Security Code Image In PHPNuke Login Isnt Displaying
i installed the PHP Nuke in a remote web space bought from prackhost.Problem is that iam not able to get the security code to login to the site as admin or normal user. All the remaining images like links and logo are comming except that security code. Iam not able to do any furthur action.
View Complete Forum Thread with Replies
Related Forum Messages:
Can't Login Into PHPNuke
I've installed PHP-Nuke on localhost IIS. But I can't login using 'God'/'Password' as an administrator. Users are able to create their accounts and login/logout. What is the possible errror? I am getting error: [ Table 'nuke._users' doesn't exist Table 'nuke._users' doesn't exist ] at top of the page, but I've created database 'nuke' and tables exist.
View Replies !
INSERT Code Isnt Working.
This probably has a really simple answer, but my INSERT code isnt working. mysql_query('INSERT INTO `members` (`id`, `uname`, `uemail`, `upass`, `GUID`, `data`, `permissions`) VALUES ('NULL', $psuser, $psemail, $psPassword, 'NULL', 'NULL', Ƈ')'); And I get an error saying unexpected T_STRING .
View Replies !
Simple Image Upload Isnt Working?
im working on a simple image upload script (my first try) well i noticed that for some reason its not even recognizing a file being uploaded...ive tried using the phpfreaks simple image upload tutorial but that wont seem to work for me. Code:
View Replies !
Member Login Security
I am working on a webpage that has a member login. The process that I go through to verify a user is as follows: 1) enter username, password 2) open MySQL DB 3) verify password and username 4) redirect to user's page The problem is that when I redirect to the user's page, I pass a variable through the redirect. Specifically: Code: Header( "Location: http://www.somesite.com?id=1") The id is how I separate the users and how they are organized in the DB. So if someone logged in with their name and pass, and they had an id of 1, the redirect link would look like the one above. Then they could VERY easily just go to the URL bar of the browser and type: Code: http://www.somesite.com?id=2 This would give them complete access to another user's page! I've tried a number of things, but the problem is never really solved. Please help with this problem.
View Replies !
NEWBIE: PHP Login Security
I'm using PHP and mySQL to create a website. I currently have a mySQL database which includes a table for username/password which is checked by a PHP script when someone attempts to login. If a successful login attempt is made the PHP script sends to user to a certain HTML webpage, but I realise a malicious attacker could simply point his browser to the HTML page and bypass the security.
View Replies !
Login System: Security
I'm creating user login system. When user enters valid username and password, i set $_SESSION['uid'] = $user_id; Then in all user area pages i check if is $_SESSION['uid'] set and if this user id exists in my database. The question: it's enough secure? Can user (hacker) set his own $_SESSION['uid'] ? Maybe i should use a hash with user's password or something like that?
View Replies !
Login Methods/security
I'm just starting to develop a PHP/MySQL-based login system for a website, and being quite new to this side of things I'm looking for some advice on methods, with some measure of security in mind. The guide on this link seems straightforward enough (and not too difficult!), though there is a more security-conscious guide. nvolving more complex coding - at this link. How paranoid should I be? Is it likely that someone may actually try to "sniff the network traffic" and so on? I'd be very grateful for any basic pointers, rules of thumb or trusted tutorials.
View Replies !
Login Security Loophole
I have a code which is supposed to process a login page. If the login is successful, the code is supposed to take the user to metro_agents.php which is a password protected page. The code was working fine until I discovered a loophole. Here's the loophole :- The user does not have to key in his correct username & password in the login page. All he has to do is to hit the Submit button. Then he needs to key in the full url(www.mywebsite.com/metro_agents.php) in the address bar of his browser and click go(or hit enter). By doing so, he would gain access to metro_agents.php without a valid username & password.
View Replies !
General Qs About Login Security
Im designing a login system for my website, and im just wondering what would be the general security concerns that i may have to address when writing my script. One issue i was thinking of was table names. for example would it be better to have a table with a numeric name rather than one called passwords for storing usernames and passwords? Is there any different programming techniques which are better/worse to use for this type of scripting? I plan to have several different access levels so different people have access to different parts of the site etc.
View Replies !
