php-general Digest 16 Aug 2004 15:34:58 -0000 Issue 2940
Topics (messages 193916 through 193951):
Re: How to get mime type from file name
193916 by: raditha dissanayake
Re: Compile
193917 by: Octavian Rasnita
193919 by: Louie Miranda
193920 by: Paul Kain
Re: PHP templates
193918 by: Octavian Rasnita
193932 by: Robert Cummings
Inline diff coded in PHP
193921 by: Skippy
Failing of imagecreatefromstring function
193922 by: Martin Dupal
mail() on *nix using ssmtp or an external smtp server?
193923 by: Markus Mayer
193925 by: Stephan Fiedler
193931 by: Markus Mayer
Re: looking for a good FormMail PHP script
193924 by: Juan Nin
193929 by: raditha dissanayake
System Tray Icon
193926 by: Harlequin
193930 by: John Nichel
193937 by: Angelo Zanetti
Mutual authentication with ldap_start_tls()
193927 by: St�phane Kunegel
Re: System Tray Icon OT
193928 by: Jay Blanchard
Re:[PHP] Open all subdirectories in a directory
193933 by: Jesse Castro
[OFF] - Fraudulent web orders - any ideas?
193934 by: Brian Dunning
193939 by: Mike
193941 by: Robby Russell
193944 by: Markus Mayer
193946 by: Brian Dunning
193948 by: Markus Mayer
writing source code to file
193935 by: Doug Parker
problems with sessions!!AAH
193936 by: Angelo Zanetti
193938 by: Matt M.
193940 by: Jay Blanchard
193942 by: Torsten Roehr
Re: [PHP-DB] Re: Basic MySQL Query Question
193943 by: Torsten Roehr
Cache
193945 by: Octavian Rasnita
193949 by: Torsten Roehr
Re: problems with sessions!!SOLVED!!
193947 by: Angelo Zanetti
Re: php die function for MySQL connection errors
193950 by: Ford, Mike [LSS]
Persistent data across page calls
193951 by: Aaorn Miller
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Hannes Magnusson wrote:
First of, do not mail me directly, post to the news group!
Hannes,
when someone mails you direct to request additional help the only
acceptable response IMHO is the cold shoulder.
--
Raditha Dissanayake.
------------------------------------------------------------------------
http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload
Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader
Graphical User Inteface. Just 128 KB | with progress bar.
--- End Message ---
--- Begin Message ---
From: "raditha dissanayake" <[EMAIL PROTECTED]>
> i think you are looking for something like turck mmcache.
>
Do you know if Turck MMCache works with PHP 5.0?
Teddy
--- End Message ---
--- Begin Message ---
I think it still works with the old one, its not yet release a stable
version for 5.0 and i think for 4.3.6? only in beta.
hmm, better check their site out to know the full details.
thanks
On Mon, 16 Aug 2004 09:32:52 +0300, Octavian Rasnita <[EMAIL PROTECTED]> wrote:
> From: "raditha dissanayake" <[EMAIL PROTECTED]>
>
>
> > i think you are looking for something like turck mmcache.
> >
>
> Do you know if Turck MMCache works with PHP 5.0?
>
> Teddy
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Louie Miranda
http://www.axishift.com
--- End Message ---
--- Begin Message ---
zend allows you to compile your code
On Mon, 16 Aug 2004 15:04:48 +0800, Louie Miranda <[EMAIL PROTECTED]> wrote:
> I think it still works with the old one, its not yet release a stable
> version for 5.0 and i think for 4.3.6? only in beta.
>
> hmm, better check their site out to know the full details.
>
> thanks
>
>
>
> On Mon, 16 Aug 2004 09:32:52 +0300, Octavian Rasnita <[EMAIL PROTECTED]> wrote:
> > From: "raditha dissanayake" <[EMAIL PROTECTED]>
> >
> >
> > > i think you are looking for something like turck mmcache.
> > >
> >
> > Do you know if Turck MMCache works with PHP 5.0?
> >
> > Teddy
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
>
> --
> Louie Miranda
> http://www.axishift.com
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hi,
I took a look to Smarty and Savant templating systems, and I like a few
things from both of them.
However, none of them are satisfactory.
