Re: [PHP] Retaining data across multiple sites
Hey Ben: Ben Sinclair wrote: These are all workable solutions Not really. JavaScrap and cookies are not a solution. They're a quick answer which doesn't work 100% of the time. *IF* you're going to use sessions, use a URL based session ID, which will work in 100% of browsers. Not all browsers have cookies and/or JavaScrap eneabled, let alone have the capacity in the first place. If I link to hidden images on non-secure servers, the browser will display a warning. I'm also trying to avoid buying multiple certificates when all I want to do is brand a site. What EXACTLY do you want to track? User movement patterns? Hit counts? Ad clickthroughs? Ad impressions? The proper solution to the problem depends on what the goal is. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how to pass variable and an internal link
Hey Sergio: Jena wrote: how can I pass either the internal anchor and the variable in the url? I tried in many ways echo a href=\page.php#my_anchor?variable= . $my_variable . \go to/a; echo a href=\page.php?variable= . $my_variable . #my_anchor\go to/a; This URL works for me: http://66.39.64.134/teams.htm?LeagueID=ncaab#d27 So, your second attempt should work. Personally, I'd rewrite your line as this: echo a href=\page.php?variable=$my_variable#my_anchor\go to/a\n; If this doesn't working for you, there's something wrong with the HTML in page.php or with your browser. Most likely, you haven't set the name/id anchor correctly. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] getenv $REMOTE_ADDR
Hi Steven: Steven Walker wrote: Does anybody know why the predefined variable $REMOTE_ADDR would be null, while getenv(REMOTE_ADDR) works fine? Put register_globals on via your php.ini or .htaccess file. In php.ini, change register_globals = Off to register_globals = On Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] textarea form input converting lt; and gt; to
Hi Byron: Byron Albert wrote: The major problem here is that some times we want lt; and some times we want to input html tags. The solution depends on what you're trying to do. What's your goal. Are you using the text area to store full web pages, or examples of how to write HTML, or See you, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] dealing with MSWord curly quotes in text
Hey Austin: text has been edited in MSWord and the quotes that it uses get turned into question marks. does anyone know a way to convert these MSWord quotes to normal marks? Replace the nasties with preg... $Data = preg_replace('/[\x93\x94]/', '', $Data); I figured out the Hex numbers of the offending characters by pasting such an offensive character into the following piece of code where the x is... echo dechex(ord('x')); You could use the same principles to replace all sorts of junk. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] exec()/PGP: long file names, hanging.
Hi Folks: Upgraded today from 4.0.7-dev to 4.1.1 on my Windows NT / Apache system in hopes of eliminating a problem I'm having. But, doing so brought up another problem... First, I found that in my 4.1.1 implementation, I had to use short file names when running PGP in an exec() statement. In 4.0.7-dev, long file names were fine. Wondering if anyone knew what changed. Second, the problem I was trying to quash is still there. The script loops through an array, putting the contents into a file and then PGP signing that file. It works fine the first 17 times. But, after the 18th file is run through PGP, PHP hangs. I added some debugging after PGP is exec()'ed. That statement doesn't get executed the 18th time. If I then kill PGP via the Process list in the Task Manager, the PHP loop contiunues on, creating the file showing the results from the 18th exec() of PGP and then going into the 19th loop and then hangs after the PGP exec(). Killing PGP again, the 19th debug file is created and the process goes onto the 20th file... Is there some process or file limit I'm running into in PHP? Or is it a PGP problem? I don't think it is. I've added sleep() statements to slow things down, in the event that was the problem. It wasn't. Still gets cought at the 18th round. The size of the stuff being saved in the file doesn't matter. Things hang after 18 tries. Looking through the PGP documentation, various PHP and PGP related newsgroups and general web queries found nothing relevant. Here's a code sample... ?php # OKAY in 4.0.7-dev. BAD in 4.1.1. $PGP = 'l:/program files/network associates/pgpnt/pgp.exe'; # OKAY either way. $PGP = 'l:/PROGRA~1/NETWOR~1/pgpnt/pgp.exe'; putenv(PGPPATH=L:/PROGRA~1/NETWOR~1/PGPNT/PGPKEY~1); $PGPFile = './zoo'; $PGPUser = 'xyz [EMAIL PROTECTED]'; set_time_limit(0); $Count = 25; for ($i = 1; $i $Count; $i++) { $fp = fopen($PGPFile$i, 'w+'); fputs($fp, stuff); fclose($fp); # In the 18th itteration, the process hangs AFTER executing # this statement... exec($PGP -sta $PGPFile$i -o $PGPFile$i -u \$PGPUser\, $x); # Let's log PGP activity to see what happens... $fp = fopen($PGPFile$i.txt, 'w+'); fputs($fp, implode(\r\n, $x) ); fclose($fp); unset($x); $fp = fopen($PGPFile$i.asc, 'r'); $Out = fread($fp, filesize($PGPFile$i.asc)); fclose($fp); # unlink($PGPFile$i); # unlink($PGPFile$i.asc); echo pre$i++\n$Out/pre\n\n; } ? Thanks for your thoughts, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Data History
