trq

Because (as I said) you need to move your UPDATE code so that it is within your loop.

No. That would completely depend on the exploit. If they have access to the filesystem there is nothing stopping them accessing the php files. A php application itself cannot protect itself in that mannor. What exactly are you trying to get at? Do you have a specific issue?

This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=361008.0

Ok, it wasn't clear from your post that the SELECT was selecting data from a different database. On to your issue. You already have the loop, you just need to move your mysql UPDATE code into it.

No that will not work. Variables are not interpolated within single quotes.

What?

Why are you executing a SELECT query in order to eventually do an UPDATE ?

shell_exec("sed -i 's/auth_default_realm = $olddomain/auth_default_realm = $newdomain/' /etc/test/test.conf"); Works as expected for me.

We can't help without seeing your code.

1) it could be either a or b 2) a dedicated server is always going to have less ability to be tampered with by other users simply because there aren't any.

This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=361005.0

I'm really not sure what your talking about. Are you sure you want to replace auth_default_realm ? Maybe: shell_exec("sed -i 's/domain = $olddomain/domain = $newdomain/' /etc/test/test.conf"); is what your really trying to do.

You've lost me, your not using anything from SPL.

Works fine for me.

xml is not a scripting language and as such cannot process post data. Your question makes little sense.

You might want to take a look at phpQuery. http://code.google.com/p/phpquery/

Im not sure I understand the question / problem.

Firstly, the command you posted will fail because you are mixing single and double quotes. Secondly, your making your php example more complicated than it need be: shell_exec("sed -i 's/auth_default_realm = $olddomain/domain = $newdomain/' /etc/test/test.conf"); Be sure to validate and escape $olddomain and $newdomain especially if they are coming from user input. Your opening yourself to massive security concerns otherwise.

This resonates with me more than anything else. http://blog.sanctum.geek.nz/series/unix-as-ide/

Neither would be my choice. Is this a MS oriented workplace?

Most open source software in the PHP world is (unfortunately) not too well written. Also, a lot of it pre dates some of the more prominent frameworks.

I'm not sure. It's probably the most popular version control system getting around though, so I would asume so.

Better yet, use Git. http://git-scm.com/

I'm not sure what gave you that impression. The @ symbol simply suppreses errors. The op needs to wrap there while loop in a check that makes sure that $handle is indeed a resource. if ($handle = fopen($file,"r")) { // while loop in here }

If it's easy and obvious show us your code.