Cookie Security And Login Authentication
is there a preferred method to authenticate users via cookie? I've been reading up on various security issues and this is one question that generally went unanswered in all the pages I read. I usually just have it: Set cookie named name With an authentication code code The code is then used to grab information from the database if properly matched (with one in the database). The user is never directly told the code of course. The name of the cookie is the same for all users. But are there better and more secure ways to do it? As to avoid forging/grabbing or other methods I'm not aware of.
View Replies !
User Login/authentication Security
I am working on a PHP/MySQL discussion board project recently. One thing concerns me is the user authentication security. Currently my login script is purely based on cookie, it simply retrieves the username from the cookie file, which I think is insecure, right? And also for sessions, since it can be overwritten by one from the same host (e.g. if the script is running on a shared host environment), it's insecure too.
View Replies !
Login Authorization Security & Preventing Crackers
I'm working on implimenting some security measures on a control panel app that my company is building. I know that it's pretty much impossible to prevent a skilled cracker from getting in if they really want to, but we're looking at doing our best. Code:
View Replies !
Security Concerns While Designing A Login Script / Page In Php + Mysql
I am a bit new to php. I am designing a new login page for my website (using php, mysql database). However, as php + mysql, both are open source, there are many security risks invovled, so that experienced users, while designing a login page, take care to follow certain guidelines. Being a novice, i think it would be helpful to many (including me), to review here, once again, methods / procedures / guidelines to be followed, while designing a login script. [So as to prevent the website login system from - unauthorized access, malicious inputs in login fields, etc].
View Replies !
Security Code
How do i create a security code that has to be entered by visualization before a form can be submitted to ward off spamming programs.
View Replies !
Security In PHP Code
I need information about the security in PHP code, I mean in the code itself not in the setting because I'll put my code at a host. In other words, I need the developper part of the security not the host part.
View Replies !
Image Upload Problem - New Image Not Displaying
I have a consistent problem that needs knocking on the head. I have an image upload script that uploads an image and replaces the old image. The image that is displayed is sometimes that old image and the page must be manually refreshed to get the new one. I need the new image to be displayed with out have to manually refresh the page. So far I have identified the following: • Ive been testing in ie and firefox – the problem only happens in firefox. • If the upload script is activated more than once it works as desired – but not the first time. I need it to work the first time. • I have set the page to automatically refresh. – this works in ie, but firefox still needs a manual refresh. • I’ve included the following which makes no difference: • header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); • header("Cache-Control: no-cache"); • header("Pragma: no-cache");
View Replies !
Database Security Code
I have been reading a little that you should secure your PHP code to prevent SQL injection into a database (MySQL in my instance), mainly by checking the type of data to be put into a database, and if text, to addslashes() the data. What I have not managed to find out, is does SQL injection threaten the input of data into a database, ie a guestbook, or the reading of a database where the user would not know if the data is being read from a database? Is there anything else to consider to make a database more secure? In particular, I have read here a few months back that it's a good idea to keep the username / password of the connection outside the root of the website. How would I access the password file then? What I mean is, if I want a certain file in my site I could access it by writing: www.mysite.com/password.php But as it would now be outsite the root, how would I be able to get to the password.php file? I have also read a bit that you can assign privelages (similar I guess to rwe for a directory / file) but to the database access, but can't find anything about it. Is there a good (beginners) guide to privelages? Any just incase, I did RTFM, but there are many versions which make it confusing on who is right.
View Replies !
Source Code Security
I am trying to learn how to interact with mySQL using PHP pages, and all the examples I've seen require me to include my username, password, and database in my PHP code to establish the connection. What measures, if any, do I need to take to ensure that prying eyes will not be able to get into my source code and retrieve this info thereby enabling them to log into my database and mess with it?
View Replies !
Security Code Confirmation
I have a PHP script for link indexing directory, and submitting URLs to the directory is opened for public and it is just a form where the user need to add the URL, Site Name, and Description. I can see that some ROBO's are spamming my submit by many submits from irrelevant categories. How can I implement a "Security Code Confirmation" field with a image combination, meaning only human can see that random image that shows numbers and enter in that filed, so the system will compare it and accept it?
View Replies !
Random Security Code
this is the part, where before you submit the registration form, you have to type in correctly the random text/numbers that was generated. hope you are getting what i mean. what is this called and what is the purpose of that? also, do we have an online code of that which i can just use? because i still dont have an idea how it works and how to do it.
