Re: [PHP] Re: hello
On Jan 9, 2009, at 1:55 AM, Robert Cummings wrote: On Thu, 2009-01-08 at 22:38 +, Nathan Rixham wrote: Skip Evans wrote: Nathan Rixham wrote: yup.. all OS's are equally insecure; each OS is as insecure as the next; no one OS is more insecure than any other Wrong, and there is experimental data to prove it. Read the first URL I posted that documents the creation of Linux viruses and the experiments conducted to see how they propagate compared to Windows viruses. think about it for a minute; an OS can either be secure (0 vulnerabilities) or insecure (1 or more vulnerabilities); as all OS's have 1 or more vulnerabilities they are all equally insecure; because they are all insecure. the only way to change the balance is to make or find an OS with 0 vunerabilities; thus making it secure and no longer equal. my worlds boolean. You've just given the description for whether a machine has an exploit or not. Not whether said exploit can realistically be executed. By your definition there is no such thing as security since as time approaches infinity all passwords can be found via brute force and thus all systems are exploitable. That's not a reasonable answer given the time and resources necessary to achieve the desired outcome. Maybe the proper way to say it, is the OS is as secure as the idiot who runs it? :) For someone who knows what they are doing... I believe you can lock down windows relatively easy after you go through the 50 pop-ups it takes to move an icon off the desktop :) Although as far as virii goes... You really don't hear anything and any virus' for *Nix based systems, including Apple's OS X... Not that it can't be done... I just think it's harder :) -- Jason Pruim japr...@raoset.com 616.399.2355
Re: [PHP] Re: hello - thread on topic or not?
On Jan 9, 2009, at 2:06 AM, Robert Cummings wrote: On Thu, 2009-01-08 at 16:21 -0800, Mattias Thorslund wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. This is PHP general... we talk about PHP and, quite often, generally related topics. Security is generally related. And it has been a very interesting read :) For someone with no formal training on computers in general, or computer security, it's nice to see a discussion that isn't based off of OS Wars :) -- Jason Pruim japr...@raoset.com 616.399.2355
Re: [PHP] First steps towards unix and php
On Fri, Jan 9, 2009 at 02:12, Robert Cummings rob...@interjinn.com wrote: I'll take apt over yum ANY day. But as yum system go... CentOS isn't bad :) I'd take SMART or urpmi over yum as well, for the record. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] First steps towards unix and php
On Fri, 2009-01-09 at 07:50 -0500, Daniel Brown wrote: I'd take SMART or urpmi over yum as well, for the record. First choice is ./configure make make install, second choice is apt -- Paul All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
Daniel Brown wrote: On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund matt...@thorslund.us wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. You're right, Mattias. Not only should every one of those folks be ashamed of themselves for being involved in that thread - they are also going to hell for it. By comparison, sending a message - especially starting a new thread - to ask if something is on- or off-topic is worse. rob cummings started it :D -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] First steps towards unix and php
On Fri, 2009-01-09 at 14:53 +0200, Paul Scott wrote: First choice is ./configure make make install, second choice is apt Even better, of course, is the: Yo sysadmin intern! Install package for me please and don't screw it up -- Paul All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
On Thu, Jan 8, 2009 at 7:21 PM, Mattias Thorslund matt...@thorslund.us wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. Mattias :( -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Enabling tls negotiation in a socket
Hi, I have a question about opening a normal socket, then negotiating a TLS layer in PHP (through another protocol, which is XMPP in my case, in plain text at the beginning). I am currently using a socket created by socket_create (). But there seems not to be any way of switching to TLS negotiation with this, is there? Then I see the stream_socket_client () which can then switch to TLS with stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can anyone confirm me this is the right solution, and also only solution? (I mean already made one, I am not going to implement TLS myself! :p) How would you do such a thing otherwise? And is it possible to use stream_socket_enable_crypto () on the socket created by socket_create? Thanks all. Jehan
Re: [PHP] Re: First steps towards unix and php
On Thu, Jan 8, 2009 at 6:14 PM, Ross McKay ro...@zeta.org.au wrote: On Thu, 8 Jan 2009 11:44:48 -0500, Frank Stanovcak wrote: I've been a microshaft punk for some time now, and am just getting ready to try to step over to unix on one of my own boxes. Does anyone have any suggestions on which flavor would be a good idea to start with? I'm looking mostly for compatibility with php, mysql, and other web based programming languages. What Nathan said, test each candidate in a VM like VirtualBox to see which you might be comfortable in. Then pick Fedora :) Seriously, any of the major distros (or their derivatives) would be good, as they take care of the build dependencies for you via packaging systems. Check them out here: http://distrowatch.com/dwres.php?resource=major Picking a desktop is harder, especially coming from a Windows world. Linux has a great many desktops, each with advantages and disadvantages. Many distros allow you to easily switch between at least KDE and GNOME, maybe even XFCE. A tiny distro called DSL-N (damned small linux NOT) allows you to boot up in several of the lighter desktops to check them out. Realise that you can pick a GNOME or KDE desktop and still run apps made to suit one of the others, with maybe just some minor integration glitches; I run GNOME and use a number of KDE programs just fine. You should also check out editors and IDEs - STFW for previous posts made to this and other groups. Then pick Geany ;) And don't forget to add a revision control system, e.g. Subversion. -- Ross McKay, Toronto, NSW Australia Let the laddie play wi the knife - he'll learn - The Wee Book of Calvin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I've tried Fedora Suse before. Fedora was a pain for me because it didn't auto mount my windows partition. It also did not come with any easy way to do so or to play media. I know Ubuntu doesn't come with the ability to play mp3's out of the box, but it was quite easier to get going. But my experience has been anything but Ubuntu gave me a lot of fight, and that isn't what I need when I'm supposed to be working. ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Editing in a text area field
I have a form to accept free text in a textarea field. The entry is stored in a database. If the user enters: abc def ghi I want it to finally display like that. If they enter abc def ghi I want it to display with the line gaps. I use CSS so in the first case I would store as pabcbr /defbr /ghi/p In the second pabc/ppdefp/pghi/p I also have an edit form, that takes the data out of the database, and allows the user to change it, then update the database. Preparing the existing data before an edit is proving difficult. I have to strip the html and make it format properly in the form. Then put back html before saving again. I keep ending up with stray characters Has anyone done this? Is there a tutorial on the web somewhere? Thanks Stephen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
On Fri, Jan 9, 2009 at 08:12, Stephen stephe...@rogers.com wrote: I have a form to accept free text in a textarea field. The entry is stored in a database. If the user enters: abc def ghi I want it to finally display like that. If they enter abc def ghi I want it to display with the line gaps. Why not store it as plain text in the database, then run it through nl2br() when you SELECT it from the database for display? -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund matt...@thorslund.us wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. You're right, Mattias. Not only should every one of those folks be ashamed of themselves for being involved in that thread - they are also going to hell for it. By comparison, sending a message - especially starting a new thread - to ask if something is on- or off-topic is worse. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Enabling tls negotiation in a socket
Jehan Pagès wrote: Hi, I have a question about opening a normal socket, then negotiating a TLS layer in PHP (through another protocol, which is XMPP in my case, in plain text at the beginning). I am currently using a socket created by socket_create (). But there seems not to be any way of switching to TLS negotiation with this, is there? first off; great to see somebody else using XMPP with php :D (there's a great xmpp lib for AS3 from ignite realitime that makes openfire) but no nice ones for php yet as far as I know - was always one of those projects I really wanted to do but couldn't justify without getting a client to part fund :p Then I see the stream_socket_client () which can then switch to TLS with stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can anyone confirm me this is the right solution, and also only solution? (I mean already made one, I am not going to implement TLS myself! :p) IMHO this is the best way; using sockets gives you far more control which you'll be needing later. you can also simply stream_socket_client(tls://whatever.com:6548, see: http://uk3.php.net/manual/en/transports.inet.php for all available transports How would you do such a thing otherwise? And is it possible to use stream_socket_enable_crypto () on the socket created by socket_create? surely socket_create is the other way around (ie opens a server socket not a client connection)? are you trying to create an XMPP server in php? :o Thanks all. Jehan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: redoing website after 7 years
