Jump to content

justsomeone

Members
  • Posts

    9
  • Joined

  • Last visited

Profile Information

  • Gender
    Not Telling

justsomeone's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Currently getting the following error when connecting via HTTPS www1.ev5unleash.com uses an invalid security certificate. The certificate is not trusted because it is self signed. The certificate expired on 25/07/2008 20:29. (Error code: sec_error_expired_issuer_certificate)
  2. [!--quoteo(post=380538:date=Jun 6 2006, 10:48 AM:name=eclipt)--][div class=\'quotetop\']QUOTE(eclipt @ Jun 6 2006, 10:48 AM) [snapback]380538[/snapback][/div][div class=\'quotemain\'][!--quotec--] can anyone help me to get the idea on how to develop a websites that able to accept 5 x 5 frame on a single page using php and mySQL. if anyone have do it. please let me know how this system works thank you [/quote] What do you mean by a "5 x 5 frame"? Do you mean a html frame within a html frameset? Or maybe a table? Your subject mentions CCTV surveillance. Does your CCTV system offer its footage as a webservice, or through some other API? Some do, and some don't. If your CCTV doesn't offer a programable interface, you may need to give up or get some other piece of kit to take a standard video feed from the CCTV system and offer it as a web service. If your CCTV footage is already accessible as a web service, then the manual for that CCTV system should show how to access it. Sorry I can't me more clear, but you need to provide more info.
  3. [!--quoteo(post=380953:date=Jun 7 2006, 12:56 PM:name=Orio)--][div class=\'quotetop\']QUOTE(Orio @ Jun 7 2006, 12:56 PM) [snapback]380953[/snapback][/div][div class=\'quotemain\'][!--quotec--] Of course adding a username+pass using a htaccess can make it even more secure. Orio. [/quote] htaccess is very insecure. It sends the username and password in plaintext. You should use a customised login system, ideally over https, for your admin section.
  4. your echo statement is governed by your if statement. You should move the echo after the curly bracket which closes the if statement.
  5. You use $submit, $ data, etc etc but haven't assigned any values to them. I'm guessing that these are values from your HTML form. If os, you need to access them using the superglobals $_POST or $_GET (depending on whether your form is submitted vi GET or POST. So instead of [b]$submit[/b], you need to use [b]$_POST['submit'][/b] for example. Using form variables directly is a very, very danegrous security hole, as it allows users to inject variables which you weren't planning on into your code. For example look at this - assuming you have a checkUsernamePassword function which will validate a username and password against your user database, and $username and $password are submitted via form. [code] <?php if checkUsernamePassword($username, $password){     $loggedinOK = TRUE; } if ($loggedinOK){     //Display some sensitivie information here }else{    echo "Go away, I'm not telling you my secret."; } ?> [/code] This checks the username and password and only proceeds if they check out. Except they also introduce a vulnerability. What if I called this php script, passing in the following values - username:"me", password:"secret", loggedinOK:"1" I would fail the username and password check, but that wouldn't matter because I've manually inserted a value for the otherwise uninitialised variable $loggedinOK, which tricks the system into believing that I''ve logged in OK. Sure, I could ensure that all variables are properly initialised, but as you start to use third-party code, open source libraries etc, this gets more and more difficult to ensure. So, PHP allows you to set a config switch which tells it whether or not to automatically make form data available as global variables. This fleg is called REGISTER_GLOBALS and it is very, very bad practice to set this to true. If REGISTER_GLOBALS was turned off, then your ill-intentioned visitor couldn't force in the value of $loggedinOK. When he failed to log in, the variable would be uninitialiased and the if statement would fail, keeping him away from the sensitive data. How do you then access the username and password values in order to checkthem? As per the following example: [code] <?php if checkUsernamePassword($_POST['username'], $_POST['$password']){     $loggedinOK = TRUE; } if ($loggedinOK){     //Display some sensitivie information here }else{    echo "Go away, I'm not telling you my secret."; } ?> [/code] All of which is my way of telling you that it looks like your local server may have REGISTER_GLOBALS turned on, and your web server may have it turned off. Check your php.ini file for details. J
  6. [!--quoteo(post=354491:date=Mar 13 2006, 02:13 PM:name=ddmluvdlm)--][div class=\'quotetop\']QUOTE(ddmluvdlm @ Mar 13 2006, 02:13 PM) [snapback]354491[/snapback][/div][div class=\'quotemain\'][!--quotec--] Hi All, I am a php newbie, I am trying to create a site where users will register and enter their yahoo id. I want the users who are online on their yahoo messengers to show first on the list of users. [/quote] Your database has no idea if people are logged into yahoo or not. So your while loop which processes the database results can't be changed to sort by Yahoo logged in status. What you need to do is to use the while loop to populate a new array which stores the database row, a 1 or a 0 to indicate Yahoo Logged in status and maybe their username as well. You can then sort this array by logged in status, and username. Finally you can walk through this array to print out the results. This would allow you to show all the logged in users first (listing them alphabetically), then all the other users (again alphabetically). J
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.