[PHP] check browser communication
Hiya ! A little offtopic this question, but really important .. I need to check all the communication between my client PC and a server in the world wide web. Inlcuding all the header info and so on .. Would be a great help for developeing my script ... Could anybody of you suggest me something ? I am using IE6 and Opera 6 .. thx ! Cya ! Daniel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] check browser communication
Bogdan Stancescu [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What do you mean exactly? You want to be able to monitor (as in see) the data being transacted by your browser with the server or is it something else you're after? Bogdan Yeah, exactly ! I wanna view all the data coming from the server, and the data which is sent by the client. Is there any program who could show this ? The headers and so on ? Bcz the IE only shows the HTML file .. thx .. Cya ! Daniel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: index.php
I am not sure if this is the problem. but why don´t just do something like this: DirectoryIndex index.html index.php index.cgi Search the httpd.conf, there is surely already for the index.html ! ;) Ehm, yeah, and this is one is ordered in priority from the left to right .. Hope it helps ! Cya ! Caleb Carvalho [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, all the sudden my apache 1.3.22 is not showing my index.php page php-4.0.6, i have added the addtype .php inside httpd.conf not only that, i have also noticed that the ?php phpinfo(); ? is not working also, this is not displaying the test page, I am using netscape as a browser, do you guys know about any issue related to this? many thanks and happy x-mas/happy new year _ Join the world's largest e-mail service with MSN Hotmail. http://www.hotmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] is_dir and cache problem ...
Hiya !
I am working on a download script right now,
and I have a question about a part of my code:
do
{
$random_ID = rand(10,99);
$download_dir = $today $random_ID;
if (!@is_dir($download_dir))
mkdir($download_dir,0777);
}while(@!is_dir($download_dir));
So, I do this loop till the rand command generates a
ID which isn´t already in use ...
So I have now 2 calls of is_dir onto the same directory
in one loop. What do you think:
Do I need to use clearstatcache() or not ?
thx for any comments !
And Merry XMas !!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] is_dir and cache problem ...
thx for your help ! Since I am the only one who works on the whole server, it´s all my stuff :) Yeah, but the increasing of the random_ID is surely a good way .. Will check on that ! thx again ! :)) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: What do admins put in their open_basedir
Ehm ... I tried to do open_basedir within the .htaccess and own this file by root, so the user couldn´t change the settings. But yeah, that wasn´t the best solution, now I do within the Apache config file. A entry for a vhost looks like this: VirtualHost IPADRESS ServerAdmin [EMAIL PROTECTED] ServerName www.domain.com ServerAlias domain.com DocumentRoot /home/domain/public_html php_admin_value open_basedir /home/domain /VirtualHost Hope it helps ! Cya ! Daniel Marc Delisle [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I would like to know if sysadmins usually put . in their php.ini, open_basedir variable, or if they put some other directory, or both. The reason is that phpMyAdmin's dump uploads don't work well currently on a server with open_basedir, and I would try to code around the problem, if practical. Thanks. Marc Delisle phpMyAdmin dev. team -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Zend Accelerator
Does anybody know, when Zend plans to release a working Zend Accelerator version for PHP 4.1.0 ? Bcz we already think about buying this nice application, and we had the stuff already ruuning in evaluation mode, and I wanna test the new version of Zend Accelerator on PHP 4.1.0 before investing money into the license .. Thx for your help ! Daniel Urstöger -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: PHP 4.1.0 released
Just update PHP to v.4.1.0 about 10 mins ago
Worked pretty go so far ! :)
Will tell about loads soon .. But as far as I see, the load really dropped
...
Yeah, and waiting till Zend is bringing out a working version of Optimizer
for
that PHP version ! :)
cya !
Daniel
PS: thx for your affords !
Zeev Suraski [EMAIL PROTECTED] schrieb im Newsbeitrag
5.1.0.14.2.20011210234236.0516bec0@localhost">news:5.1.0.14.2.20011210234236.0516bec0@localhost...
After a lengthy QA process, PHP 4.1.0 is finally out. Download at
http://www.php.net/downloads.php !
PHP 4.1.0 includes several other key improvements:
- A new input interface for improved security (read below)
- Highly improved performance in general
- Revolutionary performance and stability improvements under Windows. The
multithreaded server modules under Windows (ISAPI, Apache, etc.) perform
as
much as 30 times faster under load! We want to thank Brett Brewer and his
team in Microsoft for working with us to improve PHP for Windows.
- Versioning support for extensions. Right now it's barely being used,
but
the infrastructure was put in place to support separate version numbers
for
different extensions. The negative side effect is that loading extensions
that were built against old versions of PHP will now result in a crash,
instead of in a nice clear message. Make sure you only use extensions
built with PHP 4.1.0.
- Turn-key output compression support
- *LOTS* of fixes and new functions
As some of you may notice, this version is quite historical, as it's the
first time in history we actually incremented the middle digit! :) The
two
key reasons for this unprecedented change were the new input interface,
and
the broken binary compatibility of modules due to the versioning support.
