Identifying SSL Clients
I have a site that uses PHP sessions through SSL, my employer does not wish the site to require cookies so I have switched on the use_trans_sid option for users who have cookies disabled. The problem I have is stopping session hijacking.
If I am on a page "https://secure.mysite.com/page.php?PHPSESSID=XXXXX"
And I email the url to someone else they can get onto the site without being challenged for a logon. I am trying to find a way to check that the connection is still coming from the same SSL connection, e.g. by checking the clients public key, but I can't find a way to get any information about the SSL connection from PHP.
View Complete Forum Thread with Replies
Related Forum Messages:
Identifying Browser
Is there a way to identify the brwser a visitor to my site is using? I would like to include site style based on the visitor's browser. If their us IE show layout one way, if their using Firefox show it another way...etc...etc.
View Replies !
Identifying People
on my website i'm finding people are coming back and signing up again and again... how can i log them so i know who has logged in before. was thinking IP but does this not change per session online with dial up?
View Replies !
Identifying A Value Range
i have a form that submits to a php file, the form basically has a hidden field called number: <input type="hidden" name="number" value="12"> i know how to read the value of that, its simply putting <?php echo $_POST['number']?> but what i want to do is check if the number is between 1 and 25 and if it is then echo A else if it is between 25-75 then echo B else if it is anything above 75 then echo C .
View Replies !
Identifying An Image
Ive got a tracking system which tracks how many times a user clicks on an advert on my site. At the moment all the listings are set as one so when a user clicks on that advert it gets one click. However, one of the adverts is now going to contain two images advertising two separate companies. Ive set it up so the images and urls are different and they go to their own websites and in my tracking table i have just added an extra column called image and the number 1 goes in if image 1 is clicked on or 2 if image 2 is clicked on. However, to display this is the bit im not sure about. At the moment its displayed in a table like this: Advert Name Category Number of clicks Advert 1 Shopping 257 However, if advert 1 has two images, meaning two separate companies, how can I show this in the above table?
View Replies !
Identifying The Clicked Record
i already know how to load the my list of suppliers using mysql/php/apache, but what i would like to do now is put a link for each and every supplier and when someone clicks it, they will automatically go to that supplier's list of products. i want something like this: SUPPLIERS TABLE supplierID, Name, Address, AA Alfin21 1506 w. 66th street <>EDIT<>
View Replies !
Identifying Search Engines
my website is pretty much database driven and i've typically parsed the data in PHP and just output flat HTML. however, i'm trying to save some badwidth by spitting out just the critical information, and have javascript parse out the data. however, i'm kinda worried how search engines would react to this. (especially google) would search engines ignore the keywords if they are inside javascript tags? how do i detect search engines? maybe i can just setup a special script that output's "search-engine-friendly" output.
View Replies !
Identifying Black Images
I would like to be able to identify completely black images in order that I can exclude them. I am thinking I could use gdlib but I cannot find a suitable function. If I can find the rgb of the image then I can exclude it.
View Replies !
Identifying Individual Users
I know that you can identify users using an ip address. But what if you have several users with different computers in one room sharing the same ip address. Is there anyway to differentiate each individual. Is there a unique signature from the computers that can be used?
View Replies !
Identifying Parts Of A String
$url = /blah/elephant/spaghetti/page.php This gives you the whole path. But how can you identify each directory in the url individually? ie. I want $one to equal 'blah', $two to equal 'elephant' etc.
View Replies !
Identifying Off-site Links
Is there an easy way to identify off-site links using php? For example, on a forum site like phpbuilder.com, I'm looking for code to flag posts that contain: Code:
View Replies !
Identifying A Page Via Hyperlink
I have a page (product_wide.php) that displays sale items. In that page, I "include" a 2nd page that contains hyperlinks to general item categories. The hyperlinks in filternavbar point to product_wide, and display items from the category selected. I need a way, using the same hyperlinks I am using now in filternavbar, to tell, from product_wide, that it was from filternavbar that the link was clicked (as opposed to some other page in the site that takes you to product_wide. I can't change the configuration of the filternavbar url because of duplicate content issues with google.
View Replies !
