php-general Digest 12 Feb 2010 21:19:30 -0000 Issue 6587
Topics (messages 302036 through 302047):
Re: PHP Manual problems
302036 by: Ashley Sheridan
302043 by: Nathan Rixham
302045 by: Andrew Ballard
302047 by: Ashley Sheridan
Re: SOAP connect error
302037 by: Richard Quadling
JQuery issue
302038 by: Devendra Jadhav
302039 by: Ashley Sheridan
302040 by: Jay Blanchard
302041 by: Devendra Jadhav
Re: expression engine
302042 by: Nathan Rixham
How to secure this
302044 by: John Allsopp
302046 by: Robert Cummings
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
On Thu, 2010-02-11 at 22:38 -0500, Paul M Foster wrote:
> On Fri, Feb 12, 2010 at 12:13:11PM +1100, clanc...@cybec.com.au wrote:
>
> > On Thu, 11 Feb 2010 10:18:18 +0000, a...@ashleysheridan.co.uk (Ashley
> > Sheridan) wrote:
> >
> > >On Thu, 2010-02-11 at 10:16 +1100, Ross McKay wrote:
> > >
> > ...........
> > >
> > >There's a good reason for OpenOffice having some difficulties with MS
> > >Office documents. Back when MS rushed through getting their document
> > >standard ratified by ISO (which itself is a whole other story) they
> > >didn't explain all the details quite as well as they might have. Later
> > >on, MS found they were having some difficulty following their own
> > >'standard' and so altered it in various ways in Office2007. Needless to
> > >say, ISO weren't too happy when MS asked if they could just 'change the
> > >specs' for their file format, and quite rightly refused to do so.
> > >
> > >In short, this means that there is a MS ISO standard that MS is the only
> > >one not trying to follow, and software like OpenOffice is left to
> > >reverse engineering the format again.
> >
> > When the first Word Macro virus appeared in the early 90s, the AV industry
> > approached
> > Microsoft for the specifications of the internal structure of the Word
> > documents. After
> > some discussion Microsoft agreed to make these available to firms who
> > signed an NDA.
> > Several large firms did so, but when they got the specifications they
> > immediately
> > discovered that they bore very little relation to the actual documents. When
> > Microsoft was
> > approached about this their reply was "Well, that's all we've got!"
> >
> > The industry had to run a joint program to reverse engineer the
> > specifications before they
> > could work out how to remove the virus.
> >
> > The story that went around was that with each update Microsoft hired a
> > new batch of young
> > graduates <aside>they don't have preconceived notions (a.k.a. experience),
> > and they don't
> > have extravagant ideas of their own worth</aside>, told them vaguely what
> > they wanted, and
> > left them to it. Then, as soon as they had something that sort of worked,
> > they let them go
> > again. So there was no continuity, no documentation, no hope of bug fixes,
> > and very little
> > likelihood that the next update would be improved in any meaningful sense.
> > I have seen
> > nothing to suggest that anything has changed.
>
> I suspect any lack of continuity was more due to the shifting of
> personnel internally to differing projects, rather than the hiring of
> all new coders each time.
>
> But more importantly, I suspect MS coders just coded without writing any
> docs. Coders usually suck at documentation and will avoid it unless
> forced. And if forced to write docs, the docs were just a toss-off no
> one ever actually looked at.
>
> Microsoft's attitude, I'm sure was, "Why should we care about other
> players in the market? Just buy our crap and you won't have to worry
> about our formats." (Except until the next upgrade.)
>
> I think ISO's policy should be that if you're a company forwarding a
> standard, your off-the-shelf software should verifiably duplicate that
> standard. Otherwise, go pound sand. Same if you're a community proposing
> a standard. Produce some software which adheres to that standard or shut
> up.
>
> Paul
>
> --
> Paul M. Foster
>
Microsofts XML format should never have been made an ISO standard
anyway. There's a bit of a conspiracy behind how they managed it,
including large amounts of money and trade agreements trading hands, as
well as secret voting...
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Ashley Sheridan wrote:
> On Thu, 2010-02-11 at 22:38 -0500, Paul M Foster wrote:
>
>> On Fri, Feb 12, 2010 at 12:13:11PM +1100, clanc...@cybec.com.au wrote:
>>
>>> On Thu, 11 Feb 2010 10:18:18 +0000, a...@ashleysheridan.co.uk (Ashley
>>> Sheridan) wrote:
>>>
>>>> On Thu, 2010-02-11 at 10:16 +1100, Ross McKay wrote:
>>>>
>>> ...........
