Search Results

Search found 43347 results on 1734 pages for 'php security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 498/1734 | < Previous Page | 494 495 496 497 498 499 500 501 502 503 504 505  | Next Page >

  • How to use basic auth for single file in otherwise forbidden Apache directory?

    - by mit
    I want to allow access to a single file in a directory that is otherwise forbidden. This did not work: <VirtualHost 10.10.10.10:80> ServerName example.com DocumentRoot /var/www/html <Directory /var/www/html> Options FollowSymLinks AllowOverride None order allow,deny allow from all </Directory> # disallow the admin directory: <Directory /var/www/html/admin> order allow,deny deny from all </Directory> # but allow this single file:: <Files /var/www/html/admin/allowed.php> AuthType basic AuthName "private area" AuthUserFile /home/webroot/.htusers Require user admin1 </Files> ... </VirtualHost> When I visit http://example.com/admin/allowed.php I get the Forbidden message of the http://example.com/admin/ directory. How can I make an exception for allowed.php? If not possible, maybe I could enumerate all forbidden files in another Files directive? Let's say admin/ contains also user.php and admin.php which should be forbidden in this virtual host.

    Read the article

  • Fix Fatal Error Condition showing system path

    - by JMC
    I've noticed there are a large number of servers running Magento Commerce that will return a fatal error showing the system path: Fatal error: Uncaught exception 'Exception' with message 'File '/usr/local/www/magento/data1702/media/css' does not exists.' in /usr/local/www/magento/data1702/lib/Varien/File/Transfer/Adapter/Http.php:96 Stack trace: #0 /usr/local/www/magento/data1702/get.php(205): Varien_File_Transfer_Adapter_Http->send('/usr/local/www/...') #1 /usr/local/www/magento/data1702/get.php(165): sendFile('/usr/local/www/...') #2 {main} thrown in /usr/local/www/magento/data1702/lib/Varien/File/Transfer/Adapter/Http.php on line 96 Magento as an application is generally good about supressing error messages. How can a linux server running apache be configured to avoid returning this error message since the app has problems suppressing it.

    Read the article

  • nginx with fail2ban and mod_security

    - by Mahesh
    I forgot to update my fail2ban config for nginx. I just moved to nginx from apache. Today, I got a lot of cals from a single IP. IP tried to access login pages with post and get methods IP tried to use nginx as a proxy (GET http:/...) IP searched images, js, css folders IP tried to inject -d url_allow_fopen =1 and something similar. Most of the calls ended with 404. http { limit_req_zone $binary_remote_addr zone=app:10m rate=5r/s; ... server { ... location / { limit_req zone=app burst=50; } I got approximately 50 requests from that ip for a second. So i updated my nginx like the above. Will it avoid too many connections per second now? I have updated my fail2ban jail.local to support nginx. I am confused with the nginx-noscript.conf [Definition] failregex = ^<HOST> -.*GET.*(\.php|\.asp|\.exe|\.pl|\.cgi|\scgi) ignoreregex = I am serving php with nginx. I checked apache's noscript.conf and which has .php extension on it too. I tested this above settings before restarting fail2ban and got thousands of ips matched. I removed php and nothing matched. Do i need .php| in nginx-noscript.conf? Using mod_security and fail2ban together bring any problem? When i was searching today, i came to know mod_security is available for nginx too. So i am planning to use it too.

    Read the article

  • is there any valid reason for users to request phpinfo()

    - by The Journeyman geek
    I'm working on writing a set of rules for fail2ban to make life a little more interesting for whoever is trying to bruteforce his way into my system. A good majority of the attempts tend to revolve around trying to get into phpinfo() via my webserver -as below GET //pma/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //admin/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //dbadmin/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //mysql/config/config.inc.php?p=phpinfo(); HTTP/1.1 I'm wondering if there's any valid reason for a user to attempt to access phpinfo() via apache, since if not, i can simply use that, or more specifically the regex GET //[^>]+=phpinfo\(\) as a filter to eliminate these attacks

    Read the article

  • Where is the php.ini file in Ubuntu hardy?

