Posts by veedeoo

May I know which one do you have Unix or Linux?
Is phpsuExec or suExec installed?
After generating the CSV file, what is the permission given to this file?

Simple things about directory and file permissions.

We can view directory and file permission or CHMOD as it would apply to our valuable possessions. As the rightful owner, we can control access to these possessions at all times.

The access controls can be imposed on three major user classifications.
1. Owner = this is you
2. Group = user group
3. World = you, user group, and the entire world

you can be a member of a user group, which is pretty common in linux environment.

There are three permissions that can be given to the users.
1. permission to read
2. permission to write
3. permission to execute

Integer values of the permissions.
1. Read = 4
2. Write = 2
3. Execute = 1

The loosest permission is 7 for each user group. Which is pretty scary. Most hackers can exploit any file ( NOT directory) with write permission 777 for the file.

Illustration of your current settings

At 777, this is pretty scary scenario if this applies to a file.

+---------+--------+---------+-------+
+---------+  owner +  group  + world +
+---------+--------+---------+-------+
+ read    +    4   +    4    +   4   +
+ write   +    2   +    2    +   2   +
+ Execute +    1   +    1    +   1   +
+---------+--------+---------+-------+ …

0755 is the recommended directory permission for linux servers. However, this can change depending on the server's server API. When you run a simple php info() script anywhere in your public directory, you will find what is on your server.

for example, if the Server API is an apache module, then your server write permission or CHMOD should be set to 0777 or 777. This I don't know of any other alternatives.

The truth is, pretty much nobody uses the apache module as server API. What are commonly use these days are Apache Handler 2.x and Fast/CGI which allows the recommended 0775 or 775 permission for directory permission and giving all files a persmisson of 644. Most hosting companies only allow maximum permissibility value of 0755 or 755.

Test your application if it can write with 755 permission.

Also, I noticed that you are using fputs() function. I know for sure PHP have a dedicated function in handling CSV files and it is called fputcsv() function.

Hi,

This is pretty easy task in PHP.

First, get yourself acquainted with the ftp_login PHP function.

Second, test that function in a more meaningful application utilizing the ftp_put PHP function as shown here.

Lastly, please allow me to add my own personal opinion about these PHP functions in just ONE short sentence. It is pretty SLOW.

Other solution that is a lot faster than what I have mentioned above is to use cURL or remote uploads server to server. This can be very fast..

Notepad++ will not be able to detect it, but not all the time. A good IDE like NetBeans is capable of detecting those embedded <div> tags.

Notepad++ can surely detect this type of coding technique.

<?php

function doSomething(){

return array('home'=>'Home', 'about'=>'About','contact'=>'Contact');

}

function doItAgain(){

return array('Home','About','Contact');

}

 $x = doSomething();
 $y = doItAgain();

?>

<html>
<head>
</head>
<body>
    <div>
    <ul>
    <li> <?php echo $x['home'];?> </li>
    <li> <?php echo $x['about'];?> </li>
    <li> <?php echo $x['contact'];?> </li>
    </ul>
    </div>

    <!-- second group of codes here -->

</body>
</html>

and this one, it won't be able to ..

   <br/>

    <ul>
    <!-- notepad++ will not be able to detect codes below -->
    <?php
    foreach($y as $item){
    echo '<li>'.$item.'</li>';
    }

    echo '</ul>';
    ?>

hi,

I don't understand this

<?php
$tcode="$_POST[teamID]";
?> 

If my suspicion is correct, then it should be coded as something like this.

<?php

$tcode = $_POST['teamID'];

?> 

Did you installed anything before having this problem problem? I am assuming here that some other exe file is trying open a php file, but that is only my guess. I never ecountered this type of problem before, because all of my xampp for development are in portables.

You can try the command prompt test for your PHP if it working properly, if it is then the problem is pointed directly to your windows,, still you really need to make sure of that..

create a new php file named test.php and save it in your htdocs directory.

<?php

    echo 'Hello this is a test';

open your command prompt, type

cd c:xampp\htdocs\

//hit enter

type

php -v

this should give you the version of php installed on your computer.

type

php test.php

What do you see on your black box or command prompt? You should be seeing 'Hello this is a test'.

