php-general Digest 28 Aug 2009 11:29:17 -0000 Issue 6310

Fri, 28 Aug 2009 04:31:46 -0700 

php-general Digest 28 Aug 2009 11:29:17 -0000 Issue 6310

Topics (messages 297391 through 297403):

Re: Getting backtrace through GDB?
        297391 by: Lupus Michaelis

Re: vote package
        297392 by: Ben Dunlap

Re: user permissions
        297393 by: Ben Dunlap
        297394 by: Phpster
        297395 by: Ben Dunlap

Calling extension function from another
        297396 by: leledumbo
        297397 by: hack988 hack988

Error when execute header('location: otherpage.php') after email been sent out. 
Any Workaround?
        297398 by: Keith
        297399 by: Ashley Sheridan
        297400 by: hack988 hack988

safe_mode and inclusion of files don't work as documented
        297401 by: Nico Sabbi
        297402 by: hack988 hack988
        297403 by: Nico Sabbi

Administrivia:

To subscribe to the digest, e-mail:
        php-general-digest-subscr...@lists.php.net

To unsubscribe from the digest, e-mail:
        php-general-digest-unsubscr...@lists.php.net

To post to the list, e-mail:
        php-gene...@lists.php.net


----------------------------------------------------------------------
--- Begin Message --- 
Jason Young wrote:

Anyone, anyone? Bueller? :P
I'm sure someone has experience with GDB? I'm not looking for a newbie primer, I'm just curious if anyone has had experience with the problem below and knew how to correct it.. 



  I guess we are on PHP users list, gdb's ;)
If no symbols appear, it means that libraries and PHP wasn't compile with debug flags (eg -g with gcc). So, what you need as informations depends about what OS you're running.
But, especially for PHP, you must run configure PHP building with the fine flag --enable-debug. 

  For more information, you can read the GCC and GDB documentations.

--
Mickaël Wolff aka Lupus Michaelis
http://lupusmic.org

--- End Message ---
--- Begin Message --- 
> You might try to use the reported IP of the submitter, again unique, but
> that can be forged -- so again anyone can vote more than once.

Can you say more about forging the reported IP? I've always been under
the impression that forging the source IP in a TCP session is a pretty
sophisticated operation, but maybe I'm mistaken about that.

Of course source IP isn't a reliable unique-ID, for the opposite
reason also: forward proxies, NAT, etc., make it pretty likely that
several users will come to the site from the same IP. So you'd end up
incorrectly refusing legitimate votes.

Ben

--- End Message ---
--- Begin Message --- 
> Sort of. Create two tables a login table with user details and a specific
> field for a ROLE.
>
> Then create a roles table that lists the various permissions. I store this
[8<]
> This process is significantly simpler when managing users, it's easier to
> adjust permissions on one role than to edit a bunch of users when something
> changes.

In this mechanism, does a "role" differ significantly from a "group"?
I have to admin a CRM system that has both roles /and/ groups, and it
always seems a bit excessive. But maybe there's some benefit to roles,
as such, that I'm not seeing.

Thanks, Ben

--- End Message ---
--- Begin Message ---
On Aug 27, 2009, at 9:02 PM, Ben Dunlap <bdun...@agentintellect.com> wrote:
Sort of. Create two tables a login table with user details and a specific 
field for a ROLE.
Then create a roles table that lists the various permissions. I store this 
[8<]
This process is significantly simpler when managing users, it's easier to adjust permissions on one role than to edit a bunch of users when something 
changes.


In this mechanism, does a "role" differ significantly from a "group"?
I have to admin a CRM system that has both roles /and/ groups, and it
always seems a bit excessive. But maybe there's some benefit to roles,
as such, that I'm not seeing.

Thanks, Ben
Yes, they offer an additional layer of granularity on permissions. The apps I write use groups and role to limit acces to certain functionality. The roles determine functional access to records, ie what the user can do with them. The groups membership determines what records the user can see. E.g. If a user has membership in groups A and B, they can see all records from created by or assigned to both groups. A user who belongs to group B only, can only view the records having group B membership. 

Bastien

Sent from my iPod

--- End Message ---
--- Begin Message --- 
> Yes, they offer an additional layer of granularity on permissions. The apps
> I write use groups and role to limit acces to certain functionality. The
> roles determine functional access to records, ie what the user can do with
> them. The groups membership determines what records the user can see. E.g.

But is this substantially different from just allowing "groups" to
determine access to functionality, /and/ access to records, and
letting the admin create different groups for different reasons? I
guess I'm thinking of the way Active Directory works, which I've
found, in my second life as a system administrator, to be both easy to
grasp and extremely flexible/powerful.

Ben

--- End Message ---
--- Begin Message --- 
Is it possible to call a function that resides in an extension from another
extension?
-- 
View this message in context: 
http://www.nabble.com/Calling-extension-function-from-another-tp25185839p25185839.html
Sent from the PHP - General mailing list archive at Nabble.com.

