|
PHP - Making A Php Script Non Accessible To Traffic
How can I make my PHP script non accessible to users? I am wanting to cron the script and don't want anybody to spam the script as it would cause performance issues if it was constantly spammed by a user. Can I put the PHP file anywhere that only the server can run it?
Thanks any info would be awesome.
Similar TutorialsI'm storing website files online and each user can upload their own files and admin can upload files for that user specifically. How would I go about making sure nobody else can download their PDF file? Would it be a case of assigning a folder for each user's documents and not allowing access to any other user to that folder?
Thanks in advance.
I would be needing different picture sizes on different pages on my site but saving different sizes of a single pic is space consuming. I've heard that it's possible to automatically adjust the size of the picture and found a script that ought to make that possible. Unfortunately, it did not work for me. Article: PHP Thumbnail Script Using GD http://www.rainbodesign.com/pub/thumbnails/ Here's the code: Code: [Select] <? // Rainbo Design PHP Thumbnail Maker // Copyright (C) 2005-2010 by Richard L. Trethewey - rick@rainbo.net // All Rights Reserved // If you use this script, I'd appreciate a link! // http://www.rainbodesign.com/pub/ // Defaults $thumbsize = 150; // Default thumbnail width. $imagesource = 'images/default_img.jpg'; // Default image file name. // Set to empty string for no image output on failure. $error = ''; if (isset($_GET['width'])) { $thumbsize = $_GET['width']; } if (isset($_GET['src'])) { $imagesource = $_GET['src']; } $filetype = substr($imagesource,strlen($imagesource)-4,4); $filetype = strtolower($filetype); if (file_exists($imagesource)) { if($filetype == ".gif") $image = @imagecreatefromgif($imagesource); if($filetype == ".jpg") $image = @imagecreatefromjpeg($imagesource); if($filetype == ".png") $image = @imagecreatefrompng($imagesource); $imagewidth = imagesx($image); $imageheight = imagesy($image); if ($imagewidth >= $thumbsize) { $thumbwidth = $thumbsize; $factor = $thumbsize / $imagewidth; $thumbheight = floor($imageheight * $factor); } else { $thumbwidth = $imagewidth; $thumbheight = $imageheight; $factor = 1; } // Create a thumbnail-sized GD Image object $thumb = @imagecreatetruecolor($thumbwidth,$thumbheight); // bool imagecopyresized ( resource dst_image, resource src_image, int dst_x, int dst_y, int src_x, int src_y, int dst_w, int dst_h, int src_w, int src_h ) imagecopyresized($thumb, $image, 0, 0, 0, 0, $thumbwidth, $thumbheight, $imagewidth, $imageheight); // Send output to user as a jpeg type, regardless of original type header("Content-type:image/jpeg;"); imagejpeg($thumb); imagedestroy($image); imagedestroy($thumb); } else { $error = "File $imagesource Not Found"; } // endif file_exists if ($error != '') { header('Content-type:text/plain;'); echo($error); exit; } // endif $error ?> And here's a little instruction (which I have followed as well). Quote All it takes is replacing the "src" parameter in the <img> tag with the URL for the PHP script, including the parameters "src" which contains the path to the original image file, and "color" to select the color for the font. The script also supports a "width" parameter to specify the width of your thumbnail image. Using that script to display the above image as a thumbnail by setting the "src" attribute to "makeThumb.php?src=slides/slide1.jpg", we get the resulting image shown on the right. Can anyone please help me with this script or something similar? Thanks in advance. ^_^ Edit: The problem is that the image is not showing. It appears as if it cannot locate the file source. Hi, Is it possible to make some kind of network/web traffic sniffer than can give you stats on how much p2p, mail etc etc traffic is going out your router? If so, does anyone know of any tutorials on the subject? I would like to be able to detect, for instance, people who are using the TOR browser when they attempt to log in to one of my sites. my traffic report globals can already tell me if they are coming from a TOR node, but I would like to reject a login if an onion system or an anonymity browser is being used. I have only ran into one other site that has the capability of doing this, in terms of talking about forums only, and that is MrExcel: https://www.mrexcel.com/board/ if you try to register an account there with TOR, the page renders and says “we have detected you are trying to use automated queries to register an account”. there are of course, ways to get around that, if you click buttons in a timely manner, so they are not that good. but regardless, the pre-packaged software they bought does the job fairly well. can anyone offer any help in this regard? I know for a fact that most of the big banks in the USA have this covered, so I know that technology exists to block traffic coming from these sources, but I don’t know if it’s available to the little guy like me. hi i need some help . i see some person use bot traffic or proxey taffic software or script like jiggling and hitleap . they give a url of any sites then this software proxey view this websites.. i want asked can it possible stop these bot traffic its any procedure in php or javascript to stop this traffic..
