Jump to content

pizzaguy

Members
  • Posts

    113
  • Joined

  • Last visited

Everything posted by pizzaguy

  1. Alright, I think I understand. Thanks!
  2. Well the primary reason I want the authentication is to receive the User's blog URL; I don't want people to be able to impersonate others.
  3. Well, I'm certainly not going to be putting huge sums of money on the line; all I intend to do is basically include information from a blogging website. So, it's not critical information, but I certainly don't want people to feel that their accounts are vulnerable. Presently, I only really have the means for a single server set up; I would be very happy if the site actually got to the point were multiple servers were necessary.
  4. I'm not sure I understand you, but I think you're misinterpreting me. If I understand you, I think you believe I'm saying that site B is giving me the user's password. The Other website (which I'll now call "Website B"), has the API. I want users on my site (Website A), to provide their password for Site B, so that site A can login to B's API and retrieve the desired information for use on site A. An example of the API is a call with information that includes "email", "password", and "information" attributes, in which the user logs in with the email and password, and the "information" is retrieved for use in my site.
  5. I'm trying to create a website that integrates with the API of another website, so I need to be able to store the users' passwords for this other site. Naturally, I want to try to protect them as effectively as possible, but they need to be able to be decrypted so that the regular password can be sent to the other website. What's the best way to handle this situation? I could encrypt them using something like AES encryption—Actually, does PHP have support for high end encryption like AES, Serpent or Twofish?—but that would mean anyone with access to the database of encrypted values, and the means to figure out the encryption technique (viewing the PHP files), could discover the passwords. One method I thought of would be to base the encryption on the plain-text password for my website (as the encryption key) upon log-in, since that password would be encoded with one-way encryption like md5, and then store the plain-text password in a session. My only problem here is that I have no idea how secure sessions really are; since they're stored on the server, are they secure, or could someone (on either client or server side) easily view them?Anyone have any ideas of the most effective technique for this situation?
  6. pizzaguy

