Jump to content

jfkafka

Members
  • Content count

    161
  • Joined

  • Last visited

1 Follower

Profile Information

  • Real Name
    john kafka
  1. jfkafka

    jQuery Banner Rotator

    well, it was lookin good til i tried internet explorer now get this: object doesn't support this property or method prototype.js the code executes, however, when the banner changes, the page height expands downward (doubles) basically "dribbles" whatever is underneath (the rest of the page) i reckon by putting it in the header, it isn't getting some code that appears maybe in index.php? any insight? jk
  2. jfkafka

    jQuery Banner Rotator

    follow-up: status: resolved solution: added rotator to header.php and removed conflicting mootools slideshow benefit: yours is superior having (cept for thumbnails) all mootools functionality plus click feature quite a spectacular enhancement Thanks, jk
  3. jfkafka

    jQuery Banner Rotator

    Thanks for the swift reply. I checked out the page, thanks, and understand the concept, it's that danged execution that's bedeviling me. Did get it to work on another page (very impressive!) so it seems like the place to concentrate is index.php (I was kinda bouncing in and out of modules/ and functions/ too trying to "crack the combination" or "get lucky") Well, I'll follow up when I stumble on the solution, it's definitely worth the effort, Thanks again, jk
  4. jfkafka

    jQuery Banner Rotator

    Hi kymation, Hope all is excellent with you and thanks for the snazzy mod Re Post #11 Problem completely solved with: jQuery.noConflict(); Having similar symptoms - seeing dots (well, one large black one) Not sure how to implement the cure (jQuery.noConflict();) This didn't work: <?php // Start Banner Rotator 1.2.1 20100628 Kymation 7641 ?> <script type="text/javascript" src="includes/functions/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="includes/functions/bannerRotator.js"></script> <script type="text/javascript"> jQuery.noConflict(); $(document).ready(function(){ bannerRotator('#bannerRotator', 500, 1000); }); </script> <?php // End Banner Rotator 1.2.1 20100628 Kymation 7641 ?> Tried several variations, including: (in index.php) var $j = jQuery.noConflict(); // Use jQuery via $j(...) $j(document).ready(function(){ bannerRotator('#bannerRotator', 500, 1000); }); along with renaming all the $( instances in bannerRotator.js to $j( (yes, the desperation is running thick and heavy) This caused the page to stop loading and no dot (with both the original bannerRotator.js $( and the modified $j( version) There are 3 banners in the rotator group and I put breakpoints in the function/banners.php to make sure the queries are populated, (which the black dot might be confirming?) Could you please elaborate on how to use: jQuery.noConflict(); Thanks for your insight (and mercy) jk
  5. jfkafka

    ULTIMATE Seo Urls 5 - by FWR Media

    Hi Robert, Happy Holidays. I see we've both been busy updating your esteemed contributions, thanks for all. have 3 questions (PRO_r197) re: public_html/includes/modules/ultimate_seo_urls5/database_install/ installer_class.php 1. Should that be deleted after completing installation? (I hope this question doesn't cause chortling) re: (from Upgrade from Ultimate Seo Urls 5 by FWR Media) 2) Uploads directory Upload the files and directories in the "uploads" directory to your server maintaining the directory structure of osCommerce. Please note that "catalog" refers to the root of your osCommerce install and probably won't actually exist. Important: now ensure that the following two directories are writable. Dependent on your server this may be 0755 or 0777. * catalog/includes/ultimate_seo_urls5/cache_system/cache/ * catalog/includes/ultimate_seo_urls5/cache_system/sqlite/ 2. That should be: * catalog/includes/modules/ultimate_seo_urls5/cache_system/cache/ * catalog/includes/modules/ultimate_seo_urls5/cache_system/sqlite/ Correct? Updated page_modules.php (Randy's bug) Another change was recently discussed (.htaccess) # 500 RewriteRule ^([a-z0-9-/]+).html$ product_info.php [NC,L,QSA] # Works RewriteRule ^([a-z0-9/-]+).html$ product_info.php [NC,L,QSA] Either way, received no errors (localhost, xxamp, php5.3) 3. Was that change global/generic or specific to a certain situation? Thanks for your illumination, jk
  6. jfkafka

    Kiss

    I'm immensely grateful for your considerate and thoughtful explanation. At the same time, I'm reminded of that line from an old western where one cowboy turns to the other and drawls, "You know, Clem, you're like an owl, the more light is shined on something, the less you see". (In this scene, I'm Clem) For the sake of expedience and distillation, Here is how I "see" it: Multi-Phase Objective: Allow the site to be toured, while monitoring/restricting access to sensitive areas/preventing vandalism/discouraging theft, bugging, redirection, offensive conduct, in general, behaving in any manner deemed dishonorable/unethical/low down varmints htaccess Strategy: in writable directories Install htaccess 403 Forbidden (a No Trespassing sign?) that must be fortified with two additional supplements to wit, your inclusion of additional code in the htaccess: 1. php_flag engine off 2. <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> So now, I'm drawing the conclusion that somehow, like a No Trespassing sign, 403 Forbidden alone is insufficient to deter the determined OK, maybe I shouldn't underestimate the resourcefulness of those hellbent on havoc and further buttress the writable directories by disabling the php engine: php_flag engine off as well as, making certain file extensions inaccessible/tamperproof: <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> This seems like not only do we turn the php engine off, we also "unplug" php*|s from the receptacle, so to speak Am I on the right track with this synopsis of the htaccess's additional dual purpose? Then, in a desperate googling effort to find some answers on my own, I came across this, "Note that when PHP is disabled then the end user will get the source code of the PHP script in their browser." Which strikes me as being analogous to protecting the secret of how to make a bomb by putting it on public display behind bulletproof glass (or am I just being shy) Suddenly, I realize it's disrespectful and lazy of me to keep bothering you when I should be familiarizing myself with the information you've already painstakingly provided, except for one last question, How would someone add you to their Christmas List? jk
  7. jfkafka

