Jump to content
xisto Community

vujsa

Members
  • Content Count

    1,008
  • Joined

  • Last visited

Everything posted by vujsa

  1. Well, if that is the opinion of all of the members, then I could see if we can have the prorating removed. Of course this means that you would earn credits at the normal (hardest) rate. The prorating was set up so that it would be easier for people to get a hosting account quickly. Like I said, it also makes it easier for people to keep their account active. You seem to be thinking about this the wrong way. The system DOES NOT get harder with the more credits you earn! The system DOES get easier with the fewer credits that you have. Well, this is just exactly the reason the system was implemented. If you can only seem to keep around 15 to 20 credits now, imagine how hard it would be for you at the normal rate. Keep in mind that we aren't talking about a major cahnge in the way you aern credits. This isn't 2 or 3 times easier under 10, it is more like 30% to 40% easier under 10 credits and maybe 10% to 20% easier between 11 and 30. So on an average post, you might get 3.5 credits instead of 3. For most of you, the real problem is the size of the posts you make. Everyone gets in such a hurry to finish typing their post that they miss the chance to really rack up some credits. We constantly get these questions from members that offer very little content. Take the two following questions: The answer is the same for both questions but is easier to answer for the second question: The second question also earned about 15 times as many credits since very very short posts earn hardly any credits. Well, the good news is that I earned about 3 credits for this post even at the normal (hard) rate. Need pointers from the best on how to optimize the number of credits you earn, just PM me anytime. Hope This Helps. vujsa
  2. You mean: Hey, are we allowed to redirect the website? If we are, please let me know. Redirect a website to or from Xisto? If you are looking to use a hosting account here for additional space on another website, then no that is not allowed. If you want to set up a page redirect on your old website to send people to your new website at Xisto, then yes. If neither of these is an answer to your question, then please feel free to form a couple of complete sentences that properly request the information that you seek. vujsa
  3. Well, dispite not having any idea of how the system works here, you managed to get hosting. :(Sorry for the delay in hosting approval. The owner of this site also has three other hosting sites to manage. He is constantly upgrading the services he offers on the various servers. The most recent upgrade of the firewall caused some difficulties for him. Basically, the new firewall is so much better that he had to modify the scripts that automate the hosting activation system as well as some of the other hosting account maintenance scripts.Not only was fixing the system time consuming but it is a good idea not to approve a bunch of hosting requests if there is a problem with the activation scripts.We seem to be plagued with old posts that provide inaccurate informtion about the hosting system here. If you could tell us where you read the 50 post article, it would be helpful.There was a time early in the website's life that the system was based on number of posts which was problematic to say the least. People would come and blast the site with one-liners and expect hosting. Nt only did we have very few approved hosting requests, we had a lot of junk posts to get rid of. A new script was written to calculate the size of each post and award credits based on that. Now the number of posts made makes absolutely no impact on the number of credits you have other than the fact that you can only gain a maximum of 10 credits per post. As for your hosting credits being reset to 3 when you activate your account, I don't really have an explaination for that. I think it is so that you will get in the habit of posting on a regular basis. If you continue to post large articles then you'll soon find yourself with a surplus of credits. I recently switched jobs and wasn't able to post much for about 4 months so I really took a hit in my credits. I was down to round 70 credits. Finally back to 100 after a couple of weeks of posting. There is an upside to the credit reset. The first 10 credits are easiest to earn. The system prorates the first 10 credits to make it easier to earn credit 1 through 10 than it is from 11 through 30. After 30, you no longer get help in earning credits. 31 credits and up are earned at the normal difficulty level. This is done so that you will be able to maintain enough credits to keep your hosting. We don't want to suspend or delete hosting accounts here. So if you get in a pinch and only have one credit left, you can get back to 10 very very easily.Finally, don't forget that this is an absolutely free web hosting service. An the hosting service is as good as many very expensive paid hosting services. I have found that the posting for hosting works well because I find new ways to improve my website in the forum and many users get a lot of support for their websites in the forums. I would say that the forum acts like the perfect support tool for your website. There is enogh talent here that nearly all questions can be answered in a week if you ask the right question in the right forum.Well congratulations on your new hosting account.vujsa
  4. Well, I've read this article twice now and the concept no longer eludes me but I still can't seem to work out how to implement this in code and exactly how it would benefit me in the end.Having said that, very nice article MC. I'm glad to see a nice easy to read explaination of what objects are. This has definitely made the concept much easier for me to consider. Right after I read this the first time I went and read several tutorials on the subject as it relates to PHP. I now understand for the most part the basic logic involved in writting and using PHP classes but still having trouble putting such code to use. I think my problem is that the simple examples are too basic to really show how this would work in a practical application. On the otherhand, I have trouble following the more complex examples that I have found. I recently flipped through a few PHP books that had OOP sections in them and found that PHP 5 has a much greater OOP potential than PHP 4. Anyhow, I've decided to buy a book to read up on the subject. I may even take a PHP class at one of the local universities. Thanks for motivating me to further research this subject mastercomputers. :(vujsa
