geudrik

Just as clarification, I want to be able to not touch my current SSL setup, but instead use the CA file I have to sign user-generated keys to allow access to a protected area of the site. Also, I'm making progress.. Changed my Location block to... <Directory "/sekrit"> SSLVerifyClient require SSLVerifyDepth 2 SSLCACertificateFile /etc/apache2/ssl/ssl.crt Options +Indexes </Directory> So now it's actually using the crt that signed the key... I now get 403's when I go there, both with and without the certs I've created. Making progress, but still equally as perplexed.

There's an easier way to do this... Change your DNS settings for the domain you purchased. www still just fail, where as the latter will work. As 'www' is technically a "sub-domain" anyway (semantics, psh), you can simply remove the A record for "www" at the DNS level, and it will no longer work.

That's one way to do it.. GoDaddy... *shudder* haha I'll stick to private servers crankyslap: If you could mark this topic as 'Solved' that'd be great, providing we've got your question answered to its fullest

Why not just leave your linux box as DHCP, and set your router to reserve a given IP based on your servers MAC address? :S Seems like the easiest thing to do... This will, for all intents and purposes, set your server to a static IP. It's how I've got mine set up. Your router reserves the IP you tell it to, and will skip over assigning it to anything other than the MAC address associated with it (your servers MAC)

Glad I could help! Getting Apache configured properly after you've signed up / requested the certs can be a bit of a pain... if you need a hand, feel free to zip me a private message and I'll help ya out (though, I must admit I have a grand total of zero windows apache config experience...)

Yes, if this is just a locally desired change, modifying your hosts file is the easiest way to go about it. Open the file C:\Windows\System32\drivers\etc\hosts and add lines in accordingly. The file has instruction on what and how to make edits. Using vhosts, by your explanation, seems to be a waste of time. I would go about this doing the following (assuming that you need server functionality - ie: php parsing) Have just your default vhost and move 'other' into your default vhost, just as a folder (eg: http://localhost/other) Then, edit your hosts file and add in lines for something-cool.dev -> localhost something-uncool.dev -> localhost/other

1) I force SSL regardless of content. It helps me sleep better at night. 2) Class 1 CA's Certs are free - www.startssl.com

Alright, I've been beating my head against a wall for a while now... I am trying to set up a certificate based access to a directory, /sekrit, on my webserver. I am using a Class 1 CA-issued set of certificates for my server - SSL is forced, :80 connections are not allowed. The set of CA files I'm using are listed as follows. SSLCertificateFile /etc/apache2/ssl/ssl.crt SSLCertificateKeyFile /etc/apache2/ssl/ssl.key SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem SSLCACertificateFile /etc/apache2/ssl/ca.pem I have run the following commands to generate a user certificate (that they install in their browser) and every time I keep getting (Error code: ssl_error_handshake_failure_alert) $ openssl genrsa -out ~/client.key 2048 $ openssl req -new -key ~/client.key -out ~/client.csr $ sudo openssl x509 -req -days 365 -CA /etc/apache2/ssl/ssl.crt -CAkey /etc/apache2/ssl/ssl.key -CAcreateserial -in ~/client.csr -out ~/client.crt $ openssl pkcs12 -export -clcerts -in ~/client.crt -inkey ~/client.key -out ~/client.p12 I have also tried 1024 and 4096bit key lenghts, and the signing goes through all hunky dory, but I continually get the same error when trying to connect. By the way, the code I have in my xxx.com:443 vhost is: <Location /sekrit> SSLVerifyClient require SSLVerifyDepth 2 </Location>

