Search found 12 matches

by gbow
Mon Mar 15, 2004 7:13 am
Forum: PHP - Code
Topic: Validating a filetype during file upload
Replies: 6
Views: 1021

ive never used pathinfo before but it did give html as the extension.
nevermind
ill stick with my code.
thanks for your assistance :D
by gbow
Mon Mar 15, 2004 6:08 am
Forum: PHP - Code
Topic: Validating a filetype during file upload
Replies: 6
Views: 1021

i dont think it is no
we just use .php files mostly anyway

is my code ^up a bit^ not suitable for blocking php files?
by gbow
Mon Mar 15, 2004 5:47 am
Forum: PHP - Code
Topic: Validating a filetype during file upload
Replies: 6
Views: 1021

ok thanks i have used the mime type to block exe files but using pathinfo as you suggested does not help me to block php files as it returns the extension as html. do you have any further suggestions for blocking php files? thanks for your help i have used the following code now and it seems to work...
by gbow
Mon Mar 15, 2004 5:08 am
Forum: PHP - Code
Topic: Validating a filetype during file upload
Replies: 6
Views: 1021

Validating a filetype during file upload

Hi I have setup file upload systems on many of our sites. I am having problems validating the file type that has been uploaded. Obviously I would like to prevent .php and .exe files being uploaded. How can i prevent this successfully? i have tried to use the $_FILES['userfile']['type'] variable but ...
by gbow
Thu Mar 11, 2004 3:30 am
Forum: PHP - Code
Topic: Get Full URL Inc "http://"
Replies: 7
Views: 846

Thanks for your help guys I used if(isset($_SERVER["HTTPS"])){ // do nothing }else{ // redirect to https } this seems to work well - many thanks the port thing would have worked for us because we control the ports in this case but we wanted a solution we could use for all sites so your ide...
by gbow
Wed Mar 10, 2004 11:26 am
Forum: PHP - Code
Topic: Get Full URL Inc "http://"
Replies: 7
Views: 846

thats cool but could you give me a quick talk through it? I have just tried using the following - see what you think ----- // ***GET URL & PUT https:// IN FRONT OF IT TO SET THE URL FOR REDIRECT*** $secure_url = sprintf("%s%s%","https://",$HTTP_HOST,$REQUEST_URI); // ***CHECK...
by gbow
Wed Mar 10, 2004 10:54 am
Forum: PHP - Code
Topic: Get Full URL Inc "http://"
Replies: 7
Views: 846

Get Full URL Inc "http://"

Hi I need to check whether my user has visited http:// or https:// on my site. I have been trying to gather the url string from the location bar but can only seem to get the parts after the http://. The reason I need this is so that I can redirect to https:// if they have accidentally visited throug...
by gbow
Mon Feb 23, 2004 3:11 am
Forum: PHP - Code
Topic: PHP.ini (expose_php)
Replies: 6
Views: 1590

correct
im just worried that people might be able to steal parts of my code that i dont want the world to see :wink:
by gbow
Fri Feb 20, 2004 10:02 am
Forum: PHP - Code
Topic: PHP.ini (expose_php)
Replies: 6
Views: 1590

thats what i thought - but you never know these days!
by gbow
Fri Feb 20, 2004 5:19 am
Forum: PHP - Code
Topic: PHP.ini (expose_php)
Replies: 6
Views: 1590

many thanks no real need to do it then :D seeing as when all pages are .php it pretty much gives away the fact that php is being used... :wink: is it possible for people to get at the php code i use on my pages? i know it doesnt show up when people view source but is it possible for them to get at u...
by gbow
Wed Feb 18, 2004 7:02 am
Forum: PHP - Code
Topic: php.ini + session config
Replies: 2
Views: 1434

hi dunno if you managed to sort this yet i am no expert but it would seem to me that the directory where your php.ini is set to save the sessions cannot be found this is set here session.save_path = "C:\Program Files\Apache2\sessions" i see you have already messed with savepath (your comme...
by gbow
Wed Feb 18, 2004 6:28 am
Forum: PHP - Code
Topic: PHP.ini (expose_php)
Replies: 6
Views: 1590

PHP.ini (expose_php)

Hi

I am currently reviewing php security practices and am looking into a variety of options. just wondering if turning 'expose_php' to off in the php.ini file will have any effect on my existing code? thats all thanks.