php-general Digest 30 Aug 2003 10:43:43 -0000 Issue 2267

Sat, 30 Aug 2003 10:44:47 +0000 

php-general Digest 30 Aug 2003 10:43:43 -0000 Issue 2267

Topics (messages 161198 through 161238):

Re: Gripe
        161198 by: John W. Holmes
        161199 by: Chris Shiflett
        161201 by: Chris W. Parker
        161202 by: Chris W. Parker
        161205 by: Curt Zirzow
        161208 by: Chris W. Parker
        161213 by: Chris Shiflett

Re: jpeg libraries.
        161200 by: Jason Wong

Apache and forward slash
        161203 by: Christian Calloway
        161218 by: Tom Rogers

creating a development log
        161204 by: Merlin
        161206 by: Chris W. Parker
        161234 by: Merlin
        161235 by: Merlin
        161236 by: Merlin

Approaches to Logging In
        161207 by: Seth Willits
        161209 by: Chris W. Parker
        161210 by: Chris Sherwood

PHP -  XHTML converter to HDML or WML
        161211 by: Joe Harman
        161214 by: Raditha Dissanayake

Hardening php.ini for an ISP environment
        161212 by: Roman Medina
        161237 by: Joerg Behrens

Why? Why this is not an imap_error?
        161215 by: myhan
        161219 by: Curt Zirzow

Re: speed of mail() on two servers
        161216 by: Manuel Lemos

Session Issue
        161217 by: Seth Willits
        161220 by: Curt Zirzow
        161222 by: Seth Willits

Re: Gripe^2 [was Gripe]
        161221 by: Curt Zirzow
        161225 by: Nicholas Robinson
        161230 by: Curt Zirzow

php 4.2.3 on AIX - include statment cause seg. fault
        161223 by: PM WONG

some html basics please
        161224 by: Dennis Gearon
        161226 by: Leif K-Brooks
        161228 by: Leif K-Brooks

Session Timeout
        161227 by: Seth Willits
        161229 by: Tom Rogers
        161232 by: Curt Zirzow

authentication variable
        161231 by: BhongOng
        161233 by: Curt Zirzow

Sotre image created by GD in db
        161238 by: Mohammadreza Hassanrezaeian

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------
--- Begin Message --- Jackson Miller wrote: 
Why is it that when you forget a "}" the error says:
Unexpected $ on line [last line of file]

Why can't it just say:
Missing } on or before (best guess).

How could the parser possibly know that one was missing as it's going through the file? It just keeps a count and can only realize something is wrong when it gets to the end of the file and sees the count is off.

--
---John Holmes...

Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/

php|architect: The Magazine for PHP Professionals – www.phparch.com
--- End Message ---
--- Begin Message --- 
--- "John W. Holmes" <[EMAIL PROTECTED]> wrote:
> How could the parser possibly know that one was missing as it's going 
> through the file? It just keeps a count and can only realize something 
> is wrong when it gets to the end of the file and sees the count is off.

I can't see how a human could determine this prior to getting to the end
either, unless you assume that the author has properly indented the code. Am I
missing something obvious?

if ($foo) { if ($bar) echo 'blah'; else { echo 'else'; }

Where is the missing brace? :-)

Chris

=====
Become a better Web developer with the HTTP Developer's Handbook
http://httphandbook.org/

--- End Message ---
--- Begin Message --- 
Chris Shiflett <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 2:16 PM said:

> if ($foo) { if ($bar) echo 'blah'; else { echo 'else'; }
>                                                         ^
> Where is the missing brace? :-)                         |
                                                          |
Here -----------------------------------------------------/


I'm pretty sure I've seen an error message from something (maybe,
asp.net, or classic asp) that shows a line like i've drawn and points to
where it thinks the problem is. (And no it wasn't always the end of the
last line.) But maybe my memory is a little foggy.



Chris.

--- End Message ---
--- Begin Message --- 
Chris W. Parker <>
    on Friday, August 29, 2003 2:23 PM said:

> I'm pretty sure I've seen an error message from something (maybe,
> asp.net, or classic asp) that shows a line like i've drawn and points
> to where it thinks the problem is. (And no it wasn't always the end
> of the last line.) But maybe my memory is a little foggy.

