php-general Digest 21 May 2010 03:54:57 -0000 Issue 6755
Topics (messages 305358 through 305373):
Re: Question about a security function
305358 by: David Otton
305360 by: Al
305361 by: Ashley Sheridan
305362 by: Jim Lucas
305367 by: Al
305368 by: Ashley Sheridan
305369 by: Al
Re: Some undefined function errors
305359 by: Fernando
305363 by: Jim Lucas
305364 by: Giancarlo Boaron
305365 by: Giancarlo Boaron
305366 by: Ashley Sheridan
305370 by: Fernando
Re: How to get input from socket client
305371 by: Ryan Sun
Re: [GENERAL] [PHP] Some undefined function errors
305372 by: Ketema Harris
PDO don't know which is mysql server charset?
305373 by: cleverpig
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On 20 May 2010 15:52, Al <[email protected]> wrote:
> I agree blacklisting is a flawed approach in general. My approach is to
> strictly confine entry text to a whitelist of benign, acceptable tags. The
But that's not what you've done. You've blacklisted the following patterns:
"\<script\x20",
"\<embed\x20",
"\<object\x20",
'language="javascript"',
'type="text/javascript"',
'language="vbscript\"',
'type="text/vbscript"',
'language="vbscript"',
'type="text/tcl"',
"error_reporting\(0\)",//Most hacks I've seen make certain they turn
of error reporting
"\<?php",//Here for the heck of it.
and allowed everything else. A couple of examples:
You haven't blacklisted <iframe>
<IMG SRC="javascript:alert('XSS');"> would sail straight through that list.
I can't tell from that list alone, but are your checks
case-insensitive? Because <ScRipT> would pass through a case-sensitive
check.
We can go on like this all day, and at the end of it you still won't
be sure you've blacklisted everything.
The first answer at
http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
is related, also.
--- End Message ---
--- Begin Message ---
On 5/20/2010 11:23 AM, David Otton wrote:
On 20 May 2010 15:52, Al<[email protected]> wrote:
I agree blacklisting is a flawed approach in general. My approach is to
strictly confine entry text to a whitelist of benign, acceptable tags. The
But that's not what you've done. You've blacklisted the following patterns:
"\<script\x20",
"\<embed\x20",
"\<object\x20",
'language="javascript"',
'type="text/javascript"',
'language="vbscript\"',
'type="text/vbscript"',
'language="vbscript"',
'type="text/tcl"',
"error_reporting\(0\)",//Most hacks I've seen make certain they turn
of error reporting
"\<?php",//Here for the heck of it.
and allowed everything else. A couple of examples:
You haven't blacklisted<iframe>
<IMG SRC="javascript:alert('XSS');"> would sail straight through that list.
I can't tell from that list alone, but are your checks
case-insensitive? Because<ScRipT> would pass through a case-sensitive
check.
We can go on like this all day, and at the end of it you still won't
be sure you've blacklisted everything.
The first answer at
http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
is related, also.
I'm not being clear. First pass is thru the blacklist, which effectually tells
hacker to not bother and totally deletes the entry.
If the raw entry gets past the blacklist, it must then only contain my whitelist
tags. e.g., the two examples you cited were caught by the whitelist parser.
And yes, I'm using preg_match() with the "i" arg.
Note, my blacklist is not looking for tags per se, just the start of a bad tag.
My users are only suppose to be entering plain text with some nice highlighting
and lists, etc. The editor will not post anything else.
Al...
--- End Message ---
--- Begin Message ---
On Thu, 2010-05-20 at 11:51 -0400, Al wrote:
>
> On 5/20/2010 11:23 AM, David Otton wrote:
> > On 20 May 2010 15:52, Al<[email protected]> wrote:
> >
> >> I agree blacklisting is a flawed approach in general. My approach is to
> >> strictly confine entry text to a whitelist of benign, acceptable tags. The
> >
> > But that's not what you've done. You've blacklisted the following patterns:
> >
> > "\<script\x20",
> > "\<embed\x20",
> > "\<object\x20",
> > 'language="javascript"',
> > 'type="text/javascript"',
> > 'language="vbscript\"',
> > 'type="text/vbscript"',
> > 'language="vbscript"',
> > 'type="text/tcl"',
> > "error_reporting\(0\)",//Most hacks I've seen make certain they turn
> > of error reporting
> > "\<?php",//Here for the heck of it.
> >
> > and allowed everything else. A couple of examples:
> >
> > You haven't blacklisted<iframe>
> >
> > <IMG SRC="javascript:alert('XSS');"> would sail straight through that list.
