php-general Digest 9 Feb 2005 13:09:27 -0000 Issue 3276
Topics (messages 208305 through 208334):
Re: Changing PHP properties (Previously: Cannot upload a file greater
208305 by: Todd Cary
208306 by: Dan Trainor
phpBB alternatives?
208307 by: Tony Di Croce
208308 by: Dan Trainor
208309 by: Robby Russell
208310 by: Chris Shiflett
208315 by: Mirco Blitz
Re: ncurses woes...
208311 by: Grimes, Dean
Re: Secure system calls -- how
208312 by: Niels
208313 by: Niels
208318 by: Jennifer Goodie
208321 by: Niels
ability to use extract to $this vars in a class
208314 by: daniel.electroteque.org
208317 by: Guillermo Rauch
208328 by: Jochem Maas
Re: Apache 2.0.52, PHP 5.03, FreeBSD 4.10 memory problems
208316 by: Sander Holthaus - Orange XL
208319 by: Sander Holthaus - Orange XL
208330 by: Mikey
Re: Cerauno Technologies announces the release of DocGuru Professional 1.0
208320 by: Akhil Dhanuka
FTP script and project
208322 by: D.Walsh
208323 by: Jason Wong
208334 by: Jay Blanchard
Re: reading/writing files outside of web root
208324 by: Jason Wong
Re: Problem using return from a class.
208325 by: Jason Wong
Re: Using
208326 by: Jochem Maas
208327 by: Dan Trainor
perl's Config::Ini File Module equivalent in PHP
208329 by: Nikhil M
208331 by: Abdul-Wahid Paterson
208332 by: Mikey
Fatal Error Handling
208333 by: James Taylor
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Dan -
Keep in mind that the change I made was within Apache on my server - not
in the php.ini file. The changes to the php.ini file are well
documented and have been covered within messages on this NewNet.
However, s I stated, I am not sure why that change needs to be
made...more reading for me I am sure!
Todd
Dan Trainor wrote:
Todd Cary wrote:
Richard -
It turned out that the following was missing from Apache's httpd.conf
file:
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
LimitRequestBody 5000000
</Files>
Not sure what that does or where I should have read about it, but I
did find that in an email I got with Google.
Todd
Richard Lynch wrote:
Todd Cary wrote:
I am using php 4 and Apache 1.3 on a RH 9 box.
upload_max_filesize is set to 5M
post_max_size is set to 8M
MAX_FILE_SIZE in the HTML upload page is set to 5000000
I get the error "The document contains no data" with any file over
500 KB.
What is creating the error?
Are you sure the HTML one isn't 500000?... :-)
Also double-check your settings in <?php phpinfo();?> to be sure that
the
php.ini you changed is the one PHP reads...
Actually, though, you shouldn't get "The document contains no data"
in any
of these, unless your BROWSER is getting tired of waiting for a response
from the server.
The PHP script should still be invoked, and it should be able to detect
the over-sized file uploaded, and it should print some kind of error
message about that.
It's quite possible your script does absolutely NOTHING when the file is
over-sized, and then it prints nothing out, and so the document is
completely empty, and you get that message.
Review the PHP you wrote and see what you did for an over-sized check on
the file uploaded, or any other kind of upload error. Are you printing
SOMETHING out in that case?
While we're touching base on this subject, I know that you don't know
much about this Todd, but does anyone else know where we can find more
information about making modifications to PHP's operations inline in a
configuration file such as this?
Thanks
-dant
--- End Message ---
--- Begin Message ---
Todd Cary wrote:
Dan -
Keep in mind that the change I made was within Apache on my server - not
in the php.ini file. The changes to the php.ini file are well
documented and have been covered within messages on this NewNet.
However, s I stated, I am not sure why that change needs to be
made...more reading for me I am sure!
Todd
Dan Trainor wrote:
Todd Cary wrote:
Richard -
It turned out that the following was missing from Apache's httpd.conf
file:
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
LimitRequestBody 5000000
</Files>
Not sure what that does or where I should have read about it, but I
did find that in an email I got with Google.
