Daniel0

[code]sudo aptitude install apache2 php5-mysql libapache2-mod-php5 mysql-server phpmyadmin[/code]

You can "unlock" the root user by setting a password using [tt]passwd[/tt]. Then you should be able to login from the login screen and to su into it.

[quote author=neylitalo link=topic=121453.msg500065#msg500065 date=1168294187] Poll added, although I'm not sure how much value it's going to contribute. :) [/quote] Well, it's just that it makes more sense to have a poll in the poll forum.

[quote author=Accipiter link=topic=121549.msg499964#msg499964 date=1168286928]Well, then I use [color=blue]list($width, $height, $filetype) = @getimagesize($_FILES['file']['tmpname'])[/color] in order to determine if it is a valid jpg/gif/png image. Though, I have no idea how reliable that getimagesize() is.[/quote] I think it's perfectly reliable. It checks if the headers are available, and if they are, well then it must be an image. [quote author=Accipiter link=topic=121549.msg499964#msg499964 date=1168286928]I am more concerned about the filename, as you mentioned, c4onastick. If I store the file in a folder as suggested, but still wish to keep the original name, how to be sure it is a valid filename? I now try to remove any non-valid character: [color=blue]trim(preg_replace('/[\/\n\r\t\*:<>\|\?\\\\"]/', '', $filename))[/color] But I am not sure if I am missing something. Any other nonprintable character that might slip through, or is that enough?[/quote] Store the filename in your database and give it a name yourself like: [code]md5(uniqid(rand().microtime(),true));[/code] [quote author=Accipiter link=topic=121549.msg499964#msg499964 date=1168286928]But, when the image later is viewed, if for some reason the "image" actually is evil executable code that slipped through the suffix name check and the getimagesize() check, won't sending the header: [i]Content-Type: image/xxx"[/i] preventing it from being treated as anything else but an image in the clients browser?[/quote] Yes it would. Sending e.g. [tt]Content-type: image/png[/tt] will make the browser treat it like a PNG image, but when the file has been downloaded to the user's computer it is the computer's file extension associations that will decide what to do with it when executed/opened.

You shouldn't rely on client-side validation (i.e. the maxfilesize field is not secure).

[url=http://www.zend.com/products/zend_guard]Zend Guard[/url] encrypts the source and has support for licenses that will enable it to a specific IP domain (I think). It costs a bit under $1000/year.

A WAMP cannot include ISS as WAMP means Windows Apache MySQL PHP.

I found that longblobs only allow 2MB which isn't quite enough for me. Is there any way to store larger files or should I store them as files with the filename in the database? How should I prevent users from downloading the files if placing them outside document root is not an option? .htaccess?

$_POST and $_GET. I never use $_REQUEST as it includes $_COOKIE as well which is not what I want. Edit: Could somebody add a poll to the topic, please?

Ever heard of Google? [url=http://www.google.com/search?q=cms+"open+source"]http://www.google.com/search?q=cms+"open+source"[/url]

If on a shared host you might need to append ~<your username> e.g. http://1.2.3.4/~somebody

You are probably using wrong login information for your MySQL server. Note: Please put your code between [nobbc][code][/code][/nobbc] tags :)

Heh... http://www.msfirefox.com/microsoft-r-firefox-support/what-is-rss.html http://www.msfirefox.com/microsoft-r-firefox-support/some-sites-are-shutting-down-my-computer.html

Unfortunately, some people use the [nobbc][php][/nobbc]-tag instead of the [nobbc][code][/nobbc]-tag (even when it isn't PHP code). You can't change that (unless the admins modify the source of SMF).

http://www.photo-freeware.net/quick-exif-editor.php - First result on Google for [tt]exif editor[/tt]

It can be longer or shorter depending on how many seconds it is since the UNIX epoch.

Sure.

In your .htaccess file: [code]<Files "protected_file.xpi"> ForceType application/x-httpd-php </Files>[/code] In your protected_file.xpi: [code]<?php if($_SERVER['PHP_AUTH_USER']=="admin" && $_SERVER['PHP_AUTH_PW']) { $real_file = "real_file.xpi"; header("Content-type: application/x-xpinstall"); header("Content-length: ".filesize($real_file)); readfile($real_file); } else { header('WWW-Authenticate: Basic realm="protected_file.xpi"'); header('HTTP/1.0 401 Unauthorized'); echo 'Access denied'; exit(); } ?>[/code] Make sure to place the actual file outside of the document root so people can't access it directly.

You could click [url=http://www.phpfreaks.com/forums/index.php?action=unread]Show unread posts since last visit[/url] to, well... show the unread posts since your last visit or you could just refresh the page at the forum main page to check if there are new topics/replies in a specific forum.

Installation: http://gtk.php.net/manual/en/tutorials.installation.php Tutorials: http://gtk.php.net/manual/en/tutorials.php Hello World: http://gtk.php.net/manual/en/tutorials.helloworld.php

Third party spam bots cannot access your database (unless you give out your login credentials). If you wish to encrypt data (and still be able to decrypt it again) you might want to look at [url=http://php.net/mcrypt]the mcrypt extension[/url].

You need to make sure you have write permissions in the folder you are creating the new folder in using mkdir().

You could use JavaScript: [code]location.href=location.href[/url][/code]

If I understood you correctly, then you're trying to run two functions at the same time. That is not possible.

My bank has a Java applet for their online banking service that handles logins. On my computer I have a key (and in my mind I got a password). Without the key on the computer I only have read access, but if the key is present I am able to make transactions etc. I suppose you could do something similar, but I don't know how you would check if the key is there, and how to check that the user don't copy the key to another computer