Re: [PHP] Re: While on the topic of PHP Web Site Stats - SharePoint...

[Tommy Pham]

I don't know about external facing and 'most web sites use SharePoint' but
SharePoint is mainly used in conjunction with other midsize/enterprise MS
applications such as Exchange, SQLServer and other MS products, including
SSO integration with Active Directory.  I've yet to see it used as
standalone with only MS SQLServer.  If you want to use a CMS without having
the need to use any other enterprise, or midsize, MS apps, it's expensive to
deploy as you'll need to deploy on Windows.  On top of that, the recent
version Foundation 2010 is a PAIN IN THE *SS to deploy and maintain with any
SQL Express version.  Don't even think about developing it further on the
Foundation 2010.  Buying MS SQLServer just for the sake of SharePoint only
is not worthwhile as that cost is even higher.  Furthermore, SharePoint
2010, even the free version Foundation, is very hardware demanding.  Simply
put, if your company currently using any MS products, Exchange, SQLServer,
etc. and is midsize+, then it maybe justifiable to use SharePoint, not just
the free version.  Else, if you just need a CMS that's the lowest TCO and
easier to maintain, stick w/ PHP and Open Source, IMO.

Regards,
Tommy

[PHP] Re: While on the topic of PHP Web Site Stats - SharePoint...

[Ross McKay]

On Mon, 19 Sep 2011 16:22:59 -0600, George Langley wrote:

>[...]
>   Any stats on (warning - buzzwords ahead) "External-facing" web 
>sites using SharePoint? [...]

Try here:

http://w3techs.com/technologies/overview/content_management/all

(SharePoint comes in at 0.1% of all websites, 0.3% of all CMS; i.e.
wy behind the PHP-based CMS out there -- e.g. WordPress on 14.9%
websites and 54.4% CMS)
-- 
Ross McKay, Toronto NSW Australia
"All we are saying
 Is give peas a chance" - SeedSavers

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] While on the topic of PHP Web Site Stats - SharePoint...

[Daniel Brown]

On Mon, Sep 19, 2011 at 18:22, George Langley  wrote:
>        Hi all. Had a meeting today where I was rather condescendingly told 
> that most CMS web sites use SharePoint.

Well, you may reply, equally condescendingly, that you will need
that to have cited references, as it's simply incorrect.  According to
the latest survey conducted by w3techs.com[1], though SharePoint is
used on sites with some of the highest traffic on the Internet, its
saturation point is just 0.3%.

According to the survey, the five CMS platforms ahead of it in
popularity, in order, are (and quite expectedly): WordPress, Joomla!,
Drupal, vBulletin, and Blogger.  And of those five, one is a service
(blogger.com), and the rest are all open-source CMS systems ---
written in PHP.

-- 

Network Infrastructure Manager
http://www.php.net/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] While on the topic of PHP Web Site Stats - SharePoint...

[George Langley]

Hi all. Had a meeting today where I was rather condescendingly told 
that most CMS web sites use SharePoint. Last I checked:



Wordpress, Joomla! and Drupal (PHP, PHP and oh look, PHP) kind of had the CMS 
market wrapped up, with numerous other systems fighting for the remains. In 
fact, I don't see SharePoint even listed at the above link.

Any stats on (warning - buzzwords ahead) "External-facing" web sites 
using SharePoint?

At $$$ for the required server software, compared to <$ for just about 
anything PHP-based, can only imagine companies using SharePoint must have their 
IT department in charge of the web site. Am sure it's fine as an internal 
project management tool, but am very concerned when other developers tell me to 
run away from anyone who chooses to use SharePoint on anything public.
Thanks.


George Langley
Interactive Developer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web site link request

[Daniel Brown]

On Fri, Mar 11, 2011 at 23:00, Kirk Bailey  wrote:
> May I have suggestions of websites I would do well to visit to improve my
> php skills? Links please, with a breif description if you would be so good.

http://php.net/links --- Overall links
http://phpbuilder.com/---  General PHP community site
http://devnetwork.net/ --- Collection of resources
http://phpfreaks.com/ --- PHP community site

And just two of the many sites operated by your peers:

http://php1.net/  --- Tedd Sperling
http://phpguru.org/ --- Richard Heyes

-- 

Network Infrastructure Manager
http://www.php.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] web site link request

[Kirk Bailey]

May I have suggestions of websites I would do well to visit to 
improve my php skills? Links please, with a breif description if you 
would be so good.


--
end

Very Truly yours,
 - Kirk Bailey,
   Largo Florida

   kniht
  +-+
  | BOX |
  +-+
   think


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[George Langley]

On 26-Sep-09, at 2:38 AM, Ashley Sheridan wrote:


I tend to usually go with the following, using what fits with the
project:

index.php
styles/
images/
scripts/
includes/

---
Add files/ for any download-able files.
	Then for multi-lingual projects, I'll add a content/[language]/  
structure, to put my content php files in, while leaving the  
structural php files on the root. User preferences and cookies form  
the path to grab the content, but this way you get similar (and  
shorter) URLs.



George Langley
Multimedia Developer

www.georgelangley.ca

RE: [PHP] Web Site Directory Layout

[Caner Bulut]

Thanks for help.

 

Caner.

 

  _  

From: דניאל דנון [mailto:danondan...@gmail.com] 
Sent: Saturday, September 26, 2009 2:35 PM
To: Caner Bulut
Cc: php-general@lists.php.net
Subject: Re: [PHP] Web Site Directory Layout

 

There is no standard for that - Its your choice,

I usually use something like
index.php
configuration.php
template/
template/NAME/template.html
template/NAME/template.css
template/NAME/images/ 
modules/
modules/connection/MySQL.php

etc.