I'm talking like /uploads at the main folder where index.php or index.html goes
These photos theoretically are meant to be publicly viewed anyway so what is bad about that?
Let's say profile pictures.
I mean couldn't anyone scrape facebook and "steal" profile pictures? I don't know why but I'm just wondering.
i need help on this one. i am aiming to make my own smaller version of tineye.com or something similar i do have a function that will compare 2 images in GD. all i have to figure out now is how to spider the default image off of major networking sites like facebook,myspace etc. and list all the results found and the similarity of each picture. the function is something like compare_imgs($path,$source_pic,$comparison_pic) { } Hi guys, I hope you may be able to shed some light on a problem I am having. I am fairly new to PHP although do understand bits and peices such as login system. Basically - I have a website with lets say 10 users (more like 500 but that will do for now!) - Each user has their own page wich is password protected. Each month - I want to be able to upload PDF files to the server - which CAN ONLY BE ACCESSED BY THE RELEVANT user. They must not be able to see each others PDF files. To do this I have been advised to have a non-web accessible folder on my server to put the PDF's in and then use PHP to handle the operation. Therefore my path would be: 1/ User logs into page 2/ User clicks the PDF link 3/ PF link goes to PHP page that checks they are logged in and then the PDF they want before delivering to the server. I do actually understand the theory but my PHP is not at the stage where I can just write the code that will handle the operation. I am also very confused over how to access the non-web accessible files! Could anyone please give me an example of the code I will need to use to a) check the user is logged in (I guess I can use the same code I used for the login) and then b) call the relevant PDF and display it? I have been given a path of c:\blahblahblah to access my PDF files but don't even know how to begin implimenting this! Here is the code I use for my login system. Could anyone show me how to adapt it to get what I need? Thank so much for anyone that can help - hopefully I will be in a position to give back one day! -------------------------------------------- if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM mydb WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; header("Location:" . strtolower($username) . ".php"); AND THEN IN THE HEADER OF THE PAGES <?php session_start(); if(!isset($_SESSION['loggedin'])) { header('Location: /login.php'); } elseif ($_SESSION['username'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) { // Logged in user attempting to view someone else's page header("Location:" . strtolower($_SESSION['username']) . ".php"); exit; } ?> Again - any help would be truly appreciated. I will say now that the last person I asked said "Use the open() function - that'll work!" ...... answers like that are a bit lost on me at the moment and leave me even more confused! Cheers in advance When login in (in login.php), the script is assigning user information to scalar variables like so: $user_name = $assoc['user_name']; $user_id = $assoc['user_id']; Now I'd like to make use of those variables on other pages like this for example: echo "Posted by " . $user_name; I want that to be visible for everybody, even if the user logs out. Any ideas? I am doing more practice, and I am trying to interpret the WHY on some certain aspects of this script. I can get it to work and it works as expected, but I am not sure what it works (got most of it sorted it).. Here is my first question: Question 0. About 3/4 down the script: ($i = 0; $i < $cols; $i++) - cannot understand why $i < $cols is less operator? Shouldn't it be >= cause if it's less won't it miss