1. security in websites

    Date: 12/29/04 (PHP Development)    Keywords: php, mysql, browser, database, sql, security, web

    i am preparing to design a website for my family. i'd like it to have a secure log-in, which references usernames and passwords in a mysql database. i'd like the rest of the website to be secure, meaning, if you're not logged in, you're redirected to the index. i'm planning to use sessions with cookies. as i'm relatively new to security in web design, i'd like some advice.

    i know the login.php script will check the username and password against a corresponding user table. if the login succeeds, a call will be made to session_start(). session_start() will be called on all subsequent pages, as well as a check to see if the login status is true (or something like that). herein is my first question:
    what should each subsequent page of the site check for?

    do i need to turn SSL on or will sessions, cookies and a database be enough? (it doesn't need to be super tight--mainly, some of my aunts and uncles don't want the pictures of their bikini clad daughters from our beach trips accessible to just anyone over the net.)

    ... i guess i'm not entirely sure what else to ask. i suppose that i'll need to make each page check to see if the above mentioned login status variable is set to true, but how do i set it to false? do i just design the session or cookie to expire when the browser is closed?

    any help or feedback is appreciated. if you know of a good site (that's easy to understand) which goes over what you need to do to design s secure site, please let me know.

    ah, by the way, the environment i'm designing this site for is a RedHat server with PHP4.3.9 and MySQL4.0

    thanks for your help

    Source: http://www.livejournal.com/community/php_dev/50687.html

  2. Tomcat hosts?

    Date: 11/17/04 (PHP Development)    Keywords: php, mysql, database, sql, web

    (x-posted all over the damn place)

    I am currently looking for a good web host that offer Tomcat AND php AND some kind of database (MySQL or PostGres - I'm not picky). I'd also like to go with someone who has a sane usage policy (I once had a site yanked by addr.net due to "inappropriate content").

    Currently, http://www.oxxus.net/ looks pretty good.

    Anyone have any other suggestions?

    Source: http://www.livejournal.com/community/php_dev/49616.html

  3. Programming Goodness

    Date: 10/15/04 (Elite PHP Development)    Keywords: php, mysql, database, sql, java

    I was lookin around and found this tonight. Very much kewlness, I am hopeing to join in on the fun in the development community so I can add in my ideas to make PHP even better.
    This is a little bit of information I picked up on Creating Custom Exceptions and sending data to the parent class from a function in a subclass. Very spiffy.

    query("SELECT NOW()");
    catch(ConnectException $exception) {
    echo "Connection Error\n";
    catch(QueryException $exception) {
    echo "Query Error\n";
    /* Handle exceptions that we weren't expecting */
    catch(Exception $exception) {
    echo "Who was that masked exception?\n";



    very spiffy, and I will be posting something using the new MySQLi class. Maybe a whole class system for the generation of graphics pulled from a database. Possibly attach that to a javascript paint proggy, or even better a flash paint proggy..... hmmm the posibilities are endless, but i have to get back to my money making... Gotta love it, but it would be so much more fun if i had a project that really challenged my knowledge and abilities, but well get to that someday.

    Source: http://www.livejournal.com/community/php_elite/504.html

  4. Mambo on FreeBSD 5.3

    Date: 02/23/05 (PHP Community)    Keywords: php, mysql, xml, sql, java, linux, apache

    I'm having a few problems getting Mambo working on FreeBSD 5.3

    Whenever I try to log in to the administrators account, with a valid username\password, you get presented with the same screen with the username\password boxes still filled in. /var/log/messages states "Feb 23 17:42:42 linux kernel: pid 15803 (httpd), uid 1006: exited on signal 11"

    Nothing is written to the Apache access or error logs

    If I try to log in with an invalid combo, a JavaScript popup tells me I got either the username or password wrong. So, the authentication is sort-of happening

    The only useful thread I've found on the Mambo forums was this one. Which states "To all who have this issue, it is a problem with duplicate extension entries in your php.ini"

    All I have in my php.ini that contains references to extension are:

    extension_dir = "/usr/local/lib/php/20020429/"

    So there aren't any duplicates

    I really don't know much about setting PHP up. Does anyone have any pointers?

