Where Can I Find Something About Security?
Do you know where can I find something about security? it means encription and all that? can I do it with PHP?
View Complete Forum Thread with Replies
Related Forum Messages:
PHP Security - Some Common Security Pitfalls That Are Inherent In The Language?
I'm working on developing an application in PHP4/MySQL and I've got very little experience with either. Most of my work is in ASP/Access and compiled programs. The app that I'm developing doesn't need to be perfectly secure, but I want to avoid common pitfalls, and I have no idea where to start. From your experience, what are some common security pitfalls that are inherent in the language? I shouldn't have any trouble with program logic being an issue, just stuff that may be PHP specific. (Like the User being able to put anything that they'd like in the QueryString and having that show up as a variable in the script).
View Replies !
How Would Php Security Compare To Java Security?
I just want to know how would php security compare to java security? Its because that me and my officemate are developing a site which would handle confidential documents and we just cant decide on whether we should use php or java. Please do post you opinions regarding this and it would even be better if you could also post links to write-ups about php security.
View Replies !
Security - What Security Dangers Should I Be Aware Of?
I am quite new to PHP but I have managed to write a simple page create script. So far the script does not have any user input. It does open/write files and it also accesses my MySQL database. No variables are passed from script to script either. My question is, what security dangers should I be aware of? My other question is, can you download a php file and view the contents?
View Replies !
How Do I Find Even #'s In Php
ur prob. all laughing at this easy *** question ... but for some reason i cant fig. it out. i know how to find even (and odd) numbers in c++ (using the %). how the hell do u do it in php tho... im trying to alternate the bgcolor of a row in a table (from #CCCCCC to #FFFFFF) here is my code.. if ($row = mysql_fetch_array($result)) { $x=0; echo "<table width=200 border=1 cellspacing=0 cellpadding=4>"; do { if (($x%2)==0){$color="#FFFFFF";} else {$color="#CCCCCC";} echo "<tr bgcolor=$color><td>"; print $row["name"]; print ("</td><td>"); print $row["email"]; print ("</td></tr>"); $x=$x+1; } while($row = mysql_fetch_array($result)); print ("</table>"); } else {print "Sorry, no records were found!";
View Replies !
How To Find IP?
Mostly when u visit shopping carts n u checkout n go futher for payment in the list box your desired country is selected automatically this is bcoz of they are tracking us by our IP Address. So which function in PHP is used for find the IP Address of a person who is visiting my site?
View Replies !
Find An Url?
I'm trying to read url's off of a website page by reading it's source code and locating http://www..com/? etc. <embed src="http://www.somewebsite.com/someflash.swf" width="somewidth height="someheight"> Is it possible to locate a code in the source of a web page, except the exact link "http://www.somewebsite.com/someflash.swf" can be replaced with like %%%%%%%%%% so it simply finds it's similiar match? Otherwise I need to put in the exact url, and I want to search for all http urls instead.
View Replies !
Find A
I have a text feild where data is pasted: Corners 9 8 Header 10 9 Goals 1 3 What would be th best way to parse this data so I can see cornera = 9 and cornerb = 8.
View Replies !
Find [ % ]
if I wanted to find any items in an array starting with [ and ending with ] how would I go about it? I amm building an email queue processor and I want to be able to place email address or distribution list names. eg if I had a list.. chris@domain.com, john@domain.com, [maillist_1] PHP Code: $email_to = "chris@domain.com, john@domain.com, [maillist_1]"; $email_to = explode(",", $email_to); foreach($email_to as $to_emails) { // First Check if its a distribution list if($dist == "yes") { // get the list and split them. $emails_to[] = $to_emails; } else { $emails_to[] = $to_emails;....................
View Replies !
How To Find Url Php
Hello all,If my site has two domains, but domain one should point to french which already works.but domain 2, how can I check the url and if url is let's say domain2.com then add lang=en to the query string.
View Replies !
Find A Tag
how to extract a tag from an URL. For eg, If i enter the URL http://youtube.com/watch?v=dYhhQhtrlFI I'd like the EMBED tag from the page to be extracted. (i.e) When i enter the URL in a field and hit the submit button, i want the EMBED code to be stored in variable.
View Replies !
PHP And Security??
I am very new with php and web content in general, and my concern is with my novice ability leaving huge secuirty holes for any joker to have there way with. Here is my current thought. If I have a php script in a public html fodler named index.php3 how secure is this if at all. Say I have a line like: MySql_pconnect("host","account","passowrd"); How easy is it for people to get the host,account,password.
View Replies !
Security
For security reasons I want to know more about (1)where session store its info and (2)what "single sign on" is. Does anybody know any articles about these subjects, or does anyone know the answers to these 2 questions?
