php-general Digest 23 Apr 2012 11:15:40 -0000 Issue 7785
php-general Digest 23 Apr 2012 11:15:40 - Issue 7785 Topics (messages 317646 through 317649): Re: [PHP-DB] School timetable in php 317646 by: tamouse mailing lists 317649 by: Tony Marston Re: Blocking URL hacking attemps 317647 by: Mihamina Rakotomandimby 317648 by: admin Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- On Sun, Apr 22, 2012 at 1:41 AM, Vinay Kannan viny...@gmail.com wrote: Weekly subject wise lecture schedule, subject wise / faculty wise. On Sun, Apr 22, 2012 at 12:02 PM, tamouse mailing lists tamouse.li...@gmail.com wrote: On Fri, Apr 20, 2012 at 7:00 AM, Vinay Kannan viny...@gmail.com wrote: I am trying to develop a school time table system in php mysql, anybody has any headsup on the same, i was thinking about some existing scripts to take a look at. Not entirely clear what is meant by time table -- do you mean schedule of classes? Important dates in the school year? or...? Also, what is it you want to be able to do with this? Who will be using this? There are many different approaches one can take, depending on what needs to happen. Hard to know what to suggest without a little more info? I modified an application that was originally set up for scheduling conference rooms, my version was to schedule appointments at a convention. You can grab it at https://github.com/tamouse/cdmacal . It is probably *way* more complex than you need, but it might give some ideas? ---End Message--- ---BeginMessage--- tamouse mailing lists wrote in message news:CAHUC_t-cch8cBXZvzWtx42ZPFEuVkMPG=50jkwv+gygelk_...@mail.gmail.com... On Sun, Apr 22, 2012 at 1:41 AM, Vinay Kannan viny...@gmail.com wrote: Weekly subject wise lecture schedule, subject wise / faculty wise. On Sun, Apr 22, 2012 at 12:02 PM, tamouse mailing lists tamouse.li...@gmail.com wrote: On Fri, Apr 20, 2012 at 7:00 AM, Vinay Kannan viny...@gmail.com wrote: I am trying to develop a school time table system in php mysql, anybody has any headsup on the same, i was thinking about some existing scripts to take a look at. snip I have a sample application called Classroom Scheduling which comes with the Radicore framework. Even if you don't want to use the code, the database design might be useful. If you visit the Radicore website at http://www.radicore.org you can logon to the demonstration system, click on the PROTO button, then select Classroom. This has functions for rooms, teachers, subjects, lessons, classes and students. -- Tony Marston http://www.tonymarston.net http://www.radicore.org ---End Message--- ---BeginMessage--- On 04/22/2012 07:55 PM, sono...@fannullone.us wrote: Is there a way that I can trap the extra info in the URL's and pass it to the I miss the interest of that system: the URL doesnt exist, so the nasty client will get a 404 and you're done. If you want to do more filtering, I would suggest coupling with fail2ban, so that filtering will occur at TCP level. -- RMA. ---End Message--- ---BeginMessage--- -Original Message- From: sono...@fannullone.us [mailto:sono...@fannullone.us] Sent: Sunday, April 22, 2012 12:55 PM To: PHP General Subject: [PHP] Blocking URL hacking attemps I'm using a script called BlackHole that uses PHP and a hidden directory to catch bad bots and block them by their IP address from the site [http://perishablepress.com/blackhole-bad-bots/]. It's working very well, but I'd like to expand on the idea. When looking at our access logs, I see someone adding code to our URL's in hopes to, apparently, hack into our site. If our URL is like this: http://www.example.com/pages/bolts.php they are adding to it like this: http://www.example.com/pages/bolts.php/wp-content/themes/functions/thumb.php .cache/external_e19f4bb51bc2262e07d23b79b916c12c.php or http://www.example.com/pages/bolts.php/cart.php or http://www.example.com/pages/bolts.php/wp-content/themes/functions/thumb.php timthumb.php or http://www.example.com/pages/bolts.php/bratislava/stare-mesto Is there a way that I can trap the extra info in the URL's and pass it to the BlackHole script to ban these attempts as well? I'm thinking I'll need to compare the entered URL with $_SERVER[PHP_SELF] and if there's extra info, like another *.php, after the page name, then ban the IP. I realize that's a rather simplistic explanation and there may be a better way to accomplish this. If anyone has any examples they can share, I'd really appreciate. Thanks, Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Marc, First I would suggest
[PHP] Re: [PHP-DB] School timetable in php
tamouse mailing lists wrote in message news:CAHUC_t-cch8cBXZvzWtx42ZPFEuVkMPG=50jkwv+gygelk_...@mail.gmail.com... On Sun, Apr 22, 2012 at 1:41 AM, Vinay Kannan viny...@gmail.com wrote: Weekly subject wise lecture schedule, subject wise / faculty wise. On Sun, Apr 22, 2012 at 12:02 PM, tamouse mailing lists tamouse.li...@gmail.com wrote: On Fri, Apr 20, 2012 at 7:00 AM, Vinay Kannan viny...@gmail.com wrote: I am trying to develop a school time table system in php mysql, anybody has any headsup on the same, i was thinking about some existing scripts to take a look at. snip I have a sample application called Classroom Scheduling which comes with the Radicore framework. Even if you don't want to use the code, the database design might be useful. If you visit the Radicore website at http://www.radicore.org you can logon to the demonstration system, click on the PROTO button, then select Classroom. This has functions for rooms, teachers, subjects, lessons, classes and students. -- Tony Marston http://www.tonymarston.net http://www.radicore.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: No error reporting on
