BetterPHP

Why is it an issue?

o_O I wonder what in that video they claim to own... Well it's more or less impossible to work out who FFT is but from watching the video back I guess it's some of the software I used that is non-free, there is nothing else in there :? You'r gonna be thrown in jail... lol :( I've had it before wher...

Everybody who remained loyal got paid $50,000,000 for staying with the forum.

Pity, you just missed out.



Nah. Not much really.

My favourite is probably David Tennant (only seen the last 3 doctors though)

Although, I met Chrisopher eccleston in Starbucks once. In manchester, where I live

Matt smith is quite good, but for me; David was miles better.

SQL is quite a powerful language. You can nest statements, create procedures (basically functions) and do all sorts of useful things. it is far more advanced than just Select, insert, delete or update.

I am trying to process an inapp request for Google Wallet (so that its instant rather than google checkout which takes longer) The processing (in terms of charging the user) works perfectly. However, I can't seem to process the actual postback. https://developers.google.com/in-app-payments/docs/post...

-snip- Unless you do this in the background (ie, not at runtime) then no, it affects the user. Because PHP is interpreted, it runs line by line, so once it gets to this section of the code it has to perform each operation, and the user wont be able to progress until it is done. Oh that's not good :...

-snip- I know what DMCA is. But, the point of the website is that people don't need to be worried about any tracebacks. Or as few as possible. DMCA saves me from being sued (apparently. Although the US doesn't seem to know its own laws too well) But, I'm trying to help my users also, by not storing...

ou my lord thats a big file!! :lol: Exactly, if you have the last browser in the list and the last OS in the list there are about 100 unnecessary if operations. Something I've always wanted to know, having this file wont affect the user, right? Just the server? Unless you do this in the background ...

Since I can guarantee that not all 100% of the data is going to be legal. You seriously need to look into DMCA.... I know what DMCA is. But, the point of the website is that people don't need to be worried about any tracebacks. Or as few as possible. DMCA saves me from being sued (apparently. Altho...

Would there be any noticeable difference in security if you would go farther than 2048, or incorporate letters as well? I'm thinking that 2048 bits is difficult enough to crack, so going bigger wouldn't necessarily mean being safer. Am I wrong here? Bigger will always work better; however. It doesn...

If somebody was able to obtain the hashed password, then they'd be able to obtain the salt as well then. Regardless of whether it is in the same table as it or not. Most likely, the safest way to do salts is to store the salt in a file which is outside of root. That way, the file isn't readable by a...

Quick addition to this:

Does anyone know the difference between openssl_digest, hash, hash_hmac, crypt, bcrypt and scrypt?

jacek wrote:Store a hash of the IP that can't be used to get back to the original IP ?

Heh, didn't think of that.

Hmm, could do.

Im trying to do the entire project without storing personally identifiable information, except their email address. So, no IP storing :( Interesting challenge, but why bother ? Storing the IP makes this very easy and reduces your queries per page load :) Because Im doing an upload website, which if...

http://stackoverflow.com/questions/3482 ... in-control

That should help

Kamal wrote:

bowersbros wrote: So, no IP storing

You are already doing that, look at your nginx logs

Im planning on having no logs eventually, Im currently logging stuff so that I can keep track of any visitors I dont particarly want yet

What I mean though, is that it is too easy for someone to create a session isn't it, and fake their way to me believing that they're someone else. Link the session ID to the IP address, problem solved :P Plus they have to be able to guess the session ID which is not easy Im trying to do the entire ...

You should probably have the users' ID, from the database, in the session and then the username. Then you can check to see whether the user ID and the username match. That could be easy to fake. Depending on setup of profile pages etc. The way I chose to do this in the end was: public static functi...

In javascript, numbers with a leading zero are not considered to be correct, when used in the way you use them. There are different types of numbers, for example binary ,decimal, octal and hexadecimal. Octal doesn't allow leading zeros. keep them in the form of decimal to carry out calculations on t...