php security - Page 19 - Developer IT

Learning and Developing with PHP [closed]

- by KyelJmD

I am here to ask you What is a good PHP Book that doesn't contain too much details but it is compose of all necessary information to develop in PHP such as (OO PHP, Handling Forms, Database etc etc) This may be subjective but I've tried to look php book recomendations here at Stackoverflow but I cannot find any. Next is What are the things I need to know in learning a PHp framework? specifically I want to learn CAKEPHP. NOTE I do not need those lenghty books that discuss loops and such I already have experience programming with java and C#.

Read the article

php is not working well on ubuntu 13.10 and mcrypt is missing in phpmyadmin

- by mohamad

I've upgraded from UBUNTU 13.04 to 13.10 but I can not work with php pages or phpmyadmin . I've tried this way to install lamp on ubuntu sudo apt-get install lamp-server^ phpmyadmin and I've done all of the configuration correctly after installation I've added this line Include /etc/phpmyadmin/apache.conf to /etc/apache2/apache2.conf then I restarted apache2 but in phpmyadmin on the bottom of the page is this error : The mcrypt extension is missing. Please check your PHP configuration I've check and mcrypt was in it , but in phpmyadmin it gives me error of missing . the other problem is on PHP pages it seems like there is no PHP and it's all html because lots of PHP lines are printed in textbox's like : <? echo $row['details']; ?> can anybody tell me what should I do ?

Read the article

Is php|architect any good?

- by Andrew Heath

Kind of a hard topic to search for, as architect turns up a lot about software architects instead. After 8 months of PHP self-study, I finally stumbled across the php|architect site. The length of time it took me to find it makes me suspicious of its quality. 3 related questions: do professional PHP coders read/care about php|architect? is it a good source for PHP beginners? assuming yes to either of the above, how far back in the archives to articles remain relevant? (ex: does stuff written about PHP4 still matter?)

Read the article

Security precautions and techniques for a User-submitted Code Demo Area

- by Jack W-H

Hey folks Maybe this isn't really feasible. But basically, I've been developing a snippet-sharing website and I would like it to have a 'live demo area'. For example, you're browsing some snippets and click the Demo button. A new window pops up which executes the web code. I understand there are a gazillion security risks involved in doing this - XSS, tags, nasty malware/drive by downloads, pr0n, etc. etc. etc. The community would be able to flag submissions that are blatantly naughty but obviously some would go undetected (and, in many cases, someone would have to fall victim to discover whatever nasty thing was submitted). So I need to know: What should I do - security wise - to make sure that users can submit code, but that nothing malicious can be run - or executed offsite, etc? For your information my site is powered by PHP using CodeIgniter. Jack

Read the article

Destroy guest OS using php

- by Alee

I am using libvirt-php to manage my virtual machines, and I need to shutdown/destroy domU. For this I used the following php script: < ? php $conn=libvirt_connect("xen:///"); $name=libvirt_domain_lookup_by_id($conn,4); $dest=libvirt_domain_destroy($name); echo $dest; ? When I run this on xampp server i get the following output: Warning: libvirt_domain_destroy() [function.libvirt-domain-destroy]: operation virDomainDestroy forbidden for read only access in /opt/lampp/htdocs/xampp/byname.php on line 5. Here is the documentation: http://libvirt.org/php/api-reference.html#libvirt_domain_destroy

Read the article

Impact of changing from PHP to Java after 1 year or 6 months

- by user62909

I'm MCA final year student and I have very poor school record and had 2 years of gap. I'm first class with distinction in graduation and in post graduation is first class.Companies are coming for campus recruitment.I have very less companies like 4 or 5 who don't impose any criteria. there is a company who work on PHP and i have cleared its aptitude test and technical only HR remaining. I'm actually interested in Java and have knowledge about it but company work on PHP.I was fretting about If i work on PHP for 6 or 1 year can I change later to Java ? because i will also have experience of 6 or 12 months ? Will be considered an experienced employee if I apply for java developer later ? Will manager think that I worked in PHP and not allowed for Java ? Will I have to pursue java OCJP certification so i can get job even after 1 year experience of PHP ? Only 8 days are remaining for Hr round so please need help

Read the article

Lack of security in many PHP applications?

