Jump to content

evansste

Members
  • Posts

    15
  • Joined

  • Last visited

evansste's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Thanks, fastsol. After looking at your sites, I'm fairly confident that ixwebhosting.com would be able to handle mine with no problem. If it couldn't, then you may be right about a dedicated IP or dedicated server. I thought about a dedicated server for two seconds before I found out the typical cost. You're right that it's expensive. The site is working fine now, so I'm hoping it was just a temporary thing with AT&T's server. But if this keeps happening, then I'll give ixwebhosting a try. If that can't handle it, I'd probably look more into hosting the site myself with a LAMP setup. I tried this once a while back with a different site. It took a while for me to set it up and then it didn't work well because my pages took forever to load. This was mainly because of the images. However, I probably wouldn't run into that problem with my new site because the new one is nearly all text -- which makes a huge difference. Anyway, I want to thank you again for your help and insight. You've been very helpful.
  2. Thanks for responding, fastsol. What's the URL for your website, if I may ask? Would you consider it to be a moderatelly complex site? You said that you use ixwebhosting.com. May I ask which plan you have with them? I just contacted AT&T and the representative seemed to have no issues performing the same tasks that I was trying to perform. She ran my test page for sending E-mails, and it worked on the first try. Things seem to be working well on my end now too. So it seems as if this may have been a temporary issue with their server. Hopefully, it won't happen again, or at least very rarely. If it becomes a consistent problem, I may have to try your web host. I decided to try AT&T because I know that they have a boat-load of money, and would, therefore, most likely have great infrastructure for web hosting. It's not as if they wouldn't be able to afford it. They have no real reason to be penching pennies, and thereby compromising performance. I also figured that most people wouldn't think to use them as a web host, which makes me think that they probably would have less of an issue with overcrowding on their servers. Their control panel is crapy, but as long as I'm able to access my files and get my site running, I wasn't too concerned about that. I just figured they'd likely have a robust system because of their abundance of funds. I'm interested in finding out how complex your website is. If your site is similar in complexity to mine, and you rarely have problems, then ixwebhosting.com may work for me as well -- should I continue to run into issues with AT&T. I'm confident that my programming is solid. My site is only moderately complex in the sense that it works with a lot of files on the web host's server. There's a lot of file transfer, but there aren't a lot of pages, and not a lot of programming. The site's been running for a month without incident due to programming, and problems are quite easy to spot and fix because there isn't a lot of programming to look at. I greatly appreciate your insight and suggestions. Should I run into consistent problems with AT&T, I'll definitely give ixwebhosting.com a try.
  3. Thanks for your response, requinix. What I mean about the web hosts being unreliable is that my website would stop working from time to time. When I was with Hostgator, and was building my website, I eventually started getting server error messages. Instead of my pages loading, I would get an error code 500 general server error message. It's something that would happen intermittently, so I knew that it had nothing to do with the way that I had written my web pages. Sometimes the error message would pop up when using my site, and sometimes it wouldn't. This was extremely frustrating when I was trying to debug the website. So I performed some web searches pertaining to the error message, and I also did some searches about Hostgator. I found that some people were saying that Hostgator is known to cram a lot of accounts on a single server and that this would bog down the server and cause sites to get error messages. So I eventually decided to switch to AT&T. AT&T was working well until now. I was able to get my site up and running and finally officially launched it. Everything was working fine until today. I'm not getting error messages, but my site isn't working correctly. It's designed to send out E-mail attachments -- but this aspect of the site has stopped consistently working. I have also been having trouble using my control panel. While in the control panel, their site keeps timing out as I try to view file contents in my folders. Sometimes it times out, sometimes it doesn't. I have to keep closing the page and reloading it in order to get it to work. I know that it's their site, and not my connection, because I can visit all other websites flawlessly. This is the first time that this has happened to the point where my site has started to malfunction, but I really want to avoid things like this. People are just starting to visit my website, and it's terrible when they can't get it to work because my web host's server is acting up. When I say "reliable", I'm talking about a web host that will host my website without any of these issues. I'm still on a shared server, but I want to believe that not all web hosts function this way. I just need a server that won't keep messing up, and will run my pages when people try to use my website -- A web host with none of this kind of drama. I just tried using my website, and it's still acting up. I have changed none of the programming for my pages, and the site has been working fine until today. I wrote a test page that uses the E-mail function so that I could test the E-mailing capability directly. I have to reload the test page several times (usually around 5 times) before it will actually send the E-mail. My website can't work without the E-mail function. I tiried to cotact techincal support via chat earlier today, but I couldn't get through. If it's still acting up tomorrow, I'll have to call them. I just want a web host that will consistently host my site with no server issues. Thanks again for your response. If you have any suggestions, I'd love to hear more from you. I really do appreciate your time.