    - by April
    Where is the php.ini file in Ubuntu hardy? The file found in path called /etc/php5/apache2/php.ini.ucf-dist. Do I need to rename file 'php.ini.ucf-dist' to 'php.ini'? Where is the system currently reading the php information when I run info.php file? I tried to compare one item what gets displayed when I run info.php file and when I edit the 'php.ini.ucf-dist' file. The 'memory_limit' shows 128M when I run info.php file but in the 'php.ini.ucf-dist' file it is set to 16M. So this cant be the same file being read by the system currently? Thanks for help.

    Read the article

  • Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

    - by Tchalvak
    I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

    Read the article

  • How can robots beat CAPTCHAs?

    - by totymedli
    I have a website e-mail form. I use a custom CAPTCHA to prevent spam from robots. Despite this, I still get spam. Why? How do robots beat the CAPTCHA? Do they use some kind of advanced OCR or just get the solution from where it is stored? How can I prevent this? Should I change to another type of CAPTCHA? I am sure the e-mails are coming from the form, because it is sent from my email-sender that serves the form messages. Also the letter style is the same. For the record, I am using PHP + MySQL, but I'm not searching for a solution to this problem. I was interested in the general situation how the robots beat these technologies. I just told this situation as an example, so you can understand better what I'm asking about.

    Read the article

  • Protecting the integrity of a game state while minimizing amount of data sent

    - by espais
    I'm developing a game in PHP/jQuery, and naturally have to be wary of any sort of data coming from the client. At present, I have tables of data representing the map (2D roguelike), monsters, items, and player(s). Initially, my thought was to simply package it all in a JSON object and send it every game tick, however when actually looking at the data I realized that's quite a large packet to be sending. So, my question is what is a good approach for minimizing data sent to the client? Obviously I would need to figure out some way of validating whatever it sends back. Initially we'd hoped to do some minimal verification on the client-side, but each time we thought of one thing we could do it is immediately invalidated with tools like Firebug. Kind of an open question I realize, but we want to get this right before we move on with our implementation so we don't have to shoehorn in bugfixes later on.

