|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
php-general-digest-help
lists.php.net
Date: Sat Mar 22 2008 - 03:18:14 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
php-general Digest 22 Mar 2008 08:18:14 -0000 Issue 5361
Topics (messages 271956 through 271963):
Re: spider
271956 by: TG
271957 by: tedd
Re: MCrypt not decrypting simple text
271958 by: Dan
Re: Double click problem [SOLVED]
271959 by: Jim Lucas
271962 by: Lester Caine
relative linking in php
271960 by: Sudhakar
271963 by: Nitsan Bin-Nun
problem with sessions config.
271961 by: N.Boatswain
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscribelists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscribelists.php.net
To post to the list, e-mail:
php-generallists.php.net
----------------------------------------------------------------------
attached mail follows:
Good call, Ray. And depending on how much you need to pull, you might also
include <img> and <iframe> src values. Also test to make sure there's an
href value for the <a> tags, they could also be <a name="somename"> without
an href.
It gets really tricky when you start looking at javascript window.open or
window.location type link sources.
-TG
----- Original Message -----
From: Ray Hauge <ray.hauge.listsgmail.com>
To: tedd <teddsperling.com>
Cc: php-generallists.php.net
Date: Fri, 21 Mar 2008 13:45:35 -0500
Subject: Re: [PHP] spider
> Have a look at something like this:
>
> http://simplehtmldom.sourceforge.net/
>
> I haven't used it, but if it works you should be able to pull up a list
> of all the <a> tags quite easily through the DOM ala:
>
> foreach($dom->find('a') as $node)
> echo $node->href . '<br>';
attached mail follows:
>To get directory permissions, you'd really have to go through either FTP or a
>terminal connection (telnet, etc).
Yes, but that's doing it programmatically, what about this?
What if you knew that a directory on a site was set to 0777 -- what
damage could you cause?
I have seen scripts that clients purchase that require permissions
for certain directories to be set to 0777 and left that way. The
scripts don't change the permissions; write the file; and then change
them back but rather just leave them set at 0777.
If a site is using such a script and you know what directories have
to be set to 0777, then that's a security issue, isn't it?
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
attached mail follows:
Ok, looks like I'm not getting much intrest here, can anyone recomend which
newsgroup I should post this under? Is there a crypto group or anything of
the like?:
- Dan
""Dan"" <frozendicegmail.com> wrote in message
news:AB.E9.09437.752D2E74pb1.pair.com...
> I'm using MCrypt and I have two very simple functions. All I'm doing is
> giving the function some text and a password, it encrypts the text and
> saves it as a text file on the server. Then I at some later time run
> another php file which decrypts using the decrypt function given the text
> and the SAME password as the first time and all I get is garbage. What am
> I doing wrong? What do I need to change so that I can get this to work the
> way I described?
>
> function aes_128_encrypt($text,$password) {
>
> $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
> $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
>
> $text .= chr(3).chr(3).chr(3);
>
> return bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $password,
> $text, MCRYPT_MODE_ECB, $iv));
>
> } // End of function
>
> and
>
> function aes_128_decrypt($encrypted_text,$password) {
>
> $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
> $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
>
> return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*",
> $encrypted_text), MCRYPT_MODE_ECB, $iv);
>
> } // End of function
>
>
> - Dan
attached mail follows:
tedd wrote:
> Hi gang:
>
> This is probably trivial for most of you, but here's my solution to the
> problem I presented earlier.
>
> The problem was, I just wanted to be certain that if a use clicked a
> button that they could only do it once. Sounds simple enough, huh?
>
> Certainly, one can use javascript, but I wanted something that was basic
> php and html -- here's my solution with code (please provide critical
> review):
>
> http://www.webbytedd.com/cc/submit-once/index.php
>
> If the user clicks "Submit once", then that's the way it is until they
> quit their browser. If they don't quit their browser, then no amount of
> refresh will allow them to click the button again.
>
> The "Reset Submit", of course, resets this condition but it's for demo
> purposes.
>
> What I have not solved, and I don't think there is a solution (I could
> be wrong) is to prohibit the user from clicking the back button on their
> browser to reset this condition.
>
> I've done a considerable amount of javascript reading, testing, and code
> search and have not found anything that works -- and -- I have even
> found places where the js community says that nothing will work to solve
> the back-button problem.
