php-general Digest 22 May 2008 03:54:48 -0000 Issue 5472
Topics (messages 274597 through 274622):
Re: php mysql live feed
274597 by: Boyd, Todd M.
274600 by: admin.buskirkgraphics.com
274613 by: tedd
mnoGoSearch and similar
274598 by: Mattias Thorslund
274599 by: Dmitri
274610 by: Mattias Thorslund
Re: A Little Something.
274601 by: Michelle Konzack
274603 by: Michelle Konzack
274612 by: tedd
274617 by: Stut
Re: Data request
274602 by: Michelle Konzack
page suck attack
274604 by: robert
274605 by: Gavin M. Roy
274606 by: Dan Joseph
274607 by: Jason Pruim
274608 by: Warren Vail
274609 by: robert
274611 by: Thiago Pojda
274614 by: TG
274615 by: robert
274616 by: Aschwin Wesselius
274618 by: Nathan Rixham
274619 by: Usamah M. Ali
274620 by: Usamah M. Ali
274621 by: Michael McGlothlin
Re: Semi-OT: PHP Login with client security
274622 by: Tim Thorburn
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Nameless,
I see someone mentioned the setTimeout(function, milliseconds) function for
JavaScript. I would also like to point out that you can use
setInterval(function, milliseconds) in order to have an event repeat at a set
interval. For instance, let's say you had a page laid out like so:
---
<div id="blah">
Text here
</div>
---
You would want to add a script somewhere that would begin the interval in order
to update the div:
---
<script type="text/javascript">
function ajaxRequest()
{
// <insert postback code here>
document.getElementById("blah").innerHTML = ajax.responseText;
}
var t = setInterval("ajaxRequest()", 5000);
</script>
---
This assumes that your XmlHttpRequest object is named "ajax". Assigning the
interval to variable "t" ensures that you can clear the interval if you need to
(via "clearInterval(t);").
I suppose "innerText" can be used instead of "innerHTML", as well. I would
recommend using innerHTML only if you will be populating the div with HTML
code, however.
Hope this helps,
Todd Boyd
Web Programmer
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 3:25 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] php mysql live feed
>
> Okay before i pull more hair out...
>
> I am trying to use php to pull mysql data and refresh the mysql data
> every say 5 seconds for like a live display of the database without the
> screen reloading.
>
> I want the data to refresh but not the screen. Ajax seems to hate me
> because everything i have seen/read/tried is wrapped around ASP.NET or
> requires a user interaction to invoke the query.
>
> If you have example scripts or a good tutorial that actually works
> where you can open a php script and the data changes on the page as the
> database does and the screen does not refresh, and you don’t have to
> onclick, onfocus, or onblur kind of thing. I would be in your debt
>
> Frustrated Rick
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Todd
I want to thank you. You sent me thinking in the right direction to resolving
this issue. I now have successfully created a live Pika Card status GUI using
PHP, MYSQL, AJAX.
The key word in what you said was unique function. I was not thinking to write
a function. I was looking for the quick solve (php MySQL loop or something
stupid). Not only does this work flawless but it has surpassed all my
expectations of the gui.
Todd thank you again for your suggestions and you helped me allot.
Nameless,
I see someone mentioned the setTimeout(function, milliseconds) function for
JavaScript. I would also like to point out that you can use
setInterval(function, milliseconds) in order to have an event repeat at a set
interval. For instance, let's say you had a page laid out like so:
---
<div id="blah">
Text here
</div>
---
You would want to add a script somewhere that would begin the interval in order
to update the div:
---
<script type="text/javascript">
function ajaxRequest()
{
// <insert postback code here>
document.getElementById("blah").innerHTML = ajax.responseText;
}
var t = setInterval("ajaxRequest()", 5000);
</script>
---
This assumes that your XmlHttpRequest object is named "ajax". Assigning the
interval to variable "t" ensures that you can clear the interval if you need to
(via "clearInterval(t);").
I suppose "innerText" can be used instead of "innerHTML", as well. I would
recommend using innerHTML only if you will be populating the div with HTML
code, however.
Hope this helps,
Todd Boyd
Web Programmer
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 3:25 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] php mysql live feed
>
> Okay before i pull more hair out...
>
> I am trying to use php to pull mysql data and refresh the mysql data
> every say 5 seconds for like a live display of the database without the
> screen reloading.
