Re: [PHP] How to ask "if private IP"?
Below is a quick example. This isn't the best way to do it, just
another way. I personally would convert them to integers then compare
instead of doing it the way I'm doing it below.
= "10.0.0.0") && ($ip <= "10.255.255.255")) ||
(($ip >= "192.168.0.0") && ($ip <= "192.168.255.255")) ||
(($ip >= "172.16.0.0") && ($ip <= "172.31.255.255")) ) {
return true;
}
return false;
}
if (privateIP("192.168.1.1")) {
print "hmm";
}
?>
William Betts
http://www.phpbakery.com
On Nov 26, 2007 6:08 AM, Jochem Maas <[EMAIL PROTECTED]> wrote:
> Ronald, I really dont care if my email doesn't reach you, making normal
> people jump
> through hoops because you want to avoid spam is not the right way to do
> things,
> next time I'll remember not to answer your questions as your not going to
> ['be able to'] read my answers:
>
>
> This message was created automatically by mail delivery software (TMDA).
>
> Your message attached below is being held because the address
> <[EMAIL PROTECTED]> has not been verified.
>
> To release your message for delivery, please send an empty message
> to the following address, or use your mailer's "Reply" feature.
>
>[EMAIL PROTECTED]
>
> This confirmation verifies that your message is legitimate and not
> junk-mail. You should only have to confirm your address once.
>
> If you do not respond to this confirmation request within 14 days,
> your message will not be delivered.
>
>
>
>
> Jochem Maas wrote:
> > Ronald Wiplinger wrote:
> >> I use $aa=$_SERVER["REMOTE_ADDR"];
> >>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] IDE
Have you ever used Zend Studio? If so how does it compare to PhpED? On Nov 16, 2007 5:37 AM, Arno Kuhl <[EMAIL PROTECTED]> wrote: > > > -Original Message- > From: David Giragosian [mailto:[EMAIL PROTECTED] > Sent: 16 November 2007 05:21 > To: php-general@lists.php.net > Subject: Re: [PHP] IDE > > On 11/15/07, Jammer <[EMAIL PROTECTED]> wrote: > > > > Børge Holen wrote: > > > On Thursday 15 November 2007 21:35:04 Jammer wrote: > > >> Hi All, > > >> > > >> This is my first post here ... I'm very much a newbie to php but > > >> work during the day using SQL Server, VS2005 and Foxpro. Looking > > >> to gen up on my PHP. > > >> > > >> Are there any IDE's for PHP worth checking out. Particularly free > > ones! > > >> > > >> TIA, > > >> > > >> -- > > >> jammer > > >> www.jammer.biz > > > > > > I LOVE this IDE quiz' > > > the same answers everytime. > > > > duh! > > > > look, i'm really sorry everyone ... we all make mistakes! > > > > if this is a question that comes up as often as it appears from the > > responses this thread has generated maybe the FAQ needs to *really* > > address that? > > > > http://uk3.php.net/FAQ.php > > > > -- > > jammer > > > It's OK. I think there's been a long thread on the subject each of the last > two weeks. The folks who are really passionate about their IDE's jump in > first, then those less motivated or less interested add theirs, then it > seems to die for a day or so before it rises from the ashes to sputter and > hiccup a time or two. And then it starts all over, again. > > If you stick around long enough on this list, you'll be fussin' at the > question, too. > > David > -- > > I think jammer's idea is a good one. I've been lurking on this list for > years and seen many resurrections of the IDE thread. It's an important > thread, and the PHP IDE world is ever changing and new products come onto > the scene every now and then. I use my favourite commercial IDE but quite > frequently check out the other IDE's mentioned in those threads, mostly to > confirm the choice I made 4 years ago is still the right one. A > well-maintained list of free and commercial PHP IDE's on the php.net site > would be a great idea, especially if it also had links to reviews, and also > included the mix-n-match IDE's I see some people on the list use. And/or > maybe a forum on php.net dedicated to PHP IDE's, with user polls. Then > whenever the IDE thread pops up the response would be to look at the web > site (RTFWS). The only downside might be the resources to run it. > > BTW jammer, if you start using php for big projects I'd recommend NuSphere > PhpED, but it's overkill if you just want to dabble. There's a trial version > if you want to check it out, and a good tip is they drop the price every now > and then for promotions (wish I knew that 4 years ago). > > Arno > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: file_exists
It could present a problem depending on how the permissions are setup
on the shared hosting and if open_base is in effect.