Identifying Dynamic Form Fields
User goes to page which is a form that asks for some basic info regarding returning products for credit/exchange, and also asks for how many products are going to be returned. Upon submitting, a return authorization form is presented to them with the specified number of product fields. I now want to take the input from this form and email it to myself, as well as, display a confirmation page to the user. The problem I have is a can't say, for instance, echo "$field_name"; because field_name will get created dynamically after the user specifies how many products to return. For example, say the user says 5 products, this will generate a form with field names like: return_code0 inv_num0 qty0 product0 cre_exch0 stockout0 return_code1 inv_num1 qty1 product1 cre_exch1 stockout1 return_code2 inv_num2 qty2 product2 cre_exch2 stockout2 and so on.... These get created with a for() loop. Once this form is submitted, how can I address the field names? Code:
View Replies !
Identifying Non-Supported Characters In A TTF File With GD?
I've managed to get GD working (mostly anyway) on my site - and am utilising the "imagettftext" function. I am using this function to display individual characters on my website - with a nominated Font. However, sometimes the characters in my StringText are not supported by the particular font that I am using ... Directly from http://www.php.net/manual/en/function.imagettftext.php imagettftext - "If a character is used in the string which is not supported by the font, a hollow rectangle will replace the character." Can anyone suggest some code that would: 1) compare/look at the StringText supplied within the "imagettftext" function (in my case the StringText will comprise of a single character only) 2) where the supplied StringText (ie character) is NOT supported by the font, then I need for that character to be reported as not supported. ie. either; return a flag or skip the non-supported character entirely - rather than displaying the standard "hollow rectangle".
View Replies !
Identifying Opening Link For Database Query?
I've got a tricky problem i need to solve, i'm building a banner exchange type site in which there are already about 100 banners so i've had to code things around what already exists to a certain extent. Now each of the banners that go out on other sites have a link on the banner which pops open a window with details of the banner. this would be fine if all my banners were gifs and jpgs but there are also swf and dcr banners so i have no real control over the actual link on the banner. up until now each banner had a html page made for it so when you clicked on a banner it would open a page banner_1.html which had the details of that banner. for obvious reasons i'm going to replace all these redundant pages and put a htaccess redirect at their url to all redirect to a common page popup.php so all details will be dealt with in one file. ok this is fine but my problem is in this page popup.php i need to identify the link that just opened the window so that i can then get the info from the database to put on the page.. remember i can't use the url like so... bannerpage.php?thisbanner=1 but all existing links have unique addresses, is there a way to do this, i'm pretty sure there must be but i can't get my head around it?
View Replies !
Identifying Auto Increment Values For Each Of The Fields
I have set up a database i mysql, identifying auto increment values for each of the fields (eg AdminID). I was wondering how i can set up a form which will, when i go to add a new member, have the autoincrement value already present in the field and i can continue to input the rest of my data as usual.
View Replies !
Identifying User's Pick From Selection List
I have an application that uses PHP to access a MySQL table and extract rows which match the user's search entry. Data from the matching rows are loaded into an HTML selection list, and the user can scan the list and highlight a selected item. My question: In PHP, what is the syntax for identifying which row is highlighted? My goal is to pass the unique row ID of the selected item to a subsequent form where all the fields will be displayed for the user to edit. I already have the code that loads the selection list and the code that displays the fields. I just need to know how to determine the highlighted item. I have two PHP books, and both discuss loading the selection list, but there is no mention of what to do next.
View Replies !
Form, Type=file And Identifying By Isset()
Windows XP PHP 4.4.2 Apache 2.2 Register_Globals = Off Safe_Mode = On ----------------------- Hi All, I am having a problem getting a file browse input field to be recognized on the next page. Let me show you... page1.php Contains a web form with a file input to attach a file using a browse button. <form method='POST' action='page2.php' enctype='multipart/form-data'> <input name='uploadFile1' type='file' id=uploadFile1'> page2.php contains a validator to check the input and perform an action based on whether or not the browse input field has been populated. // IF THE POST CONTAINS A FILE UPLOAD, PROCESS SECTION 1 IF NOT PROCESS SECTION 2. if (isset($_POST['uploadFile1'])) { echo "File is attached so print this."; } if (!isset($_POST['uploadFile1'])) { echo "File is NOT attached so print this."; } If the user uses the browse button on the form page to populate the field with a file path to a file on his pc, then I expect to see the "File is attached message". However, regardless of whether someone does or does not browse a file, the message is always that they have NOT browsed a file and the variable "uploadFile1" is effectively left unpopulated. OUTPUT File is NOT attached so print this. Conversley, I thought I might be able to use the _FILES variable instead of _POST, but I get the exact opposite, that the browse field is populated all the time whether or not someone has browsed a file or left the browse field blank. if (isset($_FILES['uploadFile1'])) { echo "File is attached so print this."; } if (!isset($_FILES['uploadFile1'])) { OUTPUT File is attached so print this. So, I am missing something. Can someone give me some direction so that I can simply identify (with register_globals = Off) whether or not an input field (input type=file) has been populated or left blank? Is this even possible? What am I missing?
