Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 539/1734 | < Previous Page | 535 536 537 538 539 540 541 542 543 544 545 546 | Next Page >

How can I transfer a logged in user's login data from one server to another?

- by Martin

I have one server "A" where users can login. Login is verified by an LDAP server "L". I have a different server "B" were users can log in, too. Login is verified by the same LDAP server as before. Both servers are standard web servers with PHP. My goal is: If a user is logged in to server "A", and if he clicks a link to log in to server "B", the user should automatically be logged in without re-entering username and password. What is a good and secure way to achieve this? I can't submit username and crypted password to server "B". I can't use the PHP session of server "A", because it does not exit on "B". Cookies won't work either. I think that there is a way, but I just can't see it. Any help is very much appreciated.

Read the article
How to disable back button in browser using javascript or any script

- by user225269

Im using wamp server for my php scripts. And Im having difficulties on the logout code. Every time I click on the logout link and then click on the back button on web browser it still shows the page which can only be access by the user who is logged in. I have this code at the beginning of the index.php which is called by the log out link to destroy the session: <?php session_start(); session_destroy(); ?> And I have this at the beginning of the user page: <? session_start(); if(!session_is_registered(myusername)){ header("location:login.php"); } ?> I don't know why the userpage can still be access after the user has logged out. So I'm thinking of disabling the back button when the user has logged out. Please help.

Read the article
jersey security and session management

- by Adhir

Hi, Is there a way for session management or security available programatically in Jersey specification. e.g. like a web-application session management. Or is transaction, session, security all handeled by the containor on which the jersey application is deployed. Adhir

Read the article
Using jQuery's ajax get request with parameters, returning page content

- by Stevie Jenowski

Thank you for looking at my question, as I appreciate your time. Okay, so I'm trying to use jQuery's get function to call my php script which ultimately returns a variable which is a built template of the main content of my page minus my static header/footer, for which I would like to replace the "old" page content without the page reloading. Can anyone point me in the right direction as to where I'm going wrong here? My code is as follows... jQuery: function getData(time, type) { $.ajax({ type: "GET", url: "getData.php", data: "time=" + time + "&type=" + type, success: function(data){ $('#pageContent').fadeOut("slow"); $('#pageContent').html(data); $('#pageContent').fadeIn("slow"); } }); return false; } getData.php(paraphrased): .... $time = empty($_GET['time']) ? '' : $_GET['time']; $type = empty($_GET['type']) ? '' : $_GET['type']; echo getData($time, $type); function getData($time, $type) ...... ..... $tmpl = new Template(); $tmpl->time= $time; $tmpl->type = $type; $builtpage = $tmpl->build('index.tmpl'); return $builtpage; ..... ...... jQuery function call: <a href="#" onclick="getData("<?php print $tmpl->time; ?>", "Orange")">Orange</a> <a href="#" onclick="getData("<?php print $tmpl->time; ?>", "Apple")">Apple</a> <a href="#" onclick="getData("<?php print $tmpl->time; ?>", "Banana")">Banana</a> When I click any link, the ajax seems to run fine, and the page does refuse to reload, but the content still remains unchanged... Anyone happen to know what's up?

Read the article
Win 2008 Server & IIS7: ASP installed but displays 'FILE DOWNLOAD - SECURITY WARNING"

- by AzC

Hi Dudes, Installed Win 2008 server and IIS7. Enabled ASP Classic and ASP.NET on it. Can't get any ASP scripts to run e.g. desperate.asp containing following line: <% Response.Write "Hello Love, Fancy a Date?" % It just comes up with a "FILE DOWNLOAD - SECURITY WARNING" panel asking em to download. When I select anything it keeps looping. Found lots fo stuff on internet but nothing working. Also same for other ASP scripts HTML works no problem e.g. a file called reply.html containing: Get lost little boy. We only serve French Fries in Macdonalds Any ideas?

