php-general Digest 21 Jun 2009 14:56:23 -0000 Issue 6187
Topics (messages 294374 through 294380):
Re: PHP Mail Function
294374 by: David Swenson
Re: isset question
294375 by: Paul M Foster
Re: Users Online?
294376 by: Paul M Foster
294377 by: David Swenson
294378 by: Michael A. Peters
294379 by: Nitsan Bin-Nun
mirroring website
294380 by: Lars Nielsen
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Julian,
>From my understanding of PHP's mail() function, it doesn't do anything
more than send to the address you specified.
On that note, I'd check things like:
Email address typos
The email your sending to your domain, is it already being forwarded?
If so, do you get the email at your gmail account?
If it's not being forwarded, add $additionalheaders to your script and
CC: your gmail account when sending to your domain. See if it shows up
there.
Anyway those are somethings you could try as you have supplied no code
to check syntax and/or given any other testing you've tried.
Good Luck,
David
-----Original Message-----
From: Julian Muscat Doublesin [mailto:[email protected]]
Sent: Saturday, June 20, 2009 1:59 PM
To: [email protected]
Subject: [PHP] PHP Mail Function
Hello Everyone,
I have written an e-mail function that sends e-mail to my domain that
forwards it to a gmail account.
When I use the gmail address directly it works fine. When I use my mail
domain i don't get anything.
Has anyone experienced this? Can anyone give me some advice?
Thanks in advance
Julian
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.364 / Virus Database: 270.12.81/2189 - Release Date:
06/20/09 06:15:00
--- End Message ---
--- Begin Message ---
On Sat, Jun 20, 2009 at 12:20:56PM +0100, Ashley Sheridan wrote:
> On Sat, 2009-06-20 at 00:19 -0400, Paul M Foster wrote:
> > On Fri, Jun 19, 2009 at 07:52:40PM +0100, Ashley Sheridan wrote:
> >
> > > On Fri, 2009-06-19 at 12:36 +0100, Ford, Mike wrote:
> > > > On 18 June 2009 20:25, LAMP advised:
> > > >
> > > > > using !empty() instead isset() will work if you don't care for PHP
> > > > > Notice: Undefined variable... If you want to avoid PHP Notice
> > > > > you have
> > > > > to use both:
> > > > >
> > > > > $msg.= (isset($_POST['mort']) and !empty($_POST['mort'])) ? "The
> > > > > mortgage amount is $mort\n" : " ";
> > > >
> > > > Absolute rubbish -- as it says at http://php.net/empty, "empty($var) is
> > > > the opposite of (boolean)$var, except that no warning is generated when
> > > > the variable is not set." -- so "protecting" empty() with an isset() is
> > > > a total waste of time, space and cpu cycles.
> >
> > <snip>
> >
> > > >
> > > To be honest, you're still opening yourself up to attack that way.
> >
> > Why and how?
> >
> > Paul
> >
> > --
> > Paul M. Foster
> >
> I've only done a little reading on this, but you're opening yourself up
> to a XSS attack. If someone posted '<script>//malicious code
> here</script>' to your PHP script, you'd essentially be printing that
> right back out onto your page.
I see. You're not talking about being vulnerable because of isset/empty,
but by echoing it back to the page. Yes, I agree there. You have to
sanitize it first.
Paul
--
Paul M. Foster
--- End Message ---
--- Begin Message ---
On Sat, Jun 20, 2009 at 01:33:52PM -0700, Chris Payne wrote:
> Hi everyone,
>
> I have a login system that allows a user to login to my control panel,
> is there an easy way so that I can tell how many users / what users
> are logged into my system? What would I need to do to add this with
> the minimum of hassle? Would I just have to look at the sessions that
> are currently active and if so, how? I really want to add this
> feature as it will help with creating a messaging system.
Doing this purely with sessions is impossible (well, nearly), since
sessions can't see each other. Your best bet is to add two fields to
your table(s)-- datetime logged in and datetime logged out. You'll need
to work out a way to expire someone's login if they appear to be logged
in too long (they closed their brower or left it open but forgot about
the tab for your site).
Upon login, you could perform a query of the table(s), looking for the
number of records where the logout field is empty.
Paul
--
Paul M. Foster
--- End Message ---
--- Begin Message ---
Chris,
If it were me (and let me warn you, there's probably 100 different ways
to do this), but If I was using a table to log them into a "control
panel (CP)" of sorts, I'm sure you have other DB querries to handle the
CP stuff it self, correct? Well if your already taking the time to
create a DB connection on each page of that CP, why not just make a
field that updates an "active" status, and/or add this to Pauls
suggestion of logged in/out times, then every page they visit updates
that time to show they are still active. Then do something like my bank
does and set a time limit on each page, that if another page on the site
isn't visited in so many seconds, you force them to log out. (you could
even throw something in that "asks" the user if they want to stay logged
in, cuz that'd be a nice feature) :)
Not sure if this was what you were lookin for but just an idea.
