php-general Digest 19 Feb 2009 21:56:25 -0000 Issue 5968
Topics (messages 288595 through 288614):
Re: Accessors
288595 by: German Geek
288604 by: Jochem Maas
288607 by: Philip Thompson
288608 by: Shawn McKenzie
Re: Which file "Included" me?
288596 by: Michael A. Peters
Re: PHP AS an FTP server
288597 by: paragasu
Re: php cli memory leak error
288598 by: Jochem Maas
288599 by: Lewis Wright
Re: Unique User Hashes
288600 by: tedd
288601 by: Martin Zvarík
288602 by: tedd
288603 by: Martin Zvarík
288605 by: tedd
288606 by: Martin Zvarík
288614 by: Chris
Re: Secure File Paths, File System - (simplified question)
288609 by: Daniel Kolbo
288613 by: Shawn McKenzie
Two troublesome fields
288610 by: Terion Miller
288612 by: Bastien Koert
Re: How should I ....--its a date/timestamp issue (RESOLVED)
288611 by: Terion Miller
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
It's not a bad idea but usually having accessor and mutator methods are used
to validate the data first before writing it to the properties. If you don't
have validation, you might as well set them directly and make them public
and don't really need a generic setter/getter method.
Although, this way, if you decide later on to add a specific getter/setter
for validation you wont need to change the code that accesses the
properties. So, this is a valid approach to save some time.
i believe php should have something like that built in...
In fact actionscript (flash) has quite a clever way of doing this:
With
public class A {
public function A(){}
protected var _b:String = "";
set function b(val:String):void {
if (val.match(/([0-9])*/)) {
_b = val;
}
}
get function b():int {
return int(_b);
}
// ...
}
you can write accessors and mutators which are pretty smart.
With
var instance:A = new A();
instance.b = "1234";
you will call the set method and let it validate a string to be a number
only string, so _b can only be set to a string with only numbers.
I found that very neat in actionscript because instead of writing
instance.setB("1234");
you simply write
instance.b = "1234";
and yet you get the benefit of validation. Then it is safe in the getter
method to return an integer (assuming the validation is right).
Java (and a lot of other languages) seems a bit clumsy in that way to be
honest although i like the language as such. A lot of frameworks and class
diagram code generators generate the getter and setter methods for you, but
if you look at the actionscript way, you see it's not really necessary. It
just adds overhead.
But actionscript just makes it short and you can safely make your members
public until you provide a set method and then you wont have to change any
of the code where you are setting (or getting) it, because it stays the
same!
Actionscript 3 has some very nice features like you can loosely type like in
PHP but you can also give strict types like in Java, making it more flexible
while still restrictive if necessary for stability.
Maybe the PHP developers should think about giving optional return types
with :String for example and get and set methods as in actionscript. ... I
know PHP is not actionscript. But a famous German man who was criticised for
changing his mind said: "Why should i keep to my old statement if my
knowlege about the matter has improved?" (or similar..., sorry don't
remember who).
Optional return types wouldn't hurt performance wise would they? And also
they wouldn't even change the current syntax! In fact, isn't everything
strictly typed under the hood anyway?
As far as i know, in php you can already strictly type function parameters
as in:
public function asd(string $mystr) {
$this->hola = $mystr;
}
Why not make it complete? Or is it?
Sorry for stealing the thread. ;-)
Also, i know php is an interpreted language. But wouldn't it be possible to
write a virtual machine for php and compile byte code... I know, php is not
Java or Actionscript :-P but it could be an add on feature. i guess the eval
wouldn't work then would it? Although eval could still be interpreted...
This would be nice in case you need to protect your intellectual property.
Regards,
Tim
Tim-Hinnerk Heuer
http://www.ihostnz.com
Emo Philips - "I was the kid next door's imaginary friend."
2009/2/19 Philip Thompson <[email protected]>
> Hi all.
>
> Maybe I'm wanting more Java-like functionality out of PHP, but I don't
> really like getting and setting members directly (even for public members) -
> I'd rather use accessors. This way you can control what is getting set and
> what is returning. However, I also don't really want to create a million
> get/set accessor methods - this is no fun and takes up a lot of space. After
> reading around a little bit, it got me thinking about overloading in PHP
> (which I'm sure we all know is completely different than any other
> language... but that's another day). I didn't want to use the standard __get
> and __set methods because that still leaves me with the same notation for
> getting/setting members. So, instead, I used a close relative of __get and
> __set. Meet brother __call. Could it really be this trivial to get the
> notation I'm wanting? Yes. Yes it is. Ok, enough talking... onto the code.
