> It seems to me that a more robust method would be to have something like
> /param1/value1/param2/value2/.../paramn/valuen
Doesn't that defeat the purpose of pretty urls? I though the whole
point was so the url looks like:
/blog/MostRecent/Page1/ and /blog/john_caught_picking_his_nose/
instea
On Thursday 13 Dec 2007 10:10:50 Rob Marscher wrote:
> On Dec 12, 2007, at 1:32 PM, Cliff Hirsch wrote:
> > It seems to me that a more robust method would be to have something
> > like /param1/value1/param2/value2/.../paramn/valuen
>
> If I remember correctly, this is the default url structure for
On Dec 12, 2007, at 1:32 PM, Cliff Hirsch wrote:
It seems to me that a more robust method would be to have something
like /param1/value1/param2/value2/.../paramn/valuen
If I remember correctly, this is the default url structure for the
Zend Framework._
Thanks to all for the help. Since there are no cash prizes and this
is part of online educational software that requires a subscription, I
doubt anyone will care enough to decompile the swf. I did check the
database however, and it appears there are 2 university students that
are resending the re
> It doesn't seem to work. I'm not sure of the syntax to do this. moveUp(
> ) is a method of the class,
> but I'm not sure how to tell it, call_user_func( ), since I need the
> syntax to be $this->functionName( ).
Replace:
call_user_func($this->$callbackFunction);
with:
$this->$callbackFunction()
Ben Sgro wrote:
It doesn't seem to work. I'm not sure of the syntax to do this. moveUp(
) is a method of the class,
but I'm not sure how to tell it, call_user_func( ), since I need the
syntax to be $this->functionName( ).
If you are trying to call a method of an object or class you need to
t
On Dec 12, 2007 12:51 PM, John Campbell <[EMAIL PROTECTED]> wrote:
> I don't follow how this is any better than what I have now? The
> public key is still stored in the swf, and there is nothing that
> prevents the key from being extracted from the swf and the request can
> still be forged. This
Due to the nature of Flashs, someone will always be able to revere
engineer the code.
So how about this(if it doesn't slow things down too much):
When the game loads up, have the Flash program connect to the server and
provide it with some information(how about hashing the ipaddress,
username,
> The next big task is making sure that all of the url links are rewritten
properly and that. That can be fairly difficult if your links aren't very
centralized.
I see this as a big assumption on the part of many router/controllers. If
you are working in a framework, things will probably work. Bu
Hello ,
I'm trying to do the following:
object calling code:
$callbackSet = array( " " => "return",
"w" => "moveUp");
$key = $object->nonBlockOnInput( );
$object->process($key, $callbackSet);
inside the class
public function process($callbackSet)
{
csnyder wrote:
> On Dec 12, 2007 10:32 AM, John Campbell <[EMAIL PROTECTED]> wrote:
>
>> Initially the scores were send as a simple post request, e.g.
>> name=john&score=1000. This is a problem because it is trivial to
>> forge the request. So my solution was to create the post request as
>> fol
Hi yah,
re: Chris and public/private key pairs.
In your solution/example, anyone with the public key can talk to the server.
Since anyone with the public key can then forge messages somehow you have
to "hide" the public key. This isn't any different from use plain old
secret keys as he did
On Dec 11, 2007, at 5:31 PM, Cliff Hirsch wrote:
So...how many of you use pretty urls? If you do, how do you do it?
LEGACY APPLICATION.
I recently was able to implement a front controller (http://www.phppatterns.com/docs/design/the_front_controller_and_php
) that used include() to call old
> Yes there is, John, but you may need to seriously consider whether
> implementation is worth it.
>
> You can use a public/private key pair to perform asymmetric
> encryption. That means that a value encrypted using one key can only
> be decrypted using the other. This is the encryption scheme use
tedd wrote:
> Ok, but wasn't the OP asking for a date thing? I must of missed the
"user name" part.
Yes, indeed, I missed the date part and assumed it to be a more general
question.
David
___
New York PHP Community Talk Mailing List
http://lists.ny
After re-reading the first post, I agree that Horde routes looks like
a great agnostic router.
~ Patrick
On 12/12/07, Patrick May <[EMAIL PROTECTED]> wrote:
> On 12/12/07, inforequest <[EMAIL PROTECTED]> wrote:
> > At this point I'm all in favor of a neutral bolt-on rewrite router.
>
> I'm using
Aha! Good point.
So there are a few ways you can do this. But i think the simplest is just
to record the username (perhaps the ip), and highscore and time stamp. Then
when a new message comes in check the db to see if this user's timestamp is
close to now. If so, reject.
More complicated ways
On Dec 12, 2007 10:32 AM, John Campbell <[EMAIL PROTECTED]> wrote:
> Initially the scores were send as a simple post request, e.g.
> name=john&score=1000. This is a problem because it is trivial to
> forge the request. So my solution was to create the post request as
> follows:
>
> name=john&sco
The simples way to achieve nifty URLs is using a ForceType directive.
