php-general Digest 21 Nov 2004 12:25:07 -0000 Issue 3125
Topics (messages 202580 through 202589):
Re: ending a session
202580 by: Hans J.J. Prins
202581 by: Hans J.J. Prins
Re: images process
202582 by: edwardspl.ita.org.mo
202585 by: Raditha Dissanayake
MD5 Hashing Comparison
202583 by: Gregori Halsiber
202584 by: James Kaufman
202586 by: Thomas Goyne
Re: PHP Supremacy...
202587 by: Rory Browne
Re: Where to learn about these topics
202588 by: Rens Admiraal
Re: PHP script + read file
202589 by: Jerry Swanson
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Thx jed,
Ik will try and find out more based on what you told me
"Jed Smith" <[EMAIL PROTECTED]> schreef in bericht
news:[EMAIL PROTECTED]
> Hans J.J. Prins wrote:
> >> 3. Is it the same copy of PHP? Same php.ini, same PHP SAPI?
> >
> > I really don't know I would have to find out later.
>
> PHP attached to different Apaches can't share sessions, AFAIK. You'll
> need to make sure it's the same copy of Apache, listening on both ports,
> and that there's not a different configuration for each. Otherwise your
> application might need a redesign to accommodate the difference in
> ports. Your own, custom session handlers aren't that difficult to
> implement, if I recall (been a while :^)).
>
> That's the best advice I can give without further information.
>
> >> 4. Same Apache?
> >
> > How do I find out?
>
> Ask your sysadmin.
>
> >> 5. What's your Listen directive look like, if YES for number 4?
> >
> > Sorry, don't know what you mean by that.
>
> It's in httpd.conf or friends, whatever your particular instance of
> Apache uses. I suggest having a glance over the Apache manual and having
> a chat with your sysadmin.
>
> Good luck.
>
> --
> _
> (_)___ Jed Smith, Code Ninja
> | / __| RFBs: [email for info]
> | \__ \ +1 (541) 606-4145
> _/ |___/ [EMAIL PROTECTED] (Signed mail preferred: PGP 0x703F9124)
> |__/ http://personal.jed.bz/keys/jedsmith.asc
--- End Message ---
--- Begin Message ---
Thanks!
"Jeffery Fernandez" <[EMAIL PROTECTED]> schreef in bericht
news:[EMAIL PROTECTED]
> Greg Donald wrote:
>
> >On Sat, 20 Nov 2004 13:52:32 -0800, Jed Smith <[EMAIL PROTECTED]> wrote:
> >
> >
> >>PHP attached to different Apaches can't share sessions, AFAIK. You'll
> >>need to make sure it's the same copy of Apache, listening on both ports
> >>
> >>
> >
> >The simplest solution is to use database managed PHP sessions, passing
> >the session id in the url. As long as you connect to the same
> >database, your PHP session will follow you wherever your scripts live.
> >
> >Someone probably has something better, but here's mine:
> >http://destiney.com/pub/php_db_sessions.tar.gz
> >
> >
> >
> >
> Nice tutorial here:
>
http://www.zend.com/zend/spotlight/code-gallery-wade8.php?article=code-gallery-wade8&id=4467&open=1&anc=0&view=1
>
> cheers,
> Jeffery
--- End Message ---
--- Begin Message ---
So, how can we fix this kind of problem ?
Raditha Dissanayake wrote:
> [EMAIL PROTECTED] wrote:
>
> >Dear You,
> >
> >How to load images ( eg: gif, jpg....) with base64 function from
> >Database on IE directly ?
> >
> >
> as far as I know you cannot do this with IE directly.
>
> >Is there any samples to me for reference ?
> >
> >Many thank for your help !
> >
> >Ed.
> >
> >
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] wrote:
>So, how can we fix this kind of problem ?
>
>
is it a problem?
>Raditha Dissanayake wrote:
>
>
>
>>[EMAIL PROTECTED] wrote:
>>
>>
>>
>>>Dear You,
>>>
>>>How to load images ( eg: gif, jpg....) with base64 function from
>>>Database on IE directly ?
>>>
>>>
>>>
>>>
>>as far as I know you cannot do this with IE directly.