> >
> > I can't tell from that list alone, but are your checks
> > case-insensitive? Because<ScRipT> would pass through a case-sensitive
> > check.
> >
> > We can go on like this all day, and at the end of it you still won't
> > be sure you've blacklisted everything.
> >
> > The first answer at
> > http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
> > is related, also.
>
> I'm not being clear. First pass is thru the blacklist, which effectually
> tells
> hacker to not bother and totally deletes the entry.
>
> If the raw entry gets past the blacklist, it must then only contain my
> whitelist
> tags. e.g., the two examples you cited were caught by the whitelist parser.
>
> And yes, I'm using preg_match() with the "i" arg.
>
> Note, my blacklist is not looking for tags per se, just the start of a bad
> tag.
> My users are only suppose to be entering plain text with some nice
> highlighting
> and lists, etc. The editor will not post anything else.
>
> Al...
>
How are you matching against your whitelist?
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Al wrote:
>
>
> On 5/20/2010 11:23 AM, David Otton wrote:
>> On 20 May 2010 15:52, Al<[email protected]> wrote:
>>
>>> I agree blacklisting is a flawed approach in general. My approach is to
>>> strictly confine entry text to a whitelist of benign, acceptable
>>> tags. The
>>
>> But that's not what you've done. You've blacklisted the following
>> patterns:
>>
>> "\<script\x20",
>> "\<embed\x20",
>> "\<object\x20",
>> 'language="javascript"',
>> 'type="text/javascript"',
>> 'language="vbscript\"',
>> 'type="text/vbscript"',
>> 'language="vbscript"',
>> 'type="text/tcl"',
>> "error_reporting\(0\)",//Most hacks I've seen make certain they turn
>> of error reporting
>> "\<?php",//Here for the heck of it.
>>
>> and allowed everything else. A couple of examples:
>>
>> You haven't blacklisted<iframe>
>>
>> <IMG SRC="javascript:alert('XSS');"> would sail straight through that
>> list.
>>
>> I can't tell from that list alone, but are your checks
>> case-insensitive? Because<ScRipT> would pass through a case-sensitive
>> check.
>>
>> We can go on like this all day, and at the end of it you still won't
>> be sure you've blacklisted everything.
>>
>> The first answer at
>> http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
>>
>> is related, also.
>
> I'm not being clear. First pass is thru the blacklist, which effectually
> tells hacker to not bother and totally deletes the entry.
>
> If the raw entry gets past the blacklist, it must then only contain my
> whitelist tags. e.g., the two examples you cited were caught by the
> whitelist parser.
What exactly does your whitelist parser do?
>
> And yes, I'm using preg_match() with the "i" arg.
>
> Note, my blacklist is not looking for tags per se, just the start of a
> bad tag. My users are only suppose to be entering plain text with some
> nice highlighting and lists, etc. The editor will not post anything else.
But who say I have to use your editor?
>
> Al...
>
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--- End Message ---
--- Begin Message ---
On 5/20/2010 12:02 PM, Jim Lucas wrote:
Al wrote:
On 5/20/2010 11:23 AM, David Otton wrote:
On 20 May 2010 15:52, Al<[email protected]> wrote:
I agree blacklisting is a flawed approach in general. My approach is to
strictly confine entry text to a whitelist of benign, acceptable
tags. The
But that's not what you've done. You've blacklisted the following
patterns:
"\<script\x20",
"\<embed\x20",
"\<object\x20",
'language="javascript"',
'type="text/javascript"',
'language="vbscript\"',
'type="text/vbscript"',
'language="vbscript"',
'type="text/tcl"',
"error_reporting\(0\)",//Most hacks I've seen make certain they turn
of error reporting
"\<?php",//Here for the heck of it.
and allowed everything else. A couple of examples:
You haven't blacklisted<iframe>
<IMG SRC="javascript:alert('XSS');"> would sail straight through that
list.
I can't tell from that list alone, but are your checks
case-insensitive? Because<ScRipT> would pass through a case-sensitive
check.
We can go on like this all day, and at the end of it you still won't
be sure you've blacklisted everything.
The first answer at
http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
is related, also.
I'm not being clear. First pass is thru the blacklist, which effectually
tells hacker to not bother and totally deletes the entry.
If the raw entry gets past the blacklist, it must then only contain my
whitelist tags. e.g., the two examples you cited were caught by the
whitelist parser.
What exactly does your whitelist parser do?
It posts an error message that shows the user what the error is [e.g.,
"<iframe> is an invalid tag. Your text cannot posted until all errors are
corrected."