>
> I want the data to refresh but not the screen. Ajax seems to hate me
> because everything i have seen/read/tried is wrapped around ASP.NET or
> requires a user interaction to invoke the query.
>
> If you have example scripts or a good tutorial that actually works
> where you can open a php script and the data changes on the page as the
> database does and the screen does not refresh, and you don’t have to
> onclick, onfocus, or onblur kind of thing. I would be in your debt
>
> Frustrated Rick
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi:
The following could be taken from MySQL just as well:
http://webbytedd.com/b/timed-php/
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Hi,
I'm looking at possibly implementing mnoGoSearch (for indexing and
search of uploaded documents on the server) into my application, but
noticed it has been moved into PECL since PHP 5.1. Does this mean
mnoGoSearch has been deprecated and there is a different/better solution
that I should consider first?
Thanks,
Mattias
--- End Message ---
--- Begin Message ---
Mattias Thorslund wrote:
Hi,
I'm looking at possibly implementing mnoGoSearch (for indexing and
search of uploaded documents on the server) into my application, but
noticed it has been moved into PECL since PHP 5.1. Does this mean
mnoGoSearch has been deprecated and there is a different/better
solution that I should consider first?
Thanks,
Mattias
Mnogosearch i very good for indexing/search I use it and I like it.
you can just build extension from PECL or you can build php module
provided by mnogosearch website, which is a little bit harder to do.
--
Open Source ALL content management
with streaming video
http://wiki.sharedlog.com
--- End Message ---
--- Begin Message ---
Dmitri wrote:
Mattias Thorslund wrote:
Hi,
I'm looking at possibly implementing mnoGoSearch (for indexing and
search of uploaded documents on the server) into my application, but
noticed it has been moved into PECL since PHP 5.1. Does this mean
mnoGoSearch has been deprecated and there is a different/better
solution that I should consider first?
Thanks,
Mattias
Mnogosearch i very good for indexing/search I use it and I like it.
you can just build extension from PECL or you can build php module
provided by mnogosearch website, which is a little bit harder to do.
Thanks for the recommendation, Dmitri.
I was just wondering because of the move to PECL. I can install it on my
servers but it users who want to install my application might find it
too complicated. Also, the PHP manual says the PHP mnoGoSearch module is
not available for Windows, which some of my users run.
Thanks,
Mattias
--- End Message ---
--- Begin Message ---
Am 2008-05-12 15:36:30, schrieb tedd:
> Now, how is that a security threat? Or is the claim that any site
> that uses js is a security threat?
------------------------ END OF REPLIED MESSAGE ------------------------
One of my customers is the french "Ministry of Defense" and IF ENOUGH
websites using the urchinTracker() I can run into heavy trouble using my
laptop for professionel work...
And since the NSA is using Google to track peoples, urchinTracker()is a
privacy violation by european law and definitivly "security threat".
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature
--- End Message ---
--- Begin Message ---
Am 2008-05-12 15:40:54, schrieb Stut:
> CSS, but I may not be understanding what you mean by blunt. Javascript
> can be written such that it eats CPU and/or memory but this is of no
> benefit to anyone so unless you're running on a prehistoric machine I
> can't see that being an issue. And it's worth noting that even if a
> script starts hammering the machine most browsers these days will
> notice that, suspend it and offer to kill it.
About yu "prehistoric machine" :
My Devel-Station is a "AMD Phenom Quad 9800", running Debian GNU/Linux
Unstable, Testing and Stable in Xen-DomU and I know a couple of Websites
where Mozilla/Iceape locks up to one minute, consuming 100% of CPU-Time
and then showing a Message Box, that a Script is consuming very much
esources and if I continue, my Computer would not more responsive...
WTF?
> It is causing the error since it has blocked loading the external file
> but not the call to the code it contains. This, to me at least, seems
> half-arsed. The error only exists on the page if you deny it something
> that it needs to run correctly. IMHO the assumption that if the call
So forcing peoples to do things they do not want to do?
I do not know, what this urchinTacker() does, but since it is named
"Tracker", I asume it is a tool, which collect infos about Websiteusers.
A thing I do not like since it is violation of my privacy.
> to the urchinTracker function can run then so can the script tag to
> pull in that code is pretty reasonable. In fact I make it all the time
> in the code I write and I think the same would go for 99.999% of
> developers using Javascript.
Ehm you mean, that I am one of those 0.001%?
Hmmm, I do not know a singel JavaScript Developer here in Strasbourg who
use it...