--- End Message ---
--- Begin Message --- 
I don't kown your mean,could you descript the question more detail?

2009/8/28 leledumbo <leledumbo_c...@yahoo.co.id>:
>
> Is it possible to call a function that resides in an extension from another
> extension?
> --
> View this message in context: 
> http://www.nabble.com/Calling-extension-function-from-another-tp25185839p25185839.html
> Sent from the PHP - General mailing list archive at Nabble.com.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--- End Message ---
--- Begin Message --- I have a user sign up page that collects sign up information from user with form. This form will then be submitted to another process.php page for setting up the user account and send email to the user. After the email been sent out, the user will be directed back to homepage with header("location: index.php"). However, error happen with warning: [Cannot modify header information - headers already sent by...] 
Any workaround for this?

Thanks for help!
Keith

--- End Message ---
--- Begin Message --- 
On Fri, 2009-08-28 at 17:32 +0800, Keith wrote:
> I have a user sign up page that collects sign up information from user with 
> form.
> This form will then be submitted to another process.php page for setting up 
> the user account and send email to the user.
> After the email been sent out, the user will be directed back to homepage 
> with header("location: index.php").
> However, error happen with warning: [Cannot modify header information - 
> headers already sent by...]
> Any workaround for this?
> 
> Thanks for help!
> Keith
>  
> 
> 

You don't need a workaround. The header("Location...") thing will only
work if you have not sent any content to the browser yet. That includes
even a single space or newline.

It looks like in your process.php page, something is being output to the
browser. Are you able to do a code dump of that page?

Thanks,
Ash
http://www.ashleysheridan.co.uk

--- End Message ---
--- Begin Message --- 
Some Php's tigger info output to client before you set header.try this
code first
---------------------------------------------------------------
ob_start();//first line write this code
<<<some code for your self>>>
header("location:index.php");
ob_end_flush();
---------------------------------------------------------------
second.
You must check php.ini found that if flush implicit option turn on.
implicit_flush = On
=>
implicit_flush = Off

test your codes again.

If codes run correctly,check your codes line by lines ,found that such
as 'echo','print'... and so on before 'you
header("location:index.php")' line.
2009/8/28 Keith <survivor_...@hotmail.com>:
> I have a user sign up page that collects sign up information from user with
> form.
> This form will then be submitted to another process.php page for setting up
> the user account and send email to the user.
> After the email been sent out, the user will be directed back to homepage
> with header("location: index.php").
> However, error happen with warning: [Cannot modify header information -
> headers already sent by...]
> Any workaround for this?
>
> Thanks for help!
> Keith
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--- End Message ---
--- Begin Message --- 
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.

The settings are:
in php.ini:
include_path =
".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/"

in the virtualhost config:
        php_admin_value safe_mode On
        php_admin_value safe_mode_include_dir
"/server/home/nsabbi:/server/home/apache/php4:.:.."

The files belong entirely to apache:apache, the user who is running apache.
The problem is:


*Fatal error*: require_once() [function.require
<http://nsabbi/login/function.require>]: Failed opening required
'../include.php'
(include_path='.:..:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/')
in */server/home/nsabbi/nb4/login/index.php* on line *3

How is it that i can't include files in .. ????
btw, can I redefine the include_path in safe mode?

Thanks,
  Nico
*

--- End Message ---
--- Begin Message --- 
add this
php_admin_value open_basedir


2009/8/28 Nico Sabbi <nsa...@officinedigitali.it>:
> Hi,
> I'm testing one of my sites in safe_mode, but I'm experiencing some
> strangeness that is not documented.
>
> The settings are:
> in php.ini:
> include_path =
> ".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/"
>
> in the virtualhost config:
>        php_admin_value safe_mode On
>        php_admin_value safe_mode_include_dir
> "/server/home/nsabbi:/server/home/apache/php4:.:.."
>
> The files belong entirely to apache:apache, the user who is running apache.
> The problem is:
>
>
> *Fatal error*: require_once() [function.require
> <http://nsabbi/login/function.require>]: Failed opening required
> '../include.php'
> (include_path='.:..:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/')
> in */server/home/nsabbi/nb4/login/index.php* on line *3
>
> How is it that i can't include files in .. ????
> btw, can I redefine the include_path in safe mode?
>
> Thanks,
>  Nico
> *
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--- End Message ---
--- Begin Message --- 
hack988 hack988 ha scritto:
> add this
> php_admin_value open_basedir
>
>   

done, but it doesn't make a difference:
php_admin_value open_basedir
"/server/home/nsabbi:/server/home/apache/php4:.:.."

*Fatal error*: require_once() [function.require
<http://nsabbi/login/function.require>]: Failed opening required
'../include.php'
(include_path='.:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/')
in */server/home/nsabbi/nb4/login/index.php* on line *3


and the same with
*php_admin_value open_basedir none

--- End Message ---

Reply via email to