On Sat, Sep 26, 2009 at 1:50 AM, Caner Bulut  wrote:

Hi All,



Is there a stable or standart directory layout for PHP project (like web
sites)?.



Example;



index.php

img/

css/

js/

lib/

doc/

tools/



Thanks.









-- 
Use ROT26 for best security

Re: [PHP] Web Site Directory Layout

[דניאל דנון]

There is no standard for that - Its your choice,

I usually use something like
index.php
configuration.php
template/
template/NAME/template.html
template/NAME/template.css
template/NAME/images/ 
modules/
modules/connection/MySQL.php

etc.




On Sat, Sep 26, 2009 at 1:50 AM, Caner Bulut  wrote:

> Hi All,
>
>
>
> Is there a stable or standart directory layout for PHP project (like web
> sites)?.
>
>
>
> Example;
>
>
>
> index.php
>
> img/
>
> css/
>
> js/
>
> lib/
>
> doc/
>
> tools/
>
>
>
> Thanks.
>
>
>
>
>
>


-- 
Use ROT26 for best security

Re: [PHP] Web Site Directory Layout

[Ashley Sheridan]

On Fri, 2009-09-25 at 22:26 -0400, Robert Cummings wrote:
> Caner Bulut wrote:
> > Hi All,
> > 
> > Is there a stable or standart directory layout for PHP project (like web
> > sites)?. 
> > 
> > Example;
> > 
> > index.php
> > img/
> > css/
> > js/
> > lib/
> > doc/
> > tools/
> > 
> > Thanks.
> 
> There's no standard. My advice is to use easily identifiable names. The 
> above are quite obbvious. My own preference though is to not shorten 
> names. For instance, I would use the following in place of what you have 
> provided as examples:
> 
> index.php
> images/
> css/
> javascript/
> lib/
> documents/
> tools/
> 
> That's just personal preference though :)
> 
> Cheers,
> Rob.
> -- 
> http://www.interjinn.com
> Application and Templating Framework for PHP
> 

I tend to usually go with the following, using what fits with the
project:

index.php
styles/
images/
scripts/
includes/

sometimes I might add directories where it makes sense to, other times
I'll compartmentalise the existing directories further. There's not any
standard, but I think if you yourself decide on some sort of convention
you will use that makes sense to you, it makes things a lot easier in
the long run.

Thanks,
Ash
http://www.ashleysheridan.co.uk




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[Robert Cummings]

Caner Bulut wrote:

Hi All,

Is there a stable or standart directory layout for PHP project (like web
sites)?. 


Example;

index.php
img/
css/
js/
lib/
doc/
tools/

Thanks.


There's no standard. My advice is to use easily identifiable names. The 
above are quite obbvious. My own preference though is to not shorten 
names. For instance, I would use the following in place of what you have 
provided as examples:


index.php
images/
css/
javascript/
lib/
documents/
tools/

That's just personal preference though :)

Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[Daniel Brown]

On Fri, Sep 25, 2009 at 19:30, Caner Bulut  wrote:
>
> I will be out of office between 18th - 28th of June.

That's fantastic.  Have a nice ten-day vacation nine months from
now.  Thanks for letting us know so far in advance!  ;-P

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[Daniel Brown]

On Fri, Sep 25, 2009, Caner Bulut  wrote:
>
> Is there a stable or standart directory layout for PHP project (like web 
> sites)?.

The very plain, simple answer is: no.  There are similarities
between projects, and common, logical reasons for doing them but
nothing that would quite earn the description "standard."  It's what
makes sense to you, and what you think will make sense to future
developers who will inherit your project.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[Jim Lucas]

Caner Bulut wrote:
> Hi All,
> 
> Is there a stable or standard directory layout for PHP project (like web
> sites)?. 
> 
> Example;
> 
> index.php
> img/
> css/
> js/
> lib/
> doc/
> tools/
> 
> Thanks.
> 

Here are a few references that I found with a quick G search

http://www.shorewalker.com/blog/naming_conventions.html
http://www.haas.ca/Intranet/Naming_Conventions.cfm
http://www.llslim.com/users/slim/blog/2009/directory-structure-and-naming-conventions-web-development
http://lvsonline.com/online-website-class/?page_id=15
http://www.ryerson.ca/cmssupport/standards/Ryerson_guidelines_naming_conventions_version2.0.pdf

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Web Site Directory Layout

[Caner Bulut]

Thanks Bastien for your advice,

But i still waiting some more advice from experienced developers, maybe this
is related about security and directory permissions?

Thanks.

-Original Message-
From: Phpster [mailto:phps...@gmail.com] 
Sent: Saturday, September 26, 2009 2:19 AM
To: Caner Bulut
Cc: ; 
Subject: Re: [PHP] Web Site Directory Layout



On Sep 25, 2009, at 6:50 PM, "Caner Bulut"  wrote:

> Hi All,
>
>
>
> Is there a stable or standart directory layout for PHP project (like  
> web
> sites)?.
>
>
>
> Example;
>
>
>
> index.php
>
> img/
>
> css/
>
> js/
>
> lib/
>
> doc/
>
> tools/
>
>
>
> Thanks.


It depends. Using of the many frameworks will force you to userheir  
layout. If you are coding your own site without one, the you can use  
whatever you want.

Thanks

Bastien


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Directory Layout

[Phpster]

On Sep 25, 2009, at 6:50 PM, "Caner Bulut"  wrote:


Hi All,



Is there a stable or standart directory layout for PHP project (like  
web

sites)?.



Example;



index.php

img/

css/

js/

lib/

doc/

tools/



Thanks.



It depends. Using of the many frameworks will force you to userheir  
layout. If you are coding your own site without one, the you can use  
whatever you want.


