Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 56/1734 | < Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63 | Next Page >

how can i create thumbnailed photo gallery with php?

- by hd

i have some pictures that want to show them as a thumbnailed photo gallery. images are in 400x300 and the thumbnails should be in 50x50. i am sure scaling photos to small size is not a good way (cause of increasing page load time), so how can i create online these thumbnails without need to save them in small size? i want to do it with php. i know how to create thumbnail with php,but in the way i know,thumbnail should be store as a file and then display it.but i don't want to store it. is it possible??

Read the article
php Mail function; Is this way of using it safe?

- by Camran

I have a classifieds website, and inside each classified, there is a small form. This form is for users to be able to tip their "friends": <form action="/bincgi/tip.php" method="post" name="tipForm" id="tipForm"> Tip: <input name="email2" id="email2" type="text" size="30 /> <input type="submit" value="Skicka Tips"/> <input type="hidden" value="<?php echo $ad_id;?>" name="ad_id2" id="ad_id2" /> <input type="hidden" value="<?php echo $headline;?>" name="headline2" id="headline2" /> </form> The form is then submitted to a tip.php page, and here is my Q, is this below code safe, ie is it good enough or do I need to make some sanitations and more safety details? $to = filter_var($_POST['email2'], FILTER_SANITIZE_EMAIL); $ad_id = $_POST['ad_id2']; $headline = $_POST['headline2']; $subject = 'You got a tip'; $message ='Hi. You got a tip: '.$headline.'.\n'; $headers = 'From: [email protected]\r\n'; mail($to, $subject, $message, $headers); I haven't tested the above yet.

Read the article
Microsoft SQL for PHP driver

- by Jonas B

Hello I am running a W2K3 x64 server with IIS 7 + FastCGI + PHP 5.3 (x64) I have trouble geting the SQL for php driver to work. It seems it doesn't get loaded, but no error is thrown. I've doublechedked the php.ini a multitude of times and I'm pretty sure I use the right version of the sql for php driver (version 1.1 CTP) and sql native client x64 is installed. Any ideas what could be wrong? Thanks

Read the article
nginx, php-cgi and "No input file specified."

- by Stephen Belanger

I'm trying to get nginx to play nice with php-cgi, but it's not quite working how I'd like. I'm using some set variables to allow for dynamic host names--basically anything.local. I know that stuff is working because I can access static files properly, however php files don't work. I get the standard "No input file specified." error which normally occurs when the file doesn't exist, but it definitely does exist and the path is correct because I can access the static files in the same path. It could possibly be a permissions thing, but I'm not sure how that could be an issue. I'm running this on Windows under my own user account, so I think it should have permission unless php-cgi is running under a different user without me telling it to. . Here's my config; worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; gzip on; server { # Listen for HTTP listen 80; # Match to local host names. server_name *.local; # We need to store a "cleaned" host. set $no_www $host; set $no_local $host; # Strip out www. if ($host ~* www\.(.*)) { set $no_www $1; rewrite ^(.*)$ $scheme://$no_www$1 permanent; } # Strip local for directory names. if ($no_www ~* (.*)\.local) { set $no_local $1; } # Define default path handler. location / { root ../Users/Stephen/Documents/Work/$no_local.com/hosts/main/docs; index index.php index.html index.htm; # Route non-existent paths through Kohana system router. try_files $uri $uri/ /index.php?kohana_uri=$request_uri; } # pass PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { root ../Users/Stephen/Documents/Work/$no_local.com/hosts/main/docs; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } # Prevent access to system files. location ~ /\. { return 404; } location ~* ^/(modules|application|system) { return 404; } } }

Read the article
Apache Error Upgrading to PHP 5.5

- by user195385

I am trying to upgrade php and received this error at the command line: httpd: Syntax error on line 493 of /private/etc/apache2/httpd.conf: Syntax error on line 8 of /private/etc/apache2/other/+php-osx.conf: Cannot load /usr/local/php5/libphp5.so into server: dlopen(/usr/local/php5/libphp5.so, 10): Symbol not found: _libiconv\n Referenced from: /usr/local/php5/lib/libintl.8.dylib\n Expected in: /usr/lib/libiconv.2.dylib\n in /usr/local/php5/lib/libintl.8.dylib I was trying to upgrade at http://php-osx.liip.ch/ using the command: curl -s http://php-osx.liip.ch/install.sh | bash -s 5.5 Any help would be appreciated!

