Hi all,
My server was hacked last week and the message displayed on home page was
spy kidz owns your server. I researched on internet and found that this is
some kind of trojan which infects the *.index files. It penetrate from HTTP.
Some paople were saying that there is vulnerability in PHP.
Shafiq Rehman wrote:
My server was hacked last week and the message displayed on home page was
spy kidz owns your server. I researched on internet and found that this is
some kind of trojan which infects the *.index files. It penetrate from HTTP.
Some paople were saying that there is
Shafiq Rehman wrote:
My server was hacked last week and the message displayed on home page was
spy kidz owns your server. I researched on internet and found that this is
some kind of trojan which infects the *.index files. It penetrate from HTTP.
Some paople were saying that there is
Hello,
I have a some colorful pictures, Would like to add white text with black
background around the white text...
I can add the text fine but could figure out how to add black background..
$textcolor = imagecolorallocate($destimg, 255, 255, 255);
imagestring($destimg, 3, 10, 10, test text,
Hi all,
Thanx to all of you. My server is running on Linux and there is not any
phpbb running on it. If vulnerability is in my code.. Is there any way that
I can find the buggy code on my server which allowed that trojan to write
into all the index files.
I analyzed the apache logs but did
Shafiq Rehman wrote:
Thanx to all of you. My server is running on Linux and there is not any
phpbb running on it. If vulnerability is in my code.. Is there any way that
I can find the buggy code on my server which allowed that trojan to write
into all the index files.
To start with, take a
Hi,
I have a script which works fine for many users, but for some it doesn't.
I've been able to narrow it down to the imap_open-Command which just hangs
'forever'. I have verified that the imap-extensions are available, but other
than that I have no ideas what's going on there, why it would not
Michael Baas wrote:
Hi,
I have a script which works fine for many users, but for some it doesn't.
I've been able to narrow it down to the imap_open-Command which just hangs
'forever'. I have verified that the imap-extensions are available, but other
than that I have no ideas what's going on
Thanks Buran,
1. Connection is timing out, and the time limit expired.
We're only connecting to locahost here, sorry, forgot to mention.
2. Firewall is blocking connections
The ISP claims to support imap_open for POP3 and ISP, so I would expect him
to have sorted that one out.
Other
Like Clint, I definitely recommend Mambo. Or, to be precise: the CMS
formerly known as Mambo. Recently a split has happened between the
core-developers who will continue to develop the system (with much support
from the community) - see the new website at
http://www.opensourcematters.org/ - and
Zachary Kessin wrote:
I am about to start on a project that seems like it would be right for
a CMS system. It will be about 80% rather boring stuff with about 20%
custom database work. I have looked at XOOPS and a few others. However
I can not seem to find one rather important thing about
Zachary Kessin wrote:
I am about to start on a project that seems like it would be right for
a CMS system. It will be about 80% rather boring stuff with about 20%
custom database work. I have looked at XOOPS and a few others. However
I can not seem to find one rather important thing about
Thanks Buran,
..and apologies for mis-spelling your name, Burhan ;)
Michael
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hey Michael,
Visit the site for excellent open source CMS http://www.ez.no
Regards
--
*** phpgurru.com http://phpgurru.com [A php resource provider] ***
\\\|///
\\ - - //
( @ @ ) PHP is too logical for my brain
+---oOOo-(_)-oOOo--+
| Mian Shafiq ur
Thanks for all your help.
Problem was that Up2date had installed php 4.3.2 onto our server and
compiled no support for MySQL
into Apache.
I was getting no error messages, so it was only when I saw phpinfo()
that I realised that the version had changed.
Alex.
On Mon, 22 Aug 2005 10:55:06
On 8/22/05, Shafiq Rehman [EMAIL PROTECTED] wrote:
Hi all,
Thanx to all of you. My server is running on Linux and there is not any
phpbb running on it. If vulnerability is in my code.. Is there any way that
I can find the buggy code on my server which allowed that trojan to write
into all
[snip]
This is my script
header(Content-type: image/png);
$string = 'hello';
$im= imagecreatefrompng(images/button1.png);
$orange = imagecolorallocate($im, 220, 210, 60);
$px= (imagesx($im) - 7.5 * strlen($string)) / 2;
imagestring($im, 3, $px, 9, $string, $orange);
imagepng($im);
Ave,
I have a table with one of the fields ³hired² having either of 3 values:
YES, NO, NULL
My application provides the administrator with all the records in the table
and I need to give him the ability to change the status of ³hired² to either
of the three values.