>>>> There's a good reason for OpenOffice having some difficulties with MS
>>>> Office documents. Back when MS rushed through getting their document
>>>> standard ratified by ISO (which itself is a whole other story) they
>>>> didn't explain all the details quite as well as they might have. Later
>>>> on, MS found they were having some difficulty following their own
>>>> 'standard' and so altered it in various ways in Office2007. Needless to
>>>> say, ISO weren't too happy when MS asked if they could just 'change the
>>>> specs' for their file format, and quite rightly refused to do so.
>>>>
>>>> In short, this means that there is a MS ISO standard that MS is the only
>>>> one not trying to follow, and software like OpenOffice is left to
>>>> reverse engineering the format again.
>>> When the first Word Macro virus appeared in the early 90s, the AV industry
>>> approached
>>> Microsoft for the specifications of the internal structure of the Word
>>> documents. After
>>> some discussion Microsoft agreed to make these available to firms who
>>> signed an NDA.
>>> Several large firms did so, but when they got the specifications they
>>> immediately
>>> discovered that they bore very little relation to the actual documents. When
>>> Microsoft was
>>> approached about this their reply was "Well, that's all we've got!"
>>>
>>> The industry had to run a joint program to reverse engineer the
>>> specifications before they
>>> could work out how to remove the virus.
>>>
>>> The story that went around was that with each update Microsoft hired a
>>> new batch of young
>>> graduates <aside>they don't have preconceived notions (a.k.a. experience),
>>> and they don't
>>> have extravagant ideas of their own worth</aside>, told them vaguely what
>>> they wanted, and
>>> left them to it. Then, as soon as they had something that sort of worked,
>>> they let them go
>>> again. So there was no continuity, no documentation, no hope of bug fixes,
>>> and very little
>>> likelihood that the next update would be improved in any meaningful sense.
>>> I have seen
>>> nothing to suggest that anything has changed.
>> I suspect any lack of continuity was more due to the shifting of
>> personnel internally to differing projects, rather than the hiring of
>> all new coders each time.
>>
>> But more importantly, I suspect MS coders just coded without writing any
>> docs. Coders usually suck at documentation and will avoid it unless
>> forced. And if forced to write docs, the docs were just a toss-off no
>> one ever actually looked at.
>>
>> Microsoft's attitude, I'm sure was, "Why should we care about other
>> players in the market? Just buy our crap and you won't have to worry
>> about our formats." (Except until the next upgrade.)
>>
>> I think ISO's policy should be that if you're a company forwarding a
>> standard, your off-the-shelf software should verifiably duplicate that
>> standard. Otherwise, go pound sand. Same if you're a community proposing
>> a standard. Produce some software which adheres to that standard or shut
>> up.
>>
>> Paul
>>
>> --
>> Paul M. Foster
>>
>
>
> Microsofts XML format should never have been made an ISO standard
> anyway. There's a bit of a conspiracy behind how they managed it,
> including large amounts of money and trade agreements trading hands, as
> well as secret voting...
>
There was a great article in the NYT about microsoft from Dick Brass (a
former Vice President) that's well worth a read:
http://www.nytimes.com/2010/02/04/opinion/04brass.html
regards :)
--- End Message ---
--- Begin Message ---
On Thu, Feb 11, 2010 at 5:18 AM, Ashley Sheridan
<a...@ashleysheridan.co.uk> wrote:
> There's a good reason for OpenOffice having some difficulties with MS
> Office documents. Back when MS rushed through getting their document
> standard ratified by ISO (which itself is a whole other story) they
> didn't explain all the details quite as well as they might have. Later
> on, MS found they were having some difficulty following their own
> 'standard' and so altered it in various ways in Office2007. Needless to
> say, ISO weren't too happy when MS asked if they could just 'change the
> specs' for their file format, and quite rightly refused to do so.
>
> In short, this means that there is a MS ISO standard that MS is the only
> one not trying to follow, and software like OpenOffice is left to
> reverse engineering the format again.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
You may be right as far as standards of the file format are concerned,
but IMO OpenOffice.org just isn't quite where I'd like it compared to
Microsoft Office, at least up through 2003. (I really dislike the
whole reorganized interface they created for 2007.) Particularly there
are differences between Excel and Calc that really annoy me. I would
like to like OpenOffice.org, but I spend too much of the time I use it
being frustrated by it.
(Wow, has this thread digressed!)