View Replies !
How To Get At The Clients' Screen Size ?
I want to write a Server Side PHP program that generates a HTML page client side. How would I get at the clients' screen size, before serving the generated page ? Would it be a two-step process: first let the client execute a piece of JavaScript to generate Height and Width, and then send those values to the PHP server (FORM, PUT) ? Or can it be done in only one PHP program ?
View Replies !
Webmail Clients And Permissions
Setup: Red Hat Linux 8.0 Apache 1.3.27 PHP 4.3.2 Sendmail 8.11.6 Other Info: root:root /var/spool/mail root:root /var/spool/mqueue Apache running as nobody:nobody Installations of everything in the "default" locations. The Issue: Using (a) a PHP-based webmail client and (b) the PHP mail() function, I cannot seem to get both to be able to access the mqueue directory to write temp files. For example, with the above setup, the webmail clients work fine, however a simple mail("me@thathost.com","Test Subject","Test Message","From: me@thishost.com") is refused permission to write to mqueue. If I change ownership of mqueue to nobody:nobody, the simple mail() function works, but the webmail cannot get permission to write its mqueue file. maillog Error (with ownership set to root:root, mail() failing): SYSERR(nobody): Can't create transcript file ./xxx: Permission denied SYSERR(nobody): Cannot create ./xx2: Permission denied from=nobody, size=0, class=0, nrcpts=0, relay=nobody@localhost" (Substitute (root) for (nobody) when I switch ownership to nobody:nobody, causing webmail to fail.) Sorry, but please note again that when I change ownership on mqueue to nobody:nobody, the PHP mail() function works fine. I have tried several PHP webmail clients (BasiliX, NOCC, etc.) with the same results. I have tried running Apache as root (not allowed, and not safe anyway), as nobody (current condition), and as a user:group I created just for mail stuff, with the same or worse results.
View Replies !
PHP Clients: What Web-service Is Best? (SOAP Etc)
Our team will be creating a web-application that must have an easy to use programmatic interface for our web-developer clients. The data transferred will primarily be taken from a database (which may be remote) like a true 3-tier app. Load tolerance for us is quite important. We are considering creating a SOAP service. We have found that the php_soap extension is easy to use for our clients and seems to do everything we need (from a client perspective). We have however, heard others mention XML RPC as a better alternative (especially relative to bandwidth) and just as easy to consume by PHP. My main questions for you PHP gurus are: 1) What is the approximate likelihood that clients who have sites that support PHP will have the soap extension installed (or are willing to install it). Good? Fair? Bad? 2) Is there a better technology choice for our software development team to provide a web-service to our web-developer clients? XML RPC, custom CGI protocol? others?
View Replies !
PHP Call From Multiple Clients
I know this is gona get me in trouble but I have to ask. I have a PHP code ( also calls mysql ) on my website that gets called from multiple clients using winsock. Some of the clients are listing data in the database via PHP. Some are reading data. So here is the question. Will all the calls get serviced? Are the calls to the same php file buffered or cued up in some way?
View Replies !
Retrieving Connected Clients IPs
I am developing a website in PHP and MySQL as a backend. Poeple has to login to avail of the services. I am storing the users ID along with IP addresses who have logged in. And deleting the entry when the user clicks signout. At a certain page I want to check whether the people who have logged in are still online or not. If they clicks signout the entry is deleted from the database and I will get accurate data. But incase the user does not clicks signout and just closes the page, then the web page will be showing the user as online while actually he is offline. Is there any way to retrieve the IP addresses of the users who are connected to the site(browsing the site) dynamically.? Or any other solution to handle this situation..
View Replies !
Recalculate For Multiple Clients?
I am trying to write a function or functions to recalculate two price fields for multiple clients. My price fields are: PriceRetail PriceSell which I want to control based on a $Cost variable (also a field I will save) and a $PriceCode variable that references a table that stores the factors for the two price fields to be changed/recalculated Code:
View Replies !