a record? Question 1. About 3/4 down the script: echo $x = ($i * $rows) + $j; I do not understand what purpose this serves. I echoed the results and it's just scattered multiplication large numbers! You'll see that im echoing out all kinds of data, just so I can see what's going on. <?php $host = "localhost"; $user = "root"; $pass = ""; $db = "simple_mysql"; $cxn = mysqli_connect($host, $user, $pass, $db) or die("Could not connect to the server."); $query = "SELECT * FROM all_illinois"; $result = mysqli_query($cxn, $query) or die(mysqli_error()); $results = array(); while ($row = mysqli_fetch_assoc($result)) $results[] = $row; // output: Array echo $results . "<br />"; $cols = 3; // output: 3 echo $cols . "<br />"; $rows = ceil(count($results) / $cols); // output: 1300 echo(count($results)) . "<br />"; // output: 3 echo $cols . "<br />"; // output: 434 echo $rows . "<br />"; echo '<table style="text-align:left;margin-left:0px;width:500px;">' . "\n"; for ($j = 0; $j < $rows; $j++) { echo " <tr>\n"; for ($i = 0; $i < $cols; $i++) { echo $x = ($i * $rows) + $j; echo $i . "<br />"; if (isset($results[$x])) { $row = $results[$x]; echo $row . "<br />"; echo ' <td><a href="' . $row['state_id'] . '/' . $row['city_name'] . '">' . $row['city_name'] . "</a></td>\n"; } else { echo " <td></td>\n"; } } echo " </tr>\n"; } echo '</table>'; ?> Here is a smaller portion of table dump if it helps at all: -- -- Table structure for table `all_illinois` -- CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `all_illinois` -- INSERT INTO `all_illinois` (`state_id`, `city_name`) VALUES ('135', 'Abingdon'), ('135', 'Adair'), ('135', 'Addieville'), ('135', 'Addison'), ('135', 'Adrian'), ('135', 'Akin'), ('135', 'Albany'), ('135', 'Albers'), ('135', 'Albion'), ('135', 'Alden'), ('135', 'Aledo'), ('135', 'Alexander'), ('135', 'Alexis'), ('135', 'Algonquin'), ('135', 'Alhambra'), ('135', 'Allendale'), ('135', 'Allerton'), ('135', 'Alma'), ('135', 'Alpha'), ('135', 'Alsey'), ('135', 'Alsip'), ('135', 'Altamont'), ('135', 'Alto Pass'), ('135', 'Alton'), ('135', 'Altona'), ('135', 'Alvin'), ('135', 'Amboy'), ('135', 'Anchor'), ('135', 'Ancona'), ('135', 'Andalusia'), ('135', 'Andover'), ('135', 'Anna'), ('135', 'Annapolis'), ('135', 'Annawan'), ('135', 'Antioch'), ('135', 'Apple River'), ('135', 'Arcola'), ('135', 'Arenzville'), ('135', 'Argenta'), ('135', 'Arlington'), ('135', 'Arlington Heights'), ('135', 'Armington'), ('135', 'Armstrong'), ('135', 'Aroma Park'), ('135', 'Arrowsmith'), ('135', 'Arthur'), ('135', 'Ashkum'), ('135', 'Ashland'), ('135', 'Ashley'), ('135', 'Ashmore'), ('135', 'Ashton'), ('135', 'Assumption'), ('135', 'Astoria'), ('135', 'Athens'), ('135', 'Atkinson'), ('135', 'Atlanta'), ('135', 'Atwater'), ('135', 'Atwood'), ('135', 'Auburn'), ('135', 'Augusta'), ('135', 'Aurora'), ('135', 'Ava'), ('135', 'Aviston'), ('135', 'Avon'), ('135', 'Baileyville'), ('135', 'Baldwin'), ('135', 'Bardolph'), ('135', 'Barnhill'), ('135', 'Barrington'), ('135', 'Barry'), ('135', 'Barstow'), ('135', 'Bartelso'), ('135', 'Bartlett'), ('135', 'Basco'), ('135', 'Batavia'), ('135', 'Batchtown'), ('135', 'Bath'), ('135', 'Baylis'), ('135', 'Beardstown'), ('135', 'Beason'), ('135', 'Beaverville'), ('135', 'Beckemeyer'), ('135', 'Bedford Park'), ('135', 'Beecher'), ('135', 'Beecher City'), ('135', 'Belknap'), ('135', 'Belle Rive'), ('135', 'Belleview'), ('135', 'Belleville'), ('135', 'Bellflower'), ('135', 'Bellmont'), ('135', 'Bellwood'), ('135', 'Belvidere'), ('135', 'Bement'), ('135', 'Benld'), ('135', 'Bensenville'), ('135', 'Benson'), ('135', 'Benton'), ('135', 'Berkeley'), ('135', 'Berwick'); Hello community, I am working on a database of specialties in the hospital I work. The doctor's referral requests are sent to a mySQL database and I have, with the help of online guidance, produced a working php script that displays the