On Fri, Jan 9, 2009 at 2:09 AM, Robert Cummings rob...@interjinn.com wrote: On Fri, 2009-01-09 at 15:17 +1100, Chris wrote: I know many people will grin at me for this solution but may be faster way to overcome this problem to do a find for $ and replace with $_REQUEST. even this will help you if you dealt with $_POST, $_GET, $_COOKIE. Please don't. $connection = mysql_connect(...) becomes $_REQUEST[$connection] (or something) How did you get those braces when you did search and replace? ;) Cheers, Rob. Doesn't your search and replace tool support regular expression matching and replacement? Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Editing in a text area field
Stephen wrote: I have a form to accept free text in a textarea field. The entry is stored in a database. If the user enters: abc def ghi I want it to finally display like that. If they enter abc def ghi I want it to display with the line gaps. I use CSS so in the first case I would store as pabcbr /defbr /ghi/p In the second pabc/ppdefp/pghi/p I also have an edit form, that takes the data out of the database, and allows the user to change it, then update the database. Preparing the existing data before an edit is proving difficult. I have to strip the html and make it format properly in the form. Then put back html before saving again. I keep ending up with stray characters Has anyone done this? Is there a tutorial on the web somewhere? Thanks Stephen you could always just use YUI rich text editor or tinymce on the client side -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
On Fri, 2009-01-09 at 12:59 +, Nathan Rixham wrote: Daniel Brown wrote: On Thu, Jan 8, 2009 at 19:21, Mattias Thorslund matt...@thorslund.us wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. You're right, Mattias. Not only should every one of those folks be ashamed of themselves for being involved in that thread - they are also going to hell for it. By comparison, sending a message - especially starting a new thread - to ask if something is on- or off-topic is worse. rob cummings started it :D Not I, said the fly! Maybe you, spoke the poo. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: redoing website after 7 years
On Fri, 2009-01-09 at 08:56 -0500, Andrew Ballard wrote: On Fri, Jan 9, 2009 at 2:09 AM, Robert Cummings rob...@interjinn.com wrote: On Fri, 2009-01-09 at 15:17 +1100, Chris wrote: I know many people will grin at me for this solution but may be faster way to overcome this problem to do a find for $ and replace with $_REQUEST. even this will help you if you dealt with $_POST, $_GET, $_COOKIE. Please don't. $connection = mysql_connect(...) becomes $_REQUEST[$connection] (or something) How did you get those braces when you did search and replace? ;) Cheers, Rob. Doesn't your search and replace tool support regular expression matching and replacement? Well yes, but the instrutions didn't indicate using a regex ;) Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
At 8:12 AM -0500 1/9/09, Stephen wrote: I have a form to accept free text in a textarea field. The entry is stored in a database. If the user enters: abc def ghi I want it to finally display like that. If they enter abc def ghi I want it to display with the line gaps. I use CSS so in the first case I would store as pabcbr /defbr /ghi/p In the second pabc/ppdefp/pghi/p I also have an edit form, that takes the data out of the database, and allows the user to change it, then update the database. Preparing the existing data before an edit is proving difficult. I have to strip the html and make it format properly in the form. Then put back html before saving again. I keep ending up with stray characters Has anyone done this? Is there a tutorial on the web somewhere? Thanks Stephen Stephen: Just store data in a dB, not data AND html. Besides, things change. You never know how the client will want the data displayed. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Enabling tls negotiation in a socket
Hi, first off; great to see somebody else using XMPP with php :D (there's a great xmpp lib for AS3 from ignite realitime that makes openfire) but no nice ones for php yet as far as I know - was always one of those projects I really wanted to do but couldn't justify without getting a client to part fund :p that's just a small program which I do. It is a plugin for the wordpress publication system which publishes tickets on a pubsub node (replacing RSS by pubsub through XMPP for realtime notification so! :-). I don't use any external XMPP-specific library for this. Fortunately you have many stuffs in PHP and it is really easy to implement XMPP. I think my small program does already quite enough for me (I can connect, using SRV Records when possible, encrypt Digest-MD5/CramMD5/PLAIN, I create container nodes and leaf nodes, add and remove items in them, and soon so I will have TLS support... :p I don't need to be able to do more for my program's purpose :-). Then I see the stream_socket_client () which can then switch to TLS with stream_socket_enable_crypto (). But this is only above PHP 5.1.0. Can anyone confirm me this is the right solution, and also only solution? (I mean already made one, I am not going to implement TLS myself! :p) IMHO this is the best way; using sockets gives you far more control which you'll be needing later. you can also simply stream_socket_client(tls://whatever.com:6548, But in XMPP, the new way of doing stuff with TLS is to open a normal socket, then switch to TLS with the starttls / at authentication time (answered into proceed / by the server). Opening directly an encrypted channel was the old way of doing encryption stuff and is now deprecated (this is why now we use only one port, 5222, which can switch into TLS before authentication, whereas the old time were using another port, 5223, dedicated to SSL). I am not very used to this function, but if I understand well what you propose here, it is to open directly a socket with ssl encryption, hence it is the old way. I was thinking about using stream_socket_enable_crypto (), because it looks to be more like what I want, which is a socket which is plain text at the beginning, then which I can switch to TLS after. Is it it, or am I wrong? And then I would be happy to learn what your proposition is doing. surely socket_create is the other way around (ie opens a server socket not a client connection)? are you trying to create an XMPP server in php? :o No as I said, I am making a client. ;-) But socket_create works also as a client socket. I am sure of it, because in my current (and working!) version of the plugin, I already use a socket this way. :p Anyway I was more especially hoping to find a way to switch a socket to TLS without forcing users to use the lattest php version ( 5.1) and also without having to change too much stuffs in my code (I think it won't be too difficult because I already encapsulated the socket creation in a personal class. But I am lazy and it is easier to make the less possible changes to avoid unexpected bugs! :-D ) Thanks. Jehan
Re: [PHP] Re: hello
At 1:39 PM -0500 1/8/09, Robert Cummings wrote: On Thu, 2009-01-08 at 13:13 -0500, tedd wrote: It's always a safe bet to move towards the center of the herd. Bah, sheeple! I like to stay away from the herd. Cheers, Rob. I'm sure the feeling is mutual. A better mouthwash perhaps. :-) Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
At 1:03 PM -0600 1/8/09, Skip Evans wrote: Incidentally, I think building their OS on FreeBSD was about the smartest thing the Apple/Mac people ever did. Skip There are bright people at Apple, like Jobs -- exceptional individual. Compare Job's presentations to Gates' and you have examples of what to do and what not to do. There's even a book called Presentation Zen that makes that comparison. http://www.amazon.com/Presentation-Zen-Simple-Design-Delivery/dp/0321525655/ref=pd_bbs_sr_1?ie=UTF8s=booksqid=1231512547sr=8-1 Exceptional book, BTW. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: redoing website after 7 years
From: Al n...@ridersite.org To: php-general@lists.php.net Sent: Thursday, January 8, 2009 11:50:26 AM Subject: [PHP] Re: redoing website after 7 years Lamp Lists wrote: hi guys, I did php/mysql based website for one my client 7 years ago, in time when register_globals was on by default. hosting company upgraded server to php5/mysql5 and turned globals off. the site is doesn't work any more. I can define globals on again in .htaccess but rather not because it could be a big risk. to work again I have to spend a lot of hours to modify the code. boring job. but, I'm more concern does client has to pay the changes/upgrade or it's still my obligation? anybody had similar experience? thanks for any help. ll What's the magnitude of the problem? Are there a handful of files that need fixing or hundreds? i think there is 10-15 hrs of work. at least.
