Re: [PHP] An idea...
Martin Towell wrote:
> 1. so you're trying to stop people from link straight to your page?
> 2. or are you trying to stop them from using your code without
> permission (on the same server)?
> a. will others be able to see the source code?
> i. if so, then what's to stop them from defining the constant
> themselves?
> ii. if not, this looks like a good way of doing it
>
I could see how links in the url bar could get spoofed, but I have no
idea how a form can. I presented a question maybe last week about
$HTTP_POST_VARS security or lack of, and one the replies, got me thinking.
I guess what I had in mind is along the lines of #2. What I had in mind
was that each install would have a different value for the constant. So
will others be able to see the source code, no not unless the webserver
becomes compromised...
> -Original Message-
> From: Gerard Samuel [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 15, 2002 11:31 AM
> To: Martin Towell
> Cc: PHP
> Subject: Re: [PHP] An idea...
>
>
> Quote from the php manual.
> "Once a constant is defined, it can never be changed or undefined."
>
> I figure, since the constant is initialised in the script, it cannot be
> changed or undefined, then I can put my trust in it that it comes from
> the server and no where else
>
> Martin Towell wrote:
>
> > how is that going to increase security?
> >
> > -Original Message-
> > From: Gerard Samuel [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, January 15, 2002 11:21 AM
> > To: php
> > Subject: [PHP] An idea...
> >
> >
> > Just want to bounce this idea off you guys/gals.
> > Im looking to improve the security of my scripts. Now lets say, I
> > initialise the script with a constant in the main config file that all
> > the pages access. Then when Im accepting data from a form or maybe even
> > a link I could do
> >
> > if (isset($HTTP_POST_VARS['foo']) && defined("CONSTANT")) {
> >process data
> > }
> >
> > Just an idea, what do you think..
> > Thanks
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] An idea...
Quote from the php manual.
"Once a constant is defined, it can never be changed or undefined."
I figure, since the constant is initialised in the script, it cannot be
changed or undefined, then I can put my trust in it that it comes from
the server and no where else
Martin Towell wrote:
> how is that going to increase security?
>
> -Original Message-
> From: Gerard Samuel [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 15, 2002 11:21 AM
> To: php
> Subject: [PHP] An idea...
>
>
> Just want to bounce this idea off you guys/gals.
> Im looking to improve the security of my scripts. Now lets say, I
> initialise the script with a constant in the main config file that all
> the pages access. Then when Im accepting data from a form or maybe even
> a link I could do
>
> if (isset($HTTP_POST_VARS['foo']) && defined("CONSTANT")) {
>process data
> }
>
> Just an idea, what do you think..
> Thanks
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] An idea for a PHP tool
It's also worth noting here that typing a keyword (or maybe it's just
function names?) in place of a directory after www.php.net does the same
thing. ie, 'www.php.net/extract' takes you to the extract page in the
manual.
HTH,
dm
Mike Eheler wrote:
>Through suggestions of people here is the code I produced for a bookmark:
>
>javascript:void(srch=prompt('Function Name?',''));if(srch)
>{self.location.href='http://download.php.net/search.php?pattern=' +srch+
>'&show=quickref';};
>
>Of course that should all go on one line. That is a good hack for now,
>but I still think it would be great to have the PHP site's search bar
>kind of in my browser, and it would launch a new window or whatever
>(with the drop-down to select function ref/online manual/etc)
>
>Mike
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] An idea for a PHP tool
Through suggestions of people here is the code I produced for a bookmark:
javascript:void(srch=prompt('Function Name?',''));if(srch)
{self.location.href='http://download.php.net/search.php?pattern=' +srch+
'&show=quickref';};
Of course that should all go on one line. That is a good hack for now,
but I still think it would be great to have the PHP site's search bar
kind of in my browser, and it would launch a new window or whatever
(with the drop-down to select function ref/online manual/etc)
Mike
Jason Murray wrote:
>>Like google has it's toolbar, why not have a PHP Manual toolbar? That
>>would be *great*. Just type in the function name and hit "go" and the
>>manual comes up.