>>
>>
>>
>>>Is there any samples to me for reference ?
>>>
>>>Many thank for your help !
>>>
>>>Ed.
>>>
>>>
>>>
>>>
>>>
>>--
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
>
--- End Message ---
--- Begin Message ---
Hi, I'm trying to write a md5 hash to auth users... And before I get flamed
about md5 not being a crypt system but a hashing system I know... Security
is not a problem..
I'm trying to build a standalone Message Update Center intranet with PHP
The problem I'm having is comparing a user inputed word or passphrase and
comparing the code to the hash on a mysql database....
here's the code....
<?php
// connect to database
$connection = mysql_connect("localhost","root");
mysql_select_db("forum");
$result = mysql_query('Select username, password from users');
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{ // start while fetch loop
if($_POST['givenuser'] == $row['username'])
{ // Begin user check
if( md5($_POST['givenpassword']) == $row['password'] )
print("Welcome!");
// The problem I'm having is the comaprisons are not accurate.....
// If I display ---> print(md5($_POST['givenpassword']);
// and $row['password'] to the browser all 32 char are identical
} // end user check
} // end while fetch loop
?>
Any Ideas at all? I was thinking that there could be somesort of WHITESPACE
problem in the hashing of the passed var givenpassword
or possible a problem with a wierd floting point calculation at the
comparision level?
thanks in advance
--- End Message ---
--- Begin Message ---
On Sat, Nov 20, 2004 at 05:49:04PM -0500, Gregori Halsiber wrote:
> Hi, I'm trying to write a md5 hash to auth users... And before I get flamed
> about md5 not being a crypt system but a hashing system I know... Security
> is not a problem..
> I'm trying to build a standalone Message Update Center intranet with PHP
>
> The problem I'm having is comparing a user inputed word or passphrase and
> comparing the code to the hash on a mysql database....
>
> here's the code....
> <?php
> // connect to database
> $connection = mysql_connect("localhost","root");
> mysql_select_db("forum");
> $result = mysql_query('Select username, password from users');
Right here, why not do:
$username = $_POST['givenuser'];
$result = mysql_query("Select password from users where username='$username'");
That way you don't have to go through the loop for every user in the users
table.
> while($row = mysql_fetch_array($result, MYSQL_ASSOC))
> { // start while fetch loop
> // This is now guaranteed: if($_POST['givenuser'] == $row['username'])
> { // Begin user check
> if( md5($_POST['givenpassword']) == $row['password'] )
> print("Welcome!");
> // The problem I'm having is the comaprisons are not accurate.....
> // If I display ---> print(md5($_POST['givenpassword']);
> // and $row['password'] to the browser all 32 char are identical
> // No longer needed } // end user check
> } // end while fetch loop
> ?>
>
> Any Ideas at all? I was thinking that there could be somesort of WHITESPACE
> problem in the hashing of the passed var givenpassword
How is 'password' defined in the 'users' table? Is it a char(32) or a
varchar(32)? I would suspect a whitespace issue. Try rtrim on the password.
if( md5($_POST['givenpassword']) == rtrim($row['password']) )
> or possible a problem with a wierd floting point calculation at the
> comparision level?
>
> thanks in advance
>
--
Jim Kaufman
Linux Evangelist
public key 0x6D802619
--- End Message ---
--- Begin Message ---
On Sat, 20 Nov 2004 17:49:04 -0500, Gregori Halsiber <[EMAIL PROTECTED]>
wrote:
Hi, I'm trying to write a md5 hash to auth users... And before I get
flamed
about md5 not being a crypt system but a hashing system I know...
Security
is not a problem..
I'm trying to build a standalone Message Update Center intranet with PHP
The problem I'm having is comparing a user inputed word or passphrase and
comparing the code to the hash on a mysql database....
here's the code....
<?php
// connect to database
$connection = mysql_connect("localhost","root");
mysql_select_db("forum");
$result = mysql_query('Select username, password from users');
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{ // start while fetch loop
if($_POST['givenuser'] == $row['username'])
{ // Begin user check
if( md5($_POST['givenpassword']) == $row['password'] )
print("Welcome!");
// The problem I'm having is the comaprisons are not accurate.....