Just my $.02, but don't you need: ini_set('display_errors', '1'); as well? Dotan Cohen dotanco...@gmail.com wrote in message news:CAKDXFkMOH63=hnlekxugampqwrhvvet2x4iw-42soqkisrg...@mail.gmail.com... Given this code: error_reporting(-1); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: No error reporting on
On Mon, Apr 23, 2012 at 14:18, Jim Giner jim.gi...@albanyhandball.com wrote: Just my $.02, but don't you need: ini_set('display_errors', '1'); as well? Possibly, thanks. I actually don't have access to that! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: No error reporting on
On 04/23/2012 01:21 PM, Dotan Cohen wrote: On Mon, Apr 23, 2012 at 14:18, Jim Ginerjim.gi...@albanyhandball.com wrote: Just my $.02, but don't you need: ini_set('display_errors', '1'); as well? Possibly, thanks. I actually don't have access to that! That line should be placed in your script. not the php.ini file -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ http://www.bendsource.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: No error reporting on
On Mon, Apr 23, 2012 at 16:53, Jim Lucas li...@cmsws.com wrote: Possibly, thanks. I actually don't have access to that! That line should be placed in your script. not the php.ini file Yes, I'm working on a functions file that is include()ed by the main script. I'm not supposed to touch the main script without a very good reason. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session lost problem
hi all: there are tow php files a.php and b.php, content of a.php as follows: ?php session_start(); if (!isset($_GET['flag'])) { header('Location: b.php'); } else { var_dump($_SESSION); } content of b.php as follows: ?php session_start(); session_commit(); $_SESSION['test'] = 'test'; session_commit(); header('Location: a.php?flag=1'); when i visit a.php, the dumped $_SESSION array is empty but if i commented the first session_commit() in b.php and then visit a.php, i cound see the $_SESSION array,which is not empty i wish i have descibed clear about my problem and someone could give me a feedback~ -- thanks, bugzhu
Re: [PHP] session lost problem
On 24 Apr 2012, at 05:58, bug zhu wrote: there are tow php files a.php and b.php, content of a.php as follows: ?php session_start(); if (!isset($_GET['flag'])) { header('Location: b.php'); } else { var_dump($_SESSION); } content of b.php as follows: ?php session_start(); session_commit(); $_SESSION['test'] = 'test'; session_commit(); header('Location: a.php?flag=1'); when i visit a.php, the dumped $_SESSION array is empty but if i commented the first session_commit() in b.php and then visit a.php, i cound see the $_SESSION array,which is not empty i wish i have descibed clear about my problem and someone could give me a feedback~ I'm really not clear on what you're trying to do here, but the behaviour you're describing is as designed. When you call session_commit() you are saving and closing the session, so nothing done to $_SESSION after that point will be saved, even if you call session_commit() again. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session lost problem
Please don't top-post, and please include the list when replying. On 24 Apr 2012, at 06:35, bug zhu wrote: 2012/4/24 Stuart Dallas stu...@3ft9.com On 24 Apr 2012, at 05:58, bug zhu wrote: there are tow php files a.php and b.php, content of a.php as follows: ?php session_start(); if (!isset($_GET['flag'])) { header('Location: b.php'); } else { var_dump($_SESSION); } content of b.php as follows: ?php session_start(); session_commit(); $_SESSION['test'] = 'test'; session_commit(); header('Location: a.php?flag=1'); when i visit a.php, the dumped $_SESSION array is empty but if i commented the first session_commit() in b.php and then visit a.php, i cound see the $_SESSION array,which is not empty i wish i have descibed clear about my problem and someone could give me a feedback~ I'm really not clear on what you're trying to do here, but the behaviour you're describing is as designed. When you call session_commit() you are saving and closing the session, so nothing done to $_SESSION after that point will be saved, even if you call session_commit() again. but in a single file without redirect, code as follows ?php session_start(); session_commit(); $_SESSION['test'] = 'test'; session_commit(); var_dump($_SESSION); could dump the $_SESSION array. Yes, because $_SESSION is not special in any way other than that it's used by the session system; it's no more than a superglobal array. So within one request that array contains whatever you put into it, but that doesn't mean it is stored in whatever session storage mechanism you're using (files by default). When you redirect to another URL that's a whole new request so the contents of $_SESSION have to be loaded from the session storage. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php