    I seem to remember having this problem in the past with Gallery, and the issue was resolved by installing php4-extensions

    Here's the version of all PHP stuff I have installed:

    # portversion -v | grep php
    mod_php4-4.3.10_2,1         =  up-to-date with port
    php4-bz2-4.3.10_2           =  up-to-date with port
    php4-ctype-4.3.10_2         =  up-to-date with port
    php4-extensions-1.0         =  up-to-date with port
    php4-gd-4.3.10_2            =  up-to-date with port
    php4-mysql-4.3.10_2         =  up-to-date with port
    php4-openssl-4.3.10_2       =  up-to-date with port
    php4-overload-4.3.10_2      =  up-to-date with port
    php4-pcre-4.3.10_2          =  up-to-date with port
    php4-posix-4.3.10_2         =  up-to-date with port
    php4-session-4.3.10_2       =  up-to-date with port
    php4-snmp-4.3.10_2          =  up-to-date with port
    php4-tokenizer-4.3.10_2     =  up-to-date with port
    php4-xml-4.3.10_2           =  up-to-date with port
    php4-zlib-4.3.10_2          =  up-to-date with port
    phpMyAdmin-2.6.1            =  up-to-date with port

    Any pointers would be most appreciated!

    Update: Sorted. It seems that I did have 2 entries for session.so. One was in /usr/local/etc/php.ini and the other was in /usr/local/etc/php/extension.ini

    I commented one out, and it started working

    Leaving this entry in-tact, just in case anyone else has the same problem

    Source: http://www.livejournal.com/community/php/265349.html

  5. XML > PHP > MySQL?

    Date: 02/27/05 (PHP Community)    Keywords: php, mysql, xml, sql

    Can anyone recommend a good script they know of that is used to get XML into MySQL, via PHP? I'm creating my own but would like to see some examples if you know of any, thanks!

    Source: http://www.livejournal.com/community/php/266834.html

  6. How to start/stop MySQL server on Linux

    Date: 01/08/05 (Java Web)    Keywords: mysql, sql

    /etc/rc.d/init.d/mysqld start /etc/rc.d/init.d/mysqld stop /etc/rc.d/init.d/mysqld restart And of course there is the brute force way to kill all the processes: $ for i in `ps -ef |grep mysqld |awk '{print $2}'`; do `kill -9 $i`; done cut doesn't cut it in this case. Sure you can also just use awk. Thanks to Anthony Eden for the comment (below) to remove the [...]

    Source: http://blog.taragana.com/index.php/archive/how-to-startstop-mysql-server-on-linux/

  7. Decimal Unicode or Hex Unicode?

    Date: 02/25/05 (Mozilla)    Keywords: php, mysql, html, xml, sql

    Do any of you bright minds know WHY some programmers decide to use Decimal Unicode notation (e.g., Firefox), whereas others decide to use Hex Unicode notation (e.g. the Gnome/libxml2/xmllint folks)?

    My wish is that:

    1.) They had all gotten together and decided on just one,
    2.) They had all chosen Hex, padded on the left with zeroes so that all characters are represented by a full four digits (e.g.  rather than  for Â), the latter of which is NOT conformant to the Unicode specification, which requires four to six digits, not bloody darn one, two or three).

    I know they are functionally equivalent, and I know it's a simple mathematical calculation to go from one to the other, and that Perl and PHP both probably have built-in functions that I could use to convert from one to the other, but GRRRR. I long for consistency, and god forbid, standards-compliance.

    Also, why if Firefox smart enough to take UTF-8 input in an HTML form and convert it automatically to Decimal Unicode (which mySQL 4.0 can actually understand), but Safari is not smart enough (and of course, neither is I.E., duh).


    Don't get me wrong, I don't hate Safari. Safari is FAR better than Firefox at rendering certain difficult Unicode glyphs, like Devanagari (Sanskrit) that has internal HTML markup inside conjunct consonants (Opera 6.03 comes close on this). However, when it comes to Hebrew, Greek, and Romanian (the others I've had to deal with recently), Firefox is just hands-down better.

    Source: http://www.livejournal.com/community/mozilla/254172.html

  8. PHP4 GD module on Debian

    Date: 02/11/05 (IT Professionals)    Keywords: php, mysql, sql, google

    Does anybody have experience setting up PHP4 on Debian (woody) such that the GD module is recognized?

    I've installed PHP4 and three modules: mysql, mcrypt, gd2:

    apt-get install php4
    apt-get install php4-mysql
    apt-get install php4-mcrypt
    apt-get install php4-gd2
    During the install process for php4-gd2, I was prompted to modify php.ini with "extension=gd.so". I answered "Yes". I then verified that the line was added to php.ini.

    However, if I view PHP's info, there's no "GD" section.

    And if I create a test PHP script utilizing a GD function, I get the following:
    Fatal error: Call to undefined function: imagecreatefrompng() in /var/www/cparker15/test.php on line 3
    Anybody know what I might be doing wrong? I've Googled and have come up with nothing. I'm thinking of asking on debian-user, but the last time I posted there, I didn't get any answers.

    crossposted to '[info]'debian

    Source: http://www.livejournal.com/community/itprofessionals/5053.html

  9. What web host do you use?

    Date: 09/11/04 (Web Hosts)    Keywords: mysql, database, sql, linux

    Just curious on what you guys use to host your sites. Pros/cons? Specs? Like myself:

    Site: Frankly Jason
    Host: Cyberpixels.com
    Specs: 9.95/mo for 400 MBs, 15 GBs bandwidth, and uber amount of pop 3 emails, ftp accounts, sub-domains and mysql databases
    Server OS: RedHat Linux
    Control Panel: cPanel

    Pros/cons: Everything runs pretty smoothly except the lag time on uploading to the FTP. Uploading is fast, just the connection with the ftp as each file goes onto the space.

    Source: http://www.livejournal.com/community/webhosts/19341.html

  10. MD5 support in SQL Server 2000

    Date: 12/23/04 (SQL Server)    Keywords: mysql, database, sql, postgresql

    cross-posted to '[info]'databases

    For privacy protection within an application, I hash email addresses into MD5. MySQL, PostgreSQL, and Oracle all have a scalar function that allows you to hash a column/string -- for example MD5(emailaddr).

    I have yet to find such a function, or a handy library/package for creating such a function in SQL Server 2000. Did I miss something? recommendations?

    Source: http://www.livejournal.com/community/sqlserver/13063.html

  11. galleries!

    Date: 03/10/05 (WebDesign)    Keywords: php, mysql, sql, java, web

    so, my quest for the perfect gallery continues. my question to you all is this: what gallery applications do you use and what do you think of them? I prefer php and no need for mysql, but I'm open to other options. the only thing I'm adamant about is not using javascript. ;)

    x-posted to '[info]'webdesign and '[info]'webdev.

    Source: http://www.livejournal.com/community/webdesign/826746.html

  12. galleries!

    Date: 03/10/05 (Web Development)    Keywords: php, mysql, sql, java, web

    so, my quest for the perfect gallery continues. my question to you all is this: what gallery applications do you use and what do you think of them? I prefer php and no need for mysql, but I'm open to other options. the only thing I'm adamant about is not using javascript. ;)

    x-posted to '[info]'webdesign and '[info]'webdev.

    Source: http://www.livejournal.com/community/webdev/179032.html

  13. php4 class extending and shared variables

    Date: 03/11/05 (PHP Community)    Keywords: php, mysql, database, sql

    I have a base class in which I'd like to extend. The thing is, the base class connects to a database. How can I make it so any classes I extend from base class will share the one connection to the database and not make a duplicate connection for each object i make?


    class base {
     var $connection;
     function base(){
      $this->connection = mysql_connection("server","user","password");
     function exec($query){
      return mysql_query($query,$this->connection);
    class child extends base {
     var $foo;
     var $bar;
     function child(){
      $this->foo = mysql_result($this->exec("select foo from foobar"),0);

    I'd like it so no matter how many objects i make of the child class, they all share the same database connection. I think in PHP5 you can do something like "shared $connection" but i'm using php4.



    Source: http://www.livejournal.com/community/php/271677.html

  14. Noob question...

    Date: 03/13/05 (MySQL Communtiy)    Keywords: mysql, sql

    the timediff functions and others witihn mysql... is that only available for max db? and is maxdb the paid version?

    I'm just making sure my simple sql syntax is not wrong.

    thanks in advance.

    Source: http://www.livejournal.com/community/mysql/50317.html

  15. 3 Tier Web development and Code Generation

    Date: 03/15/05 (Web Development)    Keywords: php, mysql, html, database, sql, java, web

    This is long so a cut tag...

    So recently I’ve been working on some new stuff. In recent versions of Mozilla (including Firefox) there is now a SOAP client. This means that a web application can access the server at any time, and not just when the page loads. This means a huge amount of flexibility is now available to the developer in a DHTML application. I have been playing with this for several months and realized that a large amount of the code is very repetitive.

    I am working on a application to build these applications. I have a DHTML page which lets you model your application. It pulls table and index definitions from a MySQL database, and then it lets you set up validation rules for each field, set up custom SQL queries (In addition to a number of automatically generated ones), set field labels, and change other things about the data model.

