php-general Digest 3 Oct 2009 14:02:25 -0000 Issue 6371
Topics (messages 298505 through 298517):
A really wacky design decision
298505 by: clancy_1.cybec.com.au
298507 by: Andrea Giammarchi
298511 by: Ralph Deffke
298513 by: Ashley Sheridan
298514 by: Ralph Deffke
298515 by: Ashley Sheridan
298516 by: Ralph Deffke
Header problem
298506 by: Kim Madsen
298508 by: Andrea Giammarchi
Problem with Filesystem Functions
298509 by: Andrew Burgess
298510 by: Ashley Sheridan
Re: Self-Process php forms or not?
298512 by: Tom Worster
Re: Whacky increment/assignment logic with $foo++ vs ++$foo
298517 by: Ralph Deffke
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Daevid Vincent is surprised that:
$num = 123;
$num = $num++;
print $num; //this prints 123 and not 124 ?!!
To me this is relatively logical. As I understand it, the post-increment
operator says "do
something with the variable, and then increment it. The trouble in this case is
that we
are doing something irrational; we are copying the number back to itself, and
to me it is
reasonably logical (or at least no less illogical than the alternative) to
assume that if
we copy it to itself, then increment the original version, the copy will not be
incremented.
However there is one feature of PHP which, to my mind, is really bad design.
How many of
you can see anything wrong with the following procedure to search a list of
names for a
particular name?
$i = 0; $j = count ($names); while ($i < $j)
{ if ($names[$i] == $target) { break; }
++$i;
}
As long as the names are conventional names, this procedure is probably safe to
use.
However if you allow the names to be general alphanumeric strings, it is not
reliable. One
of my programs recently broke down in one particular case, and when I
eventually isolated
the bug I discovered that it was matching '2260' to '226E1'. (The logic of this
is: 226E1
= 226*10^1 = 2260).
I agree that I was well aware of this trap, and that I should not have used a
simple
comparison, but it seems to me to be a bizarre design decision to assume that
anything
which can be converted to an integer, using any of the available notations, is
in fact an
integer, rather than making the default to simply treat it as a string. It is
also a trap
that it is very easy to fall into if you start off thinking about simple names,
and then
extend (or borrow) the procedure to use more general strings.
And can anyone tell me whether, in the above case, it is sufficient to write
simply:
if ((string) $names[$i] == $target),
or should I write:
if ((string) $names[$i] == (string) $target)?
(I decided to play safe and use strcmp ().)
--- End Message ---
--- Begin Message ---
And then you discover ===
$i = 0; $j = count ($names); while ($i < $j)
{ if ($names[$i] === $target) { break; }
++$i;
}
... regards
> To: [email protected]
> From: [email protected]
> Date: Sat, 3 Oct 2009 21:21:00 +1000
> Subject: [PHP] A really wacky design decision
>
> Daevid Vincent is surprised that:
>
> $num = 123;
> $num = $num++;
> print $num; //this prints 123 and not 124 ?!!
>
> To me this is relatively logical. As I understand it, the post-increment
> operator says "do
> something with the variable, and then increment it. The trouble in this case
> is that we
> are doing something irrational; we are copying the number back to itself, and
> to me it is
> reasonably logical (or at least no less illogical than the alternative) to
> assume that if
> we copy it to itself, then increment the original version, the copy will not
> be
> incremented.
>
> However there is one feature of PHP which, to my mind, is really bad design.
> How many of
> you can see anything wrong with the following procedure to search a list of
> names for a
> particular name?
>
> $i = 0; $j = count ($names); while ($i < $j)
> { if ($names[$i] == $target) { break; }
> ++$i;
> }
>
> As long as the names are conventional names, this procedure is probably safe
> to use.
> However if you allow the names to be general alphanumeric strings, it is not
> reliable. One
> of my programs recently broke down in one particular case, and when I
> eventually isolated
> the bug I discovered that it was matching '2260' to '226E1'. (The logic of
> this is: 226E1
> = 226*10^1 = 2260).
>
> I agree that I was well aware of this trap, and that I should not have used a
> simple
> comparison, but it seems to me to be a bizarre design decision to assume that
> anything
> which can be converted to an integer, using any of the available notations,
> is in fact an
> integer, rather than making the default to simply treat it as a string. It is
> also a trap
> that it is very easy to fall into if you start off thinking about simple
> names, and then
> extend (or borrow) the procedure to use more general strings.
>
> And can anyone tell me whether, in the above case, it is sufficient to write
> simply:
> if ((string) $names[$i] == $target),
>
> or should I write:
> if ((string) $names[$i] == (string) $target)?