> Urchin Tracker is a simple(!) analytics package and poses no danger to
> you or your computer. In fact I would suggest it's anti-productive to
> block it since it prevents the sites you visit from using the data it
> provides to modify their site to make the experience better for you.
So collecting privacy infos about me? -- No thanks!
> That error is caused by your use of selective Javascript-blocking
> technology, and while I work very hard to ensure the sites I develop
> work as well as possible without Javascript I think it's unreasonable
> to expect them to work with selective blocking.
Selective because urchinTacker() tracker is collecting infos about me
which I do not want to give out! -- Privacy violation!
If you use such tools, you have to warn users of your website, that you
are collecting data otherwise you could be run into trouble...
> Well, some of his pages do but that's complicating the issue. As far
> as I can tell the only bit of Javascript common to all Tedd's pages is
> the Google Analytics code which is not required for you to use the
> site, it just enhances the ability for Tedd to analyse how people are
> using it.
Ahh, -- urchinTracker() is from Google. :-)
And if used without informing users, it is definitivly a privacy
violation. At least in most EU countries like Germany and France.
> It can and I care greatly about security, but Javascript is very well
> locked down these days, and it's fairly difficult to get it to do
> anything malicious. Can it do annoying things, yes (but rarely these
> days, and usually only on 'special' sites), but I've not come across
> anything malicious for quite some time.
Since I am working mobile with my ThinkPad, I do not like to be tracked
by this urchinTracker() crap since this mean, Google will track ANY of
my customers where I am working if I use the Internet...
This is not only a privacy violation, it is spionage...
This is HOW secret services (the NSA is using Google) are working.
> In summary I can understand where you're coming from, and it's totally
> your choice to use something that modifies your browsing experience,
> but to then complain that it's causing errors on the sites you visit
> is, to me, beyond ridiculous. That's all I was trying to point out.
I do not know in which country you are, but all peoples worldwide should
block such shit coming from at least the USA/GB/IL.
Note: I am working for the french Ministry of Defense.
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature
--- End Message ---
--- Begin Message ---
At 3:08 PM +0200 5/21/08, Michelle Konzack wrote:
Am 2008-05-12 15:40:54, schrieb Stut:
> Well, some of his pages do but that's complicating the issue. As far
as I can tell the only bit of Javascript common to all Tedd's pages is
the Google Analytics code which is not required for you to use the
site, it just enhances the ability for Tedd to analyse how people are
using it.
Ahh, -- urchinTracker() is from Google. :-)
And if used without informing users, it is definitivly a privacy
violation. At least in most EU countries like Germany and France.
Well then, all web sites are a privacy violation by your definition.
Web sites come standard with server logs and other data gatherers
like Webalizer, which none notify the user that their access is being
recorded.
However, all data collected in such logs can not be tracked back to a
specific user, and thus they are not really a "privacy" violation.
If I say that 43 percent of my web site's visitors come from Europe,
and 30 percent use IE6 then it's not a privacy violation to collect
this data because this data is not tied to a known specific user.
This is much like a traffic counter at on a roadway. Just because you
drove over the counter does not constitute a violation of your
privacy.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
I was going to ignore this, but I'm in a confrontational mood today,
so please accept my apologies for the noise.
On 21 May 2008, at 14:08, Michelle Konzack wrote:
Am 2008-05-12 15:40:54, schrieb Stut:
CSS, but I may not be understanding what you mean by blunt.
Javascript
can be written such that it eats CPU and/or memory but this is of no
benefit to anyone so unless you're running on a prehistoric machine I
can't see that being an issue. And it's worth noting that even if a
script starts hammering the machine most browsers these days will
notice that, suspend it and offer to kill it.
About yu "prehistoric machine" :
My Devel-Station is a "AMD Phenom Quad 9800", running Debian GNU/
Linux
Unstable, Testing and Stable in Xen-DomU and I know a couple of
Websites
where Mozilla/Iceape locks up to one minute, consuming 100% of CPU-
Time
and then showing a Message Box, that a Script is consuming very
much
esources and if I continue, my Computer would not more responsive...
WTF?
1) If your quad-core machine grinds to a halt due to runaway
Javascript code then there's something very wrong with the way it's
configured.
2) You said yourself that the browser suspends the script and asks you
if you want it to continue thereby protecting you from stupid
developers and rendering resource-hungry scripts pointless.
3) It's extremely rare for me to come across a site that will cause
that box to appear these days. Dunno what sites you're visiting but
you might want to consider avoiding them in future.