Only when the submitted raw text passes the blacklist and whitelist, will the
raw text be saved and be available for on-the-fly conversion to html.
And yes, I'm using preg_match() with the "i" arg.
Note, my blacklist is not looking for tags per se, just the start of a
bad tag. My users are only suppose to be entering plain text with some
nice highlighting and lists, etc. The editor will not post anything else.
But who say I have to use your editor?
No one says you must by my editor.
Al...
I'm methodically going thru ha.ckers tests and so far my filters have caught
everything.
I greatly appreciate everyone's help.
--- End Message ---
--- Begin Message ---
On Thu, 2010-05-20 at 12:40 -0400, Al wrote:
>
> On 5/20/2010 12:02 PM, Jim Lucas wrote:
> > Al wrote:
> >>
> >>
> >> On 5/20/2010 11:23 AM, David Otton wrote:
> >>> On 20 May 2010 15:52, Al<[email protected]> wrote:
> >>>
> >>>> I agree blacklisting is a flawed approach in general. My approach is to
> >>>> strictly confine entry text to a whitelist of benign, acceptable
> >>>> tags. The
> >>>
> >>> But that's not what you've done. You've blacklisted the following
> >>> patterns:
> >>>
> >>> "\<script\x20",
> >>> "\<embed\x20",
> >>> "\<object\x20",
> >>> 'language="javascript"',
> >>> 'type="text/javascript"',
> >>> 'language="vbscript\"',
> >>> 'type="text/vbscript"',
> >>> 'language="vbscript"',
> >>> 'type="text/tcl"',
> >>> "error_reporting\(0\)",//Most hacks I've seen make certain they turn
> >>> of error reporting
> >>> "\<?php",//Here for the heck of it.
> >>>
> >>> and allowed everything else. A couple of examples:
> >>>
> >>> You haven't blacklisted<iframe>
> >>>
> >>> <IMG SRC="javascript:alert('XSS');"> would sail straight through that
> >>> list.
> >>>
> >>> I can't tell from that list alone, but are your checks
> >>> case-insensitive? Because<ScRipT> would pass through a case-sensitive
> >>> check.
> >>>
> >>> We can go on like this all day, and at the end of it you still won't
> >>> be sure you've blacklisted everything.
> >>>
> >>> The first answer at
> >>> http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
> >>>
> >>> is related, also.
> >>
> >> I'm not being clear. First pass is thru the blacklist, which effectually
> >> tells hacker to not bother and totally deletes the entry.
> >>
> >> If the raw entry gets past the blacklist, it must then only contain my
> >> whitelist tags. e.g., the two examples you cited were caught by the
> >> whitelist parser.
> >
> > What exactly does your whitelist parser do?
>
> It posts an error message that shows the user what the error is [e.g.,
> "<iframe> is an invalid tag. Your text cannot posted until all errors are
> corrected."
>
> Only when the submitted raw text passes the blacklist and whitelist, will the
> raw text be saved and be available for on-the-fly conversion to html.
>
>
> >
> >>
> >> And yes, I'm using preg_match() with the "i" arg.
> >>
> >> Note, my blacklist is not looking for tags per se, just the start of a
> >> bad tag. My users are only suppose to be entering plain text with some
> >> nice highlighting and lists, etc. The editor will not post anything else.
> >
> > But who say I have to use your editor?
>
> No one says you must by my editor.
>
> >
> >>
> >> Al...
> >>
> >
> >
>
> I'm methodically going thru ha.ckers tests and so far my filters have caught
> everything.
>
> I greatly appreciate everyone's help.
>
I think Jim meant how is your whitelist operating, not what it does to
the user. Posting a message saying that <iframe> tags are not allowed
sounds more like a blacklist type of behaviour.
A whitelist should consider the data sent from the user as bad, and only
allow it through if it meets certain criteria. By checking specifically
for an <iframe> tag and being able to warn the user specifically, you're
just using a blacklist not a whitelist.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
On 5/20/2010 12:43 PM, Ashley Sheridan wrote:
On Thu, 2010-05-20 at 12:40 -0400, Al wrote:
On 5/20/2010 12:02 PM, Jim Lucas wrote:
Al wrote:
On 5/20/2010 11:23 AM, David Otton wrote:
On 20 May 2010 15:52, Al<[email protected]> wrote:
I agree blacklisting is a flawed approach in general. My approach is to
strictly confine entry text to a whitelist of benign, acceptable
tags. The
But that's not what you've done. You've blacklisted the following
patterns:
"\<script\x20",
"\<embed\x20",
"\<object\x20",
'language="javascript"',
'type="text/javascript"',
'language="vbscript\"',
'type="text/vbscript"',
'language="vbscript"',
'type="text/tcl"',
"error_reporting\(0\)",//Most hacks I've seen make certain they turn
of error reporting
"\<?php",//Here for the heck of it.
and allowed everything else. A couple of examples:
You haven't blacklisted<iframe>
<IMG SRC="javascript:alert('XSS');"> would sail straight through that
list.