information I need it to. However, I need it a little bit more specific. I intend to make multiple copies of this file for each specialty, so that when they open the file they only have the requests for that particular specialty. My question is, with reference to my code below, can I make echo information so that online, for instance, if 'specialty1 = gastroenterology' (as in, that particular specialty that that referral request is for), then only the rows on the database that have that particular text are displayed only? Hope that makes sense. Code below for your reference and assistance is highly appreciated.
<!DOCTYPE html>
<html>
<head>
<title>Specialty Referral Form</title>
<style>
table {
border-collapse: collapse;
width: 100%;
color: #000000;
font-family: arial;
font-size: 10px;
text-align: center;
}
th {
background-color: #588c7e;
color: white;
}
tr:nth-child(even) {background-color: #f2f2f2}
</style>
</head>
<body>
<table>
<tr>
<th>Patient Details</th>
<th>Hospital Number</th>
<th>Date of Birth</th>
<th>Referred by:</th>
<th>New/Repeat Visit to Patient</th>
<th>Specialty</th>
<th>Admission Date</th>
<th>Too Ill for Clinic?</th>
<th>Diagnosis Aware?</th>
<th>Question</th>
<th>History</th>
<th>Medications</th>
<th>Examination</th>
<th>Results</th>
<th>WorkingDiagnosis</th>
<th>Investigation(s) Requested</th>
</tr>
<?php
$conn = mysqli_connect("localhost", "view", "", "referral");
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT patientdetails, hospitalnumber, DoB, referral, admission, specialty1, admissiondate, illness, awareness, question, history, medications, examination, results, workingdiagnosis, investigations FROM referralform";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while ($row = $result->fetch_assoc()) {
echo "<tr><td>" . $row["patientdetails"]. "</td><td>" . $row["hospitalnumber"] . "</td><td>" . $row["DoB"] . "</td><td>"
. $row["referral"] . "</td><td>" . $row["admission"] . "</td><td>" . $row["specialty1"] . "</td><td>" . $row["admissiondate"] . "</td><td>"
. $row["illness"] . "</td><td>" . $row["awareness"] . "</td><td>" . $row["question"] . "</td><td>" . $row["history"] . "</td><td>"
. $row["medications"] . "</td><td>" . $row["examination"] . "</td><td>" . $row["results"] . "</td><td>" . $row["workingdiagnosis"] . "</td><td>"
. $row["investigations"]. "</td></tr>";
}
echo "</table>";
} else { echo "0 results"; }
$conn->close();
?>
</table>
</body>
</html>
I guess what I am looking for is something like echo specialty1 IF it writes a particular specialty and only that specialty. Thank you. Edited April 2, 2020 by samanjOk, first let me tell you what I want to do. Google sends me traffic from many keywords, but I want to track what keyword does best for me as sales and so. The Analytics is good but I can't send the data to outside sites. So I figured this out : from the $_SERVER['HTTP_REFERER'] I can get the "q" value from the _GET and pass it on to track it... now I'm kind of stuck and I know it's easy but can't seem to find the function. This is what I have so far: /* Code to try and store the keyword that was used to find and land on my site. */ $exurl = 'http://www.google.ca/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&rct=j&q=mykeyword&ei=pJ2STMy8MsP-8AaqvuznBQ'; //set a demo refferer url that would usually be $exurl = $_SERVER['HTTP_REFERER'] $refurl = parse_url($exurl, PHP_URL_QUERY); // remove all before and including the "?" echo $refurl; // echo "sa=t&source=web&cd=1&ved=0CBYQFjAA&rct=j&q=mykeyword&ei=pJ2STMy8MsP-8AaqvuznBQ" Ok, so I managed to get the important part out of the google URL, now how do I split this into an array that I can then use. For instance somefunction($refurl, $newarray); and then I could say | echo $newarray['q']; | and it would echo "mykeyword" Of course If there is a space in the keywords I should use the urldecode() function