  5. Now, I don't use this lirary and am not entirely sure if the staement above will actaully help but I came across this and thought it couldn't hurt to post the information. Good luck to you and I hope you'll post your method of installation once you get this working. I'm interested in learning how to use CURL. Hope this helps, vujsa
  6. Assuming that you are trying to debug a piece of code that is giving errors here is what I do. When I lose a parenthesis or bracket, I usually end up printing out the code to paper and number each set. Starting with the code (example only): ((()()((()))()()(()()(()())()()(())))()() I write a number next to each opening parenthesis and the same number next to th corresponding closing parenthesis like so: (1 (2 (3 )3 (4 )4 (5 (6 (7 )7 )6 )5 (8 )8 (9 )9 (10 (11 )11 (12 )12 (13 (14 )14 (15 )15 )13 (16 )16 (17 )17 (18 (19 )18 )17 )16 (20 )20 (21 )21 I think that leaves me with the following unclosed parenthesis: 1, 2, 10, 19 Now that usually gives me enough information to find the problem. If that doesn't do the trick, I have to break the string up into it's individual parts. Imagine I have the following nested functions: function_1(function_2(function_3(function_4() . function_5(function_6()) . function_7(function_8(function_9()))) . function_10(function_11())) . function_12(function_13(function_14(function_15())) . function_16())); You'd have to assign variables to each function and rewrite the code like so: $f6 = function_6();$f9 = function_9();$f8 = function_8($f9);$f7 = function_7($f8);$f5 = function_5($f6);$f4 = function_4();$f3 = function_3($f4 . $f5 . $f7);$f11 = function_11();$f10 = function_10($f11);$f2 = function_2($f3 . $f10);$f15 = function_15();$f14 = function_14($f15);$f13 = function_13($f14);$f16 = function_16();$f12 = function_12($f13 . $f16);function_1($f2 . $f12) Of course, here all of the parenthesis were paired correctly. Assigning each function it's own variable and writing the same code vertically instead of horizontally won't show which parenthesis is missing/extra but by evaluating each variable, you should be able to locate any errors. I suppose that you could write a script that would convert your nested functions into a multi-line code. If you are trying to add code to your parser (mini-compiler) to identify when there is a missing/extra parenthesis, I'd read the code line by line and and increment a counter every time an opening parenthesis is found and do the same for each closing parenthesis that is found. The compare $open to $close. If not the same generate an error message. This will only give you the line number of the error which is about as much as most parser will do for you. The error message could tell you if there are more opening or closing parenthesis. Since most code is written with parenthesis opening and closing on the same line, this would work. If you expect the code to wrap several lines without closing, then you'll need to break the code down to statements instead of lines. Instead of using the new line as the limit at which a parenthesis is terminated, you should use the semi-colon. You should still note the line number that the statement started on. If you read your code as a file and broke it down into an array with explode(";", $file_contents), then you can more easily keep track of each statement. I guess a lot of this kind of depends on the code that is being parsed. Well, hope this helps a little. vujsa
  7. To begin with, those people that are just biginning to learn PHP and/or are having a difficult time finding the correct function to do what they need will find very little help from the PHP manual. PHP.net is not very user friendly especially for new programmers. Searching the website usually gives you a large number of results that are unrelated to your needs. Basically, you need an experiences PHP programmer to point you to the correct function so that you can do some research. Additionally, even if the user has a little knowledge of how the PHP manual works, they may still have trouble with something like number_format(). Is it a math function or a string function. It turns out that it is a math function but could easily be categorized as a string function. For the most part, it is a string functioon. It takes the string and inserts a comma and decimal or other characters based on the user supplied arguments. It adjusts the length of the string. In fact the only tru math calculation number_format() performs is a basic round to the correct length. I never send someone to PHP.net to find answers. The second thing I have to say is simply this. Never ever set limits on the questions that are asked here. Never suggest that a persons question is too basic to post or that the person should have found the answer by his or herself. Finally, everyone here has come to participate in the forum. Many of us are participating not only bcause we enjoy the forum but also to accrue hosting credits. One of the easiest ways to stay active in to forum is to answer other member's questions. I spend quite a bit of time monitoring the programming forums hoping to assist another member with a problem. Not only do I gain a credit or two, I get a chance to help someone out. The life of the forum relies on members starting new topics which may spawn more new topics. Perhapes now I should go and write a tutorial on the vast uses of the number_format() function in PHP. XIII, the answer seec77 gave you should do the trick. I'd place it in your script just before you output the number to the user to reduce the number calculation errors caused be rounding. You may also want to keep your original 11 digit value to use for additional calculations and only display the formated number to the user. Hope this helps. vujsa
