php-general Digest 20 Nov 2005 13:27:42 -0000 Issue 3805
Topics (messages 226139 through 226149):
Re: echo
226139 by: Oliver Grätz
Re: Server Client Architecture, best parctice
226140 by: Philip Hallstrom
Re: how can I CALL a PHP script from different TEXT LINKS with
differentPARAMETERS?
226141 by: Jasper Bryant-Greene
226142 by: Mirco Blitz
226143 by: Mirco Blitz
226145 by: xkorakidis
Re: POST headers empty when using SSLProxyEngine
226144 by: Mirco Blitz
226147 by: Florian Effenberger
showing in pages selecting result?
226146 by: xkorakidis
Re: Problem with the fwrite function (not as simple as it sounds though)
226148 by: £ukasz Hejnak
226149 by: Brian V Bonini
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Alex Alfonso schrieb:
> echo "<I need a space here>";
echo "space";
*g*
--- End Message ---
--- Begin Message ---
Reading this, a question arose me: is it possible to read a shared memory
area with php, supposing than both programs are in the same machine? does php
support ipc? that would be greatly useful.
yes.
http://us3.php.net/manual/en/ref.sem.php
Mariano.
James Benson wrote:
Each has its own benefits, if on a shared server then a database would be
the most secure I think, if its a dedicated server then tmpfs or just plain
old files will probably be the best, it also depends on various other
factors like, server hardware and bandwith, only you can select the best
option for your particular setup.
James
Yaswanth Narvaneni wrote:
Hi!
I would like to know what does the community think of the best
architecture for server client communication and why? That is, if
there is a server in C++ (say a game server) and the PHP has to 'read'
data 'from' the server then what is the best form of communication?
a) Shared Memory : Server opens the shared memory in write and the PHP
scripts open it in read and gets the data
b) TMPFS (just like shared memory): Server opens a file in tmpfs in
write and PHP in read
c) Databases: Server Updates a table in the DB and client reads from the
table
d) Files: Same as TMPFS
Regards,
Yaswanth
--
"In theory there is no difference between theory and practice.
In practice there is." -- Fortune Cookie
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.3/173 - Release Date: 16/11/2005
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
xkorakidis wrote:
Webmaster, thanks very much but I think it would be safer to do that by
post, not by get. Furthermore, if I use indivudual files
It is a fallacy to ever tell someone that POST is safer than GET. They
both transmit data in plaintext and it should not be assumed that either
is inherently safer than the other, as this simply gives others a false
sense of security.
The difference between POST and GET lies in the semantics -- POST
represents something changing on the server, e.g. updating a database
field, and allows the browser to warn the user if they try to refresh.
GET represents nothing of importance changing on the server, e.g.
performing a search on the database, and can safely be repeated.
SSL/TLS is the best option if you wish to transmit sensitive data.
--
Jasper Bryant-Greene
General Manager
Album Limited
+64 21 708 334
[EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---
HI,
I totaly agree to Jaspers answer.
Thats why I use ONE jumpto script and GET.
I usually encrypt the given Values I give over to the script and decrypt
them on recive. That way nearly nobody can assume wich values are really
given to the script.
If you want to make it rocket safe, generate a random string that you place
in a session variable for crypting and decrypting. By that way the value is
different on every startup and you can be ure that you have made it when
decrypting. If someone try's to use xsripting and try's to fool your script,
latest the case structure yould not work, cause no plausible data is
recived.
But who would like to xscript on a jump page, it can't harm really.
Greetings
Mirco
-----Ursprüngliche Nachricht-----
Von: Jasper Bryant-Greene [mailto:[EMAIL PROTECTED]
Gesendet: Sonntag, 20. November 2005 04:12
An: xkorakidis
Cc: [email protected]
Betreff: Re: AW: [PHP] how can I CALL a PHP script from different TEXT
LINKSwith differentPARAMETERS?
xkorakidis wrote:
> Webmaster, thanks very much but I think it would be safer to do that by
> post, not by get. Furthermore, if I use indivudual files
It is a fallacy to ever tell someone that POST is safer than GET. They
both transmit data in plaintext and it should not be assumed that either
is inherently safer than the other, as this simply gives others a false
sense of security.
The difference between POST and GET lies in the semantics -- POST
represents something changing on the server, e.g. updating a database
field, and allows the browser to warn the user if they try to refresh.
GET represents nothing of importance changing on the server, e.g.
performing a search on the database, and can safely be repeated.
SSL/TLS is the best option if you wish to transmit sensitive data.
--
Jasper Bryant-Greene
General Manager
Album Limited
+64 21 708 334
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
HI,
If I may say something to all you have posted.
You are thinking to complex. Try to use as less files and solve most by
making yourself functions or classes that do your work.
I My experience, getting a step back in complexity and develp really thought
over functions will easy work work further and further.
Probably my last post will give you some Idea what I mean.