I can't tell from that list alone, but are your checks
case-insensitive? Because<ScRipT> would pass through a case-sensitive
check.
We can go on like this all day, and at the end of it you still won't
be sure you've blacklisted everything.
The first answer at
http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags
is related, also.
I'm not being clear. First pass is thru the blacklist, which effectually
tells hacker to not bother and totally deletes the entry.
If the raw entry gets past the blacklist, it must then only contain my
whitelist tags. e.g., the two examples you cited were caught by the
whitelist parser.
What exactly does your whitelist parser do?
It posts an error message that shows the user what the error is [e.g.,
"<iframe> is an invalid tag. Your text cannot posted until all errors are
corrected."
Only when the submitted raw text passes the blacklist and whitelist, will the
raw text be saved and be available for on-the-fly conversion to html.
And yes, I'm using preg_match() with the "i" arg.
Note, my blacklist is not looking for tags per se, just the start of a
bad tag. My users are only suppose to be entering plain text with some
nice highlighting and lists, etc. The editor will not post anything else.
But who say I have to use your editor?
No one says you must by my editor.
Al...
I'm methodically going thru ha.ckers tests and so far my filters have caught
everything.
I greatly appreciate everyone's help.
I think Jim meant how is your whitelist operating, not what it does to
the user. Posting a message saying that<iframe> tags are not allowed
sounds more like a blacklist type of behaviour.
A whitelist should consider the data sent from the user as bad, and only
allow it through if it meets certain criteria. By checking specifically
for an<iframe> tag and being able to warn the user specifically, you're
just using a blacklist not a whitelist.
Thanks,
Ash
http://www.ashleysheridan.co.uk
No, no, it's truly a whitelist. Every tag that is not in the list is designated
as not allowed. If anyone is interested here is my whitelist. I also use these
for html validity and nesting checking, etc. Note, they are listed by html type.
<img> and <a> use are very constrained. <img> can only point to an image file on
the server and <a> is checked for syntax and even that it points to a valid URL.
//region******** Usable XHTML elements for user entered raw text [Only these
XHTML tags can be used] ********
$inlineHtmlTagsArray = array('a', 'b', 'img', 'em', 'option', 'select', 'span',
'strong',); //Note img is both empty and inline
$blockHtmlTagsArray = array('div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'p',
'pre',);
$emptyHtmlTagsArray = array('br', 'hr', 'img',);
$listHtmlTagsArray = array('li', 'ol', 'ul');
$tableHtmlTagsArray = array('col', 'table', 'tbody', 'td', 'th', 'thead',
'tr',);
//endregion
--- End Message ---
--- Begin Message ---
Sorry I miss read the question.
It does seem that php is not picking up the pg module and cannot find
the functions.
I assume Postgresql is in fact installed at /usr/local/pgsql. If you
run phpinfo(); can you see that PG is installed?
On 20/05/2010 10:46, Giancarlo Boaron wrote:
**
I make the function call in a php file. I'm not using stored procedures.
If I create an empty php file and put only some of these functions,
Apache reports de 'call to undefined function XXX'.
--- Em *qui, 20/5/10, Fernando /<[email protected]>/* escreveu:
De: Fernando <[email protected]>
Assunto: Re: [GENERAL] [PHP] Some undefined function errors
Para: [email protected]
Data: Quinta-feira, 20 de Maio de 2010, 11:25
Are you calling store procedures that return cursors? I had this
problem with cursors because the transaction gets committed and
the cursor closed after they return. Mind you I had the problem
on .NET using npgsql, so I might be way off.
Cheers
On 20/05/2010 10:05, Giancarlo Boaron wrote:
Hi all.
Recently, I wrote an email about the problem I was having with some Postgres functions that
when those functions were called, I received the following error: "Call to undefined
function<function_name>".
After some answers, I decided to rebuild a brand new linux virtual machine
with Apache + PHP + Postgres, but I still get this annoying error messege with
some functions like pg_prepare() and pg_escape_string().
I compiled Postgres with --without-readline option.