Read the article
nginx probably deliering wrong filetype for .css file with php tags

- by Katai

And again - NGINX is giving me many Questions today :) Like always, I already tried around for a while, but cant seem to fix this issue: I just configured NGINX to handle my .css files equal to my .php files (to parse PHP tags inside the CSS file). This works perfectly, and the file is found and delivered. I could debug it with FIrebug, and everything is OK (it displays the contents of the .css inside the opened <link> tag). So, everything working, right? Wrong. It has the CSS, but it does not interpret it! What I mean by this: apparently, the file-type of the CSS (or aplication-type, whatever) is wrong. The Page can access the CSS, but doesnt bother at all to actually use it. What I checked / tried: There are no PHP errors inside of the .css, so that one is out The .css is accessible. I can call the URI manually, or check if the included URL finds it: both works The .css has no syntax errors (i switched to a css that just has body {background-color: #000; } It works whitout NGINX I deleted the browser cache / restarted NGINX after config rewrites Here the configuration: server { listen 80; server_name localhost; access_log /var/log/nginx/board.access_log; error_log /var/log/nginx/board.error_log warn; root /var/www/board/public; index index.php; fastcgi_index index.php; location / { try_files $uri $uri /index.php; } location ~ (\.php|\.css)$ { try_files $uri =404; include /etc/nginx/fastcgi_params; #keepalive_timeout 0; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:7777; } } Firebug 'Network' Response Header: Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 16 Jun 2012 10:08:40 GMT Server nginx/1.0.5 Transfer-Encoding chunked X-Powered-By PHP/5.3.6-13ubuntu3.7 I think I just answered my own question. Is the Content-Type text/html the problem? How can I remove that? My personal guess is that I have to use this in some way include /etc/nginx/mime.types; default_type application/octet-stream; But I'm not sure... anyone an idea how to solve this? TLDR; CSS file is delivered correctly, but it doesnt seem to be 'used' as CSS from the browser. (Tested, works on apache)

Read the article
Hide .php add a slash

- by Matthew

This script works perfect it forces the trailing slash and hides the .php extension BUT! it does not redirect people going directly to the .php extension. How can I also force people going directly to the file.php to /file/ RewriteEngine On RewriteRule ^(.*)/$ /$1.php [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_URI} !(.*)/$ RewriteRule ^(.*)$ http://www.mysite.com/$1/ [R=301,L]

Read the article
Notepad++: Adding color highlighting for PHP functions?

- by Jebego

I've recently begun using Notepad++, and have found a part of its styling functionality that confuses me. I'm currently attempting to color all of PHP's defined functions (such as count(), strlen(), etc.). In the Settings-Style Configurator, you cannot add a new style for such a function list. Instead, I have begun editing the stylers.xml and langs.xml. To add the new coloring, in langs.xml, I've modified the php section to the following: <Language name="php" ext="php php3 phtml" commentLine="//" commentStart="/*" commentEnd="*/"> <Keywords name="instre1">[default keywords]</Keywords> <Keywords name="instre2">[my function list]</Keywords> </Language> The [default keywords] and [my function list] are replaced with wordlists. I've also edited the php section in stylers.xml to look like the following: <LexerType name="php" desc="php" ext=""> <WordsStyle name="QUESTION MARK" styleID="18" fgColor="FF0000" bgColor="FDF8E3" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="DEFAULT" styleID="118" fgColor="000000" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="STRING" styleID="119" fgColor="FF0000" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="STRING VARIABLE" styleID="126" fgColor="FF0000" bgColor="FEFCF5" fontName="" fontStyle="1" fontSize="" /> <WordsStyle name="SIMPLESTRING" styleID="120" fgColor="FF0000" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="WORD" styleID="121" fgColor="008040" bgColor="FEFCF5" fontName="" fontStyle="1" fontSize="" keywordClass="instre1">True False</WordsStyle> <WordsStyle name="NUMBER" styleID="122" fgColor="FF0000" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="VARIABLE" styleID="123" fgColor="0080FF" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="COMMENT" styleID="124" fgColor="FF8040" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="COMMENTLINE" styleID="125" fgColor="FF8040" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="OPERATOR" styleID="127" fgColor="8000FF" bgColor="FEFCF5" fontName="" fontStyle="0" fontSize="" /> <WordsStyle name="FUNCTIONS" styleID="128" fgColor="000080" bgColor="FEFCF5" fontName="" fontStyle="1" fontSize="" keywordClass="instre2"></WordsStyle> </LexerType> The changed part is the last "FUNCTIONS" line. When I restart Notepad++ and go into the Settings-Style Configurator section, under the php language, the FUNCTIONS style exists. I can change the style's color, and can see the entire keyword list under 'Default Keywords'. However, it is not changing the coloring of the words in my code. When I edit the WORD style, which contains stuff like 'if', 'and', and 'true', things change accordingly in my code. Any ideas on how to make this work?