- by John

Over the past year of freelancing, I inherited two web projects, both of them built in PHP, both of them with sensitive information like credit card info, bank info, etc... In one application, when I typed http://thecompany.com/admin/, and without being asked for a username and password, I saw every user's sensitive information, including credit card numbers, bank account numbers etc... In another application, I was able to bypass the login screen by simply typing http://the2ndcompany.com/customer.php?user_id=777, and again, without any prompts for username and password, i was able to see user 777's credit card info. I cycled through a few more user_ids (any integer) and saw each person's credit card info. Is something wrong here? Or is this the quality of work that the "average" programmer produces? Because if this is what the average programmer produces, does that means I'm an...gasp...elite programmer?? No..that can't be right....something doesn't make sense. So my question is, is it just coincidence that I inherited two applications both of which are dangerously lacking in security? Or are there are a lot of bad PHP programmers out there?

Read the article

Job selection between (.net) or PHP [closed]

- by Swapnil Gondkar

Hi am Swapnil I am just a fresher passout of 2011 batch of engineering from Mumbai University I have developed dynamic websites on PHP and have quite a good experience working with php for 2years. Now When I went for interviews I got selected for a company that manifolds into PHP and its technologies to create websites.The other company in which I also got selected offers more than half the higher package than previous but I have to work here on .net platform and all the Microsoft Technologies which I do not merry. The work environment of php company is quite cool with 400employees(onli 10 php developers) and the .net company has only a strength of 20employees Now the thing is I do not know about Enterprise Application Building and other stuff so guys If any advice that may help me select my job would be appreciated.

Read the article

Paren-free PHP? [on hold]

- by Ivan Curdinjakovic

I stumbled upon the idea for paren-free ecmascript (https://brendaneich.com/2010/11/paren-free/), which is inspired by Go language. And it's simple, clean and cool - if you make braces required instead of recommended (and they are recommended everywhere anyway: http://www.php-fig.org/psr/psr-2/), then parenthesis are unneeded around control structure “heads”. It would work exactly the same in PHP. So, a piece of PHP code could look like this: if $someVar == 42 { doSomething(); } or: foreach $someArray as $key => $value { echo "$key: $value"; } It's a small, but nice step towards a nicer, cleaner syntax and removing unnecessary parts. The question is - would PHP community be willing to see the languange move in that direction? Would it be considered an improvement by majority, or are we too used to typing those parenthesis and unwilling to see any change in PHP syntax?

Read the article

What Security Issues I should have in PHP Hosting

- by phpBOY

Hi, Just wanted to know what could be the security cautions I should know about PHP Hosting? Thanks

Read the article

PHP not loading php.ini in directory or following error_reporting() on Windows 7

- by Marcus

Normally I develop under E_ALL error level, but for sanity on this project I want notices and strict off. So initially tried: error_reporting(E_ALL & ~(E_STRICT|E_NOTICE)); And several other combinations of the same thing, nothing worked. Next I tried to create a local php.ini the directory with error_reporting = E_ALL & ~E_NOTICE but nope, that didn't work either. phpinfo() is reporting: Scan this dir for additional .ini files: (none) Can someone help me fix either of these problems? Preferably both! Thanks! I'm running PHP Version 5.2.13 on Apache/2.2.14 under Windows 7 x64.

Read the article

PHP on Loading php.ini in directory or following error_reporting() on Windows 7

- by Marcus

Normally I develop under E_ALL error level, but for sanity on this project I want notices and strict off. So initially tried: error_reporting(E_ALL & ~(E_STRICT|E_NOTICE)); And several other combinations of the same thing, nothing worked. Next I tried to create a local php.ini the directory with error_reporting = E_ALL & ~E_NOTICE but nope, that didn't work either. phpinfo() is reporting: Scan this dir for additional .ini files: (none) Can someone help me fix either of these problems? Preferably both! Thanks! I'm running PHP Version 5.2.13 on Apache/2.2.14 under Windows 7 x64.

