php-general Digest 24 Nov 2006 08:22:45 -0000 Issue 4477
Topics (messages 245103 through 245112):
Re: Please hack my app
245103 by: LuKreme
Re: GD - Problem writing text
245104 by: zerof
Re: Ftp a file-->errors in rendered page, Ftp the file again-->works fine. Huh?
245105 by: Travis Doherty
Re: security question
245106 by: Rory Browne
Re: PHP and XML
245107 by: onewaylife
Serving out a file to Firefox ... headers?
245108 by: Brian Dunning
245111 by: Travis Doherty
Attaching File to be Emailed
245109 by: benc11.gmail.com
245110 by: Travis Doherty
245112 by: Frank Arensmeier
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On 22-Nov-2006, at 04:20, Ryan A wrote:
Hey there,
I dont mean to be a total pri*k about this, but unless you have
created something that you are willing to share with others and
others can use/modify for their requirements, and you grant them
this privilege...I think the norm is you pay someone to do what you
are asking.
He did say:
"I've been rewriting an GPL'ed PHP/MySQL app from scratch for the
last 12 months or so. It"
--
There is a tragic flaw in our precious Constitution, and I don’t know
what can be done to fix it. This is it: Only nut cases want to be
president.
--- End Message ---
--- Begin Message ---
Fredrik Thunberg escreveu:
Hi all
.....................................
I'm trying to generate a dynamic picture with some text on it. The code
works fine on one of my servers, but not on the other one.
The code I'm using:
...............................
The one things that differs between the servers is:
"FreeType Linkage with TTF library" is set on the faulty one. Can
this be the problem?
Cheers
/Fredrik Thunberg
[EMAIL PROTECTED]
I have some useful examples here:
http://www.educar.pro.br/abc/gdlib/ndex.php
( uti et abuti )
-----
zerof
--- End Message ---
--- Begin Message ---
Nicholas Crosby wrote:
>Hello:
>
>I would appreciate any help on this that someone might have. A student of
>mine found this issue. He ftp's a file to a server and looks at it through a
>browser, there are errors. He uploads the file again, it works fine. I am
>stumped. Any ideas? Here is the text of the file that he is uploading.
>Basically, if you add some more text to the bottom and upload it, the page
>will not generate the proper output.
>
>
The file is uploaded using an FTP client or it is uploaded using PHP's
FTP functions?
If I understand correctly, it sounds like the FTP client is having
troubles uploading the file. Try to minimize the script and see if you
can still reproduce:
<?php
echo "<html><body>Hello</body></html>";
?>
If you upload a script like that, does it get something simple done
correctly or does that also require a second upload?
Travis
--- End Message ---
--- Begin Message ---
Sorry didn't quite get that finished - hit send by accident ( and had
it go to one person, instead of to the list ).
------------------------------------------------------------------------------------------------
Few quick tips - not all strictly security related, but may affect security.
Develop with E_ALL. Good code can run under E_ALL without complaining.
On your development build, E_ALL errors should be echoed to the
screen, whilst in a production enviornment, they should be logged (
and checked regularly by ( or emailed to ) the administrator ).
Don't allow include files to execute if called. Everything in an
included file should either be an assignment ( to a static value - not
the return value of a function), or inside a function.
In an included file:
<?php
// ok
$variable = "Value";
// unsafe - attacker if he can execute your include files directly
// can cause the getValue() function to be run, outside your defined
// enviornment.
$variable = getValue();
function thisfunc(){
// ok - inside function
$variable = getValue();
}
?>
of course as well as this, your include files should be (a) outside
your web directory, and (b) protected by a "Deny to all" in your
Apache config file ( or similar equivlent for other webservers ) and
.htaccess.
These are all of course different layers of security. You work on the
assumption that an attacker can get through any one of them, but hope
that they can't get through them all.
These aren't hard and fast rules - they're just techniques that I use
myself. Just because someone else doesn't use these techniques,
doesn't mean that their techniques are any worse than mine.
Rory
On 11/23/06, Robert Cummings <[EMAIL PROTECTED]> wrote:
> On Wed, 2006-11-22 at 22:45 -0600, Larry Garfield wrote:
> > On Wednesday 22 November 2006 22:38, Robert Cummings wrote:
> >
> > > > maybe we should all refer to forum and google
> > >
> > > Teach a man to fish...
> >
> > And you lose your monopoly on fisheries.
>
> Yeah, but I got Park Place and Boardwalk!!! *nyah nyah* :B
>
> Cheers,
> Rob.