Alright, it's a been a while since I've posted for help here, but I suppose new learning brings new challenges I'm trying to learn how to use GROUP_CONCAT (which I think is what I should be using to get, using the tables below, a list of names of people who do NOT own an a4). CREATE TABLE IF NOT EXISTS `Owns` ( `cid` int(11) NOT NULL DEFAULT '0', `make` varchar(15) NOT NULL DEFAULT '', `model` varchar(15) NOT NULL DEFAULT '', `color` char(10) DEFAULT NULL, `marketValue` decimal(8,2) DEFAULT NULL, PRIMARY KEY (`cid`,`make`,`model`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `Owns` -- INSERT INTO `Owns` (`cid`, `make`, `model`, `color`, `marketValue`) VALUES (1, 'bmw', '323i', 'red', '20000.00'), (1, 'audi', 'q7', 'black', '40000.00'), (1, 'audi', 'a4', 'white', '30000.00'), (2, 'audi', 'q7', 'pink', '40000.00'), (3, 'audi', 'a4', 'silver', '30000.00'), (5, 'subaru', 'outback', 'green', '10000.00'), (5, 'ford', 'f100', 'green', '25000.00'), (6, 'mercedes', 'ml', 'white', '50000.00'), (7, 'mercedes', 'ml', 'brown', '40000.00'), (8, 'mercedes', 'ml', 'brown', '20000.00'), (8, 'subaru', 'outback', 'brown', '10000.00'), (8, 'aston martin', 'bb9', 'yellow', '10000.00'); -- Table structure for table `Customers` -- CREATE TABLE IF NOT EXISTS `Customers` ( `cid` int(11) NOT NULL, `cname` char(20) DEFAULT NULL, `age` int(11) DEFAULT NULL, PRIMARY KEY (`cid`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `Customers` -- INSERT INTO `Customers` (`cid`, `cname`, `age`) VALUES (1, 'john', 20), (2, 'mary', 18), (3, 'jane', 28), (4, 'ann', 40), (5, 'joyce', 33), (6, 'terry', 25), (7, 'claire', 80), (8, 'bob', 60); The query that I have been screwing around with is: SELECT Customers.cname, GROUP_CONCAT(Owns.model) AS Cars FROM Customers INNER JOIN Owns on Customers.cid=Owns.cid WHERE Owns.model != "a4" Which dumps out a single-row table with ALL models in one cell, and just the first owner... What am I doing wrong here? :s

I actually have it solved <VirtualHost *:80> RewriteEngine on # RewriteLog /var/log/apache2/rewrite.log # rewriteLogLevel 5 #Try #293 - ONLY redirect if !stream.php RewriteCond %{SCRIPT_FILENAME} !/stream.php RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301] DocumentRoot /var/www </VirtualHost> <VirtualHost _default_:443> RewriteEngine on # RewriteLog /var/log/apache2/rewrite.log # rewriteLogLevel 5 # Force /stream.php to be served on HTTP, { NOT } HTTPS RewriteCond %{SCRIPT_FILENAME} /stream.php RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [L,R]

<VirtualHost *:80> RewriteEngine on # Check to see if /stream.php is called for, and stay on :80 if so RewriteCond ^(.*)$ http://%{SERVER_NAME}/stream.php%{REQUEST_URI}$ RewriteRule $ [L] # Force SSL Connection RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> <VirtualHost _default_:443> # Redirect SSL connection of /stream.php back to :80 RewriteEngine on RewriteCond %{THE_REQUEST} ^[a-zA-Z0-9]{0,200}\ /stream\.php\ HTTP/ [NC] RewriteRule ^.*stream\.php%{REQUEST_URI}$ http://%{SERVER_NAME}:80/ [R=301,L] ... Basically, I am forcing an HTTPS connection (which works great). But what I need to do is bounce back to an http connection if /stream.php is called (and it ONLY resides in the root, but DOES take parameters). Similarly, if stream.php is called on an :80 connection, I need to NOT bounce to :443 connection. The above is about as far as I was able to make it... Apache2 starts up, but my rules don't work :s And the logs really don't say diddly about what's up... Any suggestions? Oh, and one final thing I should add is that doing something like this... RewriteCond %{SERVER_PORT}%{REQUEST_URI} ^80$ !\stream.php$ RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] ... also isn't really an option (though if I have to, that will work... my preference is the prior way). Where am I going wrong?

