Hi Tommy,
if the scheme/protocol is "https" (or "https:"), I think the
following
snippet:
curl_setopt($con, CURLOPT_SSLVERSION, 3);
is needed in here:
-Matthias
On Wed, Aug 21, 2013 at 9:02 PM, Tommy McCarthy <tomccart(a)redhat.com> wrote:
For Matthias, I'm looking into the SSL issue now. Currently it
only works
over HTTP. I'm looking into my options with that now, and have found a few,
but still need to work them into my code properly. I'll keep the list
updated when I get something.
As for the register_globals concerns, they have been deprecated since PHP
5.3, and completely removed since 5.4.0. [1] Most servers have
register_globals off nowadays.
[1]
http://php.net/manual/en/security.globals.php
----- Original Message -----
From: "Karel Piwko" <kpiwko(a)redhat.com>
To: aerogear-dev(a)lists.jboss.org, yeylon(a)redhat.com
Sent: Wednesday, August 21, 2013 4:55:06 AM
Subject: Re: [aerogear-dev] PHP SDK
First review of PHP code available, kudos to Yaniv (in CC).
Pasting response:
Karel,
sorry for not replying in the
github.com but those are more informal code
changes that you can use.
its been so few year since i've last touched PHP but while i was there i
used
to work with global registers for session. at the top of each php page
verify
that your session is still valid, it is also good for security so people
will
not login to the page directly.
if($user_id==0 || $user_id==Null){
die('Time out - please login again');
Exit;
}
another thing you can use is the "$$" which will create a var at the same
name.
foreach($_POST as $key=>$value){
$$key=addslashes($value);
$form_vars["$key"]=$value;
}
foreach($_GET as $key=>$value){
$$key=addslashes($value);
$form_vars["$key"]=$value;
}
On Tue, 20 Aug 2013 13:59:51 -0400 (EDT)
Tommy McCarthy <tomccart(a)redhat.com> wrote:
> Hey everyone,
> I'm at the point now where I believe my PHP SDK code is complete and
ready to
> be reviewed and tested. Of course, if anyone has any feedback for it so
far,
> that would be appreciated as well. The GitHub repo is available here [1].
> I've created a JIRA [2] for creating a GitHub repo for the PHP code
under the
> AeroGear account.
>
> If there's anything you'd like to see added, changed, or removed, please
let
> me know! There is a webapp included as a part, which demonstrates a
great way
> to send messages from a web form (or other request)
>
> Thanks!
> Tommy
>
> [1]
https://github.com/tmccarthy9/aerogear-unified-push-php-client
> [2]
https://issues.jboss.org/browse/AEROGEAR-1312
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev