| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Comments:
<0> i have nothing to discuss, it's 1 AM and i'm tired as hell
<1> http://pastebin.ca/42584
<2> b1n0ry: Read my mind, and write the code. I'll expect it in 48 hours.
<0> as tired as i am, you don't want to run anything i would write
<3> Attention
<3> For the record
<3> I would like everyone to know...
<3> "God of War" kicks royal ***
<2> Pollita no spoilers please
<3> of course not
<2> b1n0ry that's why you have 48 hours
<3> I *will* say it's a thing of beauty
<3> And extremely well written
<3> Every piece the cl***ic greek tragedy
<2> **** it stinks in here... stain is just too string
<2> strong
<2> not like I stained a dresser or anything either.
<3> That's why you do that **** in the garage
<2> Pollita Fine, get me a garage
<3> I thought you had some big house
<2> Pollita Sheeeeeeeeeeeeeeet, apt
<3> hrmmm wonder where I got that idea then
<2> I wish
<2> Hell, I want an abandoned warehouse or factory
<3> amen
<4> I'm trying to attack my site with sql injection...the user input is not sanitized at all: $query = "INSERT INTO addlinks (sitetitle,siteurl,sitecomment) VALUES ('$_POST[sitetitle]','$_POST[siteurl]','$_POST[sitecomment]')";
<4>
<2> 20,000 sq ft, two story or a mezzine
<3> Wanna go in on one together and split it down the middle?
<4> How do I go about doing it ^^^^^^^^^^^^^^^^^^^^^^^
<2> Pollita sure, location?
<3> Oh I don't know of any....
<3> pilgrim: I've got a better idea. Just fix your code and don't bother trying to attack your own site.
<2> I've seen some on the east bay, but....
<3> Because....after all... I COMPLETELY believe it's your own site you're attacking.
<5> How do I check what url the person just came from?
<3> $_SERVER['HTTP_REFERRER']
<2> !+gv
<6> Global Variables - this will show you everything that php sees: <pre><?php print_r($GLOBALS); ?><hr size=5 noshade><?php var_dump($GLOBALS); ?></pre>
<3> But it relies on the client actually sending it which it *may* choose not to
<4> Pollita, just add_slashes?!
<7> get_defined_vars() might help as well
<2> Pollita Solid concrete on the 1st floor, and 12' tall windows on the 2nd floor
<2> Pollita 16' rollup freight doors to the indoor parking area
<2> Pollita an on-demand flat escalator
<8> what function can i use for getting a list of files in a directory?
<3> caleb: scandir(), glob(), or opendir()/readdir()
<9> or use a platform dependent system call
<5> http://pastebin.co.uk/419
<5> http://tainted-designs.com/script.php
<5> Its blank.
<5> It doesnt show the uri
<10> why are there () around the thing
<10> around $_SERVER['HTTP_REFERER']
<5> Thought it has to be like that.
<5> Guess now.
<5> Guess not.
<5> It still shows up blank.
<10> i've never done it like that
<10> oh, btw
<10> it only works if you click a link
<11> I'm trying to compile php w/ fast cgi support: ./configure --prefix=/usr --sysconfdir=/etc --localstatedi=/var --enable-fastcgi --with-apxs2 --enable-mysql --with-mysql --enable-track-vars --enable-force-cgi-redirect --with-gettext --- however the sapi/cli/php -v doesnt say it's compiled for fastcgi
<9> root404: what is the value of the referrer? does it makes sense to the file_exists?
<11> any ideaas?
<2> root404: referer isn't guarnteed
<3> snappy: Yeah, cli != cgi
<5> Jymmm: Whats a better way?
<3> sapi/cgi/php -v
<2> root404 there isn't
<11> ahh
<10> root404, ask real nicely :D
<11> yeah sapi/cgi/php wasnt made for some reason
<10> root404, what are you really trying to do
<3> Because you're already making mod_php
<3> You can't build two non-cli SAPIs at once
<3> ((yes, I know it's lame))
<11> ah k
<5> I want to see if http://domain.com/tests/somethinghere has a file named somethinghere.html in it.