// If I display ---> print(md5($_POST['givenpassword']);
// and $row['password'] to the browser all 32 char are identical
} // end user check
} // end while fetch loop
$connection = mysql_connect("localhost","root");
mysql_select_db("forum");
$result = mysql_query('
SELECT 1
FROM `users`
WHERE `username` = \'' . mysql_real_escape_string($_POST['givenuser')) .
'\' AND
`password` = \'' . md5($_POST['givenpassword'] . '\'');
if(mysql_num_rows($result))
print 'Welcome!';
--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
http://www.smempire.org
--- End Message ---
--- Begin Message ---
First thing you need to figure out is whether or not your manager is
insane. That argument seems to come from either someone who is, or
someone who hasn't a monos(monkeys) clue about software management.
A few facts:
dotNET runs on Linux - with the help of mono or dotGNU. Check them
out, and use them if they fulfill your needs, since it will be easier
to port from them to MS, than from MS to mono.
XPCOM from the Mozilla Project is a Cross Platform alternative for
COM(someone said that COM only works on MS Win)
MS is a security nightmare: Not only does it have more holes, but more
people are looking to find holes in MS software. More people are
looking to exploit holes in MS sw. It takes longer for security
updates for MS software. Linux security holes are rarely targeted(in
comparison to MS), and if you regularly update your sytem, and
subscribe to your distros security mailing list, you're pretty much
covered.
TCO: MS admins are cheaper to hire, but nix admins get more done. Lets
say a windows admin costs $X, and a Linux Admin costs $2X, per year. A
linux admin is still better value, since he can manage, about a factor
of 10 more than windows admins can. => Linux admins are ~5 times
better value than win admins.
Zend (Zend.com) offer commercial support for PHP. Zend provide for the
PHP professional what MS provides for the dotNET professional. Check
out zend.com. You also, when you use PHP, don't rely on any
commercially produced code, with the exception of the
original-BSD-style-licensed Zend Engine.
On Wed, 17 Nov 2004 16:17:44 -0600, Pedro Ir�n M�ndez P�rez
<[EMAIL PROTECTED]> wrote:
> Hello my friends, I need your help in convince to my boss in adopt php for
> development of a tool for intranet in my office, he told me that php is open
> source and we don�t know if will disappear in a year, or if php have a
> support like .net.
>
> what arguments can I show for convince him to try PHP?
>
> Thank you very much :)
>
> =====
> "�Acaso se olvidar� la mujer de su beb�, y dejar� de compadecerse del hijo
> de su vientre? Aunque ellas se olviden, yo no me olvidar� de ti"
>
> Isa 40:27
> =====
>
> Atte Pedro Ir�n M�ndez P�rez
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hi,
I don't have any documentation you can use I think, but I have some
comments on what you say...
By part 1 you say:
how do I handle
the workflow when the data in related tables doesn't yet exist? Do I
force a user to enter data into 5 different forms first? Do I have a
place to enter the new data on the main form? Do I create temporary
records as part of a step-by-step process?
Step by step answer:
* In MySQL I would say... If you have data which has to be inserted
in serveral tables, you must first check if all conditions are ok.
So, do some selects to check if everythin in your database is ok,
and after that, execute the query. But, when you really want to
make complex database driven applications, choose PostgreSQL! This
database is better build for complexity (and not only that ;) ),
and supports transactions and references, and more stuff like that
which can be really helpful to you... And when you compare MySQL
against PostgreSQL... PostgreSQL is a heavy system compared with
MySQL, also free, but when you look at the functionality: SUPERIOR
* Never force a user to enter data into 5 forms if you can do it
with 1!!! That won't give you a usable application in which users
think: "Yeah, this is really great to use"
* I don't see what you mean with entering data on the main form,
but, read my previous tip again :)
* Use variables to store all data, you can do this with sessions,
cookies, $_POST, whatever... But only execute your queries when
you have all data you want... That will really keep your script
clear, and you will earn more style points :-)
By point 2 you allmost ask me to refer to PostgreSQL... And, in PHP you
don't have to place the whole query on 1 rule... use that... This is
what I mean:
$query = " SELECT * FROM table1, table2 WHERE table1.id = table2.id AND
table1.value = 'value' OR table2.value = '' ORDER BY table1.name ";
is less readable than:
$query = " SELECT * FROM table1, table2
WHERE table1.id = table2.id
AND table1.value = 'value'
OR table.value = ''
ORDER BY table1.name ";
I hope this helps you :)
Greetz
Chris Lott wrote:
Where can I learn topics such as:
1) Examples of complex PHP applications entering data into complex
related table structures. For instance, if I am writing an application
to create a class catalog that has 5 related tables, how do I handle
the workflow when the data in related tables doesn't yet exist? Do I
force a user to enter data into 5 different forms first? Do I have a
place to enter the new data on the main form? Do I create temporary
records as part of a step-by-step process?
