[OWASP_PHPSEC] Sample Application based on PHPSEC

rahul chaudhary rahul300chaudhary400 at gmail.com
Sat Oct 12 02:01:42 UTC 2013


I searched for LFD attacks, couldn't find much..what is it ??


On Fri, Oct 11, 2013 at 9:51 PM, Abbas Naderi <abiusx at owasp.org> wrote:

> Yes but it allows LFD attacks.
> -A
> ______________________________________________________________
> *Notice:** *This message is *digitally signed*, its *source* and *
> integrity* are verifiable.
> If you mail client does not support S/MIME verification, it will display a
> file (smime.p7s), which includes the X.509 certificate and the signature
> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
> AbiusX.com
>
> On Oct 11, 2013, at 6:03 PM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
> is this correct ?
>
>         protected function StaticContent($Request)
> {
> if (!realpath(__DIR__."/../static/{$Request}"))
>  return require_once (__DIR__ . "/../../view/default/404.php");
> else
> {
>  \phpsec\DownloadManager::download(__DIR__ . "/../static/{$Request}");
> }
> }
>
> This is working correctly .....
>
>
> On Wed, Oct 9, 2013 at 10:40 PM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
>> ok will do....u got me scared...:D
>>
>>
>> On Wed, Oct 9, 2013 at 10:36 PM, Abbas Naderi <abiusx at owasp.org> wrote:
>>
>>> It does, but its overly complicated. Dare look at it.
>>> -A
>>>
>>>      ______________________________________________________________
>>> *Notice:** *This message is *digitally signed*, its *source* and *
>>> integrity* are verifiable.
>>> If you mail client does not support S/MIME verification, it will display
>>> a file (smime.p7s), which includes the X.509 certificate and the signature
>>> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>>> AbiusX.com <http://abiusx.com/>
>>>
>>> On Oct 9, 2013, at 10:24 PM, rahul chaudhary <
>>> rahul300chaudhary400 at gmail.com> wrote:
>>>
>>> yeah...I saw that.....I was trying to write code for that but couldn't
>>> understand what to do exactly...does jFramework contains code for static
>>> controller?
>>>
>>>
>>> On Wed, Oct 9, 2013 at 10:17 PM, Abbas Naderi <abiusx at owasp.org> wrote:
>>>
>>>> Hello
>>>> I haven't done the static controller part yet :| if you look at front
>>>> controller code, that section is empty :D
>>>> Ping me back in the weekend, and I promise to finish it and polish it
>>>> as well!
>>>> -Abbas
>>>>      ______________________________________________________________
>>>> *Notice:** *This message is *digitally signed*, its *source* and *
>>>> integrity* are verifiable.
>>>> If you mail client does not support S/MIME verification, it will
>>>> display a file (smime.p7s), which includes the X.509 certificate and the
>>>> signature body.  Read more at Certified E-Mail with Comodo and
>>>> Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>>>> AbiusX.com <http://abiusx.com/>
>>>>
>>>> On Oct 9, 2013, at 10:00 PM, rahul chaudhary <
>>>> rahul300chaudhary400 at gmail.com> wrote:
>>>>
>>>> Hello All,
>>>>
>>>> Its been a long time...huh
>>>>
>>>> So, these past few days, I started making a sample application based on
>>>> PHPSEC, to see what would the developers feel like using the
>>>> framework...for most cases, it was good.
>>>>
>>>> But, whenever I try to attach something (CSS, JS , Images etc files) in
>>>> the html pages, then it doesn't gets attached. I am not sure why that is...
>>>>
>>>> e.g. <img src='someloacation/image.png' />     //this does not work.
>>>>
>>>> So, can you guys help me on this....
>>>> and btw, the sample application is located in:
>>>> https://github.com/rash805115/rnj
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Rahul Chaudhary
>>>> Ph - 412-519-9634
>>>>  _______________________________________________
>>>> OWASP_PHP_Security_Project mailing list
>>>> OWASP_PHP_Security_Project at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Regards,
>>> Rahul Chaudhary
>>> Ph - 412-519-9634
>>>
>>>
>>>
>>
>>
>> --
>> Regards,
>> Rahul Chaudhary
>> Ph - 412-519-9634
>>
>
>
>
> --
> Regards,
> Rahul Chaudhary
> Ph - 412-519-9634
>
>
>


-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20131011/ac0cf119/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list