Re: [PHP] files and folders windows permission
On Fri, Aug 23, 2013 at 4:03 PM, Emiliano Boragina emiliano.borag...@gmail.com wrote: Hi everyone, sorry my ugly english. I did an upload file form. Works very good. Upload the files in the right folder, with the right name. I use chmod 0644, and for try I use 0777. But always the files are copyed blocked. I cant see them with windows preview for example. I read in forums that is Windows fault. How can I fix this? Thanks a lot. Code?
Re: [PHP] files and folders windows permission
On 23-8-2013 16:37, Matijn Woudt wrote: On Fri, Aug 23, 2013 at 4:03 PM, Emiliano Boragina emiliano.borag...@gmail.com wrote: Hi everyone, sorry my ugly english. I did an upload file form. Works very good. Upload the files in the right folder, with the right name. I use chmod 0644, and for try I use 0777. But always the files are copyed blocked. I cant see them with windows preview for example. I read in forums that is Windows fault. How can I fix this? Thanks a lot. Code? On a sidenote, how the hell did you manage to chmod files on _windows_ ??? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] files outside of the web tree
On Wednesday, April 27, 2011 at 1:08 PM, Jim Giner wrote: I have managed to build include files and store them above my public folder and the called pages manage to find them from the public folder and properly include them. My problem is with the html src= attribute. I have uploaded photos to be included in my web pages and I didn't want them in the web tree so I moved them above it also. I use php to get the root folder's name and then I add ../photos/ to the filename's path, but now my tags can't find them. Can I not do this? Nope, static elements need to be stored in a web accessible directory. If you could access things by saying `../` then that would defeat the purpose of storing things where they aren't accessible. Regards, -Josh___ Joshua Kehn | josh.k...@gmail.com http://joshuakehn.com
Re: [PHP] files outside of the web tree
Jason Pruim On Apr 27, 2011, at 1:11 PM, Joshua Kehn josh.k...@gmail.com wrote: On Wednesday, April 27, 2011 at 1:08 PM, Jim Giner wrote: I have managed to build include files and store them above my public folder and the called pages manage to find them from the public folder and properly include them. My problem is with the html src= attribute. I have uploaded photos to be included in my web pages and I didn't want them in the web tree so I moved them above it also. I use php to get the root folder's name and then I add ../photos/ to the filename's path, but now my tags can't find them. Can I not do this? Nope, static elements need to be stored in a web accessible directory. If you could access things by saying `../` then that would defeat the purpose of storing things where they aren't accessible. Actually it is possible but not the way he was doing it... Look at dispatch model scripts I believe. Those (if my memory is correct) will allow you to serve files the way you are wanting to. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] files creation/access dates
Tom Sparks wrote: how do I get the creation dates on a file? how do I get the last access date on a file? http://php.net/manual/en/function.stat.php /Per -- Per Jessen, Zürich (14.4°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] files creation/access dates
On Tue, Apr 14, 2009 at 4:12 AM, Per Jessen p...@computer.org wrote: Tom Sparks wrote: how do I get the creation dates on a file? how do I get the last access date on a file? http://php.net/manual/en/function.stat.php Or, perhaps a bit easier: http://php.net/filemtime http://php.net/fileatime http://php.net/filectime -- // Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files and permission
On Wed, April 26, 2006 11:18 pm, Peter Lauri wrote: Should I put the files outside of the web file system (outside of httpdocs) so that they can not get the file thru the web browser? Yes. Or should I save the docs in a database instead and control the access thru that? I would only put data into the database that you actually want to search, sort, and compute statistics on. So unless you plan on letting them search for Word docs based on whether or not the control codes internal to the Word format are in there based on some Regular Expression, I wouldn't cram the Word docs into the database. It just seems clutterd to me to have data in the database that doesn't actually have any database operations done on it. It also may add another thin security layer (defense in depth) to not have the documents available in the database, in case the database is penetrated. [This kinda depends, though, on whether you have other users with shell access and/or MySQL access...] The Operating System File System is also generally more efficient for handling these large files, so that's a small plus for outside the db. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files and permission
On Thu, 2006-04-27 at 00:18, Peter Lauri wrote: Best group member, I am creating a file system class. I will have a web based document center with different access roles. All users in the system will not be able to view the files. It will all be run thru the web tool. I will have a class that is called file. That file can give an authorized user access to a specific file. What I do not want to do is to show them the location of the file. And if they some how finds out the location of the file, I do not want them to be able to type http://www.domain.com/files/important.doc and download the file. Should I put the files outside of the web file system (outside of httpdocs) so that they can not get the file thru the web browser? Or should I save the docs in a database instead and control the access thru that? Is there anyone with comments? Is it anyone with experience about this? Put them outside web folder, if that's not possible place a .htaccess lock on their directory. When a file is requested, make the request pass through a script that can validate access and then use readfile() to output it directly to the user's browser. You should set appropriate headers for the file to let the user's browser know how to save it. That information can be kept in the database table, while you keep the file on the filesystem where it belongs :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
You will want to write PHP code to output the java-script. Because the java-script (client side scripting) gets executed without communicating with the server there is no PHP engine that java-script can push the PHP through on the client machine. So you would want to do something like: ?PHP $string = I want a new pop-up message; $javascript = scriptalert( $string )/script; echo $javascript; ? Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] J. Willard Marriott Library 295 S 1500 E, Salt Lake City, UT 84112-0860 801-585-9810 You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Hi! On Fri, 17 Mar 2006 17:42:51 +0200 Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? I guess, it's because the file is NOT being parsed. If you go back to your first message (on this thread), you had something like this: script language=JavaScript type=text/javascript src=d:/projects/horde/dimp/js/ -snipped- /script Why are you using d:/ ? If the machine you're working on happens to be your test server as well, what you want is (something like this): src=http://localhost/path/to/srcDimpCore.js.php?etcetc; Thanks! HTH, - Edwin - -- An answer, when mild, turns away rage, but a word causing pain makes anger to come up. - Proverbs 15:1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thats because you don't load the Javascript file over HTTP and load it locally. The webserver doesn't parse it that way. That way he just reads it and thats why it isnt parsed -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
I cannot use such a code, because the file I'm using is added to the Script element in the html page. The guys from Horde, that created the files say this should work without any problems, but it doesn't. If you have any other suggestions, please let me know. Thank you! On 3/17/06, Jason Gerfen [EMAIL PROTECTED] wrote: You will want to write PHP code to output the java-script. Because the java-script (client side scripting) gets executed without communicating with the server there is no PHP engine that java-script can push the PHP through on the client machine. So you would want to do something like: ?PHP $string = I want a new pop-up message; $javascript = scriptalert( $string )/script; echo $javascript; ? Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Gerfen Student Computing Labs, University Of Utah [EMAIL PROTECTED] J. Willard Marriott Library 295 S 1500 E, Salt Lake City, UT 84112-0860 801-585-9810 You will never be ready for me. ~ Me
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Well on another note I see that you are trying to point to a local file on a windows machine (i.e. c:\path\to\php-script), that won't work but if you place the php script on the server it may. i am unfamiliar with the organization you are refering to. Karl-Heinz Christian Zeck wrote: I cannot use such a code, because the file I'm using is added to the Script element in the html page. The guys from Horde, that created the files say this should work without any problems, but it doesn't. If you have any other suggestions, please let me know. Thank you! On 3/17/06, *Jason Gerfen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: You will want to write PHP code to output the java-script. Because the java-script (client side scripting) gets executed without communicating with the server there is no PHP engine that java-script can push the PHP through on the client machine. So you would want to do something like: ?PHP $string = I want a new pop-up message; $javascript = scriptalert( $string )/script; echo $javascript; ? Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thanks! On 3/17/06, Barry [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Hi everybody, Are you allowed to do this? I mean, is the php file parsed by the PHP engine first and a js code is generated that will be used by the script element? Yes -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List ( http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jason Gerfen You will never be ready for me. ~ Me -- Jason Gerfen You will never be ready for me. ~ Me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP files in the SRC attribute of an SCRIPT element
Thank you very much. That was the problem, I didn't noticed that I don't use the server path. On 3/17/06, Barry [EMAIL PROTECTED] wrote: Karl-Heinz Christian Zeck wrote: Thank you for your quick reply. I tried to modify the file. I removed all it's content and wrote only a single line: alert(test); When I refresh the main page, I get the alert message - this means the file was loaded successfuly. Then I tried this code: alert(?php echo 'test';?); This way it doesn't work, no alert message, so the file wasn't loaded. Any ideas? Thats because you don't load the Javascript file over HTTP and load it locally. The webserver doesn't parse it that way. That way he just reads it and thats why it isnt parsed -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
On Mon, August 22, 2005 12:30 pm, Evert | Rooftop wrote:
I want to use a PHP script to pass through a file to the browser [
right
after some processing ].
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Actually, it's a Fine Idea *IF* the files are relatively small.
Except you don't need parens for echo since echo is not a
function, it's a language construct.
echo file_get_contents('myfile');
The extra parens you have are basically order of operation:
$x = (2 + 3) * 4
versus
$x = 2 + 3 * 4
so you've told PHP to do file_get_contents() FIRST and then, err,
there isn't anything else to do, really, so it's kinda silly... Like:
$x = (2 + 3);
Is fpassthrough the right choice?
Only if you've already opened the file, and you maybe only want to
spit out the rest of the file after you skip the first part of the
file.
maybe virtual, so it won't go through php but apache does the job?
