Re: [PHP] client time zone?
jekillen wrote: > Hello; > I am running a server that is using UTC and I want to be able to > convert to clients local time in some display presentations. > Is this indicated by $_SERVER["REQUEST_TIME"]? Is there such a value at all? > If not, is there a way to get the requesting host's > time zone so I can offset the servers clock value correctly? I think you'll need to use javascript. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to secure Flash Video? [Solved?]
Tedd, As Casey noted, there's no totally secure methodolgy, but your's is close enough - everything is wrapped in the Flash movie, so even if the movie is sent on to someone else, that someone has to be approved. We've been doing something similar for several years now, validating against a database and when validation succeeds, issuing a key stored in the database and as a Flash (ach, can't remember the name, but Flash's equivalent of a cookie.) As for people wanting "total security" - unplug everything and go split wood. Most security breaches are internal, and usually all that's necessary is to keep honest people from straying down the wrong path. Cheers - Miles On Jan 5, 2008 1:16 AM, tedd <[EMAIL PROTECTED]> wrote: > Hi gang: > > Here's my logic, so what's wrong with it? > > My sole concern here is to protect a Video from being stolen and/or > being viewed remotely while allowing "approved" users to view it. > > It is a fact that anything you present to a user is theirs. There's > no stopping them from downloading a Video if they have permission to > do so. In fact, that's exactly what they do when they view a Video -- > they can't view it in their browser unless their browser has it. > > Now, I have investigated several ways to protect videos and prevent > caching. Some methods are very complex -- but complexity does not > always guarantee security. Complexity is more likely to present > problems in its application. Sometimes the simplest method is best. > > The simplest protection method I can think of can be done by using > Flash Video Actionscript in concert with php/mysql. > > It's a simple matter to have the Video run the following prior to > displaying: > > theXML.load(http://example.com/security.php) > > That's similar to a javascript onload function. > > Upon loading the Video, the Video will run the script "security.php" > which in-turn will check to see if an approved user is attempting to > view the Video. This done by simply checking a user-id session > variable in the script that delivers the Video. > > If that session variable (user-id ) is empty, then the security.php > returns nothing. > > If that session session is not empty, then the script will check the > user-id against the database to see if the user has permission to > view the Video. If the user does not have permission, then the > security.php script returns nothing. > > If everything checks, then the security.php script will return a key > and the Video will check that key against an internal key -- if a > match is made, then the video plays. > > Now, please note that this will also prohibit the user, even after > paying for the Video, from downloading the Video for future plays > because the Video will always check for a key. > > Even if the user downloads the Video and takes the Video to a remote > player, the Video will still try to run the security script seeking a > key. If the security script is not there, then it fails. Even if the > user figures out that the Video requires a key, the still user has no > way to determine what that internal key is. > > So, I think this will work. What say all of you? Where have I screwed up? > > And, please no one liners that solve the entire mess and make me look > like a fool. > > Cheers, > > tedd > > -- > --- > http://sperling.com http://ancientstones.com http://earthstones.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] client time zone?
To get the clients time offset you'll need to use javascript and date.getTimezoneOffset() But this idea has a problem. It is that you can never trust that the clients time is actually correct. You can get the closest to it by using the server time and offsetting that with the javascript offset value. But you'll never know if the client has the wrong timezone and you'll have to deal with timezones that don't have daylight savings like for instance Iceland :) - Ólafur Waage 2008/1/6, Per Jessen <[EMAIL PROTECTED]>: > jekillen wrote: > > > Hello; > > I am running a server that is using UTC and I want to be able to > > convert to clients local time in some display presentations. > > Is this indicated by $_SERVER["REQUEST_TIME"]? > > Is there such a value at all? > > > If not, is there a way to get the requesting host's > > time zone so I can offset the servers clock value correctly? > > I think you'll need to use javascript. > > > /Per Jessen, Zürich > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] First stupid post of the year. [SOLVED]
At 11:04 PM +0100 1/5/08, Nisse Engström wrote: The page encoding is determined by the HTTP `Content-Type:´ header. Period. A element may provide hints to a browser if the HTTP header is missing (eg. when saving a page to disc). In the presence of a `Content-Type:´ header, the element should be completely ignored. So, if one uses this -- -- preceding everything else on a web page, and also saves that page using UTF-8 encoding, then it's certain that the page will be recognized as UTF-8 across all modern browsers? > And lastly, what's the best encoding to set your browser? I have clients who are all over the place with special windoze characters that appear like garbage in my browser. Set it to detect automatically, with a preference for cp1252 (or windows-1252) which covers a lot of western characters. cp1252 also has the nice property of being compatible with ISO-8859-1, except that it has some extra real characters where 8859-1 has control characters. Interesting that my browser (Safari) doesn't even offer that choice, at least under that name. It does offer ISO Latin, Mac OS Roman, UTF-8, and 34 other language-specific text encodings -- but not 1252. Besides, while I know that the majority of Internet users are windows challenged, I can't bring myself to follow -- I'll stick with UTF-8. :-) Side note: Hopefully some day soon, M$ will stop treating the global user as a second-class-citizen in using PUNYCODE instead of displaying characters (code-points) as intended by the IDNS. I think the "homographic attack" concern is basically a red herring that could be easily solved (if it was really a problem) by simply color coding mixed charset urls. Would work for me. I find it interesting that Safari doesn't show PUNYCODE and the majority of Apple's profits came from "other than US" sources last year -- perhaps this is a result of end-user sensitivity. It's nice to know that when everything else fails, money always seems to work. :-) In any event, thank again for your thoughts. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: DOMDocument->getElementById() isn't working
Christoph Boget wrote:
> Getting the elements by tag name, while iterating through the list I see
> that one of the nodes has an id of 'custom'. However, when I try to get the
> element directly using getElementById(), it doesn't return the node
> properly. Am I doing something wrong?