    So far I can auto generate
    * DHTML Forms
    * Javascript glue for the forms
    * Javascript to wrap the soap functions into simple javascript methods.
    * PHP classes to access a mysql database
    * A wrapper to serve the PHP classes up as SOAP.

    Still to do

    * Data validation
    * Unit test frameworks
    * Installer scripts for a generated application

    For more information see my wiki
    I plan to have the code on source forge (project “xulbuilder”) today or tomorrow

    Source: http://www.livejournal.com/community/webdev/181661.html

  16. Timestamping and datetime

    Date: 03/15/05 (MySQL Communtiy)    Keywords: php, mysql, database, sql

    I'm working on a database table and am having trouble getting the dates added properly. I want two date fields, one to store the date the record was created, the other to store the date it was last modified. However, I can't figure out how to get the fields to hold anything but a bunch of zeros. I've tried TIMESTAMP and DATETIME and using the PHP time function and reading through the mysql.com documentation and am still in the dark. Any help would be appreciated.

    Source: http://www.livejournal.com/community/mysql/50849.html

  17. PHP and J2EE: connection's pool

    Date: 03/16/05 (PHP Community)    Keywords: php, mysql, sql, java

    Does anybody read about creating MySql connection's pool in PHP like in Java2EE. I have read a LOT about mysql_connect and mysql_pconnect but no one word about pools.

    Source: http://www.livejournal.com/community/php/273139.html

  18. Converting MYSQL timestamps?

    Date: 03/16/05 (PHP Community)    Keywords: php, mysql, database, sql

    I have a timestamp in my MySQL database. I grab the information along with the other table information using a select, then want to display it in my PHP pages. However, everything I've tried turns up really funny displays. Is there a way in PHP to format MySQL timestamps?

    Source: http://www.livejournal.com/community/php/273803.html

  19. displaying Japanese from mysql with php?

    Date: 03/17/05 (PHP Community)    Keywords: php, mysql, browser, database, sql, web

    Hi, thanks in advance for any advice.

    I am working on a website on my PC, and I don't know anything about servers but I wanted to develop locally, so I am using a WAMP package. I would like the site to be able to display database entries from mysql that are in Japanese, but when I call them I just see question marks instead of the Japanese (using various browsers and encoding options). I can, however, just echo Japanese text in the php file and it will display properly. Also, in phpmyadmin where I am creating the database the Japanese is displaying correctly.

    I don't know if it's a problem with the server, mysql, or the script, so I don't even know where to start. I have tried it with the db, table and fields collated in both sjis_japanese_ci and utf8_unicode_ci, with the same results.

    Does anyone know what the problem could be? Thanks!

    Source: http://www.livejournal.com/community/php/274046.html

  20. New to MySQL

    Date: 03/17/05 (MySQL Communtiy)    Keywords: php, mysql, database, sql

    Alright, so I'm a bit new to MySQL. I haven't had to work with databases much, and when I have done them, it was with Access (Ick!). Anyway, i've got a php page that I'm trying to connect to a MySQL database. This isn't how the data's going to be displayed, obviously, but I'm unsure where to go from here.

    // Connecting, selecting database
    $connect = mysql_connect('localhost', 'mannsye', 'nickmann1169');
    if (!$connect)
    die('Could not connect: ' . mysql_error());
    echo "Connected successfully


    $category = 1;

    mysql_select_db("mannsye_conigeninformation") or die("Could not select database");

    // Performing SQL query
    $query = "SELECT * FROM residental_links, residental_types ";
    $query += "WHERE ((residental_links.section)=(residental_types.type)) ";

    $query += "ORDER BY residental_types.index, residental_links.name;";
    $result = mysql_query($query) or die('Query failed: ' . mysql_error());
    // Free resultset

    // Closing connection

    I've got my query seperated from the code, but as I know very little about MySQL, I don't know if the syntax is correct or not.

    SELECT * FROM residental_links, residental_types
    WHERE ((residental_links.section)=(residental_types.type))
    ORDER BY residental_types.index, residental_links.name;

    Whenever I try and access the database and the tables, I can connect, but I can't display any data.

    Connected successfully

    Query failed: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '0' at line 1

    Please, any help would be appreciated.

    Many thanks!

    Source: http://www.livejournal.com/community/mysql/50953.html

Previous page  ||  Next page

antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home