>
> <?php
> class Person
> {
> public $age;
> private $first, $middle, $last;
>
> // Gotta have our construct
> public function __construct () {}
>
> // Here's the fun
> public function __call ($member, $args)
> {
> // Since I know members I want, force the user to only
> // access the ones I've created
> if (property_exists ('Person', $member)) {
> // If args is empty, I must be returning the value
> if (empty ($args)) {
> list ($value) = $this->$member;
> return $value;
> }
>
> // Oh, args is not empty! Set the value
> $this->$member = $args;
> }
> else {
> // Blow up!
> die ("Fatal Error: Call to undefined member: $member.
> Exiting...");
> }
> }
> }
>
> $person = new Person();
>
> // Set the (private) first and last names
> $person->first('Billy');
> $person->last('Bob');
>
> // Get the (private) first and last names
> echo $person->first() . " " . $person->last()."<br/>";
>
> // Set the (public) age
> $person->age(103);
>
> // Get the (public) age
> echo "Age: ".$person->age()."<br/>";
>
> // Explosions
> $person->first = 'Buford';
> $person->pizza('Is yummy');
> ?>
>
> Now if you're reading this and thinking "Duh!" then good for you. However,
> I know there's at least 1 soul on this list who may benefit from this. But
> don't stop at the example above. If you want to add validation to the
> members you're getting/setting, build that into your code. If you want each
> member to be a specific type, include that as well (I'll leave the
> implementation up to you). ;-)
>
> So let's recap.
>
> • This functionality allows me to not have to write 2 accessors for every
> member
> • This allows me to use methods instead of directly getting/setting
> members (even though I can still access public members directly... if I
> want)
> • Keeps code consistent and less confusing - I know how to get and set
> every member
>
> What are your thoughts? Does this seem like a reasonable implementation?
> Useful? Pointless? Hit me up - I can handle *constructive* criticism. But
> for now, it's late and past my bedtime.
>
> Cheers,
> ~Philip
>
> "innerHTML is a string. The DOM is not a string, it's a hierarchal object
> structure. Shoving a string into an object is impure and similar to wrapping
> a spaghetti noodle around an orange and calling it lunch."
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
please keep replies on list.
Philip Thompson schreef:
> On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote:
>
>> Philip Thompson schreef:
>>> Hi all.
>>
>> ....
>>
>>>
>>> What are your thoughts? Does this seem like a reasonable implementation?
>>> Useful? Pointless? Hit me up - I can handle *constructive* criticism.
>>> But for now, it's late and past my bedtime.
>>
>> how do you set a property to null?
>
> Oh sure, point that out! JK. I thought of that as well. For members
> where 'null' is an option, you may just want to create a definitive
> accessor or modify the __call() function. Use a string to represent null
> - I'll use 'nil' from objective-c. Something like this...
yes but then someone might want to set the value to 'nil' or '__nil'
or any other magic value you might want to use.
what about capturing a method name prefix:
$person->unsetFirst();
> <?php
> public function __call ($member, $args)
> {
> if (property_exists ('Person', $member)) {
> if (empty ($args)) {
> list ($value) = $this->$member;
> return $value;
> }
>
> // Test to see if value is 'nil'. If so, set to null.
> if (!is_array ($args[0]) && $args[0] == 'nil') {
> $args[0] = null;
> }
>
> $this->$member = $args;
> }
> else {
> die ("Fatal Error: Call to undefined member: $member. Exiting...");
> }
> }
>
> $person = new Person();
> $person->first('Billy');
> $person->first('nil');
> ?>
>
> I suppose it's a possibility that someone will assign 'nil' to a member
> as an actual value, so put in some more checking or modify the null
> keyword - maybe '__nil' or whatever? That a possibility?
>
> Cheers,
> ~Phil
--- End Message ---
--- Begin Message ---
On Feb 19, 2009, at 10:55 AM, Jochem Maas wrote:
please keep replies on list.