    Read the article

  • Magento - edit form in custom module grid

    - by Shani1351
    I have a custom module and I have a working grid to menage the module items in the admin. My module file structore is : app\code\local\G4R\GroupSales\Block\Adminhtml\Groupsale\ I want to add an edit form so I can view and edit each item in the grid. I followed this tutorial : http://www.magentocommerce.com/wiki/5_-_modules_and_development/0_-_module_development_in_magento/custom_module_with_custom_database_table#part_2_-_backend_administration but when the edit page loads, instead of the tab content I get an error : Fatal error: Call to a member function setData() on a non-object in C:\xampp\htdocs\mystore\app\code\core\Mage\Adminhtml\Block\Widget\Form\Container.php on line 129 This is my code : /app/code/local/G4R/GroupSales/Block/Adminhtml/Groupsale/Edit.php <?php class G4R_GroupSales_Block_Adminhtml_Groupsale_Edit extends Mage_Adminhtml_Block_Widget_Form_Container { public function __construct() { parent::__construct(); $this->_objectId = 'id'; $this->_blockGroup = 'groupsale'; $this->_controller = 'adminhtml_groupsales'; $this->_updateButton('save', 'label', Mage::helper('groupsales')->__('Save Item')); $this->_updateButton('delete', 'label', Mage::helper('groupsales')->__('Delete Item')); } public function getHeaderText() { if( Mage::registry('groupsale_data') && Mage::registry('groupsale_data')->getId() ) { return Mage::helper('groupsales')->__("Edit Item '%s'", $this->htmlEscape(Mage::registry('groupsale_data')->getTitle())); } else { return Mage::helper('groupsales')->__('Add Item'); } } } /app/code/local/G4R/GroupSales/Block/Adminhtml/Groupsale/Edit/Form.php : <?php class G4R_GroupSales_Block_Adminhtml_Groupsale_Edit_Form extends Mage_Adminhtml_Block_Widget_Form { protected function _prepareForm() { $form = new Varien_Data_Form(array( 'id' => 'edit_form', 'action' => $this->getUrl('*/*/save', array('id' => $this->getRequest()->getParam('id'))), 'method' => 'post', ) ); $form->setUseContainer(true); $this->setForm($form); return parent::_prepareForm(); } } /app/code/local/G4R/GroupSales/Block/Adminhtml/Groupsale/Edit/Tabs.php: <?php class G4R_GroupSales_Block_Adminhtml_Groupsale_Edit_Tabs extends Mage_Adminhtml_Block_Widget_Tabs { public function __construct() { parent::__construct(); $this->setId('groupsales_groupsale_tabs'); $this->setDestElementId('edit_form'); $this->setTitle(Mage::helper('groupsales')->__('Groupsale Information')); } protected function _beforeToHtml() { $this->addTab('form_section', array( 'label' => Mage::helper('groupsales')->__('Item Information 1'), 'title' => Mage::helper('groupsales')->__('Item Information 2'), 'content' => $this->getLayout()->createBlock('groupsales/adminhtml_groupsale_edit_tab_form')->toHtml(), )); return parent::_beforeToHtml(); } } /app/code/local/G4R/GroupSales/Block/Adminhtml/Groupsale/Edit/Tab/Form.php : <?php class G4R_GroupSales_Block_Adminhtml_Groupsale_Edit_Tab_Form extends Mage_Adminhtml_Block_Widget_Form { protected function _prepareForm() { $form = new Varien_Data_Form(); $this->setForm($form); $fieldset = $form->addFieldset('groupsales_form', array('legend'=>Mage::helper('groupsales')->__('Item information 3'))); // $fieldset->addField('title', 'text', array( // 'label' => Mage::helper('groupsales')->__('Title'), // 'class' => 'required-entry', // 'required' => true, // 'name' => 'title', // )); // if ( Mage::getSingleton('adminhtml/session')->getGroupsaleData() ) { $form->setValues(Mage::getSingleton('adminhtml/session')->getGroupsaleData()); Mage::getSingleton('adminhtml/session')->setGroupsaleData(null); } elseif ( Mage::registry('groupsale_data') ) { $form->setValues(Mage::registry('groupsale_data')->getData()); } return parent::_prepareForm(); } } /app/code/local/G4R/GroupSales/controllers/Adminhtml/GroupsaleController.php : <?php class G4R_GroupSales_Adminhtml_GroupsaleController extends Mage_Adminhtml_Controller_Action { protected function _initAction() { $this->loadLayout() ->_setActiveMenu('groupsale/items') ->_addBreadcrumb(Mage::helper('adminhtml')->__('Items Manager'), Mage::helper('adminhtml')->__('Item Manager')); return $this; } public function indexAction() { $this->_initAction(); $this->_addContent($this->getLayout()->createBlock('groupsales/adminhtml_groupsale')); $this->renderLayout(); } public function editAction() { $groupsaleId = $this->getRequest()->getParam('id'); $groupsaleModel = Mage::getModel('groupsales/groupsale')->load($groupsaleId); if ($groupsaleModel->getId() || $groupsaleId == 0) { Mage::register('groupsale_data', $groupsaleModel); $this->loadLayout(); $this->_setActiveMenu('groupsale/items'); $this->_addBreadcrumb(Mage::helper('adminhtml')->__('Item Manager'), Mage::helper('adminhtml')->__('Item Manager')); $this->_addBreadcrumb(Mage::helper('adminhtml')->__('Item News'), Mage::helper('adminhtml')->__('Item News')); $this->getLayout()->getBlock('head')->setCanLoadExtJs(true); $this->_addContent($this->getLayout()->createBlock('groupsales/adminhtml_groupsale_edit')) ->_addLeft($this->getLayout()->createBlock('groupsales/adminhtml_groupsale_edit_tabs')); $this->renderLayout(); } else { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('groupsales')->__('Item does not exist')); $this->_redirect('*/*/'); } } public function newAction() { $this->_forward('edit'); } public function saveAction() { if ( $this->getRequest()->getPost() ) { try { $postData = $this->getRequest()->getPost(); $groupsaleModel = Mage::getModel('groupsales/groupsale'); $groupsaleModel->setId($this->getRequest()->getParam('id')) ->setTitle($postData['title']) ->setContent($postData['content']) ->setStatus($postData['status']) ->save(); Mage::getSingleton('adminhtml/session')->addSuccess(Mage::helper('adminhtml')->__('Item was successfully saved')); Mage::getSingleton('adminhtml/session')->setGroupsaleData(false); $this->_redirect('*/*/'); return; } catch (Exception $e) { Mage::getSingleton('adminhtml/session')->addError($e->getMessage()); Mage::getSingleton('adminhtml/session')->setGroupsaleData($this->getRequest()->getPost()); $this->_redirect('*/*/edit', array('id' => $this->getRequest()->getParam('id'))); return; } } $this->_redirect('*/*/'); } public function deleteAction() { if( $this->getRequest()->getParam('id') > 0 ) { try { $groupsaleModel = Mage::getModel('groupsales/groupsale'); $groupsaleModel->setId($this->getRequest()->getParam('id')) ->delete(); Mage::getSingleton('adminhtml/session')->addSuccess(Mage::helper('adminhtml')->__('Item was successfully deleted')); $this->_redirect('*/*/'); } catch (Exception $e) { Mage::getSingleton('adminhtml/session')->addError($e->getMessage()); $this->_redirect('*/*/edit', array('id' => $this->getRequest()->getParam('id'))); } } $this->_redirect('*/*/'); } /** * Product grid for AJAX request. * Sort and filter result for example. */ public function gridAction() { $this->loadLayout(); $this->getResponse()->setBody( $this->getLayout()->createBlock('importedit/adminhtml_groupsales_grid')->toHtml() ); } } Any ideas what is the cause for the error?