Todd
Richard Lynch wrote:
Todd Cary wrote:
I am using php 4 and Apache 1.3 on a RH 9 box.
upload_max_filesize is set to 5M
post_max_size is set to 8M
MAX_FILE_SIZE in the HTML upload page is set to 5000000
I get the error "The document contains no data" with any file over
500 KB.
What is creating the error?
Are you sure the HTML one isn't 500000?... :-)
Also double-check your settings in <?php phpinfo();?> to be sure
that the
php.ini you changed is the one PHP reads...
Actually, though, you shouldn't get "The document contains no data"
in any
of these, unless your BROWSER is getting tired of waiting for a
response
from the server.
The PHP script should still be invoked, and it should be able to detect
the over-sized file uploaded, and it should print some kind of error
message about that.
It's quite possible your script does absolutely NOTHING when the
file is
over-sized, and then it prints nothing out, and so the document is
completely empty, and you get that message.
Review the PHP you wrote and see what you did for an over-sized
check on
the file uploaded, or any other kind of upload error. Are you printing
SOMETHING out in that case?
While we're touching base on this subject, I know that you don't know
much about this Todd, but does anyone else know where we can find more
information about making modifications to PHP's operations inline in a
configuration file such as this?
Thanks
-dant
Todd -
I understand that, yes, which is why I'm more interested in changing
this on a per-virtualhost basis, specifically within Apache.
Thanks for keeping an eye out for me though.
-dant
--- End Message ---
--- Begin Message ---
Due to the recent vulnerabilities discovered in phpBB and the content
of this page:
http://www.phpbb.com/
I have decided to consider other options for my forum needs... Does
anyone have any reccomendations for a PHP based forum software?
--
Send REAL USPS letters from the Web!
http://www.quickymail.com
--- End Message ---
--- Begin Message ---
Tony Di Croce wrote:
Due to the recent vulnerabilities discovered in phpBB and the content
of this page:
http://www.phpbb.com/
I have decided to consider other options for my forum needs... Does
anyone have any reccomendations for a PHP based forum software?
I'm not an advocate for phpBB by any means, but I am an advocate for
correct information.
If you clearly read that page, you will see how it is explained that the
site was popped using a vulnerability in AWStats. Yes, this
vulnerability exists, because two of the sites that I admin were hit by
it :/
Just thought I'd pass that around.
Thanks
-dant
--- End Message ---
--- Begin Message ---
On Tue, 2005-02-08 at 17:16 -0800, Tony Di Croce wrote:
> Due to the recent vulnerabilities discovered in phpBB and the content
> of this page:
> http://www.phpbb.com/
> I have decided to consider other options for my forum needs... Does
> anyone have any reccomendations for a PHP based forum software?
> --
> Send REAL USPS letters from the Web!
> http://www.quickymail.com
>
> e attacked phpbb.com did indeed use a vulnerability in awstats to gain
> entry to our server
>
--
/***************************************
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | [EMAIL PROTECTED]
* 503.351.4730 | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
* --- Now hosting Ruby on Rails Apps ---
****************************************/
--- End Message ---
--- Begin Message ---
--- Tony Di Croce <[EMAIL PROTECTED]> wrote:
> Due to the recent vulnerabilities discovered in phpBB and the
> content of this page:
> http://www.phpbb.com/
> I have decided to consider other options for my forum needs... Does
> anyone have any reccomendations for a PHP based forum software?
FUDforum has proven to be much more secure over the years:
http://fudforum.org/forum/
My complaint with FUDforum is that it's fugly. :-) I find phpBB to be much
more attractive. Unfortunately, it has had numerous security
vulnerabilities over the years. I've never examined the code, so I'm not
sure if it's due to a poor design or just developer mistakes, but I
wouldn't feel comfortable deploying it.
