I have a captcha system going and for some reason when I use
<?php
$s = "";
for($i = 0; $i < 10; $i++) { $s = $s.rand(0,9); }
$_SESSION['CaptchaValue'] = $s;
$fn = '/Login/Register/Captcha.php';
echo '<img src="'.$fn.'" alt="Captcha" />';
?>
and Captcha.php uses require_once or include to include some classes that I
use to generate the captcha then it fails(usually get alt showed). But when
I include the classes directly inside the file it works ;/
This is very strange behavior? It really shouldn't matter if I do that,
right? And it is also a security issue because then if they can read the php
I they can get how I generate them.
What I can I do?
captcha.php
<?php
// Captcha classes inserted here but removed for brevity
header("Content-type: image/png");
session_start();
$f = $_SERVER['DOCUMENT_ROOT'].'/Login/Register/';
//require_once($f.'Captcha.php');
$c = new Captcha();
$c->Fonts->Add($f."1.TTF", 0.23, 15, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."2.TTF", 0.5, 15, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."3.TTF", 0.27, 18, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."4.TTF", 0.27, 18, 2, 5, 0, 10, 20);
$s = $_SESSION['CaptchaValue'];
$img = $c->Create($s);
imagepng($img);
imagedestroy($img);
?>
Now I know the require is working or atleast when I debug I can step through
the classes so I'm sure its including it but it acts almost as if I'm not
including it(except I don't get any errors about it).
What ends up happening is either I get the alt showed or I get something
where its like the image is missing(but you get the border for with the X
icon).
Any ideas?
Thanks,
Jon 4 1993
On 8 Jun., 23:57, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
I have a captcha system going and for some reason when I use
<?php
$s = "";
for($i = 0; $i < 10; $i++) { $s = $s.rand(0,9); }
$_SESSION['CaptchaValue'] = $s;
$fn = '/Login/Register/Captcha.php';
echo '<img src="'.$fn.'" alt="Captcha" />';
?>
and Captcha.php uses require_once or include to include some classes that I
use to generate the captcha then it fails(usually get alt showed). But when
I include the classes directly inside the file it works ;/
Needed classes or other files must be included inside Catpcha.php.
First, the client will get an output including 10 html image tags.
After then, the client sends new requests, to get and display the
images. Therefore you must include them inside Captcha.php
This is very strange behavior? It really shouldn't matter if I do that,
right? And it is also a security issue because then if they can read the php
I they can get how I generate them.
Normally it's not possible to "read" PHP files. PHP code will
outputted by the Webserver if you use show_code() or if the Webserver
doesn't know what to to with files having .php format.
An approved way is to source out included files like classes, helper,
etc. outside the web directory. Then, nobody can require these files
directy by using a request.
What I can I do?
captcha.php
<?php
// Captcha classes inserted here but removed for brevity
header("Content-type: image/png");
session_start();
$f = $_SERVER['DOCUMENT_ROOT'].'/Login/Register/';
//require_once($f.'Captcha.php');
$c = new Captcha();
$c->Fonts->Add($f."1.TTF", 0.23, 15, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."2.TTF", 0.5, 15, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."3.TTF", 0.27, 18, 2, 5, 0, 10, 20);
$c->Fonts->Add($f."4.TTF", 0.27, 18, 2, 5, 0, 10, 20);
$s = $_SESSION['CaptchaValue'];
$img = $c->Create($s);
imagepng($img);
imagedestroy($img);
?>
Now I know the require is working or atleast when I debug I can step through
the classes so I'm sure its including it but it acts almost as if I'm not
including it(except I don't get any errors about it).
What ends up happening is either I get the alt showed or I get something
where its like the image is missing(but you get the border for with the X
icon).
Any ideas?
Thanks,
Jon
purcaholic
"purcaholic" <pu********@googlemail.comwrote in message
news:11**********************@p77g2000hsh.googlegr oups.com...
On 8 Jun., 23:57, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
>I have a captcha system going and for some reason when I use
<?php
$s = ""; for($i = 0; $i < 10; $i++) { $s = $s.rand(0,9); } $_SESSION['CaptchaValue'] = $s; $fn = '/Login/Register/Captcha.php'; echo '<img src="'.$fn.'" alt="Captcha" />'; ?>
and Captcha.php uses require_once or include to include some classes that I use to generate the captcha then it fails(usually get alt showed). But when I include the classes directly inside the file it works ;/
Needed classes or other files must be included inside Catpcha.php.
First, the client will get an output including 10 html image tags.
After then, the client sends new requests, to get and display the
images. Therefore you must include them inside Captcha.php
huh? But require/include should do this? I shouldn't have to manually copy
the classes into the php directly but should be able to use require/include
in any php to include data? The client has nothing to do with this as it
doesn't see php.
>This is very strange behavior? It really shouldn't matter if I do that, right? And it is also a security issue because then if they can read the php I they can get how I generate them.
Normally it's not possible to "read" PHP files. PHP code will
outputted by the Webserver if you use show_code() or if the Webserver
doesn't know what to to with files having .php format.