I don't like Smarty because it needs another language and I find Savant more
easy to use.
I would like to have a templating system that:
1. Separates:
- the programming part (the main programs and the modules)
- the structure and main design of the site (the templates)
- The content of the site, this meaning the body text, the title, keywords,
and all other variables.
- Other files that can be included, like Javascript, .css, images, files
that can be downloaded, etc.
2. The templates should handle more languages, and all the content parts
should be able to appear in every language supported.
3. The program should be able to create a cache but not one containing PHP,
but one that is just simple html that can be loaded from a cached file and
presenting to the client.
(I don't know how to decide yet when to re-create the cached file)
If someone uses this templating system, someone can modify the design by
modifying the templates and this change will be reflected in every language.
If a translator add a new language or modifies a certain translation, the
design won't be affected.
The programmer could add a new program for a new page that does something
new, or new modules, etc.
I couldn't find such a thing yet and I think I will have to create it.
Teddy
----- Original Message -----
From: "Justin French" <[EMAIL PROTECTED]>
To: "Octavian Rasnita" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, August 16, 2004 4:38 AM
Subject: Re: [PHP] PHP templates
> On 15/08/2004, at 7:02 AM, Octavian Rasnita wrote:
>
> > Hi all,
> >
> > I have seen that there are many templating systems for PHP. Which is
> > the
> > most used and the best you have found?
> > Can you recommend me a free and good templating system?
--- End Message ---
--- Begin Message ---
On Mon, 2004-08-16 at 02:31, Octavian Rasnita wrote:
> Hi,
>
> I took a look to Smarty and Savant templating systems, and I like a few
> things from both of them.
> However, none of them are satisfactory.
>
> I don't like Smarty because it needs another language and I find Savant more
> easy to use.
>
> I would like to have a templating system that:
> 1. Separates:
> - the programming part (the main programs and the modules)
> - the structure and main design of the site (the templates)
> - The content of the site, this meaning the body text, the title, keywords,
> and all other variables.
> - Other files that can be included, like Javascript, .css, images, files
> that can be downloaded, etc.
>
> 2. The templates should handle more languages, and all the content parts
> should be able to appear in every language supported.
>
> 3. The program should be able to create a cache but not one containing PHP,
> but one that is just simple html that can be loaded from a cached file and
> presenting to the client.
> (I don't know how to decide yet when to re-create the cached file)
>
> If someone uses this templating system, someone can modify the design by
> modifying the templates and this change will be reflected in every language.
> If a translator add a new language or modifies a certain translation, the
> design won't be affected.
> The programmer could add a new program for a new page that does something
> new, or new modules, etc.
>
> I couldn't find such a thing yet and I think I will have to create it.
InterJinn. But it doesn't use caches, it compiles directly to the
retrieved web pages.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
I'm looking for PHP code that will produce diff's between two texts, and
render them "inline". By that I mean not the standard *nix diff output,
which compares and outputs lines, but a diff that compares inline text
and outputs the bits before and after in place, marked with a custom
<span> or something.
Example of *nix diff:
- this is the old line
+ this is the new line
Example of what I need:
this is the <span class="old">old</span> <span class="new">new</span> line
I've seen this done in the htmldiff package, which is a C program. Except
I don't want to diff HTML code, but regular text. I actually need this
for a wiki engine, so it can present diffs between page changes in a
better way.
So:
* Anybody seen such code? the PEAR diff only does line diffs.
* Know of any GPL'd wiki engine which has my kind of diffs already
implemented (as PHP?)
* Any pointers about how I should go about writing my own such diff?
--
Romanian Web Developers - http://ROWD.ORG
--- End Message ---
--- Begin Message ---
I've been using func "imagecreatefromstring" for
creating JPEGs obtained from MySQL database.
The function sometimes fails terminating script
with no error message.
Has somebody reached such problem?
I don't want to save images to temp files.
Linux 2.4.26, PHP 4.3.8, gd 2.0 or higher
--- End Message ---
--- Begin Message ---
Hello all!
I have a frustrating problem with PHP and am hoping someone on the list might
know a solution.