Thanks

Bastien

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Web Site Directory Layout

[Caner Bulut]

Hi All,

 

Is there a stable or standart directory layout for PHP project (like web
sites)?. 

 

Example;

 

index.php

img/

css/

js/

lib/

doc/

tools/

 

Thanks.

 

 

Re: [PHP] Web Site Security Hole

[Brent Baisley]

If properly designed, it shouldn't really matter if someone sees your 
code. Everyone can see the source code for Linux and lots of other 
systems you may be using (MySQL, PHP, etc.), but they are considered 
fairly secure. Knowing your methodology will only help someone in 
finding security holes in your code. Knowing your table structures and 
how you query them only allows someone to skip the trial and error 
phase of hacking.

Keeping important information outside the document will prevent 
downloading of that information using the method your describe. If the 
web server is configured correctly of course. Your code should fail 
gracefully if the relevant information and validation is not present. 
It sounds like you've read about proper security measures. As long as 
you always assume that the data you are receiving may not have come 
from one your pages, you should be in pretty good shape.

On Apr 7, 2005, at 9:55 AM, Don wrote:
Hi,
I'm developing a small web site that does a bit of e-commerce (that is,
it creates security keys and such). I've been very careful to keep all
constants used in calculations in a local directory above docroot, but
all of my main .php pages are in (or under) docroot (my host won't 
allow
.php scripts to operate in /cgi-bin).

I was feeling pretty secure until a friend reminded me you can download
complete sites by importing them with such tools as FrontPage and
Dreamweaver. That way, the "protection" provided by the PHP server is
non-existant.
Someone doing an import would be able to see the specific methodology
I'm using for calculations and security, even though they wouldn't have
access to MySQL passwords and constants. But the "security" that
provides suddenly doesn't seem like much security at all!
Can I manage this situation by setting directory and/or file 
permissions
in docroot? Or is there some other solution?

Thanks in advance.
-Don
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site Security Hole

[Duncan Hill]

On Thursday 07 April 2005 14:55, Don typed:
> I was feeling pretty secure until a friend reminded me you can download
> complete sites by importing them with such tools as FrontPage and
> Dreamweaver. That way, the "protection" provided by the PHP server is
> non-existant.

This is only possible in limited cases, normally when WEBDAV is enabled.  Any 
other attempts to scrape the site will just get the parsed output, not the 
raw code.

-- 
My mind not only wanders, it sometimes leaves completely.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Web Site Security Hole

[Don]

Hi,

I'm developing a small web site that does a bit of e-commerce (that is, 
it creates security keys and such). I've been very careful to keep all 
constants used in calculations in a local directory above docroot, but 
all of my main .php pages are in (or under) docroot (my host won't allow 
.php scripts to operate in /cgi-bin). 

I was feeling pretty secure until a friend reminded me you can download 
complete sites by importing them with such tools as FrontPage and 
Dreamweaver. That way, the "protection" provided by the PHP server is 
non-existant.

Someone doing an import would be able to see the specific methodology 
I'm using for calculations and security, even though they wouldn't have 
access to MySQL passwords and constants. But the "security" that 
provides suddenly doesn't seem like much security at all!

Can I manage this situation by setting directory and/or file permissions 
in docroot? Or is there some other solution?

Thanks in advance.

-Don

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Wendell Brown]

On Mon, 7 Jul 2003 21:01:40 +0100 (BST), Graham Rule wrote:

>The only place that they are
>available is to PHP scripts run in the relevant directory. 

Which means that if a hacker finds a cross script hack in one of those
directories (ie, if you have a security hole in one of your php
scripts), then it would be possible to access mysql.default_user and
mysql.default_password via ini_get()... wouldn't it?  And yes, I
understand you could turn on safe_mode or turn off the ini_get()
function.

I think the answer is that there isn't a 100% secure way to store
user_id / passwords that can be reconstituted.  Unfortunately, I don't
know what the most secure way to do this would be.  Your way MAY be the
best that we can get, but it kinda give me the heebie jeebies.  :)


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Graham Rule]

On Mon, 30 Jun 2003, Peter Janett wrote:
> This issue seems to be a huge issue, and I've been looking for a good
> solution for quite a long time.  My concern is that a shell emulating PHP or
> Perl script run as Apache can read or copy ANY PHP script used with PHP as
> an Apache module.

The reason I use php_value settings in Apache configuration files is to
get round these problems.  Provided these configuration files are only
able to be read by Apache when starting up (running as root, binding to
port 80, opening log files etc) no users' login shells, perl CGI scripts,
or shell CGI scripts can read them.  The only place that they are
available is to PHP scripts run in the relevant directory.  They cannot be
seen by PHP scripts run in other virtual servers or outwith the specified 
directory tree.

As far as I can see the only downside is that they are still held in plain 
text anywhere, and that Apache has to be restarted (gracefully) whenever 
they are changed.  It does of course assume that whoever is managing the 
server (has root access) is trusted with the MySQL passwords.

The only real doubt at the back of my mind about this is that a clever 
mod_perl programmer might be able to get Apache to disclose the 
information that should only be seen by PHP.  But then, you don't go 
around letting just anyone install mod_perl hacks in your server do you?

I'd be very grateful if anyone out there who can see any problems with my 
approach would let me know.

Graham
--
Graham Rule <[EMAIL PROTECTED]>
Computing Services, The University of EdinburghPhone: +44 131 650 6628
Main Library, George Sq, Edinburgh EH8 9LJ Fax:   +44 131 650 6547


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Peter Janett]

I played around with this, but couldn't get this to work in my httpd.conf:
php_value disable_functions phpinfo

Not sure why.

I did discover, however, that the username and password will no show up in
phpinfo UNLESS phpinfo() is called from within the directory, in our example
that would be /var/www/html/mydatabase.

