php-general Digest 9 Aug 2010 09:32:00 -0000 Issue 6886
php-general Digest 9 Aug 2010 09:32:00 - Issue 6886 Topics (messages 307370 through 307370): Re: Google spreadsheet curl 307370 by: Ashley Sheridan Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- On Sun, 2010-08-08 at 22:57 +0900, ioan...@btinternet.com wrote: Using this code I get error message: The spreadsheet at this URL could not be found. Make sure that you have the right URL and that the owner of the spreadsheet hasn't deleted it. I have set up a test spreadsheet and it exists. Any ideas on why this might be? ?php $key=[key from google spreadsheet URL; $url = [well known protocol][colon][[forwardslash]forwardslash]spreadsheets.google.com/feeds/cells/$key/1/public/values; $ch = curl_init(); // set URL and other appropriate options curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // grab URL and pass it to the browser $google_sheet = curl_exec($ch); print(brgoogle_sheet: $url); print($google_sheet); etc ? Please do not hijack a thread. When posting a question, create a new email rather than hit reply, otherwise your message gets grouped with the question you replied to. Thanks, Ash http://www.ashleysheridan.co.uk ---End Message---
Re: [PHP] Re: Google spreadsheet curl
On Sun, 2010-08-08 at 22:57 +0900, ioan...@btinternet.com wrote: Using this code I get error message: The spreadsheet at this URL could not be found. Make sure that you have the right URL and that the owner of the spreadsheet hasn't deleted it. I have set up a test spreadsheet and it exists. Any ideas on why this might be? ?php $key=[key from google spreadsheet URL; $url = [well known protocol][colon][[forwardslash]forwardslash]spreadsheets.google.com/feeds/cells/$key/1/public/values; $ch = curl_init(); // set URL and other appropriate options curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // grab URL and pass it to the browser $google_sheet = curl_exec($ch); print(brgoogle_sheet: $url); print($google_sheet); etc ? Please do not hijack a thread. When posting a question, create a new email rather than hit reply, otherwise your message gets grouped with the question you replied to. Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Re: Google spreadsheet curl
This is a new message, not an existing thread. I don't know where the Re: got into the subject. Perhaps I sent it to myself first. Anyway, answer may have something to do with getting Zend installed. John -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Limit failed logins attempts
Hi guys, I would like to know what do you suggest to implement a limit for failed login attempts. I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 write to a Database ( ip, username and last-time-attempt ). If ater that, the user/bot tries again to login unsuccessfully, then the system should ban that user ip combination. Some questions about this situation: - Do you think that is a good idea to use sleep() ?. - How should I send a 503 HTTP error to the user after 5 attempts ? - Is this a good idea to do all this work for this security purpose ? - Do you know/suggest a better way to solve this? Thanks in advance, Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] question about compiling a portable web server for linux
From: Ashley Sheridan On Sat, 2010-08-07 at 10:43 +0800, lainme wrote: thanks for the reply. I know it is not a PHP problem. And I want to know whether it is possible to make it architecture independent. On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: Hi, I recently compiled a portable portable web server for linux, using lighttpd and php. But it seems that php can only run on machine with the same glibc version compiled it. How can I solve the problem? It's not a PHP problem. If you compile something, it's compiled to the same architecture that you specify, which by default is yours. have you tried compiling your executable with the same setup as you're currently using? You can't compile to be architecture independent. The best you can do is convert a language to a byte-code, like java. To expand on this, just a little, once you compile an application, you have locked it in to a specific CPU, OS and versions of the requisite dynamic libraries. The compiler options and your tool set define which range of each of those it will actually run on. The only way to make something completely independent of the architecture is to distribute it in source code form. In this case, you are probably better off defining minimum versions for the web server and PHP module that is required and allow the user to install those on his own. Most distributions already have those components packaged in an easy to manage kit. Bob McConnell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Limit failed logins attempts
On 9 August 2010 14:30, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: Hi guys, I would like to know what do you suggest to implement a limit for failed login attempts. I use velocity control (or whatever it is called). After the first failed attempt, set a ban-period before another login is possible for the account - start at 1 second. After each consecutive fail, double the period. I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 write to a Database ( ip, username and last-time-attempt ). If ater that, the user/bot tries again to login unsuccessfully, then the system should ban that user ip combination. Some questions about this situation: - Do you think that is a good idea to use sleep() ?. No. That won't achieve much except annoy legitimate users. - How should I send a 503 HTTP error to the user after 5 attempts ? user header(). I would send a 403 - Is this a good idea to do all this work for this security purpose ? Making sure that noone can try bruteforcing an account is a good idea. Just make sure you cannot use this security measure to lock out an account. - Do you know/suggest a better way to solve this? Velocity control, as stated. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Limit failed logins attempts