Read the article

Server speed: sharing one script.php or using many copies the same script.php

- by Marco Demaio

Let's assume: I have thousands of domains on same Apache server. Each domain is in a folder under server public_html document folder, so it can be accessed by calling "www.somedomain.com" or by calling "www.serverdomain.com/somedomain_folder" In each domain there is a website who needs a certain script.php (identical for each domain). From a coding point view, its obvious that it's better to use a unique script.php, so when i update it with new features/bug fixes etc, I need to update on server only one file and it will work for all domains. But from a server point of view? If i use a unique script all domains will access it at the same time, will the server run slower compared to the situation where each domain called its own script?

Read the article

PHP and Ruby: how to leverage both? and, is it worth it?

- by dukeofgaming

As you might have noticed from the title, this is not a "PHP or Ruby", or a "PHP vs. Ruby" question. This is a question on how to leverage PHP + Ruby in the same business. I myself am a PHP developer, I love the language because of its convenience and I specially love the ecosystem of resources that surround it: Joomla, Drupal, Wordpress, Symfony2, Doctrine2, etc. However, the language itself can be a little disappointing sometimes. OTOH, Ruby looks like a very beautiful language and —from studying it superficially in several aspects— I could say it is leaner than Python as a language per se. However, from what I've seen there is pretty much only RoR making noise, and I don't like RoR so much (mainly because its model layer). As Co-CEO and CTO at my company I'm trying to think outside of the box since I want to start to focus on the human side of technology and see if its sane to use both PHP and Ruby. Here are some random thoughts: Ruby folk seem to be generally better suited programmers than PHP folk (in terms of averages), I know the previous statement is somewhat baloney because very good and well architected PHP can be written, but I'd say the Ruby programmer culture is better than PHP's. The thing about Ruby is that it seems better suited for rapid development, I don't really know if this is only the case for RoR, but I do know that there are certain practices (perhaps not so good) like monkey patching that let business needs be satified quicker. From a marketing point of view (yep, sometimes you need to leverage the marketing BS for the sake of your company) Ruby seems better while PHP carries some stigmas. PHP 5.4 is bringing traits, and that is better/cleaner than mixins. That could really make PHP as lean as Ruby —or more— for certain stuff. Now, concretely, my questions: Would a PHP programmer want to learn Ruby?, I know I do, but conversely, would a Ruby programmer want to learn PHP?. What kinds of projects or situations would be better suited for Ruby that are not suited for PHP?. What is the actual ecosystem of Ruby?, aside from RoR, I have not seen other hyped technologies/frameworks (I've seen RSpec, but I confess being a total noob on what BDD really consists of and its implications). Supposing there are a certain type of projects ideal for Ruby, would there be a moment that its better to move it to PHP?. I know PHP can handle lots of stuff, but I've read that Ruby has its limitations when scaling (or is that RoR?, or is that baloney for both?). Finally and most importantly, would it be sane to maintain projects in two languages?, or is that just stupid. As I said, it looks like Ruby is leaner on the short term and that can make a project happen and succeed, but I'm not so sure about that on the long run. I'm looking for insights mainly from people that know well the strengths and weaknesses of the languages —preferably both of them— and Ruby's ecosystem in real practice, meaning: frameworks and applications like the ones I quoted from PHP's ecosystem. Best regards and thanks for your time.

Read the article

php post form to another php

- by proyb2

I want to post a search value from index.php to search.php, index.php and search.php or I would like to retain 'val' value in the URL, but search.php could not capture the value of 'val' which appear to be "val=".

Read the article

Execute php file from another php

- by skiria

I try to call a php file that starts like <?php //Connection function connection () { ... I call from a php like: <?php exec ('/ /opt/lampp/htdocs/.../name.php)') ?> I get: line1-> cannot open ?: No such file line 3 //Connection: not found line 4 Syntax errror: "(" What happens? Why I can't execute it?

Read the article

ANY way to consolidate this code?

- by JM4

I am building a PHP registration form which takes the following fields for up to 20 athletes: First Name Middle Initial Last Name Federation Number Address City State Zip DOB SSN Phone Email I am only through 7 of the fields for each fighter and my php file is very large (over 40kb). Is there ANY way to consolidate this code at all? I am also having to validate the information on each field (as I said - 20 athletes x 12 fields = 240 validations on a single page). If I can send any further code let me know! <form id="Form" action="<?php $_SERVER['PHP_SELF']; ?>" method="post" name="Form" onsubmit="return Enroll_Form_Validator(this)"> <p class="title">Your Fighters' Information</p> <p>Please complete the following fields with your <span style="color:red;"> Fighters' Information</span> to continue your enrollment.</p> <br /> <?php // if $errors is not empty, the form must have failed one or more validation // tests. Loop through each and display them on the page for the user if (!empty($errors)) { echo "<div class='error'>Please fix the following errors:\n<ul>"; foreach ($errors as $error) echo "<li>$error</li>\n"; echo "</ul></div>"; } ?> <?php if ($_SESSION['Num_Fighters'] > "0") { ?> <table class="demoTable"> <tr> <td>First Name: </td> <td><input type="text" name="F1FirstName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F1FirstName']; ?>" /></td> </tr> <tr> <td>Middle Initial: </td> <td><input type="text" name="F1MI" size="2" maxlength="1" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F1MI']; ?>" /></td> </tr> <tr> <td>Last Name: </td> <td><input type="text" name="F1LastName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F1LastName']; ?>" /></td> </tr> <tr> <td>Federation No: </td> <td><input type="text" name="F1FedNum" maxlength="10" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1FedNum']; ?>" /></td> </tr> <tr> <td>SSN: </td> <td><input type="text" name="F1SSN1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1SSN1']; ?>" /> - <input type="text" name="F1SSN2" size="2" maxlength="2" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1SSN2']; ?>" /> - <input type="text" name="F1SSN3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1SSN3']; ?>" /> </td> </tr> <tr> <td>Date of Birth</td> <td> <select name="F1DOB1"> <option value="">Month</option> <?php for ($i=1; $i<=12; $i++) { echo "<option value='$i'"; if ($fields["F1DOB1"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F1DOB2"> <option value="">Day</option> <?php for ($i=1; $i<=31; $i++) { echo "<option value='$i'"; if ($fields["F1DOB2"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F1DOB3"> <option value="">Year</option> <?php for ($i=date('Y'); $i>=1900; $i--) { echo "<option value='$i'"; if ($fields["F1DOB3"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> </td> </tr> <tr> <td>Address: </td> <td><input type="text" name="F1Address" value="<?php echo $fields['F1Address']; ?>" /></td> </tr> <tr> <td>City: </td> <td><input type="text" name="F1City" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F1City']; ?>" /></td> </tr> <tr> <td>State: </td> <td><select name="F1State"><option value="">Choose a State</option><?php showOptionsDrop($states_arr, null, true); ?></select></td> </tr> <tr> <td>Zip Code: </td> <td><input type="text" name="F1Zip" size="6" maxlength="5" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1Zip']; ?>" /></td> </tr> <tr> <td>Contact Telephone No: </td> <td>( <input type="text" name="F1Phone1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1Phone1']; ?>" /> ) <input type="text" name="F1Phone2" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1Phone2']; ?>" /> - <input type="text" name="F1Phone3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F1Phone3']; ?>" /> </td> </tr> <tr> <td>Email:</td> <td><input type="text" name="F1Email" value="<?php echo $fields['F1Email']; ?>" /></td> </tr> </table> <?php } ?> <br /> <?php if ($_SESSION['Num_Fighters'] > "1") { ?> <table class="demoTable"> <tr> <td>First Name: </td> <td><input type="text" name="F2FirstName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F2FirstName']; ?>" /></td> </tr> <tr> <td>Middle Initial: </td> <td><input type="text" name="F2MI" size="2" maxlength="1" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F2MI']; ?