Sorry!
Philip Thompson schreef:
On Feb 19, 2009, at 2:59 AM, Jochem Maas wrote:
Philip Thompson schreef:
Hi all.
....
What are your thoughts? Does this seem like a reasonable
implementation?
Useful? Pointless? Hit me up - I can handle *constructive*
criticism.
But for now, it's late and past my bedtime.
how do you set a property to null?
Oh sure, point that out! JK. I thought of that as well. For members
where 'null' is an option, you may just want to create a definitive
accessor or modify the __call() function. Use a string to represent
null
- I'll use 'nil' from objective-c. Something like this...
yes but then someone might want to set the value to 'nil' or '__nil'
or any other magic value you might want to use.
what about capturing a method name prefix:
$person->unsetFirst();
Yes, that is quite a viable option. I thought about the same thing,
except for setting the member. Modify the __call method to check for
'set' before the member name....
$person->setFirst('John');
$person->setFirst(null);
If you do it this way, there is no doubt that you are wanting to set
the value. And it even allows null.
~Philip
<?php
public function __call ($member, $args)
{
if (property_exists ('Person', $member)) {
if (empty ($args)) {
list ($value) = $this->$member;
return $value;
}
// Test to see if value is 'nil'. If so, set to null.
if (!is_array ($args[0]) && $args[0] == 'nil') {
$args[0] = null;
}
$this->$member = $args;
}
else {
die ("Fatal Error: Call to undefined member: $member.
Exiting...");
}
}
$person = new Person();
$person->first('Billy');
$person->first('nil');
?>
I suppose it's a possibility that someone will assign 'nil' to a
member
as an actual value, so put in some more checking or modify the null
keyword - maybe '__nil' or whatever? That a possibility?
Cheers,
~Phil
--- End Message ---
--- Begin Message ---
> Also, i know php is an interpreted language. But wouldn't it be possible to
> write a virtual machine for php and compile byte code... I know, php is not
> Java or Actionscript :-P but it could be an add on feature. i guess the eval
> wouldn't work then would it? Although eval could still be interpreted...
>
> This would be nice in case you need to protect your intellectual property.
I haven't tried it, but I might soon for an appliance I'm building.
http://www.roadsend.com/
--
Thanks!
-Shawn
http://www.spidean.com
--- End Message ---
--- Begin Message ---
Nisse Engström wrote:
On Wed, 18 Feb 2009 10:37:53 -0800, "Michael A. Peters" wrote:
http://www.gfx-depot.com/forum/-php-server-php-self-validation-t-1636.html
explains a technique to validate the input as well (don't trust that is
clean)
Amazing! Not once did they mention htmlspecialchars().
/Nisse
htmlspecialchars causes problems if you are going to use the data with
DOMDocument.
I believe the point was to produce a proper _SERVER['PHP_SELF'] - not a
sanitized but still borked version.
--- End Message ---
--- Begin Message ---
i successfully configure vsftp login using pam-mysql last time.
http://pam-mysql.sourceforge.net/
http://www.linux.com/feature/125789
user can login to ftp server using the same password on web..
hope it help
On 2/18/09, Michael Kubler <[email protected]> wrote:
> Yeah, I don't want local user access (SSH, their own entries in passwd,
> etc..). Too much work to ensure they all have the correct file
> permissions, etc..
> I think I'll just skip the PHP bit and use a proper FTP server. I've
> configured them a few times, but all the examples I found only had
> Anonymous FTP login, or MySQL (which is what I want), but the server
> wouldn't work with the MySQL plugin.
> Looks like I'll have to compile from source... joy.
>
> Thanks for all the replies though.
>
> Michael Kubler
> *G*rey *P*hoenix *P*roductions <http://www.greyphoenix.biz>
>
>
>
> Thodoris wrote:
>>
>> The local users part was about ssh-sftp access Ash not ftp.
>>
>> IMO when you add local users you add extra risks to your system than
>> simple ftp (non-local) users may not cause. Of course if you secure
>> your system carefully everything will work fine but I would avoid that
>> and there are many security issues that here is not the place to discuss.
>>
>> Of course if this fits your needs I have no objections.
>> --
>> Thodoris
>
--- End Message ---
--- Begin Message ---
Thodoris schreef:
>>
>>
>> seems to work fine here.