  4. I launched my new website about a month ago. I switched from one web host to another due to poor hosting performance. Now I'm running into the same issue again -- poor web hosting performance. My first web host was Hostgator. My current web host is AT&T. I hate the thought of switching to a different web host every month trying to find one that will reliably host my site. Does anyone here have a reliable web host that they use and would recommend? My question is relative since what is reliable for a simple web site, may not be reliable for one that is more complex. For this reason, I can't simply trust web host reviews. My website isn't overly complicated, but it's more complex than just basic HTML. It uses a lot of PHP, as well as a MySQL database that only has two small tables. The website uploads and downloads small text files regularly. It also sends E-mail attatchments quite often. Because I just launched, my website isn't getting a ton of traffic -- about 10 users per day. However, I'm beginning to run into the same problem as before. My web host's server is starting to show itself as being unreliable. As with my first web host, it seems as if it may be due to overcrowding on the shared server. Do any of you run any moderately complex websites? If so, who do you use for a reliable web host? I've considered setting up my own server with a LAMP configuration and hosting the site myself. However, I don't know a lot about Linux or Apache, and so would like to avoid this. But because the computer would only be hosting my own website, and no one else's, I have to believe that a LAMP setup would be more reliable than a shared server that is overcrowded. A reliable web host is really what I'm looking for. But I don't want to keep going down the road of trial and error. If anyone uses a web host that reliably supports their moderately-complex website, then I would love to hear from you. I'm sick of my site failing due to server issues. Like the Duracel commercial says, "It just has to work!" Please forgive me if you feel that my post doesn't correctly fit the forum category. I tried to figure out which category best fits this topic, but none of them seemed to be perfectly suitable. Thank you for your time, as well as for any suggestions.
  5. Thanks for your response, gizmola. My hosting company finally did get back with me yesterday. They sent me an E-mail message showing my new credentials. They didn't state what the problem was -- only that they fixed it. I have since gotten the site up and running again with the new credentials that they gave. I also implemented the changes that ginerjm suggested. Having all of the credentials in a single file really will come in handy if I ever need to make changes to my password, or anything else. One of my test pages connects and shows me the contents of the tables in my database. Because it connects to the database, it's very similar to the example that you gave about making a connection and seeing what errors pop up. When I ran my test page, during the period of time when things weren't working, it simply gave me the error that I was denied access to the database. It confirmed that I was trying to use a password, and that I didn't have access. I have noticed that my web host has changed my password, but, as I've said, they never really stated what the problem was. Quite frankly, I'm just happy to have the site working again. If you're right that the web host simply made some mistake with their server, and that no one was trying to sabotage my web site, then I shouldn't run into this problem again -- or at least not very often. But if someone is trying to do something malicious, I would guess that they'll see that my site is working, and they may try something else. Hopefully you're right, and there is no one out there trying to do something like this. You have a lot more experience than I do, and your suggestions on the issue make a lot of sense. So hopefully, this is the last time I'll run into this problem.
  6. Thanks, gizmola. I truly hope you're right and it turns out that my web host simply dropped the ball somewhere along the line. If that's the case, that would be terrific. It's an easy fix, and it's all work that they have to do. I already alerted them that I can't get into my database, and they're looking into it. One of the things that I hate most about the idea of it being a malicious attack is that a person may see this as some sort of game. They like the idea of outsmarting a system. If that's the case, then that requires me to have to try to think of things that they may think of, and, as I've said, I'm no expert when it comes to programming a website. I hate the idea of having to spend all of my time dealing with this sort of thing, when all I want is a website that works. So I truly, truly hope you're right. My website is relatively simple. I have a database that only has two tables in it, and each table only contains one column. The entire website only has 46 script pages -- that's including all of my functions and test pages. It wasn't very hard to figure out that my access to my database was changed. There are only four functions that access the database, and two test pages that I can use to easily view the contents. The site has been running successfully for about two days, and I've made no changes to anything during that time. Then, all of a sudden, I noticed that jobs were backing up -- they weren't being sent out like they're supposed to. One of the functions, that needs to access the database, isn't able to connect to it. So I tried one of my test pages in order to view the contents of the two tables in the database. I received a message saying that I don't have access. So I tried to log in to the database via control panel. I received a message saying that the information that I entered was incorrect. Access to the database is, without a doubt, the problem. I spoke with my web host, and they weren't able to gain access to the database with my information either. Hopefully you're right and they end up telling me that it was some mistake that they made. Then my website can go back to working properly, as before, and I won't have to fix anything. I do still intend to make the change that ginerjm suggested -- putting all of my credentials in a single include file. But that's an easy change because there are so few functions that use the database. You're right that I jumped to the conclusion that my password had been changed. This is because one day I have access, and now today, I don't. I didn't change my password, so I couldn't think of another reason why it was saying that my information was wrong. I didn't consider that the web host could have dropped the ball. After all, I've been working on the site for weeks with no incident like this. Then, two days after launching the site and promoting it, I run into this. Security wasn't my focus when I built the site. I was just happy to get it to work. So my assumption of sabotage is logical, but you're right that it could be something else. I hope you're right. Then all of this would just go away.
  7. Thanks for your response, mac_gyver. The website does generate the file name. However, it does so incrementally. Therefore, it may not take a genius to figure out what the next name would be. But I can make it so that the file names, that the site generates, are more random. As for uploading -- the site does allow people to upload files. However, it only allows text files to be uploaded. Would their uploaded file have to have the .php extension in order to sabotage my system? The site only allows files that have the .txt extension. Does this offer any security? Thanks again for your responses.
  8. Thanks so much to both of you! After reading what mac_gyver said about .php files with the .php extension not being able to be seen by users, I started to feel a sense of relief. All of my php files have the .php extension. But then mac_gyver said that if my site allows downloads, this may be another way that the information could have been obtained. My site doesn't allow users to download any file that they want arbitrarily, but it does generate a separate .php file that users are allowed to visit so that they can download a specific file that the website has generated for them. The php link is simple, and is as follows. <?php header('Content-disposition: attachment; filename=expression_.txt'); header('Content-type: text/plain'); readfile('expression_.txt'); ?> As you can see, the file that they are then allowed to download is a simple text file -- In this case "expression_.txt". The site directs them to a web page that contains only the code that's shown above. So when they go to the given link, they are able to download the file. Could a link to something that is as simple as what's shown above, allow people to download my password and username for my database? Or is it too specific to allow them that kind of access. I'll certainly do what you've suggested, ginerjm, about putting the "connect" statement in a separate include file, and restricting the information to that file alone. It's a smart thing to do that I never considered. At the very least, if I ever decide to change web hosts, and have to change the log in information, I'd only have to do it for one file. Smart idea. Thank you for that. The information that both of you have given thus far is invaluable, and I thank you greatly for it. This is a very useful forum!
  9. I recently launched my new website, and in just a few days I have been locked out of my MySQL database. My website makes use of a few tables within a MySQL database. However, now when my website tries to access that database, it is given no access -- and neither am I when I try to access it via the control panel. I'm pretty sure that someone changed the password to my database. For my website, I wrote several PHP functions that use tables within the database. In order to connect to the database, I had to give the username and password within the PHP functions using the "mysql_connect" function. mysqli_connect(host,username,password,dbname); Because this information can be found inside the PHP functions, and because my PHP functions are located inside the "public" directory for my web host, could someone have gotten this information, and then changed my password through my control panel? I have contacted my web host and they are investigating the issue of my password being changed. But does it sound as if someone could do something like this if the source code for all of my pages is in the "public" directory? I'm no expert when it comes to building websites. I was happy to finally get my website to work. Now, it seems, that I have to deal with people being malicious. What's the best way to keep someone from being able to change the password to my database? Is it a problem for me to keep my functions in the same directory (the "public" directory) as my other website pages? The good news is that people are starting to visit my website. The bad news is that some of these people have bad intent. Thanks for your time.
