bobbfwed

OK, so I have now reinstalled mySQL 5 on my computer, hoping that maybe with that installed it would work. Still no joy. So I must be doing something else wrong. The other extensions are loading (GD, ZIP, GZ2, etc.) but not mySQL. Any help?

I am running WinXP and I have PHP 5.2.9-2 installed with an Apache 2.2.1 server. I have a server running with a similar setup (but with Vista and mySQL 5). I tried installing mySQL on my computer but this computer has had some unresolvable (reformatting and all) problems for quite some time, and mySQL just could not run. So I attempted to connect to the remote server. I setup PHPMyAdmin and it hooked up fine. I then uninstalled mySQL from my computer (and restarted). PMA was still able to connect and operate 100%. I then tried to run a script on my server with a mysql_connect() to the remote server. But it comes back "Call to undefined function mysql_connect()". phpinfo() shows no mySQL present, but PHPMyAdmin works just fine! How is this possible? Does PMA use some manual loading of the functions or some wierd thing like that? I have the extensions setup fine (the mySQL extension loaded fine when I have mySQL installed). Do I have to have mySQL installed on my computer to access a remote mySQL server with PHP?

Here is the demo site: http://www.steelwolvesclan.com/filemanage/filemanage2.php But as I said. Functionality is very limited. Seeing as I don't trust giving random people on the internet write or edit access to my file server. But you can see the general feel. If you like, try hacking the login.

This is a program I have written which allows for multiple users and gives any of the users access to use the most common file-system functionality (copy/cut/rename) to any file on the server. It also goes beyond that and allows users to be restricted to viewing certain directories or even certain files. File ownership is taken into account allowing users to restrict others from accessing or editing their files (but does not apply to admins of course). Admins have complete control over each users' ability to read, write, edit, or delete files and directories. I'm hoping for some people to give me some pointers on where the program should go from here. Any advice on security problems would be quite useful as well. You can download the program here: http://sourceforge.net/project/platformdownload.php?group_id=136826 installing is simple (run the fm_setup.php script) and there is a good amount of documentation in the README. And you can post any bugs or feature requests here: https://sourceforge.net/projects/filemanage/ but posting them here on this forum would be plenty for me. I am working on getting a demo site up, but have run into some hosting problems. But of course, the vast majority of features are only usable when you yourself are an admin within the system (which would not be possible with the demo site).

But the link to nastiness would only affect the user that did the "injecting" right? Well, either way, I have added the htmlspecialchars to the SELF variable, and have added it to the return of dir_nav, so it should no longer be a problem. Of course this app is more than just this one file...so I'll have to take this all into consideration with ther other stuff as well.

http://pixybox.seclab.tuwien.ac.at/pixy/output/pixy_1228526737jF1lqx/xss_pixy_1228526737jF1lqx_1_min.dot.png doesn't tell me anything... I'm doing it because some computer told it not doing it was bad. Could you explain why this is a vulnerability?

That one is much more usable. I have adapted it, and am trying to integrate it into my application: https://sourceforge.net/projects/filemanage/ (for the 2.1.0 release)

at what point would the file name have to be so filtered? Unless the admin puts some weird characters in the file name, SELF (just a constant of $_SERVER['PHP_SELF']) should be fairly safe. Were you having problems with it? If so, can you post a bug at sourceforge.net? And let me know how to duplicate it. BTW: 2.0.1 has been release (download at the link the first post). Not too many major changes, but we are already working on 2.0.2 (more minor changes) and 2.1.0 which is going to have some hefty interface changes, and integration with a templating engine for easy UI modification and simpler development.

I'm not quite sure what you mean by a test account. Do you mean on a server of mine? The setup of the program on your own system can be installed in about 30 seconds (setup by a setup wizard/script). The program does have complete support for limiting users' access to files and directories (setup by admins or moderators of the system). The problem is, a lot of the good features that the program has, I don't want to give to every joe schmoe on this website, thus yourown setup would be a better example of the power of the this application. I will try to setup the program on a server I have. Hopefully later today that can be up. FYI: Version 2.0.1 will hopefully be released this weekend or early next week.

Yeah, that one is nice, but it is far from simple, and is dependent on some Yahoo objects. A left-click context menu is fine for me too. From the reading I have done right-click menus are kind of a hacky workaround.

I am looking for some simple single-level (multi-level isn't a problem) menu that can appear at any location on the screen (it isn't bound to any specific place) (i.e. if I want to make it appear the the mouse's location). I've looked on google. Most of the menus are bound to a location or don't seem to work in IE or FF. I am hoping someone can point me in the right direction, or give me an example of how to create my own simple movable menu

I have been working on this project for quite some time, and have just recently released version 2.0. In short: PHP Remote File Management System (File Manage for short) is an easy-to-use PHP system that allows multiple users to view, edit, delete, copy, rename, and move files and directories anywhere on the host computer. I've had it described as a PHP-based FTP system. But you have some extra flexibility that FTPs don't have. I'd love if some of you tried it out and me know what you think of the new version. Maybe some things that should be added or changed! Check it out on Source Forge.net here: https://sourceforge.net/projects/filemanage/

Forgot to mention: just PM me if you are interested. Your email address would be appreciated, that is the easiest way for me to contact you.

(I don't know if this is the right place to put this request -- please move it if it is not) I have been working on a PHP/mySQL project that allows users to view lists of files and directories anywhere on a computer (where the script is installed). It also makes files available for editing, deleting, creating and other actions. There is a login system with admins, moderators, and other users. Each user can have a unique set of available tasks within the system. Users may have access to view a file, but not edit it. I have re-written the application from the ground up for version 2.0 and it is now in post-alpha stage and am looking for a few testers to try it out and give feedback on the new feel of the system. Try to break things and give me ways to reproduce it. See what features would be desirable in such a product, maybe give ideas for execution. Also a couple developers/designers who can add a nice touch to the project. I am good at application/back-end but by front-end is always simple and straight forward using HTML and minimal JS. Some help to possibly do some CSS and interface work on the toolbox and admin tools or add context-sensitive menus to the main pages would be great. I am hoping for a few people that can hang with multiple changes over the next week or two (it shouldn't take longer than that before it is available for release). visit http://www.sourceforge.net/projects/filemanage/ for more information. A SourceForge.net user would be a big plus! On that site version 1.0 is available, but it is old. Only download it if you want to compare the new version to the old one, maybe to see some of the features I have left out, see if they are worth putting back in.

even better, thanks!

well this is what I did while I was awaiting an answer... if (false !== stripos($_SERVER['SERVER_SOFTWARE'], 'win')) so... i guess that is the solution. I don't have access to a linux box at the moment. What would linux display in SERVER_SOFTWARE?

This must have come up before, but the search function on these (and every other forum system) is impossible to get results out of...anyway... I am trying to find the surest way to get the server's operating system. All I need is "Windows"/"Linux"/"Mac"/etc. I don't need versions or whatnot. I see some of that info entrenched in $_SERVER ... but I was wondering if there is a simpler way. Also...while we are at it. I have a function that changes a file's or directory's permissions with chmod. But on windows the chmod of a directory seems to do very little. There are two settings: 0777 and 0555 (read-only). 0555 still allows you to rename the directory and create files/dirs inside of it. Files have only two options as well: 0666 and 0444 (read-only). Is there any way to beef it up? So to relate to the server OS question: I will probably just do what windows does, only give you the read-only/everything options when on Windows, and give full octal control when on other operating systems (I'm assuming Mac -- at least MacX -- uses the Unix/Linux octal system?).

Or, smaller (and probably a good deal faster), but only works up to (around 2^57 -- maybe someone can explain why): function remainder ($value, $div) { $tmp = floor($value / $div); return ($value - ($tmp * $div)); }

ah, I didn't think of 31 bits....stupid signed variables. There's no way to unsign them for this operation is there (I want 32 bits!)? Is there even a way to handle variables in PHP as not signed (no negative value available)?

I am creating a decimal to base-36 (and back) system. But I've found that while getting the remainder of certain large numbers, I get negative numbers, what does this mean? Maybe a system-specific problem (I've tried it on two of my computers). Examples: 2655429305 % 36 = -35; 4128789450 % 36 = -10 ... but there is a long list, and it seems random, but as the number gets higher, there are more negative returns. Is there some arbitrary limit that operator? Try the above math on your PHP system. Just in case it may matter, here is my code: <?PHP $b10 = 4128789450; // decimal input here dectobase36($b10); echo $b10.'₁₀<br>'; echo '=<br>'; $b36 = dectobase36($b10); echo $b36.'₃₆<br>'; // display base-36 output echo base36todec($b36); // double check the results function dectobase36($b10) { $b36 = NULL; $b102 = $b10; while ($b10 > 35) { if (($b10 % 36) < 0) die($b102.' '.$b10.' '.($b10 % 36).' Decimal value too high.'); // die, and show some values $b36 .= chr(ret_ord_value($b10 % 36)); $b10 = floor($b10 / 36); } $b36 .= chr(ret_ord_value($b10 % 36)); return strtoupper(strrev($b36)); } function ret_ord_value ($num) { if ($num > 9) return $num + 87; else return $num + 48; } function base36todec($b36) { $value = 0; $b36 = strtolower($b36); for ($i = 0; $i < strlen($b36); $i++) $value += ret_let_value(substr($b36, -1 - $i, 1)) * pow(36, $i); return $value; } function ret_let_value ($let) { if (ord($let) >= 48 && ord($let) <= 57) return $let; elseif (ord($let) >= 97 && ord($let) <= 122) return ord($let) - 87; else die($let.'...Bad character.'); // if it is fed a invalid character } ?>

Uhg....as I said...out of the game a bit...I never changed "extension_dir" in php.ini ... I just kind of figured they would default the ext_dir to where they install their own extensions... It seems to work now.

I am by no means new to Apache, PHP, or MySQL, but I have been out of the game for a good year or so. I have just re-installed all the new stuff Apache 2.2, PHP 5.2.6, and MySQL 5.0. Apache/PHP works great, but for the life of me I cannot get MySQL working. I used the installer for all three, which might have something to do with it. Initially PHP had some obscure PHP.ini that seemed to have everything, but was missing certain things like the list of omitted extensions and such. I downloaded the "manual" version of PHP and copied the php.ini-recommended to my PHP directory and worked off that instead. But, to no avail. The PHP directory didn't have any of the exension binaries anyway; so again I copied that from the downloaded "manual" copy, and placed in the PHP/ext directory. My first test to see if it works is trying to run a fresh copy of phpmyadmin, but it just always says, "Cannot load mysql extension." I'm sure you guys get a million of these every day, but I couldn't find any help on tutorials on the net...so I came here.