  8. Keep in mind that if you use an image in the background, then there has to be something in the foreground to hold the place usually. Try placing a space " " inside of the <div> tags to hold it open so to speak. That may be all you need. Another topic you might be interested in if you don't like having to edit every page you own all of the time just for one or two changes is the CMS101 - Content Management System topic. It's a basic tutorial to using a simple template driven system to maintain your website that most people can easily do. Then when update or additions come to your site maybe only one or two files need to be changed. Hope This Helps. vujsa
  9. Since you r request was for using CSS to display the image, I only gave that way. You can not use CSS to directly display and image. CSS adds styling to HTML like background information. SO you can show an image as a background only using the CSS. You can always display an image in HTML using the <IMG> tag. You can even modify the appearence of the image with CSS. <img src="http://www.somedomain.com/images/banner_y.jpg&%2362; That's all of the required information needed. If you add an ID or class to the tag, you can control border, size, position, background and other information for the image. You can also you the default HTML commands to do many of the same functions. <img src="http://www.somedomain.com/images/banner_y.jpg&%2334; width="100" height="20"> Since this is very basic HTML, I didn't think to include it in my answer. There was a time before we had CSS that everything was done only using HTML and HTML is still capible of doing these functions but it makes it much easier to edit and customize the esign of your website using CSS. There are many webmasters still only using basic HTML to build their websites. Let me know if you need more assistance. In the meantime, maybe you should take a look at these: - http://forums.xisto.com/topic/82089-topic/?findpost=1064290424 - http://forums.xisto.com/topic/82170-topic/?findpost=1064291049 Hope this helps. vujsa
  10. To the best of my knowledge, defining a style based on either class or id will work the same. I have never had any problems in that respect.For the sake of good and standardized coding, a class is a general style rule whereas id is a specific style rule.No 2 items in your HTML should have the same ID. One ID per item only. If you want to use <div id="banner"> then you should not use the "banner" id for any other tags, items, atrributes, etc... It is THAT items id only.A class is a group of items which should be treated the same or similarly. This is where you should define your styles for a group of items like similar table cells: <td class="header"> where this would denote a table cell at the top of the table used as a header. Maybe the font and color are different than the other cells on the same table.Think of it like this:A class is like a group of students in school. CSS is the teacher and it teaches its class which is made up of several students each with their own id. The teacher may have a few classes to teach but has many students to teach. Some students need extra instruction that are different from the rest of the class.You should do a search on the internet for CSS ID and CSS class which should point you to a few websites that are dedicated to explaining CSS.Hope this helps. :(vujsa
  11. .banner{ background-image: url(banner_y.jpg); background-repeat: no-repeat;} Okay, last things first and first things last. I used the .banner class deffinition without the tag information so that you could actually use the banner information in any HTML element that has a class named "banner". You can if you want change .banner to div.banner. For the url of the background-image you place the address of theimage inside of the parenthesis like this: background-image: url(http://www.somedomain.com/images/banner_y.jpg); or the short (relative) form: background-image: url(/images/banner_y.jpg); So the new and improved .banner entry in you CSS would look like this: div.banner{ background-image: url(http://http://www.somedomain.com/images/banner_y.jpg&%2341;; background-repeat: no-repeat;} Where banner_y.jpg will be replace with the actual image filename. Hope this helps. vujsa
  12. Well, the forum Admins do not have server root access. You'll need to ask for assistance directly from the sourse. Sorry that my explaination didn't help. I overlooked that one bit of important information that you posted. I just tried SquirrelMail on my account and it worked fine so this must be an issue only you or maybe just a few people are experiencing. Anyway, most issues are resolved with little difficulty here so the hosting Admin doesn't get too involved in the posts for help. Since we all use the same hosting system, we usually can answer most questions without the need to involve the hosting admin. I'll PM you with the detail for support. vujsa
  13. Not entirely sure what you are asking here but I think this is it. You have background_x.jpg that you have tiled or repeated on your website as the MAIN background. You also have a site banner (banner_y.jpg) that you want to have displayed say in the top left corner of your website. Now for some reason, you don't want to simply use an <IMG> tag in the correct spot for banner_y.jpg. Am I following you so far? If so, then you need only use a <DIV> tag where ever you want banner_y.jpg and set the background-image as banner_y.jpg. So for <BODY>, background-image is background_x.jpg and <DIV>, the background-image is banner_y.jpg. If your HTML is as follows: <html> ... <body> <div class="banner"><!-- Banner Area --></div> ... </body></html> Then your CSS should be like so: body{ background-image: url(background_x.jpg); background-repeat: repeat;}.banner{ background-image: url(banner_y.jpg); background-repeat: no-repeat;}Now of course you'll need to fill in the rest of your CSS and HTML data. For .banner, you'll need to add size and position information as well. I hope this answers your question. vujsa