4) None of this is a security risk, it's just annoying as are a lot of
websites both with and without Javascript.
It is causing the error since it has blocked loading the external
file
but not the call to the code it contains. This, to me at least, seems
half-arsed. The error only exists on the page if you deny it
something
that it needs to run correctly. IMHO the assumption that if the call
So forcing peoples to do things they do not want to do?
I do not know, what this urchinTacker() does, but since it is
named
"Tracker", I asume it is a tool, which collect infos about
Websiteusers.
A thing I do not like since it is violation of my privacy.
Violation of privacy? Let's start with the fact that it's not
collecting anything you don't put out there when you use your browser.
Let's add that none of that info can personally identify you without
consulting your ISP who are highly unlikely to disclose who you are
without a court order.
Now let's consider that the original conversation in this thread has
nothing to do with privacy. I have no problem whatsoever if you want
to block Javascript, but please do it properly or at least don't
complain about errors if you only partly block it. That, and only
that, was my point.
to the urchinTracker function can run then so can the script tag to
pull in that code is pretty reasonable. In fact I make it all the
time
in the code I write and I think the same would go for 99.999% of
developers using Javascript.
Ehm you mean, that I am one of those 0.001%?
Hmmm, I do not know a singel JavaScript Developer here in Strasbourg
who
use it...
Whoa there nellie, I stated that I assume that if part A of my
Javascript runs then part B will also run. I said nothing about always
using Urchin or anything of the sort.
Urchin Tracker is a simple(!) analytics package and poses no danger
to
you or your computer. In fact I would suggest it's anti-productive to
block it since it prevents the sites you visit from using the data it
provides to modify their site to make the experience better for you.
So collecting privacy infos about me? -- No thanks!
Again, if you want to block it I have no problem with that. I think
you're overly cautious but it's entirely your choice.
Google Analytics (which is where the Urchin code comes from) does
gather a tiny bit more information than normal server logs but none of
it is personally identifiable or in any way a security risk. But just
to state it again, I couldn't care less if you blocked it.
That error is caused by your use of selective Javascript-blocking
technology, and while I work very hard to ensure the sites I develop
work as well as possible without Javascript I think it's unreasonable
to expect them to work with selective blocking.
Selective because urchinTacker() tracker is collecting infos
about me
which I do not want to give out! -- Privacy violation!
If you use such tools, you have to warn users of your website, that
you
are collecting data otherwise you could be run into trouble...
Not really. You are giving out that information whether you like it or
not because that's the way your browser works. If you want to be
really anal about it you can get browser addons and proxies that will
strip most of that info out, but again I really don't see what you're
afraid of.
I think it's also worth repeating that I couldn't care less if you
decide to block Javascript, that's not even close to the point I was
making in this conversation.
Well, some of his pages do but that's complicating the issue. As far
as I can tell the only bit of Javascript common to all Tedd's pages
is
the Google Analytics code which is not required for you to use the
site, it just enhances the ability for Tedd to analyse how people are
using it.
Ahh, -- urchinTracker() is from Google. :-)
And if used without informing users, it is definitivly a
privacy
violation. At least in most EU countries like Germany and France.
Then don't use sites that use it from those countries. Or, better yet,
turn your computer off and go play outside.
It can and I care greatly about security, but Javascript is very well
locked down these days, and it's fairly difficult to get it to do
anything malicious. Can it do annoying things, yes (but rarely these
days, and usually only on 'special' sites), but I've not come across
anything malicious for quite some time.
Since I am working mobile with my ThinkPad, I do not like to be
tracked
by this urchinTracker() crap since this mean, Google will track
ANY of
my customers where I am working if I use the Internet...
This is not only a privacy violation, it is spionage...
This is HOW secret services (the NSA is using Google) are working.
Really don't know where you're getting that from, but if it's even
remotely true nobody would be using Google Analytics. I'm betting
you're confusing Analytics with something else Google do, but for the
life of me I can't think what.
In summary I can understand where you're coming from, and it's
totally
your choice to use something that modifies your browsing experience,
but to then complain that it's causing errors on the sites you visit
is, to me, beyond ridiculous. That's all I was trying to point out.
I do not know in which country you are, but all peoples worldwide
should
block such shit coming from at least the USA/GB/IL.
Note: I am working for the french Ministry of Defense.