Maybe... But that chews up another HTTP connection, I think...
there's also readfile
Slightly better than echo file_get_contents(), but probably not much...
Another question, how seriously does this affect the performance in
comparison to let apache handle it. Is the difference big at MB+
files?
If your files are *HUGE* you probably want to test on YOUR server with
fopen/fread-loop.
Depending on a bunch of factors, the size of the buffer you choose for
fread() could make a difference in the performance, I think.
readfile might still be faster, since it's all in C... Or it might
not, depending on what buffer size is buried in the C code for
readfile.
or only significant when dealing with a lot of tiny files?
I suspect that for tiny files, it doesn't make much difference what
you use between echo get_file_contents()/readfile or even your own
fopen/fread loop. The overhead of the function call and opening up
the file, no matter who does it, is going to drawf the actual reading
of the contents.
TEST ON YOUR OWN SERVER IN LIFE-LIKE ENVIRONMENT
That's the only way you'll be sure all the answers here aren't full of
[bleep]
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
I'm using this method, works fine with 50mb+ files :
if( $fd = fopen ($filepath, 'r')){
while(!feof($fd)) {
$buffer = fread($fd, 2048);
print $buffer;
}
fclose ($fd);
exit;
}
Regards,
Kim Steinhaug
- - - - - - - - -
www.easycms.no
- Original Message -
From: Evert | Rooftop [EMAIL PROTECTED]
To: PHP-Users php-general@lists.php.net
Sent: Monday, August 22, 2005 9:30 PM
Subject: [PHP] Files passing through
Hi People,
I want to use a PHP script to pass through a file to the browser [ right
after some processing ].
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Is fpassthrough the right choice?
maybe virtual, so it won't go through php but apache does the job?
there's also readfile
Another question, how seriously does this affect the performance in
comparison to let apache handle it. Is the difference big at MB+ files?
or only significant when dealing with a lot of tiny files?
Thanks for your help!
Evert
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
Kim Steinhaug (php list) wrote:
I'm using this method, works fine with 50mb+ files :
if( $fd = fopen ($filepath, 'r')){
while(!feof($fd)) {
$buffer = fread($fd, 2048);
print $buffer;
}
fclose ($fd);
exit;
}
Is there a reason why you assign the output of fread() to a variable and
then print it? Why not just:
print(fread($fd, 2048));
which would be faster because it doesn't need to assign to a variable,
wouldn't it? Maybe I'm missing something..
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
On Tue, August 23, 2005 12:48 am, Jasper Bryant-Greene wrote:
Kim Steinhaug (php list) wrote:
I'm using this method, works fine with 50mb+ files :
if( $fd = fopen ($filepath, 'r')){
while(!feof($fd)) {
$buffer = fread($fd, 2048);
print $buffer;
}
fclose ($fd);
exit;
}
Is there a reason why you assign the output of fread() to a variable
and
then print it? Why not just:
print(fread($fd, 2048));
which would be faster because it doesn't need to assign to a variable,
wouldn't it? Maybe I'm missing something..
You're not missing anything, but a 2 K string buffer assignment/print
is probably not gonna save much...
Benchmark it both ways and see.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
Richard Lynch wrote:
On Tue, August 23, 2005 12:48 am, Jasper Bryant-Greene wrote:
Kim Steinhaug (php list) wrote:
I'm using this method, works fine with 50mb+ files :
if( $fd = fopen ($filepath, 'r')){
while(!feof($fd)) {
$buffer = fread($fd, 2048);
print $buffer;
}
fclose ($fd);
exit;
}
Is there a reason why you assign the output of fread() to a variable
and
then print it? Why not just:
print(fread($fd, 2048));
which would be faster because it doesn't need to assign to a variable,
wouldn't it? Maybe I'm missing something..
You're not missing anything, but a 2 K string buffer assignment/print
is probably not gonna save much...
Benchmark it both ways and see.
I benched this with a 100 MiB text file (largest I could find at short
notice). Buffer used for fread() calls was 2 KiB as above.
Values are averaged over 100 runs (I would have liked to do more, but I
don't have time). All values are to 4 significant figures.
Assigning to a variable and then printing took 0.5206 sec
Printing directly without assigning to any variable took 0.5178 sec
readfile() took 0.4632 sec
print(file_get_contents()) took 0.7037 sec
Therefore, readfile() is the fastest, print(file_get_contents()) most
definitely the slowest, and it makes -all difference between
assigning the buffer to a variable and not, at least for files around
100 MiB.
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
Benchmark it both ways and see. I benched this with a 100 MiB text file (largest I could find at short notice). Buffer used for fread() calls was 2 KiB as above. Values are averaged over 100 runs (I would have liked to do more, but I don't have time). All values are to 4 significant figures. Thought it might be interesting to see what happens by changing the buffer size using the fread option. Hacked up your script to run 100 times for a variety of buffer sizes reading in a ~100mb file, writing it out to /dev/null. Each iteration would shuffle the buffer size array so that it didn't them in various orders (just cause). This is on a FreeBSD 4.x box 800mhz, scsi disk, completely idle. Looks like for my server, 32K is the fastest, but it also looks like it really doesn't matter much. And none of this was run through apache which might have an affect since it's going to cache data before sending it as well I expect. BUFSIZE AVERAGE MIN MAX STDEV 10241.161640766 0.750351191 2.089925051 0.343560356 20481.192794297 0.749926805 2.099468946 0.352989462 40961.175014074 0.750481129 2.094204187 0.340703504 81921.191642218 0.750271797 2.103453875 0.342129591 16384 1.179281006 0.750427008 2.103821039 0.294178021 32768 1.112951536 0.750751972 2.096071959 0.280774437 65536 1.121285999 0.750077009 2.084055901 0.281509943 131072 1.223868408 0.750341177 2.114228964 0.376586171 262144 1.195006318 0.750770092 2.094146013 0.307552031 524288 1.247279932 0.75097084 2.878097057 0.405213182 1048576 1.162287986 0.752273083 2.099447012 0.328753411 2097152 1.170556216 0.752089024 2.101628065 0.298650593 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
This one time, at band camp, Evert | Rooftop [EMAIL PROTECTED] wrote:
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Why not?
Kevin
--
Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb contesting the vote.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
What is the fastest way to do this? I know
echo(file_get_contents('myfile')); is not a good idea ;)
Why not?
My guess would be because file_get_contents returns the contents as a
string. So if 'myfile' is 100mb, you're going to have to allocate 100mb
of memory to store that string while echo() spits it back out.
But I'm just guessing as I don't know for sure...
-philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
This one time, at band camp, Philip Hallstrom [EMAIL PROTECTED] wrote: My guess would be because file_get_contents returns the contents as a string. So if 'myfile' is 100mb, you're going to have to allocate 100mb of memory to store that string while echo() spits it back out. But I'm just guessing as I don't know for sure... I think you got it, we really dont have enough information on what he has in myfile.txt Kevin Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files passing through
Kevin Waterson wrote: This one time, at band camp, Philip Hallstrom [EMAIL PROTECTED] wrote: My guess would be because file_get_contents returns the contents as a string. So if 'myfile' is 100mb, you're going to have to allocate 100mb of memory to store that string while echo() spits it back out. But I'm just guessing as I don't know for sure... I think you got it, we really dont have enough information on what he has in myfile.txt readfile() is the correct function for this purpose. fpassthru() is designed for if you need to seek to a particular point in the file and then output the remainder (or do other voodoo with the file pointer before outputting the contents), and file_get_contents() is for when you need the file contents in a string. However, the first comment on readfile() states that readfile() is 55% slower than doing a simple loop until EOF and using fread(). I haven't tested that claim, so YMMV. Jasper -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files
Hello,
I am not sure what problems you are having, but
Shouldn't the id's in the files match up?
So,
File1:
1, test@test.com
2, [EMAIL PROTECTED]
3, [EMAIL PROTECTED]
File2:
1, doc1.doc
2, doc2.doc
3, doc3.doc
Also, where you are comparing the $groupid to the $id, shouldn't it be:
if($groupid == $id)
hth
Chris.
-Original Message-
From: Chris Grigor [mailto:[EMAIL PROTECTED]
Sent: 28 June 2005 11:24
To: PHP General
Subject: [PHP] Files
*
This e-mail has been received by the Revenue Internet e-mail service.
*
Hey all,
I am having a bash at working with flat files.
What I am trying to achieve is the following
There are 2 files with info in them,
file1 has
id,email
and file2 has
id,filename
what I am trying to achieve is open up file1 get the id and email then
open file2 and match the id of file1 to id of file2, then if succesful
send a mail with the filename in file2.
Maybe have a look at the code...
$recp_list = fopen(mail_group_list.txt, r);
while(!feof($recp_list))
{
$line = fgets($recp_list, 255);
$line = chop($line);
$split = explode(,, $line);
$id = $split[0];
$email = $split[1];
// time to mail.
if ($email != ) {
$group_list = fopen(file_group_list.txt, r);
while(!feof($group_list))
{
$groupline = fgets($group_list, 255);
$groupline = chop($groupline);
$groupsplit = explode(,, $groupline);
$groupid = $groupsplit[0];
$groupFileName = $groupsplit[1];
if($groupid = $id)
{
// start mailing
$fromname = Test Mailer;
$fromaddress = [EMAIL PROTECTED];
$subject = Test mail;
$message = Test message $groupFileName;
$headers = From: \.$fromname.\ .$fromaddress.\n;
// Notify the user on screen if the send was succesfull
if(mail($email, $subject, $message, $headers))
{
print Mail sent successfully to $email;
}
else
{
print Mail not sent to $email;
}
}#end if groupid = id
}#end while group list
}#end if email
}#end while email !=
?