I compiled PHP with --with-apxs2=/usr/local/apache2/bin/apxs and
--with-pgsql=/usr/local/pgsql/
And the compilation process has no errors.
What am I doing wrong? Do I have to change something in php_config.h file?
If so, what do I have to change?
Thank you.
--- End Message ---
--- Begin Message ---
Giancarlo Boaron wrote:
> Hi all.
>
> Recently, I wrote an email about the problem I was having with some Postgres
> functions that when those functions were called, I received the following
> error: "Call to undefined function <function_name>".
>
> After some answers, I decided to rebuild a brand new linux virtual machine
> with Apache + PHP + Postgres, but I still get this annoying error messege
> with some functions like pg_prepare() and pg_escape_string().
>
> I compiled Postgres with --without-readline option.
> I compiled PHP with --with-apxs2=/usr/local/apache2/bin/apxs and
> --with-pgsql=/usr/local/pgsql/
>
> And the compilation process has no errors.
>
> What am I doing wrong? Do I have to change something in php_config.h file? If
> so, what do I have to change?
>
> Thank you.
>
>
>
>
Depending on what version of apache you are running, you need to make sure that
you are loading the pgsql.so file or have the psql.ini file in your
/var/www/conf/php5/ directory.
This way it knows to load pg.
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--- End Message ---
--- Begin Message ---
Yes. Phpinfo() tells me it's ok:
pgsql
PostgreSQL Support enabled
PostgreSQL(libpq) Version 8.4.4
Multibyte character support disabled
SSL support enabled
Active Persistent Links 0
Active Links 0
Directive Local Value Master Value
pgsql.allow_persistent On On
pgsql.auto_reset_persistent Off Off
pgsql.ignore_notice Off Off
pgsql.log_notice Off Off
pgsql.max_links Unlimited Unlimited
pgsql.max_persistent Unlimited Unlimited
My PHP version is 5.3.2.
My PostgreSQL version is 8.4.4 and I'm running the server under the restrict
'postgres' user privileges since I can't run the daemon process as 'root'.
Thank you for some help.
--- Em qui, 20/5/10, Fernando <[email protected]> escreveu:
> De: Fernando <[email protected]>
> Assunto: Re: [PHP] Some undefined function errors
> Para: [email protected]
> Data: Quinta-feira, 20 de Maio de 2010, 12:23
> Sorry I miss read the
> question.
>
> It does seem that php is not picking up the pg module and
> cannot find
> the functions.
>
> I assume Postgresql is in fact installed at
> /usr/local/pgsql. If you
> run phpinfo(); can you see that PG is installed?
>
> On 20/05/2010 10:46, Giancarlo Boaron wrote:
> > **
> > I make the function call in a php file. I'm not using
> stored procedures.
> > If I create an empty php file and put only some of
> these functions,
> > Apache reports de 'call to undefined function XXX'.
> >
> > --- Em *qui, 20/5/10, Fernando /<[email protected]>/*
> escreveu:
> >
> >
> > De: Fernando <[email protected]>
> > Assunto: Re: [GENERAL] [PHP]
> Some undefined function errors
> > Para: [email protected]
> > Data: Quinta-feira, 20 de Maio
> de 2010, 11:25
> >
> > Are you calling store
> procedures that return cursors? I had this
> > problem with cursors because
> the transaction gets committed and
> > the cursor closed after they
> return. Mind you I had the problem
> > on .NET using npgsql, so I
> might be way off.
> >
> > Cheers
> >
> > On 20/05/2010 10:05, Giancarlo
> Boaron wrote:
> >> Hi all.
> >>
> >> Recently, I wrote an email
> about the problem I was having with some Postgres functions
> that when those functions were called, I received the
> following error: "Call to undefined
> function<function_name>".
> >>
> >> After some answers, I
> decided to rebuild a brand new linux virtual machine with
> Apache + PHP + Postgres, but I still get this annoying error
> messege with some functions like pg_prepare() and
> pg_escape_string().
> >>
> >> I compiled Postgres with
> --without-readline option.
> >> I compiled PHP with
> --with-apxs2=/usr/local/apache2/bin/apxs and
> --with-pgsql=/usr/local/pgsql/
> >>
> >> And the compilation
> process has no errors.
> >>
> >> What am I doing wrong? Do
> I have to change something in php_config.h file? If so, what
> do I have to change?
> >>
> >> Thank you.
> >>
> >>
> >>
> >>
> >>
> >
> >
>
--- End Message ---
--- Begin Message ---
Hi Jim.