to avoid the % char... Let me know if you know of any way to get this done. Hi Guys I need a PHP function to which I pass two postcodes and it works out the road distance, I dont mind using google or any other API I have managed to fing JS ways and php functions using crow route but I really really need a traffic distance in PHP Please advice, Help Thank you The php code won`t redirect to user/member.php need some help <?php session_start(); include 'includes/database.php'; if(isset($_POST['login'])) { $username = trim(addslashes($_POST['username'])); $password = md5(trim($_POST['password'])); $query = mysql_query("SELECT * FROM Users WHERE Username = '$username' AND Password = '$password' LIMIT 1") or die(mysql_error()); $row = mysql_fetch_array($query); if(mysql_num_rows($query) > 0) { if($row['Activated'] > 0) { $_SESSION['s_logged_n'] = 'true'; $_SESSION['s_username'] = $username; $_SESSION['s_name'] = $row['Name']; header("Location: user/member.php"); } else { echo "You have to activate your account!"; } } } else { echo "You have to fill out the login form!"; } ?> Hi;
I have succesfully managed to route all the traffic to the file controller.php using this command line of .htaccess :
RewriteEngine On RewriteRule (.*) /var/www/html/site/controller.php [L,QSA]Now how to tell the controller.php to process the url that was passed. For example i have tried that: controller.php :
<?php
include( $_SERVER["REQUEST_URI"] );
?>
but the controller.php didn't do anything i keep getting a blank page when i browse any webpage such as site/index.php
so how to tell controller.php to echo the content of the request ? because the user shouldn't notice any change as if there is no controller.php.
Thank you.
Hi everyone! I've been working on a php script to replace links that contain a query with direct links to the files they would redirect to. Hi i have this upload script which works fine it uploads image to a specified folder and sends the the details to the database. but now i am trying to instead make a modify script which is Update set so i tried to change insert to update but didnt work can someone help me out please this my insert image script which works fine but want to change to modify instead Code: [Select] <?php mysql_connect("localhost", "root", "") or die(mysql_error()) ; mysql_select_db("upload") or die(mysql_error()) ; // my file the name of the input area on the form type is the extension of the file //echo $_FILES["myfile"]["type"]; //myfile is the name of the input area on the form $name = $_FILES["image"] ["name"]; // name of the file $type = $_FILES["image"]["type"]; //type of the file $size = $_FILES["image"]["size"]; //the size of the file $temp = $_FILES["image"]["tmp_name"];//temporary file location when click upload it temporary stores on the computer and gives it a temporary name $error =array(); // this an empty array where you can then call on all of the error messages $allowed_exts = array('jpg', 'jpeg', 'png', 'gif'); // array with the following extension name values $image_type = array('image/jpg', 'image/jpeg', 'image/png', 'image/gif'); // array with the following image type values $location = 'images/'; //location of the file or directory where the file will be stored $appendic_name = "news".$name;//this append the word [news] before the name so the image would be news[nameofimage].gif // substr counts the number of carachters and then you the specify how how many you letters you want to cut off from the beginning of the word example drivers.jpg it would cut off dri, and would display vers.jpg //echo $extension = substr($name, 3); //using both substr and strpos, strpos it will delete anything before the dot in this case it finds the dot on the $name file deletes and + 1 says read after the last letter you delete because you want to display the letters after the dot. if