I should also add (before someone corrects me) that is could have been
related to syntax errors only and not missing braces. Thus the "But
maybe my memory is a little foggy." clause in my previous post.



c.

--- End Message ---
--- Begin Message --- 
* Thus wrote Chris W. Parker ([EMAIL PROTECTED]):
> Chris Shiflett <mailto:[EMAIL PROTECTED]>
>     on Friday, August 29, 2003 2:16 PM said:
> 
> > if ($foo) { if ($bar) echo 'blah'; else { echo 'else'; }
> >            ^                      ^                     ^
> > Where is the missing brace? :-)   |                     |
>              |                      |                     |
> Here --------+----------------------+---------------------/
               |                      |
  Or Here -----+----------------------/
               |
  Or Here -----/


ohh.. neat intersecting lines :)


Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- 
Curt Zirzow <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:12 PM said:

>> Here --------+----------------------+---------------------/
>                |                      |
>   Or Here -----+----------------------/
>                |
>   Or Here -----/

Oh yeah of course. But I thought those were obvious.













Me no good at puzzles. :(


Chris.

--- End Message ---
--- Begin Message --- 
--- Curt Zirzow <[EMAIL PROTECTED]> wrote:
> * Thus wrote Chris W. Parker ([EMAIL PROTECTED]):
> > Chris Shiflett <mailto:[EMAIL PROTECTED]>
> >     on Friday, August 29, 2003 2:16 PM said:
> > 
> > > if ($foo) { if ($bar) echo 'blah'; else { echo 'else'; }
> > >            ^                      ^                     ^
> > > Where is the missing brace? :-)   |                     |
> >              |                      |                     |
> > Here --------+----------------------+---------------------/
>                |                      |
>   Or Here -----+----------------------/
>                |
>   Or Here -----/

I think Curt got my point the best. :-)

The point is that you can't tell where I forgot the brace without making
assumptions about what I wanted to do. If a human can't tell whether there is a
missing brace until the very end, a human can't write software that does
either.

Chris

=====
Become a better Web developer with the HTTP Developer's Handbook
http://httphandbook.org/

--- End Message ---
--- Begin Message --- 
On Saturday 30 August 2003 03:49, Mike At Spy wrote:

[snip]

> However, I still have the issue that while the jpeg libraries were
> installed, the weren't. :\
>
> This is what was installed through the only binary for jpeg libaries I can
> find on the net off hand:
>
> jpegsrc.v6b.tar.gz

[snip]

Please read my previous posts again.

FWIW, I had to go through the trouble of locating the jpeg libraries and 
downloading http://www.ijg.org/files/jpegsrc.v6b.tar.gz and extracting it and 
reading the installation instructions to enable me to write what I wrote in 
my previous posts. The least you could do is read it!

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
"We demand rigidly defined areas of doubt and uncertainty!"
                -- Vroomfondel
*/

--- End Message ---
--- Begin Message --- 
Hey,

I am setting up Apache 1.3.27 on a linux box (I really dont know much about
linux) and I am having small problem. When a specify a subdirectory off of
my document root, I must include a "/" forward slash in order for the index
page to load, otherwise I get the "The page cannot be displayed" message.
For example, I must type:

http://somedomain/phpmyadmin/

instead of

http://somedomain/phpmyadmin

My only previous experience with configuring apache is on Win machines,
where I haven't had this problem before. I know this is off topic but u guys
know everything, so any help would be greatly appreciated. Thanks

--- End Message ---
--- Begin Message --- 
Hi,

Saturday, August 30, 2003, 2:49:43 AM, you wrote:
CC> Hey,

CC> I am setting up Apache 1.3.27 on a linux box (I really dont know much about
CC> linux) and I am having small problem. When a specify a subdirectory off of
CC> my document root, I must include a "/" forward slash in order for the index
CC> page to load, otherwise I get the "The page cannot be displayed" message.
CC> For example, I must type:

CC> http://somedomain/phpmyadmin/

CC> instead of

CC> http://somedomain/phpmyadmin

CC> My only previous experience with configuring apache is on Win machines,
CC> where I haven't had this problem before. I know this is off topic but u guys
CC> know everything, so any help would be greatly appreciated. Thanks


make sure apache is compiled with and using mod_dir (it should by
default..)