Howdy Steven: Steven Walker wrote: If data is missing or incorrect, the user is alerted to 'go back'... but upon going back in history, all the data that was in the form is lost. This did not occur on my regular not-secure web server. Page caching. You can alter that through the header() function. But, a cleaner way handle user validation problems is to reprint the form and data on the present page. I like to have both the initiating form and the form validation take place in the same script. Put the form itself in a function or an include file. The form should use PHP variables in the value. If there are validation problems, tell the user what's up and have the script re-display the form and the data they just entered will be filled in! An example of such an input element would be... input type=text name=foo value=?php echo $foo; ? / Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Forms and IE
Hi Sean: Sean Hurley wrote: Agree input type=checkbox name=agree[] value=agree I Do Not Agree input type=checkbox name=disagree value=disagree if ($agree) /* (I have tried this also with ($isset = $agree)) */ { header (location: ?link=form); } else { header (location: /LETS); } Several things here. You're probably having problems because you defined agree as an array (via the brackets in name=agree[]), but in your code you're examining it as a regular variable. By the way ($isset = $agree) isn't real, at least in this context. You mean if ( isset($agree) ) {... Now, to do this job right... First, use radio buttons. Second, make disagree the default. Third examine the information in PHP. Fourth, use a full URL in the Location. Fifth, write clean code, using indents to demarcate nesting so your code is easier to read. FORM: input type=radio name=Agree value=Y / I Agree input type=radio name=Agree value=N checked / I Do Not Agree RECEIVING SCRIPT: if ($Agree == 'Y') { header('Location: http://foo.org/?link=form'); } else { header('Location: http://foo.org/LETS/'); } Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] attachment problem
Hi Olev: There are several threads on this in the archives. In fact it was discussed just the other day. http://groups.google.com/groups?hl=engroup=php.general Put mime email into the search criteria and that discussion is the third one down. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Verisign / Payflow Pro
Hi Ed: I saw PHP has built-in support for Cybercash, but that Verisign has purchased them. It looks like I'll have to go with Payflow Pro, but I'm wondering if PHP has built-in support, available modules, or what the best approach is. Any recommendations? PHP does indeed have support for Payflow Pro. See http://www.php.net/manual/en/ref.pfpro.php. All these functions do is ship off the data to Verisign and return the response to a variable. You still need to assemble the data in Payflow format and then handle the response codes. I've written my own purchasing procedure which compiles the information in Payflow format (including Level 3 line item transaction data), passes it to Payflow Pro, handles the response codes, and stores the data in text files which get downloaded to an offline system, and finally imported into the offline database for historical and reconcilliation purposes. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Calling PHP function from Perl - as external program
Hey Vaclav: Vaclav Muchna wrote: system('/fullpath/ob', '100'); produce this message: X-Powered-By: PHP/4.1.0 Content-type: text/html No input file specified. but, when i remove -q parametr from ob, it procude this message: X-Powered-By: PHP/4.1.0 Content-type: text/html #! /usr/bin/php Params: so, it is executed, but seem to be parsed by some other php in system (due to string output #!/usr/bin/php), but no parametrs are given. But what does your ob script look like? There may be an error in it causing the No input file specified response. Caio! --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to find out what country the visitor comes from
Hi: SED wrote: I'm trying to find out what country the visitor comes from to offer them suitable language $HTTP_X_FORWARDED_FOR or gethostbyaddr($REMOTE_ADDR) Domain names and IP's are NOT the way to go. Way to unreliable. Use the HTTP header HTTP_ACCEPT_LANGUAGE. Take it easy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to Configure the MySql Database?