A common problem. See here:
http://wiki.flux-cms.org/display/BLOG/GetElementById+Pitfalls
Probably easiest to use XPath. Otherwise you have to slightly modify
your HTML...
e.g. replace your getElementById with:
$xp = new DomXPath($oDOMDocument);
$oCustomNode = $xp->query("//[EMAIL PROTECTED] = 'custom']")->item(0);
> Also, as an aside, one thing that I found odd is that count( $aLayoutNodes )
> shows as 1 even though more are found. Huh?
That's because $aLayoutNodes is not an array. It is a DOMNodeList
object. That means it implements the Iterator interface which means it
works with foreach, but not with e.g. count(). Use $aLayoutNodes->length
to see how many nodes there are in the list (i.e. use that as a direct
replacement for count($aLayoutNodes))
(also if the "a" prefix is meant to identify the var as an array I'd
probably change it to the "o" prefix you seem to use for objects...)
Col
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] client time zone?
On Jan 6, 2008, at 8:04 AM, Ólafur Waage wrote: To get the clients time offset you'll need to use javascript and date.getTimezoneOffset() But this idea has a problem. It is that you can never trust that the clients time is actually correct. You can get the closest to it by using the server time and offsetting that with the javascript offset value. But you'll never know if the client has the wrong timezone and you'll have to deal with timezones that don't have daylight savings like for instance Iceland :) - Ólafur Waage 2008/1/6, Per Jessen <[EMAIL PROTECTED]>: Thanks for the info. I can live with this, I think. The javascript can give me a good enough value for what is important. I am tracking registered user use and can compare relative values to see if there is a radical change, indicating that someone may have managed to spoof a restricted connection. That, in addition to the source of the requests can give me an indication of problems. As far as the display is concerned, I can have a help item that informs the user that if the time displayed is not right for their location, they may have their time zone set wrong, or in the case you suggested, they may be in a time zone that does not use daylight savings time, or some other difference. Jeff K jekillen wrote: Hello; I am running a server that is using UTC and I want to be able to convert to clients local time in some display presentations. Is this indicated by $_SERVER["REQUEST_TIME"]? Is there such a value at all? If not, is there a way to get the requesting host's time zone so I can offset the servers clock value correctly? I think you'll need to use javascript. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: website tree
Alain Roger escreveu: Hi, let's imaging we have the following thing : www.mywebsite.com/company/index.php www.mywebsite.com/company/profile.php www.mywebsite.com/services/index.php how can i detect in which address am i ? for example how to retrieve www.mywebsite.com/services or www.mywebsite.com/company There are many methods like using the $_SERVER variable (auto generated) $_SERVER['REQUEST_URI'] or $_SERVER['SCRIPT_NAME'] Try this and tell us :) Breno -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: login and read ad email
Hello,
on 01/05/2008 07:06 PM Yui Hiroaki said the following:
> HI!
>
> I try to login and read ad email in server.
> Does any one know how to do this?
> Below does not run correctly.
>
> Regards,
> Yui
>
> p.s
> I try to see pop3 email.
> I can not find the example!
As I mentioned before POP3 is more complex than that. You are just
authenticating. You need to list the messages in the mailbox and
retrieve them.
I suggest that you use this popular PHP POP3 client class.
It works so elegantly that you can even access messages in your mailbox
as if they were files, with a single line like this:
$message = file_get_contents('pop3://user:[EMAIL PROTECTED]/1');
This gets you the whole message with headers into the $message variable.
If you want to analyze the message to extract the relevant information,
you can use the MIME parser class and with just a few more lines it will
tell you if it is a text message, HTML message, extract any
attachments, etc.
http://www.phpclasses.org/mimeparser
--
Regards,
Manuel Lemos
PHP professionals looking for PHP jobs
http://www.phpclasses.org/professionals/
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