Re: [PHP] Re: hello
At 7:18 PM + 1/8/09, Nathan Rixham wrote: if it's a computer thats on, with an os, a keyboard and a network card connected to the internet it's insecure. It doesn't even have to be connected to the Internet to be insecure. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] redoing website after 7 years
I think I did code well (everybody can say the code is 100% proof - until get hacked ;-)) and never, for these 7 years had problems. And I'm sure the site will be just ok if I switch register_globals back to On through .htaccess. Actually, I offered the client 3 options: 1. redo the website (after 7 years, it's really time to do that :-)); 2. fix the code but keep the site the same; 3. change .htaccess. the site will work just fine; though, I also think, if you built your code with register_globals on several years ago, you are still in a danger. Big or small, depends on your code, but still in risky group. right? anyway, the client was really understandable and we are going most likely to build new website. thanks for opinions and help. ll From: Jim Lucas li...@cmsws.com To: Robert Cummings rob...@interjinn.com Cc: Nathan Rixham nrix...@gmail.com; Richard Heyes rich...@php.net; lamp.li...@yahoo.com; php-general@lists.php.net php-general@lists.php.net Sent: Thursday, January 8, 2009 10:51:32 AM Subject: Re: [PHP] redoing website after 7 years Robert Cummings wrote: On Wed, 2009-01-07 at 16:16 -0800, Jim Lucas wrote: Nathan Rixham wrote: Richard Heyes wrote: but, I'm more concern does client has to pay the changes/upgrade or it's still my obligation? Of course you charge him. Christ if I was expected to maintain stuff gratis that I wrote 7 years ago I'd be mullahed. concurred, personally I'd be tempted to offer to find or indeed resetup on an old server if they could find one for free, but as for upgrading certainly quote/charge. If one was to go this route, then why not just use a .htaccess file and turn on register_globals and call it good? I mean really, the customer would be in no greater risk then what they had been for the last 7 years. Reason being, nothing else has changed about the script. If their is an exploit in the script now, then their was an exploit in the past. I realize that I am going against what I preach here. But really, the ISP isn't going to pay for it. The own isn't going to want to pay for it. Can't squeeze blood from a turnip... What if the turnip is the programmer? In this case, it wouldn't be. If the programmer designed an insecure web site 7 years ago then the programmer should be responsible for making the application secure. That was part of his/her job in the beginning. Nobody said it's insecure... only that register globals was used as a feature, a feature at one point touted as useful to the PHP language. As has been mentioned previously, register globals is not real culprit of insecurity in this context, the real culprit is poor programming while using register globals... unfortunately such programming was common thus requiring a strong antidote... namely the downstream removal of support for the feature. I didn't mean to imply that the programmer did build an insecure app. I said if the programmer designed and insecure web site. If the designer didn't build an insecure app, then it wont hurt a thing to turn on register_globals and just go back to the way it was before the ISP upgraded. I mean, sure when I first started designing/building web sites I thought I was doing the right thing most of the time. If two years down the road I had a moment of clarity and I realized that I had been doing something wrong or in-secure for the past two years (which I've done) then I would go back and tell the customer that I did something wrong or in-secure and I would fix it for free. Ahhh... but this presumes the programmer did something wrong. That has not yet been determined. All we know is that globals were used, not that they were necessarily used incorrectly. I didn't say that, nor did I mean to imply that. I was talking about my experiences. Thia is part of my responsibility as a designer With that said, I would image that over the past 7 years, if the site has not been exploited, then I would think that by turning register_globals back on would be of no concern. To me, all the above sounds logical. If I am missing something, please point it out. Duly pointed out ;) Cheers, Rob. So, here is how I would summarize all the above. Whether or not the programmer used the feature register_globals isn't of concern. Whether the programmer designed and insecure app is the concern. ?php $APP_SECURE = (app is secure?); // Boolean: TRUE, FALSE if ( $APP_SECURE ) { print('Turn on register_globals and call the job done.'); } else { print('Fix, at no cost, what you designed insecurely.'); } ? -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] redoing website after 7 years
From: Jim Lucas li...@cmsws.com To: Robert Cummings rob...@interjinn.com Cc: Nathan Rixham nrix...@gmail.com; Richard Heyes rich...@php.net; lamp.li...@yahoo.com; php-general@lists.php.net php-general@lists.php.net Sent: Thursday, January 8, 2009 10:51:32 AM Subject: Re: [PHP] redoing website after 7 years Robert Cummings wrote: On Wed, 2009-01-07 at 16:16 -0800, Jim Lucas wrote: Nathan Rixham wrote: Richard Heyes wrote: but, I'm more concern does client has to pay the changes/upgrade or it's still my obligation? Of course you charge him. Christ if I was expected to maintain stuff gratis that I wrote 7 years ago I'd be mullahed. concurred, personally I'd be tempted to offer to find or indeed resetup on an old server if they could find one for free, but as for upgrading certainly quote/charge. If one was to go this route, then why not just use a .htaccess file and turn on register_globals and call it good? I mean really, the customer would be in no greater risk then what they had been for the last 7 years. Reason being, nothing else has changed about the script. If their is an exploit in the script now, then their was an exploit in the past. I realize that I am going against what I preach here. But really, the ISP isn't going to pay for it. The own isn't going to want to pay for it. Can't squeeze blood from a turnip... What if the turnip is the programmer? In this case, it wouldn't be. If the programmer designed an insecure web site 7 years ago then the programmer should be responsible for making the application secure. That was part of his/her job in the beginning. Nobody said it's insecure... only that register globals was used as a feature, a feature at one point touted as useful to the PHP language. As has been mentioned previously, register globals is not real culprit of insecurity in this context, the real culprit is poor programming while using register globals... unfortunately such programming was common thus requiring a strong antidote... namely the downstream removal of support for the feature. I didn't mean to imply that the programmer did build an insecure app. I said if the programmer designed and insecure web site. If the designer didn't build an insecure app, then it wont hurt a thing to turn on register_globals and just go back to the way it was before the ISP upgraded. I mean, sure when I first started designing/building web sites I thought I was doing the right thing most of the time. If two years down the road I had a moment of clarity and I realized that I had been doing something wrong or in-secure for the past two years (which I've done) then I would go back and tell the customer that I did something wrong or in-secure and I would fix it for free. Ahhh... but this presumes the programmer did something wrong. That has not yet been determined. All we know is that globals were used, not that they were necessarily used incorrectly. I didn't say that, nor did I mean to imply that. I was talking about my experiences. Thia is part of my responsibility as a designer With that said, I would image that over the past 7 years, if the site has not been exploited, then I would think that by turning register_globals back on would be of no concern. To me, all the above sounds logical. If I am missing something, please point it out. Duly pointed out ;) Cheers, Rob. So, here is how I would summarize all the above. Whether or not the programmer used the feature register_globals isn't of concern. Whether the programmer designed and insecure app is the concern. ?php $APP_SECURE = (app is secure?); // Boolean: TRUE, FALSE if ( $APP_SECURE ) { print('Turn on register_globals and call the job done.'); } else { print('Fix, at no cost, what you designed insecurely.'); } ? -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php sorry for top-posting in my previous email. errarer humanum est! :-) ll
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 9:54 AM, tedd tedd.sperl...@gmail.com wrote: At 7:18 PM + 1/8/09, Nathan Rixham wrote: if it's a computer thats on, with an os, a keyboard and a network card connected to the internet it's insecure. It doesn't even have to be connected to the Internet to be insecure. Cheers, tedd Nope. It just has to accept instructions. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How can a script tell if there's a MySQL problem?