I need to set up an apache server with php on Linux and AIX machines, and it
all has to be in a chrooted environment. Most things work very well except
for the mail() function. It appears that PHP on *nix systems is hard coded
so that it is incapable of using an external smtp server instead needing a
locally installed sendmail, however if php is built on a windows machine, it
is hardcoded so it can only use an external smtp server. There seems to be
no way around this. In terms of the design of PHP, I think this is a
serrious error.
As a result of the above problem, I have been looking for alternatives to
sendmail, postfix, exim, and qmail because I need to not have any kind of
full featured MTA in the chrooted environment. I found ssmtp[1] and
esmtp[2], both of which would be satisfatory alternatives to sendmail and
crew. Despite having both of these working from the command line in the
chrooted environment, neither works with PHP when setting them with the
"sendmail_path" option in php.ini.
So my questions:
- Does anyone know of a way to make PHP on *nix use an external smtp server
without having to hack around in the source code of PHP?
- Has anyone got either ssmtp or esmtp working with PHP?
I would greatly appreciate if someone could offer a solution to me.
best reagrds
Markus
[1]. http://packages.debian.org/stable/mail/ssmtp.html
[2]. http://esmtp.sourceforge.net/
--- End Message ---
--- Begin Message ---
Hi Markus,
do I get you right, you can't invoke mail() because php can't find the
sendmail executable?
perhaps this does the trick:
function my_mail_inject($mail)
{
$sendmail = ini_get("sendmail_path");
if(!$sendmail) $sendmail = "/var/qmail/bin/qmail-inject";
$p = popen($sendmail, "w");
if($p)
{
fwrite($p, $mail);
pclose($p);
return 1;
}
return 0;
}
(this is something I acutally use on a beta-production-system.)
$mail must contain a complete mail with all necessary headers.
qmail-inject is ~ equal to sendmail -t (-i is ignored in qmail's sendmail.)
this solution also helpep me out of my dilemma that php reformats mail
and adds extra headers and so on.
Here I have full control over all headers :o)
Hope you see your qmail installation in chroot'd env.
else: good luck.
I know it's not an external mta to deliver.
If this does not help you at all have a look at the sources and hack 'em
'till they fit your needs #
Ste'reinvent the wheel'phan
--- End Message ---
--- Begin Message ---
Hi Stephan,
On Monday 16 August 2004 15:16, Stephan Fiedler wrote:
> do I get you right, you can't invoke mail() because php can't find the
> sendmail executable?
Indeed you get me right. As I said in my post, alternatives such as qmail,
exim, postfix and similar full featured MTA's in the chrooted environment are
considered not acceptable because of the extra security risk in the case of a
system compromise. I have to minimise as much as possible the scope for
damage in case there is some kind of compromise.
Your script is nice, but seems to rely on a full MTA inside the chrooted
environment which I can't have. I tried something similar where I opened
sockets on the external smtp server and wrote the mail into the socket, and
this worked. The main problem with this is every script that uses a mail()
function call has to be changed, and given that there are a lot of people who
have and are supposed to be allowed to write such scripts on the servers,
it's far from an ideal solution, and difficult to make those people use such
a script. Second problem is I have to be able to handle failures in
delivery, meaning implementing at least part of the smtp standard in a php
script. It's all rather messy.
> If this does not help you at all have a look at the sources and hack 'em
> 'till they fit your needs #
I've been worried about this kind of answer. Best, and I think quite a
sensible step, would be if the PHP team changed the design of PHP and allowed
*nix systems to use an external smtp server.
best regards
Markus
--- End Message ---
--- Begin Message ---
raditha dissanayake wrote:
This mail probably shows how little you know about matt wright's
FormMail more than anything else - just to give you an idea it's banned
on all shared servers of our ISP.
I'm very aware of the FormMail.pl's problems and bugs, and I'm
definetely not going to use it... didn't you read in my previous mails,
that I said that I wanted a similar script but that it lacked of Matt's
script security and SPAM-exploitable problems??
If I liked Matt script, I'd just use it instead of looking for another
different script, don't you think??
It seems like *you have obviuosly not read my previous e-mails* ;)
Anyway, this is getting off-topic, so let's cut it here..
regards,
Juan
--- End Message ---
--- Begin Message ---
Juan Nin wrote:
raditha dissanayake wrote:
This mail probably shows how little you know about matt wright's
FormMail more than anything else - just to give you an idea it's
banned on all shared servers of our ISP.