-- 
regards,
Tom

--- End Message ---
--- Begin Message --- Hi there,

I would like to create a small dev log.

Output should be somehow like this:

Aug 30, 2003

1. Member galleries added sort option rating

 Aug 31, 2003
   1. Travel log entries can be dated now.
   2. Member galleries added 5 star rating system

NOw I have created a table with 2 rows (timestamp and entry)
I would like to pull out the date aout of the db, group it by date and output all entries for this date in a listformat, then proceed to the next date.

Unfortuantelley this looks way more complicated than I thought. How to group by date and still get the entry, and how can I arange it, that it outputs only the one for the date and then closes the list`?

Thanx for any help on that,

Merlin
--- End Message ---
--- Begin Message --- 
Merlin <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:03 PM said:

> Unfortuantelley this looks way more complicated than I thought. How to
> group by date and still get the entry, and how can I arange it, that
> it outputs only the one for the date and then closes the list`?

To display the output like you've got in your post you'd do something
like this:

(pseudo code)

$arrayOfEntries = GetEntries();

$previousDate = "";
foreach($arrayOfEntries as $entry)
{
        if($previousDate != $entry['date'])
        {
                // show date header
                // show comment for this record
        }
        else
        {
                // show comment only
        }

        $previousDate = $entry['date'];
}


Let me know if this helps (and if it doesn't too).

Chris.

--- End Message ---
--- Begin Message --- Thanx Chris, this works. Here is the code (might help somebody else)


unset($previousDate);

for ($i=0; $i < $num_results; $i++){

        if($previousDate != $log['date'][$i])
                echo '<b>'.$log[date][$i].'</b>'.$p.'<ul>';

echo '<li>'.$log[entry][$i].'</li>'; 

        $previousDate = $log['date'][$i];
        if($previousDate != $log['date'][$i+1]){
                echo '</ul>';             
        }
}



Chris W. Parker wrote: 
Merlin <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:03 PM said:


Unfortuantelley this looks way more complicated than I thought. How to
group by date and still get the entry, and how can I arange it, that
it outputs only the one for the date and then closes the list`?



To display the output like you've got in your post you'd do something
like this:

(pseudo code)

$arrayOfEntries = GetEntries();

$previousDate = "";
foreach($arrayOfEntries as $entry)
{
        if($previousDate != $entry['date'])
        {
                // show date header
                // show comment for this record
        }
        else
        {
                // show comment only
        }

        $previousDate = $entry['date'];
}


Let me know if this helps (and if it doesn't too).

Chris.

--- End Message ---
--- Begin Message --- Thanx Chris, this works. Here is the code (might help somebody else)


unset($previousDate);

for ($i=0; $i < $num_results; $i++){

        if($previousDate != $log['date'][$i])
                echo '<b>'.$log[date][$i].'</b>'.$p.'<ul>';

echo '<li>'.$log[entry][$i].'</li>'; 

        $previousDate = $log['date'][$i];
        if($previousDate != $log['date'][$i+1]){
                echo '</ul>';             
        }
}



Chris W. Parker wrote: 
Merlin <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:03 PM said:


Unfortuantelley this looks way more complicated than I thought. How to
group by date and still get the entry, and how can I arange it, that
it outputs only the one for the date and then closes the list`?



To display the output like you've got in your post you'd do something
like this:

(pseudo code)

$arrayOfEntries = GetEntries();

$previousDate = "";
foreach($arrayOfEntries as $entry)
{
        if($previousDate != $entry['date'])
        {
                // show date header
                // show comment for this record
        }
        else
        {
                // show comment only
        }

        $previousDate = $entry['date'];
}


Let me know if this helps (and if it doesn't too).