Read the article
how to send value to the from action page from database

- by Mayank swami

I am creating a faq panel for there can be multiple answers for question and i want to take the answer id .because i am storing comment by answer id the problem is that how to sent the $answer_id to the comment_submit_process.php and how to recognize the answer ? $selected_ques= mysql_prep($_GET['ques']); $query = "SELECT * FROM formanswer where question_id = {$selected_ques}"; $ans= mysql_query($query); if($ans){ while($answer = mysql_fetch_array($ans)) //here is the form <form id="add-comment" action="comment_submit_process.php" > <textarea class="comment-submit-textarea" cols="78" name="comment" style="height: 64px;"></textarea> <input type="submit" name="submitbutton" value="Add Comment" class="comment-submit-button" > <br> <?php $ans_id= $answer['id']; echo $ans_id; ?> <input type="hidden" name="ques" value="<?php echo $_GET['$ans_id'] ?>" /> <span class="counter ">enter at least 15 characters</span> <span class="form-error"></span> </form> <?php }} ?>

Read the article
sudoers security

- by jetboy

I've setup a script to do Subversion updates across two servers - the localhost and a remote server - called by a post-commit hook run by the www-data user. /srv/svn/mysite/hooks/post-commit contains: sudo -u cli /usr/local/bin/svn_deploy /usr/local/bin/svn_deploy is owned by the cli user, and contains: #!/bin/sh svn update /srv/www/mysite ssh cli@remotehost 'svn update /srv/www/mysite' To get this to work I've had to add the following to the sudoers file: www-data ALL = (cli) NOPASSWD: /usr/local/bin/svn_deploy cli ALL = NOEXEC:NOPASSWD: /usr/local/bin/svn_deploy Entries for both www-data and cli were necessary to avoid the error: post commit hook failed: no tty present and no askpass program specified I'm wary of giving any kind of elevated rights to www-data. Is there anything else I should be doing to reduce or eliminate any security risk?

Read the article
pagination and url encoding help

- by Sufyan

<?php $name=$_POST['name']; ?> <form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="text" name="name"> <input type="submit" value="GO" name="submit"> </form> <?php include ('db.php'); if(isset($_POST['submit'])) { mysql_query ("INSERT INTO example (name) VALUES('$name')") or die(mysql_error()); } if (!isset($_GET['startrow']) or !is_numeric($_GET['startrow'])) { $startrow = 0; } else { $startrow = (int)$_GET['startrow']; } $query = "SELECT * FROM example ORDER BY id DESC LIMIT $startrow, 20"; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)){ echo "<li>"; echo $row['name'] ." "." <a href= 'like.php?quote=" . urlencode( $row['name'] ) . "'>Click Here</a>"; echo "</li>"; } echo '<a href="'.$_SERVER['PHP_SELF'].'?startrow='.($startrow+10).'">Next</a>'; ?> I want to make my page links hidden , how can i make then hidden so that a user cant edit it. 2nd question, currently i am showing total 10 records on each page and then a next page button , but the next button is keep showing even when there is no more records...! how to remove a next page button when records ended. ?? line number 28 is the link to pages which can be easyily editable by any user, i wnat to make them secure (using ID) and line 35 is n'next' page link , this link should not be appear when number of records ended

Read the article
Apache gettext windows does not work/translate

- by Prashant Kandathil

I am new to gettext. Here is my setup: /Apache 2.2 PHP 5.3.6 Windows 7/ I have following code in the Apache/htdocs/test/index.php <?php $language = 'de_DE'; $translatefile = 'messages'; setlocale(LC_ALL, $language); putenv("LANG=".$language); bindtextdomain($translatefile, 'C:/locale'); textdomain($translatefile); echo gettext("Hello World!"); ?> I used PoEdit to generate the necessary translations under locale/de_DE/LC_MESSAGES/messsages.po & messages.mo The charset I used was UTF-8 When I visit http://localhost/test, the result is Hello World! when it should be Hall Welt! As a test, I opened command prompt and navigated to the test folder. Then I typed in php index.php The result that appeared in the console was Hall Welt! I am not sure why it is not working with Apache.