Greetings
Mirco (aka Webmaster)
-----Ursprüngliche Nachricht-----
Von: xkorakidis [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 19. November 2005 20:28
An: [email protected]
Betreff: Re: [PHP] how can I CALL a PHP script from different TEXT LINKS
withdifferentPARAMETERS?
Ahmed thanks for your comments,
the situation is that before calling "searchMember.php" or
"searchProduct.php" or other, I need to give to user an interface where
a message like "insert the Product/Member/Order Id", then when he
inserts and presses "find" the appropriate "searchSomething.php" page is
called, depending on what whe had selected to search for.
Of course I can make 3 individual pages ("SearchProductIsertId.php",
"SearchMemberInsertId.php", "SearchOrderInsertId.php"), where each page
will call another page (e.g "SearchOrderInsertId.php" ->
"SearchOrder.php"). This seems easier but if a change is needed in
"SearchSomethingInsertId.php", I'll have to change all the 3 previous
pages. Thus I thougt it would be better to make only one page for all
searches.
What is the common choice of experienced php devs in case of creating an
administrative interface for various tables (e.g. products, members,
orders etc)?
Thanks,
Christos Korakidis
ahmed wrote:
> On 11/19/05, Webmaster <[EMAIL PROTECTED]> wrote:
>>You can send data to the next php file by HTTP-GET.
>>Simply add a ? behind the link and then <variablename>=<value>.
>>Example ./jumpto.php?to=searchProduct
>
> Well i think it was about the code inside the search/add/edit pages
> not how to reach them.
> If i understood correctly, you're trying to reduce the amount of code
> to write by applying a pice of common code on your objects
> (product/member/order) while adding specific functionality using a
> switche specifed as a paramter (?object=Product/Member/Order)... It
> just all depends on "how common" are these operations that needed to
> be applied in each case.. so you knows that better
>
> -ahmed
>
>
> --
> <b>ahmed</b>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Thanks so much Mirco, but I would appritiate that very much if I had
some examples. I'm not so keen in php, so some things seem to be complex
for me. I downloaded OSCommerce but the script pages aren't so simple
for beginning...
So if you have something (code/url of examples) about this type of
encryption-decryption and that type of programming you describe in next
msg (classes, functions etc) plz send me. The only way I work until now
is to call a php script page wich does an individual work. Guess that is
the "jumpto" script?
Thanks!
Mirco Blitz wrote:
> HI,
>
> I totaly agree to Jaspers answer.
>
> That’s why I use ONE jumpto script and GET.
>
> I usually encrypt the given Values I give over to the script and decrypt
> them on recive. That way nearly nobody can assume wich values are really
> given to the script.
>
> If you want to make it rocket safe, generate a random string that you place
> in a session variable for crypting and decrypting. By that way the value is
> different on every startup and you can be ure that you have made it when
> decrypting. If someone try's to use xsripting and try's to fool your script,
> latest the case structure yould not work, cause no plausible data is
> recived.
>
> But who would like to xscript on a jump page, it can't harm really.
>
> Greetings
> Mirco
>
> -----Ursprüngliche Nachricht-----
> Von: Jasper Bryant-Greene [mailto:[EMAIL PROTECTED]
> Gesendet: Sonntag, 20. November 2005 04:12
> An: xkorakidis
> Cc: [email protected]
> Betreff: Re: AW: [PHP] how can I CALL a PHP script from different TEXT
> LINKSwith differentPARAMETERS?
>
> xkorakidis wrote:
>>Webmaster, thanks very much but I think it would be safer to do that by
>>post, not by get. Furthermore, if I use indivudual files
>
> It is a fallacy to ever tell someone that POST is safer than GET. They
> both transmit data in plaintext and it should not be assumed that either
> is inherently safer than the other, as this simply gives others a false
> sense of security.
>
> The difference between POST and GET lies in the semantics -- POST
> represents something changing on the server, e.g. updating a database
> field, and allows the browser to warn the user if they try to refresh.
> GET represents nothing of importance changing on the server, e.g.
> performing a search on the database, and can safely be repeated.
>
> SSL/TLS is the best option if you wish to transmit sensitive data.
>
--- End Message ---
--- Begin Message ---
Hi,
I had a simmalar problem myself and didn't find a solutions.
As far as I fond out the ssl_proxy module simply does not route POST. It
just routes the link, wich means GET should work.
My solutions would be that I bypass the proxy for file transfer.
I you find another solutions I would be glad to know how.
Greetings
Mirco
-----Ursprüngliche Nachricht-----
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 19. November 2005 14:14
An: [email protected]
Betreff: [PHP] POST headers empty when using SSLProxyEngine
Hello,
inside a SSL host, I use the SSLProxyEngine to connect encrypted to another
server:
SSLProxyEngine on
ProxyPass /server2 https://server.intranet/mysite
ProxyPassReverse /server2 https://server.intranet/mysite
There lies a PHP script for file uploads. When I connect to
https://server.intranet/mysite directly, file uploads do work just fine.