Anyone? This is quite strange :s

As an update... the N/A is added into the array with my script because it's reading the ID3 info as null. I downloaded the file to my local machine, and all meta data shows up (in varying players, as well as in simply the folder view)

I'm looking for ideas thoughts that anyone might have regarding disappearing ID3 tags in .mp3 files after they are uploaded to a web server via $_FILES method. In order, the steps occur at time of upload are: 1) File upload is initiated 2) File is uploaded to temp dir on server 3) File is re-assigned a hash value for a file name, with .mp3 appended 4) File is moved from temp dir to the given users dir 5) Meta Data is supposed to be read, and a row inserted into the DB. Now, everything works as intended - not having any issues... Other than, of course, the mystery of the vanishing ID3 tags. Can anyone shed some light on this? I am 100% certain that I can read the meta data - giving two different parameters on two different files (one uploaded manually via sftp, the other via http through the use of $_FILES) Example of what's happening: http://69.164.222.60/test2.php nji.mp3 was uploaded via SFTP. The hashed .mp3 was uploaded via my web form. Thoughts / Comments / Suggestions / Ideas / Saving Grace? ^^

I do believe I've fixed it Had to change the max file size in php.ini and make sure my mime-types were right. Thank you all for the help - I'll mark this one solved! There should bee a communal beer fund - but I guess the donate button will suffice

Herm. It appears to not be uploading... :s POST:Array ( [upload] => Upload File ) FILES:Array ( [file] => Array ( [name] => sugarcoat.mp3 [type] => [tmp_name] => [error] => 1 [size] => 0 ) ) *geudrik runs off to check out max size in php.ini

Alright, I'm now passing in the variables via: $upload = new Upload; $upload->doAudio($_FILES['file']['name'], $_FILES['file']['size'], $_FILES['file']['type']); However, my errors are now passing me a filename (and a location where it's supposd to be stored on the server. But, the filesize remains 0, and Type remains blank [null]. Therefor, I can only assume that the way that I'm trying to hand the actual upload is not working... As in, trying to pass $_FILES var's directly to the function (though, this DOES appear to uploading the file off my computer [but nothing shows up on server]) Thoughts // Ideas?

Nope -.- Still doesn't seem to fit the bill. The file extension being passed is '.mp3' The filename being passed, either at the top of the function (right after the var is supposed to be populated or at the bottom) is blank. Thoughts?

Think I figured it out... upload.php [$_GET['file'] instead of $_POST ] Testing now

I have confirmation that the $filename var is not being populated. But I have no idea why :s I'm new to file uploads (not a big fan of the idea...) so as far as I can tell, my $_FILE var's are all set, but maybe someone else can shed some light? I echod the variable out right at the top of the function (right after the file is being set) and it echo's as "" [blank]

Herm... //Check for empty file if($filename == ""){ $_SESSION['errMessage'] .= "No File Exists!<br />Filename: $filename"; $flag = $flag + 1; } Apparently, it's not being passed a file? 0.o Not sure why that's breaking...

I commented that section out, and also added in an echo for the $_SESSION['USERS_Media_Folder'] just to make sure it's being passed (it is). Still getting upload failed: No File Exists! [/me begins further investigation ] PFMaBiSmAd: I'll go through my errors and add those in - I usually do, not sure why I overlooked that one! Thank's guys!

the string being passed as: $_SESSION['USERS_Media_Folder'] looks like: /home/user/uploads/

Thanks for the tip! That definitely did something, but ow the server seems to accept the file (as it, it does it's whole 'loading' dance until the file has uploaded completely), but then spits out the same error. The directory where uploads go (with is outside the web dir) is CHMOD'd to 777 Is there any other information that I could include that would help diagnostically?

