|
||||||
| JavaScript and CSS Extensible Markup Language, Java Script, and CSS questions here. |
![]() |
|
|
LinkBack | Thread Tools | Search this Thread | Display Modes |
|
|||||
|
In PHP you can initializes a connection with cURL: PHP: curl_init - Manual
If the connection is successful, it will return true - else it will return false.
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall |
|
|||
|
Hey there,
I believe I may have the correct code for a solution for URL validation. The output below is correct: Page Found Page Not Found Domain Not Found However, sometimes there is no output. For instance, check the following: No Output I am just wondering why there is no output for this site? Here is my PHP code for the URL validation checker: PHP Code:
URL Validation Code Reference Thanks again for any advice. You guys are great! Sincerely, Travis Walters admin@codebuyers.com
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. providing To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. for To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
|
|||||
|
Because the website is replying with a 403 code!
Look here: Ben's HTTP header viewer Quote:
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
|
|||
|
Hello again,
Thanks for the great responses guys. My webpages are now only displaying links that are valid! However, I have been reading about another type of attack people use to hack websites. It is called SQL Injection. It appears that hackers manipulate the URL string in an attempt to manipulate query strings to the database. Would htmlspecialchars() and / or htmlentities() take care of the SQL Injection attack type? Lastly, besides SQL Injection and Cross site scripting (XSS), are there are other types of attacks that I should be taking into consideration to make my website more secure? Thanks in advance for anymore information you can provide me with. It is truly greatly appreciated. Sincerely, Travis Walters admin@codebuyers.com
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. providing To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. for To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
| Sponsored Links |
|
|
|
|||||
|
Well there are and always will be other methods. Anyways for the SQL injections why not reading this:PHP: SQL Injections
It might help you to understand better.
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
|
|||||
|
Yeah, I spent a lot of time writing the information in that link above, it should do a good job explaining what it is and how to prevent yourself from an attack.
The other big security risk to keep in mind are Remote File Injections (RFI). Unfortunately, I know nothing about them.
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall |
|
|||
|
Hey there,
That was a great article you had. I will definately look at that anytime I do anything with PHP. I am a hardcore coldfusion programmer so I have spent a few hours looking into coldfusion SQL injection prevention. I learned a lot reading Ben Forta's article below: Ben Forta's SQL Injection Prevention Article for Coldfusion Code:
<cfquery name="END_USER" datasource="DSN_NAME"> SELECT ID, USERNAME, PASSWORD, TYPE_ID FROM MEMBERS WHERE USERNAME = <cfqueryparam cfsqltype="CF_SQL_VARCHAR" value="#FORM.USERNAME#"> AND PASSWORD = <cfqueryparam cfsqltype="CF_SQL_VARCHAR" value="#FORM.PASSWORD#"> </cfquery> However, something I was not doing was including the type attribute with cfparam. For example, the following might be done towards the beginning of a page: <cfparam name="URL.CustID" type="integer"> I will have to spend a few hours and make sure everything is secure with this but I am close already. Then, I will look into that other type of attack you mentioned. Thanks again for the help. You guys are great. I am sure I will add to this thread later on if I find anything else related to it. Sincerely, Travis Walters admin@codebuyers.com
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. providing To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. for To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
|
|||
|
Hey guys,
I have been looking into remote file injections like you mentioned. I came across the following information: Quote:
I never allow executable files to be uploading to my website unless it is in a ZIP folder. In fact, I have the majority of files in a ZIP folder except images. I am wondering if people can inject special characters into the name of a JPEG image much like the SQL Injection or XSS Insertion? On my windows machine, it does allow the characters { /,\, :, *, ?, ", <, >, | }. However, I am not sure about Linux or MAC. I guess the solution here regardless is to rename files randomly among uploading them. Sincerely, Travis Walters
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. providing To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. for To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. |
|
|||||
|
Keep in mind, files can be spoofed. Just because it is a jpg, doesn't mean its not an executable.
__________________
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. Chat with other CodeCall members on IRC; connect to irc.codecall.net and join #codecall |
| Sponsored Links |
|
|
![]() |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Memory leak prevention methodogies | c___newbie | C and C++ | 2 | 11-18-2007 10:29 AM |
| Dynamic Email insertion in HTML | Gibster | HTML Programming | 5 | 07-17-2007 04:22 PM |
| Xav | ........ | 1276.19 |
| MeTh0Dz|Reb0rn | ........ | 1047.22 |
| marwex89 | ........ | 869.98 |
| morefood2001 | ........ | 868.04 |
| John | ........ | 857.15 |
| WingedPanther | ........ | 761.06 |
| Brandon W | ........ | 684.87 |
| chili5 | ........ | 294.12 |
| dargueta | ........ | 192.86 |
| Steve.L | ........ | 192.06 |
Goal: 100,000 Posts
Complete: 81%