> --
> .------------------------------------------------------------.
> | InterJinn Application Framework - http://www.interjinn.com |
> :------------------------------------------------------------:
> | An application and templating framework for PHP. Boasting |
> | a powerful, scalable system for accessing system services |
> | such as forms, properties, sessions, and caches. InterJinn |
> | also provides an extremely flexible architecture for |
> | creating re-usable components quickly and easily. |
> `------------------------------------------------------------'
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hello Edward
Just i don't now where to start.
Edward Kay wrote:
>
> Hello,
>
> You say that you are "unable to store the files in XML". Why is this? Are
> you getting an error message or do you just not know where to start?
>
> Edward
>
>> Dear All
>>
>> I am novice in PHP & XML, while trying I am creating a small application
>> i.e. Address Book.
>> In this I am using Apache2, PHP5 and XML no database is used. I have FC5
>> machines. but I am unable to store the files in XML. If any one
>> share their
>> experience in this by providing Examples or tutorials etc...
>> So far I have found tutorial related to porting the information
>> of data from
>> MySQL to XML and then php with help of DOM.
>>
>> Thanks
>> onewaylife
>> --
>> View this message in context:
>> http://www.nabble.com/PHP-and-XML-tf2692397.html#a7507917
>> Sent from the PHP - General mailing list archive at Nabble.com.
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
--
View this message in context:
http://www.nabble.com/PHP-and-XML-tf2692397.html#a7517770
Sent from the PHP - General mailing list archive at Nabble.com.
--- End Message ---
--- Begin Message ---
Sorry to revisit this issue YET ONE MORE TIME... :) :)
My online store sends out the file for download upon purchase. Below
are the headers I send, and I understood that it should work for all
browsers. It does not work for Firefox. Suggestions?
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.$filename);
$size = filesize('../../store/files/'.$filename);
header('Content-Length: '.$size);
readfile('../../store/files/'.$filename);
--- End Message ---
--- Begin Message ---
Brian Dunning wrote:
> Sorry to revisit this issue YET ONE MORE TIME... :) :)
>
> My online store sends out the file for download upon purchase. Below
> are the headers I send, and I understood that it should work for all
> browsers. It does not work for Firefox. Suggestions?
>
> header('Content-Type: application/octet-stream');
> header('Content-Disposition: attachment; filename='.$filename);
> $size = filesize('../../store/files/'.$filename);
> header('Content-Length: '.$size);
> readfile('../../store/files/'.$filename);
>
Pretty sure Richard already squared this one away, I think this is the
article you are looking for:
http://richardlynch.blogspot.com/
Travis
--- End Message ---
--- Begin Message ---
I need to take a word document or pdf file from either a MySQL db or from a
directory, which will then be sent via php script. How can I go about doing
this? Can anyone provide sample code or point me in the right direction.
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] wrote:
> I need to take a word document or pdf file from either a MySQL db or
> from a
> directory, which will then be sent via php script. How can I go about
> doing
> this? Can anyone provide sample code or point me in the right direction.
>
Brian Dunning started a thread about nine minutes before you on sending
a file to the browser. "Serving out a file to Firefox ... headers?"
That's pretty much all you need to do to read from a file (adding in
whatever fixes the problem he is experiencing with FireFox of course.)
If you wanted to store the data in a MySQL database it would be the same
procedure, except you would query the database (BLOB column type) and
echo that data instead of using readfile() to get your data.
Travis
--- End Message ---
--- Begin Message ---
I think the OP was about how to send e-mail attachments - not a
question about send a file to the client browser...
1) Read the manual about the function "mail" (especially the user notes)
http://se2.php.net/manual/en/ref.mail.php
2) Google for e.g. "php mail attachment"
Come back to this list when you have further questions.
/frank
24 nov 2006 kl. 06.30 skrev Travis Doherty:
[EMAIL PROTECTED] wrote:
I need to take a word document or pdf file from either a MySQL db or
from a
directory, which will then be sent via php script. How can I go
about
doing
this? Can anyone provide sample code or point me in the right
direction.
Brian Dunning started a thread about nine minutes before you on
sending
a file to the browser. "Serving out a file to Firefox ... headers?"
That's pretty much all you need to do to read from a file (adding in
whatever fixes the problem he is experiencing with FireFox of course.)
If you wanted to store the data in a MySQL database it would be the
same
procedure, except you would query the database (BLOB column type) and
echo that data instead of using readfile() to get your data.
Travis
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