If that fails, your xampp installation is either corrupted. Else, it is your windows that is corrupeted.

you should try reinstalling xampp and make sure to set your installation directory to C: or your main hard drive. Otherwise, you can try using just the portable version which is equally the same as the .exe version.

The only way we can help you is to provide us the source code where the error is coming from. Is it from php page located on your htdocs?

thanks JorgeM.. you are the best :).

Hi,

You can either use netbeans IDE, or php designer2007 personal edition as your PHP source code editor. These applications will tell you what other PHP plugins you need to install to be able to use the debugging feature.

I understand the urgency, but have you tried anything yet? Please post whatever codes you've got going already. Just wondering is it php or Visual basic?

hi,

You need to forward the user to a page where the data are less crowded or more suitable for printing and then you add javascript like so..

<form>
<input type="submit" value="print" onClick="window.print()" />
</form>

that should be simple enough for you to implement...

Hi,

I don't know if this will help you, but this is the representation of your example above.

css credit goes here.

Modulu is really good in doing the odd and even rows, but when you need to be specifically want to plug something between the iterated items, a simple for loop will probably do the job.

As I already mentioned.. codes below represents you sample html above. Feel free to experiment with it. Just make sure that the loops has ends, otherwise it will go infinite..

<style type="text/css">
table.gridtable {
    font-family: verdana,arial,sans-serif;
    font-size:11px;
    color:#333333;
    border-width: 1px;
    border-color: #666666;
    border-collapse: collapse;
}
table.gridtable th {
    border-width: 1px;
    padding: 8px;
    border-style: solid;
    border-color: #666666;
    background-color: #dedede;
}
table.gridtable td {
    border-width: 1px;
    padding: 8px;
    border-style: solid;
    border-color: #666666;
    background-color: #ffffff;
}
</style>

<table class="gridtable">
    <tr>

<?php

$col = 5; $i = 0; $x = 0; $y = 0; $z = 0;
$tdArr = array('Data One', 'Data Two', 'Data Three');

for($z = 1; $z <= $col; $z++){

## echo your  table cols.

        echo '<th>Col '.$z.'</th>';


}

 echo '</tr><tr>';
                ## for first row 
                for($i = 1 ; $i <= $col; $i++){
                echo '<td>'.$tdArr[0].' '.$i.'</td>';
                    if($i == $col){
                    echo '</tr>';
                    }}

        ## second row
    echo '<tr>';
            for($x = 1 ; $x <= $col; $x++){
    echo '<td>'.$tdArr[1].' '. $x .'</td>';
        if($x == $col){
        echo '</tr>';
        }}

        ## third row
    echo '<tr>';
            for($y = 1 ; $y <= $col; $y++){
    echo '<td>'.$tdArr[2].' '. $y .'</td>';
        if($y == $col){
        echo '</tr>';
        }}          
?>

</table>

Looking at your codes, the variable matchtag should return "quote" and backhash returns 'standard'.

Ok,... let's take care of this puppy once and for good.. I normally assign everything as an array, because it saves time and variables are easy to track and update. So, this example application will not be the same as what we could find on the web. By doing the same construct, it will be a lot easier to upgrade your CI with Smarty, Twig, or TinyButStrong package in the future.

controllers/page.php

<?php
class Page extends CI_Controller {

public function __construct(){
parent::__construct();
$this->load->helper('url');

}
public function index()
{
## define the location of your css directory in reference to the application directory

$data = array(
        'style' => base_url().'assets/css/style.css',
        'connection' => base_url().'assets/images/connection.jpg',
        'collaboration' => base_url().'assets/images/collaboration.jpg',
        'solution' => base_url().'assets/images/solution.jpg',
        'connectionUrl'=> base_url().'index.php/connection/',
        'collaborationUrl' => base_url().'index.php/collaboration/',
        'solutionUrl' => base_url().'index.php/solution/'

        );

$this->load->view('homepage', $data);
}

}

views/homepage.php

    <a href="<?php echo $connectionUrl; ?>"><img src="<?php echo $connection; ?>"></a>
<a href="<?php echo $collaborationUrl; ?>"><img src="<?php echo $collaboration ?>"></a>
<a href="<?php echo $solutionUrl; ?>"><img src="<?php echo $solution ?>"></a>

controllers/connection.php

class Connection extends CI_Controller {

public function __construct(){

 parent::__construct();
 $this->load->helper('url');