So thats the mail.php
mail_list_group.txt looks like this
1,test@test.com
5,[EMAIL PROTECTED]
7,test@test.com
file_group_list.txt looks like this
2,filename1.doc
3,filename2.doc
4,filename3.doc
Any help on this would be great !
Cheers
Chris
PS the formatting might come out all wrong as its mailed from a web account.
--
-
---
Anyone can give up smoking, but it takes a man to face cancer.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
This message has been delivered to the Internet by the Revenue Internet e-mail
service
*
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
On Tue, May 31, 2005 10:55 am, Leif Gregory said: Hello Martin, Sunday, May 29, 2005, 9:24:00 PM, you wrote: M I saw files like file.inc.php and file.inc M What is the *.inc suffix good for ? It's good for a lot of trouble if the webserver hasn't been set up to parse .inc files as PHP. If it hasn't then someone can request that file in a broswer and see the code. Gak! It's good for even *MORE* trouble if the webserver is set up to parse .inc as PHP! You've got files that people can get executed *COMPLETELY* out of context, that *NOBODY* even though about being executed out of context, much less *TESTED* in any kind of QA process! I can surf to http://example.com/admin.inc and who knows what will happen if that PHP code in there gets executed without all the code you expected to be executed before that code? I'd just stay away from using .inc for an include and do either of the below: config.inc.php or just config.php Neither of which solve the base problem: The *REAL* solution is to put your .inc files *OUTSIDE* the web-tree where they simply CANNOT be executed out of context (by surfing to them) and cannot be downloaded by Bad Guys looking for holes. You can also add code to the beginning of every .inc file which attempts to examine the state of the HTTP request to determine that it is not being called out of context, but that's a pain to have to put in every file, or to have to remember to include the include file that does that, and to hope that every developer (or even just you) remembers to do that. It's really much easier to just fix your include_path, move the files where they cannot get accessed, and be done with it. Just my opinion. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
On 1 Jun 2005, at 06:22, Richard Lynch wrote: You've got files that people can get executed *COMPLETELY* out of context, that *NOBODY* even though about being executed out of context, much less *TESTED* in any kind of QA process! I can surf to http://example.com/admin.inc and who knows what will happen if that PHP code in there gets executed without all the code you expected to be executed before that code? There is one simple habit that can mitigate this issue, and it's one I see very often: make your .inc.php and .class.php files do nothing. If you .inc files contain only function and constant definitions, and your .class files contain only class definitions, then nothing will happen when you run them - a bunch of functions or a class will get defined, but if nothing is run, they will just be forgotten. This route has a major advantage when it comes to deployment - you can just stick all your files in one place, and it will work without risk. Another simple approach is to put all your included files in a directory that contains a .htaccess file to prevent direct access to them. They can still be included from your PHP scripts. Marcus -- Marcus Bointon Synchromedia Limited: Putting you in the picture [EMAIL PROTECTED] | http://www.synchromedia.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
moving outside the webtree is the best option, where practical. Calling the files whatever.inc.php allows you to disallow access to .inc.php files via the apache config file. On 6/1/05, Richard Lynch [EMAIL PROTECTED] wrote: On Tue, May 31, 2005 10:55 am, Leif Gregory said: Hello Martin, Sunday, May 29, 2005, 9:24:00 PM, you wrote: M I saw files like file.inc.php and file.inc M What is the *.inc suffix good for ? It's good for a lot of trouble if the webserver hasn't been set up to parse .inc files as PHP. If it hasn't then someone can request that file in a broswer and see the code. Gak! It's good for even *MORE* trouble if the webserver is set up to parse .inc as PHP! You've got files that people can get executed *COMPLETELY* out of context, that *NOBODY* even though about being executed out of context, much less *TESTED* in any kind of QA process! I can surf to http://example.com/admin.inc and who knows what will happen if that PHP code in there gets executed without all the code you expected to be executed before that code? I'd just stay away from using .inc for an include and do either of the below: config.inc.php or just config.php Neither of which solve the base problem: The *REAL* solution is to put your .inc files *OUTSIDE* the web-tree where they simply CANNOT be executed out of context (by surfing to them) and cannot be downloaded by Bad Guys looking for holes. You can also add code to the beginning of every .inc file which attempts to examine the state of the HTTP request to determine that it is not being called out of context, but that's a pain to have to put in every file, or to have to remember to include the include file that does that, and to hope that every developer (or even just you) remembers to do that. It's really much easier to just fix your include_path, move the files where they cannot get accessed, and be done with it. Just my opinion. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
Leif Gregory wrote: Hello Martin, Sunday, May 29, 2005, 9:24:00 PM, you wrote: M I saw files like file.inc.php and file.inc M What is the *.inc suffix good for ? It's good for a lot of trouble if the webserver hasn't been set up to parse .inc files as PHP. If it hasn't then someone can request that file in a broswer and see the code. PHP will parse the file when called via include() or require(), no matter the extension and how the web server is configured. Now if a user tries to access the file directly, then the webserver comes into playbut one would think that you don't want include files accessed directly anyway. Best ways to do this is to put them outside of document root, give them a unique extension (like .inc or .inc.php) that you can filter out in Apache, and put some 'security measure' in the file itself (like checking to see if a constant is set). -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] [Files suffix] .inc.php files
[snip] I saw files like file.inc.php and file.inc What is the *.inc suffix good for ? Thank you for replies. [/snip] Once is enough...wait for an answer. The suffix is good for identifying files. For instance, say you have a group of standard functions that you use in all applications. You can call it functions.inc (inc stands for 'include'). It is an organizational method. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
sorry Martin, forgot to post to list! oh and the list is a little overworked so don't go posting double if your post doesn't appear immediately... it will get there eventually ;-) Martin Zvarik wrote: Hi, I saw files like file.inc.php and file.inc I saw penguins :-) What is the *.inc suffix good for ? differentiating between different 'types' of files - i.e. those with a .inc extension usually denote files which are included as apposed to being called 'directly' from the browser. another type of file name you might see is 'file.class.php' for files which contain (usually a single) class definitions or 'file.funcs.php' for files which just contain a 'library' of functions. basically name your files anyway you see fit, php does not care - do bare in mind that yor webserver needs to be configured to recognize you php files (which is usually done by way of file extension) - ?php // this will work as expected - assuming such a // file actually exists somewhere alogn your include_path. include_once 'crufty-include-rubbish'; ? hth Thank you for replies. Martin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [Files suffix] .inc.php files
Hello Martin, Sunday, May 29, 2005, 9:24:00 PM, you wrote: M I saw files like file.inc.php and file.inc M What is the *.inc suffix good for ? It's good for a lot of trouble if the webserver hasn't been set up to parse .inc files as PHP. If it hasn't then someone can request that file in a broswer and see the code. I'd just stay away from using .inc for an include and do either of the below: config.inc.php or just config.php Whichever floats your boat. -- Leif (TB lists moderator and fellow end user). Using The Bat! 3.5.20 under Windows XP 5.1 Build 2600 Service Pack 2 on a Pentium 4 2GHz with 512MB -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
On Fri, March 18, 2005 12:00 pm, Steven Altsman said: Got packet bigger than 'max_allowed_packet' ... Gotta love mysql_error(); If I find out what causes this, I'll bring it over to this list too.. since it's been pretty quiet, I guess I've gotten folks stumped. If that's a MySQL error, you're gonna be WAY better off asking on the MySQL mailing lists... At a guess, you're either trying to send a query that's WY too long, or get back waaay too much data, or your database server and internet server aren't doing TCP/IP packets nicely, or... It could mean a whole lot of things, actually. Google for the error message, and 'max_allowed_packet' and see what turns up. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Steven Altsman wrote: Got packet bigger than 'max_allowed_packet' ... Gotta love mysql_error(); If I find out what causes this, I'll bring it over to this list too.. since it's been pretty quiet, I guess I've gotten folks stumped. I think you can put the encrypted file to the database in chunks. Split the file up and append it to the column in a loop. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files upload - Encrypt into a variable - Do not inject into db (PHP/Apache/MySQL)
Steven Altsman wrote: Yes, the link is http://www.radinks.com/upload/config.php file_uploads = On upload_max_filesize = 40M max_input_time = 9000 (seconds) memory_limit (not limited, per handload config, from source) max_execution_time = 9000 (seconds) post_max_size = 40M also, hidden INPUT tag MAX_FILE_SIZE with value=4, which I'm guessing needs it in kilobytes. It's in bytes. Check apache's config, namely LimitRequestBody directive. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
[code]
?php
// Variable-ize all of the attributes of the file object
$binFile = $_FILES['binFile'];
$binFile_name = $_FILES['binFile']['name'];
$binFile_size = $_FILES['binFile']['size'];
$binFile_type = $_FILES['binFile']['type'];
$binFile_tmp = $_FILES['binFile']['tmp_name'];
// Get sender information
$author = test;
$recipient = test;
// Tracking information on the file
$date_submitted = date('Y-m-d H:i:s');
$txtDescription = test;
$binFile_unique =
md5($author.$txtDescription.$binFile_name);
$email_id = test;
$data = file_get_contents($binFile_tmp);
$bytes_in_data = strlen($data);
?
