php-general Digest 19 Nov 2010 07:18:38 -0000 Issue 7044
Topics (messages 309561 through 309569):
Secure PHP Code
309561 by: Kaushal Shriyan
309562 by: Daniel P. Brown
309563 by: Richard West
PHP 5.2.15RC1 & 5.3.4RC1 Released for Testing
309564 by: Johannes Schlüter
Re: I am a Windows programmer and getting started on PHP
309565 by: Daevid Vincent
smary assign var
309566 by: Tontonq Tontonq
309567 by: Ashley Sheridan
309568 by: admin.buskirkgraphics.com
PHP Sockets, problem with remote execution (exec/system)
309569 by: Ronny Tiebel
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Hi,
Can the php source code be secured ?
Thanks
Kaushal
--- End Message ---
--- Begin Message ---
On Thu, Nov 18, 2010 at 12:12, Kaushal Shriyan <[email protected]> wrote:
> Hi,
>
> Can the php source code be secured ?
When you say "secured," what do you mean? Obfuscated? Encoded?
Compiled? Tightened against attack?
Regardless, the answer is yes. You just need to be specific about
your definition of "secured" and plug that into Google so you can help
yourself.
--
</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/
--- End Message ---
--- Begin Message ---
Be sure to compile with hardened suhosin patch...
RD
On Nov 18, 2010, at 12:12 PM, Kaushal Shriyan wrote:
> Hi,
>
> Can the php source code be secured ?
>
> Thanks
>
> Kaushal
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
The first release candidates of 5.2.15 and 5.3.4 were just released
for testing and can be downloaded here:
http://downloads.php.net/ilia/php-5.2.15RC1.tar.bz2 (md5sum:
9b2c632427a533fdb3946081c7c382c2)
http://downloads.php.net/johannes/php-5.3.4RC1.tar.bz2 (md5sum:
2edb695f94ef41cc9cfa35777b2656ec)
The windows binaries are available at: http://windows.php.net/qa/
This is the first step in the release process of both versions and goal
is, depending on feedback, having a 2nd RC two weeks from now. We aim at
having final releases around mid December. Majority of the changes for
both versions are of the "bug fix" variety. To ensure that the release
is solid, please test this RC against your code base and report any
problems that you encounter. Please also note that 5.2.15 is supposed to
be the final release from that series.
Ilia Alshanetsky Johannes Schlüter
PHP 5.2 Release Master PHP 5.3 Release Master
--- End Message ---
--- Begin Message ---
> -----Original Message-----
> Subject: [PHP] I am a Windows programmer and getting started
> on PHP. What is the easiest way of getting started? Most of
> the stuff I encounter seems to be very Linux specific.
>
> I am a Windows programmer and getting started on PHP. What is
> the easiest way of
> getting started? Most of the stuff I encounter seems to be
> very Linux specific.
Personally, I would avoid XAMP and those hacks to run apache and PHP on
your XP (or vista or win7 or whatever). I'd say the vast majority of PHP
developers are LAMP developers so get used to Linux at least enough to move
around the file-system and know where to put files (/var/www/ or
~/public_html etc). With that in mind, I would look for either a pre-built
VM. VirtualBox is free and VERY easy/robust. Also VMWare is outstanding and
they have a free "player" and eight bajillion pre-made VM appliance setups:
http://www.virtualbox.org/
http://www.munkyonline.com/articles/lamp-ubuntu-server-on-virtualbox.html
http://www.vmware.com/products/player/
http://www.vmware.com/appliances/directory/cat/0?k=lamp
I also strongly suggest you setup your VM to use samba shares so it's easy
to edit/save/view your files without some tedious FTP or SCP step.
-Daevid.
P.S. I'd also limit your email subject lines to a simple sentence or less.
Not a paragraph!
--- End Message ---
--- Begin Message ---
hi guys
i have 2x sub value
[reduction] => 4
[price_without_reduction] => 22
[price] => 18
and i want to calculate how much i did reduction percent
{assign var='yuzde' value=$product.reduction*100}
{assign var='yuzde' value=$yuzde/$product.price_without_reduction}
-{$yuzde|truncate:3:''|escape:'htmlall':'UTF-8'}%
when i escape only 3 chars i see some products returns
like "-18.%"
when i escape only 2 chars
i get e result like
"-5.%"
so is there a way to round that value to int not float?
