mendezgarcia

Personally, I see it as a dumbed down version of PHP, for handling forms and advanced functions (however not as powerful as PHP)

 

Panda

171545[/snapback]

False. CGI may be as good as PHP - or even better.

Form mail is just like a "script" to make it easier to use CGI's mail functions.

P.S. While it is true you cannot just preview a PHP script in action in your browser like you can HTML, you can set up your own personal web server with PHP running and test scripts that way. That's what I do, you just need to remember to change the server parameters (if any) in the script, such as connection parameters for a mysql database, when you finally upload to an online server.

194381[/snapback]

Yes, use something like XAMPP

https://sourceforge.net/projects/xampp/

 

Another create a config file (which will be required every time).

For example:

 

define ("MYSQL_USER", "mendez");

and:

 

require 'config.php';

mysql_connect("localhost", MYSQL_USER, ...);

 

Easy...

That was a long time ago - when PHP first came about. It moved to an executable CGI after that, and is now available in various forms, including an Apache module (although it is in no way limited to this).

Yes, I was answering him: PHP started as a Perl module and now MAY be installed as an Apache module.
I didn't know IPB would mess the indentation

About the equal and identical operators, although they are apparently the same thing, they are very different. There was a security flaw in phpBB (security flaw number 6.57 x 10^6) that was fixed changing == to ===

PHP started as a Perl module. Now it may be installed independently; as a apache mod.A few notes:1. Instead of using <? ?>, which is a shortcut (and may not work in some servers), use <?php ?>2. Try to improve your indentation. 3. There are major differences between the comparision operator "==" (equal) and "===" (identical).For example, "php" == 0 returns true, but "php" === 0 doesn't.

The biggest problem with chmod() is that most of the servers will restrict PHP from using it.I don't know about Xisto though

snlildude87: the problem is not the max file size, it's the max execution time, which is usually set to 30.

renegade_division: you can, instead of doing this, increase the max_execution_time value (PHP_INI_ALL), using for example ini_set().

http://de1.php.net/ini_set
http://php.net/manual/en/ini.php

Sorry, but I am not understanding the purpose of this script.

 

I will point some cons:

 

- People will still be able to hotlink to it - also, this will make usual hotlinking protection useless.

 

- About the cache thing, no, the browser will not cache the images, thus increasing your

bandwidth use.

 

- The other point is that it will make creating pages harder (you will have to write a longer address for img src)

 

- Scripts that rely on user input are EXTREMELY dangerous. For example, due to a huge design flaw

(if you give some ext like 934910841 it won't be concatenated to the file name; allowing a potential

hacker to inject code or see your files).

 

Now, some coding tips:

 

- I noticed unexperienced coding standards, especially indentation for the PHP code.

 

- Usually instead of using several if and elseif you can use switch

 

- Use $_GET instead of $_REQUEST

 

- Be careful with your error checking routine; check if the given ext actually exists.

 

- Instead of naming an ext an using switch/if else, you can use an array; for example:

$exts = array ('jpg', 'gif', 'bmp', 'png', 'tiff')

$exts[0] is jpg, $exts[1] is gif and so on.

 

- Learn about INTERPOLATION.

Strings using double quotes (") don't need to be concatenated.

 

- And finally, the most important: NEVER TRUST USER INPUT!!

Always filter it properly

 

I hope you don't take this as offense, but as constructive criticism.

Well, I am using the site now, so no need to terminate it anymore.But how could I terminate my account (if I wanted to)? Let the credits go to -30 or asking an admin?

LOL! :huh:Very fun!Google's engineers and creators are really brilliant indeed,but such idea is very "Hollywoodian" (hey, this would make anice film - full of clich?s)What you want? Lead the "Operation Search Engine" and attackGoogle's "Headquarters"?

It happens with every computer you use? (I mean, did you try to do use Xisto's cpanel elsewhere?)It doesn't happens here oftenly, or maybe not at all. Clearing your cacheand refreshing the page is useful, but shouldn't be necessary. It may also be a problem related with the unusual port Xisto's cpanel uses (2083 instead of the usual 2082)

Thanks for the tips, I changed my config; I'll see what happens.

 

Firefox uses a lot of the memory here too (almost 50.000 K), what is more than

Internet Explorer; and a little slower too. But its security is slightly better than IE's,

and there are some useful plugins.

 

ciroxyz: Well, taking a screenshot of part of your proccess is not very useful.

Use HijackThis and create a log, then post it. Spybot is not very effective, I used

it and its not good. I wasn't able to remove 2 spywares that were infecting my computer

As posted here:
http://forums.xisto.com/topic/27984-suspend-hosting/

I asked someone to suspend my hosting, but nobody did it.
I let my hosting credits bleed, but they are negative now!

I think this shouldn't happen. After the credits reach zero; the
account should be suspend but credits stop bleeding because I am paying
for no service (no hosting)...

