php-general Digest 5 Jul 2004 04:27:06 -0000 Issue 2858 Topics (messages 189668 through 189687):
Dissappering Tables Server wide 189668 by: Chris Re: web page output "as we go" 189669 by: David T-G 189674 by: John W. Holmes Re: Unable to retrieve value from database and echo on screen 189670 by: Larry E. Ullman 189679 by: mcp6453 compiling 3'd party php modules 189671 by: Zilvinas Saltys Re: PHP doesnt work! 189672 by: Warren Vail PHP5 / MySQLi + Apache: InnoDB access problems 189673 by: BJ Something like strip_tags? 189675 by: Jason Paschal 189676 by: John W. Holmes Including files within a class definition 189677 by: Cameron Just For/Next Help Needed 189678 by: mcp6453 189680 by: John W. Holmes 189682 by: mcp6453 189683 by: John W. Holmes Session tracking and multiple form updates 189681 by: Michael Gale 189684 by: Tom Rogers 189685 by: John W. Holmes 189686 by: John W. Holmes 189687 by: Michael Gale Administrivia: To subscribe to the digest, e-mail: [EMAIL PROTECTED] To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] ----------------------------------------------------------------------
--- Begin Message ---Hi All. What would cause all the tables in all the databases to be deleted all at once? TIA
--- End Message ---
--- Begin Message ---Jason, et al -- ...and then Jason Barnett said... % % >Is there any way I can tell the web browser to start trickling the data % >onto the page? % % As Torsten so kindly pointed out to me before, your friend is the % flush() function: % http://www.php.net/flush Aha! It looks like it's just my browser, since even flush() didn't help me but when I started poking around under Win (ugh!) both Mozilla and IE scrolled the data down the screen. The manual seems to frown upon using flush(), so I'll experiment with it some more, but I suspect that Linux/LYNX simply won't do this for me and that's no big deal since few of our customers use it. % % Jason Thanks for the pointing :-) :-D -- David T-G [EMAIL PROTECTED] http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!pgpPrq6qNsU8y.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---David T-G wrote:
Jason, et al --
...and then Jason Barnett said...
% >Is there any way I can tell the web browser to start trickling the data
% >onto the page?
% % As Torsten so kindly pointed out to me before, your friend is the % flush() function:
% http://www.php.net/flush
Aha! It looks like it's just my browser, since even flush() didn't help me but when I started poking around under Win (ugh!) both Mozilla and IE scrolled the data down the screen.
The manual seems to frown upon using flush(), so I'll experiment with it some more, but I suspect that Linux/LYNX simply won't do this for me and that's no big deal since few of our customers use it.
The effect is going to be different for everyone, as you've found out, based upon their browser, ISP, your server setup, etc. The output could be cached and held at any point along the way from you to them regardless if you're using flush() in your PHP script. If you use tables, it'll be handled differently, too. Some browsers won't render a table until the </table> is received.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---/* Select User's First Name From Table */ $sql = "SELECT UserFirstName FROM RegisteredMembers WHERE UserID='$_POST[TXT_UserID]'"; $result5 = mysql_query($sql) or die ("couldn't select UserID from database"); $num = mysql_num_rows($result);
/* Welcome Registsred Member */ echo "welcome to the registered members area ";
echo ("$result");
There are a few problems here:
1) Your query result is assigned to $result5 but then you use $result in the mysql_num_rows() function.
2) You never fetch any information. You need something like
$row = mysql_fetch_array($result5).
