|
PHP - Lock Includes Folder
I have a folder with php includes files and one of them has the username and password of the database. Is there any way that i can lock the folder and unlock it with php. Or do it using the cpanel of my server?
Similar TutorialsHi All: I have general question on php... if I have an "includes" folder, and on IE somebody goes directly to it, like: http://www.site.com/includes on IE, they can see the folder-tree- directory. So, files like config.php, or mysql.php could be visible. My question is, is this safe?? couldnt people then just drag-copy the file over into their system? or somehow open it, view its contents? I dragged-copied a .php file into my desktop, but nothing shows up when I open in in notepad. As opposed to opening another file that was also .php but which only had javascript code in it, and the javascipt did show up. So, I take it, it should be ok?? as it seems like it works as if the .php page actually had been loaded on a web-browser... doesnt show the php code... well, appreciate comments, feedback on this... what woudl be the best way to protect files like this? htaccess-protect? or is this not something to be overly concerned about?? From what I can tell looks like a lot of site are setup this way... so must be ok... ha? Thanks! how to get the domain name of a website which includes my includes file. The code would need to be put within my includes file so when any site includes it the file will get the sites domain. to $currentDomain i have tried using: echo file_get_contents() instead of includes but i get the same issue I get back the includes domain. then code i have tried (in the includes file): Code: [Select] $curdomain1= $_SERVER['HTTP_HOST']; $pageUR1 = ereg_replace("/(.+)", "", $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]); $curdomain2 = str_replace("www.", "", $pageUR1); echo "<br> 1# Current Domain: ".$curdomain1; echo "<br> 2# Current Domain: ".$curdomain2; I got this script: But it give me error, file_get_contents cannot open stream. I need to add the FTP connection with user/pass paramaters. then look in set http url, to get the file contents(images) and transfer to ftp server location. Can Anyone take alook and tell me if I am going down the right path and how to get there. Please Code: [Select] function postToHost($host, $port, $path, $postdata = array(), $filedata = array()) { $data = ""; $boundary = "---------------------".substr(md5(rand(0,32000)),0,10); $fp = fsockopen($host, $port); fputs($fp, "POST $path HTTP/1.0\n"); fputs($fp, "Host: $host\n"); fputs($fp, "Content-type: multipart/form-data; boundary=".$boundary."\n"); // Ab dieser Stelle sammeln wir erstmal alle Daten in einem String // Sammeln der POST Daten foreach($postdata as $key => $val){ $data .= "--$boundary\n"; $data .= "Content-Disposition: form-data; name=\"".$key."\"\n\n".$val."\n"; } // Sammeln der FILE Daten if($filedata) { $data .= "--$boundary\n"; $data .= "Content-Disposition: form-data; name=\"".$filedata['name']."\"; filename=\"".$filedata['name']."\"\n"; $data .= "Content-Type: ".$filedata['type']."\n"; $data .= "Content-Transfer-Encoding: binary\n\n"; $data .= $filedata['data']."\n"; $data .= "--$boundary--\n"; } // Senden aller Informationen fputs($fp, "Content-length: ".strlen($data)."\n\n"); fputs($fp, $data); // Auslesen der Antwort while(!feof($fp)) { $res .= fread($fp, 1); } fclose($fp); return $res; } $postdata = array('var1'=>'today', 'var2'=>'yesterday'); $filedata = array( 'type' => 'image/png', 'data' => file_get_contents('http://xxx/tdr-images/images/mapping/dynamic/deals/spot_map') ); echo '<pre>'.postToHost ("localhost", 80, "/test3.php", $postdata, $filedata).'</pre>'; I'm not sure if JS or PHP is causing my browser to lock up when I access this page. I have a database of zipcodes ... approx. 70,000 of them. I have a php loop put them into a JS array. I then want JS to create a drop down with all the zip codes. On Chrome it completely doesn't work. On FF it will loop to about 64,000 and then give a warning that the script is taking too long. Reading up on google it seems that JS should be able to handle an array much bigger then mine... so what could be he problem? <script language="javascript"> function addOption(selectbox,text,value ) { var optn = document.createElement("OPTION"); optn.text = text; optn.value = value; selectbox.options.add(optn); } <?php //TESTING $con = mysql_connect("","",""); mysql_select_db("", $con); //END TESTING $data = mysql_query("SELECT postalCode FROM geo_city WHERE postalCode !='' ORDER BY postalCode ASC") or die(mysql_error()); echo 'function addOption_list(selectbox){ var zip = new Array("VOID"'; while($info = mysql_fetch_array($data)){ echo ',"'.$info['postalCode'].'"'; } echo ');'; ?