That would mean that in order for someone to get the user/pass, they would
have to write a php script into my directory.

Any more thoughts?  This seems very appealing to me.

Thanks,

Peter Janett

New Media One Web Services, LLC
http://www.newmediaone.net
[EMAIL PROTECTED]
(303)828-9882



-Original Message-
From: Derick Rethans [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 2:59 PM
To: Wendell Brown
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [PHP] web site security: how to hide login info for
mysql-connection


On Mon, 30 Jun 2003, Wendell Brown wrote:

> On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote:
>
> >
> >   php_value mysql.default_user fred
> >   php_value mysql.default_password secret
> >   php_value mysql.default_host server.example.com
> >
>
> H what about phpinfo()?  It shows those settings in the clear.

php_value disable_functions phpinfo

Derick

--
"Interpreting what the GPL actually means is a job best left to those
that read the future by examining animal entrails."
-
 Derick Rethans http://derickrethans.nl/
 International PHP Magazine  http://php-mag.net/
-


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Mark]

That's where this thread started...

--- Wendell Brown <[EMAIL PROTECTED]> wrote:
> On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote:
> 
> >My concern is that a shell emulating PHP or
> >Perl script run as Apache can read or copy ANY PHP script used
> with PHP as
> >an Apache module.
> 
> It seems to me like the safest way to handle this would be to
> create a
> function that opens the database (with the user_id and password
> hard
> coded) and returns a handle to the open db.  Then put this function
> into a "include" directory outside the document root (you might
> have to
> disable fopen_with_path).
> 
> function openDB() {
> 
>   $MYSQL_Server   = "localhost";
>   $MYSQL_DB   = "db";
>   $MYSQL_User = "user";
>   $MYSQL_Password = "password";
> 
>   // Connect to database
>   $dbID = mysql_connect($MYSQL_Server, $MYSQL_User,
> $MYSQL_Password)
>   or die("Could not connect");
> 
>   mysql_select_db( $MYSQL_DB )
>   or die("Could not select database");
> 
>   return( $dbID );
> }
> 
> Then call openDB() from your module
> 
>  
>   include "hidden.php";
> 
>   $dbHandle = openDB();
> 
>   // whatever you want to do with the db here
> 
> ?>
> 
> Comments??
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


=
Mark Weinstock
[EMAIL PROTECTED]
***
You can't demand something as a "right" unless you are willing to fight to death to 
defend everyone else's right to the same thing.
***

__
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Wendell Brown]

On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote:

>My concern is that a shell emulating PHP or
>Perl script run as Apache can read or copy ANY PHP script used with PHP as
>an Apache module.

It seems to me like the safest way to handle this would be to create a
function that opens the database (with the user_id and password hard
coded) and returns a handle to the open db.  Then put this function
into a "include" directory outside the document root (you might have to
disable fopen_with_path).

function openDB() {

  $MYSQL_Server   = "localhost";
  $MYSQL_DB   = "db";
  $MYSQL_User = "user";
  $MYSQL_Password = "password";

  // Connect to database
  $dbID = mysql_connect($MYSQL_Server, $MYSQL_User, $MYSQL_Password)
  or die("Could not connect");

  mysql_select_db( $MYSQL_DB )
  or die("Could not select database");

  return( $dbID );
}

Then call openDB() from your module



Comments??


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Derick Rethans]

On Mon, 30 Jun 2003, Wendell Brown wrote:

> On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote:
> 
> >
> >   php_value mysql.default_user fred
> >   php_value mysql.default_password secret
> >   php_value mysql.default_host server.example.com
> >
> 
> H what about phpinfo()?  It shows those settings in the clear.

php_value disable_functions phpinfo

Derick

-- 
"Interpreting what the GPL actually means is a job best left to those
that read the future by examining animal entrails."
-
 Derick Rethans http://derickrethans.nl/ 
 International PHP Magazine  http://php-mag.net/
-


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Mike Migurski]

>>
>>   php_value mysql.default_user fred
>>   php_value mysql.default_password secret
>>   php_value mysql.default_host server.example.com
>>
>
>H what about phpinfo()?  It shows those settings in the clear.

solution: don't leave stray phpinfo's on a production site. :)

-
michal migurski- contact info and pgp key:
sf/cahttp://mike.teczno.com/contact.html


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Wendell Brown]

On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote:

>
>   php_value mysql.default_user fred
>   php_value mysql.default_password secret
>   php_value mysql.default_host server.example.com
>

H what about phpinfo()?  It shows those settings in the clear.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] web site security: how to hide login info for mysql-connection

[Peter Janett]

This issue seems to be a huge issue, and I've been looking for a good
solution for quite a long time.  My concern is that a shell emulating PHP or
Perl script run as Apache can read or copy ANY PHP script used with PHP as
an Apache module.

I setup Apache SuExe on my server, and use it with Perl, and optionally PHP.
I don't want to make CGI based PHP the default, because running PHP as a CGI
slows it down a bit, but more importantly, limits a few functions.

I was reading the PHP site, and found an interesting idea at
http://us3.php.net/manual/en/function.mysql-connect.php in the user notes.
-
Another solution to the security problems of putting usernames and passwords
into scripts. I haven't found this documented anywhere else so thought I'd
suggest it for the online documentation. 

Don't put passwords for mysql into scripts which may be read by any user on
the machine.  Instead put them into an Apache configuration file and make
sure that it is not world-readable. (Apache reads its main config files as
root.)