>
> (I decided to play safe and use strcmp ().)
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
_________________________________________________________________
Windows Live: Keep your friends up to date with what you do online.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010
--- End Message ---
--- Begin Message ---
u increment after! asigning, so far so good, but for math reasons the
interpreter has to keep in mind the 123 you want to assign before increment
to the same var.
this is absolutely correct what php does here.
$num = ++$num; would print 124
the same like
$num++;
on the other hand this is just bullshit I would release any programmer using
that type of code.
[email protected]
<[email protected]> wrote in message
news:[email protected]...
> Daevid Vincent is surprised that:
>
> $num = 123;
> $num = $num++;
> print $num; //this prints 123 and not 124 ?!!
>
> To me this is relatively logical. As I understand it, the post-increment
operator says "do
> something with the variable, and then increment it. The trouble in this
case is that we
> are doing something irrational; we are copying the number back to itself,
and to me it is
> reasonably logical (or at least no less illogical than the alternative) to
assume that if
> we copy it to itself, then increment the original version, the copy will
not be
> incremented.
>
> However there is one feature of PHP which, to my mind, is really bad
design. How many of
> you can see anything wrong with the following procedure to search a list
of names for a
> particular name?
>
> $i = 0; $j = count ($names); while ($i < $j)
> { if ($names[$i] == $target) { break; }
> ++$i;
> }
>
> As long as the names are conventional names, this procedure is probably
safe to use.
> However if you allow the names to be general alphanumeric strings, it is
not reliable. One
> of my programs recently broke down in one particular case, and when I
eventually isolated
> the bug I discovered that it was matching '2260' to '226E1'. (The logic of
this is: 226E1
> = 226*10^1 = 2260).
>
> I agree that I was well aware of this trap, and that I should not have
used a simple
> comparison, but it seems to me to be a bizarre design decision to assume
that anything
> which can be converted to an integer, using any of the available
notations, is in fact an
> integer, rather than making the default to simply treat it as a string. It
is also a trap
> that it is very easy to fall into if you start off thinking about simple
names, and then
> extend (or borrow) the procedure to use more general strings.
>
> And can anyone tell me whether, in the above case, it is sufficient to
write simply:
> if ((string) $names[$i] == $target),
>
> or should I write:
> if ((string) $names[$i] == (string) $target)?
>
> (I decided to play safe and use strcmp ().)
>
--- End Message ---
--- Begin Message ---
On Sat, 2009-10-03 at 15:33 +0200, Ralph Deffke wrote:
> u increment after! asigning, so far so good, but for math reasons the
> interpreter has to keep in mind the 123 you want to assign before increment
> to the same var.
>
> this is absolutely correct what php does here.
>
> $num = ++$num; would print 124
> the same like
> $num++;
>
> on the other hand this is just bullshit I would release any programmer using
> that type of code.
>
> [email protected]
>
> <[email protected]> wrote in message
> news:[email protected]...
> > Daevid Vincent is surprised that:
> >
> > $num = 123;
> > $num = $num++;
> > print $num; //this prints 123 and not 124 ?!!
> >
> > To me this is relatively logical. As I understand it, the post-increment
> operator says "do
> > something with the variable, and then increment it. The trouble in this
> case is that we
> > are doing something irrational; we are copying the number back to itself,
> and to me it is
> > reasonably logical (or at least no less illogical than the alternative) to
> assume that if
> > we copy it to itself, then increment the original version, the copy will
> not be
> > incremented.
> >
> > However there is one feature of PHP which, to my mind, is really bad
> design. How many of
> > you can see anything wrong with the following procedure to search a list
> of names for a
> > particular name?
> >
> > $i = 0; $j = count ($names); while ($i < $j)
> > { if ($names[$i] == $target) { break; }
> > ++$i;
> > }
> >
> > As long as the names are conventional names, this procedure is probably
> safe to use.
> > However if you allow the names to be general alphanumeric strings, it is
> not reliable. One
> > of my programs recently broke down in one particular case, and when I
> eventually isolated
> > the bug I discovered that it was matching '2260' to '226E1'. (The logic of
> this is: 226E1
> > = 226*10^1 = 2260).
> >
> > I agree that I was well aware of this trap, and that I should not have
> used a simple
> > comparison, but it seems to me to be a bizarre design decision to assume
> that anything
> > which can be converted to an integer, using any of the available
> notations, is in fact an
> > integer, rather than making the default to simply treat it as a string. It
> is also a trap
> > that it is very easy to fall into if you start off thinking about simple
> names, and then
> > extend (or borrow) the procedure to use more general strings.
