php-general Digest 10 Sep 2010 01:33:21 -0000 Issue 6932
Topics (messages 307902 through 307911):
Show text without converting to html
307902 by: Jack
307903 by: Marc Guay
307904 by: Andrew Ballard
307905 by: Richard Quadling
307906 by: Jack
307907 by: Jack
307909 by: Andrew Ballard
307910 by: Tommy Pham
Re: Filestat.c erorrs when building php-5.3.3 on solaris
307908 by: STANFIELD, VICKI CTR DFAS
Zend framework
307911 by: chris h
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Hello All,
I have some code which converts to some html to ascii characters. This
basically obfuscates the html code, but shows it correctly on an page.
I am trying to show the results of the obfuscation ( works correctly because
it displays the html value ), but I want to then show the obfuscated html
code so they can copy it.
An example is I want to show them this below:
<a
href="mailto:your
0;email.addre�
0115;s?subject=&cc=&bcc=&body=" style="" class=""
id="">your@email�
46;address</a>
Which was created by the code, but I apparently can't seem to echo it and
get it to display like above.. It converts it to html no matter what I do.
Thanks!
Jack
--- End Message ---
--- Begin Message ---
> Which was created by the code, but I apparently can't seem to echo it and
> get it to display like above.. It converts it to html no matter what I do.
Have you tried the <pre> HTML tag? (http://www.w3schools.com/TAGS/tag_pre.asp)
Putting inside a <textarea> might also work for you...
--
Marc Guay
MobilizeMe
mobilizeme.com
--- End Message ---
--- Begin Message ---
On Thu, Sep 9, 2010 at 9:52 AM, Jack <[email protected]> wrote:
>
> Hello All,
>
>
> I have some code which converts to some html to ascii characters. This
> basically obfuscates the html code, but shows it correctly on an page.
>
>
> I am trying to show the results of the obfuscation ( works correctly because
> it displays the html value ), but I want to then show the obfuscated html
> code so they can copy it.
>
> An example is I want to show them this below:
>
> <a
> href="mailto:your
> 0;email.addre�
> 0115;s?subject=&cc=&bcc=&body=" style="" class=""
> id="">your@email�
> 46;address</a>
>
>
>
> Which was created by the code, but I apparently can't seem to echo it and
> get it to display like above.. It converts it to html no matter what I do.
This should do it:
<?php
$var = '<a
href="mailto:your@email.address?subject=&cc=&bcc=&body="
style="" class=""
id="">your@email.address</a>';
echo htmlspecialchars($var);
?>
The obfuscation doesn't buy you much, though.
<?php
var_dump(html_entity_decode($var, ENT_QUOTES, 'utf-8'));
?>
string(106) "<a
href="mailto:[email protected]?subject=&cc=&bcc=&body="; style=""
class="" id="">[email protected]</a>"
The only people for whom the value will be obscure will be the humans
who actually try to read the HTML source code itself. Neither web
browsers nor harvesting scripts won't have any trouble reading it.
Andrew
--- End Message ---
--- Begin Message ---
On 9 September 2010 14:52, Jack <[email protected]> wrote:
> Hello All,
> I have some code which converts to some html to ascii characters. This
> basically obfuscates the html code, but shows it correctly on an page.
> I am trying to show the results of the obfuscation ( works correctly because
> it displays the html value ), but I want to then show the obfuscated html
> code so they can copy it.
> An example is I want to show them this below:
> <a
> href="mailto:your
> 0;email.addre�
> 0115;s?subject=&cc=&bcc=&body=" style="" class=""
> id="">your@email�
> 46;address</a>
> Which was created by the code, but I apparently can't seem to echo it and
> get it to display like above.. It converts it to html no matter what I do.
> Thanks!
> Jack
htmlentities() is your friend here.
<?php
$text = '<a
href="mailto:your@email.address?subject=&cc=&bcc=&body="
style="" class=""
id="">your@email.address</a>';
echo $text, htmlentities($text);
?>
outputs ...
[email protected]<a
href="mailto:your@email.address?subject=&cc=&bcc=&body="
style="" class=""
id="">your@email.address</a>
--
Richard Quadling
Twitter : EE : Zend
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY
--- End Message ---
--- Begin Message ---
-----Original Message-----
From: Andrew Ballard [mailto:[email protected]]
The only people for whom the value will be obscure will be the humans who
actually try to read the HTML source code itself. Neither web browsers nor
harvesting scripts won't have any trouble reading it.
Andrew
Andrew,
One other note, if the link doesn't say mailto: a harvester will have to decode
the entire page in order to find the mailto, do you think that’s happening.
This could be one of those things where you help against a percentage of
harvesters, and not others.
J
--- End Message ---
--- Begin Message ---
-----Original Message-----
From: Andrew Ballard [mailto:[email protected]]
Sent: Thursday, September 09, 2010 10:13 AM
To: Jack
Cc: PHP
Subject: Re: [PHP] Show text without converting to html
On Thu, Sep 9, 2010 at 9:52 AM, Jack <[email protected]> wrote:
>
> Hello All,
>
>
> I have some code which converts to some html to ascii characters.