    Read the article

  • change password code error

    - by ejah85
    I've created a code to change a password. Now it seem contain an error. When I fill in the form to change password, and click save the error message: Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in C:\Program Files\xampp\htdocs\e-Complaint(FYP)\userChangePass.php on line 103 Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in C:\Program Files\xampp\htdocs\e-Complaint(FYP)\userChangePass.php on line 103 I really don’t know what the error message means. Please guys. Help me fix it. Here's is the code: <?php session_start(); ?> <?php # change password.php //set the page title and include the html header. $page_title = 'Change Your Password'; //include('templates/header.inc'); if(isset($_POST['submit'])){//handle the form require_once('connectioncomplaint.php');//connect to the db. //include "connectioncomplaint.php"; //create a function for escaping the data. function escape_data($data){ global $dbc;//need the connection. if(ini_get('magic_quotes_gpc')){ $data=stripslashes($data); } return mysql_real_escape_string($data, $dbc); }//end function $message=NULL;//create the empty new variable. //check for a username if(empty($_POST['userid'])){ $u=FALSE; $message .='<p> You forgot enter your userid!</p>'; }else{ $u=escape_data($_POST['userid']); } //check for existing password if(empty($_POST['password'])){ $p=FALSE; $message .='<p>You forgot to enter your existing password!</p>'; }else{ $p=escape_data($_POST['password']); } //check for a password and match againts the comfirmed password. if(empty($_POST['password1'])) { $np=FALSE; $message .='<p> you forgot to enter your new password!</p>'; }else{ if($_POST['password1'] == $_POST['password2']){ $np=escape_data($_POST['password1']); }else{ $np=FALSE; $message .='<p> your new password did not match the confirmed new password!</p>'; } } if($u && $p && $np){//if everything's ok. $query="SELECT userid FROM access WHERE (userid='$u' AND password=PASSWORD('$p'))"; $result=@mysql_query($query); $num=mysql_num_rows($result); if($num == 1){ $row=mysql_fetch_array($result, MYSQL_NUM); //make the query $query="UPDATE access SET password=PASSWORD('$np') WHERE userid=$row[0]"; $result=@mysql_query($query);//run the query. if(mysql_affected_rows() == 1) {//if it run ok. //send an email,if desired. echo '<p><b>your password has been changed.</b></p>'; include('templates/footer.inc');//include the HTML footer. exit();//quit the script. }else{//if it did not run OK. $message= '<p>Your password could not be change due to a system error.We apolpgize for any inconvenience.</p><p>' .mysql_error() .'</p>'; } }else{ $message= '<p> Your username and password do not match our records.</p>'; } mysql_close();//close the database connection. }else{ $message .='<p>Please try again.</p>'; } }//end oh=f the submit conditional. //print the error message if there is one. if(isset($message)){ echo'<font color="red">' , $message, '</font>'; } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <body> <script language="JavaScript1.2">mmLoadMenus();</script> <table width="604" height="599" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="130" colspan="7"><img src="images/banner(E-Complaint)-.jpg" width="759" height="130" /></td> </tr> <tr> <td width="100" height="30" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="160" bgcolor="#ABD519"> <?php include "header.php"; ?>&nbsp;</td> </tr> <tr> <td colspan="7" bgcolor="#FFFFFF"> <fieldset><legend> Enter your information in the form below:</legend> <p><b>User ID:</b> <input type="text" name="username" size="10" maxlength="20" value="<?php if(isset($_POST['userid'])) echo $_POST['userid']; ?>" /></p> <p><b>Current Password:</b> <input type="password" name="password" size="20" maxlength="20" /></p> <p><b>New Password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p> <p><b>Confirm New Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"> <input type="submit" name="submit" value="Change My Password" /></div> </form><!--End Form--> </td> </tr> </table> </body> </html>

