SarahBear

This issue has been solved. Thank you for the help you two

I'm not sure I know what you mean. I think you mean to omit the subqueries and just count the types that get returned by unique browsers? i.e.: counting how many start with Firefox, Safari, IE, etc. I did not think of that, and I will do that from now on. But still there is some issue where the data is being duplicated. I have removed the subqueries. Is there a way for it to return the unique_browsers as an array? The issue appears to be caused by the GROUP BY clause. Also, it appears that with the GROUP BY clause, it is excluding 2 results in the `total_count` due to 3 arrays being returned. I did not notice it before, but there are actually 8 entries in the database, and it is only returning 6 for the total in the first array. The query now looks like: SELECT `browser` AS `unique_browsers`, COUNT(DISTINCT `ip`) AS `unique_visitors`, COUNT(DISTINCT `country`) AS `unique_countries`, COUNT(`id`) AS `total_count` FROM `table` GROUP BY `browser`

I had not thought of it being a PHP issue so I did not. When running it through phpmyadmin, it returns the correct results. It appears that this is a PHP issue. I am returning the results via: return mysqli_fetch_assoc($sql); Yet when using: while($row = mysqli_fetch_assoc($sql)) print_r($row); It is apparent that the results exist, but in 3 different arrays with varying results being: Array ( [unique_browsers] => Chrome 30 [unique_visitors] => 3 [unique_countries] => 1 [total_count] => 6 [chrome_count] => 6 [ie_count] => 1 [firefox_count] => 1 [safari_count] => 0 [opera_count] => 0 [unknown_count] => 0 ) Array ( [unique_browsers] => Firefox 33 [unique_visitors] => 1 [unique_countries] => 1 [total_count] => 1 [chrome_count] => 6 [ie_count] => 1 [firefox_count] => 1 [safari_count] => 0 [opera_count] => 0 [unknown_count] => 0 ) Array ( [unique_browsers] => Internet Explorer 6 [unique_visitors] => 1 [unique_countries] => 1 [total_count] => 1 [chrome_count] => 6 [ie_count] => 1 [firefox_count] => 1 [safari_count] => 0 [opera_count] => 0 [unknown_count] => 0 ) Is it possible to get all of the `unique_browser` results into a single array while using the correct data that is seen in the first array? I have been trying to use a combination of array_merge(), _push(), etc. but cannot seem to get anything working that does not use excessive memory. I have also tried looking at all of the other mysqli_fetch_* functions but none seem to do the trick.

So, I've been trying to get this query working and can't quite get it to work. I'm trying to get an "array" of distinct browsers from the database, but it's only showing one of them. There are 3 unique browsers in the table and only "Chrome 30" gets returned. Here is the query: SELECT DISTINCT `browser` AS `unique_browsers`, COUNT(DISTINCT `ip`) AS `unique_visitors`, COUNT(DISTINCT `country`) AS `unique_countries`, COUNT(`id`) AS `total_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` LIKE '%Chrome%') AS `chrome_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` LIKE '%Internet Explorer%') AS `ie_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` LIKE '%Firefox%') AS `firefox_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` LIKE '%Safari%') AS `safari_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` LIKE '%Opera%') AS `opera_count`, (SELECT COUNT(`id`) FROM `table` WHERE `browser` NOT LIKE '%Chrome%' AND `browser` NOT LIKE '%Internet Explorer%' AND `browser` NOT LIKE '%Firefox%' AND `browser` NOT LIKE '%Safari%' AND `browser` NOT LIKE '%Opera%') AS `unknown_count` FROM `table` GROUP BY `browser` Everything works properly except the line: DISTINCT `browser` AS `unique_browsers`, unique_browsers only returns "Chrome 30" while there are 3 different browsers in the database. A full return looks like: Array ( [unique_browsers] => Chrome 30 [unique_visitors] => 3 [unique_countries] => 1 [total_count] => 6 [chrome_count] => 6 [ie_count] => 1 [firefox_count] => 1 [safari_count] => 0 [opera_count] => 0 [unknown_count] => 0 ) Is there something I am missing to get this to work? Edit: Sorry I messed the title of the post up. It was supposed to say "distinct" instead of "duplicate". I didn't pay much attention to it

I'm returning a table row that contains information about a file, but it seems in IE versions older than 10, it is cutting off some of the returned json when being used. The data is being returned properly as seen in the following json: {"file_name":"<i class='video'><\/i> <a href=\"\/Development\/test(4).mp4\" class=\"is_file\" target=\"_blank\">test(4).mp4<\/a>"} But when you use it, it cuts off the html. A simple alert will return </i> test(4).mp4</a> and same when appending it and the sort. It is also happening for another part of HTML that is being returned properly in the json. It is working for everything else that is returned. I have been searching around for a very long time trying to find why this is happening. Has anyone other than me encountered this?