View Replies !
PHP Nuke 8: Security Code Not Being Displayed
I've got PHP Nuke 8 installed and running but I've run into one problem. First of all, everything installed fine without any errors. After Nuke was installed I added the following modules: Shout Box, Leaderboards, Gallery, and Sentinel. Prior to installing ANY modules with just PHP Nuke installed the Security Code was readily viewable on the login page (both for users login and admin login pages). Without remembering exactly when the security code image disappeared, all I can say is it's not viewable now.
View Replies !
User Authentication -- Displaying Info Based On Login
I would like to display the database info based on the user's login. I am getting the following error: Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' $sql = "SELECT $_GET['user_id'] FROM table_auth_user"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)) { echo "".$row['user_id'].""; echo "<br /></div>"; }
View Replies !
Displaying Image From Image Path
Trying to display this simple query. Everything works but i can't get the image path correct. Its just displaying the image name. while ($row = mysql_fetch_array ($r)) { print "<p>{$row['title']} <br /> {$row['address']} <br /> {$row['description']} <br /> {$row['price']} <br /> <img src= "./uploads/images".{$row[['images']}"/> <br /> {$row['contact']} <br /> {$row['phone']} </p>";
View Replies !
PHP Code Not Displaying In IE 6
I'm a newbie to PHP and am have problems getting simple PHP page (php_test_page.php) to display correctly. The page is: <html> <body> <H1>Test Line 1</h1> <?PHP echo '<H1>Test Line 2</h1>' ?> </body> </html> Test Line 1 displays fine by not the PHP line. If I look at the source with the browser (IE 6), the line is still there. I'm not sure if the following is the problem. I might have two problems here. However, my default web server is not running and I can't seem to start it. The following is the scenario with XP Professional: - Click Control Panel - Click Performance and Maintenance - Click Administrative Tools - Double Click Computer Management - Open Services and Applications - Open Internet Information Services - Open Web Sites - The "Default Web Site" is has a red error sign is marked as stopped. Clicking "Default Web Site" and click "Start" yield an error dialog with the following message. "Unexpected error 0x8ffe2740 occurred."
View Replies !
Displaying Code
I was wondering how i would og about making a script that would change the colours for code like this site when you put something inside of the php tags example echo "hello world";
View Replies !
Security Image Generation
I have a small script that generates an image with random text + colors. For some reason I put it on my server and my server starts saying it does not recognize some of the functions used. Two of these are: imagettfbbox() ImageTTFText() PHP Code:
View Replies !
Displaying PHP Source Code
What dictates that .phps files display source code? I have two examples, one where it all works as expected and one where it doesn't .... and it's really confusing.
View Replies !
Displaying Table In Php Code
I have a PHP script that has a drop down to select a record, then it should display some text from a database and then display a table of information below it. But, the table is displaying at the top instead. Code:
View Replies !
IE 6 Is Not Displaying The Cookie Set In The Code
IE 6 is not displaying the cookie set in the code below but mozilla firefox is just working fine. I have changed the settings to allow all cookies in the internet options for IE6 but still its not working. When i view the files to view the cookie in the option i can see the page...what could be the problem with my IE? on other machines its opening without any problems. Its just my IE... <?php // echo "test ftp"; //phpinfo(); setcookie("testCookie","Testing again", time()+3600); $tmpdata = $_COOKIE["testCookie"]; echo "Your data: $tmpdata"; ?>
View Replies !
Regarding Login Php Code
I tried to develop a simple web application which uses phpscript&mysql.If a valid user is logged in from login.php, he should see some welcome message(home.php)( i got it),but after saw that msg,if he tries to modify the url as login.php he should remain in home.php only(should not go to login.php).I have tried it with header function&used session concept.But didn't get the solution
View Replies !
Login Code
I have a script which use the following php code to login - code is before administration code: <?php include('config.php'); if(!isset($_SERVER['PHP_AUTH_USER']) or strcmp($_SERVER['PHP_AUTH_USER'],$login) or strcmp($_SERVER['PHP_AUTH_PW'],$password)) { header("WWW-Authenticate: Basic realm=Secured area"); header("HTTP/1.0 401 Unauthorized"); die("No entry. Goodbye!"); } else { // } ?> in cofig.php I have: $login = "admin";$password = "admin"; But when my provider changed php 4 to 5, i cannot login into administration anymore.