}
public function index(){



 $data = array(
            'connection'=>'Type your connection content here'
            );

 $this->load->view('connection',$data);


}

}

controllers/collaboration.php

class Collaboration extends CI_Controller {

public function __construct(){

 parent::__construct();
 $this->load->helper('url');

}
public function index(){



 $data = array(
            'collaboration'=>'Type your collaboration content here'
            );

 $this->load->view('collaboration',$data);


}

}

controllers/solution.php

class Solution extends CI_Controller {

public function __construct(){

 parent::__construct();
 $this->load->helper('url');

}
public function index(){



 $data = array(
            'solution'=>'Type your solution content here'
            );

 $this->load->view('solution',$data);


}

}

views/connection.php

<?php echo $connection;?>

are sure the column num exists in your database..or is it id?

also, if you don't mind, you can refactor your codes above to something less cluterry..

echo '<table width="85%" align="center" border="1">';
echo '<tr><td>Settlement Number</td><td>FirstParty</td><td>SecondParty</td><td>Email</td><td>Phone</td><td>Created Date</td></tr>';

while($row=mysql_fetch_array($sql))
{ 
echo '<tr><td><a href="home.php?num='. $row['num'].'">'. $row['num'].'</a></td>
<td>'. $row['firstparty'] .'</td>
<td>'. $row['secondparty'] .'</td>
<td>'. $row['partyemail'] .'</td>
<td>'. $row['phone'] .'</td>
<td>'. $row['idate'] .'</td></tr>';
}
echo'</table>';

these were wrong.. I didn't even realized it, until when you brought if up.

'connectionUrl'=>base_url().'index.php/connection/';
'collaborationUrl' => base_url().'index.php/collaboration/';
'solutionUrl' => base_url().'index.php/solution/';

correct way

'connectionUrl'= base_url().'index.php/connection/';
'collaborationUrl' = base_url().'index.php/collaboration/';
'solutionUrl' = base_url().'index.php/solution/';

You need to create a new page called connection, collaboration, and solution , in order for it to work.

You probably don't even need to route it. As long as you have pages in the controller directory, the CI autoloader will look for it.

these are good for the images and the css files..

 $data['style'] = base_url().'assets/css/style.css';
$data['connection'] = base_url().'assets/images/connection.jpg';
$data['collaboration'] = base_url().'assets/images/collaboration.jpg';
$data['solution'] = base_url().'assets/images/solution.jpg';

for the pages like connection.php, you can difine them like so..

'connectionUrl'=>base_url().'index.php/connection/';
'collaborationUrl' => base_url().'index.php/collaboration/';
'solutionUrl' => base_url().'index.php/solution/';

by doing so, you don't even have to write a route for those pages..except when pagination is utilized.

connection.php coltroller page example

Class Connection extends CI_Controller {

    function __construct() {
    parent::__construct();

    ## use only the model part if the content of the connection.php are coming from the database. Else, just leave it as is
    //$this->load->model('connection_model');

    $this->load->helper("url");

    }

    public function Connection(){

    //give this function a job

    //assign the return of this function to the view

    }

    }

Do the same to the remaining files.. Always create a model if the content is coming from the database..

CI naming standard for the model is similar to the controller's but it is a Pear style and not the Pascal style or camel style. This has to be named as connection_model.php

class Connection_model extends CI_Model {

public function __construct()
{
    parent::_construct();
    ## must load database module
    //$this->load->database();

}

public function someFunction(){

}
}

define the image directory and pass it on to the view side..

$data['images'] = base_url().'assets/images',

you can also send this to the header if you want, the view files can then use the url

<div id="products">
<a href="connection.php"><img src="<?php echo $images; ?>/connectionImage.jpg" /></a>

</div>

also, if you really want to put your css directory within the same level as the application directory, we can code the controller like this

<?php

class Page extends CI_Controller {

public function __construct(){

parent::__construct();

## load the url helper object
$this->load->helper("url");
}

public function index(){

## define the location of your css directory in reference to the application directory

$data['style'] = base_url().'assets/css/style.css',

$this->load->view('homepage', $data);
}
}

now your style.css can load the background image using this ../images/indonusa3.jpg

The homepage page should have ...

