| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
Comments:
<0> thats a good idea too
<1> IceBreak: Haha. I'm thinking, geez. :P
<0> letting the php script run and reading the output isn't a bad idea
<0> unless the code needs to be included to work
<1> Hmm, I'll try that.
<2> i'm fighthing with some dark corner in php sessions and it's not working
<3> is it evil to use GET instead of POST?
<2> no..
<3> k
<2> it depends on what you need, and why
<3> i suppose
<3> i thought it was for some reason i guess
<2> data can be sniffed anyhow
<3> ahh
<2> i'm very close to write my own library to send secure 1024-bit information from a form to a server without using https
<2> (a javascript to php lib)
<3> hrm
<4> they both can be evil. Don't trust post more then you trust get
<3> interesting... well let me know if you finish it
<2> when i'll have time to work on it, it will be in summer
<2> should have taken that CS protection course i guess
<2> welp, next semseter, i'll be taking it
<3> danf_1979, hmm, good point... i ran into a fix for a client... they had an order ID being p***ed via the query string... and you could get other people's order info
<5> IceBreak: Sane people would use AES/blowfish or something similar...
<3> not their CC or anything
<2> Stormchaser: lucky for them, they are sane
<3> the funny thing was: it was being double tracked in the session and in the query string
<0> order id p***ed via get? thats no good
<3> Monkey_b, hehe yeah that's what i thought
<0> but post is just as bad if the script doesnt validate whoever's requesting the data
<2> Stormchaser: know meebo ?
<5> no
<2> Stormchaser: are there any libs for php/js which use aes/blowfish for secure http transactions?
<5> why do you even use JS for "secure transactions"?
<4> JS security? that's a contradiction
<5> lol! Yup :)
<2> Stormchaser: check meebo.com
<6> I'm making a system and can't decide. If i'm going to use ajax as a base or just php with small function with ajax
<2> they dont use https, yet they transfer all your IM p***wds via plaintext
<2> so they do JS client-side 1024-bit rsa key for sending the info back to the server
<2> thats pretty cool idea
<5> no, that's DUMB!
<2> why?
<2> you cut all the https overhead
<7> how strong am i if i can make a football explode with a single hand? :S
<7> an american football that is
<2> Fushuing: i can do it as well
<7> you know, the sport where international means USA
<2> i use one hand to hold the gun and press the trigger
<5> IceBreak: the https overhead is neglectable.
<2> Stormchaser: and if you cant afford the price of getting an https server, and the certificate
<7> IceBreak: I mean muscle power
<5> IceBreak: You're talking like it costs $27.3 million
<4> https is free
<0> yea, a certificate is $50
<2> it costs more than maybe you dont need it, if you just need something like that
<2> if you just need to p*** something short one - way encrypted, they have a good solution
<2> even today when you login to gmail/yahoomail/whatever service, you send in plaintext the paswords allot of time over regular http
<5> lilo: Having fun with tor? :)
<2> why shouldnt they all move to use this type of solution?
<7> AAAH!
<4> Some days ago I was discussing security stuff in #php-es. There was a guy who did security validations in JS and not PHP...
<7> since when are beer cans charged with electricity?!
<5> IceBreak: Actually for gmail youu're logging via https...
<2> depends, not all the time
<2> and anyhow, i'm talking in general to all services
<7> google - do no evil
<5> ALL the time
<7> i mean, gmail's certification didn't even expire :)
<2> you sure are picky, instead of answering
<2> atleast gmail never forgot to re-register the domainname like hotmail did :)
<5> IceBreak: You should be as well on giving bad examples.
<7> :D
<0> hotmail forgot to renew their domain lease? haha
<2> i dont think its bad, but whatever
<7> google got a anti-websquatting thingy with the gov
<2> i think it's a good solution to have avilable if needed
<2> Monkey_b: twice in the past 5 years
<0> wow
<0> i hope they renewed for 10 years this time
<2> someone took it, and sold it to them
<4> Lol
<8> ahh my niece gets out tomorrow
<6> lol
<2> welp night
<5> piera: From prison?
<2> this "remember me" crap wont work
<7> man, could someone help me with this medical problem? -_-
<2> and i cant figure out what this damn php session problem is
<8> Stormchaser: pfft that poor little baby has had problems since she was born
<5> piera: :(
<7> everytime i drink a beer, i get a pole!
<5> piera: Howold is she?
<8> Stormchaser: she's 4 days old
<5> oh
<8> she's a munchkin
<5> :)
<2> i've had problems till i was 16
<8> www.piera.ca/emma
<7> IceBreak: with?
<5> I still have them... With my sanity >:)
<2> then again, i still have problems till today, like with php sessions :)
<2> Fushuing: does it really matter?
<2> anybody here ever implmented a "remember me" feature with php sessions?
<5> piera: <3 :) I want one of those, too :)
<3> IceBreak, don't you need cookies for that?
<7> pfff, we need to keep some people mentally trained
<8> Stormchaser: ain't she adorable
<5> piera: I dig kids :)
<2> r0xoR: yeah, i'm mixing cookie + session
<5> IceBreak: With a blender?
<8> Stormchaser: i look forward to having my own too
<0> awww <3
<5> piera: What's the final verdict? Will you be able to have them or not?
<2> Stormchaser: yea
<2> Stormchaser: you dig kids ?!?!?!?
<8> Stormchaser: dunno yet till i start to try.. there's always a small percentage
<8> i might have to go fertility way but thats a few yrs from now hehehe
<5> piera: Then why the heck are you waiting for? :)
<8> Stormchaser: not married = before wedlock = sicilian family you do the math heheh
<5> piera: 6 feet under and such? :)
<8> Stormchaser: pretty much heheh
<5> piera: Ouch :)
<6> i wonder if someone can help me with a problem i have. I'm making a school system. And can't decide if i'm going to use php like any other site. Or ajax as a base and php in the background.
<6> And why it is a school system it most be safe
<2> welp it's your decision
<2> ajax is more code, and more problems usually
<9> hi!
<6> ok
<0> yea stay away fro majax if you can
<2> thats not the answer, i use ajax in some places, and it works gr8, its just more work
<6> that why i ask others. For positive and negativ responses
<9> this isnt a job post: Im looking for beta testers with partial php / mysql knoledge enough to understand the errors, for a new project im starting. If you are intersted please visit orbno.com and contact us, pm me, or visit #orbno thank you!
<0> i dont see a benefit to ajax unless you specifically want to avoid reloading pages
<6> thats true and the public can se more in the source code
<5> 'gr8'? What the hell is that?
<9> Stormchaser, great
<0> gr8 = great
<0> hehehe
<5> !+aolbonics
<10> AOLBonics is talking using numbers, all caps or using single letters for you, are, you are, you're, etc. Examples are: Hey evry1; howz it goin?; how r u; oic; ur teh ****z. Talking like this is frowned upon in ##PHP, and will result in you being silenced. This rule is not open to debate, arguing about it won't help.
<0> i dont use aolbonics... it's the 'u' that sometiems gets me
<2> rofl
<2> i was looking for who said gr8, and didnt see it was me
<9> lol
<6> But isn't that what everyone want. Not to reload a page?
<2> funny **** happening at 4 in the morning
<2> splitin: no... everybody wants to make millions of dollar
<6> haha
<2> doesnt mean that everybody gets it
Return to
#php
or
Go to some related
logs:
Shoutcast Server I.Ps
#oe
#lisp
iceman2oo0
submerin cable
ubuntu + install ntfsfix
sound thinkpad 600 xubuntu
#perl
ubuntu cups Print file was not accepted client-error-bad-request
#web
|
|