<9> basically you're checking if the referrer is valid?
<10> but if it's not valid, then why would you spoof it
<5> No... I want to know so that if it doesnt exist I would create and then allow someone to enter in whats in it.
<9> and that if you're domainA.com you want to check if the referrer that points to domainB.com is valid?
<10> but if it's the referrer, then it HAS to exist
<9> no
<10> otherwise it wouldn't have referred to the thing
<9> referrers can be faked or killed
<10> well yes
<10> i know
<5> http://domain.com/tests/sldkhgrl <--anything there goes to script.php
<2> root404: What did I just say?
<12> god im bored
<2> root404: <2> root404: referer isn't guarnteed
<2> root404 AND.... IF you just want to check if something does NOT exist on your onw domain, follow your nick.
<13> can someone please explain to me... does php "come with" an smtp server
<13> i mean, for me to use the mail function, do i need to have an smtp server running
<2> Octane: No, php doesn't not come with a mta
<13> so i need an smtp server, okay
<13> can someone make a recommendation for something really small simple and freeware for windows?
<10> mail() worked for me out of the box
<10> but i'm on osx
<13> mybadluck in win32?
<13> ah
<13> i could have sworn it used to work for me too on win32
<10> win is weirdiculous
<10> so i dunno
<14> Octane: you can set your ISP's smtp relay in php.ini
<15> mail() works out of the box, if you have sendmail. No sendmail, and mail() isn't compiled in on *nix... onwindows, you have to set it up in the php.ini.
<13> oh **** good idea
<16> hiii =D
<10> hiiii
<16> I have questiooonn =) you all in good mood to receive them?
<15> !tell redkommie_ about ask
<10> haha
<17> how can I print the contents of a php file from inside another php file without the php being executed?
<2> redkommie_ Hey, do you know what's worse than a nazi channel op?
<16> Jymmm: kommie channel op!
<15> peqe: You can use file_get_contents() or fopen() fread() ...
<18> redkommie_ No , an ***hole with ops
<16> loll
<17> biggie: thanks!
<13> biggie: so mail() should work on win32 w/ no smtp server, right
<16> lol Jymmm
<15> Octane: No, it requires a smtp server... you just don't have to have a smtp server installed on Windows.
<13> biggie is there a way to specify a username and pw?
<15> Octane: Not sure, have you taken a look at your ini file yet?
<13> biggie yes, and php help, and google
<13> i have not found anything about specifying a username and pw
<13> only an ip address and port
<15> Octane: Not sure then... I haven't had to do it myself.
<10> maybe something like username:p***@ip ?
<16> k k
<2> username:p***@ip will *NOT* work under IE
<16> I am trying to filter a submitted HTML form using InputFilter and $_POST here is the filter i have done http://pastebin.ca/42593 problem is not sure where to place it...
<10> but it's for mail
<10> i think?
<10> i'm just throwin something out there
<2> M$ disabled the user:pw@ip due to to : http://www.paypal.com/secure/login/@evilbadguy.com
<2> M$ disabled the user:pw@ip due to to : http://www.paypal.com/secure/login/@evilbadguy.com/you/are/****ed/now/
<10> hm
<10> i'm conflicted, it disables something very useful
<10> but keeps people from doing dumb things
<13> Jymmm he was talking about in the in
<2> The damage casued sorta outweights the benefits
<10> well as long as it still works in general
<19> Jymmm: Is that what someone tried or...?
<10> had to use it with a script the other day
<1> i need help uploading files where i have all the file names in array's like <input type="file" name="photo[]" />
<19> AfroTurf: You mean... an array contains the file names... or...?
<1> capso: no i'm uploading the files through a form, and all the file names get stored in array, but i get this error: Array to string conversion
<1> i can get the filenames to insert into my db, but not upload :(
Return to
#php
or
Go to some related
logs:
sp_changeowner
boinc chost unknown
#php
kde4-devel logs
#perl
#bash
#fedora
freevo mplayer.2
XMFFMPEG rpm
#fluxbox
|
|