I'm very aware of the FormMail.pl's problems and bugs, and I'm
definetely not going to use it... didn't you read in my previous
mails, that I said that I wanted a similar script but that it lacked
of Matt's script security and SPAM-exploitable problems??
If I liked Matt script, I'd just use it instead of looking for another
different script, don't you think??
It seems like *you have obviuosly not read my previous e-mails* ;)
I have read your mail but didn't bother to pay attention to the details
because you have so obviously not bothered to RTFM before you posted
your original message.
Anyway, this is getting off-topic, so let's cut it here..
yes lets.
--
Raditha Dissanayake.
------------------------------------------------------------------------
http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload
Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader
Graphical User Inteface. Just 128 KB | with progress bar.
--- End Message ---
--- Begin Message ---
Hi all.
I just wanted to throw this message in here and get some opinions before I
go off developing something So will post in the correct newsgroup later
(when I find which newsgroup I need).
Before I post a more thorough thread in the correct area I just wanted to
find out if this was achievable and what tools I'd need.
Basically: I would like to drop a system tray icon onto the user's PC that
links them to a website. I'd also like to develop a separate one that
flashes when a page is changed.
How difficult would this be to do...? Would it mean using VB, could I use
something less expensive perhaps or is it just not possible at all...?
--
-----------------------------
Michael Mason
Arras People
www.arraspeople.co.uk
-----------------------------
--- End Message ---
--- Begin Message ---
Harlequin wrote:
Hi all.
I just wanted to throw this message in here and get some opinions before I
go off developing something So will post in the correct newsgroup later
(when I find which newsgroup I need).
Before I post a more thorough thread in the correct area I just wanted to
find out if this was achievable and what tools I'd need.
Basically: I would like to drop a system tray icon onto the user's PC that
links them to a website. I'd also like to develop a separate one that
flashes when a page is changed.
How difficult would this be to do...? Would it mean using VB, could I use
something less expensive perhaps or is it just not possible at all...?
Hmmmm....first time I've ever seen this subject on this mailing list.
We're charting new OT waters every day.
--
John C. Nichel
�berGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
I think VB or some MS dev tool will do the job.
>>> John Nichel <[EMAIL PROTECTED]> 8/16/2004 3:48:11 PM >>>
Harlequin wrote:
> Hi all.
>
> I just wanted to throw this message in here and get some opinions before I
> go off developing something So will post in the correct newsgroup later
> (when I find which newsgroup I need).
>
> Before I post a more thorough thread in the correct area I just wanted to
> find out if this was achievable and what tools I'd need.
>
> Basically: I would like to drop a system tray icon onto the user's PC that
> links them to a website. I'd also like to develop a separate one that
> flashes when a page is changed.
>
> How difficult would this be to do...? Would it mean using VB, could I use
> something less expensive perhaps or is it just not possible at all...?
>
Hmmmm....first time I've ever seen this subject on this mailing list.
We're charting new OT waters every day.
--
John C. Nichel
�berGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--------------------------------------------------------------------
Disclaimer
This e-mail transmission contains confidential information,
which is the property of the sender.
The information in this e-mail or attachments thereto is
intended for the attention and use only of the addressee.
Should you have received this e-mail in error, please delete
and destroy it and any attachments thereto immediately.
Under no circumstances will the Cape Technikon or the sender
of this e-mail be liable to any party for any direct, indirect,
special or other consequential damages for any use of this e-mail.
For the detailed e-mail disclaimer please refer to
http://www.ctech.ac.za/polic or call +27 (0)21 460 3911
--- End Message ---
--- Begin Message ---
Hi php-general,
I am trying to make my web server (Apache 2 + mod_ssl) connect to my ldap server with
mutual authentication using PHP. This means I want them to exchange their certificate.
For this purpose, I connect to ldap on port 389 then start TLS using ldap_start_tls().
This works perfectly as long as I do not make my ldap server require client
certificate. It seems to me that the web server is not able to send its certificate.
I did not find any documentation on the use of TLS with PHP. I do not even know what
is used to validate my ldap server certificate!
