| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Comments:
<0> Vyker: Did you try it?
<1> CWhiz, yes, it adds it to the bottom of the file.
<0> Vyker: Oh, not the end -10?
<1> CWhiz, i just want to to add it before </answers> which is 10 characteors.
<1> CWhiz, yes thats correct, end -10
<1> CWhiz as it stands it is adding it, after </answers>
<0> Vyker: Ahh, found it. $filename in fseek should be $handle.
<2> would someone be kind enough to link me the cgi hack to run php4 and php5 at the same time ?
<1> CWhiz, ahh ok, let me try it.
<3> lepine: Just run one as CGI, the other as a module.
<2> yes, i know ... but i don't know that much about apache ...
<3> The manual has installation instructions for both module and CGI methods.
<2> i'm looking for the httpd.conf stuff to have one as ...
<2> oh
<1> CWhiz, :( no luck, same problem.
<2> checking
<4> how do you get the first key in an array?
<1> CWhiz, its as if its ignoring the fseek function completlty!
<0> Vyker: Check that the return code is 0.
<5> myconid: key(current) should do it()
<5> erf.
<1> CWhiz, im not sure i know how to do that.
<5> key(current($arr));
<0> Vyker $foo = fseek($bar)
<0> echo $foo;
<1> CWhiz, oh right ok, ill try it now.
<6> If anyone could just point me inthe right direction for the following problem, a way to login to a page automatically
<1> CWhiz, yes it returned 0 .
<0> Vyker: Interesting. There's some discussion in the fseek() manual page that a+ is the wrong mode to use. Try r+.
<7> doncestnik: Store the login in a cookie once they've logged in with a userid and p***word, and next time look for that cookie, if it's there, automatically log them in with that information.
<1> CWhiz, i read that too, and did try it, but i think i had tried when i wasent sing $handle, ill give it a go now. thanks.
<4> dj_segfault: thats a horribly bad way to do it
<7> myconid: Explain why, given that automatic login automatically implies "poor or no security"
<4> storing the username in a cookie..
<4> and just ***uming the presense of a username in a cookie = log them in
<6> my problem is that it is for a site that isnt mine, possible to simply copy and paste cookie info to my script
<4> what stops me from setting my name to administrator
<4> or whatnot
<7> myconid: username and p***word, not just username.
<8> you don't store the uname/pwd in a cookie, you store a key
<7> the only secure way to do automatic login is over SSL
<8> which you test against the database
<4> dj_segfault: thats a horrible way to do it.
<4> dj_segfault: Log the user in, and give them a token
<4> and check against that token
<6> ive looked at the cookies set by the page and they look like a random key
<1> CWhiz, interesting, it has sort of worked, it has gone back 9 charaters, but over written the 9chars it should have pushed to the end, i.e its has written over it.
<7> myconid: What is the functional difference? If someone can snoop the userid and p***owrd, they can snoop the token.
<9> bind the token to an ip
<0> Vyker: That doesn't surprise me. I think you're going to have to shift those bytes to the right to clear the space for your text.
<9> or just use the browsers p***word manager functionality for them to login?
<0> Vyker: You really should be using DOM to update XML files, anyway. I presume that's what you're doing.
<7> syf: <Rocky> that trick <b>never</b> works </rocky>. Dynamic IP's, NAT make that useless.
<4> not to mention AOL users :P
<10> You can pad the token with a nonce.
<4> or TOR users
<1> CWhiz, there is a difficulty in using DOM as the content im adding to it is dynamic, but i will give it another look into, thanks for all your help.
<7> myconid: I'm waiting for you to stop telling me my idea is horrible and explain why, let alone how you would do it.
<10> Vyker: That's precisely what you use DOM for, silly :)
<11> I hate doing project scopes FFS
<9> if i can have a static ip in this ****hole, so should everyone else be capable of having one
<10> Baricom: Good luck.
<10> Why am I wishing myself good luck?
<10> Vyker: Good luck.
<10> CWhiz: Go away.
<12> Baricom, thats pretty messed up :p
<7> syf: Yes, I'm sure the sysadmin at my company will issue all 100 employees real addressable IP addresses so they can access your website, and get rid of the 10. subnet.
<9> so that's a 100 employees who can snoop your token as opposed to the whole world
<4> thats a HORRID way to do logins
<4> you people.. stop reinventing the wheel
<4> look @ seesions
<0> Sessions are world-readable on many web servers.
<9> sessions get destroyed
<4> store your sessions in a database
<7> myconid: How do sessions help with automatic logins?
<6> alright once i figure out the session names i can just send login info through them to login validate page
<7> Youre' going to make indefinite timeout sessions? That's a lot of sessions!
<4> dj_segfault: you store the username in the session..
<4> Sessions timeout naturally.
<9> speaking of reinventing the wheel, most browsers can login for you.