  14. The Importance Of Using Leading Zeros Leading zeros are a very important tool for sorting and comparing data on computers. What is a leading zero? A leading zero does just what it sounds like, it leads the value. For example, lets convert a few numbers to leading zero numbers to make the new number 5 digits long. 234 => 00234 456 => 00456 6456 => 06456 12 => 00012 4 => 00004 677 => 00677 That's great right but why would you do that? This is done for 2 reasons actually. The first is to display numbers in a more uniform and easier to read format. Using the numbers from above, lets compare the format. Unformated: 234 456 6456 12 4 677 Formated: 00234 00456 06456 00012 00004 00677 The second and probably the most important reason we use leading zeros is to format our file names and other data which we want to have properly sorted. On some systems and some software, sorting filenames that contain numbers can cause undesired results. When we sort filenames alphabetically, we start on the left side and work our way to the right. This works fine and well but we sort numbers the opposite way. And when we sort an alphanumeric filename, we sort both ways, numbers sorted numerically and letters alphbetically. So using the numbers from above let's create a few filenames and sort them out the computer way and the correct way. System Sorting Method: filename12.txt filename234.txt filename4.txt filename456.txt filename6456.txt filename677.txt Correct Sorting Method: filename4.txt filename12.txt filename234.txt filename456.txt filename677.txt filename6456.txt This minor flaw in the default way that computers sort alphnumeric values can cause errors down the road when you try to sort data based on a flawed system. So either you can write a script to always sort your values using a better system which you'll have to define or you can simply format your values so that the system can sort them correctly by itself. This is where those leading zeros come in. The system wants to put "4" and "456" together because they both start with "4" kind of like putting "apple" and "album" together because they both start with "a". If we change "4" to "004", it still has the same numeric value but now the first character is zero and zero comes before the "1" in "12". So "004" comes before "12" or better yet, "012". So to sort our values correctly all of the time no mater haw the system wants to sorrt is, here is how we should format our values: filename0004.txt filename0012.txt filename0234.txt filename0456.txt filename0677.txt filename6456.txt Auto Generating Leading Zeros If you are using values that are generated by a script to make filenames with and you want to be sure that the filenames are sorted properly then you'll need a way of adding the leading zeros to your values. There are a few ways to attack the issue of adding leading zeros to your values when generating filenames in PHP. The first method is very straight forward and very limited in features. Here are a few lines of code that will work for values up to 999. $value = 37; // This can be any number between 0 and 999if ($value < 10){ // If the value is under 10 then 2 zeros are needed to make a 3 digit value. $new_value = "00" . $value;}else if ($value < 100){ // If the value is under 100 then 1 zero is needed to make a 3 digit value. $new_value = "0" . $value;}else{ // If the value is not less the 10 or 100 then is is already a 3 digit value. $new_value = $value;}echo $new_value;This would output "037" You can then add that to a filename prefix like "image" and a file extention like ".jpg"in this way: $filename = "image" . $new_value . "jpg";echo $filename;This would output "image037.jpg" Congratulations, you just generated your first leading zero alphanumeric filename. What if we knew that we were going to create a lot of filenames. Maybe we planned on creating 15,000 filenames or more. In that case we need to adjust our script to add more zeros but every time we add zeros, we have to check the next power of 10. $value = 937; // This can be any number between 0 and 999if ($value < 10){ // If the value is under 10 then 4 zeros are needed to make a 5 digit value. $new_value = "0000" . $value;}else if ($value < 100){ // If the value is under 100 then 3 zero is needed to make a 5 digit value. $new_value = "000" . $value;}else if ($value < 1000){ // If the value is under 1000 then 2 zero is needed to make a 5 digit value. $new_value = "00" . $value;}else if ($value < 10000){ // If the value is under 10000 then 1 zero is needed to make a 5 digit value. $new_value = "0" . $value;}else{ // If the value is 10000 or over then is is already a 5 digit value. $new_value = $value;}echo $new_value;This would output "00937" Ideally, we would create a function that would do this same thing and can be easily reused over and over like this: function leading_zeros($value){ if ($value < 10){ // If the value is under 10 then 4 zeros are needed to make a 5 digit value. $new_value = "0000" . $value; } else if ($value < 100){ // If the value is under 100 then 3 zero is needed to make a 5 digit value. $new_value = "000" . $value; } else if ($value < 1000){ // If the value is under 1000 then 2 zero is needed to make a 5 digit value. $new_value = "00" . $value; } else if ($value < 10000){ // If the value is under 10000 then 1 zero is needed to make a 5 digit value. $new_value = "0" . $value; } else{ // If the value is 10000 or over then is is already a 5 digit value. $new_value = $value; } return $new_value;} Then we call the function like this: echo leading_zeros(3157);This would output "03157" Now you can either place that function at the top of your scripts that you want to use it in or place the function in a file full of functions to include in your script. There is one problem with our new function. It only works for 5 digit values. We may not always want a 5 digit value. Maybe we plan to have 100 icon images and 100,000 background images. We need a better function. In order to get the required number of zeros we need to use powers of 10: 10^1 = 10 10^2 = 100 10^3 = 1,000 10^4 = 10,000 10^5 = 100,000 10^6 = 1,000,000 etc... So to generate a 6 digit value with leading zeros, would express it like so: function leading_zeros($value){ if ($value < pow(10, 1)){ $new_value = "00000" . $value; } else if ($value < pow(10, 2)){ $new_value = "0000" . $value; } else if ($value < pow(10, 3)){ $new_value = "000" . $value; } else if ($value < pow(10, 4)){ $new_value = "00" . $value; } else if ($value < pow(10, 5)){ $new_value = "0" . $value; } else{ $new_value = $value; } return $new_value;}Now we can see the following pattern for a 6 digit value: 10 to the power of 1 needs 5 zeros 10 to the power of 2 needs 4 zeros 10 to the power of 3 needs 3 zeros 10 to the power of 4 needs 2 zeros 10 to the power of 5 needs 1 zeros From that pattern we can see another patern: 1 + 5 = 6 2 + 4 = 6 3 + 3 = 6 4 + 2 = 6 5 + 1 = 6 So the number of zeros equals the desired number of digits minus the current power of 10. $zeros = $digits - $x; Now with a couple of loops and a bunch of variables, we can write a new function which allows us to generate values with leading zeros no matter how many digits we desire. function leading_zeros($value, $digits){ for($x = 1; $x <= $digits; $x++){ $ceiling = pow(10, $x); if($value < $ceiling){ $zeros = $digits- $x; for($y = 1; $y <= $zeros; $y++){ $leading .