Thanks for both suggestions.
On Sat, Aug 1, 2009 at 10:02 PM, John Campbell wrote:
> On Sat, Aug 1, 2009 at 3:35 AM, Konstantin Rozinov wrote:
>
>> Any ideas, comments, or suggestions would be greatly welcomed!
>
> For improved security, you should not do:
>
>>
pingsorry just wanted to see one last time if anyone had any
suggestions/ideas?
On Sat, Aug 1, 2009 at 3:35 AM, Konstantin Rozinov wrote:
> Hey guys,
>
> Anyone doing session validation between HTTP requests? I know that
> the HTTP headers can all be changed and spoofed, but fo
Hey guys,
Anyone doing session validation between HTTP requests? I know that
the HTTP headers can all be changed and spoofed, but for legitimate
users, I expect the HTTP headers I'm using below to NOT change between
requests, during the same session.
I've been looking into this lately, but ran a
Hey guys,
I'm trying to run the same php script via the command line interface
on several remote servers.
I'd like to do it securely preferably over ssh. Right now, I'm using
the ssh2 class from php, but getting very inconsistent results
(sometimes the script runs, sometimes it doesn't via ssh2_e
apc_compile_file() seems to only work if you run it via the webserver.
If you try to run it via the command line, it will fail.
In other words, I have a script that apc_compile_file() a file that
changes often. Calling that script from the command line fails to
update the cached version. Calling
Ah yes! I should've been more careful reading the documentation.
Thanks for the tip!
Konstantin
On Fri, Jul 17, 2009 at 2:23 PM, Eddie Drapkin wrote:
> On Fri, Jul 17, 2009 at 1:47 PM, Konstantin Rozinov wrote:
>> Hey guys,
>>
>> Just a follow-up question about APC.
&
Hey guys,
Just a follow-up question about APC.
In production, I have apc.stat set to 0, so files aren't stat()ed
everytime they're accessed for improved performance.
Is it possible to have APC just re-stat() a single configuration file
if I made some changes to it (without setting apc.stat to 0
If you're installing linux packages/apps into /usr/local, which is
most common, it's highly recommended to use gnu stow to manage them.
I create /usr/local/stow dirinstall all my linux packages there
(apache, php, mysql, etc)...and then do a simple `stow -v
package_dir/` from /usr/local/stow.
On Thu, Jun 25, 2009 at 6:04 PM, John Campbell wrote:
> On Thu, Jun 25, 2009 at 5:44 PM, Eddie Drapkin wrote:
>> Wait, are you advocating //against// prepared statements?
>
> Not at all, but when using mysql, you should emulate them. I am
> actually all for "prepared" style queries, if I ever see
You should place all of your PHP code that validates/redirects in the
beginning of the HTML/PHP file, BEFORE any HTML is spit out.
...
On Thu, Jun 11, 2009 at 7:31 PM, tu...@netzero.net wrote:
> Hi everybody!
>
> I need help in redirecting my link to a different page within my website. I
>
http://code.google.com/p/parsecsv-for-php/
I've used it before...it's pretty good, but had some minor issues,
which may have been fixed in later versions.
On Mon, Jun 8, 2009 at 9:34 AM, Damion Hankejh (ingk) wrote:
> Greetings,
>
> Any recommendations for a class to handle CSV files? Import CS
gt; -- Mitch
>
> On Tue, Jun 2, 2009 at 6:49 PM, Konstantin Rozinov wrote:
>> Thanks guys for the info and links. I will check out akismet and Disqus.
>>
>> I also found this article, which was a simple explanation of some
>> techniques using hidden fields:
>>
Thanks guys for the info and links. I will check out akismet and Disqus.
I also found this article, which was a simple explanation of some
techniques using hidden fields:
http://www.rustylime.com/show_article.php?id=676
I'll let you all know if I find anything interesting regarding this topic.
Hi guys,
I'm interested in hearing what kind of classes, packages, solutions
the professionals on this list use to protect their sites against spam
in relation to comments.
For example, users commenting on other user's pages like Facebook or
any social networking site.
I am not using WordPress, D
Paul,
I would be interested in looking at the code of the class too, just to
see how something like that works.
Thanks
Konstantin
On Fri, May 22, 2009 at 2:29 PM, Paul McGrane wrote:
> Aaron:
>
> I have one...but need to dig it up...ping me off list if you are interested.
>
> BTW...does your d
1. Ubuntu
2. localhost
3. UltraEdit, but will be moving to Eclipse+PDT+Subversive (thanks to this
thread)
4. SVN
5. Zend Debugger, and the standard echos, print_r, error_log
On Wed, May 6, 2009 at 10:47 AM, Joelle Tegwen wrote:
> 1 Ubuntu - upgrading to Jaunty today. :)
> 2 localhost with separ
On Thu, Apr 23, 2009 at 12:51 PM, Hans Zaunere wrote:
>
> What I'd really like is a way to "statically link" a PHP application.
> While
> this is somewhat possible today, PHP's dynamic nature makes this difficult
> to fully realize. For example, it can be cumbersome on the developer to
> check
I think this may have been mentioned in the presentation, but one way to
improve performance is to use an opcode cache like APC (with the stat check
turned off) so that the included files don't have to be recompiled every
single time. The compilation of and the *stat() calls for the included
files
> it's ok to receive garbage. Just don't send garbage. This leads me
> back to the OP's question of "do I need to validate user input that is
> written to a log file?". The answer is no but you do need to escape
> (or rather remove, truncate or flatten) anything that you don't want
> to end up bein
ted. It is treated as a string.
Only if I process the logfile with php -f will the code in
(2) actually execute.
The code in (1) won't even run since it's outside the tags,
but that's a minor point.
Paul raises a good question about log processing software that might
interpret and ru
Hey guys,
I have a question about logging messages.
Is it safe to log unsanitized, unvalidated user-inputted data into a logfile?
For example, if I have a function called check_username(), which
checks that the username only consists of A-Za-z0-9, is it safe to
have check_username() write to a l
, Konstantin Rozinov wrote:
> Thanks for the tips Che and Tom. I will try the debugging tools to
> see where the bottlenecks are. I've got apc.stat set to 0, but the
> largest # of includes in the application is only about 8 in some
> files, so I wouldn't expect it to make t
Thanks for the tips Che and Tom. I will try the debugging tools to
see where the bottlenecks are. I've got apc.stat set to 0, but the
largest # of includes in the application is only about 8 in some
files, so I wouldn't expect it to make that much of difference, but
every little bit counts :)
I
Hi folks,
I recently installed APC (http://pecl.php.net/package/APC) to see how
it works. Currently, I'm just using the opcode (file) caching and
already the response time is about 4x faster. No code changes were
required and it was as easy as just enabling APC in php.ini. Now I'm
interested in
Hey guys,
Some more questions.
1. Is there a significant speed difference between the equal operator
(==) and the identical operator (===)? Should I even be concerned
about this? For example, if I know a variable will be of type INT
100% of the time, and I pass it to a function which expects th
Hey guys,
I have a lot of PHP code written that uses the mysql extension.
Should I rework the code to use mysqli extension?
How can I tell if it will be worth the effort and time?
Any advice would appreciated. Thanks!
Konstantin
___
New York PHP User G
does anyone know where I can find a list of sample MALICIOUS data that
i can input into my forms to see how the code reacts?
i'm not looking for any automation or program, just the actual sample
data. i'm trying to do QA on my code.
any help would be greatly appreciated. thanks.
On Sat, Nov 29
> I'm trying to lock out remote call to the php files.
what do you mean by that? Aren't your php files processed by
apache/php and then the output returned to the user?
On Fri, Nov 28, 2008 at 3:02 PM, Michele Waldman <[EMAIL PROTECTED]> wrote:
> This is not working for me
>
>
>
> RewriteCond
can anyone recommend a good (free would be a big plus but not
necessary) IDE for PHP?
Is Zend Studio the most popular one out there?
Kon
On Wed, Nov 5, 2008 at 8:30 AM, Hans Zaunere <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> Out of curiosity, has anyone used NetBeans/PHP as their environment?
29 matches
Mail list logo
