php-general Digest 15 May 2010 22:27:59 -0000 Issue 6746
Topics (messages 305249 through 305260):
Re: Multiple Login in a single PC should not be possible
305249 by: Lester Caine
305250 by: Ashley Sheridan
305257 by: Robert Cummings
305260 by: Nathan Nobbe
Ruben Knol has invited you to open a Google mail account
305251 by: Ruben Knol
PHP Site with CSS and Internet Explorer
305252 by: Juan Rodriguez Monti
305254 by: tedd
305255 by: Ashley Sheridan
305256 by: kranthi
305259 by: Jim Lucas
Advice needed - general (GPS, databases, webs etc.)
305253 by: SED
Re: Email with attachment
305258 by: Jim Lucas
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
This was bounced back to the list because of the php crap of needing to use
'reply all' - I SHOULD have used 'reply' in this case as jagdeep's email was to
ME, but I automatically 'reply all' and replace return address with the list
email to kill off all the extras!
Ashley Sheridan wrote:
On Sat, 2010-05-15 at 08:18 +0100, Lester Caine wrote:
Jagdeep Singh wrote:
> How can I define"Machine"?
That IS the problem. As with a lot of this stuff - nothing was ever actually
DESIGNED to work :( So $_SERVER["REMOTE_ADDR"] will block multiple machines if
they are sharing the one connection. I've been lucky so far in that
'REMOTE_ADDR' CAN be resolved to a machine in my own case.
This like 'tzoffset' is an area where the simplest basic functions actually need
to be fixed. If you are working cross timezones have you considered the problem
of knowing the right time where daylight saving is important. My users have to
set their correct daylight saving zone in their profile. 'tzoffset' is no use.
Both of these are areas that need fixing?
( As an aside ... some schools are now using 'virtual' desktops, so several
pupils may WELL be working on the one 'virtual server' but each in their own
sessions. This makes it impossible to identify the individual users as well )
I explained off-list how you could do this. Create a hash of the
machines IP and browser with the username of the logged in user:
md5($ip . $browser . $username);
And store that in the database when they log in. Now each time they
perform an action, create a hash from those same bits of information
again and check it against the one created when they logged in.
We have already identified that THIS will not work is this case. It is not
unreasonable to want to restrict the number of users on a single machine. So you
keep the machine use separate to the user login ... AS STATED the problem is
identifying a machine in the first place.
You can't access their Mac address. Many people on the list have
explained that to you now. I'm not sure why an e-learning module needs
such strict requirements, as it's perfectly valid that a user might want
to use more than one browser at a time.
It is also not unreasonable that one may want to restrict access to something in
the way specified. If one is RUNNING on-line testing, then having the answers
open in another browser is something that it might be nice to block ;) Because
the simple matter of uniquely identifying a machine on the internet IS
impossible currently then we have to come up with some other way of blocking
things, but to be honest. On-line testing is a silly idea anyway since there are
many ways of cheating that even these locks would not prevent ;) In my own case,
restricting a machine to a single user is essential and I simply need to block
other users when the machine is 'in use'. $_SERVER["REMOTE_ADDR"] is internal to
the intranet so no problem.
Personally I think the demands from the 'privacy' camp is simply playing into
the hands of the criminals. EVERY machine should report it's ID and this can
then be used to kill off the con men. Perhaps when IPv6 is in full use then
every computer can be uniquely identified? THEN $_SERVER["REMOTE_ADDR"] will
work properly .... we just have to ensure that 'cloaning' of ID's is always
flagged in transit.
--
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php
--- End Message ---
--- Begin Message ---
On Sat, 2010-05-15 at 11:50 +0100, Lester Caine wrote:
> This was bounced back to the list because of the php crap of needing to use
> 'reply all' - I SHOULD have used 'reply' in this case as jagdeep's email was
> to
> ME, but I automatically 'reply all' and replace return address with the list
> email to kill off all the extras!
>
> Ashley Sheridan wrote:
> > On Sat, 2010-05-15 at 08:18 +0100, Lester Caine wrote:
> >> Jagdeep Singh wrote:
> >> > How can I define"Machine"?
> >>
> >> That IS the problem. As with a lot of this stuff - nothing was ever
> >> actually
> >> DESIGNED to work :( So $_SERVER["REMOTE_ADDR"] will block multiple
> >> machines if
> >> they are sharing the one connection. I've been lucky so far in that
> >> 'REMOTE_ADDR' CAN be resolved to a machine in my own case.