What's the difference between that and any other file manager such as fully-featured cPanel, which lets you go higher up? Not to be rude, but this isn't a debate about whether there are issues or not. The script itself is securely password protected, brute force protected, CSRF protected, etc. They can customize it however they want if they don't want it to access public_html. Thank you very much, kicken.

It's not to be used on my site. It's an open source file manager.

Hello. Recently I've run into a bit of an issue with Path Traversal. I was searching a bit on solutions to it, but all I could find were sites telling you to fix it, and not showing examples of how. So, I've been running a few tests and seem to have the majority fixed. At least, the ones on Owasp's examples don't work. I am making a file manager, so they can browse the public_html all they want. I just don't want anyone using ../, or the document root to browse through anything other than through the public_html. So, here is the solution I have found that seems to work on everything I have seen: <?php // Seems to solve plain-text, encoded, and null bytes $replace = array("%", ".."); $file = str_replace($replace, "", $_GET['file']); // ./ at the beginning to stop DOCUMENT_ROOT travel echo show_file_contents("./".$file); ?> And this is how the path is set up for file_get_contents to access: <?php function show_file_contents($file) { $path = $_SERVER['DOCUMENT_ROOT']."/".$file; } ?> My question is: Does this fully stop any directory traversal attempt?

This has been solved. It wasn't too hard after jumping in to it. The problem with just looping through each file_name class was that it also contained directories which I wanted sorted and displayed first. So I just added a class to the <a> tag that contained the file name - distinguishing if it was a directory or not. For anyone who comes across an issue like this later, here is how I did it with the JavaScript: var files = []; var directories = []; // Loop through each directory and add it to the directories array $('.is_dir').each(function(key, value) { directories.push(value.innerText); }); // Loop through each file and add it to the files array $('.is_file').each(function(key, value) { files.push(value.innerText); }); // Add the file we just created to the files array files.push($.trim(name)); // Sort both of the arrays alphabetically directories.sort(); files.sort(); // Merge the two arrays - we now have a fully sorted order var new_order = $.merge(directories, files); var new_file_index = jQuery.inArray($.trim(name), new_order); $('tr').each(function(key, value) { if(new_file_index - key == 0) $(this).after("-- my content --"); });

I was wondering how I would go about doing a sorting of a new element being added on the page. This element would have to be alphabetically sorted into the existing elements onto the page. For example: I am making a file manager, so when a user creates a new file, it would be sorted into the already existing files and displayed in the spot that it should. All necessary details would be provided by PHP, so I would only need help with the JavaScript part. Honestly, I have no clue how I would get around to doing that. I was thinking earlier that it would involve looping through each class of file_name and getting the text() value. Then add all of the values into an array and sorting it somehow. Then it would be getting the <tr> of which file_name is before it, and then append under it somehow. I'm not asking for any free code, but I was wondering which (JavaScript/JQuery) functions I would be looking for. I was also wondering if the idea I had would be beneficial or not, or if there were any other ways. Here is how the files are displayed as is: <?php // There may be undefined variables, this is only part of it $return = '<table id="manager" class="table table-bordered"> <thead> <tr class="table_header"> <th><input id="select" type="checkbox"></th> <th>Name</th> <th>Size</th> <th>Last Modified</th> <th>Type</th> <th>Permissions</th> <th></th> </tr> </thead> <tbody>'; $path = $_SERVER['DOCUMENT_ROOT']; // Scan the directory and remove the paths from the result $files = array_diff(scandir($path), array(".", "..")); // Get the number of files in the directory $num_files = count($files); // If there are no files in the directory, return the empty directory variable we defined earlier if($num_files == 0) return $empty_dir; $directory_array = array(); $file_array = array(); foreach($files as $file) { // Set the path correctly $file_path = $path."/".$file; // If the item is a directory if(is_dir($file_path)) $directory_array[] = $file; // The item is a file else $file_array[] = $file; } // Sort each of the arrays alphabetically sort($directory_array); sort($file_array); // Merge the directories and files into one array - directories shown first $files = array_merge($directory_array, $file_array); // Loop through the items foreach($files as $file) { $file_name = $file; // Set the path correctly $file = $path."/".$file; // Get the information for the file if(is_dir($file)) $file_size = "--"; else $file_size = @filesize($file); if($file_size === false) { $checkbox = '<input id="files_check" type="checkbox" name="files[]" value="'.htmlentities($file_name).'">'; $file_name = htmlentities($file_name). " - <b>Fatal Error Reading</b>"; $file_size = "--"; $last_modified = "--"; $type = "--"; $permissions = "--"; $actions = "--"; } else { $finfo = finfo_open(FILEINFO_MIME_TYPE); $checkbox = '<input id="files_check" type="checkbox" name="files[]" value="'.htmlentities($file_name).'">'; if(is_dir($file)) { $file_name = '<i class="icon-folder-open"></i> <a href="manager.php?path='.htmlentities($file_name).'/">'.htmlentities($file_name).'</a>'; } else { $file_name = '<i class="icon-file"></i> <a href="manager/view_contents.php?file=/'.htmlentities($file_name).'&token='.htmlentities($_SESSION['secure_token']).'">'.htmlentities($file_name).'</a>'; } $file_size = htmlentities(get_appropriate_size($file_size)); $last_modified = htmlentities(get_appropriate_date(filemtime($file))); $type = htmlentities(finfo_file($finfo, $file)); $permissions = htmlentities(substr(sprintf('%o', fileperms($file)), -4)); $actions = '<i class="actions"></i>'; } $return .= "<tr> <td>{$checkbox}</td> <td class='file_name'>{$file_name}</td> <td>{$file_size}</td> <td>{$last_modified}</td> <td>{$type}</td> <td class='permissions'>{$permissions}</td> <td class='action'>{$actions}</td> </tr>"; } $return .= '</tbody> </table>'; return $return; ?>