While I agree with your decision, I disagree with using their recent
misfortune to support a switch. Server security is an entirely different
field - a secure application doesn't make a secure server, and a secure
server doesn't make a secure application.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security - O'Reilly HTTP Developer's Handbook - Sams
Coming Soon http://httphandbook.org/
--- End Message ---
--- Begin Message ---
Hi,
This one is really nice. I Use it myself on a coulpe of sites.
http://phorum.org/
Greetings
Lindworm
-----Urspr�ngliche Nachricht-----
Von: Tony Di Croce [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 9. Februar 2005 02:16
An: [email protected]
Betreff: [PHP] phpBB alternatives?
Due to the recent vulnerabilities discovered in phpBB and the content of
this page:
http://www.phpbb.com/
I have decided to consider other options for my forum needs... Does anyone
have any reccomendations for a PHP based forum software?
--
Send REAL USPS letters from the Web!
http://www.quickymail.com
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Well I think I've got my handling of cursor movement keys working pretty
good. But I still have a couple of bugs with some of the video attribute
settings. The BLINK attribute works, but even after turning it off, it
leaves the area that you set to blink in an active blink mode. The blinking
thing won't turn for nothing. I actually have to log off and back on to get
it to reset. The BOLD is actually turning everthing in the screen DIM and
then leaving it that way. I've decided I don't need those attributes that
bad. I would like to get the reverse video problem fixed though.
That's an intersting point about glibc. I'll look into it.
Thanks,
Dean
-----Original Message-----
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 08, 2005 12:58 PM
To: Grimes, Dean
Cc: '[email protected]'
Subject: Re: [PHP] ncurses woes...
Grimes, Dean wrote:
> Anybody out there doing any work with ncurses? I've been playing around
> with
> ncurses trying to figure it all out. I have had pretty good luck but I am
> finding a few issues and would like to know if other users are having the
> same problems. One of the problems I'm having is with function keys and
> arrow keys. I can trap on them OK but I haven't been able to keep the
> system
> from displaying their escape sequences on the screen. When this happens it
> corrupts the screen and skews the display.
I've got machines that do that even with vi, because I forced them to
upgrade that one thingie (readline?) you need for the arrow keys to work
for command history in MySQL/PostgreSQL, which means I had for force a
glibc upgrade.
Grrrr.
I think I'm lucky the damn thing works at all, from what I understand (or
don't) of glibc.
Anyway, I forget what it's called, but you might have a mis-match in the
glibc and that readline software versions...
> Also, I'm having some weirdness
> with mvwaddstr, I logged a bug on bugs.php.net #31876. I have test
> programs
> for anyone interested in taking a stab at some of the problems I've
> encountered. I've read all the documentation I could get my hands....that
> took about 10 minutes!
If ncurses is continues to give you trouble, you may want to consider PHP
GTK -- There is possibly a larger community of users working on that.
Or are you the guy needing to duplicate the green-on-black terminal
stuff?...
I was gonna say GTK wouldn't do so hot at that, but, actually, it MIGHT be
not that hard, now that I think about it.
http://gtk.php.net/
PS If anybody knows how I can fix my glibc and readline issue on RedHat
9.x I'd surely welcome some input. I use control-L a lot, but it's not
much fun.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Jennifer Goodie wrote:
> I wouldn't use system calls to move files around. PHP has built in file
> system functions. Why shell out to do something that is built in?
Well, the apache user really shouldn't have access to the entire file system
-- that's the problem.
Thanks,
Niels
--- End Message ---
--- Begin Message ---
Guillermo Rauch wrote:
> This article may help:
> http://www.onlamp.com/pub/a/php/2003/08/28/php_foundations.html
Thanks you, I've read that, it deals with avoiding malicious code in file
uploads. I think I've got that part under control. You're right, such
methods are obvious entry points to a system for a cracker. But still, the
article doesn't really help.
Thanks,
Niels
--- End Message ---
--- Begin Message ---
-------------- Original message ----------------------
From: Niels <[EMAIL PROTECTED]>
> Jennifer Goodie wrote:
>
> > I wouldn't use system calls to move files around. PHP has built in file
> > system functions. Why shell out to do something that is built in?