Previously I was using a
I have a problem that I'm sure some of you have run into before,
therefore I hope you all know of an easy solution. Some of my users
are cutting and pasting text from Word into text fields that are being
saved into a database then from that database being displayed on a web
page. The problem
Ave,
I guess the last query I tried was simply updating the database with the
value of the Hired form field:
$sql = UPDATE contactdata SET hired='$hired' WHERE ID='$thisID';
$result = mysql_query($sql) or DIE(Fatal Error: .mysql_error());
I've tried using an array and running the
[snip]
I guess the last query I tried was simply updating the database with the
value of the Hired form field:
$sql = UPDATE contactdata SET hired='$hired' WHERE ID='$thisID';
$result = mysql_query($sql) or DIE(Fatal Error: .mysql_error());
I've tried using an array and running the
Hi,
i am trying this out of curiosity and get sme errors
My gd extension is set up in the correct folder.
This is my script
header(Content-type: image/png);
$string = 'hello';
$im= imagecreatefrompng(images/button1.png);
$orange = imagecolorallocate($im, 220, 210, 60);
$px=
[snip]
I have a problem that I'm sure some of you have run into before,
therefore I hope you all know of an easy solution. Some of my users
are cutting and pasting text from Word into text fields that are being
saved into a database then from that database being displayed on a web
page. The
Ave,
register_globals are On.
I think the problem lies in the fact that I'm trying to update multiple rows
in the table, I'm not sure that my query with the UPDATE statement is
updating all the rows with what is being set in the value of the Form Field.
I'm not sure.
On 8/22/05 9:39 AM, Jay
snip
If you
don't have the ability to do this yourself, you can hire
someone to do a code audit for you. Chris Shiflett (brainbulb.com) I
believe provides this service.
/snip
Chris is a dude who has helped me and a lot of others dozens of times on
this list as he
is a regular contributer to
I agree, you must be careful of SQL injection... use
mysql_real_escape_string().
To chop off the last character of text use substr():
$sqlstruct = substr($sqlstruct, 0, -1);
Jordan
http://www.php.net/substr
Example 3. Using a negative length
?php
$rest = substr(abcdef, 0, -1); // returns
[snip]
register_globals are On.
I think the problem lies in the fact that I'm trying to update multiple
rows
in the table, I'm not sure that my query with the UPDATE statement is
updating all the rows with what is being set in the value of the Form
Field.
I'm not sure.
[/snip]
Echo the query
Or phpinfo()
-Original Message-
From: Greg Donald [mailto:[EMAIL PROTECTED]
Sent: Domingo, 21 de Agosto de 2005 06:15 a.m.
To: php-general@lists.php.net
Subject: Re: [PHP] how to know when a php library is installed
On 8/21/05, Lizet Pena de Sola [EMAIL PROTECTED] wrote:
I need to
[snip]
input type=hidden name=thisID value=?php echo
$row_tjContactFormData['ID']; ?
SELECT name=hired
option value=YES ?php
if($row_tjContactFormData['hired']==YES) { echo Selected; }
?YES/option
option value=NO ?php if($row_tjContactFormData['hired']==NO)
Thanks for the reply.
I would imagine there are a lot of special html characters that would
need to be changed using regex. Therefore, spending my time making a
regex to find a replace each one of them isn't a good way to spend my
time or even if I did go that route I'm sure it's uses too
by the way, you probably don't want to do the conversion *inbound* to
the database. rather, store the original and do the conversion outbound
- specific and appropriate for the output display.
if you do it inbound you'll have the html encodings (rather than the
actual (special) characters)
Hi,
Here are two routines for your problem.
function htmlentities2($myHTML) {
$translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
$translation_table[chr(38)] = '';
return preg_replace(/(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/,amp; ,
strtr($myHTML, $translation_table));
}
Did you try html_entity_decode?
http://us2.php.net/html_entity_decode
You may want to combine this with mysql_real_escape_string()...?
Jordan
On Aug 22, 2005, at 8:29 AM, Jay Paulson wrote:
I have a problem that I'm sure some of you have run into before,
therefore I hope you all know of
What do you guys use for load testing forms? I've just been opening
seperate
windows, navigating to the form, filling out the form on all windows and
hitting
the submit button at the same time. After about 15 or so windows, it
starts to
become a bit cumbersom. Do you guys load test? What do
The Windows binaries are available at:
http://downloads.php.net/edink/php-5.0.5RC1-Win32.zip
http://downloads.php.net/edink/pecl-5.0.5RC1-Win32.zip
Edin
Zeev Suraski wrote:
By popular demand, you can now get these binaries at
http://downloads.php.net/zeev/php-5.0.5RC1.tar.gz
On 8/22/05, Chris Boget [EMAIL PROTECTED] wrote:
What do you guys use for load testing forms? I've just been opening
seperate
windows, navigating to the form, filling out the form on all windows and
hitting
the submit button at the same time. After about 15 or so windows, it
starts to
On 8/22/05, Ryan A [EMAIL PROTECTED] wrote:
snip
If you
don't have the ability to do this yourself, you can hire
someone to do a code audit for you. Chris Shiflett (brainbulb.com) I
believe provides this service.