If anyone knows how to help (documentations, ideas, tips,...), I would be really
grateful
Thanks
Steph
--- End Message ---
--- Begin Message ---
[snip]
I just wanted to throw this message in here and get some opinions before
I
go off developing something So will post in the correct newsgroup later
(when I find which newsgroup I need).
Before I post a more thorough thread in the correct area I just wanted
to
find out if this was achievable and what tools I'd need.
Basically: I would like to drop a system tray icon onto the user's PC
that
links them to a website. I'd also like to develop a separate one that
flashes when a page is changed.
How difficult would this be to do...? Would it mean using VB, could I
use
something less expensive perhaps or is it just not possible at all...?
[/snip]
Please place an OT in the subject line when you are relatively sure that
your post is not PHP. Have you googled?
http://www.google.com/search?hl=en&ie=UTF-8&q=create+System+Tray+icon
You can also search http://msdn.microsoft.com (M$ Developer's Network)
--- End Message ---
--- Begin Message ---
[snip]
Can anybody help me to open all subdirectories in a directory, I used
is_dir() to check whether it is a dir, and if yes, I recursively called
it with the new dir name. But all subdirectories are not open the
recursion is not working for more than 1 level. I tested it in windows
server. Expecting your help, Jacob.
[/snip]
I use this on a slackware box. I jacked the code from the man page for
filesize() and cleaned it up. It's more for finding the size of a
directory, but it does recursively scan through them and I'm sure you
can mod it up to fite your needs.
function funcGetDirSize($dirDirectory) {
$intSizeInBytes = 0;
$intNumFilesScanned = 0;
$intNumDirsScanned = 0;
if ($handle = @opendir($dirDirectory)) {
while ($file = readdir($handle)) {
if($file != "." && $file != "..") {
if(@is_dir($dirDirectory."/".$file)) {
$arrCurDirInfo =
funcGetDirSize($dirDirectory."/".$file);
$intSizeInBytes += $arrCurDirInfo[2];
$intNumFilesScanned += $arrCurDirInfo[0];
$intNumDirsScanned += $arrCurDirInfo[1];
$intNumDirsScanned++;
} else {
$intSizeInBytes +=
@filesize($dirDirectory."/".$file);
$intNumFilesScanned++;
}
}
}
closedir($handle);
}
$arrDirInfo[0] = $intNumFilesScanned;
$arrDirInfo[1] = $intNumDirsScanned;
$arrDirInfo[2] = $intSizeInBytes;
return $arrDirInfo;
}
--- End Message ---
--- Begin Message ---
Hi all,
I have a simple PHP store, and it appears that someone is using it to
test credit card numbers. I'm getting a very high number of small
orders every day, but a lot more declines. My merchant provider
suggests blocking that person's IP address, but that's not practical
since it's dynamic. I'll get a lot of orders from one IP address for a
few hours, but then the address changes.
I wonder if anyone has any experience with this, and if so, can you
suggest a way to deal with it?
- Brian
--- End Message ---
--- Begin Message ---
Brian,
The best thing that I can suggest is to take a look at the actual orders
themselves and find out if there are any one or two things that seem to be
common about them.
Once you can find some sort of pattern, you can then code against it.
For example, if you find that he seems to send 20 requests under $10 from
one IP within 5 minutes, you may wish to do some pre-submission processing
to target this sort of behavior.
You can easily create a SQL table with "temp-blocked IPs" that will last for
30 minutes. It'll also help keep track of this behavior.
In short - the best way to protect against this sort of thing is to figure
out the limitations of the other user's software and use that against them.
While some things can definitely be dynamic, it typically will only be so
within a particular range.
Good luck
-M
-----Original Message-----
From: Brian Dunning [mailto:[EMAIL PROTECTED]
Sent: Monday, August 16, 2004 10:27 AM
To: [EMAIL PROTECTED]
Subject: [PHP] [OFF] - Fraudulent web orders - any ideas?
Hi all,
I have a simple PHP store, and it appears that someone is using it to
test credit card numbers. I'm getting a very high number of small
orders every day, but a lot more declines. My merchant provider
suggests blocking that person's IP address, but that's not practical
since it's dynamic. I'll get a lot of orders from one IP address for a
few hours, but then the address changes.