>>
>> What are your php.ini (memory related) settings?
>>
>> run:
>>
>> /usr/local/bin/php --ini
>>
>> and get the location of the php.ini file that is getting used. Check
>> our the memory settings in that file.
>>
>>
>>
>>
>
> Some general options:
> max_input_time = 60
> max_execution_time = 120
> memory_limit = 128M
>
> and the last one I have just noticed (that is why it reports the leak):
>
> report_memleaks = On
>
> In case I set this to Off it just stops bugging me. But is there a
> memory leak?
yes.
> And if yes should I report this as a bug ?
if (
1. report_memleaks is a core php.ini setting (not suhosin) (I don't
recall)
2. you still get the leak if you disable suhosin extension
3. you can create a small reproduction script (seems you have one, but
I'd
check that it's the getopt() call that triggers the leak)
4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev
) {
report_a_bug();
}
>
--- End Message ---
--- Begin Message ---
2009/2/19 Jochem Maas <[email protected]>:
> Thodoris schreef:
>>>
>>>
>>> seems to work fine here.
>>>
>>> What are your php.ini (memory related) settings?
>>>
>>> run:
>>>
>>> /usr/local/bin/php --ini
>>>
>>> and get the location of the php.ini file that is getting used. Check
>>> our the memory settings in that file.
>>>
>>>
>>>
>>>
>>
>> Some general options:
>> max_input_time = 60
>> max_execution_time = 120
>> memory_limit = 128M
>>
>> and the last one I have just noticed (that is why it reports the leak):
>>
>> report_memleaks = On
>>
>> In case I set this to Off it just stops bugging me. But is there a
>> memory leak?
>
> yes.
>
>> And if yes should I report this as a bug ?
>
> if (
>
> 1. report_memleaks is a core php.ini setting (not suhosin) (I don't
> recall)
> 2. you still get the leak if you disable suhosin extension
> 3. you can create a small reproduction script (seems you have one, but
> I'd
> check that it's the getopt() call that triggers the leak)
> 4. you can show the mem leak in 5.2.9RC2 and/or php5.3dev
> ) {
> report_a_bug();
> }
>
Syntax error, unexpected T_STRING :(
--- End Message ---
--- Begin Message ---
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to
input your email address - and if I would I
would not vote - because it's a waste of my
time... if you want me to vote you do everything
you can to make it as pleasant as possible --
certainly that isn't requirement of an email
validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email
address - and if I would I would not vote - because it's a waste of
my time... if you want me to vote you do everything you can to make
it as pleasant as possible -- certainly that isn't requirement of an
email validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
:) What world do you live in?
--- End Message ---
--- Begin Message ---
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to
input your email address - and if I would I
would not vote - because it's a waste of my
time... if you want me to vote you do
everything you can to make it as pleasant as
possible -- certainly that isn't requirement
of an email validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
:) What world do you live in?
The one that tries to understand and solve the problems presented.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
tedd napsal(a):
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email
address - and if I would I would not vote - because it's a waste of
my time... if you want me to vote you do everything you can to make
it as pleasant as possible -- certainly that isn't requirement of an
email validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
:) What world do you live in?
The one that tries to understand and solve the problems presented.
Cheers,
tedd
If that is true - you wouldn't say, you would do at least one of those
things.
--- End Message ---
--- Begin Message ---
At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need
to input your email address - and if I would
I would not vote - because it's a waste of
my time... if you want me to vote you do
everything you can to make it as pleasant as
possible -- certainly that isn't requirement
of an email validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
:) What world do you live in?
The one that tries to understand and solve the problems presented.
Cheers,
tedd
If that is true - you wouldn't say, you would do at least one of those things.
You're trolling -- welcome to my kill file.
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
tedd napsal(a):
At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email
address - and if I would I would not vote - because it's a waste
of my time... if you want me to vote you do everything you can to
make it as pleasant as possible -- certainly that isn't
requirement of an email validation.
Okay, so you don't see the problem.
It might do you well to try to figure out what we're talking about.
Cheers,
tedd
:) What world do you live in?
The one that tries to understand and solve the problems presented.
Cheers,
tedd
If that is true - you wouldn't say, you would do at least one of
those things.