However, when I connect through https://mysite.com/server2, the POST headers
submitted by the file upload form are completely empty.
Using mod_rewrite instead of mod_proxy doesn't help either. I run Apache
2.0.55 on both servers.
When using a non-SSL proxy (i.e. connecting to server.intranet with HTTP in
stead of HTTPS), it works fine.
Is this a well-known bug or is it my mistake?
Thanks
Florian
Machen Sie aus 14 Cent spielend bis zu 100 Euro!
Die neue Gaming-Area von Arcor - über 50 Onlinespiele im Angebot.
http://www.arcor.de/rd/emf-gaming-1
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi Mirco,
> I had a simmalar problem myself and didn't find a solutions.
> As far as I fond out the ssl_proxy module simply does not route POST. It
> just routes the link, wich means GET should work.
thanks for your reply! That sounds logical, indeed. I have posted my
help request to the Apache users mailing list as well, maybe someone
there comes up with a solution or even a patch.
> My solutions would be that I bypass the proxy for file transfer.
How could I achieve that without losing my session variables?
> I you find another solutions I would be glad to know how.
Of course, I'll do! :)
Thanks
Florian
--- End Message ---
--- Begin Message ---
Hi,
How can I present into pages the result of sql select? (e.g. pages of 10
records)
--- End Message ---
--- Begin Message ---
Hello again, here's some more extra info on my case that came out while
Suhas Pharkute was helping me find a resolution:
So the safe-mode is off, that's for sure, I turned it off at compile stage.
I delete the file after each run of the script, the folder where the
script is located has 777 permissions and the ownership is given to uid
1027 gid 1020, whereas these are the uid/gid set for apache to run with
(and it does!).
The script:
$data="some data";
$file="file.txt";
$handle = fopen($file,"w");
fwrite($handle,$data);
fflush($handle);
fclose($handle);
if (is_writable($file))
echo "Is writable<br>";
else
echo "Isn't writable<br>";
works when I run it as root, from the shell (php script.php),
but when it's run from the server, it doesn't.
I mean, the output _IS_ in _BOTH_ cases "Is writable"
but that doesn't change a thing, cause when executed from the apache, it
just creates an empty file without content.
The other thing I was supposed to check was stat($file); with
clearstatcache(); called beforehand. The output of this is:
device number: 777
inode number: 1142470
inode protection mode: 33188
number of links: 1
_userid_of_owner:_1027_
groupid of owner: 1020
device type, if inode device *: 0
_size_in_bytes:_0_
time of last access (Unix timestamp): 1132482491
time of last modification (Unix timestamp): 1132482505
time of last inode change (Unix timestamp): 1132482505
blocksize of filesystem IO *: 4096
_number_of_blocks_allocated:_0_
and of course when executed as root:
device number: 777
inode number: 1142470
inode protection mode: 33188
number of links: 1
_userid_of_owner:_0_
groupid of owner: 1020
device type, if inode device *: 0
_size_in_bytes:_9_
time of last access (Unix timestamp): 1132482980
time of last modification (Unix timestamp): 1132482980
time of last inode change (Unix timestamp): 1132482980
blocksize of filesystem IO *: 4096
_number_of_blocks_allocated:_8_
Can anybody help me?
--
Best wishes
Łukasz Hejnak
--- End Message ---
--- Begin Message ---
On Sun, 2005-11-20 at 05:44, Łukasz Hejnak wrote:
> Hello again, here's some more extra info on my case that came out while
> Suhas Pharkute was helping me find a resolution:
> So the safe-mode is off, that's for sure, I turned it off at compile stage.
>
> I delete the file after each run of the script, the folder where the
> script is located has 777 permissions and the ownership is given to uid
> 1027 gid 1020, whereas these are the uid/gid set for apache to run with
> (and it does!).
> The script:
>
> $data="some data";
> $file="file.txt";
> $handle = fopen($file,"w");
> fwrite($handle,$data);
> fflush($handle);
> fclose($handle);
> if (is_writable($file))
> echo "Is writable<br>";
> else
> echo "Isn't writable<br>";
>
> works when I run it as root, from the shell (php script.php),
> but when it's run from the server, it doesn't.
I missed the beginning of this thread...
You are saying:
>From the CLI you can write to a file all day long, no prob.
>From the web, if the file does not exist it is created, however, no
content is appended to it. Furthermore, IF there is content in the file
it can be appended to via web, but if it's an empty file it will not get
written too. Am I following correctly?
-Brian
--
s/:-[(/]/:-)/g
Brian GnuPG -> KeyID: 0x04A4F0DC | Key Server: pgp.mit.edu
======================================================================
gpg --keyserver pgp.mit.edu --recv-keys 04A4F0DC
Key Info: http://gfx-design.com/keys
Linux Registered User #339825 at http://counter.li.org
--- End Message ---