View Replies !
PDF Security
This is where the security problem is POSTED Is there anything we could server side? In the meanwhile I am turning off on each client's domain the user PDF uploading capability (where it is allowed) and restrict to the domain admin side that capability.
View Replies !
Security In Php
I'm doing ok for a newbie in php, but i just have a few questions as far as security goes. i am actually a java programmer, so from my experience with an object oriented language i would like to use encapsulation and other methods used in java with php for example i would like to make a php page that handles my database connection and has a whole lot of functions that i can call as i need them instead of re-coding the connection each time. i know that i can use 'require('****.php')' and 'include('xxx.php')' to get access to the code in xxx.php but can i extend and override the functions in xxx.php and is it safe to connect to a database in this way? i also wanted to know if it more secure to put a php script in the same web page or to make a page that contains the script and another html page that uses a form to goto the the php page? and finally i just want to know if anyone knows of any good reading material on the topic of intergrating java with php (except the php manual) ....
View Replies !
PHP Security
I am fairly new to the php scene but have managed to learn quite a bit from you folks and other resources on the web. I have developed a few scripts that actually work. LOL. I ran across a post on here mentioning Chris Shiflett and took a trip over to his site. He has some intriguing articles on the security of php scripts. However, he doesn't get into much detail as it would seem he writes for a more advanced crowd. Anyway, what I am looking for now is more information on securing these scripts. Know a good book? Maybe a good website? By all means, let me know!
View Replies !
WS-Security
I am currently using NuSOAP to create a web service, but I'd like to use WS-Security. AFAIK, NuSOAP doesn't support this. Is there anything else for PHP I can use that does implement WS-Security?
View Replies !
Security: SSL And Other
i got a few questions here: a) With sessions is it worth the code hastle to hash the session file before any writing or reading to be done. to check that the data is valid ? b) Does anyone know any basic introductions to SSL as I want to use it as its most effective against session hijacking and other attacks.
View Replies !
PDF Security?
I have a portal secured through php scripts. I want to have a pdf document online. Is there a way to secure a pdf document though php? If not how else would i do that?
View Replies !
.inc Security
I'm trying to start learning PHP security and recently read this: Don't store includes under document root. The only resources you should store under document root are those that must be accessible via URL. Making anything else available to the public is an unnecessary risk. If you must: <Files ~ ".inc$"> Order allow,deny Deny from all </Files> If I can't install .inc files under my root, why would a related directory be any more secure? Couldn't the user, if they knew enough to search the .inc path to begin with, follow the second .inc path? Sorry if this is obvious and I'm missing the obvious.
View Replies !
Ip Security
what i am trying to do is when u go to vote to check ur ip based upon a subid and compare that to the remote address to prevent double votes. here is the coding. PHP Code: /* BEGIN ANTI CHEATING VERIFICATION PROTOCAL */ $sql = "SELECT * FROM voted WHERE subid = $subid"; $r = mysql_query($sql) or die('Error, query failed'); $arr = mysql_fetch_array($r);          $ip = $arr['ip_address'];          if ($ip = $REMOTE_ADDR) {                   echo "<p align=center  class=contest_small>SORRY YOU HAVE ALREADY VOTED";                   exit;          } /*END ANTI CHEATING PROTOCAL */
View Replies !
CSS, PHP And Security
I am thinking about opening a web site which will allow people to register and then have direct access to a stylesheet in order to brand their page. When a user saves their stylesheet, the system will reject it if it includes any of the '<', '>' or '?' characters. I know this restricts some CSS, but that's fine for my purposes. Is there anything else I should check for? How vulnerable does having this option leave me?
View Replies !
CMS Security
I'm here still learning about PHP and MySQL, from alot of different sources right now. One of my goals is to get the simplest type of CMS up and running, If I really needed one I would probably use something like Wordpress, but I'm just interested in learning how they function. I have some basics down.. Looking into regular expressions at the moment. But I was wondering if anyone here had some good links they could share, regarding how to implement techniques for preventing security issues and such. As of the moment I only know of like, query injection but I've heard of other things like session stealing and some others I cannot remember.
View Replies !
Security
I dont know ifthis is the right forum, but I was wondering if you store your mysql database connection details in a php file that you then include() on each page, is that a secure way to goabout it? I thought about this because if someone knows your filename they could just type to get your username and password. Would changing the permissions to this file work or is there a generally much more secure way to do this sort of thing?
View Replies !
Md5() And Security
I have created a form with the help from Houdini and I need some assistance with security. In the application customers will be inputting ssn#'s and checking account#'s. I want this information to be secure when its submitted. The form will be processed to an email address. How would I set up this security to work with my form?