    Read the article

  • VLC (Server) re-stream Security Camera Feed

    - by Aaron
    I purchased a Swann Home Security DVR system and was hoping for some help on how to duplicate the streaming video on my server. In order to get their web view (streaming video in the browser) to work, I had to install the following plugins: HiDvrPlugin.dmg for mac. Hidvrocx.cab for Windows. I was originally thinking it was a sign of some form of DRM? Maybe. Maybe not. HTML wise, the following code is in the source of the safari version of the web view: <embed pluginspage="SurveilClient.dmg" width="10px" height="10px" type="application/x-scplugin" id="MacDiv" style="height: 592px; width: 720px; left: 278px; top: 61px; "> It seems to be the main display area. Using wireshark, I am able to see that the video stream is on port 9000. However, I have no idea what type of stream it is. I've tried opening it in VLC with no such luck. http://dvr_ip:9000 tcp://dvr_ip:9000 My hope was to do the following to redistribute the feed vlc dvr_ip:9000 --sout h264-version-on-localhost:3000 TLDR; Trying to re-distribute a stream from a security camera (can't tell the format) using vlc (re-distribute via h.264 / HTML5). Not sure how to accomplish this. Is it possible that the software has some type of DRM that only the plugins can decode?

    Read the article

  • Windows Server 2003 R2 Terminal Server : Internet Explorer Enhanced Security won't disable for Users

    - by Tubs
    The Internet Explorer Enhanced Security (IEES) won't disable using the normal method of disabling it from the Add/Remove Programs/Windows components. This came to light immediately after testing. IEES was disabled after Terminal Services were installed for admin and users, and after IE8 was installed. My initial thoughts were that there was some clash between IE8 and IE6 (which is the default on 2003 R2), so I uninstalled IE8 and reverted back to IE6. The same symptoms were displayed, when a normal user logged on Internet Explorer Enhnaced Security was enforced. I then thought it could be a problem that Terminal Server wasn't recognising the removal as IEES was on when initially installed. I uninistalled the Terminal Server Componants using the server roles, and then reactivated and deavtived IEES. Windows Server 2003 R2 allows a limited number of users to connect to RDP by default, so I logged on as a normal user, and IEES was disabled. I then reinstalled Terminal Server, and logged on as a normal user. IEES was back enabled. Why is this?

    Read the article

  • phpexcel write excel and save ?