<head>
<link href= "<?php echo $style ; ?>" rel="stylesheet" type="text/css" media="screen">
</head>

That should do it for you...

There should be no .php file extension. the loader will take care of it for you..

I made a correction on my original response.. I got carried away hitting the gt

it should read

     <?php $this->load->view('includes/navigation'); ?>

we cannot do that in CodeIgniter and other MVC frameworks... The right way of doing this is by using the $this->load->view syntax.

For example, if you want the navigation included in the header, as long as the includes directory is inside the views directory, the autoloader will look for the file defined as parameter..

Example head.php, wants to include the includeds/navigation.php . The proper syntax or construct for it will be..

filename: head.php

    <?php $this->load->view('includes/navigation');?>

Say, you have left and right pages for the main page, just do the same..

<?php $this->load->view('includes/left');?>
<h2> This is my middle div content</h2>

<?php $this->load->view('includes/right');?>

In MVC the syntax rules always follows the PSR,.. simirlarly, symfony and Zend takes it to the next level, a PSR, composer type autoloading e.g.

  includes\navigation\navigation

which translate to the directory, namespace and the class name of the navigation file.

I totally agree with Dani. All things can be either assigned in your controller or inherited from the view pages...

On your previous questions, there was some controller codes that look similar to this..I don't remember them exactly, but I would guess it was something like this.

public function index()
{
    $data['news'] = $this->news_model->get_news();
    $data['title'] = 'Some title';

$this->load->view('templates/header', $data);
$this->load->view('news/index', $data);
$this->load->view('templates/footer');

So, if we want the navigation items on the header file, then put it there, If it is coming from the database, then load it through the controller..

for example,. we want a navigation item for the page..

 public function index()
{
    $data['news'] = $this->news_model->get_news();
    $data['title'] = 'Some title';

    ## assign things going for the headers
    $header['home'] = 'view/home';
    $header['about'] = 'view/about';
    $header['register'] = 'view/register';
    $header['title'] = 'Title';

$this->load->view('templates/header', $header);
$this->load->view('news/index', $data);
$this->load->view('templates/footer');

The file templates/header.php can use the item, just by

 <a href="<?php echo $home;?>">Home</a>
  <a href="<?php echo $about;?>">About Us</a>

You can also asign the base url for specific controller files like

  $config["base_url"] = base_url().'index.php/news';

MVC frameworks are very powerful tool, you just have to know their basic consruct.. otherwise you will be lost..

Once you've learned one of them, pretty much the rest are not too hard to understand, because they are almost all the same. Except, for the symfony it has some wicked derivatives that really need some close attention and learning.

By the time, you get into pagination with CI, you probably expert in routing all …

You should be rewarded for solving this question. :) Check your skill endorsement...I pretty seldom I stop by in this part of Daniweb. It is not that I can't do all these things, but I found the other side more challenging..

just add something like this

move_uploaded_file($tmp_name, '/upload/images/photos/' . $name);
echo  '<img src="uploads/'.$name.'"/>';

on the file_exists declaration, just update the location..

The script above shows the image uploaded... you can change it to your #2 request.

I will look into this again tomorrow, maybe we can improve your script a little...

try changing this part .. sorry about that...my head just got lost its PHP focus..

 if (file_exists('photos/' .$name)) {
   echo 'The file already exist';
  }

Hi,

Can you try this ?

 for($x = 0; $x < count($files['name']); $x++){
    $name = $files['name'][$x];
    if (file_exists($name)) {
    echo 'File already exist';
    }
    else{
    $tmp_name = $files['tmp_name'][$x];
    move_uploaded_file($tmp_name, 'uploads/' . $name);
    }
    }

try it out first, I will help you out with the echo part of your question later.. My LAMPP is tied up with the JAVA testing..

Hi,

For my own personal experimentation potential, what is the purpose or benefit of having the data inserted to db as json encoded Vs. the Conventionals?