Chris.

--- End Message ---
--- Begin Message --- Thanx Chris, this works. Here is the code (might help somebody else)


unset($previousDate);

for ($i=0; $i < $num_results; $i++){

        if($previousDate != $log['date'][$i])
                echo '<b>'.$log[date][$i].'</b>'.$p.'<ul>';

echo '<li>'.$log[entry][$i].'</li>'; 

        $previousDate = $log['date'][$i];
        if($previousDate != $log['date'][$i+1]){
                echo '</ul>';             
        }
}


Chris W. Parker wrote:

Merlin <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:03 PM said:


Unfortuantelley this looks way more complicated than I thought. How to
group by date and still get the entry, and how can I arange it, that
it outputs only the one for the date and then closes the list`?



To display the output like you've got in your post you'd do something
like this:

(pseudo code)

$arrayOfEntries = GetEntries();

$previousDate = "";
foreach($arrayOfEntries as $entry)
{
        if($previousDate != $entry['date'])
        {
                // show date header
                // show comment for this record
        }
        else
        {
                // show comment only
        }

        $previousDate = $entry['date'];
}


Let me know if this helps (and if it doesn't too).

Chris.

--- End Message ---
--- Begin Message --- I'm currently working on a portion of a website for my high school's band (though I'm now in college) and one of the sections contains contact information for all of the students which should only be accessible if you have are a member of band staff and have a password.

In order to access the "band staff" section, you are required to enter in a username and password and from there you can visit any of the pages in the band staff section. So it's fairly straight forward, login view the pages, type of system.

My question is, how should I go about determining whether the user has logged in or not? Are sessions overkill or difficult to use? Or is there another easier solution? This doesn't have to be maximum security or handle a variety of approaches to the pages, I'm just looking for a simple, "unless you're logged in, you can't see this page."

Are sessions the way to go?



Seth Willits
------------------------------------------------------------------------ ---
President and Head Developer of Freak Software - http://www.freaksw.com
Q&A Columnist for REALbasic Developer Magazine - http://www.rbdeveloper.com
Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames

"One day you'll be wandering through the darkness looking for guidance,
inspiration, and your purpose in life, and the next you'll turn around
and realize they've been standing right next to you the whole time."
-- Seth Willits
------------------------------------------------------------------------ ---
--- End Message ---
--- Begin Message --- 
Seth Willits <mailto:[EMAIL PROTECTED]>
    on Friday, August 29, 2003 3:24 PM said:

> Are sessions the way to go?

Well you could use cookies also but those can be tampered with.

Sessions aren't hard to work with really. All you need to do is start
the session, write a variable to $_SESSION if they have authenticated
successfully and then check for the existence of that variable on every
page. If it doesn't exist they have not authenticated.

Those are the basics.


Chris.

--- End Message ---
--- Begin Message --- 
Honestly if you have the users logging in use a session variable to contain
a session id

then verify against that sessionid as they browse the sensitive sections and
use a class to verify that they are a valid user

so yes Ideally sessions are the way to go

Chris
----- Original Message ----- 
From: "Seth Willits" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 29, 2003 3:24 PM
Subject: [PHP] Approaches to Logging In


> I'm currently working on a portion of a website for my high school's
> band (though I'm now in college) and one of the sections contains
> contact information for all of the students which should only be
> accessible if you have are a member of band staff and have a password.
>
> In order to access the "band staff" section, you are required to enter
> in a username and password and from there you can visit any of the
> pages in the band staff section. So it's fairly straight forward, login
> view the pages, type of system.
>
> My question is, how should I go about determining whether the user has
> logged in or not? Are sessions overkill or difficult to use? Or is
> there another easier solution? This doesn't have to be maximum security
> or handle a variety of approaches to the pages, I'm just looking for a
> simple, "unless you're logged in, you can't see this page."
>
> Are sessions the way to go?
>
>
>
> Seth Willits
> ------------------------------------------------------------------------ 
> ---
> President and Head Developer of Freak Software - http://www.freaksw.com
> Q&A Columnist for REALbasic Developer Magazine -
> http://www.rbdeveloper.com
> Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames
>
> "One day you'll be wandering through the darkness looking for guidance,
>   inspiration, and your purpose in life, and the next you'll turn around
>   and realize they've been standing right next to you the whole time."
>      -- Seth Willits
> ------------------------------------------------------------------------ 
> ---
>
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--- End Message ---
--- Begin Message --- 
Hey maybe you guys can help me out here.