  10. I'm working on a website that displays data based on when a file is created. The page keeps checking to see whether or not a file exists. As long as the file doesn't exist, the page keeps reloading and checking to see whether or not the file exists until the file finally does exist. Once the file exists, the page goes to another page that displays the contents of the file that it was waiting for. This design works, but I've noticed that it takes a long time for the page to recognize that the file exists. Once the file exists, the page keeps checking and reloading, several times -- even though the file exists. After many reloads, it finally "sees" the file and goes on to the next page. Why does it take so long for my page to recognize the existence of the file? Here's a sample of how the reloading page (the page that keeps checking for the existence of the file) works. <?php header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past session_set_cookie_params(0); session_start(); ?> <html> <head> <meta http-equiv='cache-control' content='no-cache'> <meta http-equiv='expires' content='0'> <meta http-equiv='pragma' content='no-cache'> </head> <body> <p>Processing...</p> <script> myFunction(); function myFunction() { setInterval(function(){ location.reload(); <?php clearstatcache(); if(file_exists($_SESSION['filename'])) { $existance = true; } else { $existance = false; } ?> if("<?php echo $existance ?>") { window.open("done.php","_self"); } else { } }, 5000); } </script> </body> </html> As you can see, I use the "clearstatcache();" statement in order to make sure that the server's information is current before checking the existence of the file. I have also used meta tags, in the HTML, and php headers in order to make sure that nothing is being cached. This is all in an attempt to make sure that it's not looking at old data when it checks to see if the file exists. Despite all of this, the browser keeps reloading, over and over again, usually about ten times, even after the file exists. Any ideas why this is happening?
  11. Well, I've finally given up trying to make it so that the browser won't remember session variables once all pages are closed. As of now, my website officially uses indicies that can run into the billions when it comes to generating unique job names. It's ugly and less elegant, but at least it should prevent more than one person having the same job name. I started to look into disabling sessions on window unload, as Stefany93 suggested. However, I was still unable to get anything to work when it comes to the sessions being forgotten once all pages are closed. The "session_set_cookie_params(0);" statement does work when the entire browser is closed, so I've decided to keep it. Thanks to everyone who has given me advice and suggestions pertaining to this topic. I greatly appreciate your time, and I certainly don't take your help for granted. So thanks to all of you. I now have a new problem to deal with. But since it is a different issue, I'll start the topic with a different thread.
  12. ginerjm, ever since I put the "session_set_cookie_params(0);" before the "session_start" statments on all of my pages, you're right -- the session is destroyed once the web browser closes. This is certainly much better than what it was doing before, which is holding onto the variables after the browser closed. My concern is based on the way that my website works. On my website, I use session variables in a similar way that the DMV uses their "take-a-number" system. McDonald's also uses this system. If you go inside and place an order, you're given your receipt that has a ticket number at the top. You wait for them to call out your ticket number so that you can get your order. My website works the same way. It processes jobs for people who submit them. Once they submit a job, a session variable is created and given a unique value in order to keep track of the job's progress. Once the job is delivered, the session variable is destroyed. If a person closes all tabs to my website without properly canceling their job, my site keeps the job number in the system as it continues to work on it. The site will only hold onto the job for so long. If the person doesn't claim it, the session variable is destroyed, and is then allowed to be used by a newcomer. Because the browser holds onto session variables until the browser is closed, a person can start a job, close all of the tabs, and still have that session variable as long as their browser is open. Once the website realizes that the job has been abandoned (it was never retrieved), it will destroy the variable. Then if a newcomer visits the site, and starts a new job, they may get the job name that was used before, because the site has destroyed the variable, allowing it to be used again. But if the person, who closed the tabs without canceling the job) comes back. Their browser will remember the job number. Now there are two people in the system with the same job. So when the new person's job completes, it may go to the old user. Or if the old user now decides to cancel the job properly, they may cancel the newcomer's job. This is a problem. I may have to design the site so that it won't reuse variable names that have been destroyed. It may have to always create a completely new job name by using index numbers that increase into the millions everytime a new job is created. I hate to have to do this. However, if session variables aren't actually destroyed once a person leaves the site, there's always a chance that two people may end up using the same variable. It's a remote chance, but I'm a believer in Murphy's law. If I can make it so that the variables are destroyed once all pages are closed, this would make the current system stable without having to make new variable names that extend into the millions.