/snip
Chris is a dude who has helped me and a lot of others dozens of
On 8/22/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Sat, August 20, 2005 5:00 am, John Nichel wrote:
Personally, I have never used \\ in PCRE when looking for things like
spaces (\s), word boundraries (\b), etc. and it's all worked out fine.
Personally, {
I
} have
never {
used
You might also scan your machine (and/or network) with something such
as nessus, or another vulnerability scanner
--
Chris Martin
Web Developer
Open Source Web Standards Advocate
http://www.chriscodes.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
Could u show me ur source code?
sangram [EMAIL PROTECTED]
??:[EMAIL PROTECTED]
Hi,
i had uploaded the com application on win2003 server with word 2003
installed.It runs perfect The traffic of word files increases or other
reasons the following message starts displaying.
Warning:
Showing your code might be useful but taking a shot in the dark here, I'm
guessing that after a while, you have too many instances of Word still
instantiated.
I remember there being an issue when using COM where the application wouldn't
quit properly.
Try using $appinst-Quit() as well as
Hello,
I'm working on a downbload script which serves M3U
files (Winamp playlist files) through a PHP file
like this :
somepath/download.m3u.php?id=2
Then in the PHP script I generate the M3U file, and
serve up the headers I want. Swell so far, but a
little problem appears.
The downloads are
I have a database with two tables. One is a table of events and the
other is a table of locations. I'm creating a google map with the
table of locations and would like to list the events at each place.
I'm using mambo and the following query to get the data...
$query2 = SELECT
Quoting Rick Emery [EMAIL PROTECTED]:
My employer has (finally) decided to take full advantage of our
intranet, and wants to move from client-server applications to
web-based applications.
[snipped]
Any input would be greatly appreciated. Opinions are welcome
(especially from programmers
[snip]
Anybody care to provide words of wisdom to me before I meet with her? I
hate doing this, as I'm sure everybody has better things to do, but I
*really* want to sell PHP.
[/snip]
6. When to Use PHP
[snip]
How much control will you have over the deployment platform? PHP's
one-size-fits-all
On Mon, 2005-08-22 at 14:16, Rick Emery wrote:
http://www.ukuug.org/events/linux2002/papers/html/php/#section_6
Wow, that sure is a crock of FUD bullshit. I'll answer in order of
appearance, I don't want to quote in case of copyright issues.
1. Most interesting settings in php.ini can be set
On Mon, 2005-08-22 at 14:51, Alan Fullmer wrote:
So pardon me butting in on this conversation..
I was completely unaware that you were able to do separate php.ini files.
I did know you could do things through htaccess, etc. Is there a way to do
this separately in http.conf? with
On Mon, 2005-08-22 at 14:16, Rick Emery wrote:
I read the following article and I wanted your feedback on it.
http://www.ukuug.org/events/linux2002/papers/html/php/#section_6. I
Just another small comment on this... It's interesting to note that the
author headlines the specific section as
Ave,
Solved it!
Echoing the results out instead of trying out Queries really helped. What I
was basically doing wrong was, I did create an Array for the Values, but I
needed to also create an Array for the ID's for each records, which I
hadn't.
This is the code I used for generating the Select
the CMS formerly known as Mambo
Yeah, I was reading about that last night... Interesting stuff lol
Interesting future ahead as well.
- Clint
Hi People,
I want to use a PHP script to pass through a file to the browser [ right
after some processing ].
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Is fpassthrough the right choice?
maybe virtual, so it won't go through php but
I've been coding in PHP since version 3 and I actually sold a
telecommunications company to use it for their HUGE intranet back in
2000 (right before they went out of business in North America). They
wanted to use Java and I talked them out of it for the simple fact that
PHP was so easy to
Hi John,
//[snip]
You probably want to move into the relm of array's. For each one of your
checkboxes, you can do this...
input type=checkbox name=InterestedNumber[] value=1-877-HOMECASH
/[/snip]
I did look up ARRAY. I just didn't understand how I can insert a
I'm authoring a web app, and I want to use some AJAX functionality.
