PHP script errors after moving hosts..

[Stoo]

I've finally gotten around to moving my personal site off my local pc and onto a proper hosting package, the only trouble is, my nifty gallery script no longer works..

Original site: http://stoobs.homeip.net/?mode=gallery&gallery=2
New site: http://www.stoo.org.uk/?mode=gallery&gallery=2

Note all the "cannot open" messages..

Can someone look over the settings and spot what the problem is with a fresh pair of eyes?

http://stoobs.homeip.net/test.php - old config
http://www.stoo.org.uk/test.php - new config

Ta Peeps

[Iain]

Your include_path is different

[Stoo]

How will that affect it?

[Iain]

that's the base point it will look for includes from

[killgORE]

seems spot on Az. get that script working again stoo !

[Stoo]

Gah, found the real problem..

$_SERVER['DOCUMENT_ROOT'] points to /var/httpd

the actual root is /home/www/hosts/www.stoo.org.uk/

bah..

will update after I've eaten something

[Stoo]

Edit: that did the trick!

[killgORE]

congrats.. nice gallery there

[Stoo]

directory scanner plumbed in to a caching thumbnailer, all I have to do is upload the files and it update on the next page view

The blog is quite nifty too, rss parser from my livejournal

[killgORE]

self made blogs ? fun for all the family. I made one, but since I have no idea where I am hosting in the long term. there is no point in applying for a database account.

I was driving myself mad trying to protect against sql injects. just a strip tags remove some other stuff operation in the end. But for some reason I cannot get php sessions working. The code I have is from certain tutorials, and should work. If I can't get that sorted I will obviously start a thread for it !

[southsider]

I was driving myself mad trying to protect against sql injects. just a strip tags remove some other stuff operation in the end. But for some reason I cannot get php sessions working. The code I have is from certain tutorials, and should work. If I can't get that sorted I will obviously start a thread for it !

addslashes() when adding user-definable untested strings to SQL (otherwise, just typecast)
htmlspecialchars() (iirc ) when outputting text - itll work anywhere, even in attributes, by escaping quotes and angle brackets.

Sessions have also been a pain for me in the past, and it was always something dead obvious. My advice is that you stick with $_SESSION['varname'] type session-wide variables, and just call session_start() at the top of every page - that way you needn't worry about session_register and all that lardy dah

HTH!

[killgORE]

cheers.. its all up.. still waiting for my future hosting ! but I have the most secure website ever. Since it is beind a massive firewall.. and only accessible by my ip ! just try and get at it... expect to hear from me when it finally goes live so people can try and hack it !

[Iain]

IP addresses are easy to spoof so don't rely on them as a security measure

[killgORE]

aha.. somebody lost my point. To get access to my webpage with the scripts.. you have to somehow connect yourself to my local network... THEN spoof my ip. NOBODY can see the version with the scripts right now. Unless you come in in the night with a laptop and disconnect one of my other computers. I think i would notice because the router is under my bed.

Take it easy.

[Jonny M]

aha.. somebody lost my point. To get access to my webpage with the scripts.. you have to somehow connect yourself to my local network... THEN spoof my ip. NOBODY can see the version with the scripts right now. Unless you come in in the night with a laptop and disconnect one of my other computers. I think i would notice because the router is under my bed.

Take it easy.

How can he lose your point when you didn't make the point in your original post? All you said was that it was controlled by IP, and Az was simply pointing out that you shouldn't rely on that as a method of securing your website.

It's not a competition.

[killgORE]

crud.. I thought I had pointed out where it was running earlier in this thread