I wonder if anyone has any experience with this, and if so, can you
suggest a way to deal with it?
- Brian
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On Mon, 2004-08-16 at 07:26, Brian Dunning wrote:
> Hi all,
>
> I have a simple PHP store, and it appears that someone is using it to
> test credit card numbers. I'm getting a very high number of small
> orders every day, but a lot more declines. My merchant provider
> suggests blocking that person's IP address, but that's not practical
> since it's dynamic. I'll get a lot of orders from one IP address for a
> few hours, but then the address changes.
>
> I wonder if anyone has any experience with this, and if so, can you
> suggest a way to deal with it?
>
> - Brian
Well, if they are trying multiple times you could add some logic in your
code that redirects them to a "We have been monitoring you" type of
message. ;-)
Are you tracking the IP addresses in the database? Might consider
building something that checks each new IP and see if the same IP has
tried this a few times..and if so display a warning page. Might be
enough to scare the person off. The other options is to collect a list
of known IPs and contact the proper authorities with logs of this issue.
-Robby
--
/***************************************
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | [EMAIL PROTECTED]
* 503.351.4730 | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
****************************************/
signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
Hi Brian,
One possibility is to use a MySQL database which records all failures with the
credit card verifications, the IP address of the failure, and when the
failure was. Write a script which looks at the failures and if it detects
three or more failures from any IP in a set time frame (24 hours?), that
address is blocked by the script for 24 hours from making any order.
Your MySQL database should include at least the card number, time of failure,
IP of failure. Then query the database based on the just attempted order,
and if the count of failures from that IP address is greater than three
(especially with different card numbers), refuse the order, and continue the
block of that IP for 24 hours after the last failure. In particular, you
could also check if the credit card numbers are different, and if they are,
you know your dealing with a bad person and can take some steps to deal with
them.
While its maybe not an ideal solution, I can't think of anything better off
hand.
best regards
Markus
On Monday 16 August 2004 16:26, Brian Dunning wrote:
> I have a simple PHP store, and it appears that someone is using it to
> test credit card numbers. I'm getting a very high number of small
[snip...]
> I wonder if anyone has any experience with this, and if so, can you
> suggest a way to deal with it?
--- End Message ---
--- Begin Message ---
Thanks to all of you for your suggestions. Yes I have been logging IP
address in my orders database.
I think I may have solved it by an even simpler method: I emailed the
perpetrator to "thank him for all of his orders" to see what he'd say.
His first few orders came with real email addresses, and even a few
under what appears to be his own name "Abang Batax." Ever since I sent
that email I haven't had a single order come through from him. That
alone may have scared him off.
Nevertheless, I think I will implement a few of your suggestions. I
like the idea of an SQL table to store IP addresses that are blocked,
though I'd make it last for a couple of days to be extra safe rather
than 30 minutes.
Anyone know who the "proper authorities" are, to whom I could give my
logs? Amazingly, my CardService rep didn't know. He also didn't seem to
care or think it was a very big deal. The total orders that went
through are about 100 orders at $15 each. My guess is that "Abang
Batax" is probably overseas, so it may not be worthwhile following up.
--- End Message ---
--- Begin Message ---
Hi Brian,
One possibility is to use a MySQL database which records all failures with the
credit card verifications, the IP address of the failure, and when the
failure was. Write a script which looks at the failures and if it detects
three or more failures from any IP in a set time frame (24 hours?), that
address is blocked by the script for 24 hours from making any order.
Your MySQL database should include at least the card number, time of failure,
IP of failure. Then query the database based on the just attempted order,
and if the count of failures from that IP address is greater than three
(especially with different card numbers), refuse the order, and continue the
block of that IP for 24 hours after the last failure. In particular, you
could also check if the credit card numbers are different, and if they are,
you know your dealing with a bad person and can take some steps to deal with
them.
While its maybe not an ideal solution, I can't think of anything better off
hand.
best regards
Markus
On Monday 16 August 2004 16:26, Brian Dunning wrote:
> I have a simple PHP store, and it appears that someone is using it to
> test credit card numbers. I'm getting a very high number of small
[snip...]