How To Detect If Clients Are Using A Proxy
I need to know if clients access my website directly or through a proxy. this is for security requirements. I used a code like the following: if($_SERVER["HTTP_X_FORWARDED_FOR"]||$_SERVER["HTTP_VIA"]|| $_SERVER["HTTP_CLIENT_IP"]) echo "proxy connection"; else echo "direct connection"; However this worked only when accessing the website through http:// but when accessing it through https:// all variables $_SERVER["HTTP_X_FORWARDED_FOR"] and $_SERVER["HTTP_VIA"] and $_SERVER["HTTP_CLIENT_IP"] are empty I used a public proxy server for testing. Its IP is 200.65.127.163 port is 80 It supports both normal http and secured http connections. N.b: I know there are the highly anonymous proxies that normally can't be detected but at least I need to detect the normal anonymous proxies when opening my website through ssl.
View Replies !
Clients Editing Information
I have a client that provides a list of companies on their web site (powered by PHP/MySQL.) These companies advertise their services to visitors. The company information has been maintained exclusively by the client, but now they would like to provide a way for the companies to update their own information. Can someone suggest a reasonable secure method to allow the companies to edit their own information without a login and authentication procedure? One idea is to provide each customer an URL which includes an encrypted token. The token could be generated using a unique piece of data like an email address or telephone number. It could be decrypted serverside and validated. I've done something similar for other clients on a tight budget and it worked well, but am wondering if there's a better approach without adding full-fledge authentication.
View Replies !
Create Logins For Clients
I have a series of editable forms and reports that I have created for clients to fill in, edit, save, print etc. in a web application based on PHP and MySQL. I now want to allocate these to individual clients (about 15) and a secure login for them with the ability to be able to only see their forms and their reports and none of the other clients. Suggestions as to how we could go about this conceptually or in detail would be appreciated or if any one knows of any existing software that would assist in achieving this.
View Replies !
Signal Clients To Reload
My server has a database. Info from this database may be displayed at a number of clients. What I want is the clients to reload the info when the database is updateted, by another client. Hence, the server should signal the necessary clients.
View Replies !
Selecting Clients Using A Drop Down Box
i am trying to pull up the details of a client in a form, by selecting their surname from a drop down box (select box). I think i will need to produce a while loop to get all the client surnames and insert them into the drop box from the database, to be selected by the user. Because i don't know how many clients i will have, i can't determine the number of options i need for the drop down box, and so this is why i think a while loop would be useful.
View Replies !
Voting System - Identifying Voter And Integrity Of The Vote
I am trying to setup a voting system for our intranet (staff awards - free text fields). I have the database adding the votes no problem. What I would like to do however is the following: 1. It's our intranet, there is no need for each person to login so it just uses "user/user". However I need to capture the person's login on the vote record so I can identify who voted. 2. restrict the users to one vote each. I have done some research and it looks like I have to create a cookie.
View Replies !
Identifying Different Unicode/utf-8 Types Inside A Text String
I am dealing with a script that reverses a string that is in hebrew, so I can display it properly when I write that string onto an image, however sometimes the string might be half hebrew half english, so I need a way to identify what language is in the string and only reverse the hebrew parts. in technical terms the hebrew text is encoded in utf-8, and the english text will be encoded in the normal encoding for english, (anscii, latin-swedish whatever, i dont know the name of that encoding) so the simple question is how do I identify different types of encoding within a string? that way I can break up the parts that i identify as being utf-8 and reverse only those (yes I am well aware of methods to display hebrew properly in php, but when writing to an image this is another story, only method i found so far is reversing the hebew text string)
View Replies !
Content Management Systems For Clients
I was wondering what solutions you guys use when building Content Management Systems for clients to allow them to edit text on their own site? Do you tell them it can't be done, and that you have to conduct site updates? Do you teach them HTML so they can markup their own content?
View Replies !
Reply-to Works With Some But Not Mail Clients
As I am just beginning to learn php I had to fish a free form script from the web. The script works fine, it processes the data filled in, including the sender's email address and sends an email to me with the data. When I hit the reply-button in my default email client (TheBat!), all is well and a new email with the sender's address in the to: - field is generated. But when that same email is opened in Outlook Express, and I hit the reply-to button, the to: field only shows the name of the sender, not the full email address (it does appear in the body of the message though). What do I have to change so that someone using OE can just hirt the reply button to respond to an email generated by the form? I hope the following is the relevant code:
View Replies !