remove the +1 it will display .gif which what we want is just gif $extension = strtolower(substr($name, strpos ($name, '.') +1));//strlower turn the extension non capital in case extension is capital example JPG will strtolower will make jpg // another way of doing is with explode // $image_ext strtolower(end(explode('.',$name))); will explode from where you want in this case from the dot adn end will display from the end after the explode $myfile = $_POST["myfile"]; if (isset($image)) // if you choose a file name do the if bellow { // if extension is not equal to any of the variables in the array $allowed_exts error appears if(in_array($extension, $allowed_exts) === false ) { $error[] = 'Extension not allowed! gif, jpg, jpeg, png only<br />'; // if no errror read next if line } // if file type is not equal to any of the variables in array $image_type error appears if(in_array($type, $image_type) === false) { $error[] = 'Type of file not allowed! only images allowed<br />'; } // if file bigger than the number bellow error message if($size > 2097152) { $error[] = 'File size must be under 2MB!'; } // check if folder exist in the server if(!file_exists ($location)) { $error[] = 'No directory ' . $location. ' on the server Please create a folder ' .$location; } } // if no error found do the move upload function if (empty($error)){ if (move_uploaded_file($temp, $location .$appendic_name)) { // insert data into database first are the field name teh values are the variables you want to insert into those fields appendic is the new name of the image mysql_query("INSERT INTO image (myfile ,image) VALUES ('$myfile', '$appendic_name')") ; exit(); } } else { foreach ($error as $error) { echo $error; } } //echo $type; ?> I'm having trouble echoing $year in my script. Listed below is the script, just below ,$result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error());, in the script I try to echo $year. It doesn't show up in the table on the webpage. Everything else works fine. Any help wold be appreciated greatly. Thanks in advance. <?php include 'config2.php'; $search=$_GET["search"]; // Connect to server and select database. mysql_connect($dbhost, $dbuser, $dbpass)or die("cannot connect"); mysql_select_db("vetman")or die("cannot select DB"); $result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error()); // store the record of the "" table into $row //$current = ''; echo "<table align=center border=1>"; echo "<br>"; echo "<tr>"; echo "<td align=center>"; ?> <div style="float: center;"><a><h1><?php echo $year; ?></h1></a></div> <?php echo "</td>"; echo "</tr>"; echo "</table>"; // keeps getting the next row until there are no more to get if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 2; echo "<table align=center>"; echo "<br>"; while($row = mysql_fetch_array($result)) { // make the variables easy to deal with extract($row); // open row if counter is zero if($i == 0) echo "<tr>"; echo "<td align=center>"; ?> <div style="float: left;"> <div><img src="<?php echo $image1; ?>"></div> </div> <?php echo "</td>"; // increment counter - if counter = max columns, reset counter and close row if(++$i == $max_columns) { echo "</tr>"; $i=0; } // end if } // end while } // end if results // clean up table - makes your code valid! if($i > 0) { for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>'; } mysql_close(); ?> </table> This will be my worst-ever question posted on this forum 😀 But here goes.... I have a mySQL script which retrieves data.... then my PHP script creates a text document out of it, and ends with:
$output = ob_get_contents(); The resultant thousand-item list will have some of the items duplicated, with one or more numerals appended, like this:
banana 1 When an item is duplicated and suffixed with more than one numeral, I want only the latest duplicated item, like this:
banana
|
|||||||