3) You're trying to print the query result when you should be printing the fetched information like so
echo $row['UserFirstName'];
Hope that helps, Larry
--- End Message ---
--- Begin Message ---Larry E . Ullman wrote: > > > /* Select User's First Name From Table */ > > $sql = "SELECT UserFirstName FROM RegisteredMembers WHERE > > UserID='$_POST[TXT_UserID]'"; > > $result5 = mysql_query($sql) or die ("couldn't select UserID from > > database"); > > $num = mysql_num_rows($result); > > > > /* Welcome Registsred Member */ > > echo "welcome to the registered members area "; > > > > echo ("$result"); > > There are a few problems here: > 1) Your query result is assigned to $result5 but then you use $result > in the mysql_num_rows() function. > 2) You never fetch any information. You need something like > $row = mysql_fetch_array($result5). > 3) You're trying to print the query result when you should be printing > the fetched information like so > echo $row['UserFirstName']; > > Hope that helps, > Larry Larry: It's good to see you posting here. I'm on page 30 of your book and find it to be very helpful and extremely well written. Mike
--- End Message ---
--- Begin Message ---Hello, I need to compile sqlanywhere module. http://www.sybase.com/detail/1,6904,1019698,00.html Theyr documentation says that i need to compile the whole php source tree. That is not an easy task on gentoo with ebuilds. Well i managed to do that. But maybe there is an easier way? To compile seperate modules and just load them with dl() function.. Thanks Bye
--- End Message ---
--- Begin Message ---PHP relies on a server side interpreter that normally runs under an apache web server and you reference those files by having your browser fetch those files through a URL that maps to your PHP files, beginning with something like http://hostname.com/program.php. If you opened the files directly with your browser, you have bypassed the apache server and PHP interpreter, which of course, would not allow the PHP code to actually be executed. Not real sure this is what you might have done, but it's a common mistake. good luck, Warren Vail [EMAIL PROTECTED] -----Original Message----- From: Jason Barnett [mailto:[EMAIL PROTECTED] Sent: Saturday, July 03, 2004 9:13 PM To: [EMAIL PROTECTED] Subject: [PHP] Re: PHP doesnt work! Gmo Baez wrote: > Hello, I have a Freebsd server 5.2.1 with Apache 2.0.48 and PHP 4.3.4. > > After the installation everything looks normal, but after i created some PHP > web files to test it, I found that PHP is not working. > When i open de PHP document with the browser i only receive a blank page. > But if i check the source code, all the PHP code is in there. What kind of code are you using to test the script? Not every script outputs html... have you tried phpinfo()? It is unclear what your problem may be from what you've given us. Jason -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---L.S. I can't get PHP5 / MySQLi (improved mysql) working. Here's the setup: Linux apache-2.0.50 mozilla mysql-4.1.3 php-5.0.0RC3 (configured --with-mysqli --without-mysql) All are compiled and installed as per their respective configure files and Makefiles (PHP developers take note: php needed a manual addition of ZEND_EXTRA_LIBS=-lstdc++ after configure ran). I have mysqld and apache running. Mysqld runs as user mysql.mysql, Apache runs as www.sys. MySQL itself and Apache itself are working flawlessly, and I've been using them for some time now. Also php is installed with proper php.ini that's basically the one from the package (php-medium.ini). From Mozilla, this script for instance runs fine: ------- <html> <head><title> phptest.php -- PHP / MySQLi Test </title></head> <body> <? echo $_SERVER['HTTP_USER_AGENT']; phpinfo(); ?> </body> </html> ------- Then in Mozilla I load this script, mysqli.php: ------- <html> <head> <title> mysqli.php -- PHP / MySQLi Test </title> </head> <body> <?php $database="MYDB"; $table="`TABLE`"; $link = mysqli_connect( "localhost", "root", "xxxxxxxx", $database ); if (!$link) { printf( "<P>unable to connect to the MySQL server at this time; error: %s</P>", mysqli_connect_error() ); exit(); } $sql = "select * from " . $table . ";"; if (($result=mysqli_query( $link, $sql ))) { echo( "<font face=fixed>" ); while ( $row = mysqli_fetch_assoc( $result ) ) { printf( "%s %s<br>", $row["Name"], $row["Date"] ); } echo( "</font>" ); mysqli_free_result( $result ); } else { echo( "<P>error getting table " . $table . "</P>"); } mysqli_close( $link ); ?> </body> </html> ------- This script, mysqli.php, runs (mutatis mutandis) fine from Mozilla under the 'old' PHP4/MySQL. With this PHP5/MySQL setup however, it doesn't produce any output. Tailing the Apache error.log there's this message: InnoDB: unable to create /usr/local/lib/mysql-4.1.3/var//innodb.status.1731: Permission denied 040704 17:11:20 Can't init databases [Sun Jul 04 17:11:21 2004] [notice] child pid 1728 exit signal Segmentation fault (11) This is with the mysql data-directory (/usr/local/lib/mysql/var/) set at permissions 755 (or 700 or 711), and user mysql.myqsl (as per the docs). So then I tried /usr/local/lib/mysql/var/ at permissions 777. Now the Apache error.log has: 040704 17:14:24 InnoDB: Operating system error number 13 in a file operation. InnoDB: The error means mysqld does not have the access rights to InnoDB: the directory. InnoDB: File name /usr/local/lib/mysql-4.1.3/var/ibdata1 InnoDB: File operation call: 'open'. InnoDB: Cannot continue operation. But still no go. I've played with other permissions, also for the Apache User/Group, libphp5.so, different parameters for mysqli_connect(), and quite a few other things, but I'm getting nowhere. The above script by the way does run OK with PHP5/MySQLi if I run it with php from the command-line, but only if the mysqld server is /not/ running. I suppose that's at least normal behaviour. I'm ready for any good suggestions and tips. Thanks for your time. BJ
--- End Message ---
--- Begin Message --- i'd like to be able to strip only one type of HTML tag from a web document (<a>), but to do that with strip_tags(), i'd have to predict every possible HTML tag that might be used, except for the one i want to strip, and put those in the allowable tags parameter.