Having some issues getting this to work properly... I keep getting my own error message I know where it fails, but I can't seem to figure out why it fails. The test file I'm using is an MP3 file, which is why I'm here asking if anyone other than I can shed some experienced light on this File Upload Failed! No File Exists!The file type or extension you are trying to upload is not allowed! You can only upload MP3 files to the server! My upload form looks like: <?php session_start(); define('PITCHFORK', true); if(!isset($_SESSION['USERS_AUTHENTICATED'])) { die("You must be logged in to do that"); } if(isset($_POST['upload'])) { include("config.php"); include("classes/class.media.upload.php"); $file = $_GET['file']; $upload = new Upload; $upload->doAudio($file); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PITCHFORK Login</title> <link rel="stylesheet" href="style/login.css" type="text/css" media="all"> <meta name="robots" content="noindex,nofollow"> </head> <body> <div id="login"><h1><a title="A SpaazZ Industries Concept"></a></h1> <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label>File (one at a time for now)<br> <input name="file" id="user_login" class="input" size="20" tabindex="10" type="file" /> </label> </p> <p> </p> <?php if(isset($_SESSION['errMessage'])) { echo("<div id=\"login_error\"><strong>ERROR</strong>:<br />"); echo($_SESSION['errMessage']); unset($_SESSION['errMessage']); echo("</div>"); } ?> <p class="submit"> <input name="upload" id="submit" class="button-primary" value="Upload File" tabindex="100" type="submit"> </p> </form> </div> </body> </html> My Upload Class looks liks: <?php // TO DO : ERROR HANDLING // AJAX INTERFACING session_start(); define('PITCHFORK', true); class Upload { // The path to local (relivent to the user uploading - on their computer) file var $file; public function doAudio($file) { $target_path = $_SESSION['USERS_Media_Folder']."/"; // Set at login in class.users.php $flag = 0; // Safety net, if this gets to 1 at any point in the process, we don't upload. $filename = $_FILES[$file]['name']; $filesize = $_FILES[$file]['size']; $mimetype = $_FILES[$file]['type']; $filename = htmlentities($filename); $filesize = htmlentities($filesize); $mimetype = htmlentities($mimetype); $target_path = $target_path . basename( $filename ); if($filename != ""){ echo "Beginning upload process for file named: ".$filename."<br>"; echo "Filesize: ".$filesize."<br>"; echo "Type: ".$mimetype."<br><br>"; } //First generate a MD5 hash of what the new file name will be //Force a MP3 extention on the file we are uploading $hashedfilename = md5_file($filename); $hashedfilename = $hashedfilename.".mp3"; //Check for empty file if($filename == ""){ $_SESSION['errMessage'] .= "No File Exists!"; $flag = $flag + 1; } //Now we check that the file doesn't already exist. $existname = $target_path.$hashedfilename; if(file_exists($existname)) { if($flag == 0) { $_SESSION['errMessage'] .= "Your file already exists on the server! Please choose another file to upload or rename the file on your computer and try uploading it again!"; } $flag = $flag + 1; } //Whitelisted files - Only allow files with MP3 extention onto server... $whitelist = array(".mp3"); foreach ($whitelist as $ending) { if(substr($filename, -(strlen($ending))) != $ending) { $_SESSION['errMessage'] .= "The file type or extention you are trying to upload is not allowed! You can only upload MP3 files to the server!"; $flag++; } } //Now we check the filesize. If it is too big or too small then we reject it //MP3 files should be at least 1MB and no more than 6.5 MB if($filesize > 6920600) { //File is too large if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too large! Your file can be up to 6.5 MB in size only. Please upload a smaller MP3 file or encode your file with a lower bitrate."; } $flag = $flag + 1; } if($filesize < 1048600) { //File is too small if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too small! Your file has been marked as suspicious because our system has determined that it is too small to be a valid MP3 file. Valid MP3 files must be bigger than 1 MB and smaller than 6.5 MB."; } $flag = $flag + 1; } //Check the mimetype of the file if($mimetype != "audio/x-mp3" and $mimetype != "audio/mpeg") { if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload does not contain expected data. Are you sure that the file is an MP3?"; } $flag = $flag + 1; } //Check that the file really is an MP3 file by reading the first few characters of the file $f = @fopen($_FILES[$file]['tmp_name'],'r'); $s = @fread($f,3); @fclose($f); if($s != "ID3") { if($flag == 0){ $_SESSION['errMessage'] .= "The file you are attempting to upload does not appear to be a valid MP3 file."; } $flag++; } //All checks are done, actually move the file... if($flag == 0) { if(move_uploaded_file($_FILES[$file]['tmp_name'], $target_path)) { //Change the filename to MD5 hash and FORCE a MP3 extention. if(@file_exists($target_path.$filename)) { //Rename the file to an MD5 version rename($target_path.$filename, $target_path.$hashedfilename); echo "The file ". basename( $filename ). " has been uploaded. Your file is <a href='$target_path$hashedfilename'>here</a>."; } else{ echo "There was an error uploading the file, please try again!"; } } else { echo "There was an error uploading the file, please try again!"; } } else { echo "File Upload Failed!<br>"; if($error != "") { echo $error; } } } // Close function doAudio } // Close Class audioUpload ?>