Cross-Site Scripting

[VantageX4]

Does anyone know of any code for "cross-site" scripting? I want to access a directory from another site and run the files through a while loop to put them in a mysql database.

This is because my files are one server, and my site is on another. The reasoning for the setup ois that the site can become very slow with the file downloads, and theres also limited space on the server I'm hosting hte pages on.

[HardCoded]

Look at FTP Functions

[VantageX4]

Is FTP the only option? I have a weird problem with FTP on my server in that only the local IP address works, as opposed to 65.97.19.150.

[HardCoded]

Is FTP the only option?

Maybe not. Is the home server running apache? If so I suppose you could read in and parse the directory index over HTTP.

[VantageX4]

It is. How would this be accomplished? There's no index file for it, so I can't parse that...what do you suggest?

[HardCoded]

Then you can't. Fix your NAT router and use FTP. Or use the auto-generated DirectoryIndex in apache.

[VantageX4]

No, I'm saying I do have apache, but that I don't know how to use the DirectoryList. Could you suggest some PHP functions, or maybe a tutorial?

[HardCoded]

Do you have any virtual hosts on the server or is it a stock setup?

[VantageX4]

It's stock.

[VantageX4]

Yeah I attempted the FTP, it didnt work. Whats your idea on apache's directory list parsing?

[HardCoded]

First get indexes to work. Add a line like this in httpd.conf and restart apache:

Code:

<Directory />
    Options Indexes
    AllowOverride None
</Directory>

[VantageX4]

It's already there.

[HardCoded]

Then do you have any directives further down that would turn Indexes off?

[VantageX4]

Not to my knowledge. Directory Indexing is on, I just don't know how to parse it.

[VantageX4]

Alright, I'm back, sorry. So do you know how to accomplish it?

[HardCoded]

So then you'd read the directory index in with fgets() or similar and parse the file with preg_match().

[VantageX4]

Well, I have actually looked in to learning how to use regular expression, but I can't figure it out. Seems to be over my head. How would I "match" names of 100+ files anyway?

[HardCoded]

Look at preg_match_all(). If you can match one, you can match billions of them. They all get stored in a nice two dimensional array that you can manipulate to your heart's content.

[VantageX4]

What will the array look like? This is a hell of a lot more complicated than i thought it would be. I don't know how to use arrays either.

[HardCoded]

Sorry, I don't have time to write the script for you. RTFM , try writing some code, come up with some more specific questions, and I'll be glad to help.