That's why I was hoping someone knew of a better way to accomplish this. Any suggestions are welcome.
Thanks in advance, ~j
---------------------------------------
http://www.dailymedication.com - Everything you didn't know you needed until you went there and said to yourself, "What did I do before I visited DailyMedication.com?" and another part of you said, "It does not matter."
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
--- End Message ---
--- Begin Message ---Jason Paschal wrote:
i'd like to be able to strip only one type of HTML tag from a web document (<a>), but to do that with strip_tags(), i'd have to predict every possible HTML tag that might be used, except for the one i want to strip, and put those in the allowable tags parameter.
That's why I was hoping someone knew of a better way to accomplish this. Any suggestions are welcome.
Something like
$new_text = preg_replace('!<a.*</a>!iU','',$old_text);
will get rid of the <a> tags and leave everything else. Honestly, though, if you're allowing everything else, why not allow these? I can just as easily set up the text with decorations to make it look like a link and give it an "onclick" action to load another page...
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---Hi, I have a program which generates classes based on table structures within a database. However there are a few times where I need to put custom methods within these generated classes. I want to be able to do this but php gives an error for the following include class generatedClass { var $this = 0; function here($strVar){ echo 'this'; } include (extended_methods_stuff.php); } I know that I can probably extend this class to add the extra functionality however the other generated classes rely on the name of this class so I cannot just extend this class and it's name cannot change. Is there any way to have an include prior to the class being parsed?
--- End Message ---
--- Begin Message ---I'm using Jack's PHP FormMail script, and I need to change it. I know very little abou PHP, but here's what I very much need to do right away. I need the script to send the same hard coded message to each of 10 people. All of the email addresses do not need to be in the "To" field. Only the intended recipient needs to be there. So, I see the code as something line this: $recipient[1] = "[EMAIL PROTECTED]"; $recipient[2] = "[EMAIL PROTECTED]"; ... $recipient[n] = "[EMAIL PROTECTED]"; Then, something like this: for ($z=0;$z<count($val);$z++) mail($recipient[z$], $subject, $message, $headers); I realize there is a lot to it, but I'm stuck and in a time jam. If someone has another script that might be easier to modify, or if there is a script that already accomplishes this task, PLEASE let me know. You can see I'm a super novice.
--- End Message ---
--- Begin Message ---mcp6453 wrote:
I'm using Jack's PHP FormMail script, and I need to change it. I know very little abou PHP, but here's what I very much need to do right away.
I need the script to send the same hard coded message to each of 10 people. All of the email addresses do not need to be in the "To" field. Only the intended recipient needs to be there.
So, I see the code as something line this:
$recipient[1] = "[EMAIL PROTECTED]"; $recipient[2] = "[EMAIL PROTECTED]"; ... $recipient[n] = "[EMAIL PROTECTED]";
Then, something like this:
for ($z=0;$z<count($val);$z++) mail($recipient[z$], $subject, $message, $headers);
for($z=0;$z<count($recipient);$z++) { mail($recipient[$z],$subject,$message,$headers); }
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---John W. Holmes wrote: > > mcp6453 wrote: > > > I'm using Jack's PHP FormMail script, and I need to change it. I know > > very little abou PHP, but here's what I very much need to do right away. > > > > I need the script to send the same hard coded message to each of 10 > > people. All of the email addresses do not need to be in the "To" field. > > Only the intended recipient needs to be there. > > > > So, I see the code as something line this: > > > > $recipient[1] = "[EMAIL PROTECTED]"; > > $recipient[2] = "[EMAIL PROTECTED]"; > > ... > > $recipient[n] = "[EMAIL PROTECTED]"; > > > > Then, something like this: > > > > for ($z=0;$z<count($val);$z++) > > mail($recipient[z$], $subject, $message, $headers); > > for($z=0;$z<count($recipient);$z++) > { mail($recipient[$z],$subject,$message,$headers); } Thanks, John. That's helpful. I'm not sure what other problems I'm going to run into. It looks like I may have to put the whole script inside the "for" loop. What is the difference between this code and using a "foreach" command?
--- End Message ---
--- Begin Message ---for($z=0;$z<count($recipient);$z++) { mail($recipient[$z],$subject,$message,$headers); }
What is the difference between this code and using a "foreach" command?