View Replies !
Possible To Find Domain ?
hi I have two domains that I want to point to the same site, however I want each site to be customised for each domain, site title, header, email address's etc todo this I need to figure out howto find which domain the client used to access the website. I tried using $_SERVER['SCRIPT_URI'] but with no success.
View Replies !
Find A Max Value In Mysql With Php ?
How do I a max value in mysql with php? I can find a max in mysql with: SELECT MAX(num) FROM codes WHERE num LIKE 'A%' I try to do it in php and it doesn't work - $result = mysql_query("SELECT MAX(num) FROM codes WHERE num LIKE 'A%'" , $link); $row = mysql_fetch_array($result); $num=$row["num"]; this returns $row as Array?
View Replies !
How Do I Find Out A New INSERT's Row ID?
sorry, I saw a post on this last summer but "id" is too short for the search engine [img]images/smilies/frown.gif[/img] in a table, i have an autoincrement unique 'id' as the first column. if I do this: Code: "INSERT INTO table SET submitter_group='$groupname', ip='$ipaddy', datetime='$stamp' "; how do I find out the id of this new row? I'd like to be able to UPDATE more data to this row as the user enters it... or should I not use the ID, but rather a new column that's a hash of the ip and date? (but same thing, how would I grab that value?) sorry, no 'unique' identifier per-user, this is for an anonymous survey tool. I AM using sessions (group-based authentication: u/n & p/w given to a group of people, etc) so is there a session value I should key off-of?
View Replies !
Strpos Can't Find What I Specify
$title = 'The Webmaster World' $findme = 'c' //c doesn't exist $pos = strpos($title, $findme); print $pos; //this doesn't print anything to the screen $newtitle = substr("$title", 0 , $pos); print $newtitle; //this doesn't print anything to the screen either So if I put the above code in a webpage and run it, I would get an empty screen. I know if strpos() can't find what I specify, it returns a boolean FALSE. So the substr() will be trying to execute a FALSE variable and thus makes itself FALSE as well and not return anything? Is that how substr() above will interpret this?
View Replies !
Is There A Way To Find Out What A Url Redirects To In PHP?
Every day on my blog, I have a list of about 30 other blogs that I link to. Lately, more and more of then have been using feedburner, which means that the links to their posts show up like this: http://example.com/~r/Jordanisyourhomeboy/~3/144521539/ Is there a function in php (I'm using PHP 4) that will find out what that URL redirects to, and return the actual URL of the post instead of the feedburner URL?
View Replies !
How To Find Out If Its A Valid XML Doc
I open an xml document using fopen create result string uisng an implode function. then pass that string to domxml_open_mem function now here is the question, take a look at the code below,for some reasons when a document is not valid doc(that is it has some invalid caharacters) it would still return $dom variable (only this time it will have a string in it) if(!$dom = domxml_open_mem($rssFile)){ foreach($this->feedsArr as $value){ $rssFile = $this->OpenURL($value); if($dom = domxml_open_mem($rssFile)){ return $dom;}} open url function just opens the file using fopen and returns a string created with implode. If did not make any sense at all.
View Replies !
Find And Replace
Hey there i have an input box but want to know the best way of doing this i want to allow people to enter in website <a href="skdfj"> safasd</a> but would prefer if they could just enter http://bla.com
View Replies !
Find The Value Of The Next Record
I have a database with 3 columns. my_id my_page_number other_page_data I'm creating a written page that has a link to the next page for each record in the above table. Is there a way to get the value of my_page_number for the next record so I can direct users to the next page?
View Replies !
How To Find Referer?
Can anyone tell me how to find Referer? This internet security certification company prodive a game and you have to have Referer to pass to next level. I tried telnet to go into their site and "GET" , " Referer" command but I just cant get it. Is there any way I can get it?
View Replies !
Find And Cut String
I'm new to PHP, so please bear with me! =) Is there a nice little function to find a string between to html-tags? I.e. let's say I have a string with the following text: "Hello world, <b>this is a test</b>" I would like to cut out the text between the <b> and </b> ("this is a test").
View Replies !
File Which Tries To Find Itself And Can't...