Thanks

well, I don't want to to stop posting and still have the site running, but suspend my site.I know it will be suspended when my hosting credits reach zero, but will the credits go negative ?

Hi admin... Due to miscalculations, my site is not ready yet... And more problems appeared, so I won't be able to post in more than a month. Since I don't have any content in the site, could you please suspend my account? thanks

Yes, its not hard to earn points here, although writing a longer text is not an easy task for foreign language speakers (like me).Even so I can post enough to keep my site running. PS: What do you think about my English level?

There is nothing better to explain than... the source:

<html> <head>  <title>Convert decimal days</title> </head> <body> <font face="arial" size="2"> <h3>Convert decimal days</h3> <p><?phpfunction convert_date($date) {   $return = floor($date) . ' days';   $hours = ($date - floor($date))*24;   if ($hours != 0) {      $return .= ', ' . floor($hours) . ' hours';      $minutes = round(($hours - floor($hours))*60);      if ($minutes != 0) {         $return .= ' and ' . $minutes . ' minutes';      }   }   return $return;}$input = $_GET['days'];if (!empty($input)) {   echo $input . ' days = ' . convert_date($input) . '<p>';   }?>  <form>   <input type="text" name="days">   <input type="submit" value="Convert">  </form>  </font> </body></html>

China has 20 nukes only? You are... brainless! China has more than 400 nukes. OK, the US have 10,000 nukes, but name400 cities worth nuking. And as you know, nuking a city will affect a big area near it; if China can successfully deploy the nukes and half of them hit the US, US will be destroyed and the air, soil and water become radioactive!For countries like US and China , nukes serve a single purpose: ensure mutual destruction. If China is losing a war against the US, I don't think they will hesitate to nuke the US.

ROMs are copies of games, "translated" from cartridges to the computer.You can find arcade ROMs, SNES ROMS, or from almost any console you can imagine.Usually copies of CD and DVD games are not called ROMs, but ISOsThis is a serious issue, keep them away from Xisto. You should not be allowed even to link to the roms. It's like creating a page with <img src="http://forums.xisto.com/no_longer_exists/;. You are not hosting the image on Xisto but simply linking to it is against the ToS. I am not admin here but this is my opinion.Although IPS patches are not copyrigthed stuff they are used to facilitate the use of copyrighted stuff, so people hosting IPS files may also be sued. Don't be selfish, remember that other users are also hosted here, so if Xisto is sued, all of us will lose our hosting.

You shouldn't copy and paste content copied from elsewhere. A Google Search

 

I know CS, it was fun before but it's not so popular now...

I wrote a little PHP script that converts decimal days to an easier format:

For instance, 9.13 days (coincidentally my remaining days ) = 9 days, 3 hours and 7 minutes

http://forums.xisto.com/no_longer_exists/

Have fun

USMLE is the United States Medical Licensing Examination.Por was supposed to be Portal but the max length was 8 characters

Suppose, You've your letter copied on clipboard and some evil site steals it.I think it is also possible that using JavaScript a webpage may transfer selected text to the clipboard. And then using other methods of clipboard object a site may capture some personal data.

The quoted text above was sent by Sunny using PM, but I thought it would be interesting to talk about it.
Well, yes it IS possible to "transfer" selected text to JS and then send it to an "evil site" or whatever. But this would be a little more complicated thing to do. I'll post a method; there may be others, but they would follow the same structure.

The "exploiter" would have to create a site and trick you to visit it. This site would have 2 frames or iframes; one of them showing the site he wants to "steal" and the other (invisible) actually logging, using setTimeout to regularly copy and send the content.

But I think most of you know about phishing sites (what could be used as well, and it's even simpler) and wouldn't do something like this. Would you?

About capturing personal data, I don't know what you consider "personal data", but Javascript can't touch any files in your computer , except the infamous cookies. But
usually the browsers are disallow JS to access cookies from other sites.

As for the Credits being reset, if you believe your posts are good and have confidence, then no one has stopped anyone from directly applying for package 2.

Well, I didn't know that my credits would be reset. Anyways, I am not sure if I am even going to need Package 2, maybe for some bandwidth... But as I asked before, will my credits "bleed" faster if I take Package 2?

Thanks

Please search the forums before you make or ask a question.

 

I am repeating again, your forum username is visible only to you and we are very well about the security issues :-)

 

Thanks.

185077[/snapback]

So this must be flawed because I can see other members usernames as well.

Can anyone confirm this? [Just access any profile]

Hello,I don't know if this has been suggested before or not, but I think that my Cpanel Username shouldn't be shown on my profile. This is potential problem; anyone that knows my site may visit this forum, access my profile and therefore get my cpanel username [duh]. I know, there is the password, but knowing the username a potential hacker would only need to find the pasword.Thanks