[PHP] Newbie question: Page Counter
Hey! I'm a bit new at PHP, my page's at http://www.marthe.com. My problem is that the counter on the page, from TheCounter.com, is far too ugly. Since I'm updating the page, I'm wondering if anyone has any good ideas on how I should make one and what I should do. Greetings, Marthe -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Newbie question: Page Counter
>then make a file called count.inc and chmod it to 777 so anyone can write to >it. insert a number into the file. Hey! I tried to make this counter.php-file, that went ok, I think My problem is to make the count.inc-file, I could make it but I have no idea how to put "chmod" to "777" in it. The number I am supposed to insert in the file is that just how many that has allready visited or what is it? And, it's just to insert a number, because I'd like it to allready have the number that's on the counter I have today... /Marthe -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Safety with PHP.
Hey you guys! I'm a new girl at this, and wondering on a question that might be simple for you. Yesturday I started to learn PHP and proud I showed it to a friend of mine, what I had learned. The first thing he did was check the safity of it and very easy he found the list over all the users of the server, f.ex. I'm glad I didn't upload the new pages as frontpages yet =) What can I do to prevent this and how can I build the pages safer than they are today? Perhaps it would be a good ide to learn basic Linux, I'm also considering to buy another computer to use with Linux. Greetings, Marthe -http://www.marthe.com (under construction!) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Safety with PHP.
Well, since I'm a newbie and also Norwegian it ain't that easy to explain
very simple.
What he did was that he entered a file that showed all the users of the
server, as I said, and he told me this was kindof insecure.
To prevent it he showed me a code that would help a bit.
$filename=str_replace("..","",$filename);
$filename=str_replace("/","",$filename);
$filename=str_replace("%20","",$filename);
He used /, .. and %20 to reach this file on my server.
/Marthe
-Original Message-
From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 03, 2001 7:44 AM
To: Marthe Kristiansen
Cc: Php-General
Subject: Re: [PHP] Safety with PHP.
Not much to go on here. Basically don't do whatever it was you did. And
yes, understanding the environment you are working in, both the OS and PHP
and whatever 3rd party stuff you hook PHP up to is the first step to
making stuff secure.
-Rasmus
On Tue, 3 Apr 2001, Marthe Kristiansen wrote:
> Hey you guys!
>
> I'm a new girl at this, and wondering on a question that might be simple
for
> you.
> Yesturday I started to learn PHP and proud I showed it to a friend of
mine,
> what I had learned.
> The first thing he did was check the safity of it and very easy he found
the
> list over all the users of the server, f.ex.
> I'm glad I didn't upload the new pages as frontpages yet =)
> What can I do to prevent this and how can I build the pages safer than
they
> are today?
> Perhaps it would be a good ide to learn basic Linux, I'm also considering
to
> buy another computer to use with Linux.
>
> Greetings,
> Marthe
>
> -http://www.marthe.com (under construction!)
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Safety with PHP.
Is there an easy way to do this when I'm so new at this that I don't quite
understand what I'm doing wrong and how to prevent all those mistakes in the
beginning?
/Marthe
-Original Message-
From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 03, 2001 7:54 AM
To: Marthe Kristiansen
Cc: Php-General
Subject: RE: [PHP] Safety with PHP.
So you wrote a script that took a filename as an argument somehow and did
something with it? That's always going to be insecure unless you do a lot
of error checking on it.
-Rasmus
On Tue, 3 Apr 2001, Marthe Kristiansen wrote:
> Well, since I'm a newbie and also Norwegian it ain't that easy to explain
> very simple.
> What he did was that he entered a file that showed all the users of the
> server, as I said, and he told me this was kindof insecure.
> To prevent it he showed me a code that would help a bit.
>
> $filename=str_replace("..","",$filename);
> $filename=str_replace("/","",$filename);
> $filename=str_replace("%20","",$filename);
>
> He used /, .. and %20 to reach this file on my server.
>
> /Marthe
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
