php-general Digest 14 May 2006 00:56:35 -0000 Issue 4126
Topics (messages 236107 through 236130):
touch()ing it....advise needed.
236107 by: Ryan A
236112 by: tedd
236115 by: John Hicks
236116 by: Edward Vermillion
236118 by: Ryan A
Re: LDAP Authentication
236108 by: Sameer N Ingole
236109 by: Sameer N Ingole
Uploading large files
236110 by: php . net mines
236114 by: Rory Browne
METHOD=POST not worikng
236111 by: IraqiGeek
236113 by: IraqiGeek
Wierd ass code...
236117 by: Ryan A
236119 by: Satyam
236120 by: Robert Cummings
236121 by: Satyam
236122 by: Ryan A
236128 by: Rory Browne
236129 by: Robert Cummings
Re: Failing FastCGI PHP
236123 by: Frank de Bot
Security Concerns with Uploaded Images:
236124 by: Nick Wilson
236127 by: Rory Browne
MySQL - HEAP table type
236125 by: Martin ZvarĂk
Is it a bug ?
236126 by: Fourat Zouari
236130 by: chris smith
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
php-general@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Hey,
Heres my setup, I have a directory full of files and I
get a request with an array of filenames
For this example:
a.txt
b.txt
c.txt
if the above files dont already exist I need to create
them (I am using touch() instead of fopen())
My question is which would you recommend, doing a
readdir() and getting all the existing filenames in an
array then doing a loop to see which exists and create
the others OR
just taking the new filenames, doing a while/for loop
with a files_exists() on each and then creating the
files....
I am favouring the second approach as in the first
approach there are a lot of files the array could be
pretty big which would cause other problems, but I
would rather be corrected now if my thinking is
flawed.
Your advise appreciated.
Thanks!
Ryan
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
-----
Fight back spam! Download the Blue Frog.
http://www.bluesecurity.com/register/s?user=bXVzaWNndTc%3D
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- End Message ---
--- Begin Message ---
At 5:48 AM -0700 5/13/06, Ryan A wrote:
Hey,
Heres my setup, I have a directory full of files and I
get a request with an array of filenames
For this example:
a.txt
b.txt
c.txt
if the above files dont already exist I need to create
them (I am using touch() instead of fopen())
My question is which would you recommend, doing a
readdir() and getting all the existing filenames in an
array then doing a loop to see which exists and create
the others OR
just taking the new filenames, doing a while/for loop
with a files_exists() on each and then creating the
files....
I am favouring the second approach as in the first
approach there are a lot of files the array could be
pretty big which would cause other problems, but I
would rather be corrected now if my thinking is
flawed.
Your advise appreciated.
Thanks!
Ryan
Ryan:
Try this, it worked for me:
http://www.weberdev.com/get_example-4341.html
Just put the name of the file into the $stringSearch.
hth's
tedd
--
--------------------------------------------------------------------------------
http://sperling.com
--- End Message ---
--- Begin Message ---
Ryan A wrote:
Hey,
Heres my setup, I have a directory full of files and I
get a request with an array of filenames
For this example:
a.txt
b.txt
c.txt
if the above files dont already exist I need to create
them (I am using touch() instead of fopen())
My question is which would you recommend, doing a
readdir() and getting all the existing filenames in an
array then doing a loop to see which exists and create
the others OR
just taking the new filenames, doing a while/for loop
with a files_exists() on each and then creating the
files....
I am favouring the second approach as in the first
approach there are a lot of files the array could be
pretty big which would cause other problems, but I
would rather be corrected now if my thinking is
flawed.
It depends on:
--the number of files in the directory
--the the number of files being added/updated
--the liklihood that a file in the request will be new
Here are a couple of general principles to follow:
--KISS. Start with the simplest solution. Complicate it only to optimize
it and then only if optimization is really necessary.
--A system call is relatively expensive and time-consuming.
If you are literally only touching the files that don't exist (to create
an empty file), consider building a shell script that does the whole
batch in one system call.