>" /></td> </tr> <tr> <td>Last Name: </td> <td><input type="text" name="F2LastName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F2LastName']; ?>" /></td> </tr> <tr> <td>Federation No: </td> <td><input type="text" name="F2FedNum" maxlength="10" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2FedNum']; ?>" /></td> </tr> <tr> <td>SSN: </td> <td><input type="text" name="F2SSN1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2SSN1']; ?>" /> - <input type="text" name="F2SSN2" size="2" maxlength="2" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2SSN2']; ?>" /> - <input type="text" name="F2SSN3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2SSN3']; ?>" /> </td> </tr> <tr> <td>Date of Birth</td> <td> <select name="F2DOB1"> <option value="">Month</option> <?php for ($i=1; $i<=12; $i++) { echo "<option value='$i'"; if ($fields["F2DOB1"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F2DOB2"> <option value="">Day</option> <?php for ($i=1; $i<=31; $i++) { echo "<option value='$i'"; if ($fields["F2DOB2"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F2DOB3"> <option value="">Year</option> <?php for ($i=date('Y'); $i>=1900; $i--) { echo "<option value='$i'"; if ($fields["F2DOB3"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> </td> </tr> <tr> <td>Address: </td> <td><input type="text" name="F2Address" value="<?php echo $fields['F2Address']; ?>" /></td> </tr> <tr> <td>City: </td> <td><input type="text" name="F2City" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F2City']; ?>" /></td> </tr> <tr> <td>State: </td> <td><select name="F2State"><option value="">Choose a State</option><?php showOptionsDrop($states_arr, null, true); ?></select></td> </tr> <tr> <td>Zip Code: </td> <td><input type="text" name="F2Zip" size="6" maxlength="5" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2Zip']; ?>" /></td> </tr> <tr> <td>Contact Telephone No: </td> <td>( <input type="text" name="F2Phone1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2Phone1']; ?>" /> ) <input type="text" name="F2Phone2" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2Phone2']; ?>" /> - <input type="text" name="F2Phone3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F2Phone3']; ?>" /> </td> </tr> <tr> <td>Email:</td> <td><input type="text" name="F2Email" value="<?php echo $fields['F2Email']; ?>" /></td> </tr> </table> <?php } ?> <br /> <?php if ($_SESSION['Num_Fighters'] > "2") { ?> <table class="demoTable"> <tr> <td>First Name: </td> <td><input type="text" name="F3FirstName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F3FirstName']; ?>" /></td> </tr> <tr> <td>Middle Initial: </td> <td><input type="text" name="F3MI" size="2" maxlength="1" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F3MI']; ?>" /></td> </tr> <tr> <td>Last Name: </td> <td><input type="text" name="F3LastName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F3LastName']; ?>" /></td> </tr> <tr> <td>Federation No: </td> <td><input type="text" name="F3FedNum" maxlength="10" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3FedNum']; ?>" /></td> </tr> <tr> <td>SSN: </td> <td><input type="text" name="F3SSN1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3SSN1']; ?>" /> - <input type="text" name="F3SSN2" size="2" maxlength="2" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3SSN2']; ?>" /> - <input type="text" name="F3SSN3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3SSN3']; ?>" /> </td> </tr> <tr> <td>Date of Birth</td> <td> <select name="F3DOB1"> <option value="">Month</option> <?php for ($i=1; $i<=12; $i++) { echo "<option value='$i'"; if ($fields["F3DOB1"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F3DOB2"> <option value="">Day</option> <?php for ($i=1; $i<=31; $i++) { echo "<option value='$i'"; if ($fields["F3DOB2"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F3DOB3"> <option value="">Year</option> <?php for ($i=date('Y'); $i>=1900; $i--) { echo "<option value='$i'"; if ($fields["F3DOB3"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> </td> </tr> <tr> <td>Address: </td> <td><input type="text" name="F3Address" value="<?php echo $fields['F3Address']; ?