Read the article
Consolidate multiple site files into single location

- by seengee

We have a custom PHP/MySQL CMS running on Linux/Apache thats rolled out to multiple sites (20+) on the same server. Each site uses exactly the same CMS files with a few files for each site being customised. The customised files for each site are: /library/mysql_connect.php /public_html/css/* /public_html/ftparea/* /public_html/images/* There's also a couple of other random files inside /public_html/includes/ that are unique to each site. Other than this each site on the server uses the exact same files. Each site sitting within /home/username/. There is obviously a massive amount of replication here as each time we want to deploy a system update we need to update to each user account. Given the common site files are all stored in SVN it would make far more sense if we were able to simply commit to SVN and deploy to a single location direct from there. Unfortunately, making a major architecture change at this stage could be problematic. In my mind the ideal scenario would mean creating an account like /home/commonfiles/ and each site using these common files unless an account specific file exists, for example a request is made to /home/user/public_html/index.php but as this file doesnt exist the request is then redirected to /home/commonfiles/public_html/index.php. I know that generally this approach is possible, similar to how Zend Framework (and probably others) redirect all requests that dont match a specific file to index.php. I'm just not sure about how exactly to go about implementing it and whether its actually advisable. Would really welcome any input/ideas people have got. Thanks.

Read the article
how to redirect page if parameter set?

- by Ronnie Chester Lynwood

ey i want to make a thing but i need some help. ive got an index.php with codes. and i added "file" parameter to index.php. so i mean if "index.php?file=/folder/folder/picture.png" is set, download file. if "file=" not set do not do anything. I get "file" parameter with $_REQUEST thingy. please help thanks..

Read the article
how to redirect page if parameter set?

- by Ronnie Chester Lynwood

hey i want to make a thing but i need some help. ive got an index.php with codes. and i added "file" parameter to index.php. so i mean if "index.php?file=/folder/folder/picture.png" is set, go to file. if "file=" not set do not do anything. I get "file" parameter with $_REQUEST thingy. please help thanks..

Read the article
how to get rid of certificate error: navigation blocked in ie8

- by Radek

when I access our intranet via https I get this "certificate error: navigation blocked" error in IE8 on Windows XP SP3. I can click Continue to this website (not recommended). but I use IE for automation testing so I have to avoid these extra clicks. Any idea? I tried setting “Turn off the Security Settings Check feature” to enabled. setting "Display Mixed Content" to enabled lowering security levels to minimum adding the web server address to trusted zone

Read the article
Using a function found in a different file in a loop

- by Anders

This question is related to BuddyPress, and a follow-up question from this question I have a .csv-file with 790 rows and 3 columns where the first column is the group name, second is the group description and last (third) the slug. As far as I've been told I can use this code: <?php $groups = array(); if (($handle = fopen("groupData.csv", "r")) !== FALSE) { while (($data = fgetcsv($handle, 1000, ",")) !== FALSE) { $group = array('group_id' = 'SOME ID', 'name' = $data[0], 'description' = $data[1], 'slug' = groups_check_slug(sanitize_title(esc_attr($data[2]))), 'date_created' = gmdate( "Y-m-d H:i:s" ), 'status' = 'public' ); $groups[] = $group; } fclose($handle); } foreach ($groups as $group) { groups_create_group($group); } With http://www.nomorepasting.com/getpaste.php?pasteid=35217 which is called bp-groups.php. The thing is that I can't make it work. I've created a new file with the code written above called groupgenerator.php uploaded the .csv file to the same folder and opened groupgenerator.php in my browser. But, i get this error: Fatal error: Call to undefined function groups_check_slug() in What am I doing wrong?