Following is a description of the new input mechanism. For a full list of
changes in PHP 4.1.0, scroll down to the end of this section.
---
SECURITY: NEW INPUT MECHANISM
First and foremost, it's important to stress that regardless of anything
you may read in the following lines, PHP 4.1.0 *supports* the old input
mechanisms from older versions. Old applications should go on working
fine
without modification!
Now that we have that behind us, let's move on :)
For various reasons, PHP setups which rely on register_globals being on
(i.e., on form, server and environment variables becoming a part of the
global namespace, automatically) are very often exploitable to various
degrees. For example, the piece of code:
?php
if (authenticate_user()) {
$authenticated = true;
}
...
?
May be exploitable, as remote users can simply pass on 'authenticated' as
a
form variable, and then even if authenticate_user() returns false,
$authenticated will actually be set to true. While this looks like a
simple example, in reality, quite a few PHP applications ended up being
exploitable by things related to this misfeature.
While it is quite possible to write secure code in PHP, we felt that the
fact that PHP makes it too easy to write insecure code was bad, and we've
decided to attempt a far-reaching change, and deprecate
register_globals. Obviously, because the vast majority of the PHP code in
the world relies on the existence of this feature, we have no plans to
actually remove it from PHP anytime in the foreseeable future, but we've
decided to encourage people to shut it off whenever possible.
To help users build PHP applications with register_globals being off,
we've
added several new special variables that can be used instead of the old
global variables. There are 7 new special arrays:
$_GET - contains form variables sent through GET
$_POST - contains form variables sent through POST
$_COOKIE - contains HTTP cookie variables
$_SERVER - contains server variables (e.g., REMOTE_ADDR)
$_ENV - contains the environment variables
$_REQUEST - a merge of the GET variables, POST variables and Cookie
variables. In other words - all the information that is coming from the
user, and that from a security point of view, cannot be trusted.
$_SESSION - contains HTTP variables registered by the session module
Now, other than the fact that these variables contain this special
information, they're also special in another way - they're automatically
global in any scope. This means that you can access them anywhere,
without
having to 'global' them first. For example:
function example1()
{
print $_GET[name]; // works, 'global $_GET;' is not necessary!
}
would work fine! We hope that this fact would ease the pain in migrating
old code to new code a bit, and we're confident it's going to make writing
new code easier. Another neat trick is that creating new entries in the
$_SESSION array will automatically register them as session variables, as
if you called session_register(). This trick is limited to the session
module only - for example, setting new entries in $_ENV will *not*
Re: [PHP] Costum Error Page
Thx ! It works, now I can code further ! Ashley M. Kirchner [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Daniel Urstöger wrote: How could I check, which file apache tried to access, and didn´t found ? That would be a pretty nice function for my PHP skript .. Check your REQUEST_URI variable. -- H | Life is the art of drawing without an eraser. - John Gardner + Ashley M. Kirchner mailto:[EMAIL PROTECTED] . 303.442.6410 x130 Director of Internet Operations / SysAdmin. 800.441.3873 x130 Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave, #6 http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Costum Error Page
Opps, sorry, I had a bug, now I have this problem: Browser is showing this URL: http://yourdomain.com/play/404.php and so the REQUEST_URI is: /play/404.php But I would need the requested file, before apache redirected to the 404.php Is this possible as well ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Costum Error Page
thx for your help .. But I cannot get this running .. Not with getenv nor with the variable itself :( Could you give me a short example ? Would really help me much ! :) thx and cya ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Costum Error Page
Thx ! The one with the phpinfo was a nice tip .. But yeah, I didn´t found the stuff I wanted either .. But now, I already coded a work around :) Seems to work pretty fine ! :) cya ! and thanks for your help ! Andrew Brampton [EMAIL PROTECTED] schrieb im Newsbeitrag 003801c1801a$26faa4f0$2528260a@STUDENT5830">news:003801c1801a$26faa4f0$2528260a@STUDENT5830... how about you make a phpInfo() page, and set that as 404 error, then you can find the correct variable to use :) Andrew - Original Message - From: Daniel Urstöger [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, December 08, 2001 12:43 PM Subject: Re: [PHP] Costum Error Page thx for your help .. But I cannot get this running .. Not with getenv nor with the variable itself :( Could you give me a short example ? Would really help me much ! :) thx and cya ... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Costum Error Page
Hi ! I hope you can help me with that problem :) I have created a costum error page, and this one is working really fine, already. Was quite easy, but the problem I have now: Somebody trys to access the file: iamnothere.html The requests, doesn´t find the file, so apache redirects the request to my costum error page. I can check http referer, and such stuff, BUT: How could I check, which file apache tried to access, and didn´t found ? That would be a pretty nice function for my PHP skript .. Thx for your help ! cya ! Daniel Urstöger WebMaster @ cdrsoft.info -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