Read the article
PHP hits 100% CPU and eats RAM at the same time Monday to Friday

- by Daniel Samuels

We run a learning platform for primary schools here in the UK and it's all been running extremely well. However at around 4PM Monday to Friday we see the same issue arise -- 1-2 PHP threads will spike to 100% CPU and gradually start eating up RAM until the server(s) fall over. 98%+ of our requests are HTTPS, these come into our Layer 7 load balancer which then decrypts the SSL data, adds the X-HTTP-Forwarded-For header and forwards the data onto an application server (we have 2 of those at the moment) on port 80. Our application servers have Varnish on port 80 which takes in the request from the load balancer and passes the request through to Nginx on port 81. Nginx then works out which 'vhost' it needs to use and passes any PHP processing through to PHP-CGI which is listening on a socket (managed through spawn-fcgi). There's an instance of Memcached running too, MySQL runs on a separate server / slave setup. Throughout the day the load will typically go no higher than 0.8 on either of the application servers, however at around 4PM our problem arises. I've managed to run strace on a few of the actual threads when they cause the problem and I always see the same thing: stat("/usr/share/zoneinfo/Europe/London", {st_mode=S_IFREG|0644,st_size=3661, ...}) = 0 stat("/usr/share/zoneinfo/Europe/London", {st_mode=S_IFREG|0644,st_size=3661, ...}) = 0 This is repeated infinitely and never stops until you SEGKILL the process or oomkiller kills it. There are no cron jobs scheduled to run at that time and I don't have any way of seeing exactly what Nginx request is associated with the PHP process which is running. We are running PHP 5.3.14 which we upgraded to from 5.3.8 last week to rule out the older version being the problem. This issue has been going on a few months now and we have no idea what is causing it. We deploy our software very frequently, so it's difficult to track down a specific release which may have started the problem - especially as we do not know the date of the first occurrence of this issue. Varnish is version 3.0.1, Nginx is 1.0.6 (which I understand is about a year old now), our servers are running CentOS release 5.7 (Final) they have Intel i3 540s at 3.07Ghz and 8GB of RAM. There's a discussion on the Debian mailing list about something very similar, you can find that here. Has anyone seen anything like this in the past, does anyone have any ideas or suggestions? Are there a way of linking an Nginx request directly to a PHP thread? Is there a better way of seeing what the PHP process is doing? (I've seen GDB mentioned, though I'll have to recompile PHP) Thanks!

Read the article
How to downgrade a certain ubuntu 10.04 package (php) back to karmic

- by Eugene

Hi! I've updated from 9.10 to 10.04 but unfortunately the PHP provided with 10.04 is not yet supported by zend optimizer. As far as I understand I need to somehow replace the PHP 5.3 package provided under 10.04 with an older PHP 5.2 package provided under 9.10. However I am not sure whether this is the right way to downgrade PHP and if yes, I don't know how to replace the 10.04 package with 9.10 package. Could you please help me with that?