    - by boss
    code: <?php /** PHPExcel */ require_once '../Classes/PHPExcel.php'; /** PHPExcel_IOFactory */ require_once '../Classes/PHPExcel/IOFactory.php'; // Create new PHPExcel object $objPHPExcel = new PHPExcel(); // Set properties $objPHPExcel->getProperties()->setCreator("Maarten Balliauw") ->setLastModifiedBy("Maarten Balliauw") ->setTitle("Office 2007 XLSX Test Document") ->setSubject("Office 2007 XLSX Test Document") ->setDescription("Test document for Office 2007 XLSX, generated using PHP classes.") ->setKeywords("office 2007 openxml php") ->setCategory("Test result file"); $result = 'select * from table1'; for($i=0;$i<count($result);$i++){ $result1 = 'select * from table2 where table1_id = ' . $result[$i]['table1_id']; for ($j=0;$j<count($result1);$j++) { $objPHPExcel->setActiveSheetIndex(0)->setCellValue('A' . $j, $result1[$j]['name']); } // Set active sheet index to the first sheet, so Excel opens this as the first sheet $objPHPExcel->setActiveSheetIndex(0); // Save Excel 2007 file $objWriter = PHPExcel_IOFactory::createWriter($objPHPExcel, 'Excel2007'); $objWriter->save(str_replace('.php', '.xlsx', __FILE__)); // Echo done echo date('H:i:s') . " Done writing file.\r\n"; } ?> The above code executes and save n no of .xlsx files in the folder, but the problem im getting is biggest count(result1) in the for loop executing in all saved excel files. Please give me the solution.

    Read the article

  • PHP MYSQL FPDF retrieving pdf string stored as blob.

    - by jj.amonit
    Using the above technologies, I want to create a PDF, store it in my db, and email it. All with the click of one button. I also want to call it up and have it be able to display with a hyperlink. I am very new to FPDF. Therefore, I am trying to start off very slowly. I began with this link stackoverflow Q I put both parts of his code into the same page and tried with separate pages. I made the suggested changes/additions and even did a line by line comparison. I still get the message, "format error: not a PDF or corrupted" If I just $pdf-Output(); I get the pdf to display. It's either the way the string is being Output, or it's the header() function. It's not the storage method, unless my column setup is incorrect. BUt a blob is a blob, right? If you want, I can upload the sanitized code. Just let me know what would help answer this. Thanks JJ

    Read the article

  • Cisco ASA Act as a Hardware Security Module?

    - by Derek
    Hello, We have a partner that is requiring us to get a HSM for a web application that we host for them. This is something new for us, we've always installed our SSL certificates on our web servers and never needed a hardware device. We currently have 2 Cisco ASA 5510 firewalls in an active/standby configuration. Both ASAs have a ASA-SSM-10 security module installed in them. The web application is a standard HTTPS webpage with no authentication required. I was wondering if we could use our Cisco ASAs to meet this requirement or if we'll have to buy another device. I was doing some searching and read about Cisco's clientless webvpn feature. It sounds like it might work, but I'm not sure. We basically want the ASA to handle the SSL and proxy the connection to our web servers. We do not want to prompt for a username or password to connect or show any portals, just display the web page. If the ASA cannot do this, does any one have any recommendations for network attached hardware security modules? We are using VMware vCenter, so we'd rather have an external device attached to the network, rather than buying HSM cards for every ESXi host. Thanks, Derek

    Read the article

  • PHP If/Else - More efficent way to do this?

