Well, you could try to edit each PHP file and add a piece of login code at
top, but if the directory will also contain images (which need a password to
access), it would not be possible that way.
Tijnema
On 3/4/07, Jason Karns <[EMAIL PROTECTED]> wrote:
I'm trying to find a way to password pr
Hi,
I'm not able to open any of these files, because my NAV detects them as PHP
Backdoor Trojans. So they look nice, but they are detected by my AV (and
probably other AV programs too)
I'm not going to test these scripts, but i think it does show how many harm
a PHP script can do.
Do these script
Hi Mike, thanks for the help, I really appreciate your time. :)
Michael Weaver wrote:
It's not a PHP trick, but it should work for you, even with restrictions.
Definitely a good option. Actually, that is close to what I am doing now:
#header("Refresh: 0; URL=http://www.domain.com/start.php?p
Joker7 wrote:
I would suggest you change host as this one seem very restrictive or ask
your host to edit the .htaccess file for you ;(
Hi Chris, thanks for the reply. :)
Yeah, I actually talked to client today, and they are fed-up with host
too... sounds like they want to make a switch asap.
Folks,
I have been busy with life over the last number of months and have
finally been able to sit down and take the time to construct a site to
house the scripts that people have used to try to take down my server.
The following URL links to the majority of the hack tools that have been
tried. T
Do this:
$sstr= base64_encode(serialize($foo));
$return= unserialize(base64_decode($sst));
Richard Kurth wrote:
This gets the same error
$testdata=stripslashes($testdata);
$testdata= unserialize($testdata);
var_dump($testdata);
And I can't strips
Alain Roger wrote:
Hi,
I would like to have an Open file dialog box in my PHP page like it
exist on
Microsoft Windows.
This dialog box should allow user to select a file from his computer.
Is there something like that in PHP ?
Showing that box isn't php related, but this page has a tutorial
Dotan Cohen wrote:
Are there any advantages/disadvantages to using and of the ` " or '
punctuation symbols in MySQL queries? I usually only put them around
variables (after being sanitized, of course):
INSERT INTO places (country, city) VALUES ('$country', '$city')
Any thoughts on the issue? Th
Not a single field, but there's several methods of storing trees of
information, which is what an array is. Here's one:
Nested Array storage table:
ArrayID (int, autonumber)
keyname (text)
parent (int)
data (bigtext or whatever would be appropriate for the data you're storing)
For an array l
This gets the same error
$testdata=stripslashes($testdata);
$testdata= unserialize($testdata);
var_dump($testdata);
And I can't stripslashes before serializing because I don't have control of
the script that sends the data
-Original Message-
From: Al [mailto:[EMAIL PROTECTED]
Sent: Sunday
An array is a "multi-value field". The standard way to do that in SQL is with
a dependent table, something like this:
foo(fid, field_a, field_b, field_c);
foo_d(fid, value);
Or possibly:
food_d(fid, delta, value);
where delta is essentially an array offset if you want to maintain ordering.
stripslashes before serializing; not afterwards.
Richard Kurth wrote:
Way am I getting Error at offset 499 of 497 bytes bool(false) when I run
this script below according to the manual this should work';
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php
$permissable_MINE_types= array( //*** file upload parms
'image/png' => 'png',
'image/gif' => 'gif',
'image/jpeg'=> 'jpg',
'image/pjpeg' => 'jpg',
'application/pdf' => 'pdf',
);
$upload_parms['permis_ty
On Sunday 04 March 2007 23:04, Sancar Saran wrote:
> Hi,
>
> I want to know is there any db server around there for store php arrays
> natively.
>
> Regards
>
> Sancar
Thanks for responses, it seems I have to give more info about situation.
In my current project, we had tons of arrays. They are ve
I'm trying to find a way to password protect a directory. I currently have
an authentication and authorization system in place for pages in my
directory. I'd prefer to use my existing system somehow (as it includes
OpenID authentication) as opposed to using htaccess and HTTP Auth. The only
idea
Alain Roger wrote:
> I attached a screenshot to this post in order to illustrate what i'm
> looking for.
Your image was scrubbed. Can you post a link to it?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Sunday 04 March 2007 1:15 pm, Mike Shanley wrote:
> Stut wrote:
> >> I have a sidebar on my site that gets a few random articles from that
> >> table, prints the titles, small blurbs, and a link. The link goes to
> >> the main article. I get the random IDs outside of mysql because I've
> >> made
Way am I getting Error at offset 499 of 497 bytes bool(false) when I run
this script below according to the manual this should work';
Tijnema ! wrote:
On 3/4/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> Give your server a unique ID, and add that to your check string lets
say
> so you store in your cookie the username and the check string.
>
> example
> $user = "tijnema";
> $server_unique_key =
> "w#$#%#54dfa4vf4w5
On 3/4/07, Stut <[EMAIL PROTECTED]> wrote:
Tijnema ! wrote:
> Give your server a unique ID, and add that to your check string lets say
> so you store in your cookie the username and the check string.
>
> example
> $user = "tijnema";
> $server_unique_key =
> "w#$#%#54dfa4vf4w5$2!@@$
> ";
> $check
Tijnema ! wrote:
Give your server a unique ID, and add that to your check string lets say
so you store in your cookie the username and the check string.
example
$user = "tijnema";
$server_unique_key =
"w#$#%#54dfa4vf4w5$2!@@$
";
$check_string = md5($server_unique_key.$user.$server_unqie_key);
Alain Roger wrote:
Ok, but i would be very glad to know how can i REALLY authenticate the
user.
for example, user is logged, so i have in the cookie his login name.
how can i be sure that it's the same user and not some hacker who hacked
the
cookie and the session ?
what should be checked and
Give your server a unique ID, and add that to your check string lets say
so you store in your cookie the username and the check string.
example
$user = "tijnema";
$server_unique_key = "w#$#%#54dfa4vf4w5$2!@@$
";
$check_string = md5($server_unique_key.$user.$server_unqie_key);
and check that each
Ok, but i would be very glad to know how can i REALLY authenticate the user.
for example, user is logged, so i have in the cookie his login name.
how can i be sure that it's the same user and not some hacker who hacked the
cookie and the session ?
what should be checked and where those data shoul
On 3/4/07, Stut <[EMAIL PROTECTED]> wrote:
Alain Roger wrote:
> I would like to implement a module access rights in my web application.
> Basically after authentication and authorization. Logged user has a
> particular profile which allow him to have access to some part of the
web
> application.
Hi,
do not worry, i will not store a password in a cookie.
it is stored encrypted into database.
Al.
On 3/4/07, Stut <[EMAIL PROTECTED]> wrote:
Alain Roger wrote:
> I would like to implement a module access rights in my web application.
> Basically after authentication and authorization. Logg
Alain Roger wrote:
I would like to implement a module access rights in my web application.
Basically after authentication and authorization. Logged user has a
particular profile which allow him to have access to some part of the web
application.
after reading the security guide from *php*sec.org
Hi,
I would like to implement a module access rights in my web application.
Basically after authentication and authorization. Logged user has a
particular profile which allow him to have access to some part of the web
application.
after reading the security guide from *php*sec.org webpage, i'm c
Stut wrote:
I have a sidebar on my site that gets a few random articles from that
table, prints the titles, small blurbs, and a link. The link goes to
the main article. I get the random IDs outside of mysql because I've
made it more likely for newer articles to be chosen than older
ones... Th
Please include the list in all replies.
Mike Shanley wrote:
Stut wrote:
There is no "simple" way. But this question comes up fairly often, and
the usual answer is that there's no need to fill the holes. Why do you
think you need to fill the holes? If there is no good reason to do it,
why are
I can't find your screenshot
but anyway, i think this is again client side, and so you can't do anything
with PHP as PHP is server side code.
Tijnema
On 3/4/07, Alain Roger <[EMAIL PROTECTED]> wrote:
Hi,
I would like to know if it exist a class with allow to have a windowed
form tabbed
Hi,
I would like to know if it exist a class with allow to have a windowed form
tabbed like under Firefox (each web page is included into a tabbed page
control)
I attached a screenshot to this post in order to illustrate what i'm looking
for.
thanks a lot for your comment.
--
Alain
---
Mike Shanley wrote:
Stut wrote:
I'm not sure what you mean by "extra indexing memory". The autonumber
feature is simple in that MySQL just keeps track of the last ID used
and increments it to get the next one. However, I don't think there is
any overhead caused by deleted records. If you can c
Stut wrote:
I'm not sure what you mean by "extra indexing memory". The autonumber
feature is simple in that MySQL just keeps track of the last ID used
and increments it to get the next one. However, I don't think there is
any overhead caused by deleted records. If you can cite a source for
t
Mike Shanley wrote:
I'm currently on a server using mysql 4.x and I'm having a few small
issues that I can't seem to find a decent solution to. I would
appreciate any help.
First, I have an ID field as my primary key, but whenever I delete a
row, that ID is not filled. This is a major problem
Hi,
I'm currently on a server using mysql 4.x and I'm having a few small
issues that I can't seem to find a decent solution to. I would
appreciate any help.
First, I have an ID field as my primary key, but whenever I delete a
row, that ID is not filled. This is a major problem for random cal
Hey!
Thanks Stut, Tijnema.
I'll test out the ideas you guys contributed to me.. after I finish a working
copy will ask you guys to give it a look over ;)
@Stut: The list is not in alphabetical order.. and 2, I have no idea of the
size of the file (for the regex suggestion) but I am guessing it
Well, you are using the file_get_contents function right now, what about a
loop that reads the file line by line, checks if the user matches, and stops
when found the right user?
it's an all in one loop :)
just like this:
$found = false;
$fp = fopen($file,"r");
while(!feof($fp) && $found == fals
Ryan A wrote:
Will be making two versions, one with a DB and one to work with the file
for the old school folks who dont want to convert their file and use
"new fangled" databases... some people its easier to just not argue or
try to convince...
and however stupid someone's opinion is, they are
Hey Stut,
Thanks for replying.