Mr K: Karadamoglou Kostas wrote: I don't know to configure MySql Database On Apache Server in Windows System. What I must do? (step by step) Read my MySQL Basics tutorial: http://www.analysisandsolutions.com/code/mybasic.htm. It's a really straight ahead, step by step explanation on how to setup MySQL on Windows platforms. Enjoy, --Dan PS: fix your email program. First, turn line wrapping on to about 77 characters. Second, make it send pure text/plain documents rather than the silly multipart/alternative format. On this last point, see http://www.geocities.com/CapitolHill/1236/nomime.html. -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: automatic forward URL to other URL
Folks: Baloo :0) wrote: header(Location:www.mydomain2.com); The header funcion really requires a fully qualified URI, and needs a space, so make that header(Location: http://www.mydomain2.com/;); Later, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Creating Tab-Delimited Text File
Phillip S. Baker wrote: Greetings All, What I want to do is create a tab-delimited text file for download from records in a database. Construct then execute the desired query http://www.php.net/manual/en/function.mysql-query.php Loop through each record, putting each row into an array, then implode the array with tabs. http://www.php.net/manual/en/function.mysql-fetch-row.php http://www.php.net/manual/en/function.implode.php The user can then save the resulting output manually. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] http://
Hi John: jtjohnston wrote: I'm looking for a function that will find occurences of urls in any given string and do this: http://www.nowhere.com/ becomes a href=http://www.nowhere.com/;http://www.nowhere.com//a ?php $Val = body of text you want to process...; $Val = eregi_replace((http://|https://|ftp://|gopher://|news:|mailto:)([[:alnum:]/!#$%'()*+,.:;=?@_~-]+)([[:alnum:]/!#$%'()*+:;=?@_~-]), 'a href=\\1\\2\\3\\1\\2\\3/a', $Val); ? You'll have to undo the line wrapping before you use that. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sending MIME emails with base64 encoded attachments
Hi Petr: I using PHP4 on SuSe Linux. I'm sending an MIME email (I generatate all the headers and so on) with attachments. Your coding worked fine for me. When I then send it, the mail arrives, but the attached file (e.g. *.zip) is corrupted. In original there are #0 (char. ascii 0), in attachment they come as \0 (#92#48). Two things I can think of... First: things might run differnetly on SuSE Linux. Perhaps there are configuration settings on your server that are throwing things off. Check your OS documentation and newsgroup archives. I guess, also check the PHP mailing list archives too: http://groups.google.com/groups?hl=engroup=php.general. You might need to take a look at RFC-2045 Section 6.8 to see why that your system is properly converting things. Second: the way you've formatted the MIME headers et al may be causing some problem. Here's a test script (fix email line wrapping as needed) of mine that works (on PHP 4.0.7-dev / NT 4 / Apache). Try it on your system and see what happens. ?php # Set accordingly... $To = '[EMAIL PROTECTED]'; $FirstName = 'Joe'; # name of person who wants file $Subject = 'the big test'; $Email = '[EMAIL PROTECTED]'; # from address $Name = 'Analysis and Solutions'; # your name $FileName = 'email.attach.test'; # should be a .zip file # don't include file extension $InDir = '.'; # directory where file can be found # Used for purposes of this example, # but set another way in my real script... $Invoice = date('YmdHis'); # Leave this. $Encoding = 'base64'; # Make sure variables are empty to start with... $Body = ''; $AdditionalHeaders = ''; # Here we go... if ( !$InHandle = @fopen($InDir/$FileName.zip,r) ) { echo h3Couldn't open input file./h3; exit(); } $Boundary = =_$Invoice . ==_; $AdditionalHeaders .= Mime-Version: 1.0\n; $AdditionalHeaders .