I have one server that's pretty busy and runs into Too many connections from MySQL from time to time, and needs to have MySQL restarted to clear it up. I've tried everything I can think of to have PHP take note of this error but continue executing with other stuff, but no matter what I try the PHP script stops whenever it encounters this and just displays Too many connections. Anyone know if there's a way for PHP to gracefully detect this and resume operation without choking? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] imagejpeg, imagecreatefromjpeg both choke
I'm trying a stripped down test just to try to get this work. I have a valid jpeg on disk: 3.jpg- 3316x2220, 3.6 MB And am trying either of the following: // This does nothing at all imagejpeg('3.jpg'); // This displays failed $im = imagecreatefromjpeg('3.jpg'); if(!$im) echo 'failed'; phpinfo() shows GD enabled, JPEG functions enabled, memory_limit at 256M, permissions on the file and the enclosing folder are 777. Any suggestions what else I can try to debug this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
On Fri, 2009-01-09 at 07:29 -0800, Mattias Thorslund wrote: Daniel Brown wrote: You're right, Mattias. Not only should every one of those folks be ashamed of themselves for being involved in that thread - they are also going to hell for it. By comparison, sending a message - especially starting a new thread - to ask if something is on- or off-topic is worse. I was simply wondering. I took my reply to Robert off-list because I felt that the question didn't need to be further discussed on the list. Here's the exchange: Robert Cummings wrote: On Fri, 2009-01-09 at 02:28 -0800, Mattias Thorslund wrote: Robert Cummings wrote: On Thu, 2009-01-08 at 16:21 -0800, Mattias Thorslund wrote: I thought this was the PHP list, not the OS vs. OS list? Is this type of discussion now considered OK here? I recall people getting flamed for borderline off-topic posts even, just a few years ago. This is PHP general... we talk about PHP and, quite often, generally related topics. Security is generally related. Cheers, Rob. OK, I'm happy with that. Was just wondering :-) It used to be more strict, but over time, I believe that a fairly common concensus formed that it wasn't necessary to always make the distinction because so many technologies come into focus while developing in PHP. As a result topics often veer into less than straight PHP discussions but many readers are happy to broaden their knowledge via such sidetracks. Since the off-topic question comes up quite seldom, I imagine most readers are happy with the current status quo. Cheers, Rob. I hope that settles the issue for everyone concerned. Cheers, Mattias PS. Note this is off-list as well, just to keep this chatter from the list. I don't mind any of it being shared on the list, if anyone thinks it is interesting...I don't. Lol, I didn't realize it was off-list or I would have posted it back so that others could throw in their opinions or speak their mind if they disagreed. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] imagejpeg, imagecreatefromjpeg both choke
try, header('Content-type: image/jpeg'); $image = imagecreatefromjpeg($your_file); imagejpeg($image,, 100); imagedestroy($image); zechim Brian Dunning escreveu: I'm trying a stripped down test just to try to get this work. I have a valid jpeg on disk: 3.jpg- 3316x2220, 3.6 MB And am trying either of the following: // This does nothing at all imagejpeg('3.jpg'); // This displays failed $im = imagecreatefromjpeg('3.jpg'); if(!$im) echo 'failed'; phpinfo() shows GD enabled, JPEG functions enabled, memory_limit at 256M, permissions on the file and the enclosing folder are 777. Any suggestions what else I can try to debug this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] First steps towards unix and php
*bangs head on wall* Great...just what I need. More acronyms. :P Frank Paul Scott psc...@uwc.ac.za wrote in message news:1231506224.7389.7.ca...@paul-laptop... On Fri, 2009-01-09 at 14:53 +0200, Paul Scott wrote: First choice is ./configure make make install, second choice is apt Even better, of course, is the: Yo sysadmin intern! Install package for me please and don't screw it up -- Paul All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
Brian Dunning schrieb: I have one server that's pretty busy and runs into Too many connections from MySQL from time to time, and needs to have MySQL restarted to clear it up. I've tried everything I can think of to have PHP take note of this error but continue executing with other stuff, but no matter what I try the PHP script stops whenever it encounters this and just displays Too many connections. Anyone know if there's a way for PHP to gracefully detect this and resume operation without choking? Take a look at http://php.net/mysql_ping -- http://bithub.net/ Synchronize and share your files over the web for free -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
Brian Dunning wrote: I have one server that's pretty busy and runs into Too many connections from MySQL from time to time, and needs to have MySQL restarted to clear it up. You need to restart MySQL just because of too many connections?? I've tried everything I can think of to have PHP take note of this error but continue executing with other stuff, but no matter what I try the PHP script stops whenever it encounters this and just displays Too many connections. Isn't that error returned by mysql_connect()? Just write your code to work without the database connection. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
Daniel Brown wrote: I want it to display with the line gaps. Why not store it as plain text in the database, then run it through nl2br() when you SELECT it from the database for display? Thank you! That is the way I will do this. I may want to change br /br / to /pp but that should be easy. Cheers Stephen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
tedd wrote: At 7:18 PM + 1/8/09, Nathan Rixham wrote: if it's a computer thats on, with an os, a keyboard and a network card connected to the internet it's insecure. It doesn't even have to be connected to the Internet to be insecure. Cheers, tedd hence the mention of a keyboard :p -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How can a script tell if there's a MySQL problem?
Brian Dunning wrote: I have one server that's pretty busy and runs into Too many connections from MySQL from time to time, and needs to have MySQL restarted to clear it up. I've tried everything I can think of to have PHP take note of this error but continue executing with other stuff, but no matter what I try the PHP script stops whenever it encounters this and just displays Too many connections. Anyone know if there's a way for PHP to gracefully detect this and resume operation without choking? why not simply increase the max_connections mysql variable to something a bit higher :) http://dev.mysql.com/doc/refman/5.1/en/too-many-connections.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
On Fri, Jan 9, 2009 at 11:07 AM, Per Jessen p...@computer.org wrote: Brian Dunning wrote: I have one server that's pretty busy and runs into Too many connections from MySQL from time to time, and needs to have MySQL restarted to clear it up. You need to restart MySQL just because of too many connections?? I've tried everything I can think of to have PHP take note of this error but continue executing with other stuff, but no matter what I try the PHP script stops whenever it encounters this and just displays Too many connections. Isn't that error returned by mysql_connect()? Just write your code to work without the database connection. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php 1. Make sure you are freeing up all resources as soon as you can - mysql_close(); 2. Change the my.cnf file connection number to a larger amount - * max_connections* 3. cache what you can (memcache, apc, filesystem, etc) -- Bastien Cat, the other other white meat
[PHP] Create image from HTML
Does anyone know if it's possible, using PHP, to take HTML (either as an input or from a URL) and generate an image (essentially, create a screenshot) of that HTML/page? I've looked around but was unable to find anything and I'm just not sure if it's that there really is nothing like this out there or if I'm just looking in the wrong places. Any advice/suggestions would be greatly appreciated! thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 11:17, Nathan Rixham nrix...@gmail.com wrote: tedd wrote: At 7:18 PM + 1/8/09, Nathan Rixham wrote: if it's a computer thats on, with an os, a keyboard and a network card connected to the internet it's insecure. It doesn't even have to be connected to the Internet to be insecure. hence the mention of a keyboard :p and his response to your use of 'and' in your statement. ;-P -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Create image from HTML
Christoph Boget wrote: Does anyone know if it's possible, using PHP, to take HTML (either as an input or from a URL) and generate an image (essentially, create a screenshot) of that HTML/page? I've looked around but was unable to find anything and I'm just not sure if it's that there really is nothing like this out there or if I'm just looking in the wrong places. Any advice/suggestions would be greatly appreciated! thnx, Christoph only way would be if you had php running on a server with a GUI, a program for grabbing screenshots, and some form of API to control from php (and recieve output) there is a class for windows on php classes http://www.phpclasses.org/browse/package/4608.html and I'm sure theres a couple of perl scripts for nix boxes on the net you could interface with regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
Daniel Brown wrote: On Fri, Jan 9, 2009 at 11:17, Nathan Rixham nrix...@gmail.com wrote: tedd wrote: At 7:18 PM + 1/8/09, Nathan Rixham wrote: if it's a computer thats on, with an os, a keyboard and a network card connected to the internet it's insecure. It doesn't even have to be connected to the Internet to be insecure. hence the mention of a keyboard :p and his response to your use of 'and' in your statement. ;-P this thread is immense, and in reality i think the whole thing has been about peoples use of language, as that's all that's been debated (?) :p i hereby withdraw my and from this thread; oh and my use of equally yesterday. a few years ago when I first met my rach (we met online), we'd have random conversations stretching several pages on various forums and social site profiles we had - i'd find it massively amusing to then go in and delete all of my replies so the whole thing just looked like her on a mad one - wish i could do that with this list sometimes :p -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
On Fri, Jan 9, 2009 at 11:15, Stephen stephe...@rogers.com wrote: Thank you! That is the way I will do this. I may want to change br /br / to /pp but that should be easy. ?php // Convert HTML linebreak tags to paragraph tags. function br2p($str) { $str = preg_replace(/br\s?\/?(\r)?(\n)?br\s?\/?/Ui,/p$1$2p,$str); return $str; } $str = This is an example of the use of this function.br /br /It should replace only double br tags.; echo br2p($str).\n; $str =HTML This is another example. If I place any multiple of two br, br /, BR, BR /, Br, Br /, bR, or even bR / tags side-by-side, they should be replaced with p/p. In addition, if there is a newline character in *NIX, Windows, or old-style Mac/Amiga, this will be carried over in the translation. This will ensure preservation of all but the br / tags. HTML; echo br2p(nl2br($str)); ? -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 11:56, Nathan Rixham nrix...@gmail.com wrote: a few years ago when I first met my rach (we met online), we'd have random conversations stretching several pages on various forums and social site profiles we had - i'd find it massively amusing to then go in and delete all of my replies so the whole thing just looked like her on a mad one - wish i could do that with this list sometimes :p You can. ?php unlink('php-general@lists.php.net'); ? Or, on Windows, drop to a command line and type: del TheInternet (On older Windows systems, you'll have to type `del TheInt~1`) -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
Bastien Koert wrote: 1. Make sure you are freeing up all resources as soon as you can - mysql_close(); little thing I've done for some time that's stuck with; (php5+ only) on all of my database connection classes, I have the db close function in the destructor just to make sure ?php class MysqlConnection { protected $dbHandle; //holds the connection resource public function __destruct() { if(is_resource($this-dbHandle)) { mysql_close($this-dbHandle); } } } ? just 'cos it's one less thing to worry about. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello - thread on topic or not?