>" /></td> </tr> <tr> <td>City: </td> <td><input type="text" name="F3City" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F3City']; ?>" /></td> </tr> <tr> <td>State: </td> <td><select name="F3State"><option value="">Choose a State</option><?php showOptionsDrop($states_arr, null, true); ?></select></td> </tr> <tr> <td>Zip Code: </td> <td><input type="text" name="F3Zip" size="6" maxlength="5" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3Zip']; ?>" /></td> </tr> <tr> <td>Contact Telephone No: </td> <td>( <input type="text" name="F3Phone1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3Phone1']; ?>" /> ) <input type="text" name="F3Phone2" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3Phone2']; ?>" /> - <input type="text" name="F3Phone3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F3Phone3']; ?>" /> </td> </tr> <tr> <td>Email:</td> <td><input type="text" name="F3Email" value="<?php echo $fields['F3Email']; ?>" /></td> </tr> </table> <?php } ?> <br /> <?php if ($_SESSION['Num_Fighters'] > "3") { ?> <table class="demoTable"> <tr> <td>First Name: </td> <td><input type="text" name="F4FirstName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F4FirstName']; ?>" /></td> </tr> <tr> <td>Middle Initial: </td> <td><input type="text" name="F4MI" size="2" maxlength="1" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F4MI']; ?>" /></td> </tr> <tr> <td>Last Name: </td> <td><input type="text" name="F4LastName" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F4LastName']; ?>" /></td> </tr> <tr> <td>Federation No: </td> <td><input type="text" name="F4FedNum" maxlength="10" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4FedNum']; ?>" /></td> </tr> <tr> <td>SSN: </td> <td><input type="text" name="F4SSN1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4SSN1']; ?>" /> - <input type="text" name="F4SSN2" size="2" maxlength="2" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4SSN2']; ?>" /> - <input type="text" name="F4SSN3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4SSN3']; ?>" /> </td> </tr> <tr> <td>Date of Birth</td> <td> <select name="F4DOB1"> <option value="">Month</option> <?php for ($i=1; $i<=12; $i++) { echo "<option value='$i'"; if ($fields["F4DOB1"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F4DOB2"> <option value="">Day</option> <?php for ($i=1; $i<=31; $i++) { echo "<option value='$i'"; if ($fields["F4DOB2"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> / <select name="F4DOB3"> <option value="">Year</option> <?php for ($i=date('Y'); $i>=1900; $i--) { echo "<option value='$i'"; if ($fields["F4DOB3"] == $i) echo " selected"; echo ">$i</option>"; } ?> </select> </td> </tr> <tr> <td>Address: </td> <td><input type="text" name="F4Address" value="<?php echo $fields['F4Address']; ?>" /></td> </tr> <tr> <td>City: </td> <td><input type="text" name="F4City" onkeyup="if(!this.value.match(/^([a-z]+\s?)*$/i))this.value=this.value.replace(/[^a-z ]/ig,'').replace(/\s+/g,' ')" value="<?php echo $fields['F4City']; ?>" /></td> </tr> <tr> <td>State: </td> <td><select name="F4State"><option value="">Choose a State</option><?php showOptionsDrop($states_arr, null, true); ?></select></td> </tr> <tr> <td>Zip Code: </td> <td><input type="text" name="F4Zip" size="6" maxlength="5" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4Zip']; ?>" /></td> </tr> <tr> <td>Contact Telephone No: </td> <td>( <input type="text" name="F4Phone1" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4Phone1']; ?>" /> ) <input type="text" name="F4Phone2" size="3" maxlength="3" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4Phone2']; ?>" /> - <input type="text" name="F4Phone3" size="4" maxlength="4" onkeyup="this.value=this.value.replace(/[^0-9]/ig, '')" value="<?php echo $fields['F4Phone3']; ?>" /> </td> </tr> <tr> <td>Email:</td> <td><input type="text" name="F4Email" value="<?php echo $fields['F4Email']; ?>" /></td> </tr> </table> <?php } ?> <div align="right"><input class="enrbutton" type="submit" name="submit" value="Continue" /></div> </form> This only goes through 4 athletes and I need it to capture 20. Any ideas? I am forced to keep all 200+ elements in SESSION assuming somebody enrolls 20 athletes.

