URL validation doesn't work any more

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Chung Leong
    #1

    URL validation doesn't work any more

    In our application there's a form where the user types in a web
    address. To make sure the URL is correct our PHP code does something
    like:

    if(fopen($url, "r")) {
    /* saves the info */
    }
    else {
    /* print out a error message */
    }

    This was working fine until recently. Now when an invalid domain name
    (e.g. wwww.djsahjkfhf .com) is typed in, fopen() just freezes.

    Does anyone know what's going on?
    Tags: None
    • Martin Lucas-Smith
      #2
      Re: URL validation doesn't work any more


      [color=blue]
      > This was working fine until recently. Now when an invalid domain name
      > (e.g. wwww.djsahjkfhf .com) is typed in, fopen() just freezes.
      >
      > Does anyone know what's going on?[/color]


      http://news.google.com/news?q=verisign


      This has got a lot of sysadmins *really* angry. If your domain name is
      with Verisign, move in protest.

      Com.com - Your Search Starts Here
      http://news.com.com/2100-1032-5077530.html



      Martin Lucas-Smith www.geog.cam.ac.uk/~mvl22
      https://www.lucas-smith.co.uk


        Comment

        • Gordon Burditt
          #3
          Re: URL validation doesn't work any more

          >In our application there's a form where the user types in a web[color=blue]
          >address. To make sure the URL is correct our PHP code does something
          >like:
          >
          >if(fopen($ur l, "r")) {
          > /* saves the info */
          >}
          >else {
          > /* print out a error message */
          >}
          >
          >This was working fine until recently. Now when an invalid domain name
          >(e.g. wwww.djsahjkfhf .com) is typed in, fopen() just freezes.
          >
          >Does anyone know what's going on?[/color]

          Verisign is corrupting the DNS. They have a WILDCARD record for
          *.com and *.net that point to their website. You can find an A record
          for just about any stupid domain ending in .net or .com,
          such as www.$&#(*&(%#.c om (Yes, even with wierd characters like
          that, 'dig' comes back with an IP address, although you do have to
          quote it for the shell).

          There is considerable uproar over this, as it breaks stuff like
          using DNS lookups on a mail sender's domain to filter SPAM.

          There is a patch out for BIND, one of the more popular nameservers,
          to fix this.

          Gordon L. Burditt

            Comment

            • Stuart Millington
              #4
              Re: URL validation doesn't work any more

              On 18 Sep 2003 12:18:40 -0700, chernyshevsky@h otmail.com (Chung Leong)
              wrote:
              [color=blue]
              >In our application there's a form where the user types in a web
              >address. To make sure the URL is correct our PHP code does something
              >like:[/color]

              VeriSlime have decided to break a _lot_ of things without any
              warning, justification or authority. Rant/summary at
              http://www.fuck-verisign.co.uk/ and there is an on-line petition to
              ICANN (which may, or may not, do some good) at
              Petition Online - Petition Online has been retired
              http://www.petitiononline.com/icanndns/


              --
              ------------------------------------------------------------------
              - Stuart Millington http://www.fuck-verisign.co.uk/ -
              - mailto:phupp@ds v1.co.uk http://w3.z-add.co.uk/ -
              begin OE is broken read MS knowledgebase Q265230

                Comment

                Previous template Next
                Working...