For example, add this to your httpd.conf (and chmod it to 600 or 660) then
tell your apache to reload itself (apachectl graceful).


   php_value mysql.default_user fred
   php_value mysql.default_password secret
   php_value mysql.default_host server.example.com


Then all you need in your PHP code is

$handle = mysql_connect() or die(mysql_error());

The passwords etc will only be picked up by scripts running in the named
directory (or a sub-directory).  The same may be done for virtualhosts etc.

If you don't want to keep reloading your Apache server then you ay test
things putting the php_value directives into a (world readable) .htaccess
file. (Clearly not for production use.)

If you need to debug the values that are being supplied (or not) then use
this snippet:

@syslog(LOG_DEBUG, "Using user=".ini_get("mysql.default_user").
 " pass=".ini_get("mysql.default_password").
  " host=".ini_get("mysql.default_host"));

(This assumes that you are not running in 'safe_mode' and that you are on a
unix of some sort.)

I can't think of why this wouldn't work, and it seems much more secure than
just putting the PHP script with the passwords outside the web root.

Has anyone done this?  Any thoughts on how someone could still get the
passwords with this setup?

Thanks,

Peter Janett

New Media One Web Services, LLC
http://www.newmediaone.net
[EMAIL PROTECTED]
(303)828-9882



-Original Message-
From: Mark [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 8:34 AM
To: Jaap van Ganswijk; [EMAIL PROTECTED]
Subject: Re: [PHP] web site security: how to hide login info for
mysql-connection


How do you handle storing the login info then? Do you encrypt the
file and decrypt it on the fly? Where would you store the key? I'm in
the process of setting up a new application, and I've always used the
"login info outside the webroot" method but if there's something more
I can do, I'd like to know...


--- Jaap van Ganswijk <[EMAIL PROTECTED]> wrote:
> At 2003-06-29 17:21 +0100, Avvio - Frank wrote:
> >basically you need to append to your include_path and you can
> probably
> >create a local .htaccess file and set an include path in there
> (look up
> >php_value syntax for .htaccess)
> >
> >otherwise start your script with a customised version of the
> following:
> >
> >ini_set("include_path",ini_get("include_path").":".
> "/your/path/here/");
> >
> >then include/require as normal
>
> I think you can also use an include statement
> like this:
> include "../../php/include/file.inc";
>
> The same mechanism can also be used for data
> files that also shouldn't be in the WWW accessible
> directory tree, I think. (But I'm not an expert.)
>
> I always try to write my programs very portable
> and I have found that using "../application_data/file.txt"
> isn't a problem, but using "../../xxx/application_data/file.txt"
> is usually a problem, because you don't want to
> hardcode the name of the directory above the current
> directory (in this case 'xxx'). Sometimes however
> you have to go two levels up to go out of the
> WWW-acessable directory three.
>
> By the way, I think it's unwise to keep the MySQL
> login data uncoded on the Unix system, because
> other users or the system managers could read it.
> Generally these files have to be readable by Apache
> and therefore other users on the system can often
> also read them.
>
> Greetings,
> Jaap
>
>
> >- Original Mess

Re: [PHP] web site security: how to hide login info for mysql-connection

[Mark]

How do you handle storing the login info then? Do you encrypt the
file and decrypt it on the fly? Where would you store the key? I'm in
the process of setting up a new application, and I've always used the
"login info outside the webroot" method but if there's something more
I can do, I'd like to know...


--- Jaap van Ganswijk <[EMAIL PROTECTED]> wrote:
> At 2003-06-29 17:21 +0100, Avvio - Frank wrote:
> >basically you need to append to your include_path and you can
> probably
> >create a local .htaccess file and set an include path in there
> (look up
> >php_value syntax for .htaccess)
> >
> >otherwise start your script with a customised version of the
> following:
> >
> >ini_set("include_path",ini_get("include_path").":".
> "/your/path/here/");
> >
> >then include/require as normal
> 
> I think you can also use an include statement
> like this:
> include "../../php/include/file.inc";
> 
> The same mechanism can also be used for data
> files that also shouldn't be in the WWW accessible
> directory tree, I think. (But I'm not an expert.)
> 
> I always try to write my programs very portable
> and I have found that using "../application_data/file.txt"
> isn't a problem, but using "../../xxx/application_data/file.txt"
> is usually a problem, because you don't want to
> hardcode the name of the directory above the current
> directory (in this case 'xxx'). Sometimes however
> you have to go two levels up to go out of the
> WWW-acessable directory three.
> 
> By the way, I think it's unwise to keep the MySQL
> login data uncoded on the Unix system, because
> other users or the system managers could read it.
> Generally these files have to be readable by Apache
> and therefore other users on the system can often
> also read them.
> 
> Greetings,
> Jaap
> 
> 
> >- Original Message - 
> >From: "anders thoresson" <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Sent: Sunday, June 29, 2003 4:33 PM
> >Subject: Re: [PHP] web site security: how to hide login info for
> >mysql-connection
> >
> >
> >> > Be aware that wherever you store the settings folder, your
> php.ini
> >should
> >> > have that path in it's include_directories setting, and the
> webserver
> >> > must
> >> > have read permissions for that file.
> >>
> >>  I don't have access to php.ini on my ISP's web server. Is there
> a way for
> >> a user to make their own set ow include_directories?
> >>
> >> -- 
> >> anders thoresson
> >>
> >> -- 
> >> PHP General Mailing List (http://www.php.net/)
> >> To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >>
> >>
> >
> >
> >
> >-- 
> >PHP General Mailing List (http://www.php.net/)
> >To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 


=
Mark Weinstock
[EMAIL PROTECTED]
***
You can't demand something as a "right" unless you are willing to fight to death to 
defend everyone else's right to the same thing.
***

__
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web site security: how to hide login info for mysql-connection

[Jaap van Ganswijk]

At 2003-06-29 17:21 +0100, Avvio - Frank wrote:
>basically you need to append to your include_path and you can probably
>create a local .htaccess file and set an include path in there (look up
>php_value syntax for .htaccess)
>
>otherwise start your script with a customised version of the following:
>
>ini_set("include_path",ini_get("include_path").":". "/your/path/here/");
>
>then include/require as normal

I think you can also use an include statement
like this:
include "../../php/include/file.inc";

The same mechanism can also be used for data
files that also shouldn't be in the WWW accessible
directory tree, I think. (But I'm not an expert.)