You're trolling -- welcome to my kill file.
tedd
My point is: don't say to others they don't see a problem, just because
YOU see it differently (you said we, but that's basically just you only
:))... plus, in this case, you are in my professional opinion wrong -
the few (if any) of basic polls that require an email verification is
its proof.
Btw. google "free temporary email address" to see how unique email
addresses really are - in case you meant it in reference to the poll
voting - where you care about uniqueness of votes = people.
ALOHA
--- End Message ---
--- Begin Message ---
Martin Zvarík wrote:
tedd napsal(a):
At 5:28 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 5:10 PM +0100 2/19/09, Martin Zvarík wrote:
tedd napsal(a):
At 1:49 AM +0100 2/19/09, Martin Zvarík wrote:
Guys, I have not seen a poll where you need to input your email
address - and if I would I would not vote - because it's a waste
of my time... if you want me to vote you do everything you can to
make it as pleasant as possible -- certainly that isn't
requirement of an email validation.
<snip>
Btw. google "free temporary email address" to see how unique email
addresses really are - in case you meant it in reference to the poll
voting - where you care about uniqueness of votes = people.
So instead of trolling, offer a better suggestion.
--
Postgresql & php tutorials
http://www.designmagick.com/
--- End Message ---
--- Begin Message ---
Shawn McKenzie wrote:
Daniel Kolbo wrote:
Hello PHPers,
I am quite ignorant about file system security. I was hoping you all
could help me understand things.
How does one restrict php script from going (reading, writing) files in
the file system?
As I see it, a php programmer could change the include_path, with
ini_set(), use "../" etc..., and browse all the files on the server to
which the php engine has access. This would clearly not be acceptable
to a web host company, so how do most hosts restrict this kind of
behaviour?
Now, suppose i only have php access to my 'files' as defined by my host
somehow. (again, my first part of the question is how do they do
this?). Is it possible for me to further restrict this file
accessibility for different sub-folders? Let me provide an example
folder hierarchy and user scenario.
Suppose there are two php programmers (me and you). I want full access,
but I want to restrict you to your subdomain (subdomain2).
+AllUsers (me and you)
+Domain1
++Subdomain1 (me only)
++Subdomain2 (me and you)
++SharedDomain (me and you)
+ServerFile1 (me only)
+ServerFile2 (me only)
+SecretFile (no user)
Thanks for helping understand how to restrict/limit different php
programmers from going into places I'd rather them not go.
dK
Two methods come to mind, chroot and just setting perms for specific dirs.
Hello,
1) chroot
I don't understand how to specify to the php engine to chroot upon
different scripts being executed (scripts that i don't control). Would
you please clarify?
2)perms
The php engine is what has access to specific dirs (not users,
scripts,). That i know of, the php engine doesn't allow per user
permissions. That is, it is one engine, one set of perms. Are you
suggesting i have a separate php engine for each user?
3) Maybe i can simplify this question: How does a hosting company, in a
shared virtual host server environment, prevent all their clients (php
programmers) from snooping into all the other clients' folders? I am
assuming we are all using the same php engine, as it is a shared apache
host.
--- End Message ---
--- Begin Message ---
Daniel Kolbo wrote:
>
>
> Shawn McKenzie wrote:
>> Daniel Kolbo wrote:
>>
>>> Hello PHPers,
>>>
>>> I am quite ignorant about file system security. I was hoping you all
>>> could help me understand things.
>>>
>>> How does one restrict php script from going (reading, writing) files in
>>> the file system?
>>> As I see it, a php programmer could change the include_path, with
>>> ini_set(), use "../" etc..., and browse all the files on the server to
>>> which the php engine has access. This would clearly not be acceptable
>>> to a web host company, so how do most hosts restrict this kind of
>>> behaviour?
>>>
>>> Now, suppose i only have php access to my 'files' as defined by my host
>>> somehow. (again, my first part of the question is how do they do
>>> this?). Is it possible for me to further restrict this file
>>> accessibility for different sub-folders? Let me provide an example
>>> folder hierarchy and user scenario.
>>> Suppose there are two php programmers (me and you). I want full access,
>>> but I want to restrict you to your subdomain (subdomain2).