>
> Well, the apache user really shouldn't have access to the entire file system
> -- that's the problem.
Should web applications have access to areas on the file system that the apache
user doesn't? I personally only allow my web applications access to certain
areas on purpose and set my permissions to accomplish this. If I need to be a
user other than nobody to do something I don't want my web applications doing
it. Of course, I work in an environment where I have root access to dedicated
servers and a sysadmin that listens to what I want, so your experience may be
different. I admittedly do not have a lot of experience getting around the
problems caused by shared hosting.
--- End Message ---
--- Begin Message ---
Jennifer Goodie wrote:
> Should web applications have access to areas on the file system that the
> apache user doesn't? I personally only allow my web applications access
> to certain areas on purpose and set my permissions to accomplish this. If
> I need to be a user other than nobody to do something I don't want my web
> applications doing it. Of course, I work in an environment where I have
> root access to dedicated servers and a sysadmin that listens to what I
> want, so your experience may be different. I admittedly do not have a lot
> of experience getting around the problems caused by shared hosting.
This particular php application manages users and has to update their
passwords, move their files around and more. And it manages hardware also,
with similar problems. And it has to run several scripts and programs that
controls the network. So I need a secure way of doing those things.
And yes, I can get root access or make whatever scheme of permissions and
sudos I want -- or maybe something with Linux security modules, but I don't
really know anything about those. I'm running the program on an intranet on
a dedicated server, but probably with internet access to the application
some time in the future.
So my question is: Is sudo the best solution?
Thanks,
Niels
--- End Message ---
--- Begin Message ---
is there any way to use extract , to extract the keys from an array to
$this vars for within a class ? Let me know.
--- End Message ---
--- Begin Message ---
If i understand you correctly, you want to extract all the keys and
generate class members with them..
// Define class test
class test {
// We pass an array to the constructor
function __construct( $arr ) {
foreach($arr as $key => $val ) {
$this->{$key} = $val;
}
// For this example, i print the structure of the object
print_r($this);
}
}
$tests = array( 'hi' => 'bye', 'hey' => 'ho', 'lets' => 'go');
$test = new test($tests);
I forgot in the previous message to mention that if the member exists,
it will be overriden. In addition, you shouldn't use this, as you
don't have control over the accessing to the vars. Instead, you should
store them in a previously defined array (for example private $_vars;
)
--- End Message ---
--- Begin Message ---
Guillermo Rauch wrote:
If i understand you correctly, you want to extract all the keys and
generate class members with them..
// Define class test
class test {
// We pass an array to the constructor
function __construct( $arr ) {
foreach($arr as $key => $val ) {
$this->{$key} = $val;
}
// For this example, i print the structure of the object
print_r($this);
}
}
$tests = array( 'hi' => 'bye', 'hey' => 'ho', 'lets' => 'go');
$test = new test($tests);
I forgot in the previous message to mention that if the member exists,
it will be overriden. In addition, you shouldn't use this, as you
don't have control over the accessing to the vars. Instead, you should
store them in a previously defined array (for example private $_vars;
)
another way to control access:
class test {
private function __construct() {}
function __get($var, $val)
{
$r = (isset($this->$var))
? isset($this->$var
: null;
return $r;
}
function __set($var, $val)
{
// do some magic here
}
public static function make($arr)
{
$t = new test;
foreach($arr as $key => $val ) {
$t->$key = $val;
}
return $t;
}
}
$t = test::make(array('one' => '1', 'two' => '2'));
--- End Message ---
--- Begin Message ---
> > :-( The downside would be, IMHO, that I would need to pro-actively
> > check everything that is going on concerning PHP, in order
> to prevent
> > any major problems. (one and a halve month ago, some clients on an
> > other installation who hadn't mainted phpBB also caused me the
> > necessary problems). Also, when clients are non-commercial, a good
> > programmer is out of the question (which applies to this
> case too). I
> > wonder how mass hosting companies get arround these issue's?