Andrew
--- End Message ---
--- Begin Message ---
On Fri, 2010-02-12 at 16:03 -0500, Andrew Ballard wrote:
> On Thu, Feb 11, 2010 at 5:18 AM, Ashley Sheridan
> <a...@ashleysheridan.co.uk> wrote:
> > There's a good reason for OpenOffice having some difficulties with MS
> > Office documents. Back when MS rushed through getting their document
> > standard ratified by ISO (which itself is a whole other story) they
> > didn't explain all the details quite as well as they might have. Later
> > on, MS found they were having some difficulty following their own
> > 'standard' and so altered it in various ways in Office2007. Needless to
> > say, ISO weren't too happy when MS asked if they could just 'change the
> > specs' for their file format, and quite rightly refused to do so.
> >
> > In short, this means that there is a MS ISO standard that MS is the only
> > one not trying to follow, and software like OpenOffice is left to
> > reverse engineering the format again.
> >
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> >
> >
>
> You may be right as far as standards of the file format are concerned,
> but IMO OpenOffice.org just isn't quite where I'd like it compared to
> Microsoft Office, at least up through 2003. (I really dislike the
> whole reorganized interface they created for 2007.) Particularly there
> are differences between Excel and Calc that really annoy me. I would
> like to like OpenOffice.org, but I spend too much of the time I use it
> being frustrated by it.
>
> (Wow, has this thread digressed!)
>
> Andrew
>
I must admit that Calc doesn't seem quite as fully featured,
particularly with respect to macros.
It does have other good features though that make it better, like native
external database connectivity.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
On 11 February 2010 16:04, Eric Lommatsch <er...@micronix.com> wrote:
>
>>Are you using wsdl? If so, does the WSDL file contain the information that
> the port to use for the requests is on port 8080?
>>
>>--
>>-----
>>Richard Quadling
>>"Standing on the shoulders of some very clever giants!"
>>EE : http://www.experts-exchange.com/M_248814.html
>>EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
>>Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
>>ZOPA : http://uk.zopa.com/member/RQuadling
>
> First, I am sorry for not getting back to this yesterday. I had some other
> things come up.
>
> As far as I know this website is using WSDL. I know that one of the early
> issues I ran into in trying to get this to work was not having the wsdl.php
> file in the path.
>
> That having been said are you talking about the wsdl file on the server that
> is providing the service or are you talking about the wsdl file on the system
> hosting the webpage.
>
> I can get everything to work correctly when I am working from our internal
> development server. But when I attempt to put the file on the hosted site our
> clients would ultimately be using I am getting the connect error.
>
> I have compared the wsdl.php files on these two servers and neither of them
> have specific information about the port in them.
>
> Here is the code that I am using to connect to the webservice:
>
> $webservices_uri =
> "http://xx.xx.xx.xx:8080/jasperserver/services/repository";;
>
> Here is the code where I am trying to connect:
>
> function ws_checkUsername($username, $password)
> {
> $connection_params = array("user" => $username, "pass" =>
> $password);
> $info = new SOAP_client($GLOBALS["webservices_uri"], false,
> false, $connection_params);
>
> $op_xml = "<request
> operationName=\"list\"><resourceDescriptor name=\"\" wsType=\"folder\"
> uriString=\"\" isNew=\"false\">".
> "<label></label></resourceDescriptor></request>";
>
> $params = array("request" => $op_xml );
> $response = $info->call("list",$params,array('namespace' =>
> $GLOBALS["namespace"]));
>
> return $response;
> }
>
> This is working when I use the IP address of the server behind the firewall,
> but when I try to use the address that is open through the firewall it is not
> connecting. I can connect to the external IP address by entering it into the
> browser and it does ask for the username and password.
>
> Thank you
>
> Eric H. Lommatsch
> Programmer
> 360 Business
> 2087 South Grant Street
> Denver, CO 80210
> Tel 303-777-8939 Ext 23
> Fax 888-282-9927
>
> er...@360b.com
>
Run this at the command line ...
php -r "echo file_get_contents('http://www.google.com');"
Do you get the google home page?
I suspect your browser is using a proxy, but your default gateway is
set to something different
There should only be 1 WSDL url. That is the URL of the WSDL file
associated with the service you are using.
It may be cached to a physical file.
Either way, it probably doesn't know that YOU are behind a firewall.
So. You need to proxy the calls.
You can use the default stream context.
Take a look at my user note on
http://www.php.net/manual/en/function.stream-context-get-default.php.
The site it relates to is probably dead now.
You may be able to assign the proxy details to the SOAPClient.
"For HTTP authentication, the login and password options can be used
to supply credentials. For making an HTTP connection through a proxy
server, the options proxy_host, proxy_port, proxy_login and
proxy_password are also available. For HTTPS client certificate
authentication use local_cert and passphrase options. An
authentication may be supplied in the authentication option. The
authentication method may be either SOAP_AUTHENTICATION_BASIC
(default) or SOAP_AUTHENTICATION_DIGEST."