View Replies !
Why Mysql Isnt Connecting
trying to get php to connect with mysql so that I can start querying db(running locally on my machine and php works fine) however I'm having trouble. This is the error it spits out- Warning: mysql_connect(): Access denied for user 'ODBC'@'localhost' (using password: NO) in D:phpwebconnect.php on line 5 Unable to connect to MySQL Could anyone assist me on this matter.
View Replies !
Scrips Not Running, Only Displaying Code
I installed Apache, mySql, and php. I go to my server folder and run one of the php scripts that is needed to install oscommerce. IDK whats going on but the brower (firefox) will only display the code and won't run the actually script.
View Replies !
Isnt ^ Common Regex Notation?
isnt ^ common regex notation? keep getting this error: Parse error: syntax error, unexpected '^' Code: $goalsheet.=preg_replace("/^[0-9]+ Year Career Goal #[0-9]+: *$", "/^<span class=hd2>[0-9]+ Year Career Goal #[0-9]+: *</span><br>$/", $goallist); aside from the error, i think the regex is off, but i hav had a hard time finding a tutorial that explains how I can ignore text in the middle. Here are some examples of what i'm trying to do: "1 Year Goal #1: Web Developer" -> "<span>1 Year Goal #1: Web Developer</span><br>" "10 Year Goal #2: IT Consultant" -> "<span>10 Year Goal #2: IT Consultant</span><br>" suggestions?
View Replies !
How Secure Is My Login Code?
I've recently had ppl trying to access my site by playing around with their cookies and setting $_SESSION['user'] to some random username... but my code checks both the username and password in the cookie and compares them to the row in the database on each page visited. But I just would like to know, should I make this more secure than it already is? And if so, how. Or is it enough to keep ppl from logging in "illegally" Code:
View Replies !
Code A Login System
how to code a Login system like myspace? Where you have to login with your email and password. Can anyone teach me over aol instant messenger?
View Replies !
Code Wont Allow Login
I have a script that wont let members (or admins) log in. I have checked the database to see if the e-mails and passwords were right and they are but I still cannot log in. Here's the index.php code for the members area: Code:
View Replies !
Formated Email Displaying HTML Code
I'm sending formatted emails that normally work fine, using the following header: MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 From: John Cook <jfoc@sev.com.au> However, one person I send it to (unfortunately, the client I'm actually designing this email for) sees it as HTML code, no formatting. She does use MailMarshal, an email content filter. And the header in the returned email contained these lines: X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - elaine.networkeleven.net X-AntiAbuse: Original Domain - hartleyfamilylaw.com.au X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [0 0] X-AntiAbuse: Sender Address Domain - elaine.networkeleven.net My question - would an email filter block HTML formatting? Should I do my header differently?
View Replies !
Displaying Html Code On PHP Generated Page
I am trying to create a link page in my php application. this is a page that will display a block of html code that a visitor can copy and paste into their web site to create a link back to mine. My PHP page has a line in it like this: define('TEXT_INFORMATION', '<html page code is here>'); I have added the html code to create the page as noted above. the page contains a same of the banner image file and the html code that goes alon with it. My problem is that I haven't been able to "quote" the html code so that ir will not be executed. every time I try to run the application from my web server my page will display two copies of the banner iimage not on banner image and text block like it should. Any suggestions?
View Replies !
Java Script Code For Displaying Images In PHP?
I have this java script code that updates the "img src" tag of my images on the page... <script Language="JavaScript"> function showupdate(photo){ document['bigPhoto'].src = photo;} </script> Now, is there any way to write this code in PHP (not in Java Script), since I want to save that "photo" variable for later use and manipulation... ???
View Replies !
Format Source Code For Displaying On A Web Page
Is there a good function or plugin out there to format my source code examples? I'm writing an article for a web page and want a very simple source code formatter. Eg: code in black, comments in red, quoted items blue, key words green, class names bolded.
View Replies !
Image Displaying
It looks as if you are creating the second image, but not saving it anywhere. This generates an image: imagejpeg($image_p, null, 100)." "; But what about $image? You do a copyresampled then destroy it. If you want to save the image, pass the second argument to imagejpeg.