Read the article
PHP-FPM performing worse than mod_php

- by lordstyx

Recently the website I maintain has been growing a lot and I saw the point coming where I'd want to switch from apache to nginx, because I kept on reading that it performs way better. Now I've done the switch, and I have to say, nginx is keeping up just fine. However, php-fpm is forming a problem. Where the php pages used to take 0.1 second to generate with the same load they now take around 3 seconds! Furthermore the error.log from nginx is being spammed with errors like: upstream timed out (110: Connection timed out) while connecting to upstream, client: ... I also tried using unix sockets instead, but those would complain about the following: connect() to unix:/tmp/php5-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream I've fiddled with settings here and there but nothing seems to work. Changing the amount of pm.max_children doesn't seem to help a lot either, but with it's current amount at 350 it seems to be the lesser of all evil. The server that's being used has 3 GB RAM (not all of it is free due to a MySQL server also running) along with 2 dual-core processors (4 cores in total). Am I doing something majorly wrong with the settings here, or is the server simply not capable enough? EDIT: Here is the nginx server block server { listen 80; listen [::]:80 default ipv6only=on; root /var/www; index index.php index.html index.htm; server_name localhost; location / { try_files $uri $uri/ /index.html; } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; deny all; } location = /50x.html { root /usr/share/nginx/www; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini try_files $uri = 404; # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/tmp/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } location ~ /\.ht { deny all; } } And the php-fpm pool: [www] user = www-data group = www-data listen = 127.0.0.1:9000 ;listen = /tmp/php5-fpm.sock listen.backlog = -1 pm = dynamic pm.max_children = 350 pm.start_servers = 200 pm.min_spare_servers = 10 pm.max_spare_servers = 350 pm.max_requests = 1536 rlimit_files = 65536 rlimit_core = unlimited chdir = /

Read the article
Custom settings with PHP on Nginx

- by miki

I have multiple websites setup using Nginx and Apache, but when I try to add a vhost based PHP directive using fastcgi_param PHP_VALUE , the value get added to all of my vhosts. Checking the value of the PHP parameter from PHP-CLI remain the actual one for whole server. e.g. I used fastcgi_param PHP_VALUE "memory_limit=512M" for a domain based nginx config, but it will be propagated to all domains on server. The 'php -i | grep memory_limit' show 128M though Not sure what I am missing

Read the article
How to downgrade a certain package (php) back to karmic

- by Eugene

Hi! I've updated from 9.10 to 10.04 but unfortunately the PHP provided with 10.04 is not yet supported by zend optimizer. As far as I understand I need to somehow replace the PHP 5.3 package provided under 10.04 with an older PHP 5.2 package provided under 9.10. However I am not sure whether this is the right way to downgrade PHP and if yes, I don't know how to replace the 10.04 package with 9.10 package. Could you please help me with that?

Read the article
What is the difference between safety and security?

- by Lernkurve

Question What is the difference between safety and security in the context of information management or computer science? Elaboration This could be the canonical answer for people searching for it. Let me know if superuser.com is the wrong site for this question. I have, of course, googled it and haven't found an answer that seemed short and to the point. Wikipedia wasn't very helpful either: safety, information security.

Read the article
Automatically Applying Security Updates for AWS Elastic Beanstalk

- by Eric Anderson

I've been a fan of Heroku since it's earliest days. But I like the fact that AWS Elastic Beanstalk gives you more control over the characteristics of the instances. One thing I love about Heroku is the fact that I can deploy an app and not worry about managing it. I am assuming Heroku is ensuring all OS security updates are timely applied. I just need to make sure my app is secure. My initial research on Beanstalk shows that although it builds and configures the instances for you, after that it moves to a more manual management process. Security updates won't automatically be applied to the instances. It seems there are two areas of concerns: New AMI releases - As new AMI releases hit it seems we would want to run the latest (presumably most secure). But my research seems to indicate you need to manually launch a new setup to see the latest AMI version and then create a new environment to use that new version. Is there a better automated way of rotating your instances into new AMI releases? In between releases there will be security updates released for packages. Seems we want to upgrade those as well. My research seems to indicate people install commands to occasionally run a yum update. But since new instances are created/destroyed based on usage it seems that the new instances would not always have the updates (i.e. the time between the instance creation and the first yum update). So occasionally you will have instances that aren't patched. And you are also going to have instances constantly patching themselves until the new AMI release is applied. My other concern is that perhaps these security updates haven't gone through Amazon's own review (like the AMI releases do) and it might break my app to automatically update them. I know Dreamhost once had a 12 hour outage because they were applying debian updates completely automatically without any review. I want to make sure the same thing doesn't happen to me. So my question is does Amazon provide a way to offer fully managed PaaS like Heroku? Or is AWS Elastic Beanstalk really more of just a install script and after that you are on your own (other than the monitoring and deployment tools they provide)?