--John
--- End Message ---
--- Begin Message ---
On May 13, 2006, at 7:48 AM, Ryan A wrote:
Hey,
Heres my setup, I have a directory full of files and I
get a request with an array of filenames
For this example:
a.txt
b.txt
c.txt
if the above files dont already exist I need to create
them (I am using touch() instead of fopen())
My question is which would you recommend, doing a
readdir() and getting all the existing filenames in an
array then doing a loop to see which exists and create
the others OR
just taking the new filenames, doing a while/for loop
with a files_exists() on each and then creating the
files....
I am favouring the second approach as in the first
approach there are a lot of files the array could be
pretty big which would cause other problems, but I
would rather be corrected now if my thinking is
flawed.
Your advise appreciated.
Umm... How about option 3...
Just touch() the file in a while/foreach loop
<important>
I *think* it will just set the mod/access time if the file exists and
create an empty file if it doesn't. Might want to test to be sure
though just to make sure it doesn't wipe the file, but I don't think
it does.
</important>
This is assuming that the mod/access time isn't used for anything
else so if it's randomly updated it won't matter.
You save a file_exists() call this way too.
Ed
--- End Message ---
--- Begin Message ---
Hey Tedd, John and Ed,
Will look into what you wrote, am testing some stuff
and comparing speeds and performance right now.
Ed, the mod/access is used for other stuff like
"expiring files" so I dont think I will be able to go
with your idea.
I appreciate all your input.Thanks!
-Ryan
--- tedd <[EMAIL PROTECTED]> wrote:
> At 5:48 AM -0700 5/13/06, Ryan A wrote:
> >Hey,
> >Heres my setup, I have a directory full of files
> and I
> >get a request with an array of filenames
> >For this example:
> >a.txt
> >b.txt
> >c.txt
> >
> >if the above files dont already exist I need to
> create
> >them (I am using touch() instead of fopen())
> >
> >My question is which would you recommend, doing a
> >readdir() and getting all the existing filenames in
> an
> >array then doing a loop to see which exists and
> create
> >the others OR
> >
> >just taking the new filenames, doing a while/for
> loop
> >with a files_exists() on each and then creating the
> >files....
> >
> >I am favouring the second approach as in the first
> >approach there are a lot of files the array could
> be
> >pretty big which would cause other problems, but I
> >would rather be corrected now if my thinking is
> >flawed.
> >
> >Your advise appreciated.
> >
> >Thanks!
> >Ryan
>
> Ryan:
>
> Try this, it worked for me:
>
> http://www.weberdev.com/get_example-4341.html
>
> Just put the name of the file into the
> $stringSearch.
>
> hth's
>
> tedd
> --
>
--------------------------------------------------------------------------------
> http://sperling.com
>
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
-----
Fight back spam! Download the Blue Frog.
http://www.bluesecurity.com/register/s?user=bXVzaWNndTc%3D
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- End Message ---
--- Begin Message ---
Thomas Bonham wrote:
Hello,
I'm trying to do a ldap authentication page. I can get there username
and I don't know how to get the password from ldap. It didn't show up
in the the search for the command line. So how do I get the password
of the users?
Hope you are doing this using PHP and your LDAP server allows anonymous
look-ups if you are trying to look at password field.
Try to lookup using same DN on command prompt and see what you get and
if you can see the attribute holding password.
If you can then Identify the attribute, try accessing it using PHP. Rest
is easy.
The is just an idea how you can go about it. Give some more specific
info as to what you have done so far and where you are facing problem.
Regards,
--
Sameer N. Ingole
Blog: http://weblogic.noroot.org/
---
Better to light one candle than to curse the darkness.
--- End Message ---
--- Begin Message ---
Sameer N Ingole wrote:
Thomas Bonham wrote:
Hello,
I'm trying to do a ldap authentication page. I can get there username
and I don't know how to get the password from ldap. It didn't show up
in the the search for the command line. So how do I get the password
of the users?
Hope you are doing this using PHP and your LDAP server allows
anonymous look-ups if you are trying to look at password field.
Try to lookup using same DN on command prompt and see what you get and
if you can see the attribute holding password.
If you can then Identify the attribute, try accessing it using PHP.
Rest is easy.