Hi,

try ....>>

Open your php.ini file and tell us what are the value assigned to mail directives

[mail function]

we need to see the entire block..
go to code.google.com and search for phpmailer

Back to your server locate which mailer is installed e.g. mercury, etc

In the same level as your php directory find sendmail directory.. in linux this is normally located in the etc directory, but different php application preferences can change the exact location sometimes it is inside the bin directory. YOu just need to know the locations of things in your own server.

in send mail directory find sendmail.ini
load sendmail.ini to gedit or notepad++ find [sendmail] directives

Within the [sendmail] block define

smtp_server=localhost
smtp_port=25
;auth_username=
;auth_password=

change it to something like this..example below uses the smtp.gmail..you can user yahoo, or msn.. the choice is yours..

smtp_server=smtp.gmail.com
smtp_port=587
auth_username= YourAccountUserName@gmail.com
auth_password= YourGmailAccountPassword

Go back to your PHP.ini file and set the mail function directives to this.. it should be the as what we have on the sendmail block.

SMTP = smtp.gmail.com
smtp_port = 587
sendmail_from = YourAccountUserName@gmail.com   

Restart your server..

Run your php mailer script..

If you will using the gmail smtp port, make sure you logon to your google email account and click on the red bar confirmation on top of the page, and authorize your server IP to use the smtp OTHERWISE! …

Please allow me to add my opinion about developing an extensible codes in OOP. It is always nice to start on the right track than going back for some bits and pieces that were left behind.

There are 10 design patterns in PHP. I was 13 when I first hit my keyboard to type <?php ?>, and as far as I can remember there were only 3 to 5 design patterns commonly used in PHP. Today, PHP has become a powerful Object oriented programming language and the design patterns acceptable to PHP development are now 10. It might be more, but I will only give the 10 to help you out which one will be your gig.

Just be very careful though, because design pattern does not apply to all situations. Important quote I picked up along the way "When you are holding a hammer, everything looks like a nail."

The reason I brough up this subject is to help people know that for every application there is a proper tools or coding techniques that should be implemented. I know very well that typing echo "this" returns the string "this", but that is only a speck of dust hovering by the PHP's front door. The core of PHP is evolving at an extremely high speed. If you ever tried writing codes in python or ruby there isn't a lot of upgrade activity there, while in PHP the update is happening every day if not hours.

After learning the construct, one …

sorry, I have to remove my answer.. someone already posted a response on the duplicate version of this question..

sorry, I forgot to comment on your original question..

change this on line 62

<script>alert('Access Denied!');</script><?
goToURL("index.php");

to this

<script>alert('Access Denied!');</script>

<?php
goToURL("index.php");

Make sure to make corrections on all occurences of <?. For now, stay away from using the short tags. You can use later on..

@1a2p3a4c5h6e,

!Warning! Codes are not tested... but should work with pretty minor tweaks, just fix my excess parenthesis or missing quotes...

Just another humble thoughts of refactoring your codes is to use a framework style routing. To be able to do this, you will have to ** rename your php pages after the action** (the same as the action name, literally).

Can pretty much eliminate the elseif --if not all, as shown by simple routing function below.. You can also use FILE to make it like a wordpress style.. the choice is yours.. You are always welcome to add switch within the function to accomodate other file names as needed..

function get_Action($action,$directory){

$include_this_file = basename($_SERVER['SCRIPT_NAME'], '.php');

if(($include_this_file !=="") || (file_exists($directory .'/'. $include_this_file))){

    return $directory.'/'.$include_this_file;
}       
else{
     return $directory.'/show_laporanbelajar_guru.php';
     }
}

We can easily use it like this

include_once(get_Action(getParam('act'),'viewer'));

We can further refactor the above function by using a single line return.. similar to the common practices in Ruby or Python..thus, eliminating the else completely..

return((($include_this_file !=="") || (file_exists($directory .'/'. $include_this_file)))? $directory.'/'.$include_this_file : $directory.'/show_laporanbelajar_guru.php');

hi,

I am not sure, what you are trying to make here, but here is an example. Assuming $data is an array..

<?php

    $data2 = array('c'=>'http://google.com');

?>

<input type="button" value="Click Me Please" onClick="alert('Next Time! You don\'t have to click me that hard. Click OK if you agree.'); window.location.href='<?php echo $data2['c']?>'">

We can also store the output into array for external use.. something like this

$output = array();
while($row = mysql_fetch_array($result)){

    $output[]= $row;

}

Then we can loop through that array ..each item can be matched, sorted against anything that you feel appropriate.

foreach($output as $item){

echo $item['web_customised_partners_id'];

## do the rest as needed


}

It is also working on my computer.