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
http://www.w3.org/TR/html4/loose.dtd;
html
head
meta http-equiv=Content-Type content=text/html; charset=iso-8859-1
titleUntitled Document/title
/head
body
form name=form1 enctype=multipart/form-data method=post action=
p
input name=binFile type=file size=50
/p
p
input type=submit name=Submit value=Submit
/p
/form
?php echo $bytes_in_data; ?
/body
/html
[/code]
Here is a proof of concept.. I loaded up the nVidia drivers to my default
tmp directory, then echoed out the strlen of the file when opened in
file_get_contents function. It gave out the correct size.
From here, I'm just going to see if it encrypts and spits out a different
(or no) number.
-Original Message-
From: Marek Kilimajer [mailto:[EMAIL PROTECTED]
Sent: Friday, March 18, 2005 4:26 AM
To: [EMAIL PROTECTED]
Cc: php-general@lists.php.net
Subject: Re: [PHP] Files upload - Encrypt into a variable - Do not
injectinto db (PHP/Apache/MySQL)
Steven Altsman wrote:
Yes, the link is http://www.radinks.com/upload/config.php
file_uploads = On
upload_max_filesize = 40M
max_input_time = 9000 (seconds)
memory_limit (not limited, per handload config, from source)
max_execution_time = 9000 (seconds)
post_max_size = 40M
also, hidden INPUT tag MAX_FILE_SIZE with value=4, which I'm
guessing
needs it in kilobytes.
It's in bytes.
Check apache's config, namely LimitRequestBody directive.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Updated : It ain't MCRYPT.
[code]
?php
// Variable-ize all of the attributes of the file object
$binFile = $_FILES['binFile'];
$binFile_name = $_FILES['binFile']['name'];
$binFile_size = $_FILES['binFile']['size'];
$binFile_type = $_FILES['binFile']['type'];
$binFile_tmp = $_FILES['binFile']['tmp_name'];
// Get sender information
$author = test;
$recipient = test;
// Tracking information on the file
$date_submitted = date('Y-m-d H:i:s');
$txtDescription = test;
$binFile_unique =
md5($author.$txtDescription.$binFile_name);
$email_id = test;
$data = file_get_contents($binFile_tmp);
$bytes_in_data = strlen($data);
$key = supa_secret_key_type_thingie;
$input = $data;
$td = mcrypt_module_open('twofish', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td),
MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$encrypted_data = mcrypt_generic($td, $input);
$bytes_in_encrypted_data = strlen($encrypted_data);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
http://www.w3.org/TR/html4/loose.dtd;
html
head
meta http-equiv=Content-Type content=text/html; charset=iso-8859-1
titleUntitled Document/title
/head
body
form name=form1 enctype=multipart/form-data method=post action=
p
input name=binFile type=file size=50
/p
p
input type=submit name=Submit value=Submit
/p
/form
?php echo $bytes_in_data; ?
br
?php echo $bytes_in_encrypted_data;?
/body
/html
[/code]
-Original Message-
From: Marek Kilimajer [mailto:[EMAIL PROTECTED]
Sent: Friday, March 18, 2005 4:26 AM
To: [EMAIL PROTECTED]
Cc: php-general@lists.php.net
Subject: Re: [PHP] Files upload - Encrypt into a variable - Do not
injectinto db (PHP/Apache/MySQL)
Steven Altsman wrote:
Yes, the link is http://www.radinks.com/upload/config.php
file_uploads = On
upload_max_filesize = 40M
max_input_time = 9000 (seconds)
memory_limit (not limited, per handload config, from source)
max_execution_time = 9000 (seconds)
post_max_size = 40M
also, hidden INPUT tag MAX_FILE_SIZE with value=4, which I'm
guessing
needs it in kilobytes.
It's in bytes.
Check apache's config, namely LimitRequestBody directive.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Got packet bigger than 'max_allowed_packet' ... Gotta love mysql_error(); If I find out what causes this, I'll bring it over to this list too.. since it's been pretty quiet, I guess I've gotten folks stumped. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not inject into db (PHP/Apache/MySQL)
Yes, the link is http://www.radinks.com/upload/config.php file_uploads = On upload_max_filesize = 40M max_input_time = 9000 (seconds) memory_limit (not limited, per handload config, from source) max_execution_time = 9000 (seconds) post_max_size = 40M also, hidden INPUT tag MAX_FILE_SIZE with value=4, which I'm guessing needs it in kilobytes. Radditha has a pretty sweet upload script going on there.. however, not sure if it contains the same security requirements I've got. Per GLBA requirements, my data has to be stored no more than 48 hours and must be encrypted with 128-bit or higher algorithms. I'm starting to suspect that I have more lists I've got to sign up with, as it may be MCRYPT or MySQL that is barfing because of it. If that is all I can tweak in PHP, then I'm definitely hitting a dead-end on this list. Thank you for your time. -Original Message- From: Jason Barnett [mailto:[EMAIL PROTECTED] Sent: Thursday, March 17, 2005 10:35 AM To: php-general@lists.php.net Subject: Re: [PHP] Encrypted 2.5+M files do upload, but don't create a recordwhen stored as LongBlobs (PHP/Apache/MySQL) Steven Altsman wrote: This may be a stupid question. If it is, could somebody do a one line reply of it is. That way I will know to turn my attention elsewhere. ... It's not a stupid question, it's just that the people that have read it so far (including me) don't really know the answer. I seem to recall that Raditha Dissanayake had an upload script that let you do larger uploads... just look in the archives for his messages and look for the link in his signature. HTH -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Php files with .html extension?
Phpu wrote: Hi, How can i do a php script with a html extensionsuch as http://www.blinds-wise.com/shop/p/blind/bid/1/venetian_blinds.html Thanks when using eg. apache, you can add a .htaccess file with the following line: AddType application/x-httpd-php .html That will overwrite the normal way apache handles .html files, and it will let the php engine parse them in that and all subdirectories (which don't reset this behavious using another .htaccess file with different Type-related options) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files question
[snip] How can i read all files line by line? I am running windows. I know that there is then a \r\n but i don't know how to extract them... Can you help me? [/snip] start with http://www.php.net/fopen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files question
Now sorry... I already know to use fopen... I want a script that parses all lines from a file... Just like a loop that with every time it is executed, it echos a line from the file... (this is just a example... else i was using file_get_contents and nl2br...) Jay Blanchard [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] [snip] How can i read all files line by line? I am running windows. I know that there is then a \r\n but i don't know how to extract them... Can you help me? [/snip] start with http://www.php.net/fopen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files question
[snip]
Now sorry... I already know to use fopen... I want a script that parses
all
lines from a file... Just like a loop that with every time it is
executed,
it echos a line from the file... (this is just a example... else i was
using
file_get_contents and nl2br...)