Ooh, give 'em a peanut. I live and work in the UK and every site I
work on that uses Google Analytics has nothing specific about Google
Analytics in the privacy policy. They all talk about use of cookies,
IP addresses and server logs and I've never had any complaints.
But, at risk of labouring the point, I don't have an issue if you
decide to worry about inconsequential things like websites gathering
anonymous usage data so they can improve the experience for you. I
couldn't care less if you disable Javascript to prevent evil popup
ads. I don't really give a damn if you decide to use lynx as the
ultimate surfer condom.
My issue is purely and simply that if someone decides to remove half
the code for something they should not feel they have the right to
complain to the developers when they see errors. You wouldn't expect a
car to work if you removed all the cylinders, would you? But I'd love
to see the persons face when you take it back and complain.
Sometimes I wonder why I bother.
-Stut
--
http://stut.net/
--- End Message ---
--- Begin Message ---
Am 2008-05-20 15:28:31, schrieb Chris Haensel:
> Hi fellas (and ladies)
>
> Again, I know this is kind of an OT post, but I know that many, if not most,
> developers are kind of data-collectors.
>
> I am looking for a database with US airport runway information. I got all
> kinds of stuff, but this one is keeping me busy. What I need is ICAO code,
> runway numbers, length, with, TDZE and stuff like that.
>
> Any aviation nut out there having that kind of stuff?
Unfortunately I have no infos about the USA...
But maybe you can contact the "Internationale Luftfahrt Behörde"
in Frankfurt. Since I am Off-Line I can not check the address
but since you are in Germanien it will be easy for you...
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature
--- End Message ---
--- Begin Message ---
Hi
Every so often my site is "attacked" in which all URLS on my site are
retrieved in the span of minutes. What is this called?? I mean what do
I google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would like
to be able to research it to know my options.
thank you
robert
--- End Message ---
--- Begin Message ---
Search engines indexing your site?
On Wed, May 21, 2008 at 11:54 AM, robert <[EMAIL PROTECTED]> wrote:
> Hi
> Every so often my site is "attacked" in which all URLS on my site are
> retrieved in the span of minutes. What is this called?? I mean what do I
> google for? I don't know where to begin.
>
> I'm not sure if I am going to implement such at thing but I would like to
> be able to research it to know my options.
>
> thank you
> robert
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
On Wed, May 21, 2008 at 11:54 AM, robert <[EMAIL PROTECTED]> wrote:
> Hi
> Every so often my site is "attacked" in which all URLS on my site are
> retrieved in the span of minutes. What is this called?? I mean what do I
> google for? I don't know where to begin.
>
> I'm not sure if I am going to implement such at thing but I would like to
> be able to research it to know my options.
>
> thank you
> robert
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Are you talking about a DOS attack? (Denial of Service) -- this is usually
where your site is flooded with hits and you can't get to it because its
overloaded.
--
-Dan Joseph
www.canishosting.com - Plans start @ $1.99/month. Reseller plans and
Dedicated servers available.
"Build a man a fire, and he will be warm for the rest of the day.
Light a man on fire, and will be warm for the rest of his life."
--- End Message ---
--- Begin Message ---
One thing you might want to check for before blocking it is looking in
the logs and checking to see if it is one of the search engines that
is grabbing your URL's... Which I would think you actually want :)
On May 21, 2008, at 11:54 AM, robert wrote:
Hi
Every so often my site is "attacked" in which all URLS on my site
are retrieved in the span of minutes. What is this called?? I mean
what do I google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would
like to be able to research it to know my options.
thank you
robert
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
Hmmm, sounds like a search engine scan, Google or Yahoo Slurpy? Do a
reverse lookup on the requesting IP. I would think the goal would be to get
this increased? You can stop it (or control it a bit) by placing a
robots.txt file in the root directory, then telling the robot which paths
not to follow (you can google for how to do this).
Warren
> -----Original Message-----
> From: robert [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 21, 2008 8:54 AM
> To: PHP
> Subject: [PHP] page suck attack
>
> Hi
> Every so often my site is "attacked" in which all URLS on my
> site are retrieved in the span of minutes. What is this
> called?? I mean what do I google for? I don't know where to begin.
>
> I'm not sure if I am going to implement such at thing but I
> would like to be able to research it to know my options.
>
> thank you
> robert
>
> --
> PHP General Mailing List (http://www.php.net/) To
> unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Not that i can tell. Yahoo and google have a signature: googlebot and
slurp. both of them also check my site over a span of days. that's all
good. The others come from regular isps as far as their IP tells me
and the hits are within milliseconds.
