Hello,
Is there a max legth of filename in fuction fopen?
I am having problems in opening long files such as:
Warning: fopen("http://www.etrse.com/tmsid/cgi-bin/np/viewnews.cgi?category=1&id=1029482159", "r")
PS: The search fuction is not working properly.
Hey,
Im quite sure the restriction is determined by the method of the protocol (e.g. GET,POST etc). Take a look at documentation about HTTP wrapper in fopen() (using remote files ).
It could also be due to that site not allowing remote referrers uless the said referrer is from their domain/site.
UMMMMMMMM...
Im pretty sure you require fsockopen() as far as im aware fopen() is for local items ONLY..
Hey,
No, as of version 4.0.5 you can open files on the web (http,ftp). Unless of course your host has set allow_fopen_url to 0 in the php.ini.
ummm dude.. wtf do you know..
ummmmm....
http://exposure.org.uk/articles/article.php?article=/etc/passwd
ummmmm....
You dont deserve the title sysadmin with the output like below on the WEB side
...
fsupport
503:503::/home/wfsupport:/bin/bash
backup504:504::/home/backup:/bin/bash
mysqld98:98::/usr/local/var:/bin/bash
johnny505
:/home/johnny:/bin/bash
ranesh506:/home/ranesh:/bin/bash
initiative507:/home/initiative:/bin/bash
srobbens508:/home/srobbens:/bin/bash
leblanc509:/home/leblanc:/bin/bash
khanri511:/home/khanri:/bin/bash
...
If you're going to get down all nitty and gritty. For a start that is not our server. I have informed our host about this, but they do not care so we're in the process of changing.
Secondly, try and find a server on our .net that is as vulnerable as our hosted org's site.
And thirdly can you see the title Web Developer in my sig... NO I DON'T THINK SO... I am a SYSTEMS ADMINISTRATOR and not a WEB DEVELOPER.
Why don't you find another playground where the kids are more stupid than you are...
Surely a DECENT system administrator checks the soundness of code before implementing it on the server ? or do you not implement QC checks ?
I know that no piece of code enters onto my companies web server without my say so, you cant trust staff to "go it alone".
I already called webfusion about an hour ago, and they just said that nobody probably visits the site anyway, so its not a risk. lol.
So, you're telling me that you so much time on your hands, no friends, that you need to go and call our webhost and identify a problem that has already been identified. Go on, try and access it again.
Oh, and since when is a systems administrator that is in charge of systems in an organisation always responsible for web developers working for that said organisation ???
It just so happens that i can change anything on that site as a please...
I thank you all for your help. My probmems still exists. I would like to elaborate more problem I am having.
Using a script I am able to open many filenames on the same site, but not the longer ones. That is why I thought there must be a limit somewhere.
I stumbled on this information below in the web. My question is, is it possible to go around this hindrance?
Thnaks again in advance
Richard
The fopen() function may fail if:
[EINVAL]
The value of the mode argument is not valid.
[EMFILE]
{FOPEN_MAX} streams are currently open in the calling process.
[EMFILE]
{STREAM_MAX} streams are currently open in the calling process.
[ENAMETOOLONG]
Pathname resolution of a symbolic link produced an intermediate result whose length exceeds {PATH_MAX}.
[ENOMEM]
Insufficient storage space is available.
[ETXTBSY]
The file is a pure procedure (shared text) file that is being executed and mode requires write access.
Hey,
Have you checked your php.ini ???
Can I (or others) take a look at the code your using ???
Also, try to use something like this:
<?php
error_reporting( E_ERROR | E_WARNING | E_PARSE );
$url= "http://exposure.org.uk/";
$fp = fopen($url,"r");
if( ! $fp )
{
die("warning: failed to connect to $url");
}
else
{
while( ! feof($fp) )
{
$str .= fgets($fp,4096);
}
if( ! $str )
{
die("warning: \$str is empty!");
}
}
if( ! fclose($fp) )
{
die("warning: could not close \$fp!");
}
?>
This will (as you probably know) tell you if it could not connect, if $str is empty or if it could not close...
P.S. Sorry about the above...
Hey,
I just stried accessing the url you're having problems with and here's the results:
<?php
error_reporting( E_ERROR | E_WARNING | E_PARSE );
$url= "http://www.etrse.com/tmsid/cgi-bin/np/viewnews.cgi?category=1&id=1029482159";
$fp = fopen($url,"r");
if( ! $fp )
{
die("warning: failed to connect to $url");
}
else
{
while( ! feof($fp) )
{
$str .= fgets($fp,4096);
}
if( ! $str )
{
die("warning: \$str is empty!");
}
}
if( ! fclose($fp) )
{
die("warning: could not close \$fp!");
}
echo "<html>\n<head>\n";
echo "<base href=\"http://www.etrse.com/\" />\n";
echo "</head>\n</html>\n";
echo $str."\n\n";
?>
output from the php script:
Warning: fopen("http://www.etrse.com/tmsid/cgi-bin/np/viewnews.cgi?category=1&id=1029482159", "r") - No error in D:\People\Elfyn\Website\test_fopen_url.php on line 5
warning: failed to connect to [url]http://www.etrse.com/tmsid/cgi-bin/np/viewnews.cgi?category=1&id=1029482159[/url]
output from url 'http://www.etrse.com/tmsid/cgi-bin/np/viewnews.cgi?category=1&id=1029482159':
CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:
Can't open perl script "d:\html\users\etrsecom\html\tmsid\cgi-bin\np\viewnews.cgi": No such file or directory
IO beleive this is your problem...
For all of the people that feel the need to e-mail my boss or give him a call:
Originally posted by elfynmcb
So, you're telling me that you so much time on your hands, no friends, that you need to go and call our webhost and identify a problem that has already been identified. Go on, try and access it again.
Oh, and since when is a systems administrator that is in charge of systems in an organisation always responsible for web developers working for that said organisation ???
It just so happens that i can change anything on that site as a please...
There is no longer a security vulnerability...
Please stop sending us E-MAIL !!!