Jump to content

127.0.0.1

Members
  • Posts

    25
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

127.0.0.1's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Hi, A friend of mine has a rather large web site made up entirely of html pages. None of his pages are being compressed. Is there a way to tell Apache to compress html and htm files automatically without modifying any of the current html? Perhaps via the htaccess file or something?
  2. Hi, First some background information. My directory hierarchy where images are stored looks like this... img/ img/icons/ img/photos/ img/banners/ I employ a typical rewrite rule to stop outside sites from hotlinking to my images like this and it is placed in the root of my public_html folder... RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mywebsite.com [NC] RewriteRule \.(jpg|jpeg|png|gif)$ http://www.mywebsite.com/_errors/hotlinking.png [NC,R,L] However, I noticed that when using some proxies to access my site, the user is fed the hotlinking.png. To combat this I want to allow images only in the root of the img directory to be accessed by outside referers, because images in the root img directory are essential to the sites layout. Though images in its sub-directories such as img/icons/, img/photos/, et cetera should still not be allowed access to outside referers. Rather than creating a RewriteRule for each specific directory I was wondering if it was possible to create one RewriteRule placed in the root of the img/ directory that tells mod rewrite to rewrite all images EXCEPT those in the root img/ directory. In other words, to rewrite images in sub-directories of img ONLY, without explicitly having to list each one in the regular expression. I don't know how to do this correctly with regular expressions but I can illustrate what I want using wildcards to clarify what I'd like... */img/*/.gif|png|jpg|jpeg = bad */img/.gif|png|jpeg|jpeg = ok
  3. Nevermind, I solved my own question. Use [tt]array_key_exists[/tt] instead of [tt]in_array[/tt] for associative arrays.
  4. When I made my array into an associative array the [tt]in_array[/tt] no longer returns true. [code=php:0] $os = array( 'windows' => 'XP', 'linux' => 'Fedora', 'mac' => 'OS X', ); if (in_array('windows',$os)) // this will return false echo 'windows was found in the array'; [/code] But when it is [u]not[/u] an associative array it works... [code=php:0] $os = array( 'windows', 'linux', 'mac', ); if (in_array('windows',$os)) // this will return true echo 'windows was found in the array'; [/code] How can I get [tt]in_array[/tt] to work in the first example with the associative array?
  5. True enough, at least for my usage. I was just trying to exploit my own scripts through the URL to see if they were "bulletproof," and found %2F kept causing that 404. It's an annoyance to me because it causes Apache to bypass the custom ErrorDocument. I guess I do not have something configured correctly. Thanks for your time though. It is appreciated.
  6. Nope. It still manages to break it. Apache generates a 404. :-\ Something peculiar I noticed to. Maybe it will offer some insight. When %2F is in the URL the 404 code that is generated over rides the settings in the [tt].htaccess[/tt], which it does not do on other 404 errors. For example I have declared [tt]ServerSignature Off[/tt]. But the server signature gets displayed.
  7. There is no file redirection. It does not need the mod rewrite engine enabled to function as long as the filename that is executing the script is in the URL. [tt]Example: www.website.com/[b]index.php[/b]/article/555[/tt] But, I do plan on using mod rewite so I can omit the name of the script altogether and add an html extension just for aesthetics. [tt]Example: www.website.com/article/555.html[/tt] For that I have the following in [tt].htaccess[/tt] [code] Options +FollowSymLinks RewriteEngine on #Clean URLs RewriteRule ^(.*).html /index.php/$1 [/code] It works so far, but I'm no guru so I'm sure there is a better way.
  8. I'm not very well versed with mod rewrite. Search hits on Goggle are telling me there's a bug with Apache regarding this and other stuff that isn't quite related. I'm not really sure.