Best of luck,
David
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Chris Payne
Sent: Saturday, June 20, 2009 2:34 PM
To: [email protected]
Subject: [PHP] Users Online?
Hi everyone,
I have a login system that allows a user to login to my control panel,
is there an easy way so that I can tell how many users / what users are
logged into my system? What would I need to do to add this with the
minimum of hassle? Would I just have to look at the sessions that are
currently active and if so, how? I really want to add this feature as
it will help with creating a messaging system.
It might be simple but if you've never done it before it's the hardest
thing in the world :-)
Thank you
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.364 / Virus Database: 270.12.81/2189 - Release Date:
06/20/09 06:15:00
--- End Message ---
--- Begin Message ---
Paul M Foster wrote:
On Sat, Jun 20, 2009 at 01:33:52PM -0700, Chris Payne wrote:
Hi everyone,
I have a login system that allows a user to login to my control panel,
is there an easy way so that I can tell how many users / what users
are logged into my system? What would I need to do to add this with
the minimum of hassle? Would I just have to look at the sessions that
are currently active and if so, how? I really want to add this
feature as it will help with creating a messaging system.
Doing this purely with sessions is impossible (well, nearly), since
sessions can't see each other.
Yeah - what I do, and why I mentioned database, my session database has
a field for userid so that I can easily with a single query associate a
userid with a session.
mysql> describe php_sessions;
+--------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------------+--------------+------+-----+---------+-------+
| session_id | varchar(32) | NO | PRI | | |
| session_data | longtext | YES | | NULL | |
| dt_created | int(11) | NO | | 0 | |
| ip_created | varchar(32) | NO | | | |
| dt_modified | int(11) | NO | | 0 | |
| ip_modified | varchar(32) | NO | | | |
| userid | mediumint(9) | NO | | 0 | |
| expires | int(11) | NO | | 0 | |
| expired | tinyint(4) | NO | | 0 | |
+--------------+--------------+------+-----+---------+-------+
That's one of the advantages to using a database for sessions - you can
tie all kinds of groovy information to the session_id that can then help
with future forensics and stuff if needed, and instead of deleting a
session when it expires, set the expired field so that you can keep
expired sessions around for longer yet they aren't useable by a client.
--- End Message ---
--- Begin Message ---
Why all this mess for such a simple thing?
All you need is to allocate the last activity timestamp with userid in the
users table, add 'last_activity' column to the users table then update it
with every page load at the administration panel. Then all you need to do in
order to print out the current logged in users is to SELECT `username` FROM
`users` WHERE `last_activity` > time() - 60*15
60*15 means that users which had an activity during the last 15 minutes will
be shown as logged in ;)
This is the way I would do that if you have no session handling system.
HTH,
Nitsan
On Sun, Jun 21, 2009 at 10:10 AM, Michael A. Peters <[email protected]> wrote:
> Paul M Foster wrote:
>
>> On Sat, Jun 20, 2009 at 01:33:52PM -0700, Chris Payne wrote:
>>
>> Hi everyone,
>>>
>>> I have a login system that allows a user to login to my control panel,
>>> is there an easy way so that I can tell how many users / what users
>>> are logged into my system? What would I need to do to add this with
>>> the minimum of hassle? Would I just have to look at the sessions that
>>> are currently active and if so, how? I really want to add this
>>> feature as it will help with creating a messaging system.
>>>
>>
>> Doing this purely with sessions is impossible (well, nearly), since
>> sessions can't see each other.
>>
>
> Yeah - what I do, and why I mentioned database, my session database has a
> field for userid so that I can easily with a single query associate a userid
> with a session.
>
> mysql> describe php_sessions;
> +--------------+--------------+------+-----+---------+-------+
> | Field | Type | Null | Key | Default | Extra |
> +--------------+--------------+------+-----+---------+-------+
> | session_id | varchar(32) | NO | PRI | | |
> | session_data | longtext | YES | | NULL | |
> | dt_created | int(11) | NO | | 0 | |
> | ip_created | varchar(32) | NO | | | |
> | dt_modified | int(11) | NO | | 0 | |
> | ip_modified | varchar(32) | NO | | | |
> | userid | mediumint(9) | NO | | 0 | |
> | expires | int(11) | NO | | 0 | |
> | expired | tinyint(4) | NO | | 0 | |
> +--------------+--------------+------+-----+---------+-------+
>
> That's one of the advantages to using a database for sessions - you can tie
> all kinds of groovy information to the session_id that can then help with
> future forensics and stuff if needed, and instead of deleting a session when
> it expires, set the expired field so that you can keep expired sessions
> around for longer yet they aren't useable by a client.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
Hey
I have the following issue! I want to develop my website on my local
machine, and then upload the entire developed site to a production
server. What is the best strategy to do that?
I have been looking at a php mirroring script but that was about 5 years
old! Is'nt there a better/newer approach?
By the way... I'm using Fedora linux with LAMP (php5)
best regards
Lars Nielsen
www.mit-web.dk
--- End Message ---