The users log in via PHP, and they are verified page to page by a
session variable (which stores their username).
I want to write some PHP that alters a database, but I want to be sure
that only authorized users can access the
=
Please feel free to add more points and send to the list.
20050322jb - Note the new location of PHP Editors list.
=
1. If you have any queries/problems about PHP try
I solved the problem after a while, seems it had been
reacently debated in the bug pages within php, to remove
headers which are added by the session_start(); you can
add the following :
ini_set('session.use_cookies', false);
session_cache_limiter('');
Kind regards,
Kim Steinhaug
- - - - - - -
I have done this quite a few times lately, you shouldn't
worry. Just have your session_start() and login security
on the pages that you access with javascript aswell, they
will have the same security as any other page.
The sessionID is used for all requests to the server
from the webbrowser,
Assuming that you are running a web app then, I concour with Richard.
If however you are talking about a client in a more traditional sense,
in that you have a specific client application, then that client
application could get the computers hard disk, in the same way as any
other application
Rick Emery [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Quoting Rick Emery [EMAIL PROTECTED]:
My employer has (finally) decided to take full advantage of our intranet,
and wants to move from client-server applications to web-based
applications.
[snipped]
Any input would be
[snip]
...tons of good stuff...
[/snip]
As long as we are doing stats;
tblClass10 187,607,026 MyISAM 54.4 GB
tblClass11 293,357,128 MyISAM 136.0 GB
20 table(s) Sum 500,681,774 --202.4 GB
This is fun, on a BSD box, w/dual Xeon processors...ALL report handling
Richard Lynch wrote:
On Sun, August 21, 2005 3:04 pm, Murray @ PlanetThoughtful wrote:
I have a series of thumbnails on my site of photos I've taken that are
all
150px in width, but of variable height. I want to randomly display one
of
the thumbnails each time the home page of my site is loaded
This one time, at band camp, Evert | Rooftop [EMAIL PROTECTED] wrote:
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Why not?
Kevin
--
Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb
Dan Trainor wrote:
Would the abovementioned use of ForceType also allow one to produce an
image given an HTTP GET query? I was tinkering around with something in
the past where I wanted to implement something such as:
img src=http://example.com/myscript.php?site=1image=2something=3;
Would
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Why not?
My guess would be because file_get_contents returns the contents as a
string. So if 'myfile' is 100mb, you're going to have to allocate 100mb
of memory to store that string while
Jasper Bryant-Greene wrote:
Dan Trainor wrote:
Would the abovementioned use of ForceType also allow one to produce an
image given an HTTP GET query? I was tinkering around with something in
the past where I wanted to implement something such as:
img
This one time, at band camp, Philip Hallstrom [EMAIL PROTECTED] wrote:
My guess would be because file_get_contents returns the contents as a
string. So if 'myfile' is 100mb, you're going to have to allocate 100mb
of memory to store that string while echo() spits it back out.
But I'm just
Kevin Waterson wrote:
This one time, at band camp, Philip Hallstrom [EMAIL PROTECTED] wrote:
My guess would be because file_get_contents returns the contents as a
string. So if 'myfile' is 100mb, you're going to have to allocate 100mb
of memory to store that string while echo() spits it
I had a foreach loop working on an array as such:
$multiarray = array(array('person','person'),array('another','another'))
the array was put through
foreach($multiarray as $subArray){
do something with array
}
on each loop I would see $subArray= array([0] = 'person',[1] = 'person')
and then
I found that the only way to get the function to behave is to add the
key...
foreach($multiarray as $key=$subArray)
Now it displays as it previously did where $subArray is concerned. Is
there something I'm missing here? Was I the only person not using
keys?
On Mon, 2005-08-22 at 21:28, Larry
Hi,
I have a large string that I need to send to a script that creates an
image.
eg img
src='createimage.php?wp=321,43,23,12,43,12,342,54,765,87,3,23,etc etc
etc
Until now this hasnt been a problem just putting the data in the URL,
but now Im faced with a string that is over 3000
Dean Maunder wrote:
Hi,
I have a large string that I need to send to a script that creates an
image.
eg img
src='createimage.php?wp=321,43,23,12,43,12,342,54,765,87,3,23,etc etc
etc
Until now this hasnt been a problem just putting the data in the URL,
but now Im faced with a string that is over
On Mon, August 22, 2005 2:32 pm, Dan Trainor wrote:
Would the abovementioned use of ForceType also allow one to produce an
image given an HTTP GET query? I was tinkering around with something
in
the past where I wanted to implement something such as:
img
72 matches
Mail list logo