If they can get the /etc/shadow file from a php being ran by apache
then you have an issue, because apache would be
running as root. Take the below example.
include('templates/".$_GET['page'].".php);
Even if you had the ability to include remote files turned on you
wouldn't be able to pull one. What you can do is pull anything
the webserver is allowed to view (ie /etc/passwd). While that doesn't
contain any passwords it lets people know valid system
logins. You can get the contents to dump by using
www.somehost.com/index.php?page=../../../../../../../../../etc/passwd%00
The %00 is what you call a null terminator. This will drop anything
that's add after it. I hope this helps.
William Betts
On Nov 15, 2007 4:03 PM, Instruct ICC <[EMAIL PROTECTED]> wrote:
>
> > > I think file_exists returns false for remote files ;)
> >
> > Even if it did (it doesn't:
> > http://uk3.php.net/manual/en/wrappers.ftp.php), I'd still rather not let
> > someone steal my /etc/passwd or /etc/shadow etc. files.
> >
> > As I said before. Some form of regexp or similar restriction is 100%
> > necessary before trusting untrustworthy data.
> >
> > Col
>
> 1 test I did confirmed the "false" for the remote files.
>
> How about that shared host hack attempt? Does that present a problem for
> shared hosts?
>
> This should be my last post to this list from hotmail. Hopefully I'll see
> you all nicely threaded with gmail. That's where I keep my other lists
> anyway.
>
>
> _
> Help yourself to FREE treats served up daily at the Messenger Café. Stop by
> today.
> http://www.cafemessenger.com/info/info_sweetstuff2.html?ocid=TXT_TAGLM_OctWLtagline
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Gmail Account Invites (Want One?)
Great with the times. :P It's not invite anymore. On Nov 15, 2007 3:40 PM, Daniel Brown <[EMAIL PROTECTED]> wrote: > I know a good deal of us here are already using Gmail accounts, > but if you're not one of us and would like to be, let me know. I > still have 95 invites left, and whomever would like one is more than > welcome to it. > > If you're not familiar with Gmail, check out the site at > http://www.gmail.com/. Great threading, something like 4BG (and > counting) of space, and by far the absolute BEST SPAM filter I've ever > worked with. Plus a lot more, including integration with Google Docs, > et cetera. > > Just let me know and I'll send you an invite so you can create an account. > > -- > Daniel P. Brown > [office] (570-) 587-7080 Ext. 272 > [mobile] (570-) 766-8107 > > If at first you don't succeed, stick to what you know best so that you > can make enough money to pay someone else to do it for you. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] IDE
I like Zend Studio. www.zend.com. William Betts On Nov 15, 2007 2:35 PM, Jammer <[EMAIL PROTECTED]> wrote: > Hi All, > > This is my first post here ... I'm very much a newbie to php but work > during the day using SQL Server, VS2005 and Foxpro. Looking to gen up > on my PHP. > > Are there any IDE's for PHP worth checking out. Particularly free ones! > > TIA, > > -- > jammer > www.jammer.biz > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] file_exists
Ronald Wiplinger wrote:
Stut wrote:
Philip Thompson wrote:
I've run into similar problems where I *thought* I was looking in the
correct location... but I wasn't. Take this for example
I really hope this is not a piece of production code. If it is then
you might want to think very hard about what it's doing. If you still
can't see a problem let me know!
Ok, I let you know! I don't see it!
I tried the full path like:
if (file_exists('/srv/www///htdocs/images/pic412.jpg')) {
echo "";
} else {
echo " " //display space to make a table happy
if picture is missing!
}
I also tried it with that line:
if (file_exists('/images/pic412.jpg')) {
or that line:
if (file_exists('images/pic412.jpg')) {
Basically I just want to avoid to show a "missing picture" ! If there is
another solution for that problem I am happy too.
bye
Ronald
I believe Stut was referring to the RFI vulnerability in that example
not your ability to see the problem. Go to the web page that you're
having the issue with and look at the page source
from the browser. Find the img tag and see what is src="" and try to
goto that file in your browser. Also can you use a pastebin and post
your code and give his the url to the site in
question?
William Betts
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie question - current date - time
Hello, Use the date function http://us3.php.net/date. Regards, William Betts [EMAIL PROTECTED] wrote: Hi Folks, Newbie question : - how do I get and display the current date? - how do I get and display the current time? I see the getdate function - but I'm not sure if this is the right function or how to display it http://www.php.net/manual/en/function.getdate.php -- Thanks - RevDave Cool @ hosting4days . com [db-lists] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