>>>
>>> +AllUsers (me and you)
>>> +Domain1
>>> ++Subdomain1 (me only)
>>> ++Subdomain2 (me and you)
>>> ++SharedDomain (me and you)
>>> +ServerFile1 (me only)
>>> +ServerFile2 (me only)
>>> +SecretFile (no user)
>>>
>>> Thanks for helping understand how to restrict/limit different php
>>> programmers from going into places I'd rather them not go.
>>> dK
>>>
>>>
>>
>> Two methods come to mind, chroot and just setting perms for specific
>> dirs.
>>
>>
>
> Hello,
> 1) chroot
> I don't understand how to specify to the php engine to chroot upon
> different scripts being executed (scripts that i don't control). Would
> you please clarify?
> 2)perms
> The php engine is what has access to specific dirs (not users,
> scripts,). That i know of, the php engine doesn't allow per user
> permissions. That is, it is one engine, one set of perms. Are you
> suggesting i have a separate php engine for each user?
>
> 3) Maybe i can simplify this question: How does a hosting company, in a
> shared virtual host server environment, prevent all their clients (php
> programmers) from snooping into all the other clients' folders? I am
> assuming we are all using the same php engine, as it is a shared apache
> host.
>
O.K. I read and typed too fast. In short, suexec with apache will run
a user's scripts as that user so long as php is run as cgi and not the
apache mod. Also, virtual hosts in apache define the docroot for a
virtual host (user/domain/etc.), so other virtual hosts can't access
outside of that docroot into other virtual hosts.
So the perms part of my previous reply was related to suexec and chroot
was out of my ass because many times you would chroot apache for extra
security from the webserver in general.
--
Thanks!
-Shawn
http://www.spidean.com
--- End Message ---
--- Begin Message ---
Hi all, I seem to be having a problem with getting two fields to insert into
a table, the other fields insert but not these two
its from a form that is a duplicate, basically I have a workorder that I
want to make a copy of, I call it from the db, populate a form in case
changes want to be made, and insert with a new unique ID as a new record,
it's working great except Two fields will NOT insert and I'm at a loss for
why ...
the code is big so I will post snippets that I think may be the trouble
spots
Here is the insert:
$sql = "INSERT INTO workorders (CreatedDate, Location, WorkOrderName,
AdminID, FormName, Status, Notes) VALUES (";
$sql .= "Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder',
'New Order', '$Notes')";
mysql_query($sql);
$WorkOrderID = mysql_insert_id();
Here is the part where it calls the old values:
$sql2 = "SELECT Location, WorkOrderName FROM workorders WHERE
WorkOrderID='$WorkOrderID'";
$result2 = mysql_query ($sql2);
$row2 = mysql_fetch_array($result2);
Here is the form part:
<tr>
<td align="left" nowrap><div
class="CaptionReq">Property:</div></td>
<td align="left"><div><input type="hidden"
name="Location" value="<?php echo $row2['Location']; ?>"><?php echo
$row2['Location']; ?> </div></td>
</tr>
<tr>
<td align="left" nowrap><div class="CaptionReq">Work
Order Name: <?php echo $row2['WorkOrderName']; ?></div></td>
<td align="left"><div><br><input type="hidden"
name="WorkOrderName" size="35 " value="<?php echo $row2['WorkOrderName'];
?>"/></div></td>
</tr>
I need some clues, everything works except the two fields Location, and
WorkOrderName.....
Thanks
Terion
Happy Freecycling
Free the List !!
www.freecycle.org
Over Moderation of Freecycle List Prevents Post Timeliness.
------------------------------------------------
Twitter?
http://twitter.com/terionmiller
------------------------------------------------
Facebook:
<a href="http://www.facebook.com/people/Terion-Miller/1542024891";
title="Terion Miller's Facebook profile" target=_TOP><img src="
http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
alt="Terion Miller's Facebook profile"></a>
Bill Watterson - "There is not enough time to do all the nothing we want to
do."
--- End Message ---
--- Begin Message ---
On Thu, Feb 19, 2009 at 3:21 PM, Terion Miller <[email protected]>wrote:
> Hi all, I seem to be having a problem with getting two fields to insert
> into
> a table, the other fields insert but not these two
> its from a form that is a duplicate, basically I have a workorder that I
> want to make a copy of, I call it from the db, populate a form in case
> changes want to be made, and insert with a new unique ID as a new record,
> it's working great except Two fields will NOT insert and I'm at a loss for
> why ...