> >
> > And can anyone tell me whether, in the above case, it is sufficient to
> write simply:
> > if ((string) $names[$i] == $target),
> >
> > or should I write:
> > if ((string) $names[$i] == (string) $target)?
> >
> > (I decided to play safe and use strcmp ().)
> >
>
>
>
You'd release a programmer for using the incremental operators for self
assignation?
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
yes for using
$num = $num++;
yes !!!!!!
"Ashley Sheridan" <[email protected]> wrote in message
news:1254577641.2385.7.ca...@localhost...
> On Sat, 2009-10-03 at 15:33 +0200, Ralph Deffke wrote:
> > u increment after! asigning, so far so good, but for math reasons the
> > interpreter has to keep in mind the 123 you want to assign before
increment
> > to the same var.
> >
> > this is absolutely correct what php does here.
> >
> > $num = ++$num; would print 124
> > the same like
> > $num++;
> >
> > on the other hand this is just bullshit I would release any programmer
using
> > that type of code.
> >
> > [email protected]
> >
> > <[email protected]> wrote in message
> > news:[email protected]...
> > > Daevid Vincent is surprised that:
> > >
> > > $num = 123;
> > > $num = $num++;
> > > print $num; //this prints 123 and not 124 ?!!
> > >
> > > To me this is relatively logical. As I understand it, the
post-increment
> > operator says "do
> > > something with the variable, and then increment it. The trouble in
this
> > case is that we
> > > are doing something irrational; we are copying the number back to
itself,
> > and to me it is
> > > reasonably logical (or at least no less illogical than the
alternative) to
> > assume that if
> > > we copy it to itself, then increment the original version, the copy
will
> > not be
> > > incremented.
> > >
> > > However there is one feature of PHP which, to my mind, is really bad
> > design. How many of
> > > you can see anything wrong with the following procedure to search a
list
> > of names for a
> > > particular name?
> > >
> > > $i = 0; $j = count ($names); while ($i < $j)
> > > { if ($names[$i] == $target) { break; }
> > > ++$i;
> > > }
> > >
> > > As long as the names are conventional names, this procedure is
probably
> > safe to use.
> > > However if you allow the names to be general alphanumeric strings, it
is
> > not reliable. One
> > > of my programs recently broke down in one particular case, and when I
> > eventually isolated
> > > the bug I discovered that it was matching '2260' to '226E1'. (The
logic of
> > this is: 226E1
> > > = 226*10^1 = 2260).
> > >
> > > I agree that I was well aware of this trap, and that I should not have
> > used a simple
> > > comparison, but it seems to me to be a bizarre design decision to
assume
> > that anything
> > > which can be converted to an integer, using any of the available
> > notations, is in fact an
> > > integer, rather than making the default to simply treat it as a
string. It
> > is also a trap
> > > that it is very easy to fall into if you start off thinking about
simple
> > names, and then
> > > extend (or borrow) the procedure to use more general strings.
> > >
> > > And can anyone tell me whether, in the above case, it is sufficient to
> > write simply:
> > > if ((string) $names[$i] == $target),
> > >
> > > or should I write:
> > > if ((string) $names[$i] == (string) $target)?
> > >
> > > (I decided to play safe and use strcmp ().)
> > >
> >
> >
> >
> You'd release a programmer for using the incremental operators for self
> assignation?
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
--- End Message ---
--- Begin Message ---
On Sat, 2009-10-03 at 15:46 +0200, Ralph Deffke wrote:
> yes for using
> $num = $num++;
> yes !!!!!!
>
> "Ashley Sheridan" <[email protected]> wrote in message
> news:1254577641.2385.7.ca...@localhost...
> > On Sat, 2009-10-03 at 15:33 +0200, Ralph Deffke wrote:
> > > u increment after! asigning, so far so good, but for math reasons the
> > > interpreter has to keep in mind the 123 you want to assign before
> increment
> > > to the same var.
> > >
> > > this is absolutely correct what php does here.
> > >
> > > $num = ++$num; would print 124
> > > the same like
> > > $num++;
> > >
> > > on the other hand this is just bullshit I would release any programmer
> using
> > > that type of code.
> > >
> > > [email protected]
> > >
> > > <[email protected]> wrote in message
> > > news:[email protected]...
> > > > Daevid Vincent is surprised that:
> > > >
> > > > $num = 123;
> > > > $num = $num++;
> > > > print $num; //this prints 123 and not 124 ?!!