> This basically obfuscates the html code, but shows it correctly on an page.
>
>
> I am trying to show the results of the obfuscation ( works correctly
> because it displays the html value ), but I want to then show the
> obfuscated html code so they can copy it.
>
> An example is I want to show them this below:
>
> <a
> href="mailto:you
> 4;
> 0;email.addr

> 1;� 0115;s?subject=&cc=&bcc=&body=" style="" class=""
> id="">your@email
> ;� 46;address</a>
>
>
>
> Which was created by the code, but I apparently can't seem to echo it
> and get it to display like above.. It converts it to html no matter what I do.
This should do it:
<?php
$var = '<a
href="mailto:your@email.address?subject=&cc=&bcc=&body="
style="" class=""
id="">your@email.address</a>';
echo htmlspecialchars($var);
?>
The obfuscation doesn't buy you much, though.
<?php
var_dump(html_entity_decode($var, ENT_QUOTES, 'utf-8'));
?>
string(106) "<a
href="mailto:[email protected]?subject=&cc=&bcc=&body="; style=""
class="" id="">[email protected]</a>"
The only people for whom the value will be obscure will be the humans who
actually try to read the HTML source code itself. Neither web browsers nor
harvesting scripts won't have any trouble reading it.
Andrew
Hi Andrew,
I thought this was suppose to help against many of the havesting scripts?
--- End Message ---
--- Begin Message ---
On Thu, Sep 9, 2010 at 11:39 AM, Jack <[email protected]> wrote:
> -----Original Message-----
> From: Andrew Ballard [mailto:[email protected]]
>
>
> The only people for whom the value will be obscure will be the humans who
> actually try to read the HTML source code itself. Neither web browsers nor
> harvesting scripts won't have any trouble reading it.
>
> Andrew
>
>
> Andrew,
>
> One other note, if the link doesn't say mailto: a harvester will have to
> decode the entire page in order to find the mailto, do you think that’s
> happening. This could be one of those things where you help against a
> percentage of harvesters, and not others.
>
> J
It will protect against a (possibly large?) percentage of those that
are looking for the lowest hanging fruit. I have a few reasons that
feed my doubts about its effectiveness:
- The most common answer you find when you search for e-mail
obfuscation is something similar to what you've shown, whether it uses
HTML character entities, numeric entities, or a combination of the
two.
- The overhead to convert frankly isn't that high. I realize that in
the case of a harvester you are multiplying that overhead by the sheer
volume of content being processed, but given the speed of processors I
don't think that matters much anymore.
- There are simple ways to minimize the overhead. For example, a
script does not have to decode an entire page; it only has to look for
anchor tags and decode the contents of the href attribute of each tag
found.
Combine these and I don't think this obfuscation technique adds enough
cost to be much of a barrier. Of course, this is just my opinion.
Those who write harvesters might be lazier than I give them credit.
Andrew
--- End Message ---
--- Begin Message ---
> -----Original Message-----
> From: Andrew Ballard [mailto:[email protected]]
> Sent: Thursday, September 09, 2010 11:22 AM
> To: Jack
> Cc: PHP
> Subject: Re: [PHP] Show text without converting to html
>
<snip />
>
> It will protect against a (possibly large?) percentage of those that are
> looking for the lowest hanging fruit. I have a few reasons that feed my
> doubts about its effectiveness:
>
> - The most common answer you find when you search for e-mail
> obfuscation is something similar to what you've shown, whether it uses
> HTML character entities, numeric entities, or a combination of the two.
>
> - The overhead to convert frankly isn't that high. I realize that in the case
> of
> a harvester you are multiplying that overhead by the sheer volume of
> content being processed, but given the speed of processors I don't think
> that matters much anymore.
>
> - There are simple ways to minimize the overhead. For example, a script
> does not have to decode an entire page; it only has to look for anchor tags
> and decode the contents of the href attribute of each tag found.
>
>
> Combine these and I don't think this obfuscation technique adds enough
> cost to be much of a barrier. Of course, this is just my opinion.
> Those who write harvesters might be lazier than I give them credit.
>
>
> Andrew
>
I think it all depends on the value of the crop(s) to be harvested.. ;)
As for performance, even the speed of the processors are much faster today
than before, it will affect performance depending on # of hits. In addition,
the bandwidth consumption will increase considerably on a heavy traffic site
with all the extra characters for obfuscation, especially if you're on a capped
hosting service. If you have something you want to safeguard, IMO, use
authentication. Or you could try to create a monitoring mechanism to detect
any unwanted behavior and deny the request(s).
Regards,
Tommy
--- End Message ---
--- Begin Message ---
Ok, I tried removing the --disable-posix and adding --with-tsrm-pthreads
to the configure options.