<? //file test.php phpinfo(); $filename = "test.php";//it does not work $filename = $_SERVER['DOCUMENT_ROOT']."/home/ke000067/public_html/test.php"; //it does not work $filename = $_SERVER['DOCUMENT_ROOT']."/~ke000067/public_html/test.php"; //it does not work $filename = "home/ke000067/public_html/test.php"; //it does not work echo 'fila buscada: '.$filename.'<br>' if (file_exists($filename)) { echo 'Of course it is.<br>' }else{ echo 'What?? How can it be???.<br>' } ?> these are some values retieved from phpinfo _ENV["REMOTE_PORT"]2010 _ENV["SCRIPT_FILENAME"]/home/ke000067/public_html/test.php _ENV["SCRIPT_URI"]http://200.50.110.233/~ke000067/test.php _ENV["SCRIPT_URL"]/~ke000067/test.php _ENV["SERVER_ADDR"]200.50.110.233 _ENV["SERVER_NAME"]200.50.110.233 _ENV["SERVER_PORT"]80 _ENV["SERVER_SIGNATURE"]<ADDRESS>Apache/1.3.33 Server at 200.58.112.233 Port 80</ADDRESS> _ENV["SERVER_SOFTWARE"]Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_bwlimited/1.4 mod_log_bytes/1.2 mod_ssl/2.8.22 OpenSSL/0.9.7e FrontPage/5.0.2.2635 _ENV["GATEWAY_INTERFACE"]CGI/1.1 _ENV["SERVER_PROTOCOL"]HTTP/1.1 _ENV["REQUEST_METHOD"]GET _ENV["REQUEST_URI"]/~ke000067/test.php _ENV["SCRIPT_NAME"]/~ke000067/test.php _ENV["PATH_TRANSLATED"]/home/ke000067/public_html/test.php I'm really confused about paths. Now I think that it is not a good idea to learn on local server, beacause whenever one changes to a shared one, all seems to fail....
View Replies !
Find Highest Value
Im trying to find the highest value of a value in my database called LeagueWoodenSpoon. On the highest value, i want to set $image="spoon.gif" i tryed the following code, but it adds a spoon.gif to everything over 0 and not only the highest value can anyone point me in the right direction? the following code is inwith a loop which goes through every value in my database. $SpoonFlag = 0; if($row_SelectAllLeague['LeagueWoodenSpoon'] > $SpoonFlag){ $SpoonFlag = $row_SelectAllLeague['LeagueWoodenSpoon']; $image='spoon.gif'; }
View Replies !
Find A Value In An Array
I want to find the smallest value in my array and then write it on the screen wit echo. I thnik that i got the 'founding part' but the number does'nt been writet out on the screen. Code:
View Replies !
Find IP Address ?
When i try to run this code i get my loopback address. Though i am connected to internet and have an ip why do i get this ? <?php echo $_SERVER['REMOTE_ADDR']; ?>
View Replies !
Find All Folders
I've been looking around and I can't seem to find a function that will allow me to open a folder and read all the folders inside it.
View Replies !
How To Find Id In Database
i have a user system, and i am currently working on a update page for the user i have the whole system down its just that for it too work i have to put in the id in $sql and i can't set it as a variable because it doesn't get a number is there somekind of way that i can get id through a session? because thats the only way it would work
View Replies !
Eregi_replace To Find Id & Url?
I've got this little function I wrote which converts links in my custom-built CMS. By using the Id of the page to link to, I can easily make an internal link to my own website, such as: A link: <link=1>this is a link</link> My function: function convert_Links($content) { $pattern='(<link=)([0-9]{0,5})(>)'; $replacement='<a href="/index.php?id=2">'; $pattern2='</link>'; $replacement2='</a>'; $content=eregi_replace($pattern2, $replacement2,eregi_replace($pattern, $replacement, $content)); return $content; } which creates a nice link to: index.php?id=1 or whatever. However, I've recently changed to showing my urls using Mod-rewrite, so it would now show as: /products/product-number-5/1 (where the '1' on the end is the page Id) Is there any way to get this url using my function, rather than just the Id? To do this I'd need to extract the id, call another function to look up this page's url, then pass that back to the function.
View Replies !
How To Find A File?
I've tried using readdir, but readdir read the entire directory which I do not want. So is there any way I can read only files which satisfied my pattern?
View Replies !
Find A Decoder
what kind of code this is? %96 2?QU6P :Q R96W 2== QSPT:T65 3642SQ6 and if at all possible if youcould find a decoder for it to or know of a decoder?
View Replies !
Find URL In Code
I am working on a script and I need to find something from some code. E.g. This code is inputted: Quote<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/Zi_760pnGtg"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/Zi_760pnGtg" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object> I want to locate http://www.youtube.com/v/ then find all the characters after that. So in this case it would return Zi_760pnGtg.
View Replies !
Find String
Surely there's a function for this. But I can't find it. I need to search for a string. plenty of those of all flavors,and when I find it I need to capture the following x characters. Examples: search the string for 'user=' I don't know who the user will be but it's a 8 digit name/number that follows. I need to capture the info that follows. other examples.. module= name ( )
View Replies !
|
TRACKER