    - by Pez Cuckow
    I have a if function that works out how much of a users profile is completed however the way I include below was the best I could think of, however it seems really inefficient. What is the better way to do this? if($user['first_name']!==""&&$user['last_name']!==""&&$user['pemail']!==""&&$user['dob']!==""&&$user['ambitions']!==""&&$user['memories']!==""&&$user['thoughts']!==""&&$user['message_1']!=="0"&&$user['message_2']!=="0"&&$user['message_3']!=="0"&&$user['v1']!=="0"&&$user['v2']!=="0"&&$user['v3']!=="0"&&$user['v4']!=="0"&&$user['v5']!=="0"&&$user['v6']!=="0"&&$user['v7']!=="0"&&$user['v8']!=="0"&&$user['v9']!=="0"&&$user['image_1']!==""&&$user['image_2']!==""&&$user['image_3']!=="") { $completed = 4; } elseif($user['first_name']!==""&&$user['last_name']!==""&&$user['pemail']!==""&&$user['dob']!==""&&$user['ambitions']!==""&&$user['memories']!==""&&$user['thoughts']!==""&&$user['v1']!=="0"&&$user['v2']!=="0"&&$user['v3']!=="0"&&$user['v4']!=="0"&&$user['v5']!=="0"&&$user['v6']!=="0"&&$user['v7']!=="0"&&$user['v8']!=="0"&&$user['v9']!=="0"&&$user['image_1']!==""&&$user['image_2']!==""&&$user['image_3']!=="") { $completed = 3; } elseif($user['first_name']!==""&&$user['last_name']!==""&&$user['pemail']!==""&&$user['dob']!==""&&$user['ambitions']!==""&&$user['memories']!==""&&$user['thoughts']!==""&&$user['message_1']!=="0"&&$user['message_2']!=="0"&&$user['message_3']!=="0"&&$user['image_1']!==""&&$user['image_2']!==""&&$user['image_3']!=="") { $completed = 2; } elseif($user['first_name']!==""&&$user['last_name']!==""&&$user['pemail']!==""&&$user['dob']!==""&&$user['ambitions']!==""&&$user['memories']!==""&&$user['thoughts']!==""&&$user['image_1']!==""&&$user['image_2']!==""&&$user['image_3']!=="") { $completed = 1; } else { $completed = 0; }

    Read the article

  • Is this so bad when using MySQL queries in PHP?

    - by alex
    I need to update a lot of rows, per a user request. It is a site with products. I could... Delete all old rows for that product, then loop through string building a new INSERT query. This however will lose all data if the INSERT fails. Perform an UPDATE through each loop. This loop currently iterates over 8 items, but in the future it may get up to 15. This many UPDATEs doesn't sound like too good an idea. Change DB Schema, and add an auto_increment Id to the rows. Then first do a SELECT, get all old rows ids in a variable, perform one INSERT, and then a DELETE WHERE IN SET. What is the usual practice here? Thanks

    Read the article

  • Is there a PHP refactoring tool to tell what functions are never called?

    - by ae
    I have a large codebase which has suffered many changes over the years. I would like to remove the functions that are no longer called or relevant. Is there a tool that will analysis the codebase and determine if a method is ever used? I'm also using phpunit/xdebug which reports which functions have not been run for the unit tests, however coverage is only at 55% and will require a massive amount of work to bring it up to 100% (I'm working on it!). Anything that was a command line tool would be extra good as I could hook it into hudson (CI).

    Read the article

  • Cannot Change "Log on through Terminal Services" in Local Security Policy XP from Server 2008 GP

    - by Campo
    This is a mixed AD environment, Server 2003 R2 and 2008 R2 I have a 2003 AD R2 and a 2008 R2 AD. GPO is usually managed from the 2008 R2 machine. I have a RD Gateway on another server as well. I setup the CAP and RAP to allow a normal user to log on to the departments workstation. I also adjusted the GPO for that OU to allow Log on trhough Remote Desktop Gateway for the user group. This worked on my windows 7 workstation. But unfortunately the policy is a different name in XP "allow log on through Terminal Services" I can get through right into the machine but when the log on actually happens to the local machine i get the "Cannot log on interactively" error. This is set in (for the local machine) Secpol.msc Local Security Policy "user rights assignment" but is controlled by the GPO in Computer Configuration Policies Security Settings Local Policies "User Rights Assignment" Do I simply need to adjust the same setting on the same GPO but with a server 2003 GP editor? Feel like that could cause issues... Looking for some direction. Or if anyone has run into this issue yet. UPDATE Should this work? support.microsoft.com/kb/186529 Still seems like I will have the issue as the actual GP settings for Log on through Terminal Services is still different between Server 2008 R2 and 2003 R2.... Another Thought: Should I delete the GPO made for the department and remake it with the 2003 R2 server? I have no 2008 specific settings as the whole department runs XP other than myself. If that's a solution I will move my computer out of the department as a solution... Thoughts?