<4> syf: none can, actually.
<7> OK, now how is it any harder for someone to sniff that session cookie than the userid/p***word cookies? You're still not answering my questions.
<4> dj_segfault: because php validates the session internally.
<13> myconid: No it doesn't.
<4> google session security
<7> myconid: How does it validate it?
<9> myconid, sure they can, i hit ctrl-enter in opera and it logs in for me
<5> ...
<1> CWhiz, heh, the nick change confused me there, quick question, can i use the DOM to append to a file? or is it used to just change the active page? [im not sure if that question made sense, but what im after is for isntance formaction.php to write using dom to answers.xml]
<4> http://www.devshed.com/c/a/PHP/Creating-a-Secure-PHP-Login-Script/ <- read
<5> syf: Opera remembers form's input username and p***word...
<3> If you want it to. Most browsers do these days.
<4> no browser automatically logs you in
<13> Vyker: To append to a file using the DOM, you have to read in the file, create the DOM tree, append the nodes, then serialize the DOM tree as an XML file.
<0> myconid: An IP check blocks all of AOL and many other people.
<7> You can't count on IP address consistency. Period. DHCP and NAT break it for too many users.
<1> TML, i see, and that would be the preferred option to fwrite() ?
<4> DHCP and NAT promote IP consistency.. bad example.
<13> Vyker: Depends on what you want.
<9> leasetimes*cough*
<13> Not to mention rotating anonymous proxies
<1> TML i just want to add text to the end of a file -10 characters, which in DOM terms would be nest some tags in root tag, where the close root tag is 10 characters in length.
<13> Vyker: fastest/easiest would be to fopen(), fseek() backwards to your insertion point, insert data, and re-insert the close root tag
<13> Vyker: However, that won't ***ure that your data is well-formed at the end.
<0> Why didn't I think of that? Re-insert the close tag. Duh, CWhiz.
<1> TML, i had gotten almost as far as what you mention, with the help of CWhiz, but as i fseek back, it simply overwrites the 10chars as opposed adding to it.
<13> Vyker: Right. Then you re-insert the close root tag
<13> Vyker: Because it's going to overwrite whatever's there
<1> TML and CWhiz, but here is my problem, i will be adding more then one set of text, so i will end up with more then one close root tag.
<13> You can't "append" to the middle of a file
<1> TML, OH i see!!
<1> append back 10, then add it agina, then when i add again, append back 10 again to delete teh tag! genius!
<0> I really am sick. Maybe I should take a nap.
<13> Vyker: again, I'll warn you that this will allow you to create non-well-formed documents.
<1> thank you for all your help CWhiz, get well soon.
<1> TML, as long as i form it well in the php, im sure i should be ok ?
<13> If that matters to you, you'd probably be well-advised to at least look at a DOM style solution.
<13> Vyker: As long as your code is bug-free, yes. :)
<1> TML, thus far it is, i hope it stays that way :)
<1> TML, thank you for your help!
<13> Vyker: You might want to consider at least reading and storing the first tag of the document, seeking to the end, backing up, printing your stuff, then printing a modified version of the previously read root tag.
<13> That way, at least you can be confident it does the right thing should, heaven forbid, tagnames change.
<1> TML, i see, in which case, will work on both techniques. if i can get a DOM solution to work as well as i hope this fwrite() does, then i will scrap the fwrite() solution.
<13> Vyker: I'm simply pointing out that 'prototypes' have a bad habit of becoming production code. :)
<14> Greetings...
<14> I've got a question.
<14> ... how do I 'rewind' a query result?
<14> I want to do two separate p***es through the same mysql query result.
<13> FenixRF: You can't rewind a result
<13> FenixRF: while($row = mysql_fetch_array($query)) { $result[] = $row; }
<13> You now have an array in PHP that accurately represents the result set
<15> !tell FenixRF about func mysql_data_seek
<15> You can move the internal pointer.
<14> FlamingCows, mysql_data_seek($mysql->QueryResult, 0); ... will that take the internal pointer back to the start?
<15> I think.
<14> I'll try
<15> Read the manual page to be sure.
<14> works like a charm
<14> oh, how do you release a result?
<14> (for cleanup)
<15> !tell FenixRF about func mysql_free_result
<14> ty
<14> :)
<14> php-bot, bot snack
<16> I'm getting some odd behavior while using OOP in PHP4.
<16> This: $this->$itsCfg === $this->$mas
<13> Erha: $this->foo, *NOT* $this->$foo
<16> Ah =)
<16> What a day to feel stupid. ;-)
Return to
#php
or
Go to some related
logs:
smntp errors
mysql_create_system_tables
#math
how to install lex yacc
#sdl
#php
noconsole
namp for ubuntu
repotec 1708K voltage
windows pendrive-on
|
|