| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
Comments:
<0> after i read it..
<1> Wolf: No, that didn't work
<2> Jorsha: Because you have register_globals=On in your php.ini
<3> lol! base_64 is encryption
<4> encryption are two way, hash is one way - that's the main difference?
<0> encode
<4> Wolfpaws yeah, i was doubt about that
<0> base_64 is encode
<5> base_64_decode IS decode
<1> That didn't work. What should I try next?
<4> is there encryption functions in php?
<1> SHirley the syntax is valid
<0> piff it should work..
<3> Encryptions and decriptions have a key. base_64 doesn''t have that
<2> piff, $_GET['myname'] didn't work?
<1> My mistake
<1> Forgot to change myname to the proper variable name
<1> Thank you very much all.
<4> Wolfpaws what a key?
<4> Wolfpaws are there encrypters in php?
<4> i will google it out
<1> Guys: Is there a way of setting a variable in memory which can be access later from any page?
<6> CakerLatvia: php.net/mcrypt
<6> piff: php.net/apc
<4> mcrypt
<4> ok
<4> thanx
<7> piff: session handling
<3> CakerLatvia: php.net/mcrypt
<2> piff: you should maybe read up on this: http://us2.php.net/session
<1> Thanks guys :)
<6> sessions are per-user, if you want it from any page from any user then you want something like apc
<8> piff there's also shared memory, but don't use that unless you really know what your doing, it's a mess
<1> I think using sessions is the answer
<1> Dont want to resort to cookies
<8> sessions use cookies
<9> \o/ finished
<9> Now I get to sleep at 10:34am
<10> so anyone can help he how to enable mysql support with php5?
<8> sessions use only one cookies tho, rather than using 5 cookies to store 5 variables
<1> oh
<1> Have to think about the best approach
<8> it just has one cookie with a sessionid
<11> Has anyone any experience in using apache multiviews with php? I try to hide my php extensions with 1) A mod_rewrite rule that returns a 404 for each *.php request, 2) using multiviews so that "foo" is recognized as "foo.php". But for some reason the multiviews rewrites "foo" to "foo.php" which results in a 404 because of 1). Any ideas?
<8> and the vars are stored on the server
<1> ya
<8> sessions would be the best
<8> don't be shy to use a cookie
<1> I just don't like them
<8> why?
<8> i hate sites that over do cookie usage
<1> Because so many sites use them maliciously or when they're not necessary
<8> but one cookie being set doesn't bother me
<1> precisely
<1> I've disabled cookies myself
<1> I only allow them from 5 sites
<1> I dont want to bother the user to allow cookies
<1> Anyway, can I delete a cookie?
<8> yeah
<1> cool
<8> session cookies are deleted when the browser is closed
<8> by default
<1> ok
<1> Thanks all.
<1> ttyl
<3> 16:35:27 < cythrawll> sessions use cookies >-- That's not true at all...
<8> well, you could use GET
<8> but i wouldn't recommend that, even under torture
<12> doesn't anyone know why I might be getting "Warning: fopen(acura.txt): failed to open stream: Success in /home/infoblog/public_html/links-list/text-links.php on line 25" I've set all the permissions to 777 for the directory. The file doesn't exist but fopen should create it if it isn't there right?
<8> and to answer your question about $_REQUEST, it goes against HTTP specification, and poses similar threats as register_globals
<3> Yes, but "sessions use cookies" is a false statement. They rely on client-provided session ID.
<13> hello how can i include an html page into another ?(they are on two different servers)??
<12> nevermind syntax error +w rather then w+
<14> when you change umask to 0777 what would cause an exec to fail?
<8> i wouldn't say false statement, just inaccurate
<3> cythrawll: That statement is wrong as well... $_REQUEST is a merge of POST, GET and COOKIE variables... And that is okay, if you can filter those properly. And for the security behind register_globals: What's wrong with it?
<3> inaccurate = false
<8> still against http specifications
<3> cythrawll: meaning...?
<13> hello how can i include an html page into another ?(they are on two different servers)??
<3> buzzy: readfile() or file_get_contents()
<14> that's usually a bad idea unless you have permission
<3> including HTML pages is okay...
<8> it goes against RFC2616
<8> im looking for the exact source right now...