= "0"; } $x = $digits+ 1; } } $output = $leading . $value; return $output;} To call this function now, we use a 2 argument call like this: echo leading_zeros(5195, 7);This would output "0005195" echo leading_zeros(537, 5);This would output "00537" echo leading_zeros(12, 3);This would output "012" The arguments for the function are the value that you want to convert to leading zeros and then the number of total digits use for the new value. So leading_zeros(12, 3) means create a 3 digit leading zero number out of the number 12. Now lets try to walk through the function and explain it. function leading_zeros($value, $digits){ for($x = 1; $x <= $digits; $x++){ $ceiling = pow(10, $x); if($value < $ceiling){ $zeros = $digits- $x; for($y = 1; $y <= $zeros; $y++){ $leading .= "0"; } $x = $digits+ 1; } } $output = $leading . $value; return $output;} $ceiling is a power of 10 (10, 100, 1,000, 10,000, 100,000, etc...) $x is a variable used for counting and incrementing the power of 10 used. We then check to see if $value is less than the current value of $ceiling If it is then determine the number of $zeros needed. This is $zeros = $digits - $x as explained above. We then concatenate zeros to each other in a loop that runs as many times as $zeros and is counted by $y. At one zero per loop, the number of zeros will be the same as the value of $zeros! We then set our counter $x to a number higher than $digits to end the loop. If $value is not less than $ceiling, we increment $x and start the loop over. We than set the value of $output to be a combination of $leading and $value. Finally, we return $output I hope everyone find this helpful. vujsa
  15. Hey thanks for the reply MC. I completely agree with you this time. It absolutely drives me nuts to see people use the .inc extention for PHP includes. I don't mind it so much for a sub_extention but PHP should be PHP. I remember from PERL all of the different extentions used on a regular basis and it got had to keep track of everything. The only reason I wrote the article was because I knew so many people use the .inc extention. I figured if they were going to use this method of naming files, they should at least try to add some security. I guess I forgot to add my disclaimer to the tutorial. Disclaimer: PHP files should use a .php file extention. If you choose not to follow this very simple rule, then at least add a few security measures to try and protect yourself. I tend to not go into error handling in my tutorials. I usually add those functions after I nearly complete my scripts. I guess that I would have an easier time debugging scripts if I'd add the error handlers during the coding proccess. I might look into doing a really detailed error handling tutorial sometime. Actually, I decided not to go into that option because I was afraid it could get confussing for some people. It is easy to forget about a file that is off the grid so to speak. But placing your sensitive files in non-web access directories is a great security measure. Most of use have been doing this exact thing with our .htpasswds files. I guess it is a rather simple concept but I consider it a more advanced security measure. One additional note which MC touched on. Setting your server to send HTML files through the PHP engine WILL have an effect on your website proformance. Even though the HTML files may not contain any PHP, the engine still has to read the entire file before it will release it to the browser. If your file doesn't have any PHP in it, it should be a HTML file. If your file has PHP in it, then it should be a PHP file. vujsa
  16. I imagine that you didn't set your username correctly.Your username for your email account should be something like:khayman+lestan.astahost.com - - - - - OR - - - - - -khayman@lestan.astahost.comAnd your server should be something like this:mail.lestan.astahost.comI don't use the Xisto subforum system because I have my own domain name so I don't know for sure what your settings say in cPanel.To get your correct email login username, go to your cPanel > Add / Remove E-mail account(s)The first column is your email address.The second column is the username used to log in to your email.Clicking on the "Outlook" icon all the way to the right will again give you your: email address - At the the top of the page email login username - Just below where it says Manual Settings incoming email server - Just below your email log in username outgoing email server - Just below your incoming email serverI'm sure that once you get these settings worked out that everything will work fine.Hope This Helps! :(vujsa
  17. I decided to write this article in respose to a possible security hole that was discussed here: http://forums.xisto.com/topic/90154-topic/?findpost=1064347572 See Also: - http://forums.xisto.com/topic/86340-topic/?findpost=1064320566 - http://forums.xisto.com/topic/89461-topic/?findpost=1064342915 In the previous 2 articles describing how to create a simple CMS using the PHP include() function, I've discussed how using included files can save a webmaster a lot of time. The downside to using included files is that it is possible for sensitive data to be public accessable. For example, if a hacker was to access and read one of your included files, he may be able to find a security hole in your script. The best way to prevent these kinds of security leaks is to ensure that the contents of any included file can not be viewed direclty. Generally speaking, if your included files have a file extention of .php, then they should be treated like a normal PHP file and plain text will not be displayed if the file is access directly. This is only true if you make sure that you use opening (<?php) and closing (?