= Content-Type: multipart/mixed; boundary=\$Boundary\\n; $Body = This is a multi-part message in MIME format.\n\n; $Body .= --$Boundary\n; $Body .= Content-Type: text/plain; charset=us-ascii\n; $Body .= Content-Transfer-Encoding: 7bit\n\n; $Body .= Greetings $FirstName:\n\nThanks for your order.\n\n; $Body .= The copy of $Subject you ordered is attached below.\n\n; $Body .= \n\nSincerely,\n\n$Name\n\n; $Body .= --$Boundary\n; $Body .= Content-Type: application/x-zip-compressed; name=\$FileName.zip\\n; $Body .= Content-Transfer-Encoding: $Encoding\n; $Body .= Content-Disposition: attachment; filename=\$FileName.zip\\n\n; $Body .= chunk_split( base64_encode( fread( $InHandle, filesize($InDir/$FileName.zip) ) ) ); $Body .= \n--$Boundary--; mail($To, $Subject, $Body, From: $Email\nX-Loop: $Email\n$AdditionalHeaders\n); # Show results in browser... echo 'pThe following body was sent:/p'; echo \npre$Body/pre; ? Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RE: RE: Sending MIME emails with base64 encoded attachments
Hey Petr: 2) I realize that in string obtained by fread() the following characters are changed: #0 () - #92#48 (\0) #34 () - #92#34 (\) #39 (') - #92#39 (\') #92 (\) - #92#92 (\\) WAIT A SECOND! You've got the magic_quotes_runtime configuration variable turned on! To solve your problem you can: a) turn off that feature via the the php.ini or .htaccess file http://www.php.net/manual/en/configuration.php#ini.magic-quotes-runtime OR b) use stripslashes() on the string you get back from the file http://www.php.net/manual/en/function.stripslashes.php Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP / MYSQL security bug
Hi Folks: Gerard Onorato wrote on the PHP-GENERAL mailing list: Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem ... snip ... FIX Currently, no fix exists. ... snip ... A suggested fix for the PHP developers might be to scan mysql_query()s for strings similar to LOAD DATA LOCAL INFILE. But they're forgetting about MySQL's permission handling. The LOAD DATA command can be controlled by the File_priv permission at the User level. Also, the Insert_priv can be regulated at many levels, including the User, Database, table and column level. Naturally, if one can't insert, there's no way for them to run a LOAD DATA statement. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Duplicate e-mails
Hi Anthony: Anthony Rodriguez wrote: The following php script sends two (2) e-mails to each addressee. Why? I'll bet the email addresses in question are listed in the table twice. Open up a MySQL command line prompt and enter select * from con_inf; to make sure. To keep this from happening, you can delete the duplicates then add a unique index on the e_mail field in the MySQL table definition. $qry_1=select * from con_inf; Side Issue 1: why are you selecting everything (via *) rather than just e_mail, since that's all you're using in the script? $result_1=mysql_query($qry_1,$connection) or die (No query # 1!); while ($row_1=mysql_fetch_array($result_1, MYSQL_ASSOC)) { $e_mail=$row_1[e_mail]; mail($e_mail, Side Note 2: You can combiune those two lines into one: mail($row_1['e_mail'], mysql_free_result($result_1); mysql_close($connection); Side Note 3: You don't worry about these commands in scripts you're about to exit anyway. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Collecting Meta Tags and Traping Errors
Hi Philip: Several problems... ?php $get_url = http://www.philipsdomain.com;; Put a / on the end there. Without it, you're not really hitting a page, but rather a redirect to a page. $metatags= get_meta_tags($get_url,1); echo $metatags[Keywords]; The manual indicates that the key names are converted to lower case, so you need to use keywords rather than Keywords. Also, since they key name is text, it's best to quote the key name. So, rewrite the line like this: echo $metatags['keywords']; echo br; echo $metatags[Description]; Same principles apply here. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Redirect problem.... UGH!!