On Fri, Jan 9, 2009 at 10:40, Robert Cummings rob...@interjinn.com wrote: Lol, I didn't realize it was off-list or I would have posted it back so that others could throw in their opinions or speak their mind if they disagreed. Indeed. I think, especially with the regulars that have been here for years, that list responses are more timely and productive, thanks, in part, to the (virtual) atmosphere and somewhat unrestricted nature of the list. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
Daniel Brown wrote: On Fri, Jan 9, 2009 at 11:56, Nathan Rixham nrix...@gmail.com wrote: a few years ago when I first met my rach (we met online), we'd have random conversations stretching several pages on various forums and social site profiles we had - i'd find it massively amusing to then go in and delete all of my replies so the whole thing just looked like her on a mad one - wish i could do that with this list sometimes :p You can. ?php unlink('php-general@lists.php.net'); ? turns out the official word from php itself is that this list doesn't exist *oh nos* br / bWarning/b: unlink(php-general@lists.php.net) [a href='function.unlink'function.unlink/a]: No such file or directory (or did i run it twice by accident..) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Adding extension to an existing PHP install
Hello list, I have a PHP (5.2.1) installation on an openSUSE 10.1 server. PHP was initially compiled from source and I have the original config.nice file, so I know what options were used. l need to add an extension to this running installation, specifically I need to add LDAP support. How is the best way to do this? I know I can recompile and reinstall, but I am worried that some extensions may have been added after the initial install and my new installation would overwrite those. I've looked at PECL and PEAR. Using PEAR I added the AUTH package, but that didn't seem to fix anything, I think that is more for developing an LDAP enabled app, rather than allowing an existing one to utilize LDAP functionality. PECL didn't seem to have anything LDAP related, unless I missed it. Thank you
[PHP] Couple of beginner questions
I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Can I mix and match file formats (php/html) in a single site? Thanks for any input. Gary -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
Gary gwp...@ptd.net wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Yup Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Yujp Can I mix and match file formats (php/html) in a single site? Yup Thanks for any input. Gary -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] imagejpeg, imagecreatefromjpeg both choke
Same thing, no output at all. I can access the image directly in my browser and it's fine. On Jan 9, 2009, at 7:52 AM, Zechim wrote: try, header('Content-type: image/jpeg'); $image = imagecreatefromjpeg($your_file); imagejpeg($image,, 100); imagedestroy($image); zechim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Adding extension to an existing PHP install
Tim Donnelly wrote: Hello list, I have a PHP (5.2.1) installation on an openSUSE 10.1 server. PHP was initially compiled from source and I have the original config.nice file, so I know what options were used. l need to add an extension to this running installation, specifically I need to add LDAP support. How is the best way to do this? I know I can recompile and reinstall, but I am worried that some extensions may have been added after the initial install and my new installation would overwrite those. I've looked at PECL and PEAR. Using PEAR I added the AUTH package, but that didn't seem to fix anything, I think that is more for developing an LDAP enabled app, rather than allowing an existing one to utilize LDAP functionality. PECL didn't seem to have anything LDAP related, unless I missed it. Thank you I always just do a phpinfo on the box I'm upgrading, grab the .configure line and re-use it adding in or changing what I need; that way it's sure to be the same? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 12:08 PM, Nathan Rixham nrix...@gmail.com wrote: Daniel Brown wrote: On Fri, Jan 9, 2009 at 11:56, Nathan Rixham nrix...@gmail.com wrote: a few years ago when I first met my rach (we met online), we'd have random conversations stretching several pages on various forums and social site profiles we had - i'd find it massively amusing to then go in and delete all of my replies so the whole thing just looked like her on a mad one - wish i could do that with this list sometimes :p You can. ?php unlink('php-general@lists.php.net'); ? turns out the official word from php itself is that this list doesn't exist *oh nos* br / bWarning/b: unlink(php-general@lists.php.net) [a href='function.unlink'function.unlink/a]: No such file or directory (or did i run it twice by accident..) Now... you'd have really freaked out if that had actually worked! LOL Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 12:08, Nathan Rixham nrix...@gmail.com wrote: turns out the official word from php itself is that this list doesn't exist *oh nos* br / bWarning/b: unlink(php-general@lists.php.net) [a href='function.unlink'function.unlink/a]: No such file or directory (or did i run it twice by accident..) Yeah, coincidentally, I was going to use error suppression, but I didn't want to hear complaints about how it's bad form. ?php @your($mouth); ? I think I'm going to print up a T-shirt that says just that. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 12:34, Andrew Ballard aball...@gmail.com wrote: Now... you'd have really freaked out if that had actually worked! LOL Hey, good point, Andrew. Nate, you do know that was only pseudo-code, right? Don't run that in production! -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
Thanks for your input wolf, so would I be correct that the only advantage to having a page with a php extension is that you can use a testing server? Thanks again. gary Wolf lonew...@nc.rr.com wrote in message news:20090109172254.7y5r1.75233.r...@cdptpa-web07-z01... Gary gwp...@ptd.net wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Yup Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Yujp Can I mix and match file formats (php/html) in a single site? Yup Thanks for any input. Gary -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 12:35 PM, Daniel Brown danbr...@php.net wrote: On Fri, Jan 9, 2009 at 12:34, Andrew Ballard aball...@gmail.com wrote: Now... you'd have really freaked out if that had actually worked! LOL Hey, good point, Andrew. Nate, you do know that was only pseudo-code, right? Don't run that in production! -- /Daniel P. Brown Maybe he only ran it in a virtual machine. ;-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Couple of beginner questions
Gary wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) if it has the file extension .php then it will be passed through php and compiled; otherwise the php source code you insert will just show up in the html source. Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? yep; advantage is if you later add in some php to the page it'll compile (see above) Can I mix and match file formats (php/html) in a single site? yep, every file is a different file Thanks for any input. Gary np; you may get some comments about being able to configure you're server so that php parses files with different extensions (such as .html); but this would require some customisation of the web server config files and probably best avoided for now. note: sometimes it is worth always having each script/html page in it's own directory with the default file name; that way you can upgrade chop and change without changing the page urls - ie: if you make /contact/index.html or /contact/index.php then the url /contact/ will show the default index page, allowing you to swap and change whereas if you have /contact.html then you'll need to rename the file to contact.php and thus you're urls will change unnessacerily. ps: wd for choosing php :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 12:22 PM, Wolf lonew...@nc.rr.com wrote: Gary gwp...@ptd.net wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Yup Um... if the file ext is .html and php isn't set to run that then nope. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 12:18 PM, Gary gwp...@ptd.net wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Not unless you configure your web server to parse all .html documents with PHP first. Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Absolutely. The only real disadvantage I know of is the small overhead from causing PHP to process a file that could otherwise be served directly. That, and you'll possibly blow the use of client-side caching of what is essentially static content. Can I mix and match file formats (php/html) in a single site? Again, absolutely. Thanks for any input. You're welcome. Gary -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
Eric Butera eric.but...@gmail.com wrote: On Fri, Jan 9, 2009 at 12:22 PM, Wolf lonew...@nc.rr.com wrote: Gary gwp...@ptd.net wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Yup Um... if the file ext is .html and php isn't set to run that then nope. That's a very good point Getting PHP up and running will require the OP to read and follow the documentation. But after that, you can mix and mingle at will, however good programming practices dictate that you become smart about your coding instead of dumping things in the original HTML and just playing. Gotta be smart about things. Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
Andrew Ballard wrote: On Fri, Jan 9, 2009 at 12:35 PM, Daniel Brown danbr...@php.net wrote: On Fri, Jan 9, 2009 at 12:34, Andrew Ballard aball...@gmail.com wrote: Now... you'd have really freaked out if that had actually worked! LOL Hey, good point, Andrew. Nate, you do know that was only pseudo-code, right? Don't run that in production! -- /Daniel P. Brown Maybe he only ran it in a virtual machine. ;-) actually i ran it in a debugger, in an ide, in a virtual machine :p -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
Nathan Rixham wrote: Bastien Koert wrote: 1. Make sure you are freeing up all resources as soon as you can - mysql_close(); little thing I've done for some time that's stuck with; (php5+ only) on all of my database connection classes, I have the db close function in the destructor just to make sure I guess it depends on the type of application - for a web-transaction running on a web-server, why bother? It'll clean up after itself anyway. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
On Jan 9, 2009, at 12:18 PM, Gary wrote: I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) Yes you can ?PHP echo date(m/d/y h:i:s, time()); ? Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Yes, Look at heredoc syntax on the php.net site. Works really well for a few pages that I use. Can I mix and match file formats (php/html) in a single site? Yes. You can easily mix and match, in fact... if you go one step further... You can remove the extension's all together from the files so that you can change it as needed and not screw up any links that you have already created. -- Jason Pruim japr...@raoset.com 616.399.2355
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 12:18 PM, Gary gwp...@ptd.net wrote: Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Can I mix and match file formats (php/html) in a single site? If it were me, I'd make sure all the files were .php. If you have a page right now that is static, but needs to become dynamic, then you're in for some hurt. Never create 404's. You can of course do a 301 redirect to indicate the html has moved to php, but that is really annoying. The best solution though is to not have any file extensions on your urls to begin with. That is out of the scope of this email though. You can force php to run .html files, but then you've just really killed the performance of your web host. Servers are really fast at serving static files, but the second you load php, even to just do a ?php echo 'hello world' ? you've slashed your maximum requests per second significantly. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 12:43, Nathan Rixham nrix...@gmail.com wrote: actually i ran it in a debugger, in an ide, in a virtual machine :p in Siberia. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
Daniel Brown wrote: On Fri, Jan 9, 2009 at 12:43, Nathan Rixham nrix...@gmail.com wrote: actually i ran it in a debugger, in an ide, in a virtual machine :p in Siberia. scotland in winter; same thing really -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can a script tell if there's a MySQL problem?