Sorry for replying my own post.
Was you trying to do a anonymous look-up when you did not see the password?
If you was, then your LDAP configuration may not be permitting anonymous
read access to password (whatever attribute holding password). Probably
you have to bind to LDAP server as some user who has read permission to
password attribute on that DN (or subtree) and then try accessing it
using PHP.
--
Sameer N. Ingole
Blog: http://weblogic.noroot.org/
---
Better to light one candle than to curse the darkness.
--- End Message ---
--- Begin Message ---
Hi all
is there a way to upload large files (e.g. 15mb) without changing the
default settings in php.ini***?
Preferably by using php, but if not is there another web tech (e.g. Java
applets) that will allow me to do this?
Thanks in advance
Mario
--- End Message ---
--- Begin Message ---
possibly by using CGI/php, and changing the relevent vaules, on the command
line.
Why don't you want to change the php.ini values if you legitimately want to
upload these files?
On 5/13/06, php @ net mines <[EMAIL PROTECTED]> wrote:
Hi all
is there a way to upload large files (e.g. 15mb) without changing the
default settings in php.ini***?
Preferably by using php, but if not is there another web tech (e.g. Java
applets) that will allow me to do this?
Thanks in advance
Mario
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi all,
I'm learning PHP on a Debian Etch with Apache 2.0.54 and PHP 4.3.10, and
using Firefox 1.5.3 on a Windows XP box to browse the sample site. I wrote a
small form to get user input. If I use METHOD=GET, then the form works fine,
without any glitches. However, if I use METHOD=POST in the form, I don't get
the data back to the script.
Googling around, I found a reference to mod_bandwidth, but AFAIK, this
module is used to regulate/limit user traffic.
Are there any modules missing that prvent METHOD=POST from working properly?
any config files that need to be edited?
Thanks.
Regards,
IraqiGeek
www.iraqigeek.com
The average woman would rather have beauty than brains, because the average
man can see better than he can think.
--- End Message ---
--- Begin Message ---
On Saturday, May 13, 2006 4:59 PM GMT,
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
AFAIK it should be working just fine. I'm not aware of POST not
working in any circumstance other than PHP not working at all.
Can you post your test script? We could better judge what's happening
based off that. Just make sure you're referencing the variables with
$_POST or $_REQUEST, not $_GET.
Slightly off topic. If you're not already, always make sure to
verify/escape your input from POST/GET/RSS/etc. That will help make
your pages more secure. It might seem like you don't need to do it
right now at the beginning, but it's a good habit to get into... One
that I need to follow better (especially when I have a really short
deadline).
Ray
PHP is indeed working. If I use METHOD=GET instead of POST, the script works
without any issues. Here is the test script I'm using:
<html>
<title>test script</title>
<body>
<?php
//If the user wants to add a joke
if(isset($_GET['addtext'])):
?>//If I use METHOD=GET here, the script works flawlessly
<form action="<?php echo($_SERVER['php_self']);?>" METHOD=POST>
<p>Type your text here:<br>
<textarea name="text" rows=10 cols=40 wrap></textarea></br>
<input type=submit name="submit" value="SUBMIT">
</form>
<?php
else:
//connect to the database server
[EMAIL PROTECTED]("localhost","username","password");
if(!$dbcnx){
echo("<p>Unable to connect to the database server at this
time.</p>");
exit();
}
//select test database
if([EMAIL PROTECTED]("test")){
echo("<p>Unable to locate test database at this
time.</p>");
exit();
}
//if a sample text has been submitted, add it to the database.
if("SUBMIT"==$_REQUEST['submit']){ //I have tried _GET, _POST, and
_REQUEST
$text=$_REQUEST['text']; //Same thing here, _GET,
_POST, and _REQUEST
$sql="insert into test_table set ".
"Text='$text', ".