I think it depends on each server configuration but I checked in my server and
I don't have the 'pgsql.so' and 'psql.ini' files and neither the 'www'
directory.
My Apache version is 2.2.15 and my root directory is /usr/local/apache2/htdocs.
Thank you.
--- Em qui, 20/5/10, Jim Lucas <[email protected]> escreveu:
> De: Jim Lucas <[email protected]>
> Assunto: Re: [PHP] Some undefined function errors
> Para: "Giancarlo Boaron" <[email protected]>
> Cc: [email protected], [email protected],
> [email protected]
> Data: Quinta-feira, 20 de Maio de 2010, 13:04
> Giancarlo Boaron wrote:
> > Hi all.
> >
> > Recently, I wrote an email about the problem I was
> having with some Postgres functions that when those
> functions were called, I received the following error: "Call
> to undefined function <function_name>".
> >
> > After some answers, I decided to rebuild a brand new
> linux virtual machine with Apache + PHP + Postgres, but I
> still get this annoying error messege with some functions
> like pg_prepare() and pg_escape_string().
> >
> > I compiled Postgres with --without-readline option.
> > I compiled PHP with
> --with-apxs2=/usr/local/apache2/bin/apxs and
> --with-pgsql=/usr/local/pgsql/
> >
> > And the compilation process has no errors.
> >
> > What am I doing wrong? Do I have to change something
> in php_config.h file? If so, what do I have to change?
> >
> > Thank you.
> >
> >
> >
> >
>
> Depending on what version of apache you are running, you
> need to make sure that
> you are loading the pgsql.so file or have the psql.ini file
> in your
> /var/www/conf/php5/ directory.
>
> This way it knows to load pg.
>
> --
> Jim Lucas
>
> "Some men are born to greatness, some
> achieve greatness,
> and some have greatness
> thrust upon them."
>
> Twelfth Night, Act II, Scene V
> by William Shakespeare
>
--- End Message ---
--- Begin Message ---
On Thu, 2010-05-20 at 09:21 -0700, Giancarlo Boaron wrote:
> Hi Jim.
>
> I think it depends on each server configuration but I checked in my server
> and I don't have the 'pgsql.so' and 'psql.ini' files and neither the 'www'
> directory.
>
> My Apache version is 2.2.15 and my root directory is
> /usr/local/apache2/htdocs.
>
> Thank you.
>
>
> --- Em qui, 20/5/10, Jim Lucas <[email protected]> escreveu:
>
> > De: Jim Lucas <[email protected]>
> > Assunto: Re: [PHP] Some undefined function errors
> > Para: "Giancarlo Boaron" <[email protected]>
> > Cc: [email protected], [email protected],
> > [email protected]
> > Data: Quinta-feira, 20 de Maio de 2010, 13:04
> > Giancarlo Boaron wrote:
> > > Hi all.
> > >
> > > Recently, I wrote an email about the problem I was
> > having with some Postgres functions that when those
> > functions were called, I received the following error: "Call
> > to undefined function <function_name>".
> > >
> > > After some answers, I decided to rebuild a brand new
> > linux virtual machine with Apache + PHP + Postgres, but I
> > still get this annoying error messege with some functions
> > like pg_prepare() and pg_escape_string().
> > >
> > > I compiled Postgres with --without-readline option.
> > > I compiled PHP with
> > --with-apxs2=/usr/local/apache2/bin/apxs and
> > --with-pgsql=/usr/local/pgsql/
> > >
> > > And the compilation process has no errors.
> > >
> > > What am I doing wrong? Do I have to change something
> > in php_config.h file? If so, what do I have to change?
> > >
> > > Thank you.
> > >
> > >
> > >
> > >
> >
> > Depending on what version of apache you are running, you
> > need to make sure that
> > you are loading the pgsql.so file or have the psql.ini file
> > in your
> > /var/www/conf/php5/ directory.
> >
> > This way it knows to load pg.
> >
> > --
> > Jim Lucas
> >
> > "Some men are born to greatness, some
> > achieve greatness,
> > and some have greatness
> > thrust upon them."
> >
> > Twelfth Night, Act II, Scene V
> > by William Shakespeare
> >
>
>
>
>
I've generally found these sorts of things to be in /etc/php, /etc/php5
or something similar. Within /etc you should see directories for both
Apache and PHP. If you have shell access to the machine, try calling a
whereis command, which might give you a better idea of where things are
kept in your system.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
So php is loading pg. How are you calling these functions? Can you
connect or does pg_connect() gives the same error?
