php-general Digest 1 Jun 2006 13:39:30 -0000 Issue 4160
Topics (messages 237175 through 237191):
What would cause this?
237175 by: tedd
237176 by: Chris
237177 by: nicolas figaro
237178 by: Jochem Maas
237186 by: André Medeiros
237187 by: tedd
237190 by: tedd
Re: Am I supposed to be using SPL?
237179 by: Kevin Waterson
regex problem
237180 by: Merlin
237181 by: Dave Goodchild
237182 by: Merlin
237183 by: Dan Parry
237184 by: Robin Vickery
237185 by: Merlin
PHP Fatal error: Unable to write base address in Unknown on line 0 ?
237188 by: Ilja Polivanovas
237189 by: Jochem Maas
mail function in 4.2.2
237191 by: Aaron Todd
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Hi gang:
I have a question regarding php and security. My apologies beforehand if this
is common knowledge to everyone except me.
I have a php application sitting at root level on one of my servers who's sole
function is to send me an email whenever it's run. So, whenever I reference
this app, it sends me an email -- very simple.
However, the app isn't reference or linked anywhere on the site, but it still
occasionally runs all by itself.
My question is -- what's triggering it?
Is the cause a bot of some type? I was told that spiders/bots could only travel
links outward from your front page (i.e., index) to all other referenced pages,
but could not access things that are not linked -- unless of course they know
the name of the app.
So, why does this php app occasionally run? Are there critters that navigate my
root without my knowledge?
Thanks.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
tedd wrote:
Hi gang:
I have a question regarding php and security. My apologies beforehand if this
is common knowledge to everyone except me.
I have a php application sitting at root level on one of my servers who's sole
function is to send me an email whenever it's run. So, whenever I reference
this app, it sends me an email -- very simple.
However, the app isn't reference or linked anywhere on the site, but it still
occasionally runs all by itself.
My question is -- what's triggering it?
Is the cause a bot of some type? I was told that spiders/bots could only travel
links outward from your front page (i.e., index) to all other referenced pages,
but could not access things that are not linked -- unless of course they know
the name of the app.
So, why does this php app occasionally run? Are there critters that navigate my
root without my knowledge?
If you can, check your apache access logs and that will tell you the ip
of the person who accessed that page.. will give you a starting point
anyway.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
tedd a écrit :
Hi gang:
Hi
I have a question regarding php and security. My apologies beforehand if this
is common knowledge to everyone except me.
I have a php application sitting at root level on one of my servers who's sole
function is to send me an email whenever it's run. So, whenever I reference
this app, it sends me an email -- very simple.
However, the app isn't reference or linked anywhere on the site, but it still
occasionally runs all by itself.
It runs automagically ?
My question is -- what's triggering it?
did you check your http server log files for this url ?
Is the cause a bot of some type? I was told that spiders/bots could only travel
links outward from your front page (i.e., index) to all other referenced pages,
but could not access things that are not linked -- unless of course they know
the name of the app.
Some tools try to check from a basic url for several directories or
files (/images, /private, etc).
So, why does this php app occasionally run? Are there critters that navigate my
root without my knowledge?
if you wish to limit the access to your script, you can control the IP
of the client using $_SERVER["REMOTE_ADDR"].
Thanks.
tedd
but it's not a very good idea to let the script run without any control.
you can be quickly flooded by mail from this script if it's
called very often during the week-end.
N F
--- End Message ---
--- Begin Message ---
nicolas figaro wrote:
tedd a écrit :
tedd,
let us know what your logs say.
but it's not a very good idea to let the script run without any control.
you can be quickly flooded by mail from this script if it's
called very often during the week-end.
dude, what's a week-end? wait let me guess it's the bit between
1am on Sunday and 7am om Monday right?
I agree 6 hours is plenty of time to flood someone with mail :-)
N F
--- End Message ---
--- Begin Message ---
Here's what you can do:
Have a timestamp of the last e-mail stored on a file. If time() - that
timestamp < 600 (10 minutes) then don't send the e-mail.
When sending it, do this
$server_array = print_r($_SERVER, true);
and use the $server_array variable to obtain some info regarding the
client that's causing the requests.
--- End Message ---
--- Begin Message ---
At 4:56 PM +1000 6/1/06, Chris wrote:
>If you can, check your apache access logs and that will tell you the ip of the
>person who accessed that page.. will give you a starting point anyway.
Thanks -- have done, see below.
At 8:59 AM +0200 6/1/06, nicolas figaro wrote:
>>However, the app isn't reference or linked anywhere on the site, but it still
>>occasionally runs all by itself.
>>
>It runs automagically ?
Yep, automagically.
At 9:21 AM +0200 6/1/06, Jochem Maas wrote:
>let us know what your logs say.
I asked them, and this is what they said:
72.29.85.194 - - [01/Jun/2006:00:01:06 -0400] "GET /email_me.php ..... -snip-
First, I have removed the automagical email_me.php from my root and put it
elsewhere.
Second, I have seen the enemy and it is me! That's MY shared IP and it's MY own
cron experiment running MY script at the start of each month as I instructed it
to do -- apparently it remembers, and I don't.
This is embarrassing -- but, it has taught me to look at the logs and confirms
that my cron works. :-)
Many thanks for your help.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
At 12:55 PM +0100 6/1/06, André Medeiros wrote:
>When sending it, do this
>
>$server_array = print_r($_SERVER, true);
>
>and use the $server_array variable to obtain some info regarding the
>client that's causing the requests.
Thank you -- that was a most excellent idea.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
This one time, at band camp, "D. Dante Lorenso" <[EMAIL PROTECTED]> wrote:
> Is SPL meant to be used? If so, is it experimental? Is it documented?
> Should I stay away from SPL for production code? What's the official word?
Officially SPL is part of PHP. It provides a standard interface for iterating
over
aggregate objects, eg: array, directory listing, xml, etc...
try{
foreach ( new DirectoryIterator('./') as $Item )
{
echo $Item.'<br />';
}
}
catch(Exception $e){
echo 'No files Found!<br />';
}
Kevin
--
"Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb contesting the vote."
--- End Message ---
--- Begin Message ---
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
Thank you for any help,
Merlin
--- End Message ---
--- Begin Message ---
On 01/06/06, Merlin <[EMAIL PROTECTED]> wrote:
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
Thank you for any help,
Merlin
Try this:
^(.*)(_a{1})(\d+).htm$
in your regex you are looking for any instance of _, a OR a sequence of
numbers.
I think this will search for zero or more characters, one instance of _a,
then one or more numbers, then .htm.
--
http://www.web-buddha.co.uk
dynamic web programming from Reigate, Surrey UK (php, mysql, xhtml, css)
look out for project karma, our new venture, coming soon!
--- End Message ---
--- Begin Message ---
Dave Goodchild schrieb:
On 01/06/06, Merlin <[EMAIL PROTECTED]> wrote:
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
Thank you for any help,
Merlin
Try this:
^(.*)(_a{1})(\d+).htm$
in your regex you are looking for any instance of _, a OR a sequence of
numbers.
I think this will search for zero or more characters, one instance of _a,
then one or more numbers, then .htm.
Hi,
unfortunatelly it does not work. But you are right my regex:
^(.*)_a[0-9](.*).htm$ seems to make an OR with _a OR numbers
, but I would like to have an AND.
Any other ideas?
Merlin
--- End Message ---
--- Begin Message ---
[snip]
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
Thank you for any help,
Merlin
[/snip]
How about this:
(\w)+(_a){1}(\w)+\.htm$
Worked for me :)
HTH
Dan
--
Dan Parry
Senior Developer
Virtua Webtech Ltd
http://www.virtuawebtech.co.uk
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.8.0/352 - Release Date: 30/05/2006
--- End Message ---
--- Begin Message ---
On 01/06/06, Merlin <[EMAIL PROTECTED]> wrote:
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
It won't match something without an _a in it. So there's something
you're not mentioning.
<?php
$test = array('test_a9393.htm','a9393.htm');
foreach ($test as $t) {
print preg_match('/^(.*)_a[0-9](.*).htm$/', $t) ?
"'$t' matches.\n" :
"'$t' does not match.\n";
}
?>
'test_a9393.htm' matches.
'a9393.htm' does not match.
-robin
--- End Message ---
--- Begin Message ---
Robin Vickery schrieb:
On 01/06/06, Merlin <[EMAIL PROTECTED]> wrote:
Hi there,
I do work on following regex:
^(.*)_a[0-9](.*).htm$
This should be valid for "test_a9393.htm", but not for "9393.htm" as
ther is no leading _a infront of the number.
Unfortunatelly this also works for the 9393.htm file. Can somebody give
me a hint why the regex also is true for text that does not start with
_a infront of the number?
It won't match something without an _a in it. So there's something
you're not mentioning.
<?php
$test = array('test_a9393.htm','a9393.htm');
foreach ($test as $t) {
print preg_match('/^(.*)_a[0-9](.*).htm$/', $t) ?
"'$t' matches.\n" :
"'$t' does not match.\n";
}
?>
'test_a9393.htm' matches.
'a9393.htm' does not match.
-robin
Thank you robin! That saved my ass :-) Actually my regex was quit fine,
the problem was that there was a search function searching for
is_numeric that was redirecting to another page *lol*
Best regards, Merlin
--- End Message ---
--- Begin Message ---
Hello,
maybe someone know what can be the problem and how to solve it. It appears
on startup of Apache, WinXP.
Apache doesn't start.
--
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/
--- End Message ---
--- Begin Message ---
Ilja Polivanovas wrote:
Hello,
maybe someone know what can be the problem and how to solve it. It
appears on startup of Apache, WinXP.
Apache doesn't start.
fron a quick google I would hazard a guess that your install is f***ed
due to an earlier apache/php installation.
either that or certain log files are not writable.
try removing all installed stuff (apache, etc) and reinstalling
from scratch.
--- End Message ---
--- Begin Message ---
I am working with a server that has version 4.2.2 on it. I know...I
know...its old. Its my ISPs server so I don't have too much control over
it.
Anyway, I am seeing a problem where when I use the mail function to send
out an email only some of the messages get to the destination. I wrote a
simple test script that runs through a loop and is supposed to send out five
emails. Usually only one or two of the emails make it. And on top of that
its not always the first two that get sent. Here is my test script. I also
have tried using the sleep command to give it 5 seconds between each email
thinking maybe it was a time thing.
for($i=0;$i<5;$i++){
echo $i."<br>";
mail("[EMAIL PROTECTED]","test_".$i, "test_".$i);
sleep(5);
}
Is there something with this version of PHP that could be effecting the mail
function. I checked the change log and there has been some improvements to
the mail function, but not much detail on why the changes were necessary.
Just wondering if I have come across an old bug or something.
I've already asked my ISP to upgrade this server so if that's the solution
its on its way to being fixed. Is there anything else that could be wrong?
Thanks
Aaron
--- End Message ---