The resulting configure looks like this:
CC='/usr/local/bin/gcc' \
'./configure' \
'--prefix=/app/php533' \
'--enable-shared' \
'--with-tsrm-pthreads' \
'--with-gnu-ld' \
'--with-apxs2=/app/apache2216/bin/apxs' \
'--with-zlib' \
'--with-zlib-dir=/usr/lib' \
'--with-png-dir=/usr/include/libpng' \
'--with-openssl=/shared_ro/openssl_098' \
'--with-oci8=/shared_ro/users.oracle/11.1.0'
Now I get this:
/users/03333/php-5.3.3/ext/posix/posix.c: In function
`zif_posix_getgrnam':
/users/03333/php-5.3.3/ext/posix/posix.c:1017: error: too many arguments
to function `getgrnam_r'
/users/03333/php-5.3.3/ext/posix/posix.c: In function
`zif_posix_getgrgid':
/users/03333/php-5.3.3/ext/posix/posix.c:1067: error: too many arguments
to function `getgrgid_r'
/users/03333/php-5.3.3/ext/posix/posix.c:1067: warning: assignment makes
integer from pointer without a cast
/users/03333/php-5.3.3/ext/posix/posix.c: In function
`zif_posix_getpwnam':
/users/03333/php-5.3.3/ext/posix/posix.c:1136: error: too many arguments
to function `getpwnam_r'
/users/03333/php-5.3.3/ext/posix/posix.c: In function
`zif_posix_getpwuid':
/users/03333/php-5.3.3/ext/posix/posix.c:1184: error: too many arguments
to function `getpwuid_r'
/users/03333/php-5.3.3/ext/posix/posix.c:1184: warning: assignment makes
integer from pointer without a cast
gmake: *** [ext/posix/posix.lo] Error 1
Do I need to add the -D_POSIX_PTHREAD_SEMANTICS in the makefile or
configure.in somewhere? Can you point me in the right direction?
-Vicki Stanfield, RHCE, CISSP
-----Original Message-----
From: Tom Rogers [mailto:[email protected]]
Sent: Wednesday, September 08, 2010 10:06 PM
To: Tom Rogers
Cc: [email protected]
Subject: Re: [PHP] Filestat.c erorrs when building php-5.3.3 on solaris
Hi,
Thursday, September 9, 2010, 11:31:06 AM, you wrote:
TR> Hi,
TR> Thursday, September 9, 2010, 2:07:50 AM, you wrote:
SVCD>> I am trying to build php-5.3.3 and getting the following error:
SVCD>> /users/03333/php-5.3.3/TSRM -I/users/03333/php-5.3.3/Zend
SVCD>> -I/usr/local/include -g -O2 -DZTS -c
SVCD>> /users/03333/php-5.3.3/ext/standard/filestat.c -o
SVCD>> ext/standard/filestat.lo
SVCD>> /users/03333/php-5.3.3/ext/standard/filestat.c: In function
SVCD>> `php_do_chgrp':
SVCD>> /users/03333/php-5.3.3/ext/standard/filestat.c:416: error: too
many
SVCD>> arguments to function `getgrnam_r'
SVCD>> /users/03333/php-5.3.3/ext/standard/filestat.c: In function
SVCD>> `php_do_chown':
SVCD>> /users/03333/php-5.3.3/ext/standard/filestat.c:517: error: too
many
SVCD>> arguments to function `getpwnam_r'
SVCD>> make: *** [ext/standard/filestat.lo] Error 1
SVCD>> I have set my ORACLE_HOME, my PATH, and my LD_LIBRARY_PATH
SVCD>> And used the following configure command:
SVCD>> ./configure --prefix=/app/php533
--with-apxs2=/app/apache2215/bin/apxs
SVCD>> --with-zlib --with-zlib-dir=/usr/lib
SVCD>> --with-png-dir=/usr/include/libpng
SVCD>> --with-openssl=/shared_ro/openssl_098
SVCD>> --with-oci8=/shared_ro/users.oracle/11.1.0
SVCD>> I am using gmake 3.80. Can anyone give me a hint as to what I am
doing
SVCD>> wrong in this build?
SVCD>> -Vicki Stanfield, RHCE, CISSP
TR> From the error message it would seem the operating
system's
TR> getpwnam_r() function is not POSIX compatible.
TR> What system are you compiling on?
TR> --
TR> regards,
TR> Tom
It would seem you need to add -D_POSIX_PTHREAD_SEMANTICS to the cc
flags to get the right function.
--
regards,
Tom
--- End Message ---
--- Begin Message ---
Hello all,
I'm starting a new project and I'm thinking about building it on Zend
framework and possibly Zend server. I've only used the framework slightly
and I've never really used Zend server. That being said I hear that the
framework is pretty decent to work with. I want something that is strict
and uses OOP & MVC well, and I hear it does; though I also have the
impression that it's slow and bloated...
Anyways, I was curious if any of you have some general advice / good things
/ horror stories on the Zend framework?
Thanks,
Chris.
--- End Message ---