  9. I'm using the same script that was used in [url=http://www.phpfreaks.com/tutorials/149/1.php]clean url phpfreaks tutorial[/url]. I just modified it a bit to escape uninitialized variable errors. [quote author=linuxdream link=topic=124232.msg514468#msg514468 date=1169856602] I tried the exact string and urldecode() turned it into a "/"...Not sure whats wrong... Where are you using path information in a URL string...I'm not seeing it in the code. I only see you outputting the results. [/quote] That's the thing. The character will get properly decoded if it is passed directly to the decoder or even passed conventionally through a url such as [tt]script.php?variable=%2F[/tt]. However, it breaks when trying to send it the clean url way. The path information is passed at the beginning of the code [tt]$clean_url = explode('/',$_SERVER['PATH_INFO']);[/tt], [quote author=jesirose link=topic=124232.msg514474#msg514474 date=1169857181] You tried this: $clean_url = explode('/',urldecode($_SERVER['PATH_INFO'])); ? [/quote] Yes, I tried that. I'm beginning to think it's not a problem with PHP at all. It's an Apache problem, because the script does not even get a chance to execute. When [tt]%2F[/tt] is thrown into this URL [tt]/index.php/article/911%2F[/tt] Apache says this... [quote] Not Found The requested URL /index.php/article/911/ was not found on this server. Apache/1.3.31 Server at localhost Port 80 [/quote] :-\
  10. [tt]Apache/1.3.31 PHP Version 4.4.2[/tt] This URL encoded character [tt][b]%2F[/b][/tt] keeps breaking my script! I'm writing a script that shows "clean urls." It allows urls such as mysite.com/index.php/article/483498 to be passed to my script. This is the basic logic of the script: [code] if(getenv('PATH_INFO')) // Check if any modules were requested { $clean_url = explode('/',$_SERVER['PATH_INFO']); array_shift($clean_url); } $modules = array( // Define array of valid modules IDs 'frontpage', 'article', ); $module_id = empty($clean_url[0]) ? '' : $clean_url[0]; // Requested module ID $page_id = empty($clean_url[1]) ? '' : $clean_url[1]; // Requested page ID if(empty($module_id)) // Default module $module_id = "frontpage"; if (in_array($module_id,$modules)) // Does the requested module exist? echo 'Module ' . $module_id . ' found!<br />Page: ' . $page_id; else echo 'Module not found.'; [/code] It works fine and dandy until I put [tt][b]%2F[/b][/tt] into the URL. Which prompts me with an Apache 404 error. I've tried using urldecode and rawurldecode with [tt]$_SERVER['PATH_INFO'][/tt] but it did not work. What should I do to sanitize the incoming variables to prevent my script from breaking when [tt]%2F[/tt] is passed to it?
  11. This question is regarding the use of regex to shorten six-digit hex color codes to its three-digit counterpart. [url=http://www.w3.org/TR/REC-CSS2/syndata.html#color-units]The three-digit RGB notation (#rgb) is converted into six-digit form (#rrggbb) by replicating digits, not by adding zeros. For example, #fb0 expands to #ffbb00. This ensures that white (#ffffff) can be specified with the short notation (#fff) and removes any dependencies on the color depth of the display. [/url] The problem I'm having is very simple; using regex to determine if the [u]same instance[/u] of a word character has repeated itself once. For example detecting [tt]ff[/tt] and not [tt]fe[/tt] or [tt]f0[/tt] et cetera. I don't know how to make regex identify if the same character has repeated itself.
  12. Thanks guys. Another question though, I am using an [tt].htaccess[/tt] file to create friendly URLs. [code] ErrorDocument 404 /_errors/404.shtml RewriteEngine on RewriteRule ^article/(.*).html /index.php?article=$1 [/code] I managed to "break" my page by putting [tt]%2F[/tt] at the end of the variable parameter: www.mysite.com/article/581%2F.html. Which I do not understand because if I access the equivalent erroneous URL with a slash rather than [tt]%2F[/tt] www.mysite.com/article/581/.html, I receive the proper error message from my script telling me the article could not be found. This has a peculiar result because not only does it break the script, but it renders this message [quote] Not Found The requested URL /article/581/.html was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. [/quote] Which is odd because I have defined the 404 ErrorDocument and it works with other 404 errors. Any advice as to how I can remedy these issues?
  13. Hello. Suppose I am passing variables through a URL like this [b]http://www.mysite.com/index.php?article=48338[/b]. The article variable then in turn is used to make a SQL query. Obviously, any person can tamper with that parameter, changing the variable. Currently I am escaping potential erroneous variables with the following [code=php:0] // Check if variable exists and is not empty if (isset($_GET['article']) && !empty($_GET['article'])) {     // Check to make sure the only characters passed are digits     if (ereg('[^0-9]', $_GET['article']))           $flag_error = True;     else           doWhateverFunction ($_GET['article']); } [/code] My question is, am I doing sufficient checks? Is there a better way? Could I compact the code? I tried to merge both if-statements, however it failed to work for me.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.