>
> So, does anyone here know better? If so, please start a different thread.
>
> Cheers,
>
> tedd
>
It would require a little JS, but you could use the onUnload feature and pop up
a warning that would tell them the problem(s) of leaving this page. Then use
the confirm() method from JS to either allow or deny them to leave the current page.
I don't know if you can limit this action to only take affect when they press
the back button, but it might help in any event.
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
attached mail follows:
tedd wrote:
> Hi gang:
>
> This is probably trivial for most of you, but here's my solution to the
> problem I presented earlier.
>
> The problem was, I just wanted to be certain that if a use clicked a
> button that they could only do it once. Sounds simple enough, huh?
>
> Certainly, one can use javascript, but I wanted something that was basic
> php and html -- here's my solution with code (please provide critical
> review):
I had been tracking an intermittent bug for some considerable time and having
finally identified the underlying problem - double click sends the page
request twice, but the second request is processed before first has updated
things! We have tightened up the server end as much as possible, but not
eliminated the problem.
The javascript solution is the only reliable one that I've found but some
sites do not allow it to be enabled. Since having finally identified the
source of the problem, we have improved education and can now 'spot' a double
clicker who in many cases does not even know they are doing it! People get so
used TO double clicking things on the desktop :( But in some case we suspect
that the BROWSER send two requests perhaps because of a noisy keyboard! On one
site that we pinned down to a particular counter position, changing the
keyboard fixed the problem ( enter was pressing the button ).
Just a word of warning that may explain the occasional double order ;)
--
Lester Caine - G8HFL
-----------------------------
Contact - http://home.lsces.co.uk/lsces/wiki/?page=contact
L.S.Caine Electronic Services - http://home.lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php
attached mail follows:
i am using a self submitting for using php
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST" id="test2"
name="registrationform"> the registration page starts with a lot of terms
and other details about the registration and then the form fields for the
user to fill the registration page. i have used php to validate the form,
presently when a user clicks the submit button and if there are any
validateions that need to be displayed to the user, then the user has to
scroll from the top of the page all the way till they see the form elements
with the validation message ex= Please enter your phone number.
my question is, as in html with relative linking ex <a href="#link1"> click
here</a>
<a name="link1"> </a>
Text here
the page can be moved to an exact location, can this be done more or less
close to this relative linking using php so that the user need not scroll
from the top of the page to see the validation message.
NOTE = since i am using a self submitting form just before the first form
element i have created a blank table row and in this table row the php
validation message would appear if the user missed out some information. due
to this the user has to scroll from the top of the page to see the php
generated validation message. if i use the same php validation at the very
top of the page the error message will be at the top and the form fields at
the bottom and the user will have to scroll up and down to read the
validation message.
please advice.
thanks.
attached mail follows:
Oops, I didnt post it to the list, copy is attached.
On 22/03/2008, Nitsan Bin-Nun <nitsanbngmail.com> wrote:
>
> Hi Sudhakar,
> There are 2 solutions,
> You can change the <form> tag to something like:
>
>
> > <form action="<?php echo $_SERVER["PHP_SELF"]; ?>*#errorsArea*"
> > method="POST" id="test2"
> > name="registrationform">
>
>
> Then add the following line before the errors:
>
>
> > <a name="errorsArea"></a>
>
>
> The main problem here is that in case there are no errors it still go
> down.
> If you dont want to get down when there are no errors, you can send it
> without the #errorsArea call, and in your php, check the errors, if there
> are errors you can forward to #errosArea otherwise dont forward.
>
> HTH
> Nitsan
>
> BTW
> Personally, I would avoid those things and use AJAX instead.
>
> On 22/03/2008, Sudhakar <sudhakararaoggmail.com> wrote:
> >
> > i am using a self submitting for using php
> > <form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST"
> > id="test2"
> > name="registrationform"> the registration page starts with a lot of
> > terms
> > and other details about the registration and then the form fields for
> > the
> > user to fill the registration page. i have used php to validate the
> > form,
> > presently when a user clicks the submit button and if there are any
> > validateions that need to be displayed to the user, then the user has to
> > scroll from the top of the page all the way till they see the form
> > elements
> > with the validation message ex= Please enter your phone number.