2) Complex display with database results-- particularly when working
with many joined tables, displaying results effectively for reporting
(show me all departments, within that all classes, within that who is
teaching, sorted by department). The queries aren't hard, but if
optimized into one big query the constructs for displaying seem to get
ugly. For instance, given a query that gives me these results as
$result (joined together from three tables):
+---------+----------+----------+-----------+-------+
| first | last | relation | city | state |
+---------+----------+----------+-----------+-------+
| Chris | Beks | business | Fairbanks | AK |
| Robert | Hannon | friend | Fairbanks | AK |
| Cindy | Lott | family | Fresno | CA |
| Derryl | Hartz | business | Seattle | WA |
| Kirsten | O'Malley | friend | Seattle | WA |
+---------+----------+----------+-----------+-------+
It seems like there must be a more efficient way to get a listing of
each city and who lives there than:
$currentcity = '';
$counter = 1;
while ($thisrow = mysql_fetch_array($result))
{
if ($currentcity <> $thisrow['city'])
{
if ($counter > 1)
{
echo '</blockquote>';
}
echo '<h1>' . $thisrow['city'] . '</h1>';
echo '<blockquote>';
$currentcity = $thisrow['city'];
}
echo $thisrow['first'] . ' ' . $thisrow['last'] . '<br />';
$counter++;
}
Although this is preferable to running separate queries:
$query = 'select lid, city, state from locations order by city, state';
$result = mysql_query($query) or die('Couldn\'t perform the query: ' . $query);
while ($thisrow = mysql_fetch_array($result))
{
echo '<h1>' . $thisrow['city'] . ', ' . $thisrow['state'] . '</h1>';
echo '<blockquote>';
$pquery = "select first, last from people where lid =
{$thisrow['lid']} order by last, first";
$presult = mysql_query($pquery) or die('Couldn\'t perform the query:
' . $query);
while ($prow = mysql_fetch_array($presult))
{
echo $prow['first'] . ' ' . $prow['last'] . '<br />';
}
echo '</blockquote>';
}
c
--- End Message ---
--- Begin Message ---
What is wrong with this code? Why $input_str is empty.
if ($handle = opendir('/home/test2/')) {
echo "Directory handle: $handle\n";
echo "Files:\n";
while (false !== ($file = readdir($handle))) {
if($file != "." && $file != ".."){
$handle1 = fopen($file, "a+");
$input_str = fread($handle1, filesize($file));
echo "TEST".$input_str;
}
}
}
On Sun, 21 Nov 2004 05:40:07 +0800, Jason Wong <[EMAIL PROTECTED]> wrote:
> On Sunday 21 November 2004 05:11, Jerry Swanson wrote:
>
>
> > I know how to read a file. But the problem is different, I have
> > directory that has more than 250 files. I need to read each file and
> > process it. But How I know what file to read?
> > ls -l (show all files). How I can select each file without knowing
> > name? The file will be process and than delete.
>
> To get list of files from directory:
> manual > Directory Functions
>
> To open/read/write/delete files:
> manual > Filesystem Functions
>
> There are plenty of examples in the manual and in the user notes of the online
> manual.
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-general
> ------------------------------------------
> /*
> Do not try to solve all life's problems at once -- learn to dread each
> day as it comes.
> -- Donald Kaul
> */
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