> > > >
> > > > To me this is relatively logical. As I understand it, the
> post-increment
> > > operator says "do
> > > > something with the variable, and then increment it. The trouble in
> this
> > > case is that we
> > > > are doing something irrational; we are copying the number back to
> itself,
> > > and to me it is
> > > > reasonably logical (or at least no less illogical than the
> alternative) to
> > > assume that if
> > > > we copy it to itself, then increment the original version, the copy
> will
> > > not be
> > > > incremented.
> > > >
> > > > However there is one feature of PHP which, to my mind, is really bad
> > > design. How many of
> > > > you can see anything wrong with the following procedure to search a
> list
> > > of names for a
> > > > particular name?
> > > >
> > > > $i = 0; $j = count ($names); while ($i < $j)
> > > > { if ($names[$i] == $target) { break; }
> > > > ++$i;
> > > > }
> > > >
> > > > As long as the names are conventional names, this procedure is
> probably
> > > safe to use.
> > > > However if you allow the names to be general alphanumeric strings, it
> is
> > > not reliable. One
> > > > of my programs recently broke down in one particular case, and when I
> > > eventually isolated
> > > > the bug I discovered that it was matching '2260' to '226E1'. (The
> logic of
> > > this is: 226E1
> > > > = 226*10^1 = 2260).
> > > >
> > > > I agree that I was well aware of this trap, and that I should not have
> > > used a simple
> > > > comparison, but it seems to me to be a bizarre design decision to
> assume
> > > that anything
> > > > which can be converted to an integer, using any of the available
> > > notations, is in fact an
> > > > integer, rather than making the default to simply treat it as a
> string. It
> > > is also a trap
> > > > that it is very easy to fall into if you start off thinking about
> simple
> > > names, and then
> > > > extend (or borrow) the procedure to use more general strings.
> > > >
> > > > And can anyone tell me whether, in the above case, it is sufficient to
> > > write simply:
> > > > if ((string) $names[$i] == $target),
> > > >
> > > > or should I write:
> > > > if ((string) $names[$i] == (string) $target)?
> > > >
> > > > (I decided to play safe and use strcmp ().)
> > > >
> > >
> > >
> > >
> > You'd release a programmer for using the incremental operators for self
> > assignation?
> >
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
> >
>
>
>
To be honest, of all the programming sins, this is not one to fire
someone for. Have a look at the daily wtf and you'll see what i mean!
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
this is a clear sign that somebody is on a sin TRAIL, I would not even spend
the time on what sin collections this guy got
"Ashley Sheridan" <[email protected]> wrote in message
news:1254577986.2385.8.ca...@localhost...
> On Sat, 2009-10-03 at 15:46 +0200, Ralph Deffke wrote:
>
> > yes for using
> > $num = $num++;
> > yes !!!!!!
> >
> > "Ashley Sheridan" <[email protected]> wrote in message
> > news:1254577641.2385.7.ca...@localhost...
> > > On Sat, 2009-10-03 at 15:33 +0200, Ralph Deffke wrote:
> > > > u increment after! asigning, so far so good, but for math reasons
the
> > > > interpreter has to keep in mind the 123 you want to assign before
> > increment
> > > > to the same var.
> > > >
> > > > this is absolutely correct what php does here.
> > > >
> > > > $num = ++$num; would print 124
> > > > the same like
> > > > $num++;
> > > >
> > > > on the other hand this is just bullshit I would release any
programmer
> > using
> > > > that type of code.
> > > >
> > > > [email protected]
> > > >
> > > > <[email protected]> wrote in message
> > > > news:[email protected]...
> > > > > Daevid Vincent is surprised that:
> > > > >
> > > > > $num = 123;
> > > > > $num = $num++;
> > > > > print $num; //this prints 123 and not 124 ?!!
> > > > >
> > > > > To me this is relatively logical. As I understand it, the
> > post-increment
> > > > operator says "do
> > > > > something with the variable, and then increment it. The trouble in
> > this
> > > > case is that we
> > > > > are doing something irrational; we are copying the number back to
> > itself,
> > > > and to me it is
> > > > > reasonably logical (or at least no less illogical than the
> > alternative) to
> > > > assume that if
> > > > > we copy it to itself, then increment the original version, the
copy
> > will
> > > > not be
> > > > > incremented.
> > > > >
> > > > > However there is one feature of PHP which, to my mind, is really
bad
> > > > design. How many of
> > > > > you can see anything wrong with the following procedure to search
a
> > list
> > > > of names for a
> > > > > particular name?
> > > > >
> > > > > $i = 0; $j = count ($names); while ($i < $j)
> > > > > { if ($names[$i] == $target) { break; }
> > > > > ++$i;
> > > > > }
> > > > >
> > > > > As long as the names are conventional names, this procedure is
> > probably
> > > > safe to use.
