|
|
Posted by Ojas on 12/06/07 06:32
On Dec 6, 10:46 am, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> Ojas wrote:
> > On Dec 6, 10:02 am, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> >> Ojas wrote:
> >>> On Dec 6, 8:21 am, NC <n...@iname.com> wrote:
> >>>> On Dec 5, 1:18 am, Ojas <contacto...@gmail.com> wrote:
> >>>>> if the request has been sent through command line, $argc &
> >>>>> $arv will exists whether having any values or not but since
> >>>>> we can access these values from $_SERVER (or $_ENV not sure
> >>>>> about it) which itself is an array, not set $_SERVER['argc']
> >>>>> is equivalent to null $_SERVER['argc'], accessing the
> >>>>> $_SERVER['argc'] will result to null values in both cases,
> >>>>> then how one can distinguish these cases?
> >>>> There's no need to. If the script is running from the command line, a
> >>>> call to php_sapi_name() will return 'cli'.
> >>>> Cheers,
> >>>> NC
> >>> Hi! all,
> >>> NC has provided a very useful point of using php_sapi_name to detect
> >>> the same. I tried to print 'PHP_SAPI' on my system and got the
> >>> following result:
> >>> Browser: apache2handler
> >>> Command Prompt: cli
> >>> I think it is of great help and we are going to have a robust
> >>> solution. Meanwhile, i would appreciate if anyone of you could share
> >>> the list of all possible php sapi (along with their possible
> >>> applicationfrom which they will be in existence).
> >>> And yes Jerry Stuckle do provided the good way of distinguish between
> >>> 'not set element' and 'null element' inside the array. I was known to
> >>> it, but somehow it get slipped out of my mind.
> >>> Cheers! NC & Jerry Stuckle.
> >>> To continue the discussion, i would like to extend it a little bit
> >>> further by asking how to detect whether a request to the server has
> >>> been made directly or using sockets or using CURL from the client side
> >>>application?
> >>> Ojas
> >> No way to tell. This depends on the user agent sending information,
> >> which is not reliable. For instance, depending on the site I'm
> >> interfacing to in CURL, I might send some string such as "PHP-CURL", or
> >> I might send the user agent the client is using (i.e. Firefox, IE, etc.).
>
> >> --
> >> ==================
> >> Remove the "x" from my email address
> >> Jerry Stuckle
> >> JDS Computer Training Corp.
> >> jstuck...@attglobal.net
> >> ==================
>
> > Ok.
>
> > That's correct, but in case someone is wishing to deny the request
> > coming from the CURL or socket way, then what should be the procedure?
>
> > Ojas
>
> There is none. There is no way you can tell what the client is running,
> other than what the client tells you. And that is not reliable.
>
> The real question here is - what problem are you having?
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================
Well i am facing no problem at all at present.
I was just wishing to know it so that i could use the info in any of
my next projects/assignments.
As you said there is no way to track this, a spammer can develop a
script which will regularly send request to the web-server, forging
the original details??
[Back to original message]
|