Search the Community

Hi all. i am trying to use php to include a javascript onto different pages, and then "sort of " pass it a var. The bulk of the code will be in an included footer php file. The var will be set in the main page. i have it working as follows: by just using echo 3 times.. the 1st with the first part of the script, the 2nd is the variable, and the 3rd is the rest of the script. The same endcode.php file needs to also be used for pages that wont have a var set, and wont be using the script - hense the isset. <!-- mainPage.php --> <?php $sion_gallery_id = '450'; ?> <?php include(endcode.php); ?> <!-- endcode.php --> <?php if (isset($sion_gallery_id)) {echo "start of javascript.......album/"; echo $sion_gallery_id; echo"/end of script"; } else { echo "var not on set";} ?> This works great, and i can set $sion_gallery_id do different numbers, and it pulls different albums through for diff pages. Is this secure enough as it is? I have read about whitelists, and tried the following: <!-- Headcode.php --> <?php $whitelist = array('465','6', '7','745','450'); ?> <!-- mainPage.php --> <?php include(Headcode.php);?> <?php $sion_gallery_id = '450'; ?> <?phpinclude(endCode.php); ?> <!-- endCode.php --> <?php if (isset($sion_gallery_id)) {if (in_array($sion_gallery_id, $whitelist)) {echo "java script content goes here.......album/"; echo $sion_gallery_id; echo"/end of script"; } else { echo "var not on white list";}} else { echo "No var set"; }; ?> This works when i try it at a basic level. However, when i set it up properly with the headcode and endcode pages being included, and also with all the actual javascript being echoed in endcode.php -- it worked perfectly for the first page. But when i changed the var to a different number, remembering to add this to the whitelist, it wont load - and echoes "var not on white list". ..... but it is? So, do i need to use a white list for this, or have i got the wrong end of the stick anyway. And if i do, can anyone see what may be happening? Is the first var getting cashed somewhere? Any help is much appreciated. Thanks, Sion.

Hey I'm running a website where I get quite a few proxy users evading bans. As an attempt to block them, I added this code: if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1)) die("Your magical proxy adventure ends here."); if(@fsockopen($_SERVER['REMOTE_ADDR'], 3128, $errstr, $errno, 1)) die("Your magical proxy adventure ends here."); if(@fsockopen($_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1)) die("Your magical proxy adventure ends here."); I know it probably could be a little shorter, but it worked which was the main thing. However, a few of my users run legitimate websites off their home networks, so they ended up being blocked by this. I've attempted something, but I am receiving the error: syntax error, unexpected '{', expecting '(' on the first ELSE IF clause. The full code is: if (in_array($_SERVER['REMOTE_ADDR'], $whitelist)) { // User is whitelisted, so we continue without going to the check. } else if { if (@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1) || (@fsockopen($_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1) || (@fsockopen($_SERVER['REMOTE_ADDR'], 3128, $errstr, $errno, 1) } else { // User isn't whitelisted, but is not a proxy, continue! } Can anyone point me in the right direction?