An approved way is to source out included files like classes, helper,
etc. outside the web directory. Then, nobody can require these files
directy by using a request.
Yes, but what I'm worrieda bout is security. Same reason not to include
password in php files. But as you said... an "approved way" is to source out
include files... yet I cannot do this because when I use require_once it
then doesn't work..
I don't think you fully understand the issue.
Say I have the captcha.php used for the image
//------------------- CASE 1
// class.php
<?php
class CaptchaMods()
{
function modifyimage($img)
{
//.........
}
}
?>
// some php file
<?php
header("content-type: image/png");
//*****************
require_once('class.php);
$c = new CaptchaMods();
$img = imagecreate(100,100);
$img = $c->modifyimage($img);
imagepng($img);
imagedestroy($img);
?>php
The above doesn't work, but this does
//------------------- CASE 2
// some php file
<?php
header("content-type: image/png");
//*****************
class CaptchaMods()
{
function modifyimage($img)
{
//.........
}
}
$c = new CaptchaMods();
$img = imagecreate(100,100);
$img = $c->modifyimage($img);
imagepng($img);
imagedestroy($img);
?>php
--------------
In CASE 2 all I did was copy and paste the class where the require was...
and now it works(well, this is just test code that might not work but is the
idea). This is essentially what require is suppose to do anyways? Only thing
I can think of is that require isn't working but when debugging I was able
to step through the class. Maybe for some reason its not so I'll have to
play around with it to see.
Thanks,
Jon
On 9 Jun., 14:12, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
"purcaholic" <purcaho...@googlemail.comwrote in message
news:11**********************@p77g2000hsh.googlegr oups.com...
On 8 Jun., 23:57, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
I have a captcha system going and for some reason when I use
<?php
$s = "";
for($i = 0; $i < 10; $i++) { $s = $s.rand(0,9); }
$_SESSION['CaptchaValue'] = $s;
$fn = '/Login/Register/Captcha.php';
echo '<img src="'.$fn.'" alt="Captcha" />';
?>
and Captcha.php uses require_once or include to include some classes that
I
use to generate the captcha then it fails(usually get alt showed). But
when
I include the classes directly inside the file it works ;/
Needed classes or other files must be included inside Catpcha.php.
First, the client will get an output including 10 html image tags.
After then, the client sends new requests, to get and display the
images. Therefore you must include them inside Captcha.php
huh? But require/include should do this? I shouldn't have to manually copy
the classes into the php directly but should be able to use require/include
in any php to include data? The client has nothing to do with this as it
doesn't see php.
This is very strange behavior? It really shouldn't matter if I do that,
right? And it is also a security issue because then if they can read the
php
I they can get how I generate them.
Normally it's not possible to "read" PHP files. PHP code will
outputted by the Webserver if you use show_code() or if the Webserver
doesn't know what to to with files having .php format.
An approved way is to source out included files like classes, helper,
etc. outside the web directory. Then, nobody can require these files
directy by using a request.
Yes, but what I'm worrieda bout is security. Same reason not to include
password in php files. But as you said... an "approved way" is to source out
include files... yet I cannot do this because when I use require_once it
then doesn't work..
I don't think you fully understand the issue.
Say I have the captcha.php used for the image
//------------------- CASE 1
// class.php
<?php
class CaptchaMods()
{
function modifyimage($img)
{
//.........
}}
?>
// some php file
<?php
header("content-type: image/png");
//*****************
require_once('class.php);
$c = new CaptchaMods();
$img = imagecreate(100,100);
$img = $c->modifyimage($img);
imagepng($img);
imagedestroy($img);
?>php
The above doesn't work, but this does
//------------------- CASE 2
// some php file
<?php
header("content-type: image/png");
//*****************
class CaptchaMods()
{
function modifyimage($img)
{
//.........
}
}
$c = new CaptchaMods();
$img = imagecreate(100,100);
$img = $c->modifyimage($img);
imagepng($img);
imagedestroy($img);
?>php
--------------
In CASE 2 all I did was copy and paste the class where the require was...
and now it works(well, this is just test code that might not work but is the
idea). This is essentially what require is suppose to do anyways? Only thing
I can think of is that require isn't working but when debugging I was able
to step through the class. Maybe for some reason its not so I'll have to
play around with it to see.
Thanks,
Jon- Zitierten Text ausblenden -
- Zitierten Text anzeigen -
Either the include path, where youre class besides, isn't in php
include_path setting, or included file has an white space, which will
be also send to the client. Check your'e captcha class for white space
characters before "<?php" or after ">?".
You wrote, that you could step to the class while debugging, therefore
i suppose an additional send character after header("content-type:
image/png"); causes the issue.
purcaholic
"purcaholic" <pu********@googlemail.comwrote in message
news:11*********************@p47g2000hsd.googlegro ups.com...
On 9 Jun., 14:12, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote:
>"purcaholic" <purcaho...@googlemail.comwrote in message
news:11**********************@p77g2000hsh.googleg roups.com...