>) PHP tags in your included files. Otherwise, everything will be treated like plain text when accessed directly. This is how we can have PHP in one part of our file and HTML in another part of the same file. The real issue comes up when a file extention other than .php is used like the .inc or include file extention. Usually, most servers don't automatically parse .inc files as PHP. This can be remedied using your .htaccess file. Editing or creating the .htaccess file in the directory where you have saved all of your included files can tell the server to parse .inc files as PHP. In .htaccess add: AddType application/x-httpd-php .incAddType application/x-httpd-php .include Basically, this tells the server to send all files with the extention .inc or .include to the PHP engine. Now that the server thinks these are PHP files, anything inside of the PHP tags will not be sent to the browser without being parsed. Already, we have made a great improvement in the security of our included files but more can and should be done. ALWAYS BE SURE TO LEAVE A BLANK LINE AT THE END OF YOUR .htaccess FILE SO cPanel CAN ACCESS IT IF NEEDED! ======================================================== Checking to be sure that an included file is being accessed by it's parent script before sending it's contents will make it very difficult to be viewed directly and/or in raw form. In order to do this quickly and easily, we'll used 2 related PHP functions, define() and defined(). The define() function should be used in the parent script, usually index.php. The defined() function should be used in each of the included files. Assuming that you understood the code in the first 2 articles listed above, here is how the code looks. Modified code from http://forums.xisto.com/topic/86340-topic/?findpost=1064320566 index.php <?php define( "MY_ACCESS_CODE", true );?><html><head><title>My CMS</title></head><body bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" style="font-family: verdana;"><table width="100%"><tr><td colspan="2" bgcolor=silver><?php include("header.php"); ?> <!-- Used for Banner Advertising etc... --></td></tr><tr><td width="150" bgcolor=red valign="top"><?php include("menu.php"); ?> <!-- Used for The Main Menu... --></td><td bgcolor=navy><?php include("main.php"); ?> <!-- Could be left out and actual content inserted instead. --></td></tr><tr><td colspan="2" bgcolor=purple><?php include("footer.php"); ?> <!-- Banner Ads, Copyright Info., etc... --></td></tr></table></body></html> header.php <?php defined( 'MY_ACCESS_CODE' ) or die( 'Direct Access to this location is not allowed.' );?><center> <a href="http://AstaHost.com; style="border-width: 2px; border-color: teal; font-size: 18pt; font-color: #FF0000;">Advertise Here!</a></center> menu.php - Here is the real time saver! <?php defined( 'MY_ACCESS_CODE' ) or die( 'Direct Access to this location is not allowed.' );?><span style="font-color: lime;">Search Engines</span><br><a href="http://altavista.com; style="font-size: 8pt;"> ♦ Alta Vista</a><br><a href="http://excite.com; style="font-size: 8pt;"> ♦ Excite</a><br><a href="http://google.com; style="font-size: 8pt;"> ♦ Google</a><br><a href="http://lycos.com; style="font-size: 8pt;"> ♦ Lycos</a><br><a href="http://yahoo.com; style="font-size: 8pt;"> ♦ Yahoo</a><br> main.php <?php defined( 'MY_ACCESS_CODE' ) or die( 'Direct Access to this location is not allowed.' );?><p> Enter your main content here. You can simple leave the include statement out of the template and enter the content for the page directly into the index.php.Hope this proves usefull to everyone. footer.php <?php defined( 'MY_ACCESS_CODE' ) or die( 'Direct Access to this location is not allowed.' );?><center> Š 2005 Acme Web Design Inc. - All Right Reserved.<br></center> Now here is how it works:define() defines a constant in PHP. This is like a variable in PHP but it will never vary. define("HAPPINESS", "Hot apple pie.");echo HAPPINESS;Prints: Hot apple pie. In our case, we only need to define that the constant named 'MY_ACCESS_CODE' is defined so we put true in the definition field of the function like so. define( "MY_ACCESS_CODE", true );We don't care if the constant has a value or not just that is has been defined. We define the constant in the file that calls all of the included files. This is the parent script. It is usually the one that is presented to the public like index.php. Next we check to see if the constant named 'MY_ACCESS_CODE' is defined. We do this in our included files. Since the constant is only defined in the file that is supposed to request it, the requesting file is the only one that has direct access to the included file. When we use the defined() function, we are not actually doing anything as a result of a true answer to the question. The question is of course is "Is 'MY_ACCESS_CODE' defined as a constant?". What we are actually doing is performing an action if the answer to the question is false. If the answer is false, then we kill the script with the die() function. This acts as the custom error message handle for all PHP functions. So we check to see if the constant is defined. If it is then there is no error in the code and the code continues to the next line. If the constant is NOT defined then there is an error and the die() function takes over. The script will do whatever the die() function says and will then terminate. Nothing past the die() function will be used. This includes any HTML that resides below the die() function! So only the defined( 'MY_ACCESS_CODE' ) or die( 'Direct Access to this location is not allowed.' ); need to be inside of the PHP tags (<?php and ?>). I usually place the defined() function at the very begining of the file since it is the first thing I want to check but theoretically, it can be placed anywhere inside of the file and still work as long as it is not inside of a conditional statement which could cause it to be bypassed. ===================================================== So by ensuring that all of your included files are parsable by the PHP engine and only allowing direct access to included files by parent scripts, you will greatly reduce the risk of security holes in your website. These methods as well as ensuring that your file permissions are set properly will make for a more secure site. Additional security can be added to your website that range outside of this topic but include .htaccess settings which controls how the server will handle any file or file type you define. I hope this information proves to be useful to everyone. vujsa