Read the article

Security in a private web service

- by Oni

I am developing a web site and a web service for a small on-line game. Technically, I'll be using Express (node.js) and MongoDB+Redis for the databases. This the structure I came up with: One Express server that will server as the Web Service. This will connect to the databases. One Express server that will provide the web site. It will connect to the Web Service to retrieve and push the information. iOS and Android application will be able to interact with the WebService. Taking into account: It is a small game. The information transferred is not critical. There will NOT be third party applications. At least for the moment. My concern is about which level of security I should use in each of the scenarios: Security of the user playing through web browser Security of the applications and the Web Server connecting to the WS. I have take a look at the different options and: OAuth and/or Https is too much for this scenario, isn't it? Will be a good option to hash the user and password with MD5(or similar) and some salt? I would like to get some directions and investigate by my own rather than getting a response like "you should you use this node.js module..." Thanks in advance,

Read the article

TDE Tablespace Encryption 11.2.0.1 Certified with EBS 12

- by Steven Chan

Oracle Advanced Security is an optional licenced Oracle 11g Database add-on. Oracle Advanced Security Transparent Data Encryption (TDE) offers two different features: column encryption and tablespace encryption. 11.2.0.1 TDE Column encryption was certified with E-Business Suite 12 as part of our overall 11.2.0.1 database certification. As of today, 11.2.0.1 TDE Tablespace encryption is now certified with Oracle E-Business Suite Release 12. What is Transparent Data Encryption (TDE) ? Oracle Advanced Security Transparent Data Encryption (TDE) allows you to protect data at rest. TDE helps address privacy and PCI requirements by encrypting personally identifiable information (PII) such as Social Security numbers and credit card numbers. TDE is completely transparent to existing applications with no triggers, views or other application changes required. Data is transparently encrypted when written to disk and transparently decrypted after an application user has successfully authenticated and passed all authorization checks. Authorization checks include verifying the user has the necessary select and update privileges on the application table and checking Database Vault, Label Security and Virtual Private Database enforcement policies.

Read the article

Address Regulatory Mandates for Data Encryption Without Changing Your Applications

- by Troy Kitch

The Payment Card Industry Data Security Standard, US state-level data breach laws, and numerous data privacy regulations worldwide all call for data encryption to protect personally identifiable information (PII). However encrypting PII data in applications requires costly and complex application changes. Fortunately, since this data typically resides in the application database, using Oracle Advanced Security, PII can be encrypted transparently by the Oracle database without any application changes. In this ISACA webinar, learn how Oracle Advanced Security offers complete encryption for data at rest, in transit, and on backups, along with built-in key management to help organizations meet regulatory requirements and save money. You will also hear from TransUnion Interactive, the consumer subsidiary of TransUnion, a global leader in credit and information management, which maintains credit histories on an estimated 500 million consumers across the globe, about how they addressed PCI DSS encryption requirements using Oracle Database 11g with Oracle Advanced Security. Register to watch the webinar now.

Read the article

Netretail's online retail operation benefits from personal contact

- by christopher.jones

Hot on oracle.com is a snapshot of Netretail Holding B.V. profiling their use of PHP and Oracle technology such as Oracle RAC cluster database to become a leading online retailer across Central and Eastern Europe. We've also just refreshed our key PHP Scalability and High Availability whitepaper which talks about connection pooling (DRCP) and Fast Application Notification (FAN). We brought it up to date for 11gR2 and PHP 5.3. It now includes the new 11gR2 V$CPOOL_CONN_INFO view, the new columns for DBA_CPOOL_INFO, information about LOGOFF triggers, and information about the support for Client Result Caching with DRCP. Back to Netretail. Two of their secrets to success are keeping technically up to date, and networking. That is, networking in the business sense. I had the pleasure of meeting Michal Táborský (@whizz), the Chief System Architect, when he was in California for a Velocity conference. Michal took time to visit Oracle HQ and talk with our developers about his then current architecture and future needs. I also met his manager at last year's Oracle OpenWorld conference. Having built up a relationship with us, Netretail now has access to Oracle Development staff. While this will never bypass Oracle Support (which have tools, systems etc that are needed and useful for resolving issues), it makes communication easier for some classes of questions. It helps discussions that will let us improve Oracle products, and make Netretail stronger. I like this. And there's no reason why you can't talk with us too. You know where to email me.

Read the article

How to ignore certain coding standard errors in PHP CodeSniffer

- by Tom

We have a PHP 5 web application and we're currently evaluating PHP CodeSniffer in order to decide whether forcing code standards improves code quality without causing too much of a headache. If it seems good we will add a SVN pre-commit hook to ensure all new files committed on the dev branch are free from coding standard smells. Is there a way to configure PHP codeSniffer to ignore a particular type of error? or get it to treat a certain error as a warning instead? Here an example to demonstrate the issue: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> </head> <body> <div> <?php echo getTabContent('Programming', 1, $numX, $numY); if (isset($msg)) { echo $msg; } ?> </div> </body> </html> And this is the output of PHP_CodeSniffer: > phpcs test.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AND 1 WARNING(S) AFFECTING 3 LINE(S) -------------------------------------------------------------------------------- 1 | WARNING | Line exceeds 85 characters; contains 121 characters 9 | ERROR | Missing file doc comment 11 | ERROR | Line indented incorrectly; expected 0 spaces, found 4 -------------------------------------------------------------------------------- I have a issue with the "Line indented incorrectly" error. I guess it happens because I am mixing the PHP indentation with the HTML indentation. But this makes it more readable doesn't it? (taking into account that I don't have the resouces to move to a MVC framework right now). So I'd like to ignore it please.

