From erick at nixbrain.com Sun Nov 16 20:56:06 2003
From: erick at nixbrain.com (Erick Stohr)
Date: Mon Jan 17 14:29:07 2005
Subject: [TCLUG-DEVEL] form button $_REQUEST under IE w/ PHP
Message-ID: <3FB838C6.5080105@nixbrain.com>
Is there an issue with $_REQUEST 'ing a form button under IE that I am
not aware of?
i am doing:
if (isset($_REQUEST['submitText')) {
}
have tried $_POST too.
works fine under Mozilla, but I am testing under IE and can't seem to
get into my if statement. and if requesting a form button is bad style
let me know too, i am preferring it to a hidden.
thanks,
Erick
--
Erick Stohr
Burnsville, MN
erick@enrwebdev.com
erick@nixbrain.com
_______________________________________________
tclug-devel mailing list
tclug-devel@mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-devel
From david at acz.org Mon Nov 17 01:13:41 2003
From: david at acz.org (David Phillips)
Date: Mon Jan 17 14:29:07 2005
Subject: [TCLUG-DEVEL] form button $_REQUEST under IE w/ PHP
References: <3FB838C6.5080105@nixbrain.com>
Message-ID: <0e5901c3acda$54403d50$0201a8c0@brinstar>
Erick Stohr writes:
>
>
> i am doing:
>
> if (isset($_REQUEST['submitText')) {
You need to use submitText_x and submitText_y. This is documented in the
manual in the "IMAGE SUBMIT variable names" section:
http://www.php.net/manual/en/language.variables.external.php
--
David Phillips
http://david.acz.org/
_______________________________________________
tclug-devel mailing list
tclug-devel@mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-devel
From erick at nixbrain.com Sun Nov 23 17:50:39 2003
From: erick at nixbrain.com (Erick Stohr)
Date: Mon Jan 17 14:29:08 2005
Subject: [TCLUG-DEVEL] php security?
Message-ID: <3FC147CF.4020608@nixbrain.com>
Hello,
I am not sure what is going on , but every month or so one of my php
scripts on a site i am working on gets "cracked" or something, the one
page/script turns into all of my other php scripts on the site and a
bunch of jibberish between each page included.
I am not sure if it happens locally, or on the development server which
is the only thing on the net live, I am assuming locally becuase I never
download from the development server. I am running php-4.3.2 locally.
Also, a question that should probably be for the main list, I am behind
a Linksys wireless router and do not have a firewall up on my Linux
machine but recently recompiled the kernel for iptables, I should
probably put one up on my Linux box right? I used to use IPCHAINS and
have been lazy and not taken the time to learn iptables, I know where
the HOWTO is, but I guess my question is how easy is it to crack the
router and get into my internal? I have run chkrootkit and all seems
fine. Thanks.
Erick
--
Erick Stohr
Burnsville, MN
612-554-8287
erick@enrwebdev.com
erick@nixbrain.com
_______________________________________________
tclug-devel mailing list
tclug-devel@mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-devel
From josh at trutwins.homeip.net Sun Nov 23 18:34:07 2003
From: josh at trutwins.homeip.net (Josh Trutwin)
Date: Mon Jan 17 14:29:08 2005
Subject: [TCLUG-DEVEL] php security?
In-Reply-To: <3FC147CF.4020608@nixbrain.com>
References: <3FC147CF.4020608@nixbrain.com>
Message-ID: <20031123183407.00002804.josh@trutwins.homeip.net>
Without looking at your code it's hard to tell, couple things to worry about with PhP and security:
1.) Is register_globals on? If so, might be good to turn it off (though it'll probably break your scripts)
2.) Make sure you validate EVERYTHING that comes in from the web, even stuff from