"Date=CURDATE();";
if(mysql_query($sql)){
echo("<p>Your text has been added.</P>");
}
else {
echo("<p>Error Adding submitted text: ".
mysql_error()."</p>");
}
}
echo("<p>Here are all the texts in our database: </p>");
//Request the text of all the texts
$result=mysql_query("select Text from test_table");
if(!$result){
echo("<p>Error performing query:
".mysql_error()."</p>");
exit();
}
//display the texts in a paragraph
while($row=mysql_fetch_array($result)){
echo("<p>".$row["Text"]."</p>");
}
//when clicked, this link will load this page with the text
//submission form displayed.
$self=$_SERVER['PHP_SELF'];
echo("<p><a href='$self?addtext=1'>".
"Add a text</a></p>");
endif;
?>
</body>
</html>Thanks.
Regards,
IraqiGeek
www.iraqigeek.com
My computer isn't that nervous... it's just a bit ANSI.
-------- Original Message --------
Subject: [PHP] METHOD=POST not worikng
From: "IraqiGeek" <[EMAIL PROTECTED]>
Date: Sat, May 13, 2006 7:16 am
To: "PHP-General" <php-general@lists.php.net>
Hi all,
I'm learning PHP on a Debian Etch with Apache 2.0.54 and PHP
4.3.10, and using Firefox 1.5.3 on a Windows XP box to browse the
sample site. I wrote a small form to get user input. If I use
METHOD=GET, then the form works fine, without any glitches. However,
if I use METHOD=POST in the form, I don't get the data back to the
script.
Googling around, I found a reference to mod_bandwidth, but AFAIK,
this module is used to regulate/limit user traffic.
Are there any modules missing that prvent METHOD=POST from working
properly? any config files that need to be edited?
Thanks.
Regards,
IraqiGeek
www.iraqigeek.com
The average woman would rather have beauty than brains, because the
average man can see better than he can think.
--- End Message ---
--- Begin Message ---
Hey,
Been reading some other code that I got from the net,
and have come across some wierd looking code, would
appreciate it if someone could explain it to me:
$hits = array();
$bytes = array();
$blocked = array();
$baps = array();
$bapm = array();
So far so good.... then further down:
// Add to the running totals
@$hits["$username|$subnet"]++;
@$bytes["$username|$subnet"]+=$byte;
@$baps["$username|$subnet|$this_second"]++;
@$bapm["$username|$subnet|$this_minute"]++;
What kind of arrays are the above? I have never seen
nor worked with arrays like them before.
If you can point me to a particular place in the
manual or a few URLs too would be appreciated.
Thanks,
Ryan
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
-----
Fight back spam! Download the Blue Frog.
http://www.bluesecurity.com/register/s?user=bXVzaWNndTc%3D
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- End Message ---
--- Begin Message ---
----- Original Message -----
From: "Ryan A" <[EMAIL PROTECTED]>
To: "php php" <php-general@lists.php.net>
Sent: Saturday, May 13, 2006 9:20 PM
Subject: [PHP] Wierd ass code...
Hey,
Been reading some other code that I got from the net,
and have come across some wierd looking code, would
appreciate it if someone could explain it to me:
$hits = array();
$bytes = array();
$blocked = array();
$baps = array();
$bapm = array();
So far so good.... then further down:
// Add to the running totals
@$hits["$username|$subnet"]++;
@$bytes["$username|$subnet"]+=$byte;
@$baps["$username|$subnet|$this_second"]++;
@$bapm["$username|$subnet|$this_minute"]++;
What kind of arrays are the above? I have never seen
nor worked with arrays like them before.
If you can point me to a particular place in the
manual or a few URLs too would be appreciated.
Thanks,
Ryan
I don't think there is nothing special with the arrays, he is just coding
some information into strings, with the vertical bar as separator, and using
this as the keys to several arrays where he is collecting some statistical
information, such as (it would seem to me)
- number of hits by user and subnet
- number of bytes by user and subnet
- number of hits per user and subnet per second
- number of hits per user and subnet per minute
I would assume that the variables $this_second and $this_minute are absolute
numbers counted from a particular time, not seconds from 0 to 60 within the
minute. Likewise for the minutes.
I assume that the @ in front is to avoid the error of trying to increment a
value that is not yet set.
I guess that this same thing could have been achieved with multidimensional
arrays but either concatenating the variables into a single string is faster
or some other reason that makes sense for the application, such as being
able to sort by keys in just one operation.