Dude,

It can't be the same result if you are following my first response, Where it says look for the value of the "Loaded Configuration File"..

The value assigned to the loaded configuration file is the location of the php.ini file currently being loaded by the apache server to initialize the PHP support.. that's simple..

DO NOT EDIT the php.ini file located in the C:\WINDOWSthis is a system php.ini file. Apache needs to at least tell the mother ship what it intends to do..

This-> Loaded Configuration File and NOT this ->** Configuration File (php.ini) Path**

Normally, the loaded configuration file is located in the php directory compiled with the apache2..for example

C:\php\php.ini 

If you are using wamp or xampp, it is more likey located in

C:\xampp\php\php.ini 

To help you out more, this is how the default setting would look like

;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

; Maximum execution time of each script, in seconds
; http://php.net/max-execution-time
; Note: This directive is hardcoded to 0 for the CLI SAPI
max_execution_time = 30

; Maximum amount of time each script may spend parsing request data. It's a good
; idea to limit this time on productions servers in order to eliminate unexpectedly
; long running scripts.
; Note: This directive is hardcoded to -1 for the CLI SAPI
; Default Value: -1 (Unlimited)
; Development Value: 60 (60 seconds)
; Production Value: 60 (60 seconds)
; http://php.net/max-input-time
max_input_time = 60

; Maximum input variable nesting level
; http://php.net/max-input-nesting-level
;max_input_nesting_level = 64

; How many GET/POST/COOKIE input variables may be accepted
; max_input_vars = 1000

; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit
memory_limit = 128M

change this

 ; max_input_vars = 1000

to this

 max_input_vars = 3000

comment line in php.ini file is

;

If you have suhosin installed, consult their docs.

To answer your last question, you can either increase it to or higher. It is your call. Don't forget to restart the apache.

max_input_vars = 3000

I forgot to tell you that you will need to restart the apache server.

Hi,

copy, paste to notepad, save as whateverfile.php, and direct your browser to this file.

<?php 

    phpinfo(); 

    ?>

Look for the value of this

Loaded Configuration File 

Using your windows explorer and locate the php.ini file as shown on your Loaded Configuration File .

Change the values of the following

post_max_size
upload_max_filesize

it is ok to give it a higher value like 200M.

last thing, change this value to a higher value as needed by your php applications..

max_execution_time

Hi,

Please forgive me if I having doubts about these codes (shown below)... maybe this is right and I am definitely wrong. I am not sure though, maybe I was asleep at school when they cover this type of indexer...honestly,

while($row = mysql_fetch_array($result))
    {
    $partners_id[]= $row['web_customised_partners_id'];
    $image_value[] = $row['image_id'];
    $image_filename_value[] = $row['image_filename'];
    $description_value[] = $row['description'];
    $url_value[] = $row['url'];
    $case_study_id[] = $row['web_customised_partners_case_study_id'];
    $CaseStudyTitle[] = $row['CaseStudyTitle'];
    $active[] = $row['active'];
    $show_in_banner[]=$row['show_in_banner'];
    }

Can you test it just this part, and try echoing items in the array?.. For instance, we can test it like

echo  $partners_id;

which is according to your codes it is equivalent to $row['web_customised_partners_id'];

The reason I am asking you test it this way because, I have the assumption (again might be wrong again), it should bring me an **Array to string conversion ** error, unless the error reporting is totally suppressed.

Alternatively, you can also experiment with the PHP object called "Object Iteration" which can probably and specifically pull the first , middle, something in between, and the last item within an array. You can even count it first as suggested above and check the count pointer location, and if it is the it, do whatever you want to do with the it.

Don't have any sample codes right now, because I am currently busy with my JAVA project. Opening the PHP storage room where it resides in my brain will do me no good :).

LastMitch is perfectly correct.. Ask the author first..

To give you the general idea of what it is, it can be explain as simple as this..

$this->class()->the_method_of_this_class();

This process is also called chaining.. However, if it is not a class, but instead they are both methods of the same class, then the expression you have provided is perfectly wrong. Because $this->class() cannot be called within other class unless it is extended or it is an statically declared from somewhere. If they are both methods of the same class or the other is method of a parent class then the declaration should be somethin like this.