[/snip]
Well, Bas, the fopen and it's associated manual pages describe just how
to do this. Basic example
$theFile = fopen(myfile.foo, r); //open the file for reading
while(!feof($theFile)){ // while the file is not at the end of the file
$theLine = fgets($theFile, 1024); // get a line, specify a
length
echo $theLine; // print out the line you just got
} //close the while loop
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files question
Well, Bas, the fopen and it's associated manual pages describe just how
to do this. Basic example
$theFile = fopen(myfile.foo, r); //open the file for reading
while(!feof($theFile)){ // while the file is not at the end of the file
$theLine = fgets($theFile, 1024); // get a line, specify a
length
echo $theLine; // print out the line you just got
} //close the while loop
http://us2.php.net/manual/en/function.file.php
Using file will read each line of a file into an element of the returned
array. then you can loop through the array and pull out line by
line...example:
$lines = file( somefile.txt );
foreach( $lines as $line = $value ) {
echo $line = $valuebr;
}
HTH
--
Ray
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files in /etc/php.d/
I supose you need to install php-mysql, php-interbase ... Todd Cary wrote: About a year ago, I installed RH 9.0 and in the process installed/updated php 4.2.2. The directory, /etc/php.d/ contains many ini files instructing php to load modules including mysql.so and interbase.so. phpinfo() shows that they have been included. Not being a Linux guru - in fact, knowing just enough to keep it running as my http and ftp server - and having lost my notes, I cannot remember what I did to get this configuration. In loading RH 9 onto another computer, the /etc/php.d/ directory does not contain these files *and* phpinfo() does not show mysql or interbase. Can someone help me get my bearings? Do I need to get the latest php rpm and run configure using the --with-xxx flag for each of the modules I want included? Lost. Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] files being downloaded when a 404 occurs
Look at this bug file : http://bugs.php.net/bug.php?id=25009 It's been fixed in the CVS snapshots, anything after the 11PM GMT on the 10th of August works. hth. --- Rigi Toney [EMAIL PROTECTED] wrote: Hello, I'm using Apache 2.0.47 (Unix) with PHP 4.3.3RC2. My httpd.conf file reads : AddType application/x-httpd-php .html ... and then a little further down ErrorDocument 404 /404redir.html (404redir.hml is a PHP file, consisting of : ?php header(Location: /404.html); ? ) The reason why I do this is so that the Google Adsense doesnt' display welfare ads, since the 404 page contains a lot of keywords! Anyway, the problem is this. When a 404 occurs, for say a directory ... http://localhost/heidkjsdjksd which doesnot exist... everything works great... i get redirected as per requirement. Now when a .php files occurs .. it still works (http://localhost/sdjkdkjskd.php) BUT when a .html files occurs... http://localhost/crap.html it starts to download the file... and the browser says can't download!!! And now when I add a .php file to my AddType... it happens for the .php file too... so since i've moved my website.. and had .php files... i can't use the .php extension otherwise 404's don't get logged and taken care of! Help appreciated. thank you. Tony. = Mukul Sabharwal ([EMAIL PROTECTED]) __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
I've got a problem with preconfigured server (Apache 1.3/MySQL 3/PHP 4): Files and directories created by a PHP script are always owned by the apache user and apache group. But the script itself is inside of a virtualhost which has another user and group (web2 / ftponly)! So in fact the script has to run with the rights of the user web2?? Perhaps it does, but files/dirs are create with owner apache. PHP runs as a module inside of apache, so any files it creates are owned by the Apache user. That's the way it works. If you run PHP as a CGI, this does not happen. Or use FTP to make files. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
Cpt John W. Holmes wrote: So in fact the script has to run with the rights of the user web2?? Perhaps it does, but files/dirs are create with owner apache. PHP runs as a module inside of apache, so any files it creates are owned by the Apache user. That's the way it works. If you run PHP as a CGI, this does not happen. Or use FTP to make files. And there is no other way? No way to configure it? Or, are there any hacks/patches, workarounds? This way, it seems to me like security hole, because I have to use 0777 while creating, then everybody could do everything with the files. Well, there is the open_basedir setting, put then, what's about other user doing other things (not PHP)? No way? Joachim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
* Thus wrote Joachim ([EMAIL PROTECTED]): Cpt John W. Holmes wrote: So in fact the script has to run with the rights of the user web2?? Perhaps it does, but files/dirs are create with owner apache. PHP runs as a module inside of apache, so any files it creates are owned by the Apache user. That's the way it works. If you run PHP as a CGI, this does not happen. Or use FTP to make files. And there is no other way? No way to configure it? Or, are there any hacks/patches, workarounds? This way, it seems to me like security hole, because I have to use 0777 while creating, then everybody could do everything with the files. Well, there is the open_basedir setting, put then, what's about other user doing other things (not PHP)? Yes that is a big security hole. There are some hosting solutions, I cant really help you there, but this concept I think should work would be: permissions: 0770 user/group: $virtualuser/apache where $virtualuser is the user's ftp login, shell access (if available). now only the user and the apache process (thus php) can write to it. the files are even locked out for anybody to see. Now with the combination of open_basedir, it should all be safe. I hope that puts you in the right direction, the above stuff is just a concept and not guaranteed Curt -- I used to think I was indecisive, but now I'm not so sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
Curt Zirzow wrote: This way, it seems to me like security hole, because I have to use 0777 while creating, then everybody could do everything with the files. Well, there is the open_basedir setting, put then, what's about other user doing other things (not PHP)? Yes that is a big security hole. There are some hosting solutions, I cant really help you there, but this concept I think should work would be: [...] user/group: $virtualuser/apache Hmm, well. It may be more secure, but there is still the problem, that every $virtualuser can access the files. You still have to hope that there is now bad $virtualuser. Anyway, thanks :-)! Joachim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
* Thus wrote Joachim ([EMAIL PROTECTED]): Curt Zirzow wrote: This way, it seems to me like security hole, because I have to use 0777 while creating, then everybody could do everything with the files. Well, there is the open_basedir setting, put then, what's about other user doing other things (not PHP)? Yes that is a big security hole. There are some hosting solutions, I cant really help you there, but this concept I think should work would be: [...] user/group: $virtualuser/apache Hmm, well. It may be more secure, but there is still the problem, that every $virtualuser can access the files. You still have to hope that there is now bad $virtualuser. perhaps a little more detail on how things would be set up: Folder strucure user/group permissions /www/virtual1-domain.com/www/ virtual1/apache0770 /www/virtual2-domain.com/www/ virtual2/apache0770 thus virtual1 cant touch virtual2's files and vice versa. Curt -- I used to think I was indecisive, but now I'm not so sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files created by PHP/Apache
Curt Zirzow wrote: * Thus wrote Joachim ([EMAIL PROTECTED]): Yes that is a big security hole. There are some hosting solutions, I cant really help you there, but this concept I think should work would be: [...] user/group: $virtualuser/apache Hmm, well. It may be more secure, but there is still the problem, that every $virtualuser can access the files. You still have to hope that there is now bad $virtualuser. perhaps a little more detail on how things would be set up: Folder strucure user/group permissions /www/virtual1-domain.com/www/ virtual1/apache0770 /www/virtual2-domain.com/www/ virtual2/apache0770 thus virtual1 cant touch virtual2's files and vice versa. Oh, yes, thanks you opened my eyes! :-) Joachim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files uploads problem
Thank you very much - you are very observant and have just taught me a good lesson about checking minor errors even outside the obvious PHP code. It works now except for the unlink as you said. Regards Adrian Greeman Original Message - From: Kevin Stone [EMAIL PROTECTED] To: Adrian Greeman [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, March 31, 2003 11:37 PM Subject: Re: [PHP] Files uploads problem - Original Message - From: Adrian Greeman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 31, 2003 3:04 PM Subject: [PHP] Files uploads problem snip But I am having real trouble making a file upload programme work. It needs substitution of $FileName given in the example with $_FILES array values which I have done and use of isset instead of a raw if(). But I still cannot get it to work May I put the code here and ask if anyone can tell me the problem. .. Couple of HTML problems to point out. Where you have br // form\n, / form is an invalid tag. Remove the space. Also where you have enctype=\multipart/form-data\ you need quotes after the slashes (ie. \) otherwise PHP is going to assume that you want the litteral slash in the HTML. Niether of these errors will return visable error code but both will result in you not being able to submit the form. Also when you go to unlink($File); you're going to see an error becuase $File is not a valid file path, it's an array. Besides you shouldn't worry about trying to clean up the temp file. PHP will do it automatically when the script exists. :-) HTH, Kevin/snip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files uploads problem
- Original Message -
From: Adrian Greeman [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 31, 2003 3:04 PM
Subject: [PHP] Files uploads problem
I am a learner in PHP - I have been using Larry Ullman's Peachpit
beginners
book which I have found useful to take me through the basics.
But the examples were written before the general applicaton of the new
$_POST, $_GET and similar arrays. It has been valuable learning to change
the code for that (I use version 4.2. (and a bit) and Larry Ullman is
very
helpful on his own website forum with readers' queries on the book
examples.
But I am having real trouble making a file upload programme work. It needs
substitution of $FileName given in the example with $_FILES array values
which I have done and use of isset instead of a raw if(). But I still
cannot get it to work
May I put the code here and ask if anyone can tell me the problme.
Incidentally I use Windows ME with Apache 2.0.36 and PHP 4.2.. The files
upload is on with a max size of 2M and no specific directory given for a
temp store (the INI says it will use the default directory.)
My test out script is as follows::-
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
html
head
titleUploader/title
/head
body
?php
if(isset($_FILES['File'])) {
$File=$_FILES['File'];
$File_name=$_FILES['File']['name'];
$File_size=$_FILES['File']['size'];
echo (p$File_name/pbr /\n);
echo ($_FILES['File']['name']);
print(File name: $File_namep /\n);
print(File size: $File_sizep /\n);
if (copy ($_FILES[File][tmp_name],users/$File_name)) {
print(The file was sucessfully uploaded.p /\n);
}else{
print(Your file could not be copied unfortunately.p /\n);
}
unlink($File);
}
echo (Upload a file to the server.);
echo (Form action=\FileUpload.php\ method=POST
enctype=\multipart/form-data\\n);
echo (File: input type=file name=\File\br /\n);
echo (input type=submit name=\submit\ value=\Press here to
upload.\br // form\n);
//test whether anything prints for the FILES array
echo (pemfont color=\green\Can I get it to print the variable
outside the conditional? i.e. this one
{$_FILES['File']['name']}./font/em/p\n);
//set any old variable and print it to be sure basics work
$TestPrint=pbigfont color=\purple\Print this out
then./font/big/p.\n;
echo($TestPrint);
?
/body
/html
Is there something I've missed in the script. Or perhaps Apache 2 is the
problem?
Thanks
Couple of HTML problems to point out. Where you have br // form\n, /
form is an invalid tag. Remove the space. Also where you have
enctype=\multipart/form-data\ you need quotes after the slashes (ie. \)
otherwise PHP is going to assume that you want the litteral slash in the
HTML.
Niether of these errors will return visable error code but both will result
in you not being able to submit the form.
Also when you go to unlink($File); you're going to see an error becuase
$File is not a valid file path, it's an array. Besides you shouldn't worry
about trying to clean up the temp file. PHP will do it automatically when
the script exists. :-)
HTH,
Kevin
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files upload
I beleive move_uploaded_file is prefered since copy won't work in Safe Mode. Andrew - Original Message - From: Max 'AMiGo' Gashkov [EMAIL PROTECTED] To: PHP General list [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 6:09 PM Subject: [PHP] Files upload Is there any difference between using move_uploaded_file(... or if(is_uploaded_file... ... copy( (security hazards etc.)? WBR, Max 'AMiGo' Gashkov [EMAIL PROTECTED] ]=[ http://diary.otaku.ru/amigo Distributed.net participant [408228][RC5-72] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
Those are temporery uploaded files, they should be there only while some script handling the upload is running, otherwise you have some problems. nico wrote: Hello, I've a lot of files named php in my tmp folders .. What's these files ? Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
No, I have some 300 php and in these files , there is some html of my sites. Nico Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Those are temporery uploaded files, they should be there only while some script handling the upload is running, otherwise you have some problems. nico wrote: Hello, I've a lot of files named php in my tmp folders .. What's these files ? Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
For information : i have php 4.3 (perhaps a new caching system) ? Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Those are temporery uploaded files, they should be there only while some script handling the upload is running, otherwise you have some problems. nico wrote: Hello, I've a lot of files named php in my tmp folders .. What's these files ? Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
Well, you should know what have installed, but there is no caching system by default. nico wrote: For information : i have php 4.3 (perhaps a new caching system) ? Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Those are temporery uploaded files, they should be there only while some script handling the upload is running, otherwise you have some problems. nico wrote: Hello, I've a lot of files named php in my tmp folders .. What's these files ? Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
'./configure' '--with-mysql' '--with-apache=../apache_1.3.27' '--enable-track-vars' '--with-imap=/var/imap-2002b/' '--with-gettext' '--with-png-dir=/var/libpng-1.0.15' '--with-zlib-dir=/var/zlib-1.1.4' My installation.. and my ls dir -rw--- 1 nobody nobody 3687 Jan 23 14:25 phpqlG5ny -rw--- 1 nobody nobody621 Jan 22 21:06 phpqt95I4 -rw--- 1 nobody nobody424 Jan 23 00:04 phprM5Vkx -rw--- 1 nobody nobody 1344 Jan 23 20:07 phprO0kTb -rw--- 1 nobody nobody467 Jan 23 20:07 phprYggVM -rw--- 1 nobody nobody621 Jan 23 23:52 phpriIcUP -rw--- 1 nobody nobody621 Jan 23 21:08 phprjpEzF -rw--- 1 nobody nobody 3687 Jan 23 13:47 phproPwxN -rw--- 1 nobody nobody621 Jan 23 16:56 phprwP7pg -rw--- 1 nobody nobody 3687 Jan 23 20:50 phps4QMnn -rw--- 1 nobody nobody 3687 Jan 23 12:54 phpsLvAsn -rw--- 1 nobody nobody 3687 Jan 23 09:43 phpsQY0fq -rw--- 1 nobody nobody621 Jan 23 03:55 phpsWuQcW -rw--- 1 nobody nobody 3687 Jan 23 20:51 phpsXCDrA -rw--- 1 nobody nobody621 Jan 23 13:02 phpsZFvoS -rw--- 1 nobody nobody621 Jan 23 13:49 phpsaQV5G -rw--- 1 nobody nobody 3687 Jan 23 09:52 phpsblh9N -rw--- 1 nobody nobody 3687 Jan 22 23:34 phpspGQgX -rw--- 1 nobody nobody621 Jan 23 21:07 phpsrzy5U -rw--- 1 nobody nobody 3687 Jan 22 19:13 phptN0sEj -rw--- 1 nobody nobody467 Jan 23 00:09 phptTPVTf -rw--- 1 nobody nobody621 Jan 23 20:07 phptgELvT Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Well, you should know what have installed, but there is no caching system by default. nico wrote: For information : i have php 4.3 (perhaps a new caching system) ? Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Those are temporery uploaded files, they should be there only while some script handling the upload is running, otherwise you have some problems. nico wrote: Hello, I've a lot of files named php in my tmp folders .. What's these files ? Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
On Fri, 24 Jan 2003 13:05:16 +0100, you wrote: and my ls dir -rw--- 1 nobody nobody 3687 Jan 23 14:25 phpqlG5ny -rw--- 1 nobody nobody621 Jan 22 21:06 phpqt95I4 -rw--- 1 nobody nobody424 Jan 23 00:04 phprM5Vkx [...] Some PHP applications do their own caching (Horde/Imp, for example) if you configure them to do so. Perhaps one of your installed apps is creating these files. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files PHP in tmp ?
No it's simple php file on websites with include on websites Nico Michael Sims [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On Fri, 24 Jan 2003 13:05:16 +0100, you wrote: and my ls dir -rw--- 1 nobody nobody 3687 Jan 23 14:25 phpqlG5ny -rw--- 1 nobody nobody621 Jan 22 21:06 phpqt95I4 -rw--- 1 nobody nobody424 Jan 23 00:04 phprM5Vkx [...] Some PHP applications do their own caching (Horde/Imp, for example) if you configure them to do so. Perhaps one of your installed apps is creating these files. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] files no longer upload!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 sure...we could look at your code if you showed it to us. Other than seeing it I'd say check 'register_globals'... HTH! ~Paul On Monday 20 January 2003 05:27 pm, Phil Powell wrote: I'm having a day, gang! I have done nothing to my code and now is_uploaded_file is constantly false, even when uploading a file every time. I dunno what to do, would someone want to look at my code and tell me what I did wrong; I'm out of ideas. Phil - -- ~Paul Nicholson Design Specialist @ WebPower Design [EMAIL PROTECTED] www.webpowerdesign.net The webthe way you want it! It said uses Windows 98 or better, so I loaded Linux! Registered Linux User #183202 using Register Linux System # 81891 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+LHibDyXNIUN3+UQRAvo0AKCAoCOjj0laMSUPEhqvH1EyGLvr7gCePfc0 29Eip+/Liu2BlBCxRRkrvZc= =eSjL -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files
if the file's not too long, you could use file() to read the file into
memory, then loop through the array you get back and look for the line(s)
you're after.
if you don't want to read the entire file into memory, you can loop through
the file with:
$f = fopen($file, r) or die(can't open file);
while (!foef($f))
{
$line = fgets($f, 1024); // increase length if your lines are longer
// line checking code here
}
fclose($f);
HTH
-Original Message-
From: Uma Shankari T. [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 07, 2002 2:55 PM
To: PHP
Subject: [PHP] Files
Hello,
Can anyone please clear my doubt...
I am having the input data in one file.
i need check whether some lines are there continuosly in that file and i
have to extract that line using file operation commands in php..how do i
go about with that ?? can anyone please tell me
Waiting for your reply
Uma
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files sorted by date?
At 30.04.2002 17:24, you wrote:
Hi there,
I got a number of files in the directory /reviews/txt which are reviews.
They are submitted by people all over the world.
Can someone please tell me what I need to do so that I can display them in
date order, newest at the top on a webpage?
Cheers, Ian.
---
Randum Ian
DJ / Reviewer / Webmaster, DancePortal (UK) Limited
[EMAIL PROTECTED]
http://www.danceportal.co.uk
DancePortal.co.uk - Global dance music media
exec(ls -lc reviews/txt/*,$result);
for($i=0;$i count($result);$i++)
{
if(($result[$i] ==.)||($result[$i] ==..)
{} // do notjing
else
{
do something with $result[$i];
}
}
HTH Oliver
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files sorted by date?
On Wednesday 01 May 2002 00:24, Randum Ian wrote: Hi there, I got a number of files in the directory /reviews/txt which are reviews. They are submitted by people all over the world. Can someone please tell me what I need to do so that I can display them in date order, newest at the top on a webpage? First look at Directory functions Then Filesystem functions Then Array Functions -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Support your right to arm bears!! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: php files on cd
| -Original Message- | From: Ivan Carey [mailto:[EMAIL PROTECTED]] | Sent: Tuesday, March 05, 2002 10:17 AM | Subject: [PHP] php files on cd | | Is it possible to put a mysql php web site on CD or maybe to | capture the site statically to put it onto cd. Hello, Ivan! Since php is a server based language, you'll always need a web server and the hypertext protocol. Maybe you can use a small web server like Xitami (on the Windows platform) to do the job. However, it's bound to be configured properly and to be started before use... The latter is easily to be done: I'm using HTTrack Website Copier (http://www.httrack.com) for this task. It's fairly adjustable and easy to use. Just try! Regards, Rodya Rodya Jörn Koester B2A MEDIA GRAFIC DESIGN Kassel,Germany,Europe,Earth -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: php, files, ownership....(was file manipulation)
I just sent an email just before reading this, to the developers I report to. I suggested that we take out the nice little feature I worked so hard on. I dont think it would be benificial to people Im writing it for, if it doesn't work for a great number of people who have their websites on a shared server. Oh well, back to the drawing board for my next plan to take over the world :) Thanks Richard Lynch wrote: You *CAN* do that with PHP as CGI wrapped with suexec... But you lose performance, and you'll have to convince the ISP to install that as a second mime-type with a different extension... They'll need to read the suexec docs at http://apache.org first and foremost. (Doing suexec incorrectly is quite dangerous) Other option is to chown or chmod the files to allow nobody to do what nobody needs to do -- Of course, that opens those files up for any other users on the shared server to mess with, and it's probably easier for an external hacker to gain nobody access than a real user. Safety is relative. How critical are these files, and how much do you trust fellow users on a shared resource web-server? You could also write some world-executable shell scripts that provide nobody with very specific actions they can do to/with the files -- You want to write that script as limited and carefully as possible so that *ONLY* the things you want to happen can happen. Bottom line: Unless you go hard-core with suexec, anything you set up can be figured out and potentially abused by any fellow users on the ISP. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Gerard Samuel [EMAIL PROTECTED] Newsgroups: php.general To: PHP [EMAIL PROTECTED] Sent: Thursday, October 04, 2001 7:24 PM Subject: php, files, ownership(was file manipulation) Ok, I found out what was causing some of the people who were using my script and have it fail. They are on a shared server and apache is being run as user nobody, so therefore the script is being run as nobody. But the the files has to have user ownership foo foo. Is it at all possible to have a script run as one user and create files as another. Dont know if it is even safe?? Or could you point me in another direction? Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: php, files, ownership....(was file manipulation)
You *CAN* do that with PHP as CGI wrapped with suexec... But you lose performance, and you'll have to convince the ISP to install that as a second mime-type with a different extension... They'll need to read the suexec docs at http://apache.org first and foremost. (Doing suexec incorrectly is quite dangerous) Other option is to chown or chmod the files to allow nobody to do what nobody needs to do -- Of course, that opens those files up for any other users on the shared server to mess with, and it's probably easier for an external hacker to gain nobody access than a real user. Safety is relative. How critical are these files, and how much do you trust fellow users on a shared resource web-server? You could also write some world-executable shell scripts that provide nobody with very specific actions they can do to/with the files -- You want to write that script as limited and carefully as possible so that *ONLY* the things you want to happen can happen. Bottom line: Unless you go hard-core with suexec, anything you set up can be figured out and potentially abused by any fellow users on the ISP. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Gerard Samuel [EMAIL PROTECTED] Newsgroups: php.general To: PHP [EMAIL PROTECTED] Sent: Thursday, October 04, 2001 7:24 PM Subject: php, files, ownership(was file manipulation) Ok, I found out what was causing some of the people who were using my script and have it fail. They are on a shared server and apache is being run as user nobody, so therefore the script is being run as nobody. But the the files has to have user ownership foo foo. Is it at all possible to have a script run as one user and create files as another. Dont know if it is even safe?? Or could you point me in another direction? Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: PHP files appearing in error_log
The issue is that every once in a while I get a full copy of a page in my system error_log. That is, not the error_log for the site the page exists on, but the /var/log/httpd/error_log. Wild Hypothesis: Some worm/virus/hacker is trying to access: http://yoursite.com/something/something/../../whatever.php in the hopes of getting into something. Apache and PHP are getting confused, and end up spewing your HTML/PHP file into the log as source. (Which sure beats giving the hacker anything, eh?) This questin *HAS* appeared before. Check the archives at http://php.net/support.php Not quite sure what key words will dredge up the thread, though... If this is in a FAQ somewhere or a common question, I apologize, I am new to this list. I would greatly appreciate a pointer to such a FAQ if it exists. Don't think this is an FAQ, but you want http://php.net/FAQ.php -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] files
Hi Jon, @ 10:25:43 AM on 5/23/2001, Jon Yaggie wrote: --(snip)-- I need to find the last update of one of any file in clients/$username. With out specificly knowing any of the filenames. As i can see there is no way for my script to list the files in this directory and there is no function to test for modifications of all files in a fiven directory. Well, of course you could use filemtime() to test the modification time. http://us.php.net/manual/en/function.filemtime.php Isn't that what you're looking for? As for all files, you could read the directory contents and test each file. -Brian -- PGP is spoken here: 0xE4D0C7C8 Please, DO NOT carbon copy me on list replies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: Re: [PHP] files
What i need is the function that allows me to read the files in the directory. This is what i can'g find. To be honest I am lazy and was hoping there may be a secret function out there like filetime() that worked on the whole directory. but all i really need is what function will read the contains of the direcotry? Jon
Re: [PHP] files
Hi Jon, @ 10:55:03 AM on 5/23/2001, Jon Yaggie wrote: What i need is the function that allows me to read the files in the directory. This is what i can'g find. --(snip)-- readdir() http://us.php.net/manual/en/function.readdir.php -Brian -- PGP is spoken here: 0xE4D0C7C8 Please, DO NOT carbon copy me on list replies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: Re: [PHP] files
Hi
function GetFiles ($DataPath, $files, $nfiles) {
// Reads a directory and puts filenames into a sorted array
$handle=opendir($DataPath);
if ($handle) {
$nfiles = -1;
while (false!==($file = readdir($handle))) {
if ($file != . $file != ..) {
$nfiles++;
$files[$nfiles] = $file;
}
}
sort($files);
closedir($handle);
}
return 0;
}
Rudolf Visagie
[EMAIL PROTECTED]
-Original Message-
From: Jon Yaggie [mailto:[EMAIL PROTECTED]]
Sent: 23 May 2001 04:55
To: [EMAIL PROTECTED]
Subject: Re: Re: [PHP] files
What i need is the function that allows me to read the files in the
directory. This is what i can'g find. To be honest I am lazy and was
hoping there may be a secret function out there like filetime() that worked
on the whole directory. but all i really need is what function will read
the contains of the direcotry?
Jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files
On 23-May-01 Jon Yaggie wrote:
Okay I am making a small script for a web design company. What it does so
far is take info - name, email, username,, pasword - which as all inputted
by the designer. Then it creates a directory clients/$username on the
company's server for the temp home of the clients web site. The design then
ftps all files into this directory. Other than index.html I have no idea
what the other files will be. so here is the problem
I need to find the last update of one of any file in clients/$username.
With out specificly knowing any of the filenames. As i can see there is no
way for my script to list the files in this directory and there is no
function to test for modifications of all files in a fiven directory.
in the end i want that when the client logs in the script can spit out you
website was last updated -
Ideas?
$cmd ='ls -t $dirname | head -1';
$p=popen($cmd, 'r');
$fname=fgetss($p,1000);
$mt=filemtime($fname);
pclose($p);
echo $fname, ' modified on ', strftime('%b %e, %G', $mt);
Regards,
--
Don Read [EMAIL PROTECTED]
-- It's always darkest before the dawn. So if you are going to
steal the neighbor's newspaper, that's the time to do it.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] files created with mkdir and open(file,w+) are owned by nobody
the owner of the files i believe will be hte user running the webserver since the
webdserver itself
is making the files.
apache by defauly runs as nobody:nobody
if you want to change this i think php has a chown funciton or you can run your
webserver as a
different user name/group
Ryan Hilton wrote:
I'm creating directories and files inside of a php program and they are
owned by nobody.
How can I assign an owner to them and who should the owner be?
Where is documentation for these types of questions?
Here is the code snipet:
create a directory - I would also like to create it with 775 privledges, but
I can't create a file in the directory unless it is 777:
if(!file_exists(DIRECTORY))
{
// create the directory
$oldumask = umask(0);
mkdir(DIRECTORY, 0777); // or even 775 is more secure
umask($oldumask);
if(!is_dir(DIRECTORY))
{
$return_status[0] = false;
$return_status[1] = there was an error creating the
directory.;
return $return_status;
}
}
create a file:
$fd = fopen($file,w+);
if(!$fd)
{
$return_status[0] = false;
$return_status[1] = 3) A system configuration error has
been detected.
Your request cannot be processed.;
return $return_status;
}
Thanks in advance for your help,
Ryan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] files
Change the permissions of the /etc/passwd file, use safe mode or suExec --zak - Original Message - From: php [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, May 06, 2001 11:14 PM Subject: [PHP] files Good day to you all How can I keep php scripts from reading the /etc/passwd (for example) or any other file? Sincerely, G. Dimitrov -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files without type???
On Wed, 18 Apr 2001 15:53, Morten Winkler Jrgensen wrote:
Hi php'ers
Executing the following code on my Redhat 7.2 box, through Apache i
get the most annoying output:
Code:
function listDirectory($basedir){
$diary_directory = opendir($basedir);
while($filename = readdir($diary_directory)) {
if(strcmp(".", $filename) != 0) {
Here you need to prefix the full path ($basedir ?) to $filename, else the
script will try to find the file in the current working directory.
if(strcmp("..", $filename) != 0) {
print("br$filename is \"");
print filetype($filename)."\"";
}
}
}
closedir($diary_directory);
}
listDirectory(".");
Output (sample):
index.php is "" (should be "file")
Ansatte is ""(should be "dir")
Produkter is "" (should be "dir")
Kontorer is "dir"
view.php3 is "" (should be "file")
What could possibly be the error?
Kind regards,
Morten Winkler
--
David Robley| WEBMASTER Mail List Admin
RESEARCH CENTRE FOR INJURY STUDIES | http://www.nisu.flinders.edu.au/
AusEinet| http://auseinet.flinders.edu.au/
Flinders University, ADELAIDE, SOUTH AUSTRALIA
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] files with html extension
Jeff Armstrong wrote: This is exactly why http://www.w3.org recommend that you DONT SPECIFY A FILE TYPE TYPE in your HREFs. But doth that actually work - how many web servers are able to handle this type of link correctly? Ummm... and what happens (or is supposed to happen) to resolve xxx.html and xxx.php? -- Regards, Harshdeep Singh Jawanda. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
Yes it works in Apache - try it!
You could also read the Apache documentation on Content
Negotiation. The following is a quote
-
Note on hyperlinks and naming conventions
If you are using language negotiation you can choose between
different naming conventions, because files can have more than
one extension...
snip
Looking at the table above you will notice that it is always
possible to use the name without any extensions in an hyperlink
(e.g., foo). The advantage is that you can hide the actual type
of a document rsp. file and can change it later, e.g., from html
to shtml or cgi without changing any hyperlink references.
-
On how it resolves conflicts?
Not documented, but a quick fiddle seems to indicate
that it does the following:
if (no_specific_type_requested()) {
get list of possible files in ALPHABETICAL order
if (file_is_recognised_mime_type())
return this file
recognised mime types come from /etc/mime.types
Regards
Jeff
-Original Message-
From: Harshdeep S Jawanda [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 22, 2001 11:06 AM
To: Jeff Armstrong
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] files with html extension
Jeff Armstrong wrote:
This is exactly why http://www.w3.org recommend that you DONT
SPECIFY A FILE TYPE TYPE in your HREFs.
But doth that actually work - how many web servers are able to handle this
type
of link correctly?
Ummm... and what happens (or is supposed to happen) to resolve xxx.html and
xxx.php?
--
Regards,
Harshdeep Singh Jawanda.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
You can tell apache to have the php interpreter parse files with an html extension, thereby letting you use the tags in html files...whether this is a good solution or not is another question.that would mean that each file would get parsedwhy are you trying to do this? jack -Original Message- From: Rick VanNorman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 20, 2001 12:21 PM To: [EMAIL PROTECTED] Subject: [PHP] files with html extension Hi, Is is possible to use the php script tags in files with an html extension? I'm running 4.0.4pl1 and apache 1.3.12 on OpenBSD 2.8. Thanks, Rick VanNorman -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
On 3/20/2001 at 12:29 PM Jack Dempsey wrote: You can tell apache to have the php interpreter parse files with an html extension, thereby letting you use the tags in html files...whether this is a good solution or not is another question.that would mean that each file would get parsedwhy are you trying to do this? To be able to include php code in otherwise full html files; most especially to allow me to do it without having to change the name of every file and fix every href in the entire site. So, exactly how do I tell apache to do this? Thanks, Rick 1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
for php4: AddType application/x-httpd-php .html for php3: AddType application/x-httpd-php3 .html On Tue, 20 Mar 2001 10:12:56 -0800, Rick VanNorman ([EMAIL PROTECTED]) wrote: On 3/20/2001 at 12:29 PM Jack Dempsey wrote: You can tell apache to have the php interpreter parse files with an html extension, thereby letting you use the tags in html files...whether this is a good solution or not is another question.that would mean that each file would get parsedwhy are you trying to do this? To be able to include php code in otherwise full html files; most especially to allow me to do it without having to change the name of every file and fix every href in the entire site. So, exactly how do I tell apache to do this? Thanks, Rick 1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: php-list- [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] files with html extension
Personally I recommend people don't do this unless their web server is going to serve only(or mostly) php pages, and very few straight html pages. It will save you time mucking around on the server, but the increase in overhead isn't really worth it. IMHO of course. -- phill -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
I agree with Phill, don't make all your HTML into PHP
unless you aint got much - but hey if you aint got much then
you can fix the real problem!
soapbox: {
The issue here seems to derive from the fact that all
the internal HREFs point to xxx.html
This is exactly why http://www.w3.org recommend that you DONT
SPECIFY A FILE TYPE TYPE in your HREFs.
Cool URIs Dont change - http://www.w3.org/Provider/Style/URI
Good!!
A HREF=/somepage Some Page!/A
NOT good!
A HREF=/somepage.html Some Page!/A
^
Let the server decide which page to dish.
Then it's easy peasy to replace xxx.html with xxx.php or even
xxx.my_new_language_of_the_moment.
};
Jeff
-Original Message-
From: Phillip Bow [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 20, 2001 6:35 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] files with html extension
Personally I recommend people don't do this unless their web server is going
to serve only(or mostly) php pages, and very few straight html pages. It
will save you time mucking around on the server, but the increase in
overhead isn't really worth it. IMHO of course.
--
phill
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
This is the best idea I've heard/read yet. Thanks Jeff! Rick VanNorman *** REPLY SEPARATOR *** On 3/20/2001 at 6:49 PM Jeff Armstrong wrote: This is exactly why http://www.w3.org recommend that you DONT SPECIFY A FILE TYPE TYPE in your HREFs. Cool URIs Dont change - http://www.w3.org/Provider/Style/URI Good!! A HREF=/somepage Some Page!/A NOT good! A HREF=/somepage.html Some Page!/A ^ Let the server decide which page to dish. Then it's easy peasy to replace xxx.html with xxx.php or even xxx.my_new_language_of_the_moment. }; e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] files with html extension
From the doc: --- How can I remove the file extensions... ...from my URIs in a practical file-based web server? If you are using, for example, Apache, you can set it up to do content negotiation. -- How is this done? Jeff Oien On 3/20/2001 at 6:49 PM Jeff Armstrong wrote: This is exactly why http://www.w3.org recommend that you DONT SPECIFY A FILE TYPE TYPE in your HREFs. Cool URIs Dont change - http://www.w3.org/Provider/Style/URI Good!! A HREF=/somepage Some Page!/A NOT good! A HREF=/somepage.html Some Page!/A ^ Let the server decide which page to dish. Then it's easy peasy to replace xxx.html with xxx.php or even xxx.my_new_language_of_the_moment. }; e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files only available via HTTPS
And if you can't seperate the root directorys of the secure and not secure
servers, you can setup and aliases directory under the secure server and it
will be the only one that can see that dir.
On Fri, 9 Feb 2001, Daniel Tryba wrote:
On Thu, Feb 01, 2001 at 04:29:09PM -0800, Michael Conley wrote:
I have several PHP files that I only want users to be able to access
via
HTTPS. How can I control that on an Apache 1.3.14 server running on
RedHat
7? I have openssl and mod_ssl working fine. Currently, I can access
all of
the files on my site via either http or https. I want to keep certain
files
(with interesting information) from being accessed via http. I realize
this
isn't really a PHP question, but I have no idea how to do this.
You could check on which port the request was made for the php file.
https is usually port 443
if ($SERVER_PORT!=443)
header("Location: https://server/$PHP_SELF");
While that will usually (99.9% of the time) work, this is closer to 100%:
if(preg_match("!/^https/i", REQUEST_URL)) {
...
}
But the other answer about seperating the server root of the SSL server
and
standard server is really, truely, a 100%-of-the-time solution since the
files
cannot be accessed any other way, and it doesn't require every page to be
parsed by PHP, so you can isolate PDF, plain text, and graphic files as
well
as HTML.
--
Adam Knight
[EMAIL PROTECTED]
AIM: AdamKnight ICQ:
3848971
__Codito, ergo
sum__
I'm not expendable, I'm not stupid, and I'm not going.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files only available via HTTPS
On Thu, Feb 01, 2001 at 04:29:09PM -0800, Michael Conley wrote:
I have several PHP files that I only want users to be able to access via
HTTPS. How can I control that on an Apache 1.3.14 server running on RedHat
7? I have openssl and mod_ssl working fine. Currently, I can access all of
the files on my site via either http or https. I want to keep certain files
(with interesting information) from being accessed via http. I realize this
isn't really a PHP question, but I have no idea how to do this.
You could check on which port the request was made for the php file.
https is usually port 443
if ($SERVER_PORT!=443)
header("Location: https://server/$PHP_SELF");
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files only available via HTTPS
HTTPS is set to "on", at least on my Apache when SSL is enabled.
it's undefined when it's not.
this is what I would do (untested code below):
function UsingHTTPS()
{
$HTTPS = getenv("HTTPS");
return ($HTTPS == "on");
}
function UsingHTTP() // might be useful?
{
return !UsingHTTPS();
}
function ChangeTransport($transport)
{
$vars = array("REQUEST_URI", "SERVER_NAME");
foreach ($vars as $var)
{
$$var = getenv("$var");
}
$newURL = "Location: $transport://".$SERVER_NAME.$REQUEST_URI;
header($newURL);
exit();
}
and then do a:
if (!UsingHTTPS())
{
ChangeTansport("https");
}
-aaron
At 4:29 PM -0800 2/1/01, Michael Conley wrote:
I have several PHP files that I only want users to be able to access via
HTTPS. How can I control that on an Apache 1.3.14 server running on RedHat
7? I have openssl and mod_ssl working fine. Currently, I can access all of
the files on my site via either http or https. I want to keep certain files
(with interesting information) from being accessed via http. I realize this
isn't really a PHP question, but I have no idea how to do this.
Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files only available via HTTPS
On Thu, Feb 01, 2001 at 04:29:09PM -0800, Michael Conley wrote: I have several PHP files that I only want users to be able to access via HTTPS. One way is to place these files only where the https server can see them. heres an example: IfDefine SSL . . VirtualHost x.x.x.x:443 DocumentRoot "/secure/secure_dir1" ServerName server.xxx.net /VirtualHost Of course if your non secure server knows about /secure/ its still possible for someone to see them. In this example use diff doc_roots. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Files only available via HTTPS
http://www.modssl.org/docs/2.6/ssl_reference.html#ToC22
jason
- Original Message -
From: "Daniel Tryba" [EMAIL PROTECTED]
To: "Michael Conley" [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, February 09, 2001 12:24 PM
Subject: Re: [PHP] Files only available via HTTPS
On Thu, Feb 01, 2001 at 04:29:09PM -0800, Michael Conley wrote:
I have several PHP files that I only want users to be able to access via
HTTPS. How can I control that on an Apache 1.3.14 server running on
RedHat
7? I have openssl and mod_ssl working fine. Currently, I can access
all of
the files on my site via either http or https. I want to keep certain
files
(with interesting information) from being accessed via http. I realize
this
isn't really a PHP question, but I have no idea how to do this.
You could check on which port the request was made for the php file.
https is usually port 443
if ($SERVER_PORT!=443)
header("Location: https://server/$PHP_SELF");
--
Daniel Tryba
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
