• Content count

  • Joined

  • Last visited

  • Days Won


jimfog last won the day on December 17 2011

jimfog had the most liked content!

Community Reputation

30 Excellent

About jimfog

  • Rank
    Dedicated Member
  • Birthday 10/28/1979

Previous Fields

  • Languages
    Englsh, Greek

Contact Methods

  • MSN

Profile Information

  • Gender
  • Location
    Athens, Greece
  • Interests
    Computing, in any form of it, whether is web development, control theory or other, enjoy reading history books, especially WWII books, movies, fast cars(i do not have one, just a humble toyota yaris).
  1. Tell me if I got this right cause I am little confused... There are 2 cases when throttling must be applied to a form...when an attacker performs an attack(dictionary attack,brute force etc) to a single account. In the above case throttling must be activated in this specific account AND when there is distributed brute force attack at which case throttling must be activated to ALL of the accounts. Am I correct?
  2. I agree... Nonetheless...before setting the parameters in every site page I must be certain that the "thing" works. So...in order to test it I just placed the code in one page and hit refresh.
  3. After deleting the session cookie and refreshing the page the login screen appeared(something to be expected as the session was destroyed)...a logged in again and a new cookie was sent...meaning that the code still has no effect. I must add this: When the user logins he/she is redirected to a page called appointments.php(it is the home page of a logged in user)...the code is found there. It is not the page where the session is set originally....so I am wondering if the code must be placed in the page where the session is set original. I just placed the code in appointments.php and did the testing there.
  4. I trying to set the session cookie parameters using the function session_set_cookie_parameters.Here is the code: $sesarr=session_get_cookie_params();//I use this function here to grab the data and padd them below session_set_cookie_params($sesarr["lifetime"],$sesarr["path"],$sesarr["domain"],TRUE,TRUE); session_start(); Now....according to the manual if the secure option is set to true(as the case above) the cookie will only be sent if the connection is secure. I do my testing to a local machine(localhost) and as such the connection is not secure. Despite that the cookie is sent after all...I can see that from chrome dev tools. Any idea why this might be happening?
  5. What I cannot understand is how to use conditionals to achieve this. Here the form must appear when the link is clicked which is an if(isset['GET']) { //form } Yes but we also must take into consideration when the submit button is clicked: if (isset($_POST['submit'])) { //form } So my problem now is how to combine these two...and as you said having one form.
  6. I am facing a problem with the markup of a registration form. The user is presented with some links and each of them when clicked leads to a registration form-so far everything is OK. But when the submit button is clicked(and if errors are found) the user is taken to the registration form again-but this time the markup is different,the errors displayed. In other words I have markup in my HTML file for two different registration forms(I mean the form is the same of course but the one appears when the link is clicked and the other when the submit button clicked.) Take a look here http://hastebin.com/iriqiyepom.xml : It is a mess...there are times that in the screen the same form appears twice. How I could clean it up? The reason that lead me using 2 forms is that the second contains markup for errors shown(span elements).
  7. yes....modifying form action value seems to do the job and transfer data from page to page...
  8. Take a look again at the code at line 17:http://hastebin.com/fomibewiqe.scala what gets sent to the server must be values like '1'.You must modify your acode according to that before I can test it. I can do it myself but since you started it I want you to complete it please. It is important that this little detail gets settled before continuing.
  9. My page has 2 links that when one of them is clicked a registration form appears. The links correspond to different type of business.This info must be passed to the registration form and sent to the server with $_POST. The way I do this you can see that here http://hastebin.com/fomibewiqe.scala (along with other code) at line 17. And here is my problem: So,when I click the submit button the btype value is sent to the server. But Imagine this for a while: I click the submit button, an input is empty,I get a warning,I fill it and then click the submit button again(second time). $_GET['Btype'] gets to be udefined. The reason for this being that when I click the submit button second time the URL is this: /form/php,,,, btype query parameter is absent from the URL and as such it gets to be undefined. WHat can I do?
  10. You are right.
  11. Τhe folder structure is like this C:\Apache24\htdocs\Appointments\Frontend\js for JS files. entering the full path would be a problem cause if I put in the script tag this <script src="Frontend/js/jquery-1.11.1.min.js" ></script> the browser enters the full path itself...so the end result is this: http://localhost/Appointments/Frontend/Frontend/js/jquery-1.11.1.min.js which leads of course to a faled request... Anyway...what are you trying to achieve with this? I have clearly identified the problem here with the links but I cannot find what is causing it. After the rewrite rule is implemented take a look what the console shows for every JS file. https://onedrive.live.com/redir?resid=BE27434B2AAC8130!456&authkey=!ABzaukrkGCA9W80&v=3&ithint=photo%2cPNG ANYWAY...i think the solution is to change from relative to absolute URLs....I am just stuck in the implementation of it,it should be easy. P.S I am hours in front of the PC and I am tired
  12. Is there any other way to grab the stub besides a htaccess rewriting?Htaccess is a mess.
  13. yes I am using relative URL's...I tried prepending a slash,as you said but for all the JS files I get 404 in the console.
  14. I have come to understand what the problem is.This is my htaccess now...with all the changes suggested: RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^blog_show/(.*)$ blog_show.php/?t=$1 [NC,L] The problem persists though...
  15. Ι do not understand. First of all what these RewriteCond statements do? You also say that the URL is not of an existing file/dir. If that is the case how the rewrite rule must be....if not of an existing file/dir? Cause you say also that there must be a rewriteRule statement.