raven74

I use mod_rewrite for other things but it won't work for REQUEST_METHOD. I tried putting this code in the root of my site but it won't work. RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F]

Is there any way of getting the complete client's request headers including the first line? I want to ban users from sending TRACE, TRACK etc request headers to my site. I know this can be done in apache but I don't have permission to modify those files. For example write in terminal: telnet mysite.com 80 TRACE / HTTP/1.0 The above sends a TRACE header to the server that I would like to ban. Can this be done with PHP?

I double checked and no cookies are used anywhere in the https site. I also urlencode the values. In my original code I only wrote the POST to PAGE A but how, if possible, can I write the code so I can also POST to PAGE B ? (The Java Servlet session id is appended to the FORM in PAGE A.) Is that session id relevant at all ?

I'm trying to submit a FORM using POST to a https site (only POST, GET is not allowed). 1. The site requires you to send required fields (theoretically using a FORM) to PAGE A. This POST creates a Java Servlet session id on PAGE A. No cookies are set on the browser that I know of. 2. Once part 1 is done, PAGE A has another FORM where you fill in more details and click on submit which submits the FORM to PAGE B. This submission finalizes the process. I'm wondering if the whole process can be done with cURL. I tried sending parts 1 and 2 all at the same time with POST, but it doesn't work. Can this be done ? $ch = curl_init(); // initialize curl handle curl_setopt($ch, CURLOPT_URL, "https://thesite.com/folder/PAGE A"); // set url to post to curl_setopt($ch, CURLOPT_FAILONERROR, true); curl_setopt($ch, CURLOPT_TIMEOUT, 10); // times out after 10s curl_setopt($ch, CURLOPT_POST, true); // set POST method curl_setopt($ch, CURLOPT_POSTFIELDS, "iputthepostfieldshere"); // add POST fields curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1)"); $result = curl_exec($ch); // run the whole process curl_close($ch);

I'm a noobie especially with sessions... Session is created on pageA and I want to pass it to pageB which basically has not much php code in it. What code do I have to put on each page? On pageB ??: $_SESSION["PHPSESSID"]="what?"; I've been quite a long time trying to find an answer to this "problem". A reference to a tutorial or a little bit more detail would be extraordinary.

I use the $_GET method, appending the PHPSESSID onto the links, to pass the session id between pages. I don't like this method because it appends a long md5 code onto the url. Is there any other way to pass session id's between pages apart from the cookie method ?

I can't get GnuPG / GPG to work on my shared server: - gpg is installed on the server - no functions are disabled in php.ini Anyway, I checked and exec works. - .htaccess allows ExecCGI (just in case this has anything to do with the problem) - gpg and home path are correct according to: $_SERVER['DOCUMENT_ROOT']; and exec("which gpg"); - in gnupg folder: pubring.gpg, random_seed, secring.gpg, trustdb.gpg are all cmod 644. I run the code but absolutely nothing is outputted not even errors... nothing... not even when setting error reporting to "eall". I have tried all the php tutorials I could find on the net but they all have the same problem: they don't output anything. I created a "4096" bit?byte? public key with a key password. Does this password have to be included somewhere in the code ? <?php $gpg = '/usr/bin/gpg'; $recipient = 'sample@email.com'; $texttoencrypt = 'Sample text to encrypt.'; $key_dir = '/home/myusername/.gnupg'; $shellreturn = shell_exec("$gpg -e --homedir $key_dir --no-secmem-warning -r $recipient $texttoencrypt"); echo $shellreturn; ?>