$this->method($this->method_1(),$this->method_2());

Which is simply an elaboration of nothing, but equal to

some_function($var_1,$var_2);

you can also try this... copy and save anyname.php. Upload to the public directory of your server or the location where the upload script resides.

<?php 

phpinfo(); 

?>

Direct your browser to this file e.g. yourdomain.com anyname.php. Let us know these values

1. Server API = this could be either fast cgi, or apache module
2. Loaded Configuration File = this is the php.ini file currently being utilized by your server, and it is responsible for practically all php related restraints
3. post_max_size= newly installed php is normally given a default value of 2m .. I would guess in your case it is only set to 50M
4. max_execution_time = this is the time alloted to your php applications before the server will terminate it regardless if upload is finished or not, or the script has been successfully executed or not. You may want to change this to something around 1800.. you can change this value to your needs.
5. upload_max_filesize = What ever value you have given to the post_max_size must be given to this.

If your server API is apache module, then you will have to edit the php.ini file in the loaded configuration file location. However, there is another way of tweaking the upload limit in apache module API. This can be done by adding simple entries on .htaccess file.

Else if, your server API is a fast CGI or other derivatives of CGI, then a php.ini additional settings or modifications can be be uploaded in the directory(OR UNDER YOUR …

Hi,

Two doors where the shell hack can take over the server.

1. First, the ftp credentials of the server users where maliciously stolen from the PC. For example, sitemanager.xml of filezilla is an easy target because it is just a text file that can be grab and send to the trojan executioner.

2. Second, entry by force and slow cooking. This method is used along with the cURL remote form spoofing. What happened here is that they create an alpha numeric array base e.g. A, a, B, b, C, c, 1,2,3,4,and the list goes on., they go to the target site and attempt a fake registration just to find out how many characters, what type of characters are allowed for a password, they look around to the site and look for any valid registered users e.g. admin. Once they find all these info., they feed the cURL with the random alphanumeric combination using your own password control. They continue to do this process in loop for X^n where x is the sum of alpha numeric in the array and n = x/no. of minimum and maximum password characters required.

something like this, but I am not going to make the code even near to a working codes..

$pass_array = array(## all possible allowed alha-numeric ##);
$pass_cCount = 12; ## minimum

$generate_fake_password = randomized_array($pass_array,$pass_cCount);

$gnenrate_md5_pass = md5($generate_fake_password);

The expected output of the above script is feed to the cURL as password e.g.

$y = 0;
while($y<= 10000000000){

    ## do this …

Hi,

You may want to try using array_push() function.

example of usage...

<?php
    $bd= array('1','420'); 

    array_push($bd,'2','520');

    echo $bd[0].'<br/>';
    echo $bd[2].'<br/>';
    echo $bd[1].'<br/>';
    echo $bd[3].'<br/>';

Hi,

Do as suggested by arti18, and then you go like this just right after the delete query..

WARNING! make sure the page reponsible for deleting items both database entries and images in the directory, must have a controlled access. Otherwise, if the search spider is able to crawl these images and accidentally followed the delete link, all of your images will be gone in one sweep...

first we check if the file exist.. let say the file name you have in the directory is based on the image_id.ext, and it is located in the imagedirectory.. we can do like this

## the delete query here..
## put the mysql error here.
## check if the file exist
    ## define the location of the image to be deleted
    $image_file = 'YourImageDirectory/'.$image_id.'.jpg;

 if (file_exists($image_file)) {
    unlink($image_file);
    echo 'image deleted';
} 
else {

    echo 'image does not exist';
}

Alternatively, we can write a simple class for the upload processor, and then just add the methods for database insert and delete..

Hi,

So, you deliver this script to your client? You use the client's gmail account to send mail through script?

If that is your case, all you have to do is tell your client to run the script one more time, and then a failure should occur again, instruct your client or whoever owned the email address to login to their google account. Upon successful login to the gmail account, wait for the red bar notification on top of the page, click this notification and confirm that they have knowledge of the server's IP sending an email and requesting an authorization using their gmail account credentials..

kind of like this...

server PHP MAIL---> initiate mail function -->use gmail account credential instead of the server's default -->data send to gmail for authentication-->

Authentication response--> true? email is sent
Authentication response--> false? SMTP server error: 5.5.1 

I might have the wrong understanding about your question.