On May 21, 2008, at 8:57 AM, Gavin M. Roy wrote:
Search engines indexing your site?
On Wed, May 21, 2008 at 11:54 AM, robert <[EMAIL PROTECTED]> wrote:
Hi
Every so often my site is "attacked" in which all URLS on my site are
retrieved in the span of minutes. What is this called?? I mean what
do I
google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would
like to
be able to research it to know my options.
thank you
robert
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Perhaps someone is accessing your website with some prefetching tool?
I'm not sure, but I think Fasterfox does that.
Atenciosamente,
www.softpartech.com.br
Thiago Henrique Pojda
Desenvolvimento Web
+55 41 3033-7676
[EMAIL PROTECTED]
Excelência em Softwares Financeiros
-----Mensagem original-----
De: robert [mailto:[EMAIL PROTECTED]
Enviada em: quarta-feira, 21 de maio de 2008 13:05
Para: PHP
Assunto: Re: [PHP] page suck attack
Not that i can tell. Yahoo and google have a signature: googlebot and
slurp. both of them also check my site over a span of days. that's all
good. The others come from regular isps as far as their IP tells me
and the hits are within milliseconds.
On May 21, 2008, at 8:57 AM, Gavin M. Roy wrote:
> Search engines indexing your site?
> On Wed, May 21, 2008 at 11:54 AM, robert <[EMAIL PROTECTED]> wrote:
>
>> Hi
>> Every so often my site is "attacked" in which all URLS on my site are
>> retrieved in the span of minutes. What is this called?? I mean what
>> do I
>> google for? I don't know where to begin.
>>
>> I'm not sure if I am going to implement such at thing but I would
>> like to
>> be able to research it to know my options.
>>
>> thank you
>> robert
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Can you check your logs and look at the user agent for what's making the
connections? Could it just be a search engine crawler indexing your pages?
You can control access, usually, via a robots.txt exclusion file.
If it's someone else mirroring your site for some reason, some programs that
do this will obey robots.txt settings.
If it's happening a lot and degrading the performance of your web server,
then it may be a DOS (denial of service) attack.
By the basic description you gave, it doesn't sound like an attack.
-TG
----- Original Message -----
From: robert <[EMAIL PROTECTED]>
To: PHP <[EMAIL PROTECTED]>
Date: Wed, 21 May 2008 08:54:20 -0700
Subject: [PHP] page suck attack
> Hi
> Every so often my site is "attacked" in which all URLS on my site are
> retrieved in the span of minutes. What is this called?? I mean what do
> I google for? I don't know where to begin.
>
> I'm not sure if I am going to implement such at thing but I would like
> to be able to research it to know my options.
>
> thank you
> robert
--- End Message ---
--- Begin Message ---
Cool! yes Fasterfox could be it. If anyone cares, it also gave me some
clues to what I was looking for: "offline browsing". Certainly better
keywords than "page suck" :)
thank you everyone!
On May 21, 2008, at 10:02 AM, Thiago Pojda wrote:
Perhaps someone is accessing your website with some prefetching tool?
I'm not sure, but I think Fasterfox does that.
Atenciosamente,
www.softpartech.com.br
Thiago Henrique Pojda
Desenvolvimento Web
+55 41 3033-7676
[EMAIL PROTECTED]
Excelência em Softwares Financeiros
-----Mensagem original-----
De: robert [mailto:[EMAIL PROTECTED]
Enviada em: quarta-feira, 21 de maio de 2008 13:05
Para: PHP
Assunto: Re: [PHP] page suck attack
Not that i can tell. Yahoo and google have a signature: googlebot and
slurp. both of them also check my site over a span of days. that's all
good. The others come from regular isps as far as their IP tells me
and the hits are within milliseconds.
On May 21, 2008, at 8:57 AM, Gavin M. Roy wrote:
Search engines indexing your site?
On Wed, May 21, 2008 at 11:54 AM, robert <[EMAIL PROTECTED]>
wrote:
Hi
Every so often my site is "attacked" in which all URLS on my site
are
retrieved in the span of minutes. What is this called?? I mean what
do I
google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would
like to
be able to research it to know my options.
thank you
robert
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
robert wrote:
Not that i can tell. Yahoo and google have a signature: googlebot and
slurp. both of them also check my site over a span of days. that's all
good. The others come from regular isps as far as their IP tells me
and the hits are within milliseconds.