Nothing, really. Using a foreach() simply means you don't have to keep up with the $z count variable...
foreach($recipient as $email) { mail($email,$subject,$message,$headers); }
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---Hello, I am working on a web site that is available only over HTTPS and am using session tracking. So far I am only saving the person's display name (different then login), site role and e-mail address in the "$_SESSION" data. The rest of the site is dynamic, now the question is on three particular pages the user fills in a form and hit's submit. Now at the moment on each page is a hidden variable containing a db primary key for which the data is getting updated. I know that hidden values are not a good idea since the user can change them ... so I was going to store the hidden value in a "$_SESSION" variable but then the problem is ... what happens when the user has two - three windows open and they are updating two - three different items. Each having it's own db key ? If I stored the key in a session variable the last one opened would over write any previous one. I hope I explained this correctly ... multiple updates and access to the site is allowed and can not be changed. Thanks. Michael.
--- End Message ---
--- Begin Message ---Hi, Monday, July 5, 2004, 1:27:12 PM, you wrote: MG> Hello, MG> I am working on a web site that is available only over HTTPS and am MG> using session tracking. MG> So far I am only saving the person's display name (different then MG> login), site role and e-mail address in the "$_SESSION" data. MG> The rest of the site is dynamic, now the question is on three particular MG> pages the user fills in a form and hit's submit. Now at the moment on MG> each page is a hidden variable containing a db primary key for which the MG> data is getting updated. MG> I know that hidden values are not a good idea since the user can change MG> them ... so I was going to store the hidden value in a "$_SESSION" MG> variable but then the problem is ... what happens when the user has two MG> - three windows open and they are updating two - three different items. MG> Each having it's own db key ? MG> If I stored the key in a session variable the last one opened would over MG> write any previous one. MG> I hope I explained this correctly ... multiple updates and access to the MG> site is allowed and can not be changed. MG> Thanks. MG> Michael. store it in the session like: $_SESSION[session_id()]['dbkey'] = $dbkey; then get it back with $dbkey = (isset($_SESSION[session_id()]['dbkey']))? $_SESSION[session_id()]['dbkey'] : 0; -- regards, Tom
--- End Message ---
--- Begin Message ---Michael Gale wrote:
Now at the moment on each page is a hidden variable containing a db primary key for which the data is getting updated.
I know that hidden values are not a good idea since the user can change them ... so I was going to store the hidden value in a "$_SESSION" variable but then the problem is ... what happens when the user has two - three windows open and they are updating two - three different items. Each having it's own db key ?
What's the impact if the variable is changed? There should still be some validation of the value on the server side, so changing it should be detected. If it's changed to another valid ID that the user has access to, then who cares if they change it? If they change it to an invalid value, you're validation will catch it and spit out an error. If they try to change it to an ID that they do not have access to, you're validation should catch and log that, also.
The security problem isn't in the "hidden" form elements, it's in how you're validating them.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message ---Tom Rogers wrote:
store it in the session like:
$_SESSION[session_id()]['dbkey'] = $dbkey;
then get it back with
$dbkey = (isset($_SESSION[session_id()]['dbkey']))? $_SESSION[session_id()]['dbkey'] : 0;
That doesn't negate the problem of people having more than one window open and editing records in each one. The session_id() is going to be the same for each window, so the last window opened will contain the ID and you'll lose the id for the other windows.
The OP could generate a code using uniqid() and store that in a hidden field. Then associate the database id to the unique code generated in the session...
$code = uniqid(); $_SESSION['dbkey'][$code] = $id;
<input type="hidden" name="code" value="<?=$code?>">
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals - www.phparch.com
--- End Message ---
--- Begin Message ---Hello, Thanks for the replies ... I valid all the data and input from the user. So if the user changes the value nothing bad will happen: I have in the code: if ($var != $hiddenvar) { e-mail blank saying "Blank has been updated" } That is it ... I made a mistake in my last e-mail .. the value of hidden is not a "DB primary key" just a important "column" in a table. Michael. On Sun, 04 Jul 2004 23:41:24 -0400 "John W. Holmes" <[EMAIL PROTECTED]> wrote: > Michael Gale wrote: > > > Now at the moment on > > each page is a hidden variable containing a db primary key for which > > the data is getting updated. > > > > I know that hidden values are not a good idea since the user can > > change them ... so I was going to store the hidden value in a > > "$_SESSION" variable but then the problem is ... what happens when > > the user has two- three windows open and they are updating two - > > three different items. Each having it's own db key ? > > What's the impact if the variable is changed? There should still be > some validation of the value on the server side, so changing it should > be detected. If it's changed to another valid ID that the user has > access to, then who cares if they change it? If they change it to an > invalid value, you're validation will catch it and spit out an error. > If they try to change it to an ID that they do not have access to, > you're validation should catch and log that, also. > > The security problem isn't in the "hidden" form elements, it's in how > you're validating them. > > -- > ---John Holmes... > > Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ > > php|architect: The Magazine for PHP Professionals – www.phparch.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
--- End Message ---