Hi Robert: Perhaps you can help, since my posts don't seem to be making it to the newsgroup. I have been trying to use readfile() or header() to load another PHP... Check the archives: http://groups.google.com/groups?hl=engroup=php.general Good luck, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Collecting Meta Tags and Traping Errors
Hi Philip: Philip J. Newman wrote: ?php $get_url = http://www.philipsdomain.com/;; $metatags = get_meta_tags($get_url,1); echo $metatags['keywords']; echo $metatags[description]; ? This code works perfectly for me, on an NT 4 machine using PHP 4.0.7 dev. Oh, perfectly, spare the fact that the page at http://www.philipsdomain.com/; has absolutely no contents. Try http://www.analysisandsolutions.com/; instead and see what happens. Are you running into problems mentioned in the manual of unix v mac? What happens if you take out the ,1 in the get_meta_tags() call? Enjoy, --Dan PS: In the future, pleaes be kind enough to 1) just send emails to the list, not to me and the list and 2) snip out content from the message you're responding to. Thanks. -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Redirect problem.... UGH!!
Ben: ? #Header(Location: index.html); ? You need to put the complete URL, not just the file name. By the way, folks, DON'T use JavaScript for redirection (or other essential navigational stuff). Plenty of people out there keep Java'Scrap turned off for security and privacy reasons. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Apache PHP File Disclosure Vuln
Hi Folks: I haven't been reading the list lately. I went to the mailing list archives on Google and MARC to see what's been said about the Apache Win32 PHP.EXE Remote File Disclosure Vulnerability. I was surprised to find only one post to the php-dev list: As I responded on Bugtraq, this is, if anything, an Apache bug, not a PHP bug. It could be a configuration bug too, but the bottom line is the Apache doesn't determine that the file is a PHP file when requested in that way, and doesn't even invoke PHP on it. Zeev http://groups.google.com/groups?hl=enthreadm=5.1.0.14.2.20011216032247.06833468%40localhostrnum=10prev=/groups%3Fhl%3Den%26q%3DApache%2BPHP%2Bfile%2BDisclosure%2Bvulnerability%26btnG%3DGoogle%2BSearch I was surprised that nothing is mentioned about it on the PHP web site. I did a search on the whole site for apache File Disclosure and got no hits. Similarly, looking in the Apache Bug Report Database brought up nothing. Weird. So, I wanted to give the php-general list a heads up on this matter. As Zeev points out, it's an Apache problem, but it's something we, as PHP users, will run into... clip from Security Focus SecurityFocus Newsletter #127. Tue, 15 Jan 2002. 1. Apache Win32 PHP.EXE Remote File Disclosure Vulnerability BugTraq ID: 3786 Remote: Yes Date Published: Jan 04 2002 12:00A Relevant URL: http://www.securityfocus.com/bid/3786 Summary: A vulnerability exists in the suggested default configuration for the Apache PHP.EXE binary on Microsoft Windows platforms. This issue has the potential to disclose the contents of arbitrary files to remote attackers. The ScriptAlias line of the following configuration in the httpd.conf Apache configuration file is known to be the source of this issue: ScriptAlias /php/ c:/php/=20 AddType application/x-httpd-php .php=20 Action application/x-httpd-php /php/php.exe As a result, it is possible for an attacker to append a filepath to the end of web request for php.exe. Files targetted in this manner will be served to the attacker. It is also possible to run executables in the PHP directory via successful exploitation of this vulnerability. ^ A temporary workaround I though of off the cuff is modifying some of the settings in the Apache configuration (httpd.conf, .htaccess, etc) files. This way, crackers would have to guess the vulnerable path. Of course, this isn't a real security measure, but it reduces the likelyhood of problems. STANDARD SETTINGS: Action application/x-httpd-php /php/php.exe ScriptAlias /php/ f:/Program Files/php4/ TWEAKED SETTINGS: Action application/x-httpd-php /SomeOtherName/php.exe ScriptAlias /SomeOtherName/ f:/Program Files/php4/ Another thing Win32/PHP/Apache users on NT and 2000 machines can do is run the Apache service under a particular user id and tighten permissions granted that user. I guess mod_rewrite could be used to head off these calls to /php/php.exe. But I'm not familiar enough with mod_rewrite to do this. If anyone is, please be kind enough to post the _complete_ set of commands one would need to handle this situation. Enjoy, --Dan -- PHP scripts that make your job easier http://www.analysisandsolutions.com/code/ SQL Solution | Layout Solution | Form Solution T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Ave, Brooklyn NY 11232v: 718-854-0335f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]