Satyam
--- End Message ---
--- Begin Message ---
On Sat, 2006-05-13 at 15:20, Ryan A wrote:
> Hey,
> Been reading some other code that I got from the net,
> and have come across some wierd looking code, would
> appreciate it if someone could explain it to me:
>
> $hits = array();
> $bytes = array();
> $blocked = array();
> $baps = array();
> $bapm = array();
>
> So far so good.... then further down:
>
> // Add to the running totals
> @$hits["$username|$subnet"]++;
> @$bytes["$username|$subnet"]+=$byte;
> @$baps["$username|$subnet|$this_second"]++;
> @$bapm["$username|$subnet|$this_minute"]++;
>
> What kind of arrays are the above? I have never seen
> nor worked with arrays like them before.
>
> If you can point me to a particular place in the
> manual or a few URLs too would be appreciated.
It's just a normal array.. but the author is creating keys on the fly
for which the values area being incremented. And because there's no
error checking for the key not existing previously, he has used the
dirty error suppression operator. BAD BAD BAD CODER! Remember, if an
error occurs and you have a custom error handler, your custom error
handler still gets invoked. OWWIE!
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
----- Original Message -----
From: "Satyam" <[EMAIL PROTECTED]>
To: "Ryan A" <[EMAIL PROTECTED]>; "php php" <php-general@lists.php.net>
Sent: Saturday, May 13, 2006 9:53 PM
Subject: Re: [PHP] Wierd ass code...
----- Original Message -----
From: "Ryan A" <[EMAIL PROTECTED]>
To: "php php" <php-general@lists.php.net>
Sent: Saturday, May 13, 2006 9:20 PM
Subject: [PHP] Wierd ass code...
Hey,
Been reading some other code that I got from the net,
and have come across some wierd looking code, would
appreciate it if someone could explain it to me:
$hits = array();
$bytes = array();
$blocked = array();
$baps = array();
$bapm = array();
So far so good.... then further down:
// Add to the running totals
@$hits["$username|$subnet"]++;
@$bytes["$username|$subnet"]+=$byte;
@$baps["$username|$subnet|$this_second"]++;
@$bapm["$username|$subnet|$this_minute"]++;
What kind of arrays are the above? I have never seen
nor worked with arrays like them before.
If you can point me to a particular place in the
manual or a few URLs too would be appreciated.
Thanks,
Ryan
I don't think there is nothing special with the arrays, he is just coding
some information into strings, with the vertical bar as separator, and
using this as the keys to several arrays where he is collecting some
statistical information, such as (it would seem to me)
- number of hits by user and subnet
- number of bytes by user and subnet
- number of hits per user and subnet per second
- number of hits per user and subnet per minute
I would assume that the variables $this_second and $this_minute are
absolute numbers counted from a particular time, not seconds from 0 to 60
within the minute. Likewise for the minutes.
I assume that the @ in front is to avoid the error of trying to increment
a value that is not yet set.
I guess that this same thing could have been achieved with
multidimensional arrays but either concatenating the variables into a
single string is faster or some other reason that makes sense for the
application, such as being able to sort by keys in just one operation.
Satyam
Of course, another possibility is that the author does not know how to
handle multidimensional arrays (just to say it before anyone else points an
obvious alternative)
Satyam
--- End Message ---
--- Begin Message ---
Thanks Rob, Satyam,
I understood the error supression but never came
across arrays where people were creating keys on the
fly like this and incrementing them....just looked a
bit weird to me.
Cheers!
Ryan
--- Robert Cummings <[EMAIL PROTECTED]> wrote:
> On Sat, 2006-05-13 at 15:20, Ryan A wrote:
> > Hey,
> > Been reading some other code that I got from the
> net,
> > and have come across some wierd looking code,
> would
> > appreciate it if someone could explain it to me:
> >
> > $hits = array();
> > $bytes = array();
> > $blocked = array();
> > $baps = array();
> > $bapm = array();
> >
> > So far so good.... then further down:
> >
> > // Add to the running totals
> > @$hits["$username|$subnet"]++;
> > @$bytes["$username|$subnet"]+=$byte;
> > @$baps["$username|$subnet|$this_second"]++;
> > @$bapm["$username|$subnet|$this_minute"]++;
> >
> > What kind of arrays are the above? I have never
> seen
> > nor worked with arrays like them before.