>
> To add to this -- I suspect some good hosts actively check
> the directories of their clients, and search for known
> security flawed software, such as specific versions of phpBB
> and formmail.pl and so on.
I could write a PERL-script for that :-) For wide-used scripts (such as
PHPBB) automation would be a doable and good sollution, but for custom
scripts, it will be quite a challenge.
> When you find a client running known security flawed
> software, you deal with them, quickly and politely, but with
> clear cut no nonsense
> requirements:
>
> Upgrade it now or lose the account.
That would be the right thing indeed. Though I do find that many times,
people either have severe technical difficulty upgrading (usually installing
was already quite a tough cookie for them, being used to the more point and
click of Windows). Or perhaps just to the fear of it.
It always comes down to a lack of knowledge and understanding from the user.
Educating users in this regard is not easy.
> Non-profits can always find a free programmer or a donor to
> hire the programmer or...
>
> There are even organizations that exist solely to provide
> services like this to non-profits. One small one I know of
> run by guys in Chicago is
> here:
> http://npotechs.org/
>
> I'm sure that there are others.
Thanks! That looks like a very nice addition to my to-do and to-look-at
bookmark list :-)
Kind Regards,
Sander Holthaus
--- End Message ---
--- Begin Message ---
> Sander Holthaus - Orange XL wrote:
> >>Sander Holthaus - Orange XL wrote:
> >>
> ...
> >>
> >>Fix or disable that script.
> >
> >
> > I wish I could, but I'm not a PHP-programmer (can read it
> and can do
> > some basic programming, but I lack in-depth knowledge of PHP).
> >
>
> well disabling it is fairly easy ;-).... rm -f ./xxx.php
chown && chmod would be less invasive :-)
> a script that functions is a one that doesn't crash the box.
> quick'n'dirty or inefficient scripts don't have to cause
> problems per se,
> his script is just plain borked. if you need to ensure the box is
> running then you _can't_ let him run it till its fixed, friend or not.
> besides if it is a friend then presumably you are offering
> space/resources
> for free - under such circumstances your interest in keeping
> the machine up
> precludes his interest in functionality and ASAP programming - and
> would be understanding of your interests (just as you seem to
> be of his ;-). no?
Indeed.
> > :-( The downside would be, IMHO, that I would need to
> pro-actively check
> > everything that is going on concerning PHP, in order to
> prevent any major
> > problems. (one and a halve month ago, some clients on an
> other installation
> > who hadn't mainted phpBB also caused me the necessary
> problems). Also, when
> > clients are non-commercial, a good programmer is out of the
> question (which
> > applies to this case too). I wonder how mass hosting
> companies get arround
> > these issue's?
>
> by not garanteeing full uptime ;-) and having lots of machine
> across which to
> spread the risk etc.
That makes sense :-/ Must be quite frustrating from times to times being a
sysadmin at such a company.
Kind Regards,
Sander Holthaus
--- End Message ---
--- Begin Message ---
[snip]
Hope everybody else is sending this guy read receipts?
--- End Message ---
--- Begin Message ---
Hello,
We have not seen the product that you have listed so we
cannot really compare our product with them.
I believe phpDocumentor is a web-based project so it will never be as
responsive as a client server application. DocGuru is developed in
C/C++ therefore its speed is uncomparable.
We have tested our product with test case projects having 50MB of
sourcecode and it created the documentation under acceptable time.
We encourage you to give it a try and check for yourself how it stands
as compared to phpDoc.
Regards,
Akhil
-----Original Message-----
From: Greg Donald [mailto:[EMAIL PROTECTED]
Sent: Tue, February 08, 2005 11:24 AM
To: [email protected]
Cc: Akhil Dhanuka
Subject: Re: [PHP] Cerauno Technologies announces the release of DocGuru
Professional 1.0
On Tue, 8 Feb 2005 23:22:05 -0800, Akhil Dhanuka <[EMAIL PROTECTED]>
wrote:
>
> Cerauno Technologies proudly announces the release of DocGuru Professional
> 1.0.