> the code is big so I will post snippets that I think may be the trouble
> spots
>
> Here is the insert:
> $sql = "INSERT INTO workorders (CreatedDate, Location, WorkOrderName,
> AdminID, FormName, Status, Notes) VALUES (";
> $sql .= "Now(), '$Location', '$WorkOrderName', '$AdminID', 'WorkOrder',
> 'New Order', '$Notes')";
> mysql_query($sql);
> $WorkOrderID = mysql_insert_id();
>
> Here is the part where it calls the old values:
>
> $sql2 = "SELECT Location, WorkOrderName FROM workorders WHERE
> WorkOrderID='$WorkOrderID'";
> $result2 = mysql_query ($sql2);
> $row2 = mysql_fetch_array($result2);
>
>
> Here is the form part:
>
> <tr>
> <td align="left" nowrap><div
> class="CaptionReq">Property:</div></td>
> <td align="left"><div><input type="hidden"
> name="Location" value="<?php echo $row2['Location']; ?>"><?php echo
> $row2['Location']; ?> </div></td>
> </tr>
> <tr>
> <td align="left" nowrap><div class="CaptionReq">Work
> Order Name: <?php echo $row2['WorkOrderName']; ?></div></td>
> <td align="left"><div><br><input type="hidden"
> name="WorkOrderName" size="35 " value="<?php echo $row2['WorkOrderName'];
> ?>"/></div></td>
> </tr>
>
> I need some clues, everything works except the two fields Location, and
> WorkOrderName.....
>
> Thanks
> Terion
>
> Happy Freecycling
> Free the List !!
> www.freecycle.org
> Over Moderation of Freecycle List Prevents Post Timeliness.
> ------------------------------------------------
> Twitter?
> http://twitter.com/terionmiller
> ------------------------------------------------
> Facebook:
> <a href="http://www.facebook.com/people/Terion-Miller/1542024891";
> title="Terion Miller's Facebook profile" target=_TOP><img src="
> http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
> alt="Terion Miller's Facebook profile"></a>
> Bill Watterson - "There is not enough time to do all the nothing we want
> to
> do."
>
Why not try a
insert into table select fields from table where id = $id
--
Bastien
Cat, the other other white meat
--- End Message ---
--- Begin Message ---
Thanks
Terion
Happy Freecycling
Free the List !!
www.freecycle.org
Over Moderation of Freecycle List Prevents Post Timeliness.
------------------------------------------------
Twitter?
http://twitter.com/terionmiller
------------------------------------------------
Facebook:
<a href="http://www.facebook.com/people/Terion-Miller/1542024891";
title="Terion Miller's Facebook profile" target=_TOP><img src="
http://badge.facebook.com/badge/1542024891.237.919247960.png"; border=0
alt="Terion Miller's Facebook profile"></a>
George Burns - "I would go out with women my age, but there are no women my
age."
On Wed, Feb 18, 2009 at 8:29 PM, Paul M Foster <[email protected]>wrote:
> On Wed, Feb 18, 2009 at 05:25:16PM -0600, Terion Miller wrote:
>
> <snip>
>
> > What about just accepting any date in to the system, and defaulting
> to
> > the current date if any numptys/users try to set one before?
> >
> > Do something maybe like this (untested)
> >
> > $userDate = strtotime($_REQUEST['date']);
> > $startDate = ($userDate < time())?time():$userDate;
> >
> > >From there, you can use the timestamp how you wish.
> >
> > OOH found it:
> > $startday = mktime(0, 0, 0, date("m") , date("d")+2, date("Y"));
> >
> > Well no, guess I didn't find it because that code above gives me
> > this 1235109600
> >
> > What is that??
>
> It's a *nix timestamp number. Give it to date() this way:
>
> date('Y-m-d', $startday)
>
> And you'll see the date it represents. (It's actually the number of
> seconds since, the Unix epoch, in 1970.)
>
> Paul
>
> --
> Paul M. Foster
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
![http://badge.facebook.com/badge/1542024891.237.919247960.png"](http://badge.facebook.com/badge/1542024891.237.919247960.png"){kind=link}