  13. Thanks for your response, ginerjm. I know that there are many ways to destroy session variables, or end a session, at will. However, I have no control over when a person will close a tab, or close a browser, which makes most of the "at will" functions ineffective. On top of that, once they close the tab, any script that I have written will no longer be available to execute. That's what makes this so tricky. If session variables really lived up to their name as being temporary variables that only exist as long as your pages are open, then I'd have nothing to worry about. I'm relatively new when it comes to building websites and I obtained over 90% of my site-building knowledge by reading w3schools.com information. That's where I first learned of the session variable. On that site, it makes it seem as if the session variables are only alive as long as your pages are open, and that once your pages close, the session ends, and the variables are gone. I built a great deal of my website around this concept. Now I'm finding that this notion isn't so accurate. At least the "session_set_cookie_params" function will cause the browser to not use cookies. This at least makes it so that the variables have never been saved, and therefore are not around when the browser closes, and reopens. If only there's a way to do that with tabs, and not just the entire browser. I know it's a long shot, but I felt the need to at least check with people who have a lot more experience than I. Thanks again for your response. One of the things that I like more about w3schools.com is that they are more detailed when it comes to describing and using functions, and site-programming in general. The manual mentions more of the functions that actually exist. However, I find the descriptions more vague. Maybe you're right, though. Maybe I need to spend more time looking there. My first impression is that most of these functions are "at will" functions. I'll take a closer look at the "session_destroy" function. Maybe it's what I need. Thanks again for your help.
  14. Thanks, mac_gyver, for responding to my post. I think my problem had something to do with cookies already being saved on my browser prior to me making the "session_set_cookie_params(0);" change to my website, because it seems to be working now. After making the change, I went into my browser settings and deleted all of the cookies, but that didn't work at the time. However, it seems to be working now -- like some sort of delayed effect. Maybe you were right that some instance of my browser hadn't closed, and I just didn't know it, I don't know. Now when I close my browser, and reopen it, the session variables are gone. However, I now have another question, and based on your post, I think I know the answer. Is there any way to make it so that the session variables will vanish once all browser tabs for my website have been closed, rather than having to shut down the entire browser? Based on your response, I'm guessing that your answer is "no", but I feel I have to ask. It seems as if the "session_set_cookie_params" function works when closing the entire browser, but not when all tabs, for my site, are closed. Do you know of a way to make the session variables disappear when all of the tabs to my site are closed, or am I living in a dream world to think that it may be possible? Thanks again for responding to my question. I really appreciate your time and attention.
  15. I'm building a website that uses session variables. My understanding of session variables is that they only exist as long as the browser is open -- meaning that once the browser closes, the session variables are lost. My website anticipates this to be the case, but I have found that my session variables are being stored (possibly in cookies). When I close the browser, and then reopen it and return to my website, I find that the session variables are still set. Shouldn't they be disappearing when the browser closes? This is a big problem since my website assumes that the information is lost. Is there some way for me to make sure that my session variables aren't being saved in cookies? That way, when the browser closes, no information has been saved, and therefore, when I return to the website, there should be no session variables. Is there any way to do this? If so, how? I've tried using the "session_set_cookie_params(0);" statement before my "session_start();" as follows. <?php session_set_cookie_params(0); session_start(); ?> However, this didn't work. Am I not using "session_set_cookie_params" correctly? Why does my browser remember my session variables? Thanks for your time, and for any help that anyone is willing to provide.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.