Will be making two versions, one with a DB and one to work with the file for
the old school folks who dont want to convert their file and use "new fangled"
databases... some people its easier to just not argue or try to convince...
and however stupid someone's opin
Are there any advantages/disadvantages to using and of the ` " or '
punctuation symbols in MySQL queries? I usually only put them around
variables (after being sanitized, of course):
INSERT INTO places (country, city) VALUES ('$country', '$city')
Any thoughts on the issue? Thanks.
Dotan Cohen
In news: [EMAIL PROTECTED],
"Alain Roger" said:
>> Hi,
>>
>> I would like in fact to make more precise my previous post.
>> I would like in fact to restrict the file extension (and therefore
>> the user possibility).
>>
>> My user should be able only to upload files with extension JPEG,
>> BMP, GI
In news: [EMAIL PROTECTED],
Micky Hulse said:
>> PHP gurus I need your help!
>>
>> I worked on a small site for a client who uses a host that I think
>> has PHP running as or under CGI (not much experience with this type
>> of setup personally.)
>>
>> Long story short, this host really sucks..
Ryan A wrote:
I have a login/password file with these kind of values:
user1:pass1
user2:pass2
cat:dog
love:hate
I have opened the file and put it into an array with this code:
(thanks to richard lynch from this list for idea and code snippets)
$file = file_get_contents('a.htpasswd');
preg_ma
Hi!
I have a login/password file with these kind of values:
user1:pass1
user2:pass2
cat:dog
love:hate
I have opened the file and put it into an array with this code:
(thanks to richard lynch from this list for idea and code snippets)
$file = file_get_contents('a.htpasswd');
preg_match_all('/(
Hi guys,
Thank you for your responses and your input.
"At the end of the day the best way to secure data being transferred from
client to server is to use SSL."
THAT I know ;) was just wondering from a normal http page... and you answered
that question perfectly...so thanks again!
Would someo
ORIGINAL##
I would like in fact to make more precise my previous post.
I would like in fact to restrict the file extension (and therefore the user
possibility).
My user should be able only to upload files with extension JPEG, BMP, GIF.
How can i set those parameter ?
thx.
END ORI
I think you meant to send this to the OP not me. And please also include
the list in your replies.
Tijnema ! wrote:
The best way is using a HTML form, and then adding a javascript ,that
runs before submitting, that encrypts the password with md5.
This offers little more security than plain te
Alain Roger wrote:
I would like in fact to make more precise my previous post.
I would like in fact to restrict the file extension (and therefore the user
possibility).
My user should be able only to upload files with extension JPEG, BMP, GIF.
How can i set those parameter ?
You can't control
Hi,
I would like in fact to make more precise my previous post.
I would like in fact to restrict the file extension (and therefore the user
possibility).
My user should be able only to upload files with extension JPEG, BMP, GIF.
How can i set those parameter ?
thx.
--
Alain
--
Hi,
I would like to have an Open file dialog box in my PHP page like it exist on
Microsoft Windows.
This dialog box should allow user to select a file from his computer.
Is there something like that in PHP ?
thx.
--
Alain
Windows XP SP2
PostgreSQL 8.1.4
Apa
Ryan A wrote:
Quick question, one of our sites already uses BASIC_AUTH to take the username
and pass from clients, we were thinking of instead doing it via a login form
(so we can also add a CAPTCHA later...if needed)
what I would like to know is, by using a login form instead of a BASIC_AUTH
Hey all!
Quick question, one of our sites already uses BASIC_AUTH to take the username
and pass from clients, we were thinking of instead doing it via a login form
(so we can also add a CAPTCHA later...if needed)
what I would like to know is, by using a login form instead of a BASIC_AUTH are
w
# ORIGINAL ##
I have just finished installing Apache with PHP, and now i'm trying to open
a file and gives me this error:
failed to open stream: Resource temporarily unavailable
What can i do? i searched the error_log, but it doesn't show anything about
this i believe, but the log is very
Hi,
I have just finished installing Apache with PHP, and now i'm trying to open
a file and gives me this error:
failed to open stream: Resource temporarily unavailable
What can i do? i searched the error_log, but it doesn't show anything about
this i believe, but the log is very big because of a
# martin@bugs.unl.edu.ar / 2007-03-03 09:18:08 -0300:
> We have a system (I didn't work on it, just maintaining it) that has
> about 1100 images in a directory. I think we aren't seen any problems
> just because it's on a 64bit system.
You should test that assumption.
--
How many Vietnam vets
Ryan A wrote:
> Hey, I have a old htpasswd file with a lot of logins in this format:
>
> test:dGRkPurkuWmW2 (test:test) test1:dGlAW3zdxeAG2 (test1:test1)
>
> now I have a login form what takes a POST "user" and a POST "pw"...
> but if you look at my above first example login.. the username and
>
Alain Roger wrote:
> I know how to do that for 1 picture. But i want to display the pictures as
> thumbnail... so several pictures on the same PHP pages, with some texts.
Seems to me that Matt's suggestion is perfectly applicable. You could
simple add tags as necessary, each with the call to the
58 matches
Mail list logo
