[phplib] Reboot: [phplib] protecting served files/images/mp3.... From: Arno A. Karner (karner <email protected>)
Date: 05/22/01

<reboot><three finger salute><shutdown -y -i6 -g0><init 6><etc ...>
im tring to write in inline object class
protect content of any type, from any where from unauthorized access.
i've read the other articles and want to start a new discusion.
was reading the html 4.0 spec talks about using objects and inline data.
will sumarize at bottom on email as the discusion goes on. i hate this
much mainteneace for simple questions.

please address to the list as if u dont containe magic phrase in the
right place my php email
reader prog will consider u spam and delete ur message with extream
predjudice, and increment the spam count. <turned of the neeeneeeer
audio message>

class inline_object_class
// i hate long cobol variable names
{
  function obj_fil($tmpfile,"filtyp="")
  // sorry i put comments after so i dont have to reread files for
function sumaries
  // tmpfile is an unguessable tempory file name out side the web tree
roflmao
  {
     if(isblank($filtyp)) {
       // use ur favorite technique
       $filtyp = exec("/usr/bin/file $tmpfile");
     }
     // what ever check to see if were cluless in seatle
     if($filtyp=='bill gates') return(false);
     // ****** here is were the miracle needs to occure ****
     print "<OBJECT id=\"realyshouldbeavar\"";
     if(eregi("jpeg",$filtyp)) {
      // *** tried hacks one line each
      print " Content-type:image/jpeg;";
      print " Data:image/jpeg;";
    } elseif (allmy other supported file type should be enumerated, in a
data base)
      print more miracles here
    }
    $size = filesize($ss[$sp]["files"][$i]["tname"]);
    print " Content-length: $size;";
    print "data=\"";
    passthru("/usr/bin/uuencode -m ".$ss[$sp]["files"][$i]["tname"].
       "/dev/stdout");
    print "\">";
    print "your betufile font jail, stupid size discription, meaningless
diecription here";
    print "</OBJECT>\n";
    // ***** end of miracle ****/
  } // func

  function obj_str($str,$filtyp="")
  // purp : create and output inline object
  {
    // file magic string should be php function opps i always trust file
extensions
  } // func

  function obj_your_imput_flavor($in,$filtyp)
  // told you i hate long cobol variable names
 {
  } // func
} // class

questions
  is this too hard??
  is this that unsuported by browsers????
  why do people insest on creating other flawed aprocehs to this???

replies and no
  no rewite rules
    need to impose perms protection on non existing dirs. sonds like
another table to maintaine.
    users can try to guess any file name they want, i always review my
file not found log.

  no php script to use as image source
    how do you handle diff perms for each file
      phplib only has 32 perms
        i have extended phplib, to phpapp and each app has its own set
of perms ie more, but
         2^32 apps i hate data base tables base on 32 bit ints

  
refrence stuff
<snip from html 4.0 spec>
<OBJECT id="clock1"
  classid="clsid:663C8FEF-1EF9-11CF-A3DB-080036F12502"
  data="data:application/x-oleobject;base64, ...base64
  data...">
  A clock.
</OBJECT>
 
of couse the world revolves around winblows, and im ashamed i even know
what ole is.
me i want to come up with a class that will do this for me on unix.
using real data types.

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>