> >>
> >> This like 'tzoffset' is an area where the simplest basic functions
> >> actually need
> >> to be fixed. If you are working cross timezones have you considered the
> >> problem
> >> of knowing the right time where daylight saving is important. My users
> >> have to
> >> set their correct daylight saving zone in their profile. 'tzoffset' is no
> >> use.
> >>
> >> Both of these are areas that need fixing?
> >>
> >> ( As an aside ... some schools are now using 'virtual' desktops, so several
> >> pupils may WELL be working on the one 'virtual server' but each in their
> >> own
> >> sessions. This makes it impossible to identify the individual users as
> >> well )
>
> > I explained off-list how you could do this. Create a hash of the
> > machines IP and browser with the username of the logged in user:
> >
> > md5($ip . $browser . $username);
> >
> > And store that in the database when they log in. Now each time they
> > perform an action, create a hash from those same bits of information
> > again and check it against the one created when they logged in.
>
> We have already identified that THIS will not work is this case. It is not
> unreasonable to want to restrict the number of users on a single machine. So
> you
> keep the machine use separate to the user login ... AS STATED the problem is
> identifying a machine in the first place.
>
> > You can't access their Mac address. Many people on the list have
> > explained that to you now. I'm not sure why an e-learning module needs
> > such strict requirements, as it's perfectly valid that a user might want
> > to use more than one browser at a time.
>
> It is also not unreasonable that one may want to restrict access to something
> in
> the way specified. If one is RUNNING on-line testing, then having the answers
> open in another browser is something that it might be nice to block ;)
> Because
> the simple matter of uniquely identifying a machine on the internet IS
> impossible currently then we have to come up with some other way of blocking
> things, but to be honest. On-line testing is a silly idea anyway since there
> are
> many ways of cheating that even these locks would not prevent ;) In my own
> case,
> restricting a machine to a single user is essential and I simply need to
> block
> other users when the machine is 'in use'. $_SERVER["REMOTE_ADDR"] is internal
> to
> the intranet so no problem.
>
> Personally I think the demands from the 'privacy' camp is simply playing into
> the hands of the criminals. EVERY machine should report it's ID and this can
> then be used to kill off the con men. Perhaps when IPv6 is in full use then
> every computer can be uniquely identified? THEN $_SERVER["REMOTE_ADDR"] will
> work properly .... we just have to ensure that 'cloaning' of ID's is always
> flagged in transit.
>
> --
> Lester Caine - G8HFL
> -----------------------------
> Contact - http://lsces.co.uk/wiki/?page=contact
> L.S.Caine Electronic Services - http://lsces.co.uk
> EnquirySolve - http://enquirysolve.com/
> Model Engineers Digital Workshop - http://medw.co.uk//
> Firebird - http://www.firebirdsql.org/index.php
>
I see exactly the issue you have now, and there's no way round it. You
can't identify a single machine in the way you want.
Maybe you could restrict access to test answer materials to a user who
is logged in, and then lock them out when a test is in progress for
their username. That way, you don't have to identify a machine at all
(what's to stop someone from opening up a laptop next to their main
computer to circumvent your 'security' anyway?) and the only way they
can access both course materials and the test is with two sets of login
credentials.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Ashley Sheridan wrote:
I see exactly the issue you have now, and there's no way round it. You
can't identify a single machine in the way you want.
Maybe you could restrict access to test answer materials to a user who
is logged in, and then lock them out when a test is in progress for
their username. That way, you don't have to identify a machine at all
(what's to stop someone from opening up a laptop next to their main
computer to circumvent your 'security' anyway?) and the only way they
can access both course materials and the test is with two sets of login
credentials.
Just to follow-up... even if one could identify the machine, someone out
there would open up a virtual machine :)
Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP
--- End Message ---
--- Begin Message ---
On Sat, May 15, 2010 at 10:18 AM, Robert Cummings <rob...@interjinn.com>wrote:
> Ashley Sheridan wrote:
>
>> I see exactly the issue you have now, and there's no way round it. You
>> can't identify a single machine in the way you want.
>>
>> Maybe you could restrict access to test answer materials to a user who
>> is logged in, and then lock them out when a test is in progress for
>> their username. That way, you don't have to identify a machine at all
>> (what's to stop someone from opening up a laptop next to their main
>> computer to circumvent your 'security' anyway?) and the only way they
>> can access both course materials and the test is with two sets of login
>> credentials.