On 9 August 2010 13:30, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 ... As sessions are connected to a request through a session cookie, putting the failed attempts in the session for checking later is a bad idea. A script attempting to crack your security will most likely NOT be using cookies. So each request, all the many millions of them, will seem to be clean/virgin requests, not multiple attempts. Each request will create a blank new session with 0 previous attempts. Richard. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Limit failed logins attempts
From: Juan Rodriguez Monti I would like to know what do you suggest to implement a limit for failed login attempts. I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 write to a Database ( ip, username and last-time-attempt ). If ater that, the user/bot tries again to login unsuccessfully, then the system should ban that user ip combination. We have two columns in the user table, login_attempts and u_touch. The first is an integer, the second is a time stamp. The second is updated to now every time the user requests a page. Each time a login attempt fails, the first column is incremented. If the first column exceeds 3 when a new attempt is made, the previous time in the second must be more than 30 minutes old. The first column is reset to 0 on a successful login, or 1 on an unsuccessful attempt more than 30 minutes after the previous attempt. The error message is the same for all login failures, no matter what the cause. While logged in, if a page is requested with the value of u_touch more than ten minutes old, the user is automatically logged out. Bob McConnell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Limit failed logins attempts
On 9 August 2010 14:04, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: 2010/8/9 Richard Quadling rquadl...@gmail.com: On 9 August 2010 13:30, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 ... As sessions are connected to a request through a session cookie, putting the failed attempts in the session for checking later is a bad idea. A script attempting to crack your security will most likely NOT be using cookies. So each request, all the many millions of them, will seem to be clean/virgin requests, not multiple attempts. Each request will create a blank new session with 0 previous attempts. Good point. Thanks. So, what should I use instead of sessions to check this ?. Juan You could suspend the account after 3 bad logins. Nice and simple. A FailedLoginsSinceLastLogin counter against the account in the DB should be enough. If that exceeds your limit, then they can't login. They will have to re-authenticate in some other way. When that is successful, then the value can be cleared. Bob's way looks good. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Limit failed logins attempts
On 9 August 2010 15:10, Richard Quadling rquadl...@gmail.com wrote: On 9 August 2010 14:04, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: 2010/8/9 Richard Quadling rquadl...@gmail.com: On 9 August 2010 13:30, Juan Rodriguez Monti j...@rodriguezmonti.com.ar wrote: I thought that might be a good idea, to define a session variable called ( failedattempts ), then check and if $failedattempts is greater than, suppose, 4 ... As sessions are connected to a request through a session cookie, putting the failed attempts in the session for checking later is a bad idea. A script attempting to crack your security will most likely NOT be using cookies. So each request, all the many millions of them, will seem to be clean/virgin requests, not multiple attempts. Each request will create a blank new session with 0 previous attempts. Good point. Thanks. So, what should I use instead of sessions to check this ?. Juan You could suspend the account after 3 bad logins. Nice and simple. A FailedLoginsSinceLastLogin counter against the account in the DB should be enough. If that exceeds your limit, then they can't login. They will have to re-authenticate in some other way. When that is successful, then the value can be cleared. That allows locking out users at random by knowing the username - not a very good solution. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how do you upload to a 3rd-party remote server?
On Aug 6, 2010, at 8:28 PM, Daniel P. Brown wrote: On Fri, Aug 6, 2010 at 19:53, Govinda govinda.webdnat...@gmail.com wrote: can you elaborate? This kind of thing is all new to me. I need to see some sample code to even start to get an idea. Hopefully Tedd will notice this thread. He's the man when it comes to sample code. While there may be nothing directly-related to this (I don't know, I haven't looked), you may want to check http://php1.net/ to see some of his other samples for other issues that come up. The answer was just curl. I figured it out. Govinda govinda.webdnat...@gmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Snoopy port using PHP cURL library
Does anyone know if the Snoopy class has been ported to use the built-in PHP cURL library and released publicly somewhere? Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] [ERROR LOG FORMATTER] - any recommendations for web viewable error log formatters?
a client of mine use to have some color coded one but, I can't find it again. anyone using one that they particularly like? similar to this but was hoping for something in PHP http://www.psychogenic.com/en/products/Errorlog.php Thanks, T
Re: [PHP] [ERROR LOG FORMATTER] - any recommendations for web viewable error log formatters?