>>
>
> You could probably work a bit of javascript magic in a bookmark to
> do the same thing.
>
> I've seen bookmarks that pop up a javascript input window and then
> use the input in the resulting URL. So, take the manual query via
> javascript input and then append it to the www.php.net url.
>
> At least, I *think* I have :)
>
> J
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] An idea for a PHP tool
You can achieve something like this by adding the following to your links bar:
javascript:void(srch=prompt('What are you looking
for?',''));if(srch){self.location.href='http://php.net/'+srch};
(drag the current url to the links bar, and then right-click and select "properties",
then paste the javascript in).
Hope that helps..
--
James Cox :: [EMAIL PROTECTED]
Please CC me when replying to my messages.
Was I helpfull? http://www.amazon.co.uk/exec/obidos/wishlist/23IVGHQ61RJGO/
> -Original Message-
> From: Jason Murray [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 04, 2002 12:03 AM
> To: 'Mike Eheler'; [EMAIL PROTECTED]
> Subject: RE: [PHP] An idea for a PHP tool
>
>
> > Like google has it's toolbar, why not have a PHP Manual toolbar? That
> > would be *great*. Just type in the function name and hit "go" and the
> > manual comes up.
>
> You could probably work a bit of javascript magic in a bookmark to
> do the same thing.
>
> I've seen bookmarks that pop up a javascript input window and then
> use the input in the resulting URL. So, take the manual query via
> javascript input and then append it to the www.php.net url.
>
> At least, I *think* I have :)
>
> J
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
RE: [PHP] An idea for a PHP tool
On Fri, 4 Jan 2002, Jason Murray wrote: > I've seen bookmarks that pop up a javascript input window and then > use the input in the resulting URL. So, take the manual query via > javascript input and then append it to the www.php.net url. There are tips on the php site for making the quick-reference bookmarks, and other widgets, here - http://www.php.net/tips.php ~Chris /"\ \ / September 11, 2001 X We Are All New Yorkers / \ rm -rf /bin/laden -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] An idea for a PHP tool
> Like google has it's toolbar, why not have a PHP Manual toolbar? That > would be *great*. Just type in the function name and hit "go" and the > manual comes up. You could probably work a bit of javascript magic in a bookmark to do the same thing. I've seen bookmarks that pop up a javascript input window and then use the input in the resulting URL. So, take the manual query via javascript input and then append it to the www.php.net url. At least, I *think* I have :) J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] An idea
it looks like you're getting your ereg and preg mixed up but try it
like this:
switch(1){
case ereg("\\.jpg$",$filename):
echo "JPEG Image";break;
case ereg("\\.gif$",$filename):
echo "GIF Image";break;
case ereg("\\.zip$",$filename):
echo "Compressed File"; break;
default:
echo "Unkown File Type"; break;
}
thats maybe a little cleaner than using if/else if's. also be careful
on the backslash, you have to escape it in double quotes.
On Tue, 19 Jun 2001 18:48:03 -0400, TunkeyMicket
([EMAIL PROTECTED]) wrote:
> Humor me, how useful would a Regex switch statement be?
>
> Like:
>
> ereg_switch($filename) {
> case "/\.jpg$/":
> echo "JPEG Image"; break;
> case "/\.gif$/";
> echo "GIF Image"; break;
> case "/\.zip$/":
> echo "Compressed File"; break;
> default:
> echo "Unkown File Type"; break;
> }
>
> That is just an example of an application of such, I have other
>applications that I would like to use it for, but that serves the
>best example. I would love to get started on a module project for
>something like this, as using IF blocks with PREG_MATCH become
>tedious and inefficient. If you know of such a module or would
>know how to get started, please repsond with your ideas/input.
>
> Chris "TunkeyMicket" Watford
>
> TunkeyMicket Productions
> www.tunkeymicket.com
>