Per Jessen wrote: Nathan Rixham wrote: Bastien Koert wrote: 1. Make sure you are freeing up all resources as soon as you can - mysql_close(); little thing I've done for some time that's stuck with; (php5+ only) on all of my database connection classes, I have the db close function in the destructor just to make sure I guess it depends on the type of application - for a web-transaction running on a web-server, why bother? It'll clean up after itself anyway. Actually, for reusable code intended for others to use, it might just be a safe precaution. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Create image from HTML
On Fri, Jan 9, 2009 at 11:51, Nathan Rixham nrix...@gmail.com wrote: only way would be if you had php running on a server with a GUI, a program for grabbing screenshots, and some form of API to control from php (and recieve output) That's not entirely correct (though it's the most widely-accepted solution, I think). I had built an extension some time ago, but it needed a lot of work, and I just wound up trashing it. You can use xvfb (X Virtual Frame Buffer) on *NIX systems without running X itself, a stripped down Mozilla navigate to and display the page, and then snap a screen shot of the buffer. Not very economical, but it would work. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
so would I be correct that the only advantage to having a page with a php extension is that you can use a testing server? There are FAR more benefits! 1) PHP is FREE! So you save money from the get go 2) PHP is open source! So it is constantly being updated and improved by users/devs. 3) PHP is processed on the SERVER. This frees up CPU usage on the user's workstation. 4)PHP can retieve data from a centralized database which makes dynamic content easier to use. 5) Since PHP is server side, you are not reliant on the end users to have specialized plugins/software to view your pages. 6) PHP is easy. IMO one of the easier languages ot learn. 7) PHP has a great community. (See peopel on this list) And many many more reasons you will learn as you go! :)
Re: [PHP] First steps towards unix and php
On Fri, Jan 9, 2009 at 10:59, Frank Stanovcak blindspot...@comcast.net wrote: *bangs head on wall* Great...just what I need. More acronyms. :P Acronyms? You mean the package managers we were discussing? yum Yellowdog Updater Modified - an automated RPM management utility (works on all RH-based systems) urpmi An RPM installation and management utility used by Mandrake and Mandriva smart Another cross-RH-distro RPM management utility apt Advanced Packaging Tool - an automated .deb manager originally written for dpkg (can work with RPM's, too) up2date RedHat's original RPM and system update utility dpkg The Debian PacKaGe system And the packages themselves: debDebian pre-compiled software package rpmRedhat Package Manager - a pre-compiled software package for RedHat (and RH-based systems) There are a bunch more, those are just what's been mentioned so far in this thread. So with that, you should be able to make the association when reading about `apt-get` installation instructions, and be able to figure out the intent of tools such as `deb2rpm` and `apt-rpm`. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
Dan I think you misunderstood the question. The question was not is there an advantage of php over html, but the advantage of having a file with the extension of php over an extension of html. Dan Shirah mrsqua...@gmail.com wrote in message news:a16da1ff0901091019m3d513ebeyf341b2d39c669...@mail.gmail.com... so would I be correct that the only advantage to having a page with a php extension is that you can use a testing server? There are FAR more benefits! 1) PHP is FREE! So you save money from the get go 2) PHP is open source! So it is constantly being updated and improved by users/devs. 3) PHP is processed on the SERVER. This frees up CPU usage on the user's workstation. 4)PHP can retieve data from a centralized database which makes dynamic content easier to use. 5) Since PHP is server side, you are not reliant on the end users to have specialized plugins/software to view your pages. 6) PHP is easy. IMO one of the easier languages ot learn. 7) PHP has a great community. (See peopel on this list) And many many more reasons you will learn as you go! :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Been staring at the code for too long...
Okay... So I know this is a stupid question... But I've been staring at my code for far too long and now it's still not working so I thought I would show it to all of you and see if you can tell me where I'm being stupid :) this is dbmysqliconnect.php: ?php function dbmysqliconnect($server, $username, $password, $database, $link) { $link = mysqli_init(); mysqli_real_connect($link, $server, $username, $password, $database) or die('could not connect: '.mysqli_connect_error()); if (mysqli_connect_errno($link)) { printf(Connect failed: %s\n, mysqli_connect_error($link)); exit(); } return $link; } ? this is a snipet of my index.php file: ?PHP include(php.ini.php); include(defaults.php); include(dbmysqliconnect.php); include(notify_email.php); include(send_email.php); $link = dbmysqliconnect($server, $username, $password, $database, $link); //Do NOT insert or update sales rep database through this method... Only included to be supplied to the notify_email function. JP $salesRepID = $_POST['salesRepID']; $stmt = mysqli_stmt_init($link); //Create the statement mysqli_stmt_prepare($stmt, UPDATE database.table ( FName, LName, email, phone, url, record, subscribed, date, IPAddress, Business, Address1, City, State, Zip, Coffee, Meeting, areaPlans) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)); // Error checking. JP echo BRPrint of post:BR; print_R($_POST); echo BRdump of the statement:BR; var_dump($stmt); mysqli_stmt_bind_param($stmt, 's', $_POST ['txtFName'], $_POST['txtLName'], _POST['txtEmail'], $_POST ['txtPhone'], $_POST['txturl'], $_POST['record'], $_POST ['subscribed'], $date, $_SERVER['REMOTE_ADDR'], $_POST['txtBusiness'], $_POST ['txtAddress1'], $_POST['txtCity'], $_POST['txtState'], _POST ['txtZip'], $_POST ['rdoCoffee'], $_POST['rdoTime'], $_POST['areaPlans']) or die(mysqli_error($link)); LINE 67 echo BRDump of stmt:BR; var_dump($stmt); //Add the record mysqli_stmt_execute($stmt) or die(mysqli_error($link)); printf(Error: %d.\n, mysqli_stmt_error($stmt)); printf(%d Row Inserted.\n, mysqli_stmt_affected_rows($stmt)); $check = mysqli_stmt_error($stmt); echo BR$checkdateBR; notify_email($Record, $salesRepID); ? The error that I am getting is: Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: invalid object or resource mysqli_stmt in /public_html/purl/ purlprocess.php on line 67 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '( FName, LName, email, phone, url, recor' at line 1 Am I just going crazy or is there something really wrong? Okay.. I'm done... First stupid question of the year... Only 3,349,587 more to go for the year! :P -- Jason Pruim japr...@raoset.com 616.399.2355
[PHP] Re: Been staring at the code for too long...
