into a variable. However I cannot find the cookie info(Set-cookie) in the returned content. Is there special commands I have to send with the GET request in order for the server to send back cookies? Or am I just doing this all wrong? Any help will be appreciated! thanks!! -David Zhao