>>
>
> Just to follow-up... even if one could identify the machine, someone out
> there would open up a virtual machine :)
or add a second nic .., or a virtual nic, which doesnt even require
additional hardware ;)
-nathan
--- End Message ---
--- Begin Message ---
I've been using Gmail and thought you might like to try it out. Here's
an invitation to create an account.
-----------------------------------------------------------------------
Ruben Knol has invited you to open a free Gmail account.
To accept this invitation and register for your account, visit
http://mail.google.com/mail/a-aa11bd36fb-302f6744ca-s4UI_b6q4PMLn9Ns0oJf_P55xNo
Once you create your account, Ruben Knol will be notified with
your new email address so you can stay in touch with Gmail!
If you haven't already heard about Gmail, it's a new search-based webmail
service that offers:
- Over 2,700 megabytes (two gigabytes) of free storage
- Built-in Google search that instantly finds any message you want
- Automatic arrangement of messages and related replies into
"conversations"
- Powerful spam protection using innovative Google technology
- No large, annoying ads--just small text ads and related pages that are
relevant to the content of your messages
To learn more about Gmail before registering, visit:
http://mail.google.com/mail/help/benefits.html
And, to see how easy it can be to switch to a new email service, check
out our new switch guide: http://mail.google.com/mail/help/switch/
We're still working every day to improve Gmail, so we might ask for your
comments and suggestions periodically. We hope you'll like Gmail. We
do. And, it's only going to get better.
Thanks,
The Gmail Team
(If clicking the URLs in this message does not work, copy and paste them
into the address bar of your browser).
--- End Message ---
--- Begin Message ---
I guys,
I'm having some problems with the following.
I have a PHP Site working perfectly with HTML and CSS. The CSS runs
flawlessly in Firefox and Google Chrome. However, I'm having some
problems with Internet Explorer.
I'm not able to show it centered ( the .css is to show centered
content ) in any version of Internet Explorer. The CSS's Code is
available here[0].
Might be this is an Off-Topic question, however is closely related to
my PHP development.
If you know some hack or modification that I should do to make this
site compatible with IE, I would appreciate it a lot.
Thanks,
Juan
[0] http://pastebin.com/eLhz2CzM
--- End Message ---
--- Begin Message ---
At 10:30 AM -0300 5/15/10, Juan Rodriguez Monti wrote:
I guys,
I'm having some problems with the following.
I have a PHP Site working perfectly with HTML and CSS. The CSS runs
flawlessly in Firefox and Google Chrome. However, I'm having some
problems with Internet Explorer.
I'm not able to show it centered ( the .css is to show centered
content ) in any version of Internet Explorer. The CSS's Code is
available here[0].
Might be this is an Off-Topic question, however is closely related to
my PHP development.
If you know some hack or modification that I should do to make this
site compatible with IE, I would appreciate it a lot.
Thanks,
Juan
Juan:
Subscribe to the CSS discus list
(<http://lists.css-discuss.org/mailman/listinfo/css-d>) and post your
css questions there.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
On Sat, 2010-05-15 at 10:30 -0300, Juan Rodriguez Monti wrote:
> I guys,
> I'm having some problems with the following.
>
> I have a PHP Site working perfectly with HTML and CSS. The CSS runs
> flawlessly in Firefox and Google Chrome. However, I'm having some
> problems with Internet Explorer.
>
> I'm not able to show it centered ( the .css is to show centered
> content ) in any version of Internet Explorer. The CSS's Code is
> available here[0].
>
> Might be this is an Off-Topic question, however is closely related to
> my PHP development.
>
> If you know some hack or modification that I should do to make this
> site compatible with IE, I would appreciate it a lot.
>
> Thanks,
> Juan
>
> [0] http://pastebin.com/eLhz2CzM
>
Well, you haven't given a link to the site or mentioned what CSS you've
used, so I can only guess.
The traditional way to center an item (horizontally only) is to use
'margin: auto;' and give the element a width. This only works when the
parent element is a block level element with a width that is greater
than that of the object you are trying to center.
This will work in all the major browsers that support CSS.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
I am no CSS expert but at a first glance I dont see any Cross Browser
issues in your CSS code. Most likely you have a problem in the HTML
page itself.
--- End Message ---
--- Begin Message ---
Juan Rodriguez Monti wrote:
I guys,
I'm having some problems with the following.
I have a PHP Site working perfectly with HTML and CSS. The CSS runs
flawlessly in Firefox and Google Chrome. However, I'm having some
problems with Internet Explorer.