On 8 Jun., 23:57, "Jon Slaughter" <Jon_Slaugh...@Hotmail.comwrote: I have a captcha system going and for some reason when I use
><?php
>$s = ""; for($i = 0; $i < 10; $i++) { $s = $s.rand(0,9); } $_SESSION['CaptchaValue'] = $s; $fn = '/Login/Register/Captcha.php'; echo '<img src="'.$fn.'" alt="Captcha" />'; ?>
>and Captcha.php uses require_once or include to include some classes that I use to generate the captcha then it fails(usually get alt showed). But when I include the classes directly inside the file it works ;/
Needed classes or other files must be included inside Catpcha.php.
First, the client will get an output including 10 html image tags.
After then, the client sends new requests, to get and display the
images. Therefore you must include them inside Captcha.php
huh? But require/include should do this? I shouldn't have to manually copy the classes into the php directly but should be able to use require/include in any php to include data? The client has nothing to do with this as it doesn't see php.
>This is very strange behavior? It really shouldn't matter if I do that, right? And it is also a security issue because then if they can read the php I they can get how I generate them.
Normally it's not possible to "read" PHP files. PHP code will
outputted by the Webserver if you use show_code() or if the Webserver
doesn't know what to to with files having .php format.
An approved way is to source out included files like classes, helper,
etc. outside the web directory. Then, nobody can require these files
directy by using a request.
Yes, but what I'm worrieda bout is security. Same reason not to include password in php files. But as you said... an "approved way" is to source out include files... yet I cannot do this because when I use require_once it then doesn't work..
I don't think you fully understand the issue.
Say I have the captcha.php used for the image
//------------------- CASE 1
// class.php <?php class CaptchaMods() { function modifyimage($img) { //......... }}
?>
// some php file <?php
header("content-type: image/png");
//***************** require_once('class.php);
$c = new CaptchaMods(); $img = imagecreate(100,100); $img = $c->modifyimage($img); imagepng($img); imagedestroy($img); ?>php
The above doesn't work, but this does
//------------------- CASE 2
// some php file <?php
header("content-type: image/png");
//***************** class CaptchaMods() { function modifyimage($img) { //......... }
}
$c = new CaptchaMods(); $img = imagecreate(100,100); $img = $c->modifyimage($img); imagepng($img); imagedestroy($img); ?>php
--------------
In CASE 2 all I did was copy and paste the class where the require was... and now it works(well, this is just test code that might not work but is the idea). This is essentially what require is suppose to do anyways? Only thing I can think of is that require isn't working but when debugging I was able to step through the class. Maybe for some reason its not so I'll have to play around with it to see.
Thanks, Jon- Zitierten Text ausblenden -
- Zitierten Text anzeigen -
Either the include path, where youre class besides, isn't in php
include_path setting, or included file has an white space, which will
be also send to the client. Check your'e captcha class for white space
characters before "<?php" or after ">?".
You wrote, that you could step to the class while debugging, therefore
i suppose an additional send character after header("content-type:
image/png"); causes the issue.
Seems to be working now. I just copyed the file and removes the non class
code in one and the class code in the other and then added the require. You
might have been right about the extra spaces... maybe before or after the
php code. I didn't think about that but thats probably the case cause it was
saying the image was invalid(atleast in firefox) so chances are some spaces
were getting inserted.
Thanks,
Jon This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Philipp Lenssen |
last post by:
My friend has the following problem (background: we want to transform
XML to XHTML via XSLT):
"We copy XHTML fragments into an output by using the following template:
<xsl:template match="*"...
|
by: MyndPhlyp |
last post by:
I've been busting my head trying to figure this out for quite some time.
With IE6 and NS7, no problems. I can simply code the HTML <img
height="100%"> and be done with it.
But NS4 and NS6 (and...
|
by: KS |
last post by:
Just to show some code to show the consept.
<img id="date" onclick="javascript:show_calendar();"
src="/PlexSysWeb/images/show-calendar.gif" width=20 height=18 border=0>
What i want the...
|
by: Gérard Talbot |
last post by:
Hello all,
I'd like to know and understand the difference between, say,
<img src="/ImageFilename.png" width="123" height="456" alt="">
and
<img src="/ImageFilename.png" style="width:...
|
by: Henry Johnson |
last post by:
Okay - I'm spinning my wheels on this one... can someone help me figure out
how to programmatically populate a table cell as follows (from C#
code-behind)? I've tried using a Literal control in the...
|
by: News |
last post by:
I am trying to be able to manipulate the width and height of an <img> but do
not seem to be able.
"Yes", I know the JavaScript will "not" manip anything, which is ok. I
simply do not know how to...
|
by: Carl |
last post by:
Hi all
I have a javascript function that drags and drops an element (ie img)
into a container (ie bordered div). The function works and returns the
element and and container.
My next step is to...
|
by: SammyBar |
last post by:
Hi all,
I wonder is it possible to upload the content of an <imgfield to a server.
The content of the <imgwas downloaded from a web site different from the
one it should be uploaded. The image...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |