|
PHP - Some Help Need Stop Bot Traffic
hi i need some help . i see some person use bot traffic or proxey taffic software or script like jiggling and hitleap . they give a url of any sites then this software proxey view this websites.. i want asked can it possible stop these bot traffic its any procedure in php or javascript to stop this traffic..
Similar TutorialsHi, Is it possible to make some kind of network/web traffic sniffer than can give you stats on how much p2p, mail etc etc traffic is going out your router? If so, does anyone know of any tutorials on the subject? I would like to be able to detect, for instance, people who are using the TOR browser when they attempt to log in to one of my sites. my traffic report globals can already tell me if they are coming from a TOR node, but I would like to reject a login if an onion system or an anonymity browser is being used. I have only ran into one other site that has the capability of doing this, in terms of talking about forums only, and that is MrExcel: https://www.mrexcel.com/board/ if you try to register an account there with TOR, the page renders and says “we have detected you are trying to use automated queries to register an account”. there are of course, ways to get around that, if you click buttons in a timely manner, so they are not that good. but regardless, the pre-packaged software they bought does the job fairly well. can anyone offer any help in this regard? I know for a fact that most of the big banks in the USA have this covered, so I know that technology exists to block traffic coming from these sources, but I don’t know if it’s available to the little guy like me. Ok, first let me tell you what I want to do. Google sends me traffic from many keywords, but I want to track what keyword does best for me as sales and so. The Analytics is good but I can't send the data to outside sites. So I figured this out : from the $_SERVER['HTTP_REFERER'] I can get the "q" value from the _GET and pass it on to track it... now I'm kind of stuck and I know it's easy but can't seem to find the function. This is what I have so far: /* Code to try and store the keyword that was used to find and land on my site. */ $exurl = 'http://www.google.ca/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&rct=j&q=mykeyword&ei=pJ2STMy8MsP-8AaqvuznBQ'; //set a demo refferer url that would usually be $exurl = $_SERVER['HTTP_REFERER'] $refurl = parse_url($exurl, PHP_URL_QUERY); // remove all before and including the "?" echo $refurl; // echo "sa=t&source=web&cd=1&ved=0CBYQFjAA&rct=j&q=mykeyword&ei=pJ2STMy8MsP-8AaqvuznBQ" Ok, so I managed to get the important part out of the google URL, now how do I split this into an array that I can then use. For instance somefunction($refurl, $newarray); and then I could say | echo $newarray['q']; | and it would echo "mykeyword" Of course If there is a space in the keywords I should use the urldecode() function to avoid the % char... Let me know if you know of any way to get this done. How can I make my PHP script non accessible to users? I am wanting to cron the script and don't want anybody to spam the script as it would cause performance issues if it was constantly spammed by a user. Can I put the PHP file anywhere that only the server can run it?
Thanks any info would be awesome.
Hi Guys I need a PHP function to which I pass two postcodes and it works out the road distance, I dont mind using google or any other API I have managed to fing JS ways and php functions using crow route but I really really need a traffic distance in PHP Please advice, Help Thank you Hi;
I have succesfully managed to route all the traffic to the file controller.php using this command line of .htaccess :
RewriteEngine On RewriteRule (.*) /var/www/html/site/controller.php [L,QSA]Now how to tell the controller.php to process the url that was passed. For example i have tried that: controller.php :
<?php
include( $_SERVER["REQUEST_URI"] );
?>
but the controller.php didn't do anything i keep getting a blank page when i browse any webpage such as site/index.php
so how to tell controller.php to echo the content of the request ? because the user shouldn't notice any change as if there is no controller.php.
Thank you.
I have a system setup to pull a while() query out of a file. As follows: // In another file that is included into the one I'm running. $support_1_start = './includes/modules/while/support.1.open.php'; $support_1_stop = './includes/modules/while/support.1.close.php'; // The actual file. include($support_1_start); // This starts the mysql while() query. ?> // Data should be displayed here... <?php include($support_2_stop); // This ends the mysql while() query. The only problem is that I'm getting the following error: Code: [Select] Parse error: syntax error, unexpected $end in /home/nuke/public_html/includes/modules/while/support.1.open.php on line 16 I assume its because I included the while() function, but didn't close it in that file, but instead another file. Maybe you know how to fix this? If you want my complete source code in order of what is ran: http://www.nuclear.apnx.us/source.txt I need a way to keep entrys into a database from being doubled. The issue is that on something like %7B%7D that is the same as {} in html. So if one is entered in with the percentages and one is entered in normal, the data base thinks they are two different items even though they could be the exact same thing. Now when I insert the new item into the data base the value ='s mysql_real_escape_string(htmlentities(item)) is how I do it now. This is wrong im guessing cause it could go with either of the above examples and puts them in as given. So my question here is kinda two parted. 1) how do I get it to insert the info one way or the other but never both being allowed. So {} will always show %7B%7D when inserted or visa versa. and 2) How do I take an existing database and sort threw it to make sure they are all the same as 1 codes the new ones in, and take out any possible dupilications due to the difference? I've tried this: <?php $xsblock = $_SERVER['HTTP_REFERER']; $url = "testchan"; $pos = strpos($xsblock, $url); if ($pos == false) { die(); } else { echo "content content content content content content content content"; } ?> How can I do this correctly? Thanks in advance! I need some quick help with this, This is my file upload row loop, I want to add the if <b>k = 4</b>, then you have reached the maximum upload. Or something to that Effect. PRetty much only allowing 4-upload per user, before stoping the upload feature.. row count Code: [Select] <?php $k = 4; //$n=5; for ($i=0, $n=count( $this->songs ); $i < $n; $i++) //for ($i=0, $n=count( $this->songs ); $i < $n; $i++) { $song = &$this->songs[$i]; $checked = JHTML::_('grid.id', $i, $song->id ); $link_edit = JRoute::_( 'index.php?userid='.$this->xxx->user_id.'&layout=form&id=' . $song->id .'&from=xxx'); $tick = JHTML::image("images/tick.png",JText::_('Yes')); $tick_file = JHTML::image("images/tick.png",JText::_('Yes'),array("title" => $xxx->filename)); $cross = JHTML::image("images/publish_x.png",JText::_('No')); ?> End row count Code: [Select] <?php $k = 1 - $k; } ?> Hi, Just received this email from a random person saying they were able to obtain the username and password for the site admin page from the MySql Database: [07:33:33] [INFO] testing if GET parameter 'id' is dynamic [07:33:34] [INFO] confirming that GET parameter 'id' is dynamic [07:33:35] [INFO] GET parameter 'id' is dynamic [07:33:35] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis [07:33:35] [INFO] testing unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] confirming unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis [07:33:37] [INFO] testing for parenthesis on injectable parameter [07:33:40] [INFO] the injectable parameter requires 0 parenthesis [07:33:40] [INFO] testing MySQL [07:33:41] [INFO] confirming MySQL [07:33:41] [INFO] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1 [07:33:41] [INFO] retrieved: 0 [07:33:51] [INFO] performed 13 queries in 9 seconds [07:33:51] [INFO] the back-end DBMS is MySQL web server operating system: Linux Red Hat web application technology: PHP 5.2.11, Apache 2.2.3 back-end DBMS: MySQL >= 5.0.0 +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | admin | email | firstname | lastname | password | userid | username | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | 1 | blah | blah | blah | blah | 1 | blah | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + blah MD5 : blah -- I've changed all the details to 'blah' for the purpose of this post. Does anyone know how I can secure my PHP to stock this injection? Thanks, Jack I'm tired and want to sleep so my mistakes are getting lots now. Anybody awake that can explain my problem with the code below. <? function directoryToArray($directory, $recursive) { $array_items = array(); $i = "0"; if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle)) && $i < "3") { if ($file != "." && $file != "..") { if (is_dir($directory. "/" . $file)) { if($recursive) { $array_items = array_merge($array_items, directoryToArray($directory. "/" . $file, $recursive)); } } else { $file = $directory . "/" . $file; $array_items[] = preg_replace("/\/\//si", "/", $file); $i++; } } } closedir($handle); } natsort($array_items); return array_reverse($array_items); } $data = directoryToArray('images/screenshot/', TRUE); print_r($data); ?> What I want is for the while loop to stop after 4 hits and exit and give me the return results. But now it continue until readdir end. Hello friends, I've php script that create files for example you enter file name (ex : test.php) file content (ex: any text ) it will create test.php file with the same content you entered. but the problem it add back slah \ before " or ' how can i stop it and make it not add back slash before " and ' here is the code <?php function saveFile($filename,$filecontent){ if (strlen($filename)>0){ $file = @fopen($filename,"w"); if ($file != false){ fwrite($file,$filecontent); fclose($file); return 1; } return -2; } return -1; } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="domain" id="domain"> File name: <input name="filename" type="text" value="<?php echo $domainbase; ?>" /> File content: <textarea name="filecontent" rows="15" cols="46"></textarea> <input type="submit" name="submitBtn" value="Save file" /> </form> <?php if (isset($_POST['submitBtn'])){ $filename = (isset($_POST['filename'])) ? $_POST['filename'] : '' ; $filecontent = (isset($_POST['filecontent'])) ? $_POST['filecontent'] : '' ; if (saveFile($filename,$filecontent) == 1){ echo "File was saved"; } else if (saveFile($filename,$filecontent) == -2){ echo "An error occured during saving file"; } else if (saveFile($filename,$filecontent) == -1){ echo "Wrong file name"; } } ?> thank you alot it will really helps me alot Ok I'm trying to make word replace but I'm have some problems , first I have in my database row "words" have the words it look for to replace row "wordsys" have the replacement word the problem I'm have is let say the text I want to replace is "My friend is in here house" and row "words" has "My, In , here" in it and the replacement words are in wordsys has "In for My" "We for In" and "gone for here" so first it going to replace "My" with "In" that good ,but then it going back and replacing "In" the we just replaced with "We" and so forth who do I stop it from re-replace a word that it already replace. <?php //connect to database $textw = "My friend is in here house"; //load all replacements $result = mysql_query("SELECT * FROM data"); //replace all words $words = array(); $replacewords =array(); while ($row = mysql_fetch_assoc($result)) { $words[] = $row['words']; $replacewords[] = $row['wordsys']; } $text = str_replace($words,$replacewords,$textw); echo $text; ?> Thank you for your help I am trying to get information from a website and these information are seperated by <br> Quote Samsung ML-3310ND <br> AC Cable (UK) <br> CD/DVD (including Software/ Utilities/ Drivers and User Manuals) <br> Setup Guide <br> Black Toner Cartridge 2000 pages When I import this to the database it becomes Quote Samsung ML-3310NDAC Cable (UK)CD/DVD (including Software/ Utilities/ Drivers and User Manuals) Setup GuideBlack Toner Cartridge 2000 pages How would I get it exactly how it looks. so it doesnt print in one paragraph. this is the code I am using.. Code: [Select] $inbox = $html->find( "#ctl00_placeholderMain_pnlInTheBox" ); if ( isset( $inbox[ 0 ] ) ) { // Tidy it up - remove commas and weird Word chars $box = strip_tags( $inbox[0] ); //$box = substr( $box, strpos( $box, ";" ) + 1 ); $box = strpos($box, ';') !== FALSE ? substr( $box, strpos( $box, ";" ) + 1 ) : $box; $box = str_replace("", "<br>", $box ); } else { $box = "0"; } I need a way to start a program and store the PID, then manage to stop it at the users request later. Im not sure how i would go about this. It has to work on Windows, Any help? Thanks. Hello. Recently I've run into a bit of an issue with Path Traversal. I was searching a bit on solutions to it, but all I could find were sites telling you to fix it, and not showing examples of how. So, I've been running a few tests and seem to have the majority fixed. At least, the ones on Owasp's examples don't work.
I am making a file manager, so they can browse the public_html all they want. I just don't want anyone using ../, or the document root to browse through anything other than through the public_html.
So, here is the solution I have found that seems to work on everything I have seen:
<?php
// Seems to solve plain-text, encoded, and null bytes
$replace = array("%", "..");
$file = str_replace($replace, "", $_GET['file']);
// ./ at the beginning to stop DOCUMENT_ROOT travel
echo show_file_contents("./".$file);
?>
And this is how the path is set up for file_get_contents to access:
<?php
function show_file_contents($file) {
$path = $_SERVER['DOCUMENT_ROOT']."/".$file;
}
?>
My question is: Does this fully stop any directory traversal attempt?
Edited by SarahBear, 09 November 2014 - 08:29 AM. Hi all, I've added bbcode to my forum on my website but I don't want users to be able to add javascript (or better put, I only want links to be http, https, ftp type links). How can I do this? Regards, Jason Hello all. Is it possible to have a link that can start and stop a service on the web server? It is a windows 2003 server. Thanks, Mike Hi, Was just wondering if I could get help with this programming problem, I am programming a diary system that people can use to book appointments within time slots on a current day. I have the below code reading from three database tables (one for appointment details, one for the profile of whom booked the appointment and lastly a LEFT JOIN table of times from 09:00:00 to 17:30:00). The functionality of this diary of time slots is where there is a booked slot, slip the appointment attendee into that slot so the avaible link is not seen so no one can book over the appointment. This is where the problem comes into play, if there is an appointment expanding lets say 45 minutes which means other time slots will be taken, it just echos out the same appointment details so then I am getting it duplicating. for example down below; 09:00:00 - Booked Appointment (name) - Duration: 30 Minutes 09:15:00 - Booked Appointment (name) - Duration: 30 Minutes 09:30:00 - Booked Appointment (name) - Duration: 30 Minutes Now what I would like the solution to is if there is a way to maybe stop the duplication by showing the first row of the start time of the appointment and then change the the next rows to unavailable? Or even collapsing the time rows so if an appointment is booked at 09:00:00 for 30 mnutes, then the next available time slot would be 09:45:00 so the record would not duplicate. Here is a screenshot to help you a bit better - http://img185.imageshack.us/img185/7981/72314500.png Here is my source code, would appreciate any suggestions on how I would do this! <?php include('connection.php'); //Query $comment = "SELECT * FROM timeslots LEFT OUTER JOIN (SELECT time,endtime,status,firstname,secondname,duration FROM appointments INNER JOIN profile ON profile.id=appointments.id WHERE appointments.DATE = '" .$_GET['date']."') AS a ON a.time <= timeslots.timeslot AND a.endtime >= timeslots.timeslot"; $commentresult = mysql_query($comment); // If commentresult = false then query return fail if ($commentresult == false) { die("Your Query isn't working correctly! :-( "); } // If commentresult = true then echo below information with results if (mysql_num_rows($commentresult) >= 1) { // Start Rows while($cr = mysql_fetch_array($commentresult)) { // Start While Loop { // Process While Loop $_GET['time'] = $cr['timeslot']; $status = $cr['status']; if($status=="") { // Start IF Status // echo Available echo "<table border='0' width='800'> <tr><td width='35'><div class='content'>".$cr['timeslot']."</div></td> <td width='100'><div class='content'><a href='book_slot.php?date=".$_GET['date']."&id=".$_GET['id']."&time=".$_GET['time']."'>Available</a></div></td> <td width='100'><div class='content'></div></td> <td width='120'><div class='content'></div></td> </tr></table>"; } // End IF Status else { // Start ELSE status // echo Appointment within Time Slot echo "<table border='0' width='800'> <tr><td width='35'><div class='content'>".$cr['timeslot']."</div></td> <td width='100'><div class='content'>".$cr['status']."</div></td> <td width='120'><div class='content'>".$cr['firstname']." ".$cr['secondname']."</div></td> <td width='120'><div class='content'>".$cr['duration']." Minutes</div></td> </tr></table>"; } // End ELSE Status } // End Process While Loop } // End Loop } // End Row // Else statement else { echo "<img src='info.png'> There are no appointments for this day!"; } // Close database connection mysql_close($dbconnection); ///////////////////////////// ?> |
|||||||