Read the article
Security update in command line on Ubuntu

- by Luc

Hello, I can find anything on google that could help me to use aptitude to only install security update using command line on Ubuntu. I tried this: https://help.ubuntu.com/community/AutomaticSecurityUpdates but it installed everything and not only the security updates !!!! Thanks a lot for your help, Luc

Read the article
Use SECEDIT to export "Security Options" from one computer and import on another

- by Andy Arismendi

Can I use secedit.exe to export out the "Security Options" from the local security policy and then import them on another machine? I'm trying to do this on Windows Server 2008. Update I just tried with: secedit /export /db C:\andy.db /cfg C:\andy.inf /areas SECURITYPOLICY /log C:\andy.log But it didn't work with error: Warning 2: The system cannot find the file specified. Error opening C:\andy.db. Where do I get the DB file from?

Read the article
Microsoft Security Essentials howto auto download definition updates

- by chris.nullptr

I use Microsoft Security Essentials as my antivirus on my Win7 box. New virus definitions to Security Essentials are installed using Windows Update. However, the updates are marked as optional by default, as opposed to important which means that they don't get installed automatically. I have to select the updates from the list of optional updates and install them manually. Is there a way to change this behavior so that new definitions are marked as important and installed automatically?

Read the article
Windows security unknown accounts: security breach?

- by Keikoku

I was uploading some images I had just created to imgur earlier today and noticed that chrome couldn't access my Pictures folder. Windows tells me access was denied. Firefox didn't have an issue though I went to it through windows explorer and it worked fine, and looked at the security tab under properties and noticed that there were four unknown accounts, one of which has full control privileges. I looked at my other folders in the same drive and none of them had these unknown accounts. It was only that specific Pictures folder, and all of its subfolders. What are these unknown accounts and what could it mean? Should I be worried that someone may have compromised the system (well, I should probably be worried about that all the time I guess) I read on microsoft support forums that it may be the result of a previously deleted account, but there has only been one account on this computer for months and no user account management has been performed for awhile.

Read the article
Microsoft Security Essentials for a business

- by Systech

This is 2 questions really - Am I allowed to install Microsoft Security Essentials 1.0 in a business of 200 - 300 users? Is Microsoft Security Essentials 1.0 adequate protection (real-time scanning, updates etc)?

Read the article
Microsoft Security Essentials Not Monitoring

- by nateify

When I boot into Windows Vista, Microsoft Security Essentials is set to run when the system starts. When I open the program, it says Microsoft Security Essentials isn't monitoring your computer because the program's service stopped. It tells me that it can't update definitions or enable real time protection unless I do it manually (every time I boot). Is there a way I can fix this so I always have real time protection and updating?

Read the article
Question about CSF Security Over Plesk

- by user39110

Hi, i have vps and i use parallels plesk. I want to give more security to my vps in this case i thinking to install csf security suite. How about that idea or can you suggest another software or trick ?

Read the article
Moving file security from one server to another (asp.net sites, IIS)

- by Imageree

I am running windows server with asp.net websites and sql server 2008 and IIS 6. It is working fine. Now I need to move my asp.net websites to another windows server and I have hard time setting correct file security for the new server. Is there any way to compare or move or see difference file security between two servers?

Read the article
Downloading Microsoft Security Essentials via https

- by Marcel

I want to download Microsoft Security Essentials on my brand new Windows 7 home PC. The official site presented to me is http://windows.microsoft.com/de-CH/windows/products/security-essentials, as I am located in Switzerland. The link to the actual package then is http://go.microsoft.com/fwlink/?LinkID=231276 Obviously, the download is not secured with https. Why? Would this not be the first thing Microsoft should do? They could deliver the certificate already with the OS to make it really secure...

Read the article
Is free security software as good as paid security software?

- by Tester101

I mostly use free security solutions to protect my home PC, but I wonder if I would get better protection from a paid solution. I prefer the free software, since I can have multiple applications protecting against different threats. With paid software I feel like I have to choose just one, and hope it can protect against everything. Is it worth it to pay for security when there are free options?

Read the article

< Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63 | Next Page >