> for (var i=0; i < zip.length;++i){ addOption(document.drop_list.zip_list, zip[i], zip[i]); } } </script> </head> <body onLoad="addOption_list()";> <FORM name="drop_list" action="" method="POST" > <SELECT NAME="zip_list"> <Option value="" >Zip Code list</option> </SELECT> </form> I have a little php site that looks up data in my crm database quickly and easily on my iphone. Right now it's wide open because I'm in and out of it all day and trying to input uid/pw into a secure login page is a pain in the rear. (we're not talking about sensitive data here and I'm the only user.) So, I would like to design a screen with several large graphic buttons and be able to touch those buttons in a specific sequence that would functionally allow a secure login. Similar in concept to the android screen lock. You touch a sequence of numbered buttons and voila, the screen unlocks. It does not open a text field for data entry into two separate fields. So if my access code was 1,2,3,4 and the screen was divided into quarters with a large number on each one, I would touch the buttons in that order and it would open the main page. How would this best be accomplished? Is there a php function to essentially build a variable through successive key presses? then with a final submit it would just check that against a "secret code" and allow access. Thanks for any input. I want to copy everything in templates/blue to the folder code/ However: shell_exec("cp -r 'templates/blue' 'code'"); Creates a folder called blue inside code. I tried cp -r 'templates/blue/*' 'code', but that didn't do anything. Any ideas? Hello All, I have a custom session.set_save_handler to handler sessions for my application. It seems to work fine. The database table is of type innodb. I see some errors in my log file of the nature, "(1205) Lock wait timeout exceeded; try restarting transaction". I have a class which contains the session handler callbacks and have made it a singleton class. session_set_save_handler( array($this, "db_open"), array($this, "db_close"), array($this, "db_read"), array($this, "db_write"), array($this, "db_destroy"), array($this, "db_gc") ); In my "db_read" method, I am doing a "SELECT FOR UPDATE" on the row with the session id. So, while performing load testing on my app. which has a lot of ajax calls, I noticed the "lock wait timeout" errors. How do I resolve this problem? Any suggestions? 1) Should I catch these errors and issue a explicit "commit" in the read or write methods? 2) Should I specify a higher timeout value for "innodb_lock_wait_timeout"? Thanks Sorry for the long message but I need HELP!!! I'm somewhat familiar with HTML but very little in PHP, and even less in CSS. My eCommerce program is PHP based so I've had to learn to work with it. I did have someone else initially setup and create my website but over the past few years have taken it further myself. I've fiddled with some of it and looked up how to do certain things, such as have only one header and/or sidebar I can use for all pages. I use Dreamweaver CS4 and FTP with FileZilla. But I'm still new at this and have run into a couple of issues.
My webhost is GoDaddy, my website is MikiCat Designs and after fiddling for months, in March finally got my site to where I liked it. Unfortunately, I haven't kept it up. Anyway, I went there a couple of weeks ago and found that the PHP includes I'd had in the HTML files were no longer working. I get the error [an error occurred while processing this directive]. Weird. Worked fine before, now it doesn't. Called GoDaddy who says they didn't do anything . Uh huh. Now I know I didn't do anything since I haven't updated the site in 4 months! So, what could have caused this problem? I've had no idea how to fix it other than to change the index.html to index.php and, of course, do a minor repair on the include. Works fine and my header.php and leftsidebar.php show up again. Yay! Herein lies another problem. My header and sidebar link to other files some of which were HTML files. But those HTML files had the same header and sidebar issues as my INDEX file. This had to be fixed so I changed them to PHP. Still working on the changes. I deleted most of the HTML files from the server. So the links in my header and lefsidebar files now point to PHP files. e.g., gallery.html to gallery.php. When called on it's own, gallery.php shows up perfectly. But, no matter what I do, the header file still tries to load the HTML file!!! It's driving me crazy. What have I done wrong? I've deleted them both, refreshed, cleared cache and uploaded them again but I still get the same error. If you click on Gallery in the header, it tries to link gallery.html not gallery.php! Funny thing is, the leftsidebar now works perfectly and points to the proper PHP files. I'm completely confused now. I don't know why my header is insisting on trying to load the HTML page instead of the PHP. But here's my header code. Lines 41 and 42 work, lines 43, 44 and 45 do not. * Quietly banging head against wall while awaiting help.