  18. I use a LinkSys network at home. I rarely have problems with it. It is true that there have been some buggy firmware releases for my router but either upgrading again or restoring the previous version usually solved the problem. The real problem with LinkSys is the absolute lack of documentation. I mean if you aren't a network professional, setting up your router for anything other than a basic home network is a real nightmare.My biggest problem on the wireless side of the network is that the windows wireless network configuration options don't really match what the server wants. So I had a lot of trouble securing the wireless network since all of the security settings in windows had to match settings on the router but the options frequently didn't match. Everytime Id set up the password on the router, even though the same password was entered in the computer, the connection was refused. I finally got eeverything figured out but I don't remember how. I just make sure I don't bother thoses settings now. :(Other than litle things like that, everything works well. All of my server requests are routed to the correct machine and I haven't had any security problems. Most of my ports are strictly closed and the ones that are open are pretty harmless as long as the handling program is running and working correctly. There is one note about the firewall. For some of the online games, the computer I play the game on has to be set as the DMZ while I'm playing. This causes a couple of problems. The first problem is that my server requests are routed to whatever machine is designated the DMZ. The second is that all ports are open to the machine designated as the DMZ. Basically, all requests made to the router are forwarded to the DMZ machine. If your firewall on your DMZ computer is not properly configured, your system can be left open to the internet without protection. I always turn the DMZ settings off after I finish playing.This isn't really the router's fault, the server interface software for the games I ply use several ports to send and receive data during the game. Inn my opinion, the software uses too many ports but I didn't design the software. The documentation for the software either leaves out some of the required ports or doesn't provide you with the correct information to properly set your router to work with their software.vujsa
  19. This is true if the desired effect is to use identical blocks for each progress level. The method I described was if you were revealing a full image the further you progressed. Like taking a photo and laying a sheet of paper over it. Then sliding the paper away slowly as you progress until the entire image is revealed. Come to think of it, you wouldn't even need to nest the div tags and you could use a single image the same width as the ful (100%) progress bar. If you set the background to no repeat and by default the image is displayed starting a x=0 and y=0 then by simply varying the width of the div tag would reveal a larger or smaller section of the image. I had never been too interested in this type of display but the more I think about it the more ways I can think of doing it. I guess the biggest problem in doing something like this is determining how you want to reveal the image or images and which image or images to use. Well, hope this helps vujsa
  20. In reality, you don't ned to use the GD Library for this. Even if you want to use an image instead of a solid color. I think that coding this with an on the fly image using GD would only complicate the process and add more work to the server's load.Everytime an image is rendered in GD, the server has to allocate memory and CPU to the effort. Imagine that this image was requested 100 time a minute. What wiould your computer do if you asked photoshop to render that many images at once. The GD Library should really be used as little as possible especially if there is a better way.The first option is to stack images using very simple PHP and HTML.Say that you FULL progress bar is 100px wide. Create an image that is 100px wide and break it into smaller parts (10 or 20 should do). Save each micro-image as a numbered name (5.jpg) which corresponds to the amount of progress it represents.If your progress is 20%, then load images 5.jpg, 10.jpg, 15.jpg, and 20.jpg in the correct order.If your progress is 85%, then load images 5.jpg, 10.jpg, ........., 80.jpg, and 85.jpg in the correct order.This will give you the same results with much less work for you and the server.The second option is to use CSS to display portions of a single image.Using the background-position option, you can control which parts of an image will show.background-position: x y; is the usage and refers to the point at which the image will start to display.For a 100px wide image:background-position: 95px 0px; would show the the right most 5px of the image starting at the top.background-position: 15px 0px; would show the the right most 855px of the image starting at the top.So for you calculations, 100 - prograss = # pixels for XThere are a lot of options when using CSS. Best if used insde of a <div> tag. This option also allows for text to be written accross the top of the image.If you are still dead set on using GD for the creation of your status / progress bar, I'll attempt to walk you through the steps involved to create an image on the fly.Hope this helps :(vujsa
