Prevent Access Via Entering Url In Address Bar Of Web Page
I've got a problem whereby I need to block access to my survey, I do not want a situation where a user can access the survey by just entering the URL of the survey, the survey has been integrated with mediawiki.
In my PHP pages I use the following for my DB info: include('dbconnect.php'); If someone was to type the direct path to this file they get a blank page, would it be better to somehow prevent access to this file completely or is it fine the way it is?
I have done a site using Codeigniter, it almost complete now, i have a problem though even though i have implemented sessions and maintained the login to the system , a person can type the url in the browser and enter the web page.it's like this, i have implemented the session for patient registration like this
Okay, on that regEXP, a $msg will replace any thing found and put it into a new form (I don't know how to explain, how about an example): It will turn
And all I want to do is instead of replace all attributes go after [b attribute1 attribute2...attributeN], the function will remain those attributes AS LONG AS THEY DO NOT START WITH on (like onClick, onMouseOver...).
i have created a log in system. the users are connected in a LAN with server.... to access the home page of the log in system, the users has to type url as the ip address of the server i.e, xxx.xx.xx.x/login.home.php... is there any way to access the home page without typing the ip address... just type home in url and enter it will go to the login home page. is it possible? how to do it? wamp 2.0 Apache server. php version 5.3 i am using.
I have developed a website, where i have 2 access levels, users and admin. on the server, i have admin folder with all admin stuff and user folder with all user stuff. based on the username,password combination from login page, i am redirecting the user to appropriate location. Everything is fine, but when user logs in and if he changes or types into the address bar, the pages from the admin folder then he is able to access them. How do i prevent this from happening?
like if the user is redirected to User.php and he changes the address to Admin.php he is getting access to all the admin stuff from there on. I want to know how i can prevent a user from entering the Admin folder completely.
I have developed a website, where i have 2 access levels, users and admin. on the server, i have admin folder with all admin stuff and user folder with all user stuff. based on the username,password combination from login page, i am redirecting the user to appropriate location. Everything is fine, but when user logs in and if he changes or types into the address bar, the pages from the admin folder then he is able to access them. How do i prevent this from happening? like if the user is redirected to User.php and he changes the address to Admin.php he is getting access to all the admin stuff from there on. I want to know how i can prevent a user from entering the Admin folder and all its pages completely, even by changing the address bar.
I've setup an ecommerce site using Prestashop and when testing their contact form, I found that I was not receiving any messages if user enters Yahoo email address as the senders address. I have no problems, however, if the user enters a Gmail address.
Prestashop is set up currently to use the PHP Mail() function for the contact form. What could be the problem and what solutions could I look at as I obviously need to receive mails from everyone, not just those with gmail addresses.
I'm using the ebay API to import the products. After some days/time period I can't get the records from ebay. To ensure the problem I have requested it from the different IP. And it works from it. It concludes that ebay is not allowing the request from earlier IP. So what can be the solution?
Is there a way to prevent the same person from referring itself? IP address is obviously not enough to prevent these kind of scammers that know how to game a system like these.So in the current technology, how do you prevent it from happening? I can use sending messages but these process is to extensive for user registration. I can also do credit card validation but it is also very extensive for my system.
The problem is I have a small form that allows a user to input data into a database. Everything works fine, after a successful submission, the user get a message saying that their info was accepted.
The problem is that if that page is reloaded, it enters the info again. There is only going to be one person doing the submitting so I could explicitly say...DO NOT RELOAD the page, but that seems kinda half as**d.
I'm doin' a site for a company who wants to enter in some News content themselves. They're not comfortable at all with html, so I'd like to create a simple form so they can enter data into a text box, click submit and that data (just news stories) gets sent to the body of the news section.
(The news section is in a table on the home page)
Is there a tutorial around that deals with a similar concept? Something I could learn and then use to create my own? Code:
I have a form where I take a video and convert it to flv using ffmpeg and the php shell_exec function. I store the output into a variable for further processing.I do about the same thing to create images from the video using ffmpeg-php to get individual frames of the video. If I have the image script just return the image to the browser it works fine. If I have the script save it to file, but entering the url into the browser manually, it works fine. However, if I use shell_exec yet again to use wget to call the page, it doesn't work. the output I get from wget is a 500 internal server error. If I copy the URL wget requested, it will create the image no problem. Anyone have any ideas why using wget this way wouldn't workI did notice that when I enter the URL into the browser manually, the page does return an image with the url requested, which is odd because I thought that when you wrote the file to the file system, it just saved it there and didn't return anything to the browser.I'm not stuck on the idea of using wget, it was just the first one that came to mind. I call the script 6 times. I get the first frame of the video and save it, preserving aspect ration, to a 160 width image. I then get the first frame for 5 seconds. So at 30 frames per second, I would create an image of frame 1, 31, 61, 91, and 121.
How to prevent access to certain URL requested pages?
If i have form.html, processFrom.php and getResults.php in my webapp root, even though processFrom.php does not echo any content, how can i prevent the user from accessing this file by typing in the URL?
I have a static form on a server that does not support php: <form action="[URL]... I need the script on the file process_form.php to only be processed if the request is being sent by the static IP of the server on which the static form is hosted. How to do this? If anyone other then that ip is attempting to request the script the script should be killed immediately.
I have caller.php that calls a second file get.php with some parameters (note get.php is not a runtime include, but called only when a user clicks a button), i.e.,
Both caller.php and get.php are in publicly accessible folders. abc.mp3 resides in a level higher than public and not open. I want get.php to work ONLY when called from caller.php. If get.php called directly from the browser it should result in an error message. I don't want to use referrer checks if possible. Also, not looking for foolproof method, but something that is reasonably secure or will require a few steps each time to break.
I have considered passing a $secretkey from caller.php to get.php but anything I pass can be seen in the view source or headers? Also, session variables don't work well I think as I don't want user to go to caller.php first and then right after do a direct call to get.php because session key is set as that will trick get.php into working....