> >
> > If you can point me to a particular place in the
> > manual or a few URLs too would be appreciated.
>
> It's just a normal array.. but the author is
> creating keys on the fly
> for which the values area being incremented. And
> because there's no
> error checking for the key not existing previously,
> he has used the
> dirty error suppression operator. BAD BAD BAD CODER!
> Remember, if an
> error occurs and you have a custom error handler,
> your custom error
> handler still gets invoked. OWWIE!
>
> Cheers,
> Rob.
> --
>
.------------------------------------------------------------.
> | InterJinn Application Framework -
> http://www.interjinn.com |
>
:------------------------------------------------------------:
> | An application and templating framework for PHP.
> Boasting |
> | a powerful, scalable system for accessing system
> services |
> | such as forms, properties, sessions, and caches.
> InterJinn |
> | also provides an extremely flexible architecture
> for |
> | creating re-usable components quickly and easily.
> |
>
`------------------------------------------------------------'
>
>
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
-----
Fight back spam! Download the Blue Frog.
http://www.bluesecurity.com/register/s?user=bXVzaWNndTc%3D
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- End Message ---
--- Begin Message ---
>
> // Add to the running totals
> @$hits["$username|$subnet"]++;
> @$bytes["$username|$subnet"]+=$byte;
> @$baps["$username|$subnet|$this_second"]++;
> @$bapm["$username|$subnet|$this_minute"]++;
>
> What kind of arrays are the above? I have never seen
> nor worked with arrays like them before.
>
> If you can point me to a particular place in the
> manual or a few URLs too would be appreciated.
It looks like the code was written by an awk programmer, or a programmer of
some language that doesn't natively support multidimensional assoc arrays.
It's just a normal array.. but the author is creating keys on the fly
for which the values area being incremented. And because there's no
error checking for the key not existing previously, he has used the
dirty error suppression operator. BAD BAD BAD CODER! Remember, if an
error occurs and you have a custom error handler, your custom error
handler still gets invoked. OWWIE!
I would submit that the error suppression operator isn't BAD BAD BAD per se
- it's just like goto, in that 99% of its use is bad. In the absence of a
comment justifying it, the error-suppressed expression is BAD.
There are some cases where the Error Suppression operator may be useful in
good code. I wouldn't use it to suppress anything more serious than
E_NOTICE. I don't think I ever used this operator, but if I did, i'd explain
why there is no possible case where the code could emit an E_WARNING or
higher.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On Sat, 2006-05-13 at 19:37, Rory Browne wrote:
>
> I would submit that the error suppression operator isn't BAD BAD BAD
> per se - it's just like goto, in that 99% of its use is bad. In the
> absence of a comment justifying it, the error-suppressed expression is
> BAD.
>
> There are some cases where the Error Suppression operator may be
> useful in good code. I wouldn't use it to suppress anything more
> serious than E_NOTICE. I don't think I ever used this operator, but if
> I did, i'd explain why there is no possible case where the code could
> emit an E_WARNING or higher.
Yep I agree with that... the particular usage in the example though was
just laziness :)
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--- End Message ---
--- Begin Message ---
I'll start by compiling php with --enable-debug
At the moment I get backtrace results like this:
#0 0x48c7d95b in memcpy () from /usr/lib/libc_r.so.4
#1 0x8977280 in ?? ()
#2 0x10 in ?? ()
#3 0x894e500 in ?? ()
#4 0x894dc00 in ?? ()
#5 0x8962000 in ?? ()
#6 0x8960200 in ?? ()
#7 0x894e4e0 in ?? ()
#8 0x894e4c0 in ?? ()
etc etc etc...