View Replies !
Image Not Displaying?
My code doesn't seem to want to display the images in the location provided. I get renderings but floorplans are not working, any suggestions in what i am doing wrong? I checked permissions, i made sure the file exists, and thats what my code is suppose to be doing is if it exists than print the file, which i t does <?php print "<h1><img src='http://homes.pacificscene.com/images/browse/logos/" . $row[0] . ".jpg' alt='" . $row[1] . "' /></h1>"; print "<p>" . $row[6]; $linkresult = mysql_query("SELECT * from psh_commlinks where commID = '" . $row[0] . "'"); while ($linkrow = mysql_fetch_row($linkresult)) { print "<br />For more information about " . $linkrow[1]; print ", please visit:<br /><a href='" . $linkrow[2] . "'>" . $linkrow[2] . "</a>."; } print "</p>"; if (file_exists("http://homes.pacificscene.com/browse/features/" . $row[10])) { print "<p><a href='features/" . $row[10] . "' target='_blank'>View Features List</a></p>"; } if (file_exists("http://homes.pacificscene.com/browse/brochures/" . $row[8])) { print "<p><a href='brochures/" . $row[8] . "' target='_blank'>Download PDF brochure</a></p>"; } $query = "SELECT * from psh_siteplans WHERE communityID = '$ID' ORDER BY orderID"; $result = mysql_query($query); while ($row = mysql_fetch_row($result)) { print "<form action=" . $_SERVER['PHP_SELF'] . "?ID=" . $ID . "&siteID=" . $row[0] . " method='POST'>"; print "<table border='0' cellspacing='0' cellpadding='5'><tr>"; $window = "'http://homes.pacificscene.com/popup.php?type=renderings&ID=" . $row[0] . "','popUp','width=775,height=550'"; print "<td width='206' rowspan='8' valign='top'>"; print '<a href="javascript:;"><img border="0" src="http://homes.pacificscene.com/images/browse/renderings/' . $row[0] . '-TH.jpg" onclick="MM_openBrWindow(' . $window . ')" /></a>'; print "</td>"; print "<td width='135'><strong>Model</strong></td>"; print "<td>" . $row[1] . "</td></tr>"; print "<tr><td><strong>Appx Sq. Ft</strong>.</td>"; print "<td>" . $row[2] . "</td></tr>"; print "<tr><td><strong>Stories</strong>.</td>"; print "<td>" . $row[3] . "</td></tr>"; print "<tr><td><strong>Bedrooms</strong>.</td>"; print "<td>" . $row[4] . "</td></tr>"; print "<tr><td><strong>Baths</strong>.</td>"; print "<td>" . $row[5] . "</td></tr>"; print "<tr><td><strong>Garage</strong>.</td>"; print "<td>" . $row[6] . "</td></tr>"; $window = "'http://homes.pacificscene.com/popup.php?type=floorplans&ID=" . $row[0] . "','popUp','width=825,height=625,scrollbars=yes'"; if (file_exists("http://homes.pacificscene.com/images/browse/floorplans/" . $row[0] . ".jpg")) { print '<tr><td><a href="javascript:;" onclick="MM_openBrWindow(' . $window . ')">Floorplan</td></a>'; print "<td> </td></tr>"; } $window = "'http://homes.pacificscene.com/popup.php?type=renderings&ID=" . $row[0] . "','popUp','width=775,height=550'"; if (file_exists("http://homes.pacificscene.com/images/browse/renderings/" . $row[0] . "-TH.jpg")) { print '<tr><td><a href="javascript:;" onclick="MM_openBrWindow(' . $window . ')">Enlarged Rendering </td></a>'; print "<td> </td></tr>"; } print "</table><br />"; } ?>
View Replies !
Displaying Image
I have the following code: PHP Code: <img src=http://www.trackingsite.com/cnt/a/12946/ height=1 width=1> <?php $ipaddress=$_SERVER['REMOTE_ADDR']; if(!empty($product)) {echo '<script type="text/javascript">'."window.location.replace('".$product."');</script>";} ?> 1. Is it ok to display the single pixel gif or will that stop the $_SERVER['REMOTE_ADDR']; from picking out the ipaddress? 2. Will it redirect before the single pixel has time to display?
View Replies !
|
TRACKER