I always try to write my programs very portable
and I have found that using "../application_data/file.txt"
isn't a problem, but using "../../xxx/application_data/file.txt"
is usually a problem, because you don't want to
hardcode the name of the directory above the current
directory (in this case 'xxx'). Sometimes however
you have to go two levels up to go out of the
WWW-acessable directory three.

By the way, I think it's unwise to keep the MySQL
login data uncoded on the Unix system, because
other users or the system managers could read it.
Generally these files have to be readable by Apache
and therefore other users on the system can often
also read them.

Greetings,
Jaap


>- Original Message ----- 
>From: "anders thoresson" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Sunday, June 29, 2003 4:33 PM
>Subject: Re: [PHP] web site security: how to hide login info for
>mysql-connection
>
>
>> > Be aware that wherever you store the settings folder, your php.ini
>should
>> > have that path in it's include_directories setting, and the webserver
>> > must
>> > have read permissions for that file.
>>
>>  I don't have access to php.ini on my ISP's web server. Is there a way for
>> a user to make their own set ow include_directories?
>>
>> -- 
>> anders thoresson
>>
>> -- 
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>
>
>
>-- 
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web site security: how to hide login info for mysql-connection

[Avvio - Frank]

basically you need to append to your include_path and you can probably
create a local .htaccess file and set an include path in there (look up
php_value syntax for .htaccess)

otherwise start your script with a customised version of the following:

ini_set("include_path",ini_get("include_path").":". "/your/path/here/");

then include/require as normal

-- frank

- Original Message - 
From: "anders thoresson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 29, 2003 4:33 PM
Subject: Re: [PHP] web site security: how to hide login info for
mysql-connection


> > Be aware that wherever you store the settings folder, your php.ini
should
> > have that path in it's include_directories setting, and the webserver
> > must
> > have read permissions for that file.
>
>  I don't have access to php.ini on my ISP's web server. Is there a way for
> a user to make their own set ow include_directories?
>
> -- 
> anders thoresson
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web site security: how to hide login info for mysql-connection

[anders thoresson]

Be aware that wherever you store the settings folder, your php.ini should
have that path in it's include_directories setting, and the webserver 
must
have read permissions for that file.
I don't have access to php.ini on my ISP's web server. Is there a way for 
a user to make their own set ow include_directories?

--
anders thoresson
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] web site security: how to hide login info formysql-connection

[Mike Morton]

Anders:

> Somewhere, I've read that settings.php should be placed in a directory
> outside the html/php-directories. Today, my web directory is
> /home/anders/public_html and subdirectories to public_html. Should
> settings.php be placed in /home/anders/include?

That is correct - you are always best to keep password and such outside the
web root where possible.  As many people have pointed out on this list - it
is a best practices thing that should be done.

Be aware that wherever you store the settings folder, your php.ini should
have that path in it's include_directories setting, and the webserver must
have read permissions for that file.


--
Cheers

Mike Morton


*
* Tel: 905-465-1263
* Email: [EMAIL PROTECTED]
*


"Indeed, it would not be an exaggeration to describe the history of the
computer industry for the past decade as a massive effort to keep up with
Apple."
- Byte Magazine

Given infinite time, 100 monkeys could type out the complete works of
Shakespeare. Win 98 source code? Eight monkeys, five minutes.
-- NullGrey 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] web site security: how to hide login info for mysql-connection

[anders thoresson]

Hi,

At the moment I store username, password and database for my MySQL 
connections in a file called settings.php to avoid putting them in my php 
files direct. On a Linux server, what extra steps can I take to prevent 
others from accessing settings.php?

Somewhere, I've read that settings.php should be placed in a directory 
outside the html/php-directories. Today, my web directory is 
/home/anders/public_html and subdirectories to public_html. Should 
settings.php be placed in /home/anders/include?

--
anders thoresson
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Web site analysys

[Rosen]

Hi,
Can someone tell me where I can find a PHP script
for tracking visitors on WEB site ( IP, Refferer, e.t.c )
(Like http://extremetracking.com )

Thanks,
Rosen




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site

[Justin French]

on 22/08/02 1:18 PM, Jason Wong ([EMAIL PROTECTED]) wrote:

>> DSL is a cheap option, although you have limited bandwidth and file
>> transfers.  It would be a good first step.
> 
> Do they give you a permanent IP address? If not, you're going to have to
> subscribe to some dynamic IP service so people can actually get to your site.
> But quite frankly running a commercial website (I assume so because you'll be
> accepting CC payments) using dynamic IP feels a bit dodgy to me. Surely a
> commercial operation can afford the USD 10-20/month for a decent web host?

Exactly!!!

Justin French


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site

[Jason Wong]

On Thursday 22 August 2002 10:44, Justin French wrote:
> on 22/08/02 11:41 AM, Peter Goggin ([EMAIL PROTECTED]) wrote:
> > I am setting up a web site which will be hosted on my own equipmet at
> > home, located in Melbourne, Australia
> > I would like some general advice on two questions.
> >
> > 1. What sort of permanent interconnect should I look at (Cable is not
> > available in my area).  Is DSL suitable? Are there any good providers in
> > the area?
>
> DSL is a cheap option, although you have limited bandwidth and file
> transfers.  It would be a good first step.

