ivalmian

No, but it's an easy place for an activeX component to download an executable to and, if users are allowed to execute from it, then it can execute that executable launching a virus. What I'm saying is that it is a vulnerability for me the computer user (since this is a personal computer) although since most people don't have this vulnerability then perhaps there are no/few viruses exploiting it and probability of me hitting it is low. I seem to remember that IIS is impersonating my primary user account so perhaps by turning impersonation off I can get IIS_USER to be the only one who needs permissions for the temp folder.

set to a high enough level and display_errors set to On ? It's very strange for php to fail and not tell you why. error_reporting was set to all, but display_errors was off, my fault. I turned display_errors on and got the following message when trying to run phpMyAdmin: Warning: Unknown: open(C:\Windows\Temp\sess_p2senobmer8ld3eb4kv35dc6r5h4uca1, O_RDWR) failed: Permission denied (13) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (C:\Windows\Temp) in Unknown on line 0 My previous test with writing files now seems to work. What's weird is that it stated working after I used opendir/readdir. I used this command once and like magic files started appearing ever since. Perhaps some bug with FastCGI/IIS 7? Who knows... I'll try changing permissions with Temp... Ok, problem "solved" by giving Users full control over C:/Windows/Temp But this seems like a rather inherently unsafe solution. Giving IIS_USER full control was insufficient so I'm wondering how else I can limit permissions without killing everything.

set to a high enough level and display_errors set to On ? It's very strange for php to fail and not tell you why. error_reporting was set to all, but display_errors was off, my fault. I turned display_errors on and got the following message when trying to run phpMyAdmin: Warning: Unknown: open(C:\Windows\Temp\sess_p2senobmer8ld3eb4kv35dc6r5h4uca1, O_RDWR) failed: Permission denied (13) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (C:\Windows\Temp) in Unknown on line 0 My previous test with writing files now seems to work. What's weird is that it stated working after I used opendir/readdir. I used this command once and like magic files started appearing ever since. Perhaps some bug with FastCGI/IIS 7? Who knows... I'll try changing permissions with Temp...

Hello, I tried installing a test environment on my laptop today. I'm running IIS7 with php 5.3 on 32bit Vista Premium. PHP seems to be working fine but I had some silent error when trying to set-up phpMyAdmin. After some nosing around I found that the problem was that I could not write/append to files, but without getting any error messages. That is, I can open a stream, get a valid resource id, but when I try doing fprintf nothing happens. I thought it was a permission issue but even after I gave full control to everybody, the issue persisted. Any suggestions how I can debug this? Thanks, Ilya

Ok, while you still get some problems, the solution is actually pretty nice. Thank you, topic solved. I used, based on sasa's suggestion: function OptimizeCurpath($curpath){ $a=$curpath; $a = explode('/',$a); $count = count($a); for ($i = 1; $i < $count; $i++) { if ($a[$i] == '..' && $a[$i-1]!='..') { unset($a[$i]); unset($a[$i - 1]); } } $a=implode('/',$a); return $a; }

I actually like sasa's solution and will try to implement it...

Lol, all php code is executed at page load. If you want a row deleted only when you click the link you must have something along the lines of main.html <a href="delterow.php">Delete Row FTW!</a> delterow.php <?php $query_apagar = mysql_query("DELETE FROM contacto WHERE id = '1'");?>

Well, writing to a file can be done by something along the lines of $content="Your Content Here"; $filename="yourfile.txt"; $fin=fopen($filename,"w"); fwrite($fin,$content); fclose($fin); Hope this helps, Ilya

Hi, I'm writing a file manager for a school org I'm in. My question is this, currently, when I have someone navigate through directories and they want to go one up I simply append ../ to the directory path. Since this is done in a series of places and it is fairly convenient, I don't think I'm going to change this. The problem, however, is that after some browsing you end up with a path along the lines of "../dev/sample1/../sample2/../sample3/../" instead of simply "../dev/". This becomes very problematic if one of the folders I've previously browsed was deleted (in which case the whole algorithm breaks). What I need to do is create a function that would take in the currentpath $curpath (which can be ugly and long) and spit out the optimized path (so, to return back to my example, I want to be able to pass the function "../dev/sample1/../sample2/../sample3/../" and have it return "../dev/"). I tried to make an algorithm by splitting the path by split($curpath,"/") and then removing parts of the array that precede ".." but it doesn't really work. Hope you can help me, Thank you in advance, Ilya V