niche

Thanks. Will the new code create an error log? Also, what about apache's rewrite_module. It's currently disabled. Will that be an issue?

this is what's in my .htaccess file: # This folder does not require access over HTTP# (the following directive denies access by default)Order allow,deny

My localhost is a WAMP server.

Very good explaination So Called. For me, good would mean a request was made for a valid file and bad would mean the file doesn't exit. Anyway, I was trying out $_SERVER['REQUEST_URI'] on my localhost like this: <?php$item = $_SERVER['REQUEST_URI'];include "connect_to_mysql.php";mysql_query("INSERT INTO url_log (req_file) VALUES ('" . $item . "')") or die(mysql_error());?> It successfully executes with "localhost" in the url, but gives me a "file not found" error and fails to execute the index.php script when I typed "localhost/xx" in the url. Do I need to change the setting on my localhost server or change my script?

Where else could you check $_SERVER['REDIRECT_STATUS'] except in the index?

What's one way you sort the good from the bad requests not including an if statement at the top of the index?

That means that I need a simple if statement at the top of my index that checks for errors in the $_SERVER array. Right? I think you've said worlds to that effect already. I'm using my worlds to confirm the communication.

So, apache can be made to send unexpected file requests to a location that can be accessed by a php script. If so, what would that output look like?

I know how to track key strokes, but I can't imagine how to capture unexpected file requests at my site. How do I get an unexpected url request into a php variable?

Thanks. How do you capture the probe?

I'm just trying to understand how an attack works because I'm too ignorant about this. Say you have a site hosted on your shared server called abc.com. Are you able to id an attack when a bot start fishing your site with a php header() for:abc.com/wp-login.phpabc.com/phpmyadmin/scripts/setup.php...and so on Right?

So Called's weakness probes (post #5) are files that users are searching for on So Called's site -- right?

Please provide a short description of one of the simpler attacks.

The question that set's the tone for our work is "how much more profit can you handle?" Nobody has ever told us, "thanks, but we're good". We never take jobs that make us tinker at the margins.

Keeping in mind this is a css forum, I'd have to say use margin.http://www.w3schools.../css_margin.asp

Writing one of your own would be a good exercise: http://www.w3schools.com/rss/

Funny? I probably agree though I'm always amused to think about code in ways I've not thought of before. This is another one of those times for me and the second time just today.

I found a lot of great info in this topic. Thanks to Boen Robot, So Called, justsomeguy, and Don E with this topic.

The manual goes on to say that this is the WRONG way to loop through that variable: while ($entry = readdir($handle)) { echo "$entry\n"; } Why's it wrong?

not surprisingly, getElementById("myP") is referring to an id. your code is changing the value of the html, in the id, to the value of the variable. EDIT: here's a ref for ids:http://www.w3schools...ss_id_class.asp

RE: http://php.net/manua...ion.readdir.php Please confirm that ... $handle = opendir('e:/wamp/www/stk/lams');while (false !== ($entry = readdir($handle))) {}closedir($handle); ... means keep looping until $entry = readdir($handle) becomes false? If so, is it some unique property of opendir() that allows the of this kind of while loop? What might happen if I don't closedir(); ?

More great info jsg. To be forewarned is to be forearmed.

Then you get the id from the $_GET array. In this case, $_GET['id'], right?

So if you clicked "Thing 1" you'd be taken to the page that lists all the rows "where id=1"?

Good thinking and it wouldn't be hard in plain php, but you might consider regular expressions. EDIT: There are considerably fewer ways to mess-up a phone number than an address. I suggest that you only allow numerics and limit entry to 10 digits.