Read the article

PHP: A config file in .ini or .php format?

- by Tim Visee

I'm working on a huge CMS system, and I asked myself what configuration format I should use. There are two common formats for configuration files. The first one is an INI file, containg all the configuration properties. Then you can simply parse this INI file using build in PHP functions. A second option is to use a PHP file containing a regular PHP array with these configuration properties. Now, it's easier to edit an INI file, but a PHP file give's you more options, for example it allows you to add a function which retrieves one of the configuration options while reading the configuration file. Note: The PHP configuration file would only contain an array of configuration, no initialization functions or anything. (This is possible of course, but it's not implemented by default) Now, what is recommend for me to use as configuration file? What is the most common format for a configuration file? Should I go for simplicity with the INI files, or with a more dynamic one using PHP. One thing to note, this is not for personal usage. I'm planning to release the CMS system soon, and a lot of websites are scheduled already to change to my CMS system.

Read the article

Excitement! Updated Underground PHP and Oracle Manual is Available for Download

- by cj

We're thrilled to have a major update of the free Underground PHP and Oracle Manual released on OTN. The Underground PHP and Oracle Manual is designed to bridge the gap between the many PHP scripting language and the many Oracle Database books available. It contains unique material about PHP's OCI8 extension for Oracle Database, and about other components in the PHP-Oracle ecosystem. It shows PHP developers how to use PHP and Oracle together, efficiently and easily. The book has been completely refreshed. It has been updated for Oracle XE 11g and the latest PHP OCI8 extension. There are new chapters about using PHP with Oracle TimesTen, NetBeans and Oracle Tuxedo. There is also a new chapter about installing PHP on Oracle Solaris. The book now clocks in at 347 pages of great content. Acknowledgements are due to all those who have helped with this and previous editions of the book. Thanks to the product teams that assisted with brand new content. In particular Craig Mohrman contributed the chapter about PHP on Solaris. Jeffry Rubinoff contributed the base text for the chapter on PHP and NetBeans.

Read the article

How to handle key in PhP array if the key contains japanese characters [migrated]

- by Jim Thio

I have this array: [ID] => ????????-???????????__35.79_139.72 [Email] => [InBuildingAddress] => [Price] => [Street] => [Title] => ???????? ??????????? [Website] => [Zip] => [Rating Star] => 0 [Rating Weight] => 0 [Latitude] => 35.7865334803033 [Longitude] => 139.716800710514 [Building] => [City] => Unknown_Japan [OpeningHour] => [TimeStamp] => 0000-00-00 00:00:00 [CountViews] => 0 Then I do something like this: $output[$info['ID']]=$info; //mess up here $tes=$info['ID']['Title']; Well guess what it messes up. Basically even though the content of an array in PhP can be Japanese. Is this true? What's wrong. The error I got is: Debug Warning: /sdfdsfdf/api/test2.php line 36 - Cannot find element ????????-???????????__35.79_139.72 in variable Debug Warning: /sdfdsfdf/api/test2.php line 36 - main() [function.main]: It is not safe to rely on the system's timezone settings. You are required to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Krasnoyarsk' for '7.0/no DST' instead So many question mark Why is this happening. What's really going on inside PhP? Where can I learn more of such things. Most importantly, what would be the best way to handle this situation. Should I tell PhP to internally always use UTF-8? Does PhP array inherenty cannot use non ascii id?

Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 19/1734 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26 | Next Page >

- by KyelJmD

- by mohamad

- by Andrew Heath

- by Jack W-H

- by Alee

- by user62909

- by John

- by Swapnil Gondkar

- by Ivan Curdinjakovic

- by phpBOY

- by Marcus

- by Marcus

- by Marco Demaio

- by dukeofgaming

- by proyb2

- by skiria

- by JM4

- by Oni

- by Steven Chan

- by Troy Kitch

- by christopher.jones

- by Tom

- by Tim Visee

- by cj

- by Jim Thio

< Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26 | Next Page >