    Code not working

    PHP is a server-side programming language. You need to actually run it on a server to actually see the output; you can't simply open the file in a web browser. The simplest way to test your output, I believe, would be to pick up XAMPP, which is a distribution of the Apache web server bundled with PHP, MySQL and Perl. Once you set it up, you can just place your PHP files in the server's directory and point your browser to localhost to view the page.
  7. Thank you! mysql_insert_id is just what I was looking for.
  8. For a user registration page I'm making, I have this query to insert the new user's information into the database INSERT INTO users (email,password,public_url,first_name,last_name) VALUES ('$email','$encypted','$URL','$firstName','$lastName') LIMIT 1; Is it possible to also have the query response either return the whole row, or act as though I'm also including "SELECT uid"? Basically, "uid" is my auto_incrementing value, and I want to know if it's possible to access this without having to perform a separate SQL query? It just seems redundant to insert values, and then search for those values again.
  9. I'm trying to create my first real log in system and I want it to be as secure as I can possibly make it. Right now, I have a function I'm using to clean form input for things like a user's email address, password, username, etc. when he or she is registering. Here is a snippet: /* $value is the variable taken from $_POST after the user has submitted the form */$value = @urldecode($value);$value = @strip_tags($value); $value = @stripslashes($value);$value = @substr($value,$maxLenth); Right now, my main question is whether I should leave the substr function at the bottom, or move it to the top and use it as the first action. Since I don't know much about overflows and errors like that, I wasn't sure whether it'd be best to make sure the input was shortened first, or whether I should clean everything else out of the string and then trim any excess last? Also, given what I already have here, would I still want to call mysql_real_escape_string before entering the final $value into my database? Finally, is there any other recommended actions that I should include in order to make sure any input is acceptably clean?
  10. Really, unless you use headers (although I'm still not sure if it's possible), or javascript to modify the back/forward buttons, you can't do it. If you haven't noticed, when you press back and forward the page doesn't reload since it's coming from the memory, so a server side script won't be able to affect this. But also as said above, it's not really a security issue, since going back isn't actually logging you out. It's just taking you to the cached page you were at before you logged in. For example, if you go to a website and log in from the home page, then press back, it may look like you are once again logged out, but if you refresh the page, you will see that you're still actually logged in.Another example, would be these forums. Press back after you have posted a response. The response won't be shown because you just went back to when it didn't exist, but it's still there.
  11. Alright. I was able to figure out how to do it. This is the code I used (plus a little extra, just in case someone happens to be looking for something like this) # To stop apache from killing the scriptset_time_limit(0);# Sending the correct header# The boundary=ipcamera is important.# You will have to change "ipcamera" to whatever your camera uses to seperate the# images. Mine uses "--ipcamera" as seperator. You can omit the leading --, but have# to use the rest.header('Content-Type: multipart/x-mixed-replace;boundary=ThisRandomString');# Sending the images# You probably have to adapt the url to the video screen of your cam.//readfile('http://user:pass@ip_adresse_of_camera/video.cgi') //readfile('http://192.168.1.90/img/mjpeg.cgi');$fp = fopen("http://192.168.1.90/img/mjpeg.cgi", "r");$buffer = '';while(!feof($fp)){ $buffer = fgets($fp,300000); //just an arbitrary limit size which will be larger than any line given. if(!is_null($expiration) && time() > $expiration && trim($buffer) == "--ThisRandomString") break; //if the time has expired, and the stream has finished sending a frame echo $buffer;}if(!is_null($expiration) && time() > $expiration){ //if expiration has occurred echo "--ThisRandomString\n"; echo "Content-Type: image/jpeg\n"; echo "Content-Length: " . filesize("expired.jpg") . "\n"; echo "X-TimeStamp: 99999999999999\n\n"; //arbitary timestamp echo file_get_contents("expired.jpg"); echo "\n--ThisRandomString--\n";} The while loop successfully emulates the readfile. The if statement inside will stop the loop if this specific stream has expired, but it will only do so once the stream has finished sending a frame. Then afterwords, a final image containing a message is shown as the last frame which will remain shown, saying that the stream has expired.
  12. Well, that might work, unless Ingolme is correct and it won't block streams already running. However, I suppose I should have been more specific regarding what I wanted to do, because it only complicates things further. What I'm trying to do is set this up so there are temporary "users" so that the webcam can be viewed. Each of these users may have a specific time which it is set to expire (im saving it in a UNIX timestamp). So, the problem with this solution is that, even if it does work, what I am really looking for is a way to only stop one account's stream, but allow others if they have not yet expired.
  13. Hello. I'm making a script to stream an mjpeg image stream from my webcam. So far it's working quite well, but I was wondering if it was possible to interrupt the stream. Currently, this is the code which is responsible for streaming it (I got it off of another site) # To stop apache from killing the scriptset_time_limit(0);# Sending the correct header# The boundary=ipcamera is important.# You will have to change "ipcamera" to whatever your camera uses to seperate the# images. Mine uses "--ipcamera" as seperator. You can omit the leading --, but have# to use the rest.header('Content-Type: multipart/x-mixed-replace;boundary=ThisRandomString');# Sending the images# You probably have to adapt the url to the video screen of your cam.//readfile('http://user:pass@ip_adresse_of_camera/video.cgi') readfile('http://192.168.1.90/img/mjpeg.cgi'); What I want to know is, is it possible to interrupt the readfile stream? For example, I want to have the webcam stream be disabled and inaccessible if it's after 3 PM. (I could easily make it check before the page loads, but I want to know if I can actually stop anyone who may be currently viewing the stream).
  14. i have a feeling that most browsers would disable something like this due to security issues...Edit: Actually, this might be what you need: Source
  15. Website loads (the links don't) and the graphics are positioned good (at least they look like they are on my screen). The animations SOMETIMES work, they don't always happen. I might get yelled at for this, since there is probably a better way, but what you might want to do is set the hover to an animated gif, and then use css :hover to activate that. I think some people will cringe at the thought of animated gif, but that suggestion was based on my personal preference against javascript. As for the positioning issue, it's because of how each element is placed (some based purely on position in html, others using css positioning).
  16. http://partners.adobe.com/public/developer...=7&zoom=100^Read that document, also notice the parameters I added to the end of it
  17. Ok. The site should now fit to 960px, I added hover graphics on the menu and calendar, and I added a bit of padding below the logo (which was my interpretation of Yvil's #3 for white space. I'm not sure what else to do to improve that?)Also, with regards to making the page flexible, that's on my todo list, but right now, I just want to get it to a nice happy point so that I can actually get the final site up, and then I'll start adding improvements like that.
  18. With regards to number 1, I would like more opinions on that, because I rather liked it being connected to the first post.
  19. Humm, I must have screwed up with padding somewhere, because the container is supposed to be 1024px wide
  20. I recently finished another website for a club at my school. It is, in my opinion one of my best designs, and it's also my first wordpress theme.http://yesiwouldlikefrieswiththat.com/test_blog/Comments, please?Also note, due to the server it's on, loading might be slow. And, the two links at the upper left side (text link and logo link) to the home page will not work due to a server configuration problem which I can not seem to fix (the links require a slash / at the end of the link for the directory, but wordpress isn't placing the final link in there)Finally, if you see anything that appears to be a display issue, please tell me your OS and Browser, as I am working quite hard to make it display on all browsers as fully as possible.
  21. Using CSS 3 you can make the background image resize (how ever it may not work on all browsers)Take a look at this link, and scroll down to the heading "New Property: Background Size".In short, all you need to do is add: background-size: contain; which scales down image to fit element (maintaining pixel aspect ratio). background-size: cover; which expands image to fill element (maintaining pixel aspect ratio).
  22. Thanks, I knew it was DOM, but I was just hoping there would be an equivalent value of it in CSS. I thought about using the server-side class modification, but I don't know how given the situation. I'm making this for widgets in a Wordpress theme, and I don't know how to make wordpress put a class in, based on the title and still put a title in normally.if ( function_exists('register_sidebar') ) register_sidebar(array( 'name' => 'sidebar', 'before_widget' => '<div class="sidebar-box">', 'after_widget' => '</div>', 'before_title' => '<h2>', 'after_title' => '</h2>',)); Side note: Should I post a new topic in PHP now, or can I just leave this here?
  23. pizzaguy

    Background Headache

    Actually, using CSS 3, you can fix this. Take a look at this link, and scroll down to the heading "New Property: Background Size"
×
×
  • Create New...