Did you happen to have a comparison doc comparing this with the free,
open source PHPDocumentor: http://www.phpdoc.org/ ?
Thanks,
--
Greg Donald
Zend Certified Engineer
http://destiney.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I'm in need of some fully functional stand-alone php FTP scripts, I've
searched the web, have downloaded a couple but they don't work.
While this looks valid and appears to be uploading the file, no file is
ever saved other than a temporary file that vanishes as soon as the
file has completed uploading.
<HTML>
<HEAD>
<TITLE>Upload test </TITLE>
</HEAD>
<BODY>
<HR>
<FORM METHOD="POST" ENCTYPE="multipart/form-data"
action="upload_done.html">
<P>
Select File 1: <INPUT TYPE="file" ID="file" VALUE=""><br>
<P><INPUT TYPE="submit">
</FORM>
</BODY>
</HTML>
_____________________________________________________________________
Seems that everyone has their own implementation of how it should be
done so I'd like to obtain some working examples that I don't have to
spend time figuring out why it doesn't work just for test purposes.
If you have something, please send it to me, a variety of choices for
test purposes would be ideal.
TIA
-- Dale
--- End Message ---
--- Begin Message ---
On Wednesday 09 February 2005 12:58, D.Walsh wrote:
> I'm in need of some fully functional stand-alone php FTP scripts, I've
> searched the web, have downloaded a couple but they don't work.
>
> While this looks valid and appears to be uploading the file, no file is
> ever saved other than a temporary file that vanishes as soon as the
> file has completed uploading.
[HTTP upload code snipped]
It seems that you're confused as to what FTP is and what HTTP is. Perhaps
if you explained what you are trying to do then someone might be able to
point you in the right direction.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
New Year Resolution: Ignore top posted posts
--- End Message ---
--- Begin Message ---
[snip]
I'm in need of some fully functional stand-alone php FTP scripts, I've
searched the web, have downloaded a couple but they don't work.
While this looks valid and appears to be uploading the file, no file is
ever saved other than a temporary file that vanishes as soon as the
file has completed uploading.
[/snip]
Have you RTFM? http://us2.php.net/manual/en/features.file-upload.php
contains an example or two and explains that the temp file disappears
and that you should use
http://us2.php.net/manual/en/function.move-uploaded-file.php
Sorry you don't have time to figure it out.
--- End Message ---
--- Begin Message ---
On Wednesday 09 February 2005 02:31, Richard Lynch wrote:
> Phil Ewington - 43 Plc wrote:
> > For some reason user_prefs will not open
> > for read/write even when I tested it under apache.apache and chmod'd
> > to 755,
> > perhaps because /home is owned by root?
>
> Something went wrong with this test.
>
> You SHOULD have been able to read/write that file in PHP, assuming
> 'apache' is the user PHP runs as. Use http://php.net/phpinfo to
> confirm that it really *IS* 'apache' user that's running apache/php.
It *will* fail if apache has no access to $HOME!
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
New Year Resolution: Ignore top posted posts
--- End Message ---
--- Begin Message ---
On Wednesday 09 February 2005 01:33, Ben Edwards (lists) wrote:
> > Maybe you should post a bit of code to illustrate your problem ;)
>
> I'me just doing:-
>
> return $radio_html;
>
> as the last line of the method.
>
> If I do
>
> echo $radio_html;
>
> The condense of the variable gets outputted.
>
> I could post the method here but its a bit long.
You only need to post concise code that illustrates your problem, a one
liner to return a value is all the that your method needs.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
New Year Resolution: Ignore top posted posts
--- End Message ---
--- Begin Message ---
Richard Lynch wrote:
Jochem Maas wrote:
Dan Trainor wrote:
Hello, all -
Being still fairly new to PHP, I thought I'd ask a few more questions
and get on to the right track here, developing correct coding habits
before I start to teah myself incorrect habits.
....
7. let others review your code if you can (that's not an invite to post
your complete codebase to the list ;-).