> > > > > However if you allow the names to be general alphanumeric strings,
it
> > is
> > > > not reliable. One
> > > > > of my programs recently broke down in one particular case, and
when I
> > > > eventually isolated
> > > > > the bug I discovered that it was matching '2260' to '226E1'. (The
> > logic of
> > > > this is: 226E1
> > > > > = 226*10^1 = 2260).
> > > > >
> > > > > I agree that I was well aware of this trap, and that I should not
have
> > > > used a simple
> > > > > comparison, but it seems to me to be a bizarre design decision to
> > assume
> > > > that anything
> > > > > which can be converted to an integer, using any of the available
> > > > notations, is in fact an
> > > > > integer, rather than making the default to simply treat it as a
> > string. It
> > > > is also a trap
> > > > > that it is very easy to fall into if you start off thinking about
> > simple
> > > > names, and then
> > > > > extend (or borrow) the procedure to use more general strings.
> > > > >
> > > > > And can anyone tell me whether, in the above case, it is
sufficient to
> > > > write simply:
> > > > > if ((string) $names[$i] == $target),
> > > > >
> > > > > or should I write:
> > > > > if ((string) $names[$i] == (string) $target)?
> > > > >
> > > > > (I decided to play safe and use strcmp ().)
> > > > >
> > > >
> > > >
> > > >
> > > You'd release a programmer for using the incremental operators for
self
> > > assignation?
> > >
> > > Thanks,
> > > Ash
> > > http://www.ashleysheridan.co.uk
> > >
> > >
> > >
> >
> >
> >
>
> To be honest, of all the programming sins, this is not one to fire
> someone for. Have a look at the daily wtf and you'll see what i mean!
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
--- End Message ---
--- Begin Message ---
Hi PHP people
I have a really strange and annoying problem. I've got a site, where
members can download music. User clicks index.php (in index.php
there's an iframe, that opens another file), if certain check are okay
then a popup window opens download.php, where a mp3 file is fetched
from the server and renamed in the header, then pushed to the enduser,
this works fine. But now I want to create zipfiles too but when a user
downloads a zipfile it's like the whole site is freezed until download
has completed. My guess is that this is some sort of header problem
(see headers below), due to three headers at the same time, cause the
class works as expected in the test page i've created. Inputs to
correct headers would be appriciated very much :-)
Mp3 headers:
$new_filename = "attachment; filename=\"{$artist} - {$title}.mp3\"";
header('Content-Description: File Transfer');
header("Content-Type: application/octet-stream");
header("Content-Length: $size");
header("Content-Disposition: $new_filename");
header("Content-Transfer-Encoding: binary");
readfile($source_file);
Zip headers:
$zip = new zipfile();
$zip->add_dir(".");
$new_filename= "{$artist} - {$title}.mp3";
if(mysql_num_rows($result)) {
$zip->add_file($file, $new_filename);
}
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false);
header("Content-type: application/zip");
#header("Content-Type: application/octet-stream");
header("Content-disposition: attachment; filename=\"zipTest.zip\"");
header('Content-Transfer-Encoding: binary');
ob_end_clean();
echo $zip->file();
Code example: http://lps.netlinq.dk/test010/test_zip.class.php
Headers (fetched with firefox add-on: live http headers)
This is headers from the site, where the problem occurs:
1. click on the link to a title (Maxwell in this case)
----------------------------------------------------------
http://lps.netlinq.dk/?action=download&track_id=357
GET /?action=download&track_id=357 HTTP/1.1
Host: lps.netlinq.dk
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://lps.netlinq.dk/?action=download&track_id=350
Cookie: login_email=kim%40emax.dk;
PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
HTTP/1.x 200 OK
Date: Fri, 02 Oct 2009 15:15:21 GMT
Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.4-2ubuntu5.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4250
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
2. I click on "download zip" (this is a link to index.php)
if conditions are met, then a popup with download.php is activated and
here a zip header is made
----------------------------------------------------------
http://lps.netlinq.dk/index.php
POST /index.php HTTP/1.1
Host: lps.netlinq.dk
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://lps.netlinq.dk/?action=download&track_id=357
Cookie: login_email=kim%40emax.dk;
PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
Content-Type: application/x-www-form-urlencoded
Content-Length: 131
action=ask_questions&download_zipfile=1&version_id
%5B1065%5D=1&version_id%5B1066%5D=1&version_id%5B1067%5D=1&version_id
%5B1068%5D=1
HTTP/1.x 200 OK
Date: Fri, 02 Oct 2009 15:15:29 GMT
Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.4-2ubuntu5.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3216
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
http://lps.netlinq.dk/download.php?track_id=357&member_id=1&string=41e0cd250ca3a40598e2019fd4c813cc&kbit=320&zipfile=1
GET /download.php?
