Ahh yeah that makes sense. Some of the initial PHP code was broken so I
fixed it. I added the new code to CVS last night. Sorry for not making it
clear.
Leif
----- Original Message -----
From: "Jeremy Wanamaker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 06, 2003 2:45 PM
Subject: Re: [Dynapi-Dev] dynapi.util.ioelement-postresponse.php
> Leif,
>
> I see now why we haven't been on the same page. The August 6th DynAPI
> snapshot contains different versions of the postresponse and ioelmsrv php
> files than the August 5th snapshot. So I was pointing out a bug that had
> already been fixed. I do agree with you that standardizing the functions
> between scripting languages is important to the goal of DynAPI. Keep up
the
> good work.
>
> Jeremy
>
>
> ----- Original Message -----
> From: "Leif W" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, August 06, 2003 12:21 PM
> Subject: Re: [Dynapi-Dev] dynapi.util.ioelement-postresponse.php
>
>
> > Ahh, I think I see now... there is no need to use extract on $_POST or
> $_GET
> > in the example.
> >
> > In the postresponse there's two lines:
> >
> > $name = wsGetRequest( "name" );
> > $color = wsGetRequest( "color" );
> >
> > This is making use of the wsGetRequest function in ioelmsrv.php. It
seems
> > redundant, but wsGetRequest will look in either $_GET or $_POST
depending
> on
> > the IOMethod used (get, post, upload {which is also post}), or fallback
> onto
> > the $_SERVER['REQUEST_METHOD'].
> >
> > Agreed, there's often much more simple and elegant ways of doing things
> > natively in PHP than in ASP's JScript and VBScript or in Perl. But the
> > exercise is to create the same library with the same functions
available,
> > and the examples should use those functions. Correct? Unless I am
> missing
> > some other fine point...
> >
> > Leif
> >
> > ----- Original Message -----
> > From: "Jeremy Wanamaker" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Wednesday, August 06, 2003 11:16 AM
> > Subject: Re: [Dynapi-Dev] dynapi.util.ioelement-postresponse.php
> >
> >
> > > As it stands, the php code in dynapi.util.ioelement-postresponse.php
> looks
> > > like this:
> > >
> > > <?
> > > // generate javascript variables
> > >
> > > echo "var response = 'Your name is $name, and your favourite color is
> > > $color';";
> > >
> > > ?>
> > >
> > > The values of $name and $color are coming from the post data. If
> register
> > > globals are turned on, $name and $color will be automatically assigned
> > from
> > > the $_POST array. If register globals are off, you have to reference
> these
> > > variable from with the $_POST array as follows:
> > >
> > > echo "var response = 'Your name is $_POST[name], and your favourite
> color
> > is
> > > $_POST[color]';";
> > >
> > > ... or you can put an
> > >
> > > extract($_POST);
> > >
> > > before the echo line. There is the potential to overwrite other
> variables
> > > with extract if you are not careful. One way to make sure values are
not
> > > overwritten is to use the EXTR_SKIP flag when using extract - see
> > > http://php.net/extract - The first method is better though. My main
> point
> > > was that in the current CVS version, the variables are not referenced
> > > correctly if register globals are off.
> > >
> > > Jeremy
> > >
> > > ----- Original Message -----
> > > From: "Leif W" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Wednesday, August 06, 2003 10:19 AM
> > > Subject: Re: [Dynapi-Dev] dynapi.util.ioelement-postresponse.php
> > >
> > >
> > > > Hi,
> > > >
> > > > I am not sure I understand this... All the variables exist in $_GET,
> > > $_POST,
> > > > $_COOKIES, $_FILES, so in the script I referenced them as such. I
> read
> > my
> > > > php.ini and the manual. The extract will bring all the assosciative
> > array
> > > > elements into the current symbol table. But if you do this, isn't
> there
> > a
> > > > risk of clobbering existing variables in use? If the PHP script
> exists
> > on
> > > a
> > > > server, and someone can figure out which variable names we're using,
> > they
> > > > may be able to override our variables and gain more control of the
> > script
> > > > than we want. Shouldn't we just abide by the default of leaving the
> > data
> > > in
> > > > the $_GET, $_POST, $_COOKIES, $_FILES arrays, and not override the
> > default
> > > > behaviour of disabling the register_globals, and so not risk
> > compromising
> > > > security?
> > > >
> > > > Leif
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Jeremy Wanamaker" <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > > Sent: Wednesday, August 06, 2003 9:14 AM
> > > > Subject: [Dynapi-Dev] dynapi.util.ioelement-postresponse.php
> > > >
> > > >
> > > > > The dynapi.util.ioelement-postresponse.php example script will not
> > work
> > > > with
> > > > > PHP versions > 4.2.0 because register globals are turned off by
> > default.
> > > > It
> > > > > would probably be useful to add
> > > > >
> > > > > extract($_POST);
> > > > >
> > > > > before the echo in that file. I mention this because I spent about
> an
> > > hour
> > > > > tracing through the rest of the code trying to figure out why the
> > > > variables
> > > > > weren't getting passed between php and javascript, only to
discover
> > that
> > > > > they were. The simplest explanation is usually the correct one I
> > guess.
> > > > >
> > > > > Jeremy
> > > > >
> > > > >
> > > > >
> > > > > -------------------------------------------------------
> > > > > This SF.Net email sponsored by: Free pre-built ASP.NET sites
> including
> > > > > Data Reports, E-commerce, Portals, and Forums are available now.
> > > > > Download today and enter to win an XBOX or Visual Studio .NET.
> > > > >
> > > >
> > >
> >
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> > > > > _______________________________________________
> > > > > Dynapi-Dev mailing list
> > > > > [EMAIL PROTECTED]
> > > > > http://www.mail-archive.com/[EMAIL PROTECTED]/
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> > > > -------------------------------------------------------
> > > > This SF.Net email sponsored by: Free pre-built ASP.NET sites
including
> > > > Data Reports, E-commerce, Portals, and Forums are available now.
> > > > Download today and enter to win an XBOX or Visual Studio .NET.
> > > >
> > >
> >
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> > > > _______________________________________________
> > > > Dynapi-Dev mailing list
> > > > [EMAIL PROTECTED]
> > > > http://www.mail-archive.com/[EMAIL PROTECTED]/
> > > >
> > >
> > >
> > >
> > > -------------------------------------------------------
> > > This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> > > Data Reports, E-commerce, Portals, and Forums are available now.
> > > Download today and enter to win an XBOX or Visual Studio .NET.
> > >
> >
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> > > _______________________________________________
> > > Dynapi-Dev mailing list
> > > [EMAIL PROTECTED]
> > > http://www.mail-archive.com/[EMAIL PROTECTED]/
> > >
> > >
> >
> >
> >
> >
> > -------------------------------------------------------
> > This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> > Data Reports, E-commerce, Portals, and Forums are available now.
> > Download today and enter to win an XBOX or Visual Studio .NET.
> >
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> > _______________________________________________
> > Dynapi-Dev mailing list
> > [EMAIL PROTECTED]
> > http://www.mail-archive.com/[EMAIL PROTECTED]/
> >
>
>
>
> -------------------------------------------------------
> This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> Data Reports, E-commerce, Portals, and Forums are available now.
> Download today and enter to win an XBOX or Visual Studio .NET.
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> _______________________________________________
> Dynapi-Dev mailing list
> [EMAIL PROTECTED]
> http://www.mail-archive.com/[EMAIL PROTECTED]/
>
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Dynapi-Dev mailing list
[EMAIL PROTECTED]
http://www.mail-archive.com/[EMAIL PROTECTED]/