Hmmmmm. It *MIGHT* be an interesting forum somewhere/somehow to have a
"Code Review" site/forum/list for the express purpose of people posting
code, and tons of it, for critique...
I think such a place would be cool but If you let everyone upload their
code then everyone would be sitting around waiting for their own code to
be reviewed - I think that the reviews should be by invitation
('hey Richard fancy showing the world your new XXX?'),
1 codebase to be reviewed at a time, with a lead reviewer who acts as moderator.
for those of you from the UK... kind of like Blue Peter meets PHP.
I cannot count the number of times I've seen code like this:
/** foo (void) : function foo
* Does foo and returns the result
**/
function foo(){
/* Insert spaghetti code here */
}
Hello?! What *GOOD* does that "documentation" do?
What always seems to be missing, to me, is the nuts and bolts of how to
write GOOD documentation.
I actually meant that you should add comments into the meat of the code.
yes,
start of each function with a description. BUT ALSO explain every friggin' loop
so to speak... not just what it does, but how it does it and possibly why.
Richard is correct, I think, in saying that adding fancy Doc cruft to make your
code look 'professional'... nothing wrong with fancy documentation/comments -
just
make sure you fill them with something. with the hope of not getting laughed at
here
is a function I use quite often to save myself from constant isset() checks on
request vars.
okay so its 'fancy' documentation, but it really explains what it does - and
yes it takes 5-6 times as much text to explain what it does than it does to
write
t.
/**
* getGP()
*
* this function will return the value of a GET or POST var that corresponds to
the
* variable name pasted, if nothing is found NULL is returned. contents of POST
array
* takes precendence over the contents of the GET array. You can specify a
value as second argument
* which will be returned if the GP var *does not* exist; a third parameter can
be given to
* which will act as the return value if the GP *does* exist - the limitation
is that the parameter cannot be
* used to return a literal NULL; but I suggest that this would probably be a
silly thing to do in practice
*
* @var string $v // the name of GP variable whose value to return
* @var mixed $r // value to return if the GP variable was not set
* @var mixed $t // value to return if the GP variable was set (i.e. override
the value from GP)
*
* @return mixed
*/
function getGP($v = '', $r = null, $t = null)
{
if (!empty($v)) {
if (isset($_GET[$v])) { $r = (!is_null($t)) ? $t: $_GET[$v]; }
if (isset($_POST[$v])) { $r = (!is_null($t)) ? $t: $_POST[$v];}
}
return $r;
}
Anybody got a good reference to something like Documentation Rules such as:
Any jargon or technical term being discussed cannot be used as the
description of the term. IE, no self-referential definitions.
(see example above)
I'd really like to be able to recommend a reference of this nature to
Beginners.
--- End Message ---
--- Begin Message ---
Jochem Maas wrote:
Richard Lynch wrote:
Jochem Maas wrote:
Dan Trainor wrote:
Hello, all -
Being still fairly new to PHP, I thought I'd ask a few more questions
and get on to the right track here, developing correct coding habits
before I start to teah myself incorrect habits.
....
7. let others review your code if you can (that's not an invite to post
your complete codebase to the list ;-).
Hmmmmm. It *MIGHT* be an interesting forum somewhere/somehow to have a
"Code Review" site/forum/list for the express purpose of people posting
code, and tons of it, for critique...
I think such a place would be cool but If you let everyone upload their
code then everyone would be sitting around waiting for their own code to
be reviewed - I think that the reviews should be by invitation
('hey Richard fancy showing the world your new XXX?'),
1 codebase to be reviewed at a time, with a lead reviewer who acts as
moderator.
for those of you from the UK... kind of like Blue Peter meets PHP.
I cannot count the number of times I've seen code like this:
/** foo (void) : function foo
* Does foo and returns the result
**/
function foo(){
/* Insert spaghetti code here */
}
Hello?! What *GOOD* does that "documentation" do?
What always seems to be missing, to me, is the nuts and bolts of how to
write GOOD documentation.
