On Mon, Apr 6, 2009 at 12:47 AM, Brian Williams wrote:
> and if the text isn't passed with double quotes?
> if his code had read:
>
> error_log(__FUNCTION__ . "($username): called.", 3, $log_file);
>
> I wouldn't have made any comment at all.
>
> If the backticked code were not in double quotes it
On Sun, Apr 5, 2009 at 11:17 PM, Michael B Allen wrote:
> On Sun, Apr 5, 2009 at 9:06 PM, Brian Williams
> wrote:
> > phpinfo() pish...
> >
> >
> > $user_input = "`rm -Rf /`"
> >
> > nuff said.
> >
> > in case it wasn't - backticks are basically the short cut to get PHP to
> > execute something
On Sun, Apr 5, 2009 at 9:06 PM, Brian Williams wrote:
> phpinfo() pish...
>
>
> $user_input = "`rm -Rf /`"
>
> nuff said.
>
> in case it wasn't - backticks are basically the short cut to get PHP to
> execute something on the command line.
I don't understand how this has any impact on the OP's cod
Konstantin Rozinov wrote:
Hey guys,
I have a question about logging messages.
Is it safe to log unsanitized, unvalidated user-inputted data into a logfile?
It all depends on how paranoid you are.
Strange text can be toxic to any of the software that processes your
logfiles. For ins
phpinfo() pish...
$user_input = "`rm -Rf /`"
nuff said.
in case it wasn't - backticks are basically the short cut to get PHP to
execute something on the command line.
*always *check incoming user data.
On Sun, Apr 5, 2009 at 8:56 PM, Konstantin Rozinov wrote:
> Hey guys,
>
> I have a quest
Hey guys,
I have a question about logging messages.
Is it safe to log unsanitized, unvalidated user-inputted data into a logfile?
For example, if I have a function called check_username(), which
checks that the username only consists of A-Za-z0-9, is it safe to
have check_username() write to a l
Corey,
Are you on a unix based machine? Is that script really local?
Try
shell_exec('/path/to/s3uploader.php &');
instead of fopen.
The ampersand will get it to return without waiting for the upload
script to finish.
On Apr 5, 2009, at 6:16 PM, Daniel Convissor > wrote:
Hi Corey:
On Sun
Hi Corey:
On Sun, Apr 05, 2009 at 04:28:20PM -0400, Corey H Maass - gelform.com wrote:
>
> set_time_limit(1);
set_time_limit() works for your PHP code. Streams, in a way, are outside
your PHP code.
> $handle = fopen("http://localhost/s3uploader.php";, "r");
> stream_set_timeout($handle, 1);
Nope - by specifying ignore_user_abort(true); in the uploader script,
the uploader script will continue after the launcher exits.
On Sun, 5 Apr 2009 16:54:36 -0400 (EDT), "Ajai Khattri"
said:
> On Sun, 5 Apr 2009, Corey H Maass - gelform.com wrote:
>
> > I want it to call the other script (the u
On Sun, 5 Apr 2009, Corey H Maass - gelform.com wrote:
> I want it to call the other script (the uploader) and then stop. So I'm
> setting it to timeout after one second on purpose to make sure it won't
> keep running.
Unless you're running it in a separate thread, won't the script die when
the
I want it to call the other script (the uploader) and then stop. So I'm
setting it to timeout after one second on purpose to make sure it won't
keep running.
On Sun, 5 Apr 2009 16:46:41 -0400, "Darryle Steplight"
said:
> set_time_limit(1);
> in that line you are setting the time limit to one seco
set_time_limit(1);
in that line you are setting the time limit to one second. You should
make this number a lot higher. set_time_limit(60) if you want to set
the time limit to 60 seconds.
Also, you just might be running out of memory so try increasing your
script's memory usage. ini_set(ā€¯memory_
Hey, folks. I've got a script that uploads a file from my server to
Amazon's S3. It works fine, and I'm using ignore_user_abort(true) so
that I can call it, but don't have to wait for the response. Great. Now
I am trying to create the file that will call the uploader and then die.
It basically look
13 matches
Mail list logo