<html>
<body>
<!-- begin #header -->
<!-- begin Facebook script -->
<div id="fb-root"></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
<!-- end Facebook script -->
<div id="container">
<div id="headerright">
<form method="post" action="search.php">
<input type="hidden" name="posted" value="1"/>
<input type="text" name="stext" size="16"/>
<input type="submit" name="Search" value="Search"/> </form>
</div>
<div id="headerright1">
<form method="post" action="cart.php">
<input type="hidden" name="posted" value="1"/>
<input type="image" name="Submit" src="images/cartgrn.gif" />
</form></div>
<div id="headerright2">
<form method="post" action="clientlogin.php">
<input type="hidden" name="posted" value="2"/>
<input type="image" name="Submit" src="images/login2.gif" />
</form>
</div>
<div id="header">
<div id="PLHIMYFUFUJCDiv" style="position:absolute; left:567px; top:82px; width:490px; z-index:50; white-space:nowrap; direction:ltr;">
<div id="PLHIMYFUFUJCMain" style="width:490px;height:40px">
<ul style="margin:0px;padding:0px;font:italic normal bold 14px Georgia,Times New Roman,Times,serif;">
<li style="float:left;list-style:none;text-align:center;width:98px;height:40px;background-image:url(images/homenav.gif);"><a href="http://www.mikicatdesigns.com" target="_self" title="MikiCat Designs" style="display:block;height:28px;padding:12px 0px 0px 0px;color:#00008b;text-decoration:none;">Home</a></li>
<li style="float:left;list-style:none;text-align:center;width:98px;height:40px;background-image:url(images/homenav.gif);"><a href="http://www.mikicatdesigns.com/categories.php" target="_parent" title="Handmade jewelry and accessories " style="display:block;height:28px;padding:12px 0px 0px 0px;color:#00008b;text-decoration:none;">Products</a></li>
<li style="float:left;list-style:none;text-align:center;width:98px;height:40px;background-image:url(images/homenav.gif);"><a href="http://www.mikicatdesigns.com/gallery.php" target="_parent" title="Handmade jewelry gallery of past lives" style="display:block;height:28px;padding:12px 0px 0px 0px;color:#00008b;text-decoration:none;">Gallery</a></li>
<li style="float:left;list-style:none;text-align:center;width:98px;height:40px;background-image:url(images/homenav.gif);"><a href="http://www.mikicatdesigns.com/aboutmikicatdesigns.php" target="_parent" title="Learn about MikiCat Designs" style="display:block;height:28px;padding:12px 0px 0px 0px;color:#00008b;text-decoration:none;">About Us</a></li>
<li style="float:left;list-style:none;text-align:center;width:98px;height:40px;background-image:url(images/homenav.gif);"><a href="http://www.mikicatdesigns.com/contactmikicatdesigns.php" target="_parent" title="Contact MikiCat Designs" style="display:block;height:28px;padding:12px 0px 0px 0px;color:#00008b;text-decoration:none;">Contact Us</a></li>
</ul></div><div id="PLHIMYFUFUJCLevel2" style="float:left;width:490px;height:40px;"></div>
<script type="text/javascript" src="Pluginlab/Scripts/PLHIM.js">/* PLHIMMenu script ID:PLHIMYFUFUJC */</script>
</div>
<!-- end #header -->
Hi all My site is build using php includes. the index.php file contains code like <?php if(@$_GET['page'] == "web-design"){ include("includes/web-design.php"); } else if(@$_GET['page'] == "hosting"){ include("includes/hosting.php"); } else { include("includes/home.php"); } ?> I have created a sub domain blog.maplewebdesign.co.uk and a sub dircetory named blog. The link to this part of my site doesn't use includes, I want it to link directly to that sub directories index.php page. This works fine, but then when I click on a different link anywhere on the site my url is as follows www.maplewebdesign.co.uk/blog/index.php?page=home For some reason it is keeping the blog/ in the URL If you want to see go to http://www.maplewebdesign.co.uk/blog/ then click on a differnt link and check out the URL What am I doing wrong? Thanks Adi hi This problem is the most strange thing that i seen in the last times. this code works Code: [Select] <?php function conecta () { $host = "localhost"; $senha = "vertrigo"; $login = "xxx"; $database = "emprego"; $conexao = mysql_connect($host,$login,$senha) or die(mysql_error()); mysql_select_db($database,$conexao)or die; } conecta (); //more ?> but this doesn't work Code: [Select] <?php require("includes/f_banco.php"); conecta (); ?> I never seen something like that. Any ideia? the paths are correct, the bd is correct and the query works when i put the function conecta() directly in the php file. Thanks If one file includes another, do I need to start a session in each, or does the included file "inherit" the session? script_1.php // Initialize Session. session_start(); // Require Function require_once('script_2.php'); script_2.php // Initialize Session. session_start(); DO I NEED THIS HERE????????? if ($_SESSION['loggedIn'] == TRUE){ do something } Debbie Hey everyone, I am trying to secure php includes and I wrote the following lines: Code: [Select] <?php $dir=scandir('.'); if (in_array('copyright.php',$dir)) { include('copyright.php'); } else { echo 'That page could not be found'; } ?