Password Protected Pages For Clients
With our hosting provider we can choose to password protect certain folders/files for our clients...this means that the client has to type something in like http://www.domainname.com/clients/clientname and then press enter and then enter their username and password that we issued them. Now...What I would like to do is place a login form on the homepage of our site where they can type their info in, and it will go into the clients folder and direct them to their area. I don't know what type of script I need to do this.
View Replies !
Caching Images On The Clients Machine
I am using and image viewer plugin to view tif files via a web browser. It can only use paths like "C:image est.tif" to view the files.... the problem that i have is that i need to download the images on to the client machine when a request is made for viewing that image and the client can view the image via the browser.... please note i tried using other paths such as http://test.com/image/test.tif ..... it doesnt use the http protocol please note i cant use any other plugin hence i need to find out how i can cache images locally...... basically what i want to do is when a request is made for an image i download it to the client and set the path for the viewer to the local machine and then when the viewer is loaded on the browser it can use the local image for viewing?
View Replies !
Clients Tables Contains Some Names With Apostrophes In Them.
I have a query like this: PHP Code: $result = mysql_query("SELECT * FROM mytable WHERE some_var = '$db_var' ORDER BY another_var"); I am having trouble because one of my clients tables contains some names with apostrophes in them. I get an SQL error if $db_var contains an apostrophe. How can I fix this without having to change the data in the database?
View Replies !
Exec() On The Clients Machine From A Php Script
Very new to the world of php and still slightly struggling with concept that its running on the server side (slow learner :O) ). My question is this, is it possible to run an exe on the clients machine from a php script that is on a web site, say if I wanted to automatically start say a game exe that the visitor to my site had downloaded and installed previously. Can that be done?
View Replies !
Parsing HTTP_ACCEPT To Detect Mobile Clients
I want to configure my home page to redirect clients using WAP or i-mode browsers. I'm sure this problem must have been tackled by lots of people already, but I couldn't find any decent material on the subject. This is what I'm using at the moment: = = = = = = = = = = = = = = = = = = = = = = = = = = = = = /* Redirect non-standard user agents */ header("Vary: User-Agent,Accept"); $acc = $_SERVER['HTTP_ACCEPT']; $accw = strpos($acc, "text/vnd.wap.wml"); $acch = strpos($acc, "text/html"); $accw = ($accw !== false) ? $accw : 9999999; $acch = ($acch !== false) ? $acch : 9999999; if ($accw < $acch) { header("HTTP/1.1 302 Found"); header("Location: http://www.mywebsite.com/wap/"); exit; } if (substr($HTTP_USER_AGENT,0,7) == "DoCoMo/") { header("HTTP/1.1 302 Found"); header("Location: http://www.mywebsite.com/imode/"); exit; } = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Basically this script treats any user agent that identifies itself with a string starting "DoCoMo/" as an i-mode browser, and redirects to the WML pages when the string "text/vnd.wap.wml" appears closer to the beginning of the browser's Accept header than the string "text/html". This is flawed for (at least) 2 reasons: 1. There are probably other cHTML browsers that would be happier with the i-mode content, but I don't know how to identify them. 2. The Accept header parsing doesn't recognize the "q=" syntax of Accept fields. Before I start re-inventing the wheel, can anyone point me in the direction of a script that does this sort of thing properly?
View Replies !
Form - Clients Fill Out An Estimate Form
I have a form on our website that clients fill out an estimate form and it is emailed back to us. The contact information of the customer (ie. name, address, city) will send but the rest (ie. Type of est, How they heard about us, etc.) will not. Code:
View Replies !
Multi User/ Multi Page Redirect To Particular Clients Page
I need all of my clients to be able to go to ONE login page. based on their user ID number and password be able to login to their particular page, I do not want them seeing any of my other clients information. seems easy... now why cant i figure it out. I want the back end of it in mySQL, with a way for: admin to easily update the information located in there...ie: go to client 1 add new invoice information, new expiration date, etc. clients to easily update their billing information, etc from their personal page, is a must also. I just want to know if going with PHP is the best bet, or if there is another way..
View Replies !
|
TRACKER