I'm not able to show it centered ( the .css is to show centered
content ) in any version of Internet Explorer. The CSS's Code is
available here[0].
Might be this is an Off-Topic question, however is closely related to
my PHP development.
If you know some hack or modification that I should do to make this
site compatible with IE, I would appreciate it a lot.
Thanks,
Juan
[0] http://pastebin.com/eLhz2CzM
Using your #container { ... } example. the only change I would make is
like this
body
{
text-align: center;
}
#container
{
margin: 0 auto;
width: 600px;
background:#fff;
text-align: left;
}
--
Jim Lucas
A: Maybe because some people are too annoyed by top-posting.
Q: Why do I not get an answer to my question(s)?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
--- End Message ---
--- Begin Message ---
Hi,
I'm in the search for resources for the next step in the information's age.
I think smartphones with GPS and the internet will be THE BIG BUSINESS next
years.
Because this is hard business I'm not able to get overview and resources
handly, except by selling my soul to the big companies. There is so much
information on the internet that one person can not find what out what is
real and what is not.
Can you send me links regarding GPS, maps, smartphones that PHP programmers
focus on? I'm asking for useful information at advanced level, even though
it links to other programming languages, graphics or big companies.
Regards,
Summi
from Iceland (...where the volcano stopped the world) J
--- End Message ---
--- Begin Message ---
Php Developer wrote:
Hi,
I found a good function at php.net that sends email with atachment, but
unfortunately i still cannot figure out how to send a body of the email too.
Here is the code:
function sendEmailWithAttachement($to, $subject, $message, $file)
{
if (strtoupper(substr(PHP_OS,0,3)=='WIN')) {
$eol="\r\n";
}
elseif (strtoupper(substr(PHP_OS,0,3)=='MAC')) {
$eol="\r";
}
else
{
$eol="\n";
}
$filename = basename($file);
What does the following do? Does it echo something to the screen?
displaymessage($filename);
$file_size = filesize($file);
$file_type = filetype($file);
displaymessage($file_size);
Shouldn't you be checking to see if the file exists and is readable
before you try opening it?
$handle = fopen($file, "rb");
$content = fread($handle, $file_size);
$content = chunk_split(base64_encode($content));
You should make sure ( strlen($content) !== 0 ) at this point.
fclose($handle);
# Common Headers
$headers = 'From: cont...@example.com'.$eol;
$headers .= 'Reply-To: cont...@example.com'.$eol;
$headers .= 'Return-Path: cont...@example.com'.$eol; // these two to set
reply address
$headers .= "Message-ID: <".time()."
TheSystem@".$_SERVER['SERVER_NAME'].">".$eol;
$headers .= "X-Mailer: PHP v".phpversion().$eol; // These two to help
avoid spam-filters
# Boundry for marking the split & Multitype Headers
$mime_boundary=md5(time());
$headers .= 'MIME-Version: 1.0'.$eol;
$headers .= "Content-Type: multipart/related;
boundary=\"".$mime_boundary."\"".$eol;
$msg = "";
# Attachment
$msg .= "--".$mime_boundary.$eol;
$msg .= "Content-Type: ".$file_type."; name=\"".$filename."\"".$eol; //
sometimes i have to send MS Word, use 'msword' instead of 'pdf'
$msg .= "Content-Transfer-Encoding: base64".$eol;
$msg .= $message;
Looks like you are missing some line endings on the above line.
Plus, why do the following lines require two EOL's but the above lines
only use one EOL?
$msg .= "Content-Disposition: attachment;
filename=\"".$filename."\"".$eol.$eol; // !! This line needs TWO end of lines !!
IMPORTANT !!
$msg .= $content.$eol.$eol;
# Setup for text OR html
$msg .= "Content-Type: multipart/alternative".$eol;
# Text Version
$msg .= "--".$mime_boundary.$eol;
$msg .= "Content-Type: text/plain; charset=iso-8859-1".$eol;
$msg .= "Content-Transfer-Encoding: 8bit".$eol;
$msg .= "This is a multi-part message in MIME format.".$eol;
$msg .= "If you are reading this, please update your
email-reading-software.".$eol;
$msg .= "+ + Text Only + +".$eol.$eol;
# Finished
$msg .= "--".$mime_boundary."--".$eol.$eol; // finish with two eol's for
better security. see Injection.
mail($to, $subject, $msg, $headers);
}
--
Jim Lucas
A: Maybe because some people are too annoyed by top-posting.
Q: Why do I not get an answer to my question(s)?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
--- End Message ---