Thus useless :P
At the moment it has been running remarkably stable for a few days. So
now and then a failure. Probably because of a request being given to a
php-fastcgi process handling a slow upload of a file... :-/
Frank de Bot
chris smith wrote:
On 5/11/06, Frank de Bot <[EMAIL PROTECTED]> wrote:
Hi,
I have made a apache setup with PHP running as FastCGI (apache 2.0.58,
mod_fastcgi 2.4.2, php 5.1.4)
PHP is called directly as FastCGI without a wrapper script.
On a given moment the PHP FastCGI application reaches
dynamicMaxClassProcs. After that happens the PHP FastCGI application
totally crashes and can only be recovered by restarting apache.
PHP Crashes with:
"terminated due to uncaught signal '10' ((null)), a core file may have
been generated. "
Are you able to get a core dump and what does it show? Here's some
doco on how to get a backtrace:
http://bugs.php.net/bugs-generating-backtrace.php
That will give us some clues on whether it's php or fastcgi..
--- End Message ---
--- Begin Message ---
Hi all,
are there any security concerns with uploaded images?
My thought is that it wouldnt be too hard to have some kind of script
masquerade as a gif file, and perhaps cause damage.
I cant find anyway to check a file really is a gif/png/jpg (i assume the
mimetype available in $_FILES could be spoofed).
I'd welcome any thoughts in general on this, but specifically if anyone
has experience/knowledge in this area and can point me in the right
direction.
Many thanks!
--
Nick Wilson
Tel: +45 3311 2250
--- End Message ---
--- Begin Message ---
getimagesize() -
I wouldn't worry about people trying to upload scripts - assuming you limit
file-extensions to .gif, .bmp, .jpg, etc. .jpgs generally don't get executed
- unless you have a screwed up webserver install.
The best they will be able to do is have others download the script / code.
What I would worry about is people using your image store to share
information other than what the subject of the image looks like - like
encoding mp3's using stenography - or something like that.
Perhaps either an apache directive to not-execute, or store everything below
the webroot, and readfile() them out.
On 5/14/06, Nick Wilson <[EMAIL PROTECTED]> wrote:
Hi all,
are there any security concerns with uploaded images?
My thought is that it wouldnt be too hard to have some kind of script
masquerade as a gif file, and perhaps cause damage.
I cant find anyway to check a file really is a gif/png/jpg (i assume the
mimetype available in $_FILES could be spoofed).
I'd welcome any thoughts in general on this, but specifically if anyone
has experience/knowledge in this area and can point me in the right
direction.
Many thanks!
--
Nick Wilson
Tel: +45 3311 2250
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi,
I am sorry for this not being really a PHP question, anyway I use
MySQL database, I have a table, which is HEAP (memory) type and I found
out I can store only about 22000 entries in it, then when I want to
insert new entry it gives me an error that the table is full.
The question is: How can I increase this limit?
Thanks,
Martin Zvarik
--- End Message ---
--- Begin Message ---
Code 1 :
-------------------------
var_dump(stream_get_contents($rr));
-------------------------
Output 1
-------------------------
string(185) "HTTP/1.1 202 Accepted
Server: Apache2
Content-Length: 24
Connection: close
Content-type: text/html
Pragma: no-cache
Cache-Control: no-cache
0: Accepted for delivery"
-------------------------
Code 2 :
-------------------------
$x = stream_get_contents($rr);
var_dump($x);
-------------------------
Output 2
-------------------------
string(0) ""
-------------------------
Am i wrong ?
--- End Message ---
--- Begin Message ---
On 5/14/06, Fourat Zouari <[EMAIL PROTECTED]> wrote:
Code 1 :
-------------------------
var_dump(stream_get_contents($rr));
-------------------------
Output 1
-------------------------
string(185) "HTTP/1.1 202 Accepted
Server: Apache2
Content-Length: 24
Connection: close
Content-type: text/html
Pragma: no-cache
Cache-Control: no-cache
0: Accepted for delivery"
-------------------------
Code 2 :
-------------------------
$x = stream_get_contents($rr);
var_dump($x);
-------------------------
Output 2
-------------------------
string(0) ""
-------------------------
Am i wrong ?
Without seeing all of the code, we can't tell anything from that.
Post it in http://pastebin.com and send us a url.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