Read the article
Contingent Header Category Label

- by poindexter

Right now the header has a bit of code in it that queries the section name and then uses that section name as the h1 title in the page. It works fine. However, I want to selectively break that operation in certain categories and give myself the ability to manually enter the h1 title for a given section. Here's what I'm struggling with: how can I maintain the automatic query and title selection in most instances, but selectively break it in a given category (the 'blog' category, for starters)? Thanks for taking a look, I appreciate your help! Here's the code that drives the existing function (it's the get_the_section_name part): <?php if(!is_home()){?> <div class="section <?php echo get_the_section_name();?>"> <?php $sectitle = get_the_section_name(); $sectitle = str_ireplace("-"," ",$sectitle); echo '<h1>' . $sectitle . '</h1>';?> <p class="breadcrumbs"> <?php if(function_exists('bcn_display')) { bcn_display(); } ?> </p> </div> <div class="columns"> <?php } ?> Here's a page that shows what it looks like displayed (see the title in the blue graphic underneath the main nav near the top of the page): http://69.20.59.228/category/blog/

Read the article
Blocking IP's Nginx behind proxy

- by FunkyChicken

I'm running a Nginx 1.2.4 webserver here, and I'm behind a proxy of my hoster to prevent ddos attacks. The downside of being behind this proxy is that I need to get the REAL IP information from an extra header. In PHP it works great by doing $_SERVER[HTTP_X_REAL_IP] for example. Now before I was behind this proxy of my hoster I had a very effective way of blocking certain IP's by doing this: include /etc/nginx/block.conf and to allow/deny IP's there. But now due to the proxy, Nginx sees all traffic coming from 1 IP. Is there a way I can get Nginx to read the IP's like how PHP does, with the X-REAL-IP header?

Read the article
Loading form values from one IFrame to another

- by Roland

What I want to achieve is the following. A search is made from one IFrame "the form is loaded into this frame via the src atribute of iframe" the search query is then passed to another IFrame that redirects to a url with the query eg. www.test.com/index.php?query=test Is this possible? Currently my code looks as such <iframe src="abc.php" name="iframe1"> </iframe> <iframe name="iframe2"> <?php var_dump($_GET); ?> </iframe> abc.php contains the following <form method="get" action="#" target="iframe2"> <input type="text" name="searchtype" id="searchtype" /> <input type="submit" value="submit"> </form>

Read the article
SQL2005 reporting server: intense security activity

- by David Wimbush

On my reporting server the Security log shows large numbers of Logon/Logoff events, often 10 or more, when you run pretty much any report in the Report Manager. Is this normal or is it a classic sign of having the wrong setup? Some system details: Windows Server 2003 R2 SP2, virtual server running under VMWare). SQL Server 2005 SP3 Standard Edition, running databases, Report Manager, and Ananlysis Services cubes. No other major services on the machine (i.e. it's not a domain controller, Exchange server or anything like that). Any ideas, please, guys?

Read the article
Error on error log

- by Ryan Murphy

I am trying to use zend framework 2, i follow these instructions on centos6 via ssh. http://framework.zend.com/manual/2.0/en/user-guide/skeleton-application.html and when trying to start my website up, it gives an error, i go to the error log and i get this. [Sun Jun 30 16:02:17 2013] [error] [client 109.217.190.75] SoftException in Application.cpp:357: UID of script "/home/mydomain/public_html/public/index.php" is smaller than min_uid [Sun Jun 30 16:02:17 2013] [error] [client 109.217.190.75] Premature end of script headers: index.php What do they mean, how I fix them?

Read the article
O'reilly certification in PHP worth it?

- by editzombie

I asked this question over on stack overflow but I didn't realise it wasn't really the place for not so technical questions. I've seen quite a few related threads on this forum so I thought I'd try and get some feedback here: This is my first time asking a question on this forum, though I´ve read it a lot. I apologise if this is repeating a thread. I´m interested in getting into web development. I am a video editor by trade but living in Spain the way things are at the moment its very difficult to find work. I have some very basic knowledge of HTML and CSS and a little bit of flash and have designed a few little personal websites myself. I also worked for a online marketing production company where I worked a little on blog design in Blogger amongst other social media. So thats my background, but I´m trying to expand my skills and get into web development as a career or in general part of my skill base, I was thinking particularly about PHP/MySQL. I have worked a little on some of the Lynda.com tutorials and have invested in a book (Sams Teach Yourself PHP, MySQL and Apache). I´m still finding it very difficult to progress. I know I should really try some practice projects (any reccomendations would be welcome). But I was also thinking about doing one of the O´Reilly certification courses and was wondering whether it would be worthwhile for a noob like me. I hear that the courses are associated with an American University which I guess gives it more clout. Any other thoughts you guys have about how to make progress in learning web development would be fantasic. Thanks in advance.