I actually meant that you should add comments into the meat of the code.
yes,
start of each function with a description. BUT ALSO explain every
friggin' loop
so to speak... not just what it does, but how it does it and possibly why.
Richard is correct, I think, in saying that adding fancy Doc cruft to
make your
code look 'professional'... nothing wrong with fancy
documentation/comments - just
make sure you fill them with something. with the hope of not getting
laughed at here
is a function I use quite often to save myself from constant isset()
checks on
request vars.
okay so its 'fancy' documentation, but it really explains what it does -
and
yes it takes 5-6 times as much text to explain what it does than it does
to write
t.
/**
* getGP()
*
* this function will return the value of a GET or POST var that
corresponds to the
* variable name pasted, if nothing is found NULL is returned. contents
of POST array
* takes precendence over the contents of the GET array. You can specify
a value as second argument
* which will be returned if the GP var *does not* exist; a third
parameter can be given to
* which will act as the return value if the GP *does* exist - the
limitation is that the parameter cannot be
* used to return a literal NULL; but I suggest that this would probably
be a silly thing to do in practice
*
* @var string $v // the name of GP variable whose value to return
* @var mixed $r // value to return if the GP variable was not set
* @var mixed $t // value to return if the GP variable was set (i.e.
override the value from GP)
*
* @return mixed
*/
function getGP($v = '', $r = null, $t = null)
{
if (!empty($v)) {
if (isset($_GET[$v])) { $r = (!is_null($t)) ? $t: $_GET[$v]; }
if (isset($_POST[$v])) { $r = (!is_null($t)) ? $t: $_POST[$v];}
}
return $r;
}
Anybody got a good reference to something like Documentation Rules
such as:
Any jargon or technical term being discussed cannot be used as the
description of the term. IE, no self-referential definitions.
(see example above)
I'd really like to be able to recommend a reference of this nature to
Beginners.
I appreciate all the input that I've gotten from all the list members.
I think I've come to the conclusion that leaves me exactly where I was
prior to asking the question. The determination to split inline code
from included files is left strictly up to the programmer him/herself,
and there is no "rule of thumb" to any of this, except in cases where
painfully obvious.
I thank you all for your time. I'll continue to monitor this list for
many months to come.
Thanks
-dan trainor
--- End Message ---
--- Begin Message ---
Hi All,
I just wanted to know if there is an equivalent of Perl's Config::Ini =
Module in PHP
Thanks,
Nikhil.
--- End Message ---
--- Begin Message ---
Hi,
http://uk2.php.net/function.parse-ini-file
On Wed, 9 Feb 2005 14:57:33 +0530, Nikhil M <[EMAIL PROTECTED]> wrote:
> Hi All,
> I just wanted to know if there is an equivalent of Perl's Config::Ini =
> Module in PHP
>
> Thanks,
> Nikhil.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
> Hi All,
> I just wanted to know if there is an equivalent of Perl's
> Config::Ini = Module in PHP
Try parse_ini_file() in the manual...
Mikey
--- End Message ---
--- Begin Message ---
Hi,
I have a set of functions which are potentially dangerous in terms of
memory hogging, and need to protect from memory overflow - this is I
want to detect when the memory overflow occurs.
The manual says that eval() will return false on a fatal error, so I
thought I could do something like the following, where it would produce
a "O" for each itteration, and when it failed (memory overflow) it would
continue and echo the last line. What I get however is this attached to
the end.
Any advice would be gratefully recieved (and perhaps, the documentation
on eval updating if it can not catch all fatal errors)
#! /usr/bin/php
<?php
$y = 0;
$str = "";
$code = '$str .= $str . "."; return true;';
$x = TRUE;
while($x != FALSE){
$x = eval($code);
echo "O";
$y ++;
}
echo "\n $y it's \n\n ". $str;
?>
run:
$ ./intellirun2.php
OOOOOOOOOOOOOOOOOOOOOO
Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate 4194305 bytes) in
/home/jt/work2/sms/web/stats/intellirun2.php(8) : eval()'d code on line 1
--- End Message ---