    Read the article

  • Deleting a user > need to also delete their project, and then activities for that project? (PHP, MyS

    - by Jamie
    Hi guys, Really stuck with this... basically my system has 4 tables; users, projects, user_projects and activities. The user table has a usertype field which defines whether or not they are admin or user (by an integer)... An admin can create a project, create an acitivity for the project and assign a user (limited access user) an activity. Therefore, this setup means that an admin is never directly associated with an activity (instead a project). When my head admin user deletes an admin, I need all projects and activities (for their projects) to be deleted also. My delete script for a user is simple so far and works, but I'm having trouble on how to gain the projectID in order to know which activities to remove (associated with the projects which are about to be deleted): $userid = $_GET['userid']; $query = "DELETE FROM users WHERE userid=".$userid; $result = mysql_query($sql, $connection) or die("Error: ".mysql_error()); $query = "DELETE FROM projects WHERE userid=".$userid; $result = mysql_query($sql, $connection) or die("Error: ".mysql_error()); $query = "DELETE FROM userprojects WHERE userid=".$userid; $result = mysql_query($sql, $connection) or die("Error: ".mysql_error()); $query = "DELETE FROM activities WHERE projectid=".$projectid; $result = mysql_query($sql, $connection) or die("Error: ".mysql_error()); Now the first three queries execute fine, obviously because the userid is being retrieved successfully. However the 4th and final query I know is wrong, because there is no projectid to be gained from anywhere, however I put it there to help understand what I am trying to get!! :D Im guessing that i would need something like 'WHERE projectid=' then something to gather the removed projects from the userid which can be related to the activities for that project(s)!! Its a simple concept but I'm having trouble...please excuse any bad code as I am learning also. Thanks for any help!

    Read the article

  • PHP, Codeigniter: How to Set Date/Time based on users timezone/location globally in a web app?

    - by Abs
    Hello all, I have just realised if I add a particular record to my MySQL database - it will have a date/time of the server and not the particular user and where they are located which means my search function by date is useless! As they will not be able to search by when they have added it in their timezone rather when it was added in the servers timezone. Is there a way in Codeigniter to globally set time and date specific to a users location (maybe using their IP) and every time I call date() or time() that users timezone is used. What I am actually asking for is probably how to make my application dependent on each users timezone? Maybe its better to store each users timezone in their profile and have a standard time (servers time) and then convert the time to for each user? Thanks all

    Read the article

  • PHP: go back to the start of loop using a sort of 'break' ?

    - by matthy
    Hi i have a loop and i was wondering if there was a command that you can jump back to the start of the loop and ignore the rest of the code in the loop example: for ($index = 0; $index < 10; $index++) { if ($index == 6) that command to go the start of the loop echo "$index, "; } should output 1,2,3,4,5,7,8,9 and skip the six sort of same result as for ($index = 0; $index < 10; $index++) { if ($index != 6) echo "$index, "; } is there a command for that? thanks, matthy

    Read the article

  • [PHP] Sanitizing strings to make them URL and filename safe?

    - by Xeoncross
    I am trying to come up with a function that does a good job of sanitizing certain strings so that they are safe to use in the URL (like a post slug) and also safe to use as file names. For example, when someone uploads a file I want to make sure that I remove all dangerous characters from the name. So far I have come up with the following function which I hope solves this problem and also allows foreign UTF-8 data also. /** * Convert a string to the file/URL safe "slug" form * * @param string $string the string to clean * @param bool $is_filename TRUE will allow additional filename characters * @return string */ function sanitize($string = '', $is_filename = FALSE) { // Replace all weird characters with dashes preg_replace('/[^\w\-'. ($is_filename ? '*~_\.' : ''). ']+/u', '-', $string); // Only allow one dash separator at a time (and make string lowercase) return mb_strtolower(preg_replace('/--+/u', '-', $string), 'UTF-8'); } Does anyone have any tricky sample data I can run against this - or know of a better way to safeguard our apps from bad names?

    Read the article

  • Facebook iframe application redirects to local server

    - by PHP thinker
    I am using FaceBook application inside iframe. But when I try to access it using url like http://apps.facebook.com/myapp, it immediately redirects me to my lhttp://localhost:8080 application, which I intended to keep in frame. I assume that my local application should stay in frame, while the general container would be FB site itself, but something is wrong. Any hints?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 494 495 496 497 498 499 500 501 502 503 504 505  | Next Page >