track_id=357&member_id=1&string=41e0cd250ca3a40598e2019fd4c813cc&kbit=320&zipfile=1
HTTP/1.1
Host: lps.netlinq.dk
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://lps.netlinq.dk/index.php
Cookie: login_email=kim%40emax.dk;
PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
HTTP/1.x 200 OK
Date: Fri, 02 Oct 2009 15:15:30 GMT
Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.4-2ubuntu5.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
check=0
Pragma: no-cache
Content-Disposition: attachment; filename="Maxwell - Bad Habits
(Remixes).zip"
Content-Transfer-Encoding: binary
Content-Length: 54234978
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/zip
----------------------------------------------------------
3. as long as the zip file is downloading the site "freezes" until
download is complete, then the link I've clicked is "activated"
___________________________________________________________________________
And this is the headers from the test page:
http://lps.netlinq.dk/test010/test_zip.class.php
http://home.emax.dk/~emax/test/test_zip.class.php
Same files, different servers
headers from test010:
http://home.emax.dk/~emax/test/test_zip.class.php?zip_to_browser=1
GET /~emax/test/test_zip.class.php?zip_to_browser=1 HTTP/1.1
Host: home.emax.dk
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://home.emax.dk/~emax/test/test_zip.class.php?test=15
HTTP/1.x 200 OK
Date: Fri, 02 Oct 2009 14:31:08 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
X-Powered-By: PHP/4.4.4
Pragma: public
Expires: 0
Cache-Control: must-revalidate, post-check=0, pre-check=0, private
Content-Disposition: attachment; filename="zipTest2.zip"
Content-Transfer-Encoding: binary
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/zip
____________________________________________________________________
headers from Netlinq:
GET /test010/test_zip.class.php?zip_to_browser=1 HTTP/1.1
Host: lps.netlinq.dk
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://lps.netlinq.dk/test010/test_zip.class.php?test=21
Cookie: login_email=kim%40emax.dk;
PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
HTTP/1.x 200 OK
Date: Fri, 02 Oct 2009 14:55:37 GMT
Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.4-2ubuntu5.6
Pragma: public
Expires: 0
Cache-Control: must-revalidate, post-check=0, pre-check=0, private
Content-Disposition: attachment; filename="zipTest2.zip"
Content-Transfer-Encoding: binary
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/zip
____________________________________________________________________
--- End Message ---
--- Begin Message ---
Do you want users download the file or the zip?
do you send other headers before the download?
It's
quite a common error to set a default header in PHP at the beginning of
whatever application, while header should be used as last exit point
and never in the middle, or at the beginning, of a response.
Moreover,
if you use readfile and then zip what do you expect, multiple downloads
in one? This is not how HTTP work ... so please show more php, or
explain better what you would like to do.
Regards
> Date: Sat, 3 Oct 2009 13:30:38 +0200
> From: [email protected]
> To: [email protected]
> Subject: [PHP] Header problem
>
> Hi PHP people
>
> I have a really strange and annoying problem. I've got a site, where
> members can download music. User clicks index.php (in index.php
> there's an iframe, that opens another file), if certain check are okay
> then a popup window opens download.php, where a mp3 file is fetched
> from the server and renamed in the header, then pushed to the enduser,
> this works fine. But now I want to create zipfiles too but when a user
> downloads a zipfile it's like the whole site is freezed until download
> has completed. My guess is that this is some sort of header problem
> (see headers below), due to three headers at the same time, cause the
> class works as expected in the test page i've created. Inputs to
> correct headers would be appriciated very much :-)
>
> Mp3 headers:
> $new_filename = "attachment; filename=\"{$artist} - {$title}.mp3\"";
> header('Content-Description: File Transfer');
> header("Content-Type: application/octet-stream");
> header("Content-Length: $size");
> header("Content-Disposition: $new_filename");
> header("Content-Transfer-Encoding: binary");
> readfile($source_file);
>
> Zip headers:
> $zip = new zipfile();
> $zip->add_dir(".");
> $new_filename= "{$artist} - {$title}.mp3";
> if(mysql_num_rows($result)) {
> $zip->add_file($file, $new_filename);
> }
> header("Pragma: public");
> header("Expires: 0");
> header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
> header("Cache-Control: private",false);
> header("Content-type: application/zip");
> #header("Content-Type: application/octet-stream");
> header("Content-disposition: attachment; filename=\"zipTest.zip\"");
> header('Content-Transfer-Encoding: binary');
> ob_end_clean();
> echo $zip->file();
>
> Code example: http://lps.netlinq.dk/test010/test_zip.class.php
>
> Headers (fetched with firefox add-on: live http headers)
>
> This is headers from the site, where the problem occurs:
>
> 1. click on the link to a title (Maxwell in this case)
> ----------------------------------------------------------
> http://lps.netlinq.dk/?action=download&track_id=357
>
> GET /?action=download&track_id=357 HTTP/1.1
> Host: lps.netlinq.dk
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