    Kiss

    Thank you, Robert, for that thought provoking answer, in fact, I'm struggling diligently, translating it into my native language (something called english) to say your answer was a little over my head would be akin to saying the ocean is slightly damp and yet... I sense the urgent prudence of minimizing "exposure" within writable directories as an integral part of any strategic defense, to be candid, I was under the impression that 403 Forbidden was ample to thwart any unwelcome stunts, that's where I'm stumbling, Is turning the engine off because it's possible to penetrate beyond 403 Forbidden? Sorry if this post appears to be anything but genuine admiration for your guidance. jk
  8. jfkafka

    SiteMonitor

    Unless, of course, an if then conditional could be added for those two folders only that ignored the comma, thus still providing notification of any other signs of infiltration. Or maybe I'm just being overly cautious or is that naive? jk
  9. jfkafka

    SiteMonitor

    So busy reading the response, I failed to notice the author, dunce that I am. Thanks, altoid. It is puzzling how those .ser file values are changing when creating a fresh reference file from an empty reference file, and then immediately hitting the 3rd button while on localhost. Oh wait, those PHPIDS files have commas in the file name and coincidently (in the case of one mismatch) Currently set to "0" was set to "327" the 327 happened to be the file size so those mismatches might not be because of changing values, so much as, site monitor readings being sidetracked by unexpected punctuation. And Jack mentioned those file names were invalid (comma-tose?) so maybe, just maybe, this explains the anomaly. Which in turn would certainly reduce my paranoia about ghosts in the machine. jk
  10. jfkafka

    Kiss

    in lieu of php_flag engine off The hosting rep suggested using different command/s.: "For example you can use a local .htaccess file with directives like the below ones: # disable all CGI here Options -ExecCGI AddHandler text/html .php AddHandler text/html .cgi AddHandler text/html .pl AddHandler text/html .htm AddHandler text/html .html AddHandler text/html .shtml ----- end quote ------- Hopefully that is a different route (from php_flag engine off) to the same destination. Would you put a stamp of approval on that recommendation? Thanks for your inimitable insight, jk
  11. jfkafka

    Kiss

    hmmm apparently ini_set('php_flag engine', 'off'); Is NOT a directive at all (according to the hosting rep) so it probably makes both earlier questions moot What he recommended was use different command/s.: "For example you can use a local .htaccess file with directives like the below ones: # disable all CGI here Options -ExecCGI AddHandler text/html .php AddHandler text/html .cgi AddHandler text/html .pl AddHandler text/html .htm AddHandler text/html .html AddHandler text/html .shtml ----- end quote ------- Hopefully this is a different route (from php_flag engine off) to the same destination. Thanks for bearing with me during this period of uncertainty, jk
  12. jfkafka

    SiteMonitor

    Wow, you are just too incredible! One last question How do I add you to my Christmas List? jk
  13. jfkafka

    Kiss

    Thank you for pointing this out. I re-contacted them and they suggested putting a php.ini file into each writable directory. So I put a php.ini: ini_set('php_flag engine', 'off'); into the cache directory Browsed to it and got the 403 Forbidden (which I also got without the php.ini) just not certain: 1. ini_set('php_flag engine', 'off'); Is the correct directive? 2. Does it need to be turned back ON elsewhere? Thanks for your expert assistance, jk
  14. jfkafka

    SiteMonitor

    Appreciate your blazing fast response. well, that may explain the mismatches. Also noticed that ser file had all the boxes checked for permissions and trying to set it to 644 was futile (at least it was from ftp). Any advice regarding ser files and permissions? Thanks, jk
  15. jfkafka

    SiteMonitor

    Thanks for your response. Using localhost, unable to send emails at present, so used 3rd button for display. It seems there's something about those phpids/files that may explain the reset messages. I'm just unclear why on a fresh reference file there would be anything to compare ie. Currently set to "0" was set to "327". I'm presuming this indicates the reference file is otherwise working properly for the other 6000+ files. Ran the 3rd button again: Sitemonitor ran on December 19, 2010, 9:22 am Total mismatches found were 18 Total files being monitored is 6762 Email sent to shop owner. Checked the first flagged file: Difference found: New-> includes/phpids/lib/IDS/tmp/CSS/4.1.1 Original-> 801ad73acbcf9d3127e1d01768d26453 Navigated to the file (includes/phpids/lib/IDS/tmp/CSS/4.1.1) Name of file: 4.1.1,801ad73acbcf9d3127e1d01768d26453,1.ser Is that comma between 4.1.1 and 8 causing this file to be listed? If so, what is the remedy? Thanks for your invaluable input, jk
×