> >
> > my question is, as in html with relative linking ex <a href="#link1">
> > click
> > here</a>
> > <a name="link1"> </a>
> > Text here
> >
> > the page can be moved to an exact location, can this be done more or
> > less
> > close to this relative linking using php so that the user need not
> > scroll
> > from the top of the page to see the validation message.
> >
> > NOTE = since i am using a self submitting form just before the first
> > form
> > element i have created a blank table row and in this table row the php
> > validation message would appear if the user missed out some information.
> > due
> > to this the user has to scroll from the top of the page to see the php
> > generated validation message. if i use the same php validation at the
> > very
> > top of the page the error message will be at the top and the form fields
> > at
> > the bottom and the user will have to scroll up and down to read the
> > validation message.
> >
> > please advice.
> >
> > thanks.
> >
>
>
attached mail follows:
Hello guys; i'm having a problem with session behavior; i'm going straight to it, but first some considerations:
PHP Version 5.2.5IIF 5.1Running on localhost (XP machine)I start sessions at the top of every page.
A the start of a test page, just as example, i do the assignment: $_SESSION["username"] = "aaa";
At the end of the same page i print it's value: echo $_SESSION["username"];
And i get the layout: "aaa", as expecteed.
Then I redirect to another page. On that one, after initializating the session ("session_start();") print again the $_SESSION["username"] content and the result is empty. If i try the same code on a server (all this is on my local machine), the code works as expected; so i think it is a configuration problem, here is my php.ini part that correspond to session configuration, so you can tell my if i'm doing anything wrong, long comments where removed:
[Session]; Handler used to store/retrieve data.session.save_handler = files;session.save_path = "/tmp" BC 13/12/07session.save_path="/tmp"; Whether to use cookies.session.use_cookies = 1;session.cookie_secure = ; This option enables administrators to make their users invulnerable to; attacks which involve passing session ids in URLs; defaults to 0.session.use_only_cookies = 1; Name of the session (used as cookie name).session.name = PHPSESSID; Initialize session on request startup.session.auto_start = 1; Lifetime in seconds of cookie or, if 0, until browser is restarted.session.cookie_lifetime = 0; The path for which the cookie is valid.session.cookie_path = /; The domain for which the cookie is valid.session.cookie_domain =; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.session.cookie_httponly = ; Handler used to serialize data. php is the standard serializer of PHP.session.serialize_handler = php; Define the probability that the 'garbage collection' process is started; on every session initialization.; The probability is calculated by using gc_probability/gc_divisor,; e.g. 1/100 means there is a 1% chance that the GC process starts; on each request.session.gc_probability = 1session.gc_divisor = 1000; After this number of seconds, stored data will be seen as 'garbage' and; cleaned up by the garbage collection process.session.gc_maxlifetime = 1440session.bug_compat_42 = 0session.bug_compat_warn = 1; Check HTTP Referer to invalidate externally stored URLs containing ids.; HTTP_REFERER has to contain this substring for the session to be; considered as valid.session.referer_check =; How many bytes to read from the file.session.entropy_length = 0; Specified here to create the session id.session.entropy_file =;session.entropy_length = 16;session.entropy_file = /dev/urandom; Set to {nocache,private,public,} to determine HTTP caching aspects; or leave this empty to avoid sending anti-caching headers.session.cache_limiter = nocache; Document expires after n minutes.session.cache_expire = 180session.use_trans_sid = 0; Select a hash function; 0: MD5 (128 bits); 1: SHA-1 (160 bits)session.hash_function = 0; Define how many bits are stored in each character when converting; the binary hash data to something readable.;; 4 bits: 0-9, a-f; 5 bits: 0-9, a-v; 6 bits: 0-9, a-z, A-Z, "-", ","session.hash_bits_per_character = 5; The URL rewriter will look for URLs in a defined set of HTML tags.; form/fieldset are special; if you include them here, the rewriter will; add a hidden <input> field with the info which is otherwise appended; to URLs. If you want XHTML conformity, remove the form entry.; Note that all valid entries require a "=", even if no value follows.url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="
Well, thanks and sorry for my english;
Nicolás.
_________________________________________________________________
Watch “Cause Effect,” a show about real people making a real difference. Learn more.
http://im.live.com/Messenger/IM/MTV/?source=text_watchcause
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]