> 20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://lps.netlinq.dk/?action=download&track_id=350
> Cookie: login_email=kim%40emax.dk;
> PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
>
> HTTP/1.x 200 OK
> Date: Fri, 02 Oct 2009 15:15:21 GMT
> Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
> mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
> X-Powered-By: PHP/5.2.4-2ubuntu5.6
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
> check=0
> Pragma: no-cache
> Vary: Accept-Encoding
> Content-Encoding: gzip
> Content-Length: 4250
> Keep-Alive: timeout=15, max=100
> Connection: Keep-Alive
> Content-Type: text/html
>
> 2. I click on "download zip" (this is a link to index.php)
> if conditions are met, then a popup with download.php is activated and
> here a zip header is made
>
> ----------------------------------------------------------
> http://lps.netlinq.dk/index.php
>
> POST /index.php HTTP/1.1
> Host: lps.netlinq.dk
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
> 20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://lps.netlinq.dk/?action=download&track_id=357
> Cookie: login_email=kim%40emax.dk;
> PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 131
> action=ask_questions&download_zipfile=1&version_id
> %5B1065%5D=1&version_id%5B1066%5D=1&version_id%5B1067%5D=1&version_id
> %5B1068%5D=1
>
> HTTP/1.x 200 OK
> Date: Fri, 02 Oct 2009 15:15:29 GMT
> Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
> mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
> X-Powered-By: PHP/5.2.4-2ubuntu5.6
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
> check=0
> Pragma: no-cache
> Vary: Accept-Encoding
> Content-Encoding: gzip
> Content-Length: 3216
> Keep-Alive: timeout=15, max=99
> Connection: Keep-Alive
> Content-Type: text/html
> ----------------------------------------------------------
> http://lps.netlinq.dk/download.php?track_id=357&member_id=1&string=41e0cd250ca3a40598e2019fd4c813cc&kbit=320&zipfile=1
>
> GET /download.php?
> track_id=357&member_id=1&string=41e0cd250ca3a40598e2019fd4c813cc&kbit=320&zipfile=1
> HTTP/1.1
> Host: lps.netlinq.dk
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
> 20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://lps.netlinq.dk/index.php
> Cookie: login_email=kim%40emax.dk;
> PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
>
> HTTP/1.x 200 OK
> Date: Fri, 02 Oct 2009 15:15:30 GMT
> Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
> mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
> X-Powered-By: PHP/5.2.4-2ubuntu5.6
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
> check=0
> Pragma: no-cache
> Content-Disposition: attachment; filename="Maxwell - Bad Habits
> (Remixes).zip"
> Content-Transfer-Encoding: binary
> Content-Length: 54234978
> Keep-Alive: timeout=15, max=98
> Connection: Keep-Alive
> Content-Type: application/zip
> ----------------------------------------------------------
> 3. as long as the zip file is downloading the site "freezes" until
> download is complete, then the link I've clicked is "activated"
> ___________________________________________________________________________
>
> And this is the headers from the test page:
> http://lps.netlinq.dk/test010/test_zip.class.php
> http://home.emax.dk/~emax/test/test_zip.class.php
>
> Same files, different servers
>
> headers from test010:
>
> http://home.emax.dk/~emax/test/test_zip.class.php?zip_to_browser=1
>
> GET /~emax/test/test_zip.class.php?zip_to_browser=1 HTTP/1.1
> Host: home.emax.dk
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
> 20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://home.emax.dk/~emax/test/test_zip.class.php?test=15
>
> HTTP/1.x 200 OK
> Date: Fri, 02 Oct 2009 14:31:08 GMT
> Server: Apache/1.3.37 (Unix) PHP/4.4.4
> X-Powered-By: PHP/4.4.4
> Pragma: public
> Expires: 0
> Cache-Control: must-revalidate, post-check=0, pre-check=0, private
> Content-Disposition: attachment; filename="zipTest2.zip"
> Content-Transfer-Encoding: binary
> Keep-Alive: timeout=15, max=99
> Connection: Keep-Alive
> Transfer-Encoding: chunked
> Content-Type: application/zip
> ____________________________________________________________________
>
> headers from Netlinq:
>
> GET /test010/test_zip.class.php?zip_to_browser=1 HTTP/1.1
> Host: lps.netlinq.dk
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/
> 20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://lps.netlinq.dk/test010/test_zip.class.php?test=21
> Cookie: login_email=kim%40emax.dk;
> PHPSESSID=fbb5d6adec802766cf6f638c99ab4f1d
>
> HTTP/1.x 200 OK
> Date: Fri, 02 Oct 2009 14:55:37 GMT
> Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
> mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g
> X-Powered-By: PHP/5.2.4-2ubuntu5.6
> Pragma: public
> Expires: 0
> Cache-Control: must-revalidate, post-check=0, pre-check=0, private
> Content-Disposition: attachment; filename="zipTest2.zip"
> Content-Transfer-Encoding: binary
> Keep-Alive: timeout=15, max=100
> Connection: Keep-Alive
> Transfer-Encoding: chunked
> Content-Type: application/zip
> ____________________________________________________________________
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
_________________________________________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail
you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010
--- End Message ---
--- Begin Message ---
I hope this isn't too basic of a question . . .