> I wonder if anyone has any experience with this, and if so, can you
> suggest a way to deal with it?
- This is a second try, my previous mail seems to have not come through...
Sorry if people get this twice -
--- End Message ---
--- Begin Message ---
I was wondering if there was a block of code I could place at the bottom of
the file that would write the page's source code to an html file. I need
this because I'm posting pages to a server sans a PHP compiler. Basically,
I'd like for every time I run a page its source code to be saved in the
filename of my choice, instead of me having to run the page, copy the
source, and paste it into the file of my choice. I know how to use fopen,
but I'm not sure what to tell it to write to file, since the source I want
to write is being generated simultaneously.
Any help would be greatly appreciated...
--- End Message ---
--- Begin Message ---
Hi,
Im running a win2k with apache and PHP 4.3.4 and I have gone through
the installation readme for PHP. I have copied the necessary files to
the correct directories. I have also set register_globals= Off (default)
I have set my session path (it exists).
Now my problem is that I cant get my sessions to work at all. I have
tried everything and no luck.
Ok here is what I do:
$_SESSION['login']="true";
if (session_is_registered($_SESSION['login']))
echo("seesion is reg");
else
echo("seesion not reg");
I have not used the session_register function as the manual says the
following:
If you want your script to work regardless of register_globals, you
need to instead use the $_SESSION array as $_SESSION entries are
automatically registered.
I seriously dont know what else to try or do. If you think I've missed
something then please help.
Thanks in advance
--------------------------------------------------------------------
Disclaimer
This e-mail transmission contains confidential information,
which is the property of the sender.
The information in this e-mail or attachments thereto is
intended for the attention and use only of the addressee.
Should you have received this e-mail in error, please delete
and destroy it and any attachments thereto immediately.
Under no circumstances will the Cape Technikon or the sender
of this e-mail be liable to any party for any direct, indirect,
special or other consequential damages for any use of this e-mail.
For the detailed e-mail disclaimer please refer to
http://www.ctech.ac.za/polic or call +27 (0)21 460 3911
--- End Message ---
--- Begin Message ---
> if (session_is_registered($_SESSION['login']))
> echo("seesion is reg");
> else
> echo("seesion not reg");
try
if (isset($_SESSION['login']))
echo("seesion is reg");
else
echo("seesion not reg");
--- End Message ---
--- Begin Message ---
[snip]
Ok here is what I do:
$_SESSION['login']="true";
if (session_is_registered($_SESSION['login']))
echo("seesion is reg");
else
echo("seesion not reg");
I have not used the session_register function as the manual says the
following:
[/snip]
Have you set session_start? http://www.php.net/session_start
--- End Message ---
--- Begin Message ---
"Angelo Zanetti" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> Im running a win2k with apache and PHP 4.3.4 and I have gone through
> the installation readme for PHP. I have copied the necessary files to
> the correct directories. I have also set register_globals= Off (default)
> I have set my session path (it exists).
>
> Now my problem is that I cant get my sessions to work at all. I have
> tried everything and no luck.
> Ok here is what I do:
>
> $_SESSION['login']="true";
>
> if (session_is_registered($_SESSION['login']))
> echo("seesion is reg");
> else
> echo("seesion not reg");
>
Hi Angelo,
where's your session_start()? Also you can use isset() instead of
session_is_registered():
if (isset($_SESSION['login']))
Regards, Torsten Roehr
> I have not used the session_register function as the manual says the
> following:
>
> If you want your script to work regardless of register_globals, you
> need to instead use the $_SESSION array as $_SESSION entries are
> automatically registered.
>
> I seriously dont know what else to try or do. If you think I've missed
> something then please help.
>
> Thanks in advance
--- End Message ---
--- Begin Message ---
> [reply]
> Please try if those changes solve your problem. Whenever one of
> your values
> will contain a single quote you will get an SQL error - so use
> addslashes()
> or (better) mysql_real_escape_string() on all insert values.
> [/reply]
>
>
> That is my whole point though, is that it does not happen every
> time. I get
> no error when the user registers (inserting "O'Neal" into the table), but
> when I insert the same name into the tickets table, it fails.
Chad, please always answer to the list.