> Is this code secure enough, can anyone help me improve it? Thanks in advance. Hey people! I'm currently working on an free API that i will be sharing with the web community in the next few months and had a question that much of this project hinges upon: Is there a way to allow a remote include of one php file from my server? Case: I am allowing 2 ways for users to access the APi: 1. Using AJAX or cURL accessing a REST method over POST or GET (This part is already functional) 2. Allowing an include of the API Library I'm not sure if it will be completely opensource yet, only free, this is why I don't want to simply provide the source files to users. Example of what I would like to do: <?php include('http://mysite.com/myAPI/classLib.php'); ?> Anybody have a solution for that?? Thanks in advance, E Ok, I am sure this is really simple for all of you, but I have very little experience with php. I haven't sat down to learn php yet, but I will when I have more free time. In the meantime I have the following issue: The site is http://astoryaday.fromyay.com/ I have all the stories in the /stories/ directory, all named 20110504.html, 201105005.html, etc. Every day I write another story, I name it following that pattern, and drop it into the /stories/ folder. I only want the newest story displayed on the page. So I wrote a little script that is: Code: [Select] <?php $files = glob("stories/*.html"); sort($files); $newest = array_pop($files); include($newest); ?> Now, what I want to do, is in the footer, put an Archive that will look like this: -2012 --January ---03 ---02 ---01 -2011 --December ---31 ---30 And upon clicking on the dates, the story from that day will replace the story that is currently included. Any help of how to get this done would be appreciated! Thanks Hi, Im pretty much self taught when it comes to php, never read any books just picked things up as i go, and im looking for some advice on how i build my pages as i believe im not approaching it correctly. Basically i build an index.php, this contains my header, footer, and any menus i may have, then for my content pages, in this case products, contact, about us i use use an include so these content pages just have content. Now by doing this my address bar looks like this index.php?location=contact.php for the sake of google and search results and so on, am i limiting my ability to be found by not using a differant file for each page? should i include a header, footer, menu etc within my content pages rather than the other way around? Thanks in advance for any advice. I did some googling and it seems you cannot include a file with an anchor: i.e include "hello.php#foo"; How do you guys go back to the middle of the page of an included file? Do you just not include files with anchors? I wanted to run my entire site inside index.php and just use includes to diplay the appropriate file, but I also need anchors to go to the middle of the page on some of those files. OK I'm 98% new to PHP. I'm trying to do my own website and my idea will work something like this: index.php ____________________ Header + Nav {PHP INCLUDE} Footer ____________________ The content will reside in another *.php page If you look at www.avlscotland.com/test 'temporary' It loads default.php when you go to the page which is perfect. I have it working in basic form although only the hyperlinks HOME - ABOUT AVL - DEAD LINK are active at this moment. So it works this way with everything in the same directory, but I want it to load the content from a subdirectory /test/pages/content.php This is the PHP code I am using <?php // Check if page has been requested if (!isset($_GET['content'])) { // Page has not been requested, show default page $content = 'default.php'; } else { // Page has been requested, validate page exists, show page $content = $_GET['content'].'.php'; } // End if page has been requested // Check to see if page exists if (file_exists($content)) { // Page exists // Show page include("$content"); } else { // Page doesn't exist echo '<br>'; echo '<br>'; echo '<br>'; echo 'Sorry, the page that you are trying to access does not exist.<br>'; echo 'Please return to <a href="http://www.avlscotland.com/test/index.php">AVL Scotland</a><br>'; echo '<br>'; echo 'Thank you.<br>'; } // End if page exists ?> I'm accessing the pages using links like <a class="menuactive" href="test/index.php?content=avl">Home</a> What I'm struggling to do is make the PHP look for the content files in a sub-directory. Look forward to any help you can offer. Thanks, Ross This sounds like what i want to do. I am using includes for header, footer, and contents which go into a table to keep them organized and a standard look. I can put it all together well, except i dont know how to change the contents.php. I could eventually have hundreds of content pages. Right now i just have one and named it contents.php. So if i add another and called it contents2.php for example, how do i call it or replace the original contents.php. If i used a plain page i could just link to the next page but i dont want to do that. I have a very simple page, where I use the include statement that includes my connection string. The connection string and a variables are not being passed to my test server - (WAMP). My include file is below
$server = "servername";
$username = "username";
$password = "";
$database = "dbname";
$portNumber = 3308;
$link = mysqli_connect($server,$username,$password,$database,$portNumber);
if(!$link)
{
echo "cannot connet to the server";
}
else
{
echo "This works";
}
echo "Hi";
I am including this file with the following code:
include ("includes/connect.inc");
My site is not connecting to the database, and is not displaying "This works", or "Hi". Do you have any pointers on how to get this connect?
|
|||||||