Do they give you a permanent IP address? If not, you're going to have to 
subscribe to some dynamic IP service so people can actually get to your site. 
But quite frankly running a commercial website (I assume so because you'll be 
accepting CC payments) using dynamic IP feels a bit dodgy to me. Surely a 
commercial operation can afford the USD 10-20/month for a decent web host?

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
A new koan:
If you have some ice cream, I will give it to you.
If you have no ice cream, I will take it away from you.
It is an ice cream koan.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site

[Jason Wong]

On Thursday 22 August 2002 10:42, Bogdan Stancescu wrote:
> Just for the record, I'm sure you can Google out quite a few nasty
> comments on PayPal - I remember reading some along the lines of "dear
> all, I know it was much easier for you to send money via PayPal, I know
> that giving up on using it will considerably decrease my income, but
> after my [...] experience I want to have nothing to do with them
> anymore". Never used PayPal myself, and problems are inherent for such a
> large system, so don't take this as an anti-PayPal message - just try
> searching for some user comments before starting to use it.

IIRC there seems to have been a period a while back when PayPal were 
'over-reacting' to fraud and innocent users got caught up in the cross-fire.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *

/*
Luke, I'm yer father, eh.  Come over to the dark side, you hoser.
-- Dave Thomas, "Strange Brew"
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site

[Justin French]

on 22/08/02 11:41 AM, Peter Goggin ([EMAIL PROTECTED]) wrote:

> 
> I am setting up a web site which will be hosted on my own equipmet at home,
> located in Melbourne, Australia
> I would like some general advice on two questions.
> 
> 1. What sort of permanent interconnect should I look at (Cable is not
> available in my area).  Is DSL suitable? Are there any good providers in the
> area?

DSL is a cheap option, although you have limited bandwidth and file
transfers.  It would be a good first step.


> 2. I need to set up credit card payments. Has anyone any experience with
> PayPal? Are there any other providers I should consider.

It sounds like you're NOT a sys admin type, so DON'T think about storing
credit card #'s on your own server yet -- you'd need a lot of security and
system admin experience before going there!

PayPal
Authorize.net

Depends on what you want to sell (intellectual property or physical items)

Not really the place to ask this... look for e-commerce type sites and
articles... liek the ones on ecommercebase.com


Justin French




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web Site

[Bogdan Stancescu]

Just for the record, I'm sure you can Google out quite a few nasty 
comments on PayPal - I remember reading some along the lines of "dear 
all, I know it was much easier for you to send money via PayPal, I know 
that giving up on using it will considerably decrease my income, but 
after my [...] experience I want to have nothing to do with them 
anymore". Never used PayPal myself, and problems are inherent for such a 
large system, so don't take this as an anti-PayPal message - just try 
searching for some user comments before starting to use it.

Bogdan

Roger Lewis wrote:
> On Wednesday, August 21, 2002 6:41 PM
> Peter Goggin wrote
> 
>  < 2. I need to set up credit card payments. Has anyone any experience with
> < PayPal? Are there any other providers I should consider.
>   Nothing but good to say about PayPal
>   Roger
> 
> 
>  
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Web Site

[Roger Lewis]

On Wednesday, August 21, 2002 6:41 PM
Peter Goggin wrote

 < 2. I need to set up credit card payments. Has anyone any experience with
< PayPal? Are there any other providers I should consider.
Nothing but good to say about PayPal
Roger


 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Web Site

[Peter Goggin]

I am setting up a web site which will be hosted on my own equipmet at home,
located in Melbourne, Australia
I would like some general advice on two questions.

1. What sort of permanent interconnect should I look at (Cable is not
available in my area).  Is DSL suitable? Are there any good providers in the
area?

2. I need to set up credit card payments. Has anyone any experience with
PayPal? Are there any other providers I should consider.


I don't know if this is the correct list for the questions, but if not
perhaps someone could point me to where I can get some advice.


Regards

Peter Goggin


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: PHP Web site down?

[Sami Mahamed]

it seems to be just your network, me and a couple of friends on differnt
networks were just talking about that place :) works fine for us!

-Sami

"Adam Williams" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Is it just me having network connectivity problems, or is the PHP website,
> http://www.php.net down?  I tried connecting to it from a couple of
> difference computers and I can't access it on any of them.  Just wondering
> if anyone else is having problems getting to their website too.
>
> Adam
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Web site down?

[DL Neil]

General advice:
take a look in the bottom right corner of any manual page and call for the
mirrors list - it's worth bookmarking/favoriting a couple, just in case one
goes down.

Also FYI, mirror sites are often faster (depending upon relative locations)
and their use certainly frees bandwidth at the central site.
=dn


> Thanks!  Silly me, I'm always forgetting about the mirror sites ;)

> > It is not just your paranoia.
> > Be brave, step outside the contiguous 50 and try
> > http://uk2.php.net/manual/en/ (it's working!)



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Web site down?

[Kondwani Spike Mkandawire]

It seemed to be down...  Earlier in the morning I
had trouble getting onto it...  Its alright now though,
it may have been traffic or some minor stuff...

Spike...
"Adam Williams" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks!  Silly me, I'm always forgetting about the mirror sites ;)
>
> Adam
>
> On Wed, 21 Aug 2002, DL Neil wrote:
>
> > > Is it just me having network connectivity problems, or is the PHP
website,
> > > http://www.php.net down?  I tried connecting to it from a couple of
> > > difference computers and I can't access it on any of them.  Just
wondering
> > > if anyone else is having problems getting to their website too.
> >
> >
> > Adam,
> >
> > It is not just your paranoia.
> > Be brave, step outside the contiguous 50 and try
> > http://uk2.php.net/manual/en/ (it's working!)
> >
> > Regards,
> > =dn
> >
> >
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Web site down?

[Adam Williams]

Thanks!  Silly me, I'm always forgetting about the mirror sites ;)

Adam

On Wed, 21 Aug 2002, DL Neil wrote:

> > Is it just me having network connectivity problems, or is the PHP website,
> > http://www.php.net down?  I tried connecting to it from a couple of
> > difference computers and I can't access it on any of them.  Just wondering
> > if anyone else is having problems getting to their website too.
>
>
> Adam,
>
> It is not just your paranoia.
> Be brave, step outside the contiguous 50 and try
> http://uk2.php.net/manual/en/ (it's working!)
>
> Regards,
> =dn
>
>


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP Web site down?

[DL Neil]

> Is it just me having network connectivity problems, or is the PHP website,
> http://www.php.net down?  I tried connecting to it from a couple of
> difference computers and I can't access it on any of them.  Just wondering
> if anyone else is having problems getting to their website too.


Adam,

It is not just your paranoia.
Be brave, step outside the contiguous 50 and try
http://uk2.php.net/manual/en/ (it's working!)

Regards,
=dn



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] PHP Web site down?

[Adam Williams]

Is it just me having network connectivity problems, or is the PHP website,
http://www.php.net down?  I tried connecting to it from a couple of
difference computers and I can't access it on any of them.  Just wondering
if anyone else is having problems getting to their website too.

Adam


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Web site counter

[B. van Ouwerkerk]

>Is it possible to make a website counter with a PHP script and a text 
>document? If so can somebody email me a script (unlikely) or send me to a 
>page with a script (yay)

freshmeat.net and sourceforge.net are great sources for scripts..

Be carefull not to use anything you see.. check the code for strange 
things.. like email addresses in strange places..

Bye,



B.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Web site counter

[Werner Stuerenburg]

It is easy, but you need to have write privileges on that file
(or rather httpd needs that) - so you may include a test that
this file only holds a number as a minimal protection.

$filename = "$GLOBALS[DOCUMENT_ROOT]/your_counter.txt";
$fp = fopen($filename,"a+");
$cnt = fread( $fp, filesize($filename));
fclose($fp);
if ($cnt == "") {
$cnt = "0";
}
$cnt++;
$fp = fopen($filename,"w");
$res = fwrite($fp, (string)$cnt);
fclose($fp);


Kyle Smith schrieb am Mittwoch, 1. August 2001, 22:12:35:

> Is it possible to make a website counter with a PHP script and a text document? If 
>so can somebody email me a script (unlikely) or send me to a page with a script (yay)


> -lk6-
> http://www.StupeedStudios.f2s.com
> Home of the burning lego man!

> ICQ: 115852509
> MSN: [EMAIL PROTECTED]
> AIM: legokiller666




-- 
Herzlich
Werner Stuerenburg

_
ISIS Verlag, Teut 3, D-32683 Barntrup-Alverdissen
Tel 0(049) 5224-997 407 · Fax 0(049) 5224-997 409
http://pferdezeitung.de



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Web site counter

[Kyle Smith]

Is it possible to make a website counter with a PHP script and a text document? If so 
can somebody email me a script (unlikely) or send me to a page with a script (yay)


-lk6-
http://www.StupeedStudios.f2s.com
Home of the burning lego man!

ICQ: 115852509
MSN: [EMAIL PROTECTED]
AIM: legokiller666

[PHP] Web Site Alert: Not Responding

[mike . dever]

There appears to be a problem in reaching your Web site at 
http://www.e-gineer.com/articles/php-hackers-paradise-revisited.phtml.

   Time of Error: 2001-07-22 18:27:57
   Error Type:  Time Out

InternetSeer, a Web site monitoring company, is conducting an 
ongoing study of the true connectivity of the Web. As recommended 
by the Robots Guidelines, this email is being sent to explain our 
research activities and to let you know about the difficulty in 
connecting to your site.  

If you would like InternetSeer to continue to alert you at no charge 
whenever there is a problem reaching your Web site, click here:  
http://scclick.internetseer.com/sitecheck/clickthrough.jsp?I5s57j5d5i5g53M5pyQN5aLGeu1IMw6uI5sCSzPW5ayQN5byVP55P5qQxPz5m5c5eTUK5aR5cDLyVRP5a_wC5c_wPS6vCMz5czMy5cM6uRQRPz5az6tz__LWV5aPVTSzLTVV5dNXTCC55x5q5g=e3

InternetSeer does not store or publish the content of your pages, 
but rather uses availability and link information for our research.

Click here to learn more about InternetSeer. 
http://scclick.internetseer.com/sitecheck/clickthrough.jsp?I5s57j5d5i5g53M5pyQN5aLGev1IMw6uI5sCSzPW5ayQN5byVP55P5qQxPz5m5c5eTUK5aR5cDLyVRP5a_wC5c_wPS6vCMz5czMy5cM6uRQRPz5az6tz__LWV5aPVTSzLTVV5dNXTCC55x5q5h=e3

Mike Dever
President
[EMAIL PROTECTED]

Note: If you prefer not to receive these occasional alerts regarding 
the availability of your Web site, reply to this email with Cancel 
in the subject line. Please leave a full copy of this message in the 
body of your reply email.

##[EMAIL PROTECTED]## 

[PHP] parse error in PHP Manual in php web site...

[Romulo Roberto Pereira]

Parse error: parse error in
/local/Web/sites/phpweb/include/shared-manual.inc on line 265

Fatal error: Call to undefined function: sendmanualheaders() in
/local/Web/sites/phpweb/manual/en/getting-started.php on line 3


HELPPP!!

:)

Rom


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]