I'm having a problem with the Filesystem Functions, I think.
Specifically, I'm recursing through a directory, and have this code:
$size = filesize($file);
$type = filetype($file);
$date = filemtime($file);
I'm getting these warnings:
Warning: filesize() [function.filesize]: stat failed for
AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 33
Warning: filetype() [function.filetype]: Lstat failed for
AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 34
Warning: filemtime() [function.filemtime]: stat failed for
AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 35
These warning display for every file in the directory; however . and
.. have no trouble. I've googled around and searched for probably
45min without coming up with a solution. Any help would be
appreciated!
TIA!
--- End Message ---
--- Begin Message ---
On Sat, 2009-10-03 at 09:07 -0400, Andrew Burgess wrote:
> I hope this isn't too basic of a question . . .
>
> I'm having a problem with the Filesystem Functions, I think.
> Specifically, I'm recursing through a directory, and have this code:
>
> $size = filesize($file);
> $type = filetype($file);
> $date = filemtime($file);
>
> I'm getting these warnings:
>
> Warning: filesize() [function.filesize]: stat failed for
> AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 33
> Warning: filetype() [function.filetype]: Lstat failed for
> AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 34
> Warning: filemtime() [function.filemtime]: stat failed for
> AudioJungle.jpg in C:\wamp\www\file_explorer\index.php on line 35
>
> These warning display for every file in the directory; however . and
> .. have no trouble. I've googled around and searched for probably
> 45min without coming up with a solution. Any help would be
> appreciated!
>
> TIA!
>
Two things spring to mind. Firstly, what size are your files? I had
problems reading info on files over 3GB on a 32-bit PHP install, as
there's a problem with the number storage that leaves all the values
read as 0.
Second thing, are the values you're passing to these functions what you
think they are? While the directory browsing functions might be
functioning from a relative pointer, the calls to filesize() etc might
need values relative to the PHP script itself, or failing that, absolute
path values.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
On 10/2/09 10:24 AM, "tedd" <[email protected]> wrote:
> At 1:55 PM +0530 10/2/09, kranthi wrote:
>> and yes i forgot to mention... i avoid hidden form elements because
>> they can be modified very easily and hence pose a security threat.
>
> That depends upon how sloppy you are in coding.
>
> NONE of my hidden variables pose any security problems whatsoever.
...because one always assumes that data supplied in an http request is
tainted. hence arguments about which exploit is more likely is rather
pointless.
a hidden input is really no different from any other form field. kranthi's
argument would be consistent if he felt that all form inputs should be
avoided because they are so easily modified as to pose a security threat.
--- End Message ---
--- Begin Message ---
Ben,
might be intersting to consider that in ur c axample u r working with a pure
memory position, while php works with references. thry it with pointers it
I'm pretty shure u get the same result as in PHP.
I'm not shure, because I don't work in perl, but doesn't per work on
references as well ?
[email protected]
"Ben Dunlap" <[email protected]> wrote in message
news:[email protected]...
> mind-blowing. What the heck /is/ supposed to happen when you do this:
>
> $a = 2;
> $a = $a++;
> echo $a;
>
> Seems like any way you slice it the output should be 3. I guess what's
... and, in fact, that /is/ how C behaves. The following code:
int a = 2;
a = a++;
printf("a = [%d]\n", a);
Will output "a = [3]". At least on Ubuntu 9 using gcc 4.3.3.
So I retract my initial terse reply and apologize for misunderstanding
your question.
Ben
--- End Message ---