I have made a copy on a free hosting site and no longer experience the issues. It either has to do with the PHP displayed content conflicting with it or something else. Either way, I will examine this issue closer, but I believe it is a CSS or server issue because it only occurs every few hard-refreshes now. I will post again if I can not resolve this

As the title says, on any mobile device, display: none; does not work. It will work when the CSS file is cached, however, when you refresh the URL (in any browser this will request a new version of the file) it appears that it will ignore display: none; calls. I tested this on several emulators. I read somewhere that using both display: none; and visibility: hidden; worked, but I have not seen results for this. Has anyone come across this before, or know a fix/work-around?

Okay, I have figured out where I went wrong after adding a print_r($_SESSION) on my server. Sorry I took so long to realize what you were saying I was just assuming it accessed my already active session because it worked when retrieving the secure token. But, the reason that worked was because I set/update the session token on each GET request to that page.

I'm not saying it accesses the cookies directly. The cURL request gets the page source and then from the page source I retrieve the token value from the hidden field. The hidden field is auto-filled with the user's current session "secure_token". That is what these lines do: $exploded = explode('type="hidden" name="token" value="', $response); $token = substr($exploded[1], 0, 64); What I'm saying is that if an attacker were to have their own domain, and requested mine, the user who fell victim to this would still have their session active on my site. The attack can then extract the "secure_token" from the hidden field within the page source.

Yes, it seems I don't understand. However, perhaps by explaining my way of thinking better, it would help. Say I too have a forum, or any way for a user to send another user a link in any way. This link takes the user to another domain (not mine) which includes the code above. Since the user is still logged in on my site, their session will remain intact when the code above requests my server. The code above sends a request from their domain to mine to retrieve their new session token, then send it to the server in the form of an action the user should take. Since the code above retrieves the token, it can be used to process any request. The manner of which I'm testing this is just a rating system at the moment, so it's nothing too complicated. Here is the relevant code to my checks and creation of tokens: <?php session_start(); // Just some requires and checks // Create the secure token if($_SERVER['REQUEST_METHOD'] === "GET") $_SESSION['secure_token'] = create_secure_token(); ?> <!-- HTML --> <?php if($_SERVER['REQUEST_METHOD'] === "POST") { // Some validation checks // Check if the secure token exists in the session as well as the form data if(!isset($_SESSION['secure_token'], $_POST['token'])) { add_error("CSRF", $_SERVER['REQUEST_URI']); $error = "Invalid request. Please try again."; } if(isset($error)) // Display error else { // Check whether the session matches the form data if($_SESSION['secure_token'] != $_POST['token']) { add_error("CSRF", $_SERVER['REQUEST_URI']); $error = "Invalid request. Please try again."; } if(isset($error)) // Display errors else { // Perform intended action } } } ?> <!-- HTML --> <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['secure_token']); ?>"> <!-- More HTML --> The above checks get bypassed because the other domain had retrieved the token from the hidden field in the first GET request, then sent it to my server in their POST request.