php-general Digest 1 Dec 2010 14:50:45 -0000 Issue 7064
Topics (messages 309782 through 309786):
Re: PHP shows nothing
309782 by: Mohammad Taghi Khalifeh
Re: LDAP, Active Directory, and permissions
309783 by: Chris Knipe
309784 by: Tommy Pham
309785 by: Bob McConnell
$_POST issues
309786 by: Bundhoo M Nadim
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Daniel
On Wed, Dec 1, 2010 at 1:28 AM, Daniel P. Brown
<[email protected]>wrote:
> On Tue, Nov 30, 2010 at 16:51, Mohammad Taghi Khalifeh
> <[email protected]> wrote:
> > it seems that the problem is in pg_connect().
>
> Do you have PostgreSQL support compiled into PHP?
>
> Command line:
> php -i | egrep -i 'postgres|pgsql'
>
> Web:
> <?php phpinfo(); /* Check in a browser for 'pgsql' or 'postgres' */
> ?>
>
In Command line output, there was --with-pgsql=shared and
--with-pdo-pgsql=shared,
but phpinfo() did not load any library related to pgsql. so I figured out
that some libraries are not installed.
Installing php-pgsql package from fedora repos, problem solved.
Thank you so much for your help: it works for me very well. :)
Other thing that I want to know is that,
somewhere<http://us2.php.net/manual/en/pdo.installation.php>I read
that loading pdo drivers
as shared libraries are not recommended. whats wrong with that? and how can
I change that?
Mohammad
--- End Message ---
--- Begin Message ---
Hi,
> Chris,
>
> 1) Shouldn't the OU security permissions be set within the AD itself?
> 2) If the above is done, then the user account that's being authenticated
> shouldn't be able to access privileged information.
1) Not sure. The permissions I'm after is similar to that of NTFS
permissions on the file system. Essentially, it is a way to restrict an
application to read certain OU's or Objects completely, making it invisible.
FYI... http://technet.microsoft.com/en-us/library/cc785913(WS.10).aspx
2) This is completely irrelevant to authentication. See point 1 above.
> Just curious, are you using phpldapadmin?
A modified version of adLDAP, http://adldap.sourceforge.net/
Regards,
Chris.
--- End Message ---
--- Begin Message ---
> -----Original Message-----
> From: Chris Knipe [mailto:[email protected]] On Behalf Of Chris Knipe
> Sent: Tuesday, November 30, 2010 10:52 PM
> To: [email protected]
> Subject: RE: [PHP] LDAP, Active Directory, and permissions
>
> Hi,
>
> > Chris,
> >
> > 1) Shouldn't the OU security permissions be set within the AD itself?
> > 2) If the above is done, then the user account that's being
> > authenticated shouldn't be able to access privileged information.
>
> 1) Not sure. The permissions I'm after is similar to that of NTFS
permissions
> on the file system. Essentially, it is a way to restrict an application
to read
> certain OU's or Objects completely, making it invisible.
> FYI... http://technet.microsoft.com/en-us/library/cc785913(WS.10).aspx
I guess you didn't read far down enough to 'User Authentication': 'Active
Directory ... to access objects...' (Note that every OU is the same any
network resource.) That's exactly what I mentioned. OU security settings
is similar to NTFS, user/group with the lesser privilege applies.
>
> 2) This is completely irrelevant to authentication. See point 1 above.
It's completely relevant, if you set the permissions on the OUs. (How do you
think have the access permission to the OUs? Are a domain/enterprise admin?
Create a test a user account and an OU. Set the security permissions. Test
with the user account on accessing that OU and compare it to a domain admin
account.) The app that logins under a certain account would be restricted to
the set permissions. If the users are using the PHP app then the app should
be passing the user's authentication along to AD for authentication instead
of a network service type account to login and then validate user's
authentication to see if the user is a valid. Thus the security is
maintained/restricted to each individual login. (Think of as network share
mapping. You can login to a share and still change to a different user
account afterwards.) If you try to do a work around in C# or a DLL of some
type as you mentioned earlier, you'll have to do the same thing. So, I
strongly suggest you look into the adLDAP and modify accordingly if the app
isn't behaving as I mentioned. Also, look into these [1] & [2].
>
> > Just curious, are you using phpldapadmin?
>
> A modified version of adLDAP, http://adldap.sourceforge.net/
>
> Regards,
> Chris.
>
Regards,
Tommy
[1] http://support.microsoft.com/kb/320528
[2] http://support.microsoft.com/kb/326690
--- End Message ---
--- Begin Message ---
From: Chris Knipe
> I've found various sources and are successfully manipulating Active
> Directory from PHP on our Domain Controller - frankly, things works
much
> better than I expected :)
>
> I have now reached the point where I need to set permissions on
objects in
> Active Directory, i.e. to restrict read permissions to certain OUs and
> objects within the directory (mainly related to Exchange stuff).
>
> Is there anything in PHP which can be used to set permissions on AD
> objects? I haven't found any reference to doing this anywhere, so I
thought
> I'd give it a chance here... If not, then I suppose I'll have to code
some
> ..NET application to act as a gateway between the PHP interface and
Active
> Directory, but naturally I would like to do as much as possible from
within
> PHP itself.
I don't know about your IT group, but around here and at any of our
clients, they will never allow anyone outside their office modify access
rights, or add users. It takes a written request by a manager or above
to get them to make any changes, and each request must include the
reasons for the change.
No we cannot use the master LDAP server for testing. We have a couple of
OpenLDAP servers isolated on our test networks for that. But even those
have to be managed directly. No application is allowed to do more than
retrieve data.
Bob McConnell
--- End Message ---
--- Begin Message ---
Hello,
Can someone explain me what this piece of code basically does ?
<?php
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (0*60)) .
"GMT");
header("Pragma: no-cache");
print "REDIRECT=http://www.domaine.com/page.php?";;
$param = http_build_query($_POST);
print $param;
exit(0);
?>
Well, the code is redirecting to some page with query string constructed
using the $_POST data.
My problem is not the redirection; but all I want is to get the data in
$_POST
If I just put only this piece of code:
<?php
var_dump($_POST);
?>
i get nothing. But the above codes is successfully redirecting me to
page.php with a properly constructed query string -> which means that
$_POST was never empty. So why var_dump($_POST) is returning just
array(0) { } ???
nadim attari
alienworkers.com
--- End Message ---
