Re: [PHP] Setting cookies for other domains
on 3/17/05 6:32 PM, Brian Dunning at [EMAIL PROTECTED] wrote: I suspect it's for sub-domains of sites you administer and not completely different domains altogether. If this is true, and it's not possible for a site to set a cookie for a completely different domain, then why do browsers have security options to allow or prevent this specific action? I'm thinking it must be possible, and that there's a reason for the domain option in setcookie() other than subdomains. Would just love to know how to make it work... The domain option exists in scripting implementations solely for the purpose of sub domains. It is not there to imply you can use it for more than one domain, but to allow you to secure your sub domains. If you set a cookie for .example.com then test.example.com and *.example.com etc will be able to read it. This is not always what you want, in some cases, you may have intranet.example.com and www.example.com and you would not want to set the domain parameter to .example.com as that would allow one to read your intranet cookies. You will simply never make it work, it is designed to never allow this. There has been one security issue I can think of to date that allowed it, but it was patched promptly. The day someone figured out how to set a cookie for amazon.com and read it while under some other domain is the day all the news sites will be covering that topic. Cross domain cookies are indeed possible, look at microsoft.com, msn.com and msnbc.com which indeed do share your cookies from one site to the next, however, they do it by redirects and get/post methods, which is perfectly legit since they control those domains. No one outside someone with access to those servers could implement it. You are misinterpreting the prefs in browsers, they can not do what you ask. -- - Scott HanedaTel: 415.898.2602 http://www.newgeo.com Novato, CA U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting cookies for other domains
on 3/18/05 5:47 AM, Brian Dunning at [EMAIL PROTECTED] wrote: You are misinterpreting the prefs in browsers, they can not do what you ask. That's fine, I'm perfectly willing to accept this - but can someone explain what the pref IS for? you have not said which browser and what pref you are referring to. -- - Scott HanedaTel: 415.898.2602 http://www.newgeo.com Novato, CA U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] opt-in mail list best practice
on 3/16/05 12:46 PM, Todd Trent at [EMAIL PROTECTED] wrote: - This could be hosted on shared hosting server. - Opt-in list could be less than 100 or in the 1000¹s. - May need a way to track sending success. Check this out: http://phpmailer.sourceforge.net/ I use it to create HTML emails, send them to 1000's of people. I think I did a test to 30K or so, it handled it fine using mail locally. As for tracking, what we do is embed a image bug in the html and track when that loads, it is getting less reliable in todays anti spam world, but in my case these are paying subscribers so they generally want to get these emails. To track your users, at least the bounces we set the bounce address (return-path) to [EMAIL PROTECTED] and POP check domain.com every few seconds. We then scan for the bounce address and mark that user as bouncing x times, if they go over y we cancel the account. Many will want you to use mailman and such, a mailing list manager, but if you want to do custom mailings to each person, to integrate all this is just not gonna be easy. -- - Scott HanedaTel: 415.898.2602 http://www.newgeo.com Novato, CA U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Funny stiff in my logs
Hello, I am running only php with apache on a OSX 10.1.2 machine, in my apache error log, I have some odd lines in there statfs failed because: No such file or directory Here is a summarization of where I am at now First I did a grep -r 'statfs\ failed' / To see if any files on the entire apache server had that line in it, if it did, I could see where any why it was reporting this to to apache log, nothing showed up. I thought maybe it was in a binary and I would not be able to read it with grep, so off to download the source :-) Got source on Perl, Php, Apache Grepped out all those, and nothing at all either. I ran tail on the error_log while watching the site requests, and I saw nothing that corresponds with the lines in the error logs. Generally, a apachectl graceful, will restart the server, and then, in about 15 seconds, I get 4 lines in the error_log statfs failed because: No such file or directory statfs failed because: No such file or directory statfs failed because: No such file or directory statfs failed because: No such file or directory Then nothing for a while, maybe 5 minutes, then a few more, sometimes more than 4, sometimes less. Had a few friends look into their error logs, all on OSX 10.1, and they also are having this as well. I am going to make a guess here, all apple OSX boxes are going to have this, any ideas where to go next? --- Scott Haneda [EMAIL PROTECTED] http://www.newgeo.com Novato, California 94949 --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