On 20/05/2010 12:10, Giancarlo Boaron wrote:
Yes. Phpinfo() tells me it's ok:
pgsql
PostgreSQL Support enabled
PostgreSQL(libpq) Version 8.4.4
Multibyte character support disabled
SSL support enabled
Active Persistent Links 0
Active Links 0
Directive Local Value Master Value
pgsql.allow_persistent On On
pgsql.auto_reset_persistent Off Off
pgsql.ignore_notice Off Off
pgsql.log_notice Off Off
pgsql.max_links Unlimited Unlimited
pgsql.max_persistent Unlimited Unlimited
My PHP version is 5.3.2.
My PostgreSQL version is 8.4.4 and I'm running the server under the restrict
'postgres' user privileges since I can't run the daemon process as 'root'.
Thank you for some help.
--- Em qui, 20/5/10, Fernando<[email protected]> escreveu:
De: Fernando<[email protected]>
Assunto: Re: [PHP] Some undefined function errors
Para: [email protected]
Data: Quinta-feira, 20 de Maio de 2010, 12:23
Sorry I miss read the
question.
It does seem that php is not picking up the pg module and
cannot find
the functions.
I assume Postgresql is in fact installed at
/usr/local/pgsql. If you
run phpinfo(); can you see that PG is installed?
On 20/05/2010 10:46, Giancarlo Boaron wrote:
**
I make the function call in a php file. I'm not using
stored procedures.
If I create an empty php file and put only some of
these functions,
Apache reports de 'call to undefined function XXX'.
--- Em *qui, 20/5/10, Fernando /<[email protected]>/*
escreveu:
De: Fernando<[email protected]>
Assunto: Re: [GENERAL] [PHP]
Some undefined function errors
Para: [email protected]
Data: Quinta-feira, 20 de Maio
de 2010, 11:25
Are you calling store
procedures that return cursors? I had this
problem with cursors because
the transaction gets committed and
the cursor closed after they
return. Mind you I had the problem
on .NET using npgsql, so I
might be way off.
Cheers
On 20/05/2010 10:05, Giancarlo
Boaron wrote:
Hi all.
Recently, I wrote an email
about the problem I was having with some Postgres functions
that when those functions were called, I received the
following error: "Call to undefined
function<function_name>".
After some answers, I
decided to rebuild a brand new linux virtual machine with
Apache + PHP + Postgres, but I still get this annoying error
messege with some functions like pg_prepare() and
pg_escape_string().
I compiled Postgres with
--without-readline option.
I compiled PHP with
--with-apxs2=/usr/local/apache2/bin/apxs and
--with-pgsql=/usr/local/pgsql/
And the compilation
process has no errors.
What am I doing wrong? Do
I have to change something in php_config.h file? If so, what
do I have to change?
Thank you.
--- End Message ---
--- Begin Message ---
Thanks for your reply
> First, I don't think feof() will do what you think it does. I
> wouldn't expect it to show up until after the other end has actually
> closed the connection.
I found unread_bytes in stream_get_meta_data should be more reliable
> TCP is a stream protocol, there
> are no guarantees about delivering a complete message in one read, or
> that two writes won't be read together. It only guarantees that all
> octets will eventually be delivered in the same order they were sent, or
> you will get an error.
thanks 4 pointing out the difference between tcp and udp, I had learnt a lot ^^
>The other problem has to do with thinking an fread() will always give
>you everything you sent in an fwrite()
Interestingly, I use 'telnet 127.0.0.1 1037' for testing later(on
windows) and everything works, the php server got the input from
telnet client, so I assume there is something wrong in the php client,
the fwrite statement...
--- End Message ---
--- Begin Message ---
you might want to also check your architecture flags for your compiler.
i ran into this problem on a mac when I was compiling php and by default it
tries to make a 32 bit and 64 bit binary, but pg was compiled as 64 bit only.
I found that the php compile did not fail, but i was "missing" some functions
just like you. when I recompiled php only 64 bit everything was picked up.
I found that watching the configure output gave indication as to whether or not
certain functions will be picked up:
PQescapeString
PQunescapeBytea
PQsetnonblocking
PQcmdTuples
PQoidValue
PQclientEncoding
PQparameterStatus
PQprotocolVersion
PQtransactionStatus
PQexecParams
PQprepare
PQexecPrepared
PQresultErrorField
PQsendQueryParams
PQsendPrepare
PQsendQueryPrepared
PQputCopyData
PQputCopyEnd
PQgetCopyData
PQfreemem
PQsetErrorVerbosity
PQftable
PQescapeStringConn
PQescapeByteaConn
pg_encoding_to_char
If you see these thigns set to NO even after PostgreSQL support says yes, then
you know you wont be getting all the functions.