(http://www.php.net/manual/en/soapclient.soapclient.php#soapclient.soapclient.parameters)
Does any of that help?
--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
--- End Message ---
--- Begin Message ---
Hi All,
Sorry for asking question at wrong place.. (Please tell me where to as
questions about JQuery)
I am using JQuery Validate plugin.
I am validating form which contains two items Name & phone number
Phone number contains three text boxes.
Now the default behavior of JQuery Validate put error message in front of
text boxes. It is ok for Name but,
for phone number i have placed three text boxes in a row. So i want single
message for this after the third text box.
So i did following thing
var form = $("#frm_something")
form.validate({
submitHandler: function() {
alert("Valid date range!")
},
groups: {
dateRange: "phone1 phone2 phone3"
},
errorPlacement: function(error, element) {
form.find(".error_container").append(error);
}
});
with above it is showing all errors in "error_container" span.
I want only date error should come in error_container everything else should
be as it is before (in-front of text boxes)
Please help..
--
Devendra Jadhav
--- End Message ---
--- Begin Message ---
On Fri, 2010-02-12 at 17:09 +0530, Devendra Jadhav wrote:
> Hi All,
>
> Sorry for asking question at wrong place.. (Please tell me where to as
> questions about JQuery)
> I am using JQuery Validate plugin.
> I am validating form which contains two items Name & phone number
> Phone number contains three text boxes.
> Now the default behavior of JQuery Validate put error message in front of
> text boxes. It is ok for Name but,
> for phone number i have placed three text boxes in a row. So i want single
> message for this after the third text box.
> So i did following thing
>
> var form = $("#frm_something")
> form.validate({
> submitHandler: function() {
> alert("Valid date range!")
> },
> groups: {
> dateRange: "phone1 phone2 phone3"
> },
> errorPlacement: function(error, element) {
> form.find(".error_container").append(error);
> }
> });
>
> with above it is showing all errors in "error_container" span.
> I want only date error should come in error_container everything else should
> be as it is before (in-front of text boxes)
>
> Please help..
>
As JQuery is Javascript, you're better off asking on a Javascript list
if you can't find a dedicated JQuery one.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
[snip]
Sorry for asking question at wrong place.. (Please tell me where to as
questions about JQuery)
[/snip]
Google is your friend....
http://docs.jquery.com/Discussion#Official_Forums
--- End Message ---
--- Begin Message ---
thank you all
On Fri, Feb 12, 2010 at 5:54 PM, Jay Blanchard <jblanch...@pocket.com>wrote:
> [snip]
> Sorry for asking question at wrong place.. (Please tell me where to as
> questions about JQuery)
> [/snip]
>
> Google is your friend....
>
> http://docs.jquery.com/Discussion#Official_Forums
>
>
--
Devendra Jadhav
देवेंद्र जाधव
--- End Message ---
--- Begin Message ---
Sudhakar wrote:
> hi
>
> i am from auckland new zealand, has anyone worked on expression engine cms
>
> please advice
>
> thanks
>
no but a very high percentage of the good graphic designers I know will
use nothing but; all of them really like it.
from a programmers point of view, i just don't know :)
regards!
--- End Message ---
--- Begin Message ---
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a mapping/location website and I want to be able to provide
something others can plug into their website that would display their map.
So I'm providing a URL like
http://www.mydomain.com?h=300&w=250&username=name&password=password
The idea is they can define their own height and width and it plugs in
as an iframe.
That takes the username and password and throws it over web services to
get back the data from which we can create the map.
My question (and it might be the wrong question) is how can I not give
away the password to all and sundry yet still provide a self-contained URL?
Thanks in advance :-)
Cheers
J
--- End Message ---
--- Begin Message ---
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a mapping/location website and I want to be able to provide
something others can plug into their website that would display their map.
So I'm providing a URL like
http://www.mydomain.com?h=300&w=250&username=name&password=password
The idea is they can define their own height and width and it plugs in
as an iframe.
That takes the username and password and throws it over web services to
get back the data from which we can create the map.
My question (and it might be the wrong question) is how can I not give
away the password to all and sundry yet still provide a self-contained URL?
MD5() (or SHA()) hash the information and supply that along with the
settings. Then you know it was generated by your site. So you can do the
following:
<?php
$height = 300;
$width = 250;
$username = 'username';
$key = md5( "SECRET_SALT-$heigh-$width-$username" );
$url =
"http://www.mydomain.com?h=$height&w=$width&username=$username&key=$key";;
?>
Then when you get this URL via the iframe, you re-compute the expected
key and then compare it against the given key. Since only you know the
SECRET_SALT value then nobody should be able to forge the key.
Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP
--- End Message ---