Jason Pruim wrote: Okay... So I know this is a stupid question... But I've been staring at my code for far too long and now it's still not working so I thought I would show it to all of you and see if you can tell me where I'm being stupid :) this is dbmysqliconnect.php: ?php function dbmysqliconnect($server, $username, $password, $database, $link) { $link = mysqli_init(); mysqli_real_connect($link, $server, $username, $password, $database) or die('could not connect: '.mysqli_connect_error()); if (mysqli_connect_errno($link)) { printf(Connect failed: %s\n, mysqli_connect_error($link)); exit(); } return $link; } ? this is a snipet of my index.php file: ?PHP include(php.ini.php); include(defaults.php); include(dbmysqliconnect.php); include(notify_email.php); include(send_email.php); $link = dbmysqliconnect($server, $username, $password, $database, $link); //Do NOT insert or update sales rep database through this method... Only included to be supplied to the notify_email function. JP $salesRepID = $_POST['salesRepID']; $stmt = mysqli_stmt_init($link); //Create the statement mysqli_stmt_prepare($stmt, UPDATE database.table ( FName, LName, email, phone, url, record, subscribed, date, IPAddress, Business, Address1, City, State, Zip, Coffee, Meeting, areaPlans) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)); // Error checking. JP echo BRPrint of post:BR; print_R($_POST); echo BRdump of the statement:BR; var_dump($stmt); mysqli_stmt_bind_param($stmt, 's', $_POST['txtFName'], $_POST['txtLName'], _POST['txtEmail'], $_POST['txtPhone'], $_POST['txturl'], $_POST['record'], $_POST['subscribed'], $date, $_SERVER['REMOTE_ADDR'], $_POST['txtBusiness'], $_POST['txtAddress1'], $_POST['txtCity'], $_POST['txtState'], _POST['txtZip'], $_POST['rdoCoffee'], $_POST['rdoTime'], $_POST['areaPlans']) or die(mysqli_error($link)); LINE 67 echo BRDump of stmt:BR; var_dump($stmt); //Add the record mysqli_stmt_execute($stmt) or die(mysqli_error($link)); printf(Error: %d.\n, mysqli_stmt_error($stmt)); printf(%d Row Inserted.\n, mysqli_stmt_affected_rows($stmt)); $check = mysqli_stmt_error($stmt); echo BR$checkdateBR; notify_email($Record, $salesRepID); ? The error that I am getting is: Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: invalid object or resource mysqli_stmt in /public_html/purl/purlprocess.php on line 67 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '( FName, LName, email, phone, url, recor' at line 1 Am I just going crazy or is there something really wrong? Okay.. I'm done... First stupid question of the year... Only 3,349,587 more to go for the year! :P -- Jason Pruim japr...@raoset.com 616.399.2355 Maybe try enclosing your field names in backticks? Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Been staring at the code for too long...
Jason Pruim wrote: mysqli_stmt_prepare($stmt, UPDATE database.table ( UPDATE database.table SET ( think that should fix it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Been staring at the code for too long...
mysqli_stmt_prepare($stmt, UPDATE database.table ( FName, LName, email, phone, url, record, subscribed, date, IPAddress, Business, Address1, City, State, Zip, Coffee, Meeting, areaPlans) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)); Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: invalid object or resource mysqli_stmt in /public_html/purl/purlprocess.php on line 67 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '( FName, LName, email, phone, url, recor' at line 1 Am I just going crazy or is there something really wrong? Okay.. I'm done... First stupid question of the year... Only 3,349,587 more to go for the year! :P I don't work with MySQL, but shouldn't the UPDATE syntax be something like this: mysqli_stmt_prepare($stmt, UPDATE database.table SET FName = ?, LName = ?, email = ?, phone = ? WHERE id = ?);
Re: [PHP] Re: Been staring at the code for too long...
On Fri, Jan 9, 2009 at 11:05 AM, Nathan Rixham nrix...@gmail.com wrote: Jason Pruim wrote: mysqli_stmt_prepare($stmt, UPDATE database.table ( UPDATE database.table SET ( think that should fix it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Unless his database is named database and his table is named table. ;) -- Kyle Terry | www.kyleterry.com
Re: [PHP] Adressing XML Objects
Try it with just one / at the start of the xpath. /anbieter/immobilie/... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] on Mapserver and php5_MapScript
As I write this line is highlighted in black php5_MapScript code in mapfile LAYER NAMEPeru_dep DATAdepartamentos.shp STATUS ON TYPEPOLYGON CLASSITEM NOMB_DEP CLASS NAMELIMA *EXPRESSION /LIMA/* STYLE COLOR 200 150 2 OUTLINECOLOR0 0 0 END END y los quiero pasar a PHP version php coce // Creamos un Layer dentro de nuestro MapObj y seteamos sus propiedades $jLayer = ms_newLayerObj($jMap); $jLayer-set( name, Peru_dep); $jLayer-set( type, MS_LAYER_POLYGON); $jLayer-set( status, MS_ON); $jLayer-set( data, departamentos.shp); $jLayer-set( classitem, NOMB_DEP); //Creamos un classObj dentro del LayerObj $jClass = ms_newClassObj($jLayer); $jClass-set( name, LIMA); *$jClass-set( Expression, /LIMA/);* //Creamos un styleObj dentro del classObj $jStyle = ms_newStyleObj($jClass); $jStyle-color-setRGB(200, 150, 2); $jStyle-outlinecolor-setRGB(200, 200, 200);
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 12:47 PM, Jason Pruim japr...@raoset.com wrote: On Jan 9, 2009, at 12:18 PM, Gary wrote: Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? Yes, Look at heredoc syntax on the php.net site. Works really well for a few pages that I use. You don't need heredoc for a page that doesn't have any PHP code in it. file: HelloWorld.php html body pHello World/p /body /html This is a prefectly valid PHP page. Can I mix and match file formats (php/html) in a single site? Yes. You can easily mix and match, in fact... if you go one step further... You can remove the extension's all together from the files so that you can change it as needed and not screw up any links that you have already created. How would you do that? The options I can think of involve: 1) You have to either configure the web server to serve everything (including images, flash content, javascript, CSS, etc.) through PHP -- or at least anything without a handled mime-type. 2) You have to configure the web server to use something like mod_rewrite to point URLs to the correct script. 3) You create a folder for every unique page in the entire site and each folder contains exactly one file named either index.php or index.html (or whatever the default document name is for your web server). Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] on Mapserver and php5_MapScript
On Fri, 2009-01-09 at 14:15 -0500, Eduardo Arévalo wrote: As I write this line is highlighted in black php5_MapScript You should probably ask this on the UMN Mapserver lists at mapserver-us...@lists.osgeo.org but... ; $jStyle-outlinecolor-setRGB(200, 200, 200); You are setting an outline colour, but the style you are using does not allow it to be displayed. Basically all you are getting is the outline and not the fill. I suggest you read the excellent mapfile docs or ask on another list. -- Paul All Email originating from UWC is covered by disclaimer http://www.uwc.ac.za/portal/public/portal_services/disclaimer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
Hey Gary, I've done a number of sites in html and am now venturing into php. Can I create a page in html and insert php code that will work? (for example, take an existing page and insert a date command) --- Of course you can do that. But it is not advised. Becoming better in PHP in few months you will understand that its almost necessary to separate business logic from presentation logic. But as a beginner you can do that. So basically have ?php ? tags around the php code that you write. better to rename your files to .php extension. Can I create a page with the php extension that contains only contains html and no php? If so are there advantages/disadvantages? -- Yes you can do that but if you have ?php ? it better to wrap your html in quotes and also escape them and print it on the screen using echo command or print command. echo is better though. or else if you dont want to open ?php ? tags then you can have plain html without any hassle. -- Remember as you re still a beginner try to avoid using ? at the end of complete PHP code page. or else if you have empty lines at the end of the file then you wont see blank page of death in PHP. Can I mix and match file formats (php/html) in a single site? -- Every wesbite in this world not only in PHP or anywhere is a combination of html (presenation layer) and PHP (Logic). So the asnwer is yes. Thanks, V
Re: [PHP] Editing in a text area field
Rule #1. Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering. Specifically, do NOT add br / tags in place of newlines. Store the newlines. Upon OUTPUT, you can use nl2br() to get br / tags. Or str_replace if you want /p instead. This is crucial as a habit, down the road, when you later want to put their stuff out as non-HTML such as RSS or PDF or other output mechanisms. Consider their input as sacrosanct (except for dangerous/evil input). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
On Fri, Jan 9, 2009 at 2:38 PM, c...@l-i-e.com wrote: Rule #1. Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering. Probably shouldn't recommend sanitizing then. Only validate reject. :P -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] imagejpeg, imagecreatefromjpeg both choke
Do other images work? Open and re-save the image. Strip out comments and EXIF data while you are at it -- Some versions of GD had problems with EXIF/comments as I recall. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Create image from HTML
I know there was an OSS package that took any URL and made a screenshot of it... Thumbnailer or somesuch?... Commercial folks do it. http://browsercam.com/ Compare cost to dev costs for roll your own... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
Rule #1. Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering. Specifically, do NOT add br / tags in place of newlines. Store the newlines. 100% I agree. Thats called the act of defensive programming. We have no right over altering user input but yes we have right to display what we want user see on the site. Thanks, V
Re: [PHP] Couple of beginner questions
The slowdown of just running raw HTML through PHP was once benchmarked as about 5 to 10 %. You could, in theory, use .htaccess and Files to ForceType specific .html files as PHP, while leaving the rest of your .html files as static. I am not recommending this, just being pedantic. :-) Definitely better to either do them all and take performance hit, which is probably irrelevant to a beginner, or plan better now and strip .xyz from the URLs. ymmv. Personally, I've been quite happy for over a decade running all .html through PHP, on 99% of the sites I work on. If it's big enough to *need* static content, they usually have already gone the route of CDN and have static HTML off on those nodes anyway, in my limited experience. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] imagejpeg, imagecreatefromjpeg both choke
The browser cheerfully rendering a badly-broken JPEG is quite common, if it can figure out what the JPEG was supposed to have been. (Think bad HTML and quirks mode.) So you really want to validate it with something more strict than a browser. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
Rule #1. Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering. Probably shouldn't recommend sanitizing then. Only validate reject. :P mea culpa I meant ESCAPING, of course. If it doesn't pass sanitizing/filtering, it's probably better to just reject and force re-entry by the user. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, 2009-01-09 at 18:09 +, Nathan Rixham wrote: Daniel Brown wrote: On Fri, Jan 9, 2009 at 12:43, Nathan Rixham nrix...@gmail.com wrote: actually i ran it in a debugger, in an ide, in a virtual machine :p in Siberia. scotland in winter; same thing really I lived in Scotland for many years... Scottish winters pale in comparison to northern Canadian winters, and these in turn pale in comparison to Siberian winters. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 3:22 PM, c...@l-i-e.com wrote: The slowdown of just running raw HTML through PHP was once benchmarked as about 5 to 10 %. You could, in theory, use .htaccess and Files to ForceType specific .html files as PHP, while leaving the rest of your .html files as static. I am not recommending this, just being pedantic. :-) Definitely better to either do them all and take performance hit, which is probably irrelevant to a beginner, or plan better now and strip .xyz from the URLs. ymmv. Personally, I've been quite happy for over a decade running all .html through PHP, on 99% of the sites I work on. If it's big enough to *need* static content, they usually have already gone the route of CDN and have static HTML off on those nodes anyway, in my limited experience. I was just talking myself. I use objects and such so I'm really not as worried about performance either. But it was a downside that I knew about from some css/js stuff I'd done a while ago. I still had 2 files on my box from some framework stuff I'd been messing with. Here were some results from my local testing (from the Yii framework). -- index.html -- $ cat index.html hello world $ ab -t 30 -c 50 http://localhost/benchmarks/baseline/index.html Requests per second:631.07 [#/sec] (mean) Time per request: 79.23 [ms] (mean) Time per request: 1.58 [ms] (mean, across all concurrent requests) -- index.php -- $ cat index.php ?php echo hello world ? $ ab -t 30 -c 50 http://localhost/benchmarks/baseline/index.php Requests per second:358.21 [#/sec] (mean) Time per request: 139.58 [ms] (mean) Time per request: 2.79 [ms] (mean, across all concurrent requests) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Editing in a text area field
On Fri, Jan 9, 2009 at 14:43, VamVan vamsee...@gmail.com wrote: 100% I agree. Thats called the act of defensive programming. We have no right over altering user input but yes we have right to display what we want user see on the site. Well, of course you have the _right_ to do it --- as long as it's legal, and it's not something that *requires* the data to remain unaltered, you have the right to do manipulate it however you want. The question comes down to ethics and in predicting the preferences of the user. I know what you mean, though. In most cases, you should have neither the need nor desire to alter user input upon INSERT/UPDATE. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 15:31, Robert Cummings rob...@interjinn.com wrote: I lived in Scotland for many years... Scottish winters pale in comparison to northern Canadian winters, and these in turn pale in comparison to Siberian winters. Yeah, and from the sounds of it, Rob, you guys are about to have a hell of a deep-freeze. We're getting down to the single-digits for the high in a few days here in Pennsylvania. It's the cold front that's been hovering over Alaska they've had twenty straight days with an ambient temperature - not windchill, actual air temperature - of between -20F and -65F (-29C and -54C). but don't worry. They're getting a heat wave by Monday: highs will be about -2F (-19C). http://www.google.com/search?q=Fairbanks%2C+Alaska+weather -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Create image from HTML
Christoph Boget wrote: Does anyone know if it's possible, using PHP, to take HTML (either as an input or from a URL) and generate an image (essentially, create a screenshot) of that HTML/page? I've looked around but was unable to find anything and I'm just not sure if it's that there really is nothing like this out there or if I'm just looking in the wrong places. Any advice/suggestions would be greatly appreciated! thnx, Christoph I vaguely recall ImageMagick will do it. Don't fuss at me if my memory is faulty. Use the Imagick wrapper. It's now a std php extension. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
On Fri, Jan 9, 2009 at 15:36, Eric Butera eric.but...@gmail.com wrote: I was just talking myself. I use objects and such so I'm really not as worried about performance either. But it was a downside that I knew about from some css/js stuff I'd done a while ago. I still had 2 files on my box from some framework stuff I'd been messing with. Here were some results from my local testing (from the Yii framework). Great benchmarks, Eric. Another very, very important point is to consider the number of extensions and core build of your local PHP engine. The more options that are compiled in, the larger the memory footprint, and the greater amount of time it will take to load, parse, process, and return to the HTTP server. It may be negligible to the end-user for a single request, but high-traffic sites could create a noticeable slowdown on some servers. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, 2009-01-09 at 15:47 -0500, Daniel Brown wrote: On Fri, Jan 9, 2009 at 15:31, Robert Cummings rob...@interjinn.com wrote: I lived in Scotland for many years... Scottish winters pale in comparison to northern Canadian winters, and these in turn pale in comparison to Siberian winters. Yeah, and from the sounds of it, Rob, you guys are about to have a hell of a deep-freeze. We're getting down to the single-digits for the high in a few days here in Pennsylvania. It's the cold front that's been hovering over Alaska they've had twenty straight days with an ambient temperature - not windchill, actual air temperature - of between -20F and -65F (-29C and -54C). but don't worry. They're getting a heat wave by Monday: highs will be about -2F (-19C). We're at -13C right now without windchill and this is in Ottawa which is a lot further south than I've lived in the past (Timmins, Sudbury). Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: hello
On Fri, Jan 9, 2009 at 16:16, Robert Cummings rob...@interjinn.com wrote: We're at -13C right now without windchill and this is in Ottawa which is a lot further south than I've lived in the past (Timmins, Sudbury). Yeah, no offense, my friend, but you can keep it. We're a balmy 22F (-5C) right now in Scranton. Anyway, back to the whole OS discussion: http://xkcd.com/528/ -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Been staring at the code for too long...
On Fri, Jan 9, 2009 at 13:38, Jason Pruim japr...@raoset.com wrote: Okay... So I know this is a stupid question... It sure is. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ Unadvertised dedicated server deals, too low to print - email me to find out! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
VamVan vamsee...@gmail.com wrote in message news:12eb8b030901091135u4e17f1f3p24698dbc8f5a2...@mail.gmail.com... -- Remember as you re still a beginner try to avoid using ? at the end of complete PHP code page. or else if you have empty lines at the end of the file then you wont see blank page of death in PHP. I never knew this. Could this be why I get 401 errors if a page throws an error with out a successful run first? as in if I load up the page and there is an error I get 401, but if I upload a blank file with the same name, load that, then upload the errant code and refresh I can suddenly see an error? Frank -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Couple of beginner questions
With all due respect, Eric, you're not testing what we're discussing. A real CLI test would be more like: time cat foo.html time php -q foo.html I.E., how long does PHP take to read/write foo.html without breaking into PHP mode for static HTML. Of course, it's still a lousy benchmark with CLI instead of Apache wrapper, but you get my point, I trust. Q: How much slower is it to force all static .html files through PHP wrapper of Apache? A: About 5 to 10 % (as of a couple years ago...) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php