Ketema J. Harris
[email protected]
[email protected] (Jabber)
http://www.ketema.net
[email protected] - VoIP
407-459-4809 - main
603-413-2882 - fax
On May 20, 2010, at 12:26 PM, Ashley Sheridan wrote:
> On Thu, 2010-05-20 at 09:21 -0700, Giancarlo Boaron wrote:
>>
>> Hi Jim.
>>
>> I think it depends on each server configuration but I checked in my server
>> and I don't have the 'pgsql.so' and 'psql.ini' files and neither the 'www'
>> directory.
>>
>> My Apache version is 2.2.15 and my root directory is
>> /usr/local/apache2/htdocs.
>>
>> Thank you.
>>
>>
>> --- Em qui, 20/5/10, Jim Lucas <[email protected]> escreveu:
>>
>> > De: Jim Lucas <[email protected]>
>> > Assunto: Re: [PHP] Some undefined function errors
>> > Para: "Giancarlo Boaron" <[email protected]>
>> > Cc: [email protected], [email protected],
>> > [email protected]
>> > Data: Quinta-feira, 20 de Maio de 2010, 13:04
>> > Giancarlo Boaron wrote:
>> > > Hi all.
>> > >
>> > > Recently, I wrote an email about the problem I was
>> > having with some Postgres functions that when those
>> > functions were called, I received the following error: "Call
>> > to undefined function <function_name>".
>> > >
>> > > After some answers, I decided to rebuild a brand new
>> > linux virtual machine with Apache + PHP + Postgres, but I
>> > still get this annoying error messege with some functions
>> > like pg_prepare() and pg_escape_string().
>> > >
>> > > I compiled Postgres with --without-readline option.
>> > > I compiled PHP with
>> > --with-apxs2=/usr/local/apache2/bin/apxs and
>> > --with-pgsql=/usr/local/pgsql/
>> > >
>> > > And the compilation process has no errors.
>> > >
>> > > What am I doing wrong? Do I have to change something
>> > in php_config.h file? If so, what do I have to change?
>> > >
>> > > Thank you.
>> > >
>> > >
>> > >
>> > >
>> >
>> > Depending on what version of apache you are running, you
>> > need to make sure that
>> > you are loading the pgsql.so file or have the psql.ini file
>> > in your
>> > /var/www/conf/php5/ directory.
>> >
>> > This way it knows to load pg.
>> >
>> > --
>> > Jim Lucas
>> >
>> > "Some men are born to greatness, some
>> > achieve greatness,
>> > and some have greatness
>> > thrust upon them."
>> >
>> > Twelfth Night, Act II, Scene V
>> > by William Shakespeare
>> >
>>
>>
>>
>>
>
> I've generally found these sorts of things to be in /etc/php, /etc/php5 or
> something similar. Within /etc you should see directories for both Apache and
> PHP. If you have shell access to the machine, try calling a whereis command,
> which might give you a better idea of where things are kept in your system.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
--- End Message ---
--- Begin Message ---
hi, everybody!
I encountered a problem using the PDO:
My mysql charset is utf-8, when using PDO's prepare () and statement’s
execute() methods,
there is not the correct encoding resultset:
$ Statement = $ pdo-> prepare ("SELECT * FROM guests ORDER BY?");
$ Statement-> execute (array ('lname'));
while ($ row = $ statement-> fetch (PDO:: FETCH_ASSOC)) (
echo $ row ['fname']. "". $ row ['lname'];
)
But when I was make charset_set_results to be gbk, everything was normal:
$ Pdo-> exec ('SET character_set_results = gbk');
If PDO don't know which charset is fit to me,it will use default
charset(utf-8)?This is really mysql server charset!
Anybody help me?Thanks!
PS: I am using wamp (php5.3.1)
--
cleverpig(Dan)
Location: Beijing
Address: Room 4018,No.A2 South Avenue Fuxingmen Beijing,P.R.China
Zipcode: 100031
MSN: [email protected]
QQ: 149291732
Skype: cleverpigatmatrix
Facebook ID:cleverpig
Blog: cleverpig.name/dan/
Tags: del.icio.us/cleverpig
Twitter: twitter.com/cleverpig
新浪微博: t.sina.com.cn/cleverpig
Organization: www.beijing-open-party.org
or...@facebook: http://www.facebook.com/group.php?gid=8159558294
--- End Message ---