  21. Well, maybe a CMS isn't what is really needed here. It is true that most CMS scripts offer a lot of useful tools but some of the extras can get in the way. This could make it hard to add a component to the CMS or use the CMS code as an example to write your own code. Have you been to a PHP scripts download site? You should be able to find an authorization script ready made there. Even if you don't like the script, you can modify it or use it as a roadmap to your own script. http://php.resourceindex.com/ http://www.hotscripts.com/ These are the two most common places to find PHP scripts. I use them to find scripts to either use as is or for learning purposes. I think that you can find a small enough script there to learn from. If that doesn't work out, they may have some authorization classes or code bits that you can use like a module. If you use a class or code bit, there may or not be instructions on how to use it. Hope this helps vujsa
  22. Glad we could help. I was a little surprised that you got the same answer three times in a row. Might be nice for people to read the entire topic before replying. Anyway, we all leave a semicolon out here and there everyonce in a while. At least PHP will tell you where the problem is generally. In CSS, the browser just does it's best to parse the data giving an undisirable result and no indication where the problem is. Just remember, the error is alway before the line that was given in the error message. The line number usually refers to the right after the line with the error but occasionally the error will be several lines above depending on your code. Hope this helps vujsa
  23. Well, I'm not sure if you wanted actual code or just an overview so I'll give an overview for now. For each user file, you'll need to specify the user type: Admin, Employer, User You will need to save their password information here as well along with any other data you wish to collect like an email address. The password data saved should really be a hash of the actual password so that if someone manages to gain access to your database, they can't read the actual passwords. To create a hash of the password, you simply modify the password with a hashing function or functions like MD5. Then when a user logs in, you run the same hash on the submitted password prior to comparing it to the stored password data. Once the user logs in, your session data should be modified as such. It would be helpful to save the user type in the session data but not required. For any page that is displayed, there are 4 diferent user types that might be able to view it or not. guest, user, Employer, and Admin. All pages should be viewable by the Admin. You will need to check the users group type prior to displaying any page and prior to displaying any internal links on a page. You don't want to show the link to the admin control panel to guests do you? So at the beginning of your page generation script, you should check the status of the users session and then their user type. You'll assign their user type to a variable: $usertype then you'll check to see if that usertype is allow to view the information requested to be displayed. For user only content: if ($usertype == 'Admin' || $usertype == 'user') { // Show content or link} For fully public content: if ($usertype == 'Admin' || $usertype == 'user' || $usertype == 'Employer' || $usertype == 'guest') { // Show content or link}Of course, you could skip the check altogether on this one! or just check to see if $usertype is assigned before displaying like this: if ($usertype) { // Show content or link} For logged in only content: if ($usertype != 'guest') { // Show content or link}This would be good for a log out link. For guest only content: if ($usertype == 'guest') { // Show content or link}This would be good for a log in link. If you use a database to store all of the information about what to display in which situation, then you can have each content item have it's own allowed user settings. But for the most part, you simply need to check for the usertype then determine if the content will be displayed or not as a result. Since there are so many ways that this could be written, I don't want to get into much more detail without direct questions since my technic may differ from yours and my confuse you as a result. Hope this helps. vujsa
  24. Looks pretty simple to fix. After EVERY statement in php, you MUST end the statement with a semi-colon! Replace the section of code above with this: $server = 'localhost'; //This is usually "localhost". If you're not sure, leave it as is.$user = 'startech_summer'; //This is the USER who has access to the database$sqlpass = 'REMOVED'; //This is the PASSWORD for the MySQL user above$db = 'startech_sb1'; //This is the DATABASE to store data This should solve your problems. If you continue to have difficulties, let me know. Most error code provide a line number. The error is usually in the line just before that. in this case, you didn't use a semi-colon in line 22 to end your statement. Hope this helps. vujsa
  25. For really sensitive files, there are many options for keeping them secure.Placing such included files in non-public directories is always a good idea but adding a few simple security measures to that will really save you a lot of headaches if someone decides to hack your website.The first thing you should always do is set your file permissions to the fewest access privledges that will still allow the script to work. Most scripts should never allow writing privledges.Using a few .htaccess tricks, you can prevent the viewing of file contents based on the directory it is located in or by filename or extention. You can also limit access to any file based on who is requesting it. Just set your .htaccess file to only allow certain files to be read only by the localhost or server IP address. You can also use the rewrite engine to "HIDE" your files. You can set your rules to allow you to request one filename and have a file with a completely different name be served.A certain degree of encryption can be encoded into included files that will make them more difficult to read when viewed in the raw form. The requesting script would need to have code that would allow it to read the encrypted information.For more information, I suggest researching the following topics: - File access restriction with .htaccess - File rewrite with .htaccess - Setting file permissions for security - Script security using encryptionSome .htaccess file restricion options can be set using cPanelThis tutorial is another fine example of how php includes can be a real time saving tool for script developers and webmasters.vujsa
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.