<14> well in any case i'm having trouble getting convert to execute on the server
<3> cythrawll: And what the hell does that mean? Just answer my question. It works on PHP-level.
<14> i upload an image, change the umask to 0777, move the image, chmod it to 0777, then attempt to exec convert (imagemagick) and it doesn't convert
<8> WolfPaws, "it works" doesn't mean it's best practice
<8> i mean if you don't know where your variables are coming from, that scares me
<15> is it ok to use virtual() for including html files
<8> I've been told a hundred times, in a hundred different places not to use it
<8> !tell Wolfpaws about go
<3> cythrawll: You shouldn't code if you don't know what you are doing... IF you make the $_REQUEST unsafe to use, then don't use it.
<8> how many people that come in here no what their doing?
<8> s/no/know
<3> too many.
<16> Mer`Zikain: are you using full paths on everything?
<15> "if you don't know here your variables come from" ? html files <> variables .. parsing not getting that..
<8> lol
<14> ||cw: for the images, no i'm using relative paths to the file being executed
<8> jrots?
<16> Mer`Zikain: try full paths
<3> cythrawll: My point is: If you can't make user input safe, then don't use it... register_globals isn't "safe" or "unsafe". IF you can't make it safe, then don't use it. I had never, *ever* problems with it.
<8> would you recommend it though? to alot of the people that are learning php and don't know how to initialize and validate everything?
<17> Wolfpaws: Register globals can be made safe, but isn't it better to be safer by default (in case someone somewhere lacks caffine and forgets to init a varible before calling on it?
<8> everything can be used properly, Wolfpaws but it's not "best practices"
<3> cythrawll: If I'd recommend it? That depends on situation and experience.
<17> besides, that lets them set random garbage varibles in your script, which I don't see as good regardless of how good your coding practices are
<3> Nathe: That is granted.
<8> you can have a entire network somewhat safe, if you know what your doing, without a central firewall
<14> full path isn't working either
<8> but is that best practice? hell no
<14> exec returns 1 and 127 (result and return var)
<16> cythrawll: the main reason that is it not recomended is that it is not enabled by defualt and so is not portable. same thing with short open tags and calltime p*** by refernce. as well as all 3 of these are likely to be depreciated and removed in the future php's
<8> ||cw, all im saying is it's not recommended, and i disrecommended it
<8> i don't see what i did wrong...
<16> cythrawll: other than wake up this morning? :D
<8> yeah, everyone is out of the office this morning so i had to get up and man the castle
<8> and get my daily flaming from wolfpaws
<18> hi...
<8> hi...
<19> hi. Is PHP 5.0.4 "stable"?
<14> ||cw: any other ideas on what could be causing the exec to fail?
<14> i was hoping the umask change to 0777 would help but apparently not
<20> mm2000: as stable as you can get
<17> anyone that can do a quick review of coding practices for me?
<17> (I know it's a stupid question, but I want to see if I'm making any stupid n00b mistakes)
<21> heh. fresh meat!
<8> rule #1: get it to work, and if it's publicly used, make sure it's secure
<8> thats all you need to know
<22> small question here: is there any way to parse php code only upon the execution of a javascript function? (for as I've seen now, it get parsed anyways, either if the function loads or not)
<14> if i'm understanding you right, then the answer is no
<23> strav then you'd have to reload the .php page
<14> php=serverside, javascript=clientside
<23> yup
<24> Ok after I do imagecreatefromjpeg( ) and then resample that. I want to save the image not display the image. Would anyone be able to tell me exactly where that resampled image goes, location wise so I could save it.
<14> it doesn't go anywhere but in the memory until you write it out
<14> or destroy it
<8> strav, you can do something with ajax, but that may seem a long way off in learning if you confuse server and client side.
<14> imagejpeg(resource id,file name,quality)
<24> Mer`Zikain, and that will actually write the image?
<8> TheNinthCut, yes
<14> yeah, sorry, phone call
<8> don't worry Mer, I gots ya back
<8> php
<14> heh
Return to
#php
or
Go to some related
logs:
#linux
openbox3 fluxbox comparison
#suse
#ubuntu
ubuntu add nm-manager panel
#gentoo
#web
#php
#kde
bri3d
|
|