Jump to content


Photo

register_globals off solution required!!


  • Please log in to reply
1 reply to this topic

#1 schandhok

schandhok
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 26 September 2006 - 12:58 AM

Hey guys
I have been trying to fix each and every page of my site to overcome the register_globals off code changes. I was able to fix session problems with the help of ninja to the point that my search.php page now opens easily as i changed the code in my valodator.php header file with this

php:
<?php
//if(!$user){
  //  header("location: form_login.php");
  // }
     
        if(!$_SESSION['user']){
    header("location: form_login.php");
    }


The only problem now i am encountering is that after i input my parameters for search and submit. I get the following error
Warning: fopen(new_gateway.txt) [function.fopen]: failed to open stream: Permission denied in /usr/local/www/apache22/data/new_gateway.php on line 4

Warning: curl_setopt(): supplied argument is not a valid File-Handle resource in /usr/local/www/apache22/data/new_gateway.php on line 9

THis is my new_gateway.php file which is the form action of mysearch.php file...
php:
<?php
    session_start();
  // include "valodator.php";
$file_gateway_respons = fopen('new_gateway.txt', 'w');
$blas=curl_init();
#curl_setopt($blas,CURLOPT_URL,"http://localhost/artur/prob.php");
curl_setopt($blas,CURLOPT_URL,"http://www.ncbi.nlm....LAST/Blast.cgi");
curl_setopt($blas,CURLOPT_POSTFIELDS,$GLOBALS["QUERY_STRING"]);
curl_setopt($blas,CURLOPT_FILE,$file_gateway_respons);
curl_exec($blas);
curl_close($blas);
fclose($file_gateway_respons);
    $file_gateway_respons = fopen('new_gateway.txt', 'r');
    $gateway_respons_text = fread($file_gateway_respons,100000);
    fclose($file_gateway_respons);
 
    if(strpos($gateway_respons_text,"<font color=¥"red¥">ERROR:")==0){
        $gateway_respons_text=str_replace("<form action=¥"http://www.ncbi.nlm....AST/Blast.cgi¥" enctype=¥"application/x-www-form-urlencoded¥" method=¥"POST¥" NAME=¥"FormatForm¥">","<form action=new_setparams.php method=get NAME=¥"FormatForm¥" enctype=¥"application/x-www-form-urlencoded¥">",$gateway_respons_text);
        $gateway_respons_text=str_replace("<form action=¥"Blast.cgi¥" enctype=¥"application/x-www-form-urlencoded¥" method=¥"POST¥" NAME=¥"FormatForm¥">","<form action=new_setparams.php method=get NAME=¥"FormatForm¥" enctype=¥"application/x-www-form-urlencoded¥">",$gateway_respons_text);
        $s_query_first=$GLOBALS["QUERY_STRING"];
        session_register("s_query_first");
        }
        else{
            $my_user='chandhs';
            $my_pass='gnome007';
            // $my_pass='';
            $db=mysql_connect(localhost,$my_user,$my_pass);
            mysql_select_db("blast",$db);
           
            $u_id=$user["id"];
            $date=date("Y-m-d");
            $s_query_first=$GLOBALS["QUERY_STRING"];
            $rez=mysql_query("INSERT INTO search (s_user,s_time,s_query_first,s_query_last,s_cdate) VALUES($u_id,'0','$s_query_first','','$date')");
            mysql_close($db);
            $gateway_respons_text=str_replace("<!--  the header  -->",
"<center>
<h2>Western Washington Periodic Search Agent for<br> Protein Database Information</h2>
<img src='NCBI%20Blast.files/wwu_header.gif' width='291' height='90'><BR>
<table>
    <tr>
        <td><a href='index.php'>HOME</a></td>
        <td>  &nbsp&nbsp&nbsp&nbsp</td>
        <td><a href='form_login.php'>LOGIN/REGISTER</a></td>
        <td>  &nbsp&nbsp&nbsp&nbsp</td>
        <td><a href='mysearch.php'>SEARCH</a></td>
        <td>  &nbsp&nbsp&nbsp&nbsp</td>
        <td><a href='info.php'>INFO</a></td>
        <td>  &nbsp&nbsp&nbsp&nbsp</td>
        <td><a href='contacts.php'>CONTACT US</a></td>
    </tr>
</table>
</center>",$gateway_respons_text);
            }
    echo $gateway_respons_text;

?>

#2 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 26 September 2006 - 01:01 AM

Dont forget to use $_POST['']; on every valable.

If it is linux set the folder to 777

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users