On 9 August 2010 20:40, Tristan sunnrun...@gmail.com wrote: a client of mine use to have some color coded one but, I can't find it again. anyone using one that they particularly like? similar to this but was hoping for something in PHP http://www.psychogenic.com/en/products/Errorlog.php Thanks, T Xdebug formats errors, try installing that. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Snoopy port using PHP cURL library
Does anyone know if the Snoopy class has been ported to use the built-in PHP cURL library and released publicly somewhere? I converted it myself. If anyone's interested the class is attached. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [ERROR LOG FORMATTER] - any recommendations for web viewable error log formatters?
Looking for something that does error logs on the server. Thanks, T On Mon, Aug 9, 2010 at 12:59 PM, Peter Lind peter.e.l...@gmail.com wrote: On 9 August 2010 20:40, Tristan sunnrun...@gmail.com wrote: a client of mine use to have some color coded one but, I can't find it again. anyone using one that they particularly like? similar to this but was hoping for something in PHP http://www.psychogenic.com/en/products/Errorlog.php Thanks, T Xdebug formats errors, try installing that. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype
Re: [PHP] [ERROR LOG FORMATTER] - any recommendations for web viewable error log formatters?
On Mon, Aug 9, 2010 at 3:12 PM, Tristan sunnrun...@gmail.com wrote: Looking for something that does error logs on the server. Thanks, T On Mon, Aug 9, 2010 at 12:59 PM, Peter Lind peter.e.l...@gmail.com wrote: On 9 August 2010 20:40, Tristan sunnrun...@gmail.com wrote: a client of mine use to have some color coded one but, I can't find it again. anyone using one that they particularly like? similar to this but was hoping for something in PHP http://www.psychogenic.com/en/products/Errorlog.php Thanks, T Xdebug formats errors, try installing that. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype Splunk http://www.splunk.com/ -- Bastien Cat, the other other white meat -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Test - Ignore
Test A00 SED -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [ERROR LOG FORMATTER] - any recommendations for web viewable error log formatters?
Thanks but, holy overkill. I just need something simple. Thanks for the advice guys. -T On Mon, Aug 9, 2010 at 2:30 PM, Bastien Koert phps...@gmail.com wrote: On Mon, Aug 9, 2010 at 3:12 PM, Tristan sunnrun...@gmail.com wrote: Looking for something that does error logs on the server. Thanks, T On Mon, Aug 9, 2010 at 12:59 PM, Peter Lind peter.e.l...@gmail.com wrote: On 9 August 2010 20:40, Tristan sunnrun...@gmail.com wrote: a client of mine use to have some color coded one but, I can't find it again. anyone using one that they particularly like? similar to this but was hoping for something in PHP http://www.psychogenic.com/en/products/Errorlog.php Thanks, T Xdebug formats errors, try installing that. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype Splunk http://www.splunk.com/ -- Bastien Cat, the other other white meat
Re: [PHP] Re: Google spreadsheet curl
I have uploaded Zend to my site but the files within the package do not seem to find each other: Warning: include_once(Zend/Gdata.php) [function.include-once]: failed to open stream: No such file or directory in /home/mysite/Zend/library/Zend/Loader.php on line 146 The line 146 is; if ($once) { include_once $filename; The code goes as below and I am wondering what is this trying to say about $filename, it says: * @param string$filename as a comment, and then uses $filename without defining it. Am I supposed to provide this? This seems a lot of effort just to download a google spreadsheet with curl. === /** * Loads a PHP file. This is a wrapper for PHP's include() function. * * $filename must be the complete filename, including any * extension such as .php. Note that a security check is performed that * does not permit extended characters in the filename. This method is * intended for loading Zend Framework files. * * If $dirs is a string or an array, it will search the directories * in the order supplied, and attempt to load the first matching file. * * If the file was not found in the $dirs, or if no $dirs were specified, * it will attempt to load it from PHP's include_path. * * If $once is TRUE, it will use include_once() instead of include(). * * @param string$filename * @param string|array $dirs - OPTIONAL either a path or array of paths * to search. * @param boolean $once * @return boolean * @throws Zend_Exception */ public static function loadFile(c, $dirs = null, $once = false) { self::_securityCheck($filename); /** * Search in provided directories, as well as include_path */ $incPath = false; if (!empty($dirs) (is_array($dirs) || is_string($dirs))) { if (is_array($dirs)) { $dirs = implode(PATH_SEPARATOR, $dirs); } $incPath = get_include_path(); set_include_path($dirs . PATH_SEPARATOR . $incPath); } /** * Try finding for the plain filename in the include_path. */ if ($once) { include_once $filename; === -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php