--- End Message ---
--- Begin Message ---
On Fri, 2010-11-19 at 00:59 +0100, Tontonq Tontonq wrote:
> hi guys
> i have 2x sub value
>
> [reduction] => 4
> [price_without_reduction] => 22
> [price] => 18
>
> and i want to calculate how much i did reduction percent
>
> {assign var='yuzde' value=$product.reduction*100}
> {assign var='yuzde' value=$yuzde/$product.price_without_reduction}
>
> -{$yuzde|truncate:3:''|escape:'htmlall':'UTF-8'}%
> when i escape only 3 chars i see some products returns
> like "-18.%"
> when i escape only 2 chars
> i get e result like
> "-5.%"
>
> so is there a way to round that value to int not float?
Is there any PHP in there, because I'm not seeing it...
Thanks,
Ash
http://www.ashleysheridan.co.uk
--- End Message ---
--- Begin Message ---
Taking what I understand from C, I think you are looking for this equivalent
in php.
$product = array('reduction'=>'4','price_without_reduction'=>'22','price
'=>'18')
$yuzde = $product['reduction']*100;
$yuzde = round($yuzde / $product['price_without_reduction']);
Echo $yuzde;
This is no reason to truncate or escape html since the strings do not
contain them.
I might suggest you read
http://www.php.net/manual/en/function.round.php
for a better understand the precision options with round.
Richard L. Buskirk
-----Original Message-----
From: Tontonq Tontonq [mailto:[email protected]]
Sent: Thursday, November 18, 2010 6:59 PM
To: PHP General Mailing List
Subject: [PHP] smary assign var
hi guys
i have 2x sub value
[reduction] => 4
[price_without_reduction] => 22
[price] => 18
and i want to calculate how much i did reduction percent
{assign var='yuzde' value=$product.reduction*100}
{assign var='yuzde' value=$yuzde/$product.price_without_reduction}
-{$yuzde|truncate:3:''|escape:'htmlall':'UTF-8'}%
when i escape only 3 chars i see some products returns
like "-18.%"
when i escape only 2 chars
i get e result like
"-5.%"
so is there a way to round that value to int not float?
--- End Message ---
--- Begin Message ---
Good Morning List ;)
ive allready postet my question on the german phpbar mailinglist, but no
responses from anyone yet. i hope someone on that list could give me an
advice or hint.
i'm writing a php-daemon which will run on a debian lenny/squeeze.
this daemon should listen to a specific port of a
vpn-interface/ip-address (it creates a socket)
if the daemon script recieves a string from my management webinterface
(other server) it should run some code e.g. exec('/etc/init.d/apache2
restart'); or system('something'); or whatever.
i got it working, but there is a (for me) strange behavior. After the
daemon has restarted the apache2 service for example and the php daemon
is stoped, the apache2 process takes over the socket. that means, in
`netstat -tulpen` or `netstat -anp` i first can see something like that:
tcp 0 0 10.0.0.1:8133 0.0.0.0:* LISTEN 29168/php
tcp6 0 0 :::80 :::* LISTEN 29155/apache2
after the daemon has restarted apache2 and stops itself (or i have to
kill him), netstat shows up the following:
tcp 0 0 10.0.0.1:8133 0.0.0.0:* LISTEN 31490/apache2
tcp6 0 0 :::80 :::* LISTEN 31490/apache2
so i cant restart the daemon because apache uses that port/ip (or socket?)
after invoking "/etc/init.d/apache2 restart" on the shell, everything is
fine again and im able to start the daemon. btw, the same with the
openvpn service. (mysql doesnt act like apache or openvpn).
Am i missing something? Or is that the default behavior of
linux/apache/php/sockets ???
Additional Information about OS etc.
Server/Client Debian Lenny Apache 2.2.9 PHP 5.2.6-1+lenny9 with
Suhosin-Patch 0.9.6.2 (cli) (built: Aug 4 2010 06:06:53)
Client/Server Ubuntu Lucid Apache 2.2.14 PHP 5.3.2-1ubuntu4.5 with
Suhosin-Patch (cli) (built: Sep 17 2010 13:49:46)
Ive tested it both way: Ubuntu as Server, Debian as Client and vice versa.
The Ubuntu System (my workstation) is in our Office and the Debian
System is in the datacentre@ our provider...
Any help would be great!
Thanks in advance,
kind regards
Ronny
--- End Message ---