Hi,
Are the URL's legit? Or are there URL's being called that cause 404
errors? Since there are bots out there scanning for vulnerable paths,
like phpMyAdmin, phpBB, cgi-bin exploits etc.
--- End Message ---
--- Begin Message ---
robert wrote:
Hi
Every so often my site is "attacked" in which all URLS on my site are
retrieved in the span of minutes. What is this called?? I mean what do I
google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would like
to be able to research it to know my options.
thank you
robert
Hi Robert,
It would appear to me that you've been hit by a scraper bot / content
harvester.
If you could give a couple of lines from the log file I'd be able to
confirm pretty quickly.
These scrapers are normally easy to block, all you need to do is block
there IP address / Subnet.
Many Regards
Nathan
--- End Message ---
--- Begin Message ---
On Wed, May 21, 2008 at 8:51 PM, robert <[EMAIL PROTECTED]> wrote:
> Cool! yes Fasterfox could be it. If anyone cares, it also gave me some
> clues to what I was looking for: "offline browsing". Certainly better
> keywords than "page suck" :)
>
> thank you everyone!
>
>
Well, "site rippers" is a more suitable name today, as most people are on
fast DSL/cable connections so no need for "offline browsing". Those days are
gone.. sigh!
Is your site content-heavy? It could be someone trying to download your
site's content to use for whatever reason it might be, or it might be just a
script kiddie trying enjoying his time. Anyway you should it take it
seriously and investigate the information available at your hand about the
source and cause of these actions.
Here's a nice tutorial on how to deal with these scripts by blocking them
through the use of robots.txt and .htaccess. It's a part of a series so
you'd better start from the first part.
Regards,
Usamah
--- End Message ---
--- Begin Message ---
Sorry, the link:
http://www.javascriptkit.com/howto/htaccess13.shtml
Usamah
On Thu, May 22, 2008 at 1:15 AM, Usamah M. Ali <[EMAIL PROTECTED]> wrote:
>
>
> On Wed, May 21, 2008 at 8:51 PM, robert <[EMAIL PROTECTED]> wrote:
>
>> Cool! yes Fasterfox could be it. If anyone cares, it also gave me some
>> clues to what I was looking for: "offline browsing". Certainly better
>> keywords than "page suck" :)
>>
>> thank you everyone!
>>
>>
> Well, "site rippers" is a more suitable name today, as most people are on
> fast DSL/cable connections so no need for "offline browsing". Those days are
> gone.. sigh!
>
> Is your site content-heavy? It could be someone trying to download your
> site's content to use for whatever reason it might be, or it might be just a
> script kiddie trying enjoying his time. Anyway you should it take it
> seriously and investigate the information available at your hand about the
> source and cause of these actions.
>
> Here's a nice tutorial on how to deal with these scripts by blocking them
> through the use of robots.txt and .htaccess. It's a part of a series so
> you'd better start from the first part.
>
> Regards,
> Usamah
>
--- End Message ---
--- Begin Message ---
robert wrote:
Hi
Every so often my site is "attacked" in which all URLS on my site are
retrieved in the span of minutes. What is this called?? I mean what do
I google for? I don't know where to begin.
I'm not sure if I am going to implement such at thing but I would like
to be able to research it to know my options.
thank you
robert
Each of our websites get a page sucked about every 5 seconds from Google
alone. Sometimes seems a little aggressive but I'd rather they be
indexing our websites than not. Other spiders are usually more moderate
in my experience. I usually make sure my robots.txt blocks downloading
css, scripting, images, and files by spiders so at least all they're
getting is the HTML content that is actually useful.
--
Michael McGlothlin
Southwest Plumbing Supply
smime.p7s
Description: S/MIME Cryptographic Signature
--- End Message ---
--- Begin Message ---
Wolf wrote:
IMHO, you should be testing this long before taking it to the customer and
having another failure to show off.
Personally, 2 failures is good reason NOT to purchase someone's services...
Wolf
Yes, I'm well aware of this - the point which you've continually failed
to realize is that this code works on a large variety of servers (shared
hosting, VPS, and managed), browsers, and internal network setups for
the other 20+ clients I deal with regularly. The problem is specific to
a single clients internal setup. In the future, kindly refrain from
hitting the reply button if you simply don't have an answer beyond the
standard "your code is bad" response.
Tim
--- End Message ---
