Jump to content

tecno40

Members
  • Posts

    21
  • Joined

  • Last visited

    Never

Everything posted by tecno40

  1. Thanks, I'll take a look at that.
  2. I'm using IIS with FastCgi, and have written most of the hosting code myself so I have that part taken care of, but I still want to make sure everything is secure before I start letting testers in.
  3. So I'm about to open a hosting website, and will be letting the users use PHP and MySQL on my server. Since I will be allowing users to host their PHP code on this server I would like to make sure everyone's site is secure from hack attempts. Below is a list of what I've done so far to make it secure. Please tell me if this is enough to stop hacking, or if I need to add additional security. 1. Enabled disable_functions in php.ini with (NOTE: ini_set is not disabled) disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode,mysql_select_db" 2. Used ini_set() in a header PHP code to set open_basedir to the user's website directory 3. Put a string of 7 random characters as the password for my MySQL database to protect it 4. I will create a new user account on MySQL for every user
  4. I am using FastCgi (sorry about not posting it in the original topic). I've tried google, but I can't find the a good tutorial on the sections command.
  5. Well this isn't much more efficient, but this is what I do <?php echo '<td><select name="gender">'; echo '<option value="" '; if ($gender == ''){echo 'selected';} echo '></option>'; echo '<option value="male" '; if ($gender == 'male'){echo 'selected';} echo '></option>'; echo '<option value="female" '; if ($gender == 'female'){echo 'selected';} echo '></option></select></td>'; ?> You could also make a loop to do this, but it might not be much more efficient unless you have a ton of entries.
  6. So I'm trying to use the Sections on this page http://www.php.net/manual/en/ini.sections.php#ini.per-path with PHP 5.3.6 and IIS CGI, but I'm having trouble getting the PATH one to work so I was wondering if there are any good tutorials on how to use it.
  7. A slight offset, also I tried vertical align here: http://www5.myarcade.me/ and it looks the same as the original.
  8. Problem located at: http://myarcade.me/ So in the top right hand corner of my page I have a login form. On this form I want everything to be aligned on the same imaginary line, but currently the text is above the text fields. I've tried many different methods to try to move the text down, including putting the text and text fields in inline divs, and adding padding to the top of the text divs, but nothing seems to work.
  9. Thanks, I'll check those out and see if i can get them to work
  10. I'm working on a web hosting service with PHP support, but I don't want users to take advantage of being able to run PHP code on my server, and start messing around with files not on their site. I was wondering if there was a way to turn off everything, but basic PHP functions on certain web pages. I know I could do a find&replace on PHP code when the users upload it, but it is very likely I’ll miss a dangerous function, and my server will come tumbling down.
  11. You need javascript to do this, unless you plan on refreshing the page when they click edit.
  12. I see what you mean about the pictures being too big and slowing down the loading process for the site, i will work on making a libary of smaller images soon. Someone would want to join if they want to interact with the site & do things like chat and post comments. I haven't had any errors with the sign up, but i did recently move the site to a new server so I'll check on the reported errors in the sign up process. Something is terribly wrong with the validator your using. It was marking completely fine tags as errors, and had a long list of errors for well made sites like google, facebook, and comcast. What is wrong with tables and inline css? EDIT: When i moved the files to the new server i left out an important file to the registration process. I added it back in and it should work now.
  13. There might be an easier way to do this. What is the URL for that feed?
  14. Ok I've spent the last 2 months working on this site, and i want to get some feedback on it. Please rate it 1-10, Give suggestions to make it better, and tell me if you plan on using the site in the future (if not why, ie. "i don't play flash games", or "the games on the site are boring"). Friday13games.com
  15. Here's what i would do to improve it. *make the center wider (the ideal width is 995 px) *combine the text at the top of the page with your banner
  16. Pretty good, there are a few glitches though. *Only half the logo works as a home button. *You have to click on the image to chat (it would be nice if you could also click on the text to chat) *The yellow tab links do not turn totaly bule when selected *It's a bit overwhelming when you first visit the site, maybe have a simple homepage with a big picture, and a list of your products *On the product pages the paragraph of text at the top looks boring, maybe add a picture to the left of it *The blinking live support is not aligned properly What I realy like about the site *The yellow tab pages break the site up into larger sections *LIVE CHAT!!! *Product list makes it easy to find specific products
  17. Ok so i put the php.ini file in c:/windows and that seemed to fix the problem. Mysql is still messed up, but i should be able to fix that.
  18. The Loaded Configuration File is (none). I have the php.ini in the main php folder with the iis dll, is that the correct location?
  19. Ok so i recently made some changes to my php.ini file, and when i went to check phpinfo.php they were different than what I had set them to in php.ini. I though PHP might be using a different php.ini file so i searched my computer. I did find another php.ini, so I deleted it and restarted iis. When I checked phpinfo.php it was still showing the wrong value. I decided to rename the php.ini file I’m using to “php.ini—“ to see what php would do if it wasn't there. I restarted iis, checked phpinfo.php and php was working fine (still with different information)! The computer search is saying there are no more php.ini files, so I don't know how php is working without a file, does anyone know a solution to this problem?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.