Read the article
Loading Ajax within a Google Maps InfoWindow

- by McCrum

I have put together a 5 star rating system using PHP and Ajax which will write the rating into a database. (See link below) http://andrewmccrum.com/maps/rate/5star.php I want this rating system to work within a Google Maps InfoWindow but at the minute I can only get the InfoWindow to read and display the rating. It will not let the user vote like the top link. And I have no idea why www.andrewmccrum.com/maps/database/index.php

Read the article
Mail function wont send eMail. ERROR

- by Peter

I think i tried to fix this issue fr 3 days now and cant seem to find the problem. I use XAMPP and use this code: <?php $to = "[email protected]"; $subject = "Test mail"; $message = "Hello! This is a simple email message."; $from = "[email protected]"; $headers = "From: $from"; $res= mail($to,$subject,$message,$headers); echo " $res Mail Sent."; ?> when i enter that page i get an error that says: Warning: mail() [function.mail]: Failed to connect to mailserver at "localhost" port 25, verify your "SMTP" and "smtp_port" setting in php.ini or use ini_set( My php.init file in xampp are as follow: [mail function] ; For Win32 only. ; http://php.net/smtp SMTP = smpt.gmail.com ; http://php.net/smtp-port smtp_port = 25 That is all my codes.

Read the article
Redirect question using mod_rewrite (no extensions - root of site)

- by alex

Hi, I'm having a small problem with mod_rewrite I have the following in my .htacces: Options +FollowSymlinks RewriteEngine on RewriteRule ^(.+)\.htm$ index.php?name=$1 [NC] This is my index.php file: <?php echo $_GET['name]; ?> This works great for the following url: www.mySite.com/this is an example.htm this would display "this is an example" What i'm trying to do however, is get it to do the same, without the .htm extension: for example: www.mySite.com/this is an example Any ideas? (dont think it's relevant but i'm using xampp to test this)

Read the article
What Am I Doing Wrong on this HTACCESS file!

- by Ronnie Chester Lynwood

Someone please tell me what is wrong with this htaccess rules? RewriteCond %{QUERY_STRING} ^q=(.*)&type=downway1$ [NC] RewriteRule ^search\.php$ /search\/%1\/1\/? [R=301,NC,L] RewriteCond %{QUERY_STRING} ^q=(.*)&type=(.*)$ [NC] RewriteRule ^search\.php$ /search\/%1\/%2\/1\/? [R=301,NC,L] RewriteRule search/(.*)/(.*)/$ /search.php?q=$1&page=$2 [L] <-- this and RewriteRule search/(.*)/(.*)/(.*)/$ /search.php?q=$1&type=$2&page=$3 [L] <-- this are not working in same time. for example TYPE = app Q = windows if I search type by downway1 it works powerfully but if I search in app type Q becomes windows/app not only windows. help me please!

Read the article
Trying to switch header image if on home page

- by novicePrgrmr

New to PHP, and wondering what is wrong with this code because its definitely not switching the header img. This is what is used to be: <a href="http://www.finegra.in"><img id="logo" alt="fine grain Logo" src="http://www.finegra.in/wp-content/uploads/2012/04/fineGRAINlogoGOOD-WEB.png"> This is what I changed it to: <?php if (is_home()) { ?> <a href="http://www.finegra.in"><img id="logo" alt="fine grain Logo" src="http://www.finegra.in/wp-content/uploads/2012/09/finegrain-logo-sept.png"> </a> <?php } else { ?> <a href="http://www.finegra.in"><img id="logo" alt="fine grain Logo" src="http://www.finegra.in/wp-content/uploads/2012/04/fineGRAINlogoGOOD-WEB.png"> </a> <?php } ?>

Read the article

< Previous Page | 535 536 537 538 539 540 541 542 543 544 545 546 | Next Page >