Echo out your queries and compare them, there must be a difference.
Regards, Torsten
--- End Message ---
--- Begin Message ---
Hi all,
I want to create an html cache of a page, like when that page is saved to
the disk and let the visitors download that static page and not a dynamic
one.
Of course, a dynamic PHP program will load that static page and display it,
but without need to connect to databases, to make calculations, etc.
The problem is that I don't know how to automaticly decide when it is the
right moment to update the cache and this is very important.
I get some data from a database and the PHP program doesn't know when the
database gets updated by another program, so it cannot create the cache for
that page immediately.
If I let the program check the database each time it is ran, this takes some
times, and it is like I would not use the cache at all.
Is it possible to use that kind of cache I want? (meaning... a kind of
static page saved).
Thank you.
Teddy
--- End Message ---
--- Begin Message ---
"Octavian Rasnita" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi all,
>
> I want to create an html cache of a page, like when that page is saved to
> the disk and let the visitors download that static page and not a dynamic
> one.
> Of course, a dynamic PHP program will load that static page and display
it,
> but without need to connect to databases, to make calculations, etc.
>
> The problem is that I don't know how to automaticly decide when it is the
> right moment to update the cache and this is very important.
> I get some data from a database and the PHP program doesn't know when the
> database gets updated by another program, so it cannot create the cache
for
> that page immediately.
> If I let the program check the database each time it is ran, this takes
some
> times, and it is like I would not use the cache at all.
>
> Is it possible to use that kind of cache I want? (meaning... a kind of
> static page saved).
>
> Thank you.
>
> Teddy
Hi Teddy,
take a look at PEAR's Cache_Lite:
http://pear.php.net/package/Cache_Lite
With this package you define a "lifetime" for each page. When this time has
passed a new cached file will automatically be created. Cache_Lite is
managing this for you.
Regards, Torsten Roehr
--- End Message ---
--- Begin Message ---
thanks MATT it appears that the isset function worked!
>>> "Jay Blanchard" <[EMAIL PROTECTED]> 8/16/2004
4:46:16 PM >>>
[snip]
Ok here is what I do:
$_SESSION['login']="true";
if (session_is_registered($_SESSION['login']))
echo("seesion is reg");
else
echo("seesion not reg");
I have not used the session_register function as the manual says the
following:
[/snip]
Have you set session_start? http://www.php.net/session_start
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--------------------------------------------------------------------
Disclaimer
This e-mail transmission contains confidential information,
which is the property of the sender.
The information in this e-mail or attachments thereto is
intended for the attention and use only of the addressee.
Should you have received this e-mail in error, please delete
and destroy it and any attachments thereto immediately.
Under no circumstances will the Cape Technikon or the sender
of this e-mail be liable to any party for any direct, indirect,
special or other consequential damages for any use of this e-mail.
For the detailed e-mail disclaimer please refer to
http://www.ctech.ac.za/polic or call +27 (0)21 460 3911
--- End Message ---
--- Begin Message ---
On 14 August 2004 15:50, raditha dissanayake wrote:
> Ford, Mike [LSS] wrote:
>
> >
> > (And, BTW, the HTTP definition says that the Location:
> header should specify a full absolute URL, so that should be:
> >
> > header("Location:
> http://your.server.name/path/to/errors/servererror.php";);
> >
> >
> are you sure?
Yes. In fact, I was too conservative -- the HTTP RFC says it *must*. See:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30
and
http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2
Just because many browsers accept and process a non-standard header is no
reason to write non-standard headers... ;)
Cheers!
Mike
---------------------------------------------------------------------
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Headingley Campus, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--- End Message ---
--- Begin Message ---
Hi
I have a site that uses a large number of data arrays that are nearly
static (change once a week or less) they are used on almost every page
in the site Currently I have them as a separate file that is included at
the top of each script page. I would like a way to cache? them at the
server level so that only one copy stays in memory between calls to
different pages and the file doesn't get reloaded with each page call
The site is running on:
FreeBSD 4.9
Apache 1.3.28
PHP 4.3.4
I would prefer to be able to do this in php but I am open to an apache
solution if necessary.
Thanks
Aaron
Aaron -at- nsinetworking.com
--- End Message ---