For example... you create a file named 'app' and fill this file with
php code. It'll not be executed.
Then you do the trick and ForceType this file to be interpreted by PHP:
ForceType application/x-httpd-php
Now it'
Thanks Nick,
I'll take some measures to obfuscate the "secret", but I just realized
I have another potential hole. There is nothing to prevent someone
from actually getting a high score, then replaying the request to get
all of the top positions. I suppose the solution is to have the
server crea
On 12/12/07, inforequest <[EMAIL PROTECTED]> wrote:
> At this point I'm all in favor of a neutral bolt-on rewrite router.
I'm using an agnostic router class:
http://hexane.org/releases/2007.12.12/class.pm_router.txt
I tried to stick to the basics. Let me know if this is useful. Also
let me k
On Dec 11, 2007, at 7:55 PM, Ben Sgro wrote:
Thing is, it doesn't have to be a php oop book. I just want
it to really flesh out all the OOP Design details.
If language isn't an issue, I'd recommend Bruce Eckel's "Thinking In
Java". It starts by covering OOP from the ground up, in a somewhat
Hello Ajai,
I'm about two chapters deep in http://www.bookpool.com/sm/0672326116 and
I'm pretty happy w/it so far.
Great background into OOP and a gentle introduction into UML.
Enjoying it so far, looking forward to getting more time into it.
- Ben
PS: BTW, just finished Hawkings, "the unive
Hi John,
Great question.
Your general idea is sound, but sadly there is no such thing as a "secure
client". If there were, every game client (unreal, wow, etc), IM client,
dvd player, cable tv box, xbox, iphone, etc would use it. But these are
routinely cracked.
The only thing they do differen
On Tue, 11 Dec 2007, Ben Sgro wrote:
> I'll take a look at that. Thing is, it doesn't have to be a php oop
> book. I just want
> it to really flesh out all the OOP Design details.
Sure, I understand. I just don't get much more than theory out of
"generic" books (which is fine if you dont know t
On Tue, 11 Dec 2007, inforequest wrote:
> If anyone is enjoying reliable, manageable, strict and pretty URLs on
> one of the "modern frameworks" I'd like to hear about it. That means
> content level control of "pretty" URLs, ability to manage redirection
> (at the content level), and enforced o
Thanks for the presentation.
I have a question that is related, but along different lines. I have
a flash game that saves high scores to the server and I want to
prevent high scores from being forged.
Initially the scores were send as a simple post request, e.g.
name=john&score=1000. This is a
At 9:52 AM -0500 12/12/07, Kenneth Downs wrote:
David Krings wrote:
tedd wrote:
At 12:16 PM -0600 12/11/07, Tony Furnivall wrote:
Newbie request -
Any pointers? ideas? suggestions?
Yes, use javascript and inform the user in real-time and before
they send the junk to the server. Of course,
At 9:34 AM -0500 12/12/07, David Krings wrote:
tedd wrote:
At 12:16 PM -0600 12/11/07, Tony Furnivall wrote:
Newbie request -
Any pointers? ideas? suggestions?
Yes, use javascript and inform the user in real-time and before
they send the junk to the server. Of course, you then have to scrub
At 5:13 PM -0500 12/11/07, Nick Galbreath wrote:
Hello,
First thanks everyone for coming out the NYPHP on 27-nov-2007 for my
talk on "Tamperproof URLs and PHP"
Based on your feedback, comments, and uhhh, a few blank stares, I
completely revamped the slides.
Right now, I've dumped the slide
David Krings wrote:
tedd wrote:
At 12:16 PM -0600 12/11/07, Tony Furnivall wrote:
Newbie request -
Any pointers? ideas? suggestions?
Yes, use javascript and inform the user in real-time and before they
send the junk to the server. Of course, you then have to scrub and
clean everything, but
tedd wrote:
At 12:16 PM -0600 12/11/07, Tony Furnivall wrote:
Newbie request -
Any pointers? ideas? suggestions?
Yes, use javascript and inform the user in real-time and before they
send the junk to the server. Of course, you then have to scrub and clean
everything, but you would have to an
At 12:16 PM -0600 12/11/07, Tony Furnivall wrote:
Newbie request -
Any pointers? ideas? suggestions?
Yes, use javascript and inform the user in real-time and before they
send the junk to the server. Of course, you then have to scrub and
clean everything, but you would have to anyway.
Cheer
On Dec 12, 2007 12:11 AM, inforequest <[EMAIL PROTECTED]> wrote:
> If anyone is enjoying reliable, manageable, strict and pretty URLs on
> one of the "modern frameworks" I'd like to hear about it. That means
> content level control of "pretty" URLs, ability to manage redirection
> (at the content
inforequest wrote:
Of course I may be surprised by how advanced some of you are, but from
where I sit, even the new apps on the new frameworks suffer from the
same routing issues.
If anyone is enjoying reliable, manageable, strict and pretty URLs on
one of the "modern frameworks" I'd like to
35 matches
Mail list logo