I would like to start developing for WAP enabled devices. since there
are a lot of people out there who still have phones that use different
version of WML and still some that use HDML. and then the new phones
being able to display XHTML. I would like to either find a parser or
make one that will convert a XHTML file to be compatable with the older
mark-up languages. does anyone have experience with this?

Give you an example.. I have a Sanyo SCP-4700 on the Sprint PCS network.
only HDML 3.0 and WML 1.1 is compatable.. So I run into a lot of
different errors.

So the first step would be to figure out how to determine a cell phone
user's browser. So what's it capable of WML 1.1 or WML 2.0, HDML.. Or
XHTML

Appreciate the feedback,

Joe Harman

http://www.HarmanMedia.com

Have you ever noticed? Anybody going slower than you is an idiot, and
anyone going faster than you is a maniac. - George Carlen

--- End Message ---
--- Begin Message --- Hi,

The best approach for you is to use XSLT. good information about XSLT can be found on w3shcools.com
briefly what it can do is to take an xml and convert it to virtually any other format. For this is to happen though you need to have strict XHTML transistion will not do because it's not always well formed.

If you are really keen to parse your XHTML and go on that path, it can be done with SAX (once again provided that it's well formed). Otherwise the best HTML parser i have seen actuall comes with perl.

best regards
raditha


Joe Harman wrote:

Hey maybe you guys can help me out here.

I would like to start developing for WAP enabled devices. since there
are a lot of people out there who still have phones that use different
version of WML and still some that use HDML. and then the new phones
being able to display XHTML. I would like to either find a parser or
make one that will convert a XHTML file to be compatable with the older
mark-up languages. does anyone have experience with this?

Give you an example.. I have a Sanyo SCP-4700 on the Sprint PCS network.
only HDML 3.0 and WML 1.1 is compatable.. So I run into a lot of
different errors.

So the first step would be to figure out how to determine a cell phone
user's browser. So what's it capable of WML 1.1 or WML 2.0, HDML.. Or
XHTML

Appreciate the feedback,

Joe Harman

http://www.HarmanMedia.com

Have you ever noticed? Anybody going slower than you is an idiot, and
anyone going faster than you is a maniac. - George Carlen






--
http://www.raditha.com/php/progress.php
A progress bar for PHP file uploads.

--- End Message ---
--- Begin Message --- 
 Hi,

 I'm looking for good and complete documentation about hardening a PHP
box which is going to be used to offer hosting services. The machine
will have Apache + PHP with VirtualDomains. Assuming Apache config is
secure, which aspects would be affected for the activation of php
module?

 I'd like a have a look to a complete php.ini checklist. I've been
doing some basic research and I found useful some tips:
- safe_mode on (solves remote execution of arbitrary code)
- open_basedir "./" (solves browsing HD' server problem)
- some limits like memory or CPU time used by a given php script
- disable fsockopen and pfsockopen (solves the problem in launching a
connect to remote hosts from the PHP/web server).

 Regarding last point, is there any php.ini option to disable ALL (at
the same time) PHP dangerous network commands such as fsockopen?

 Any more clues?

 Any help would be greatly appreciated. Thanks in advance.

 Saludos,
 --Roman

--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB  29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]

--- End Message ---
--- Begin Message --- 
> ----- Original Message ----- 
> From: "Roman Medina" <[EMAIL PROTECTED]>
> Newsgroups: php.general
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, August 30, 2003 1:45 AM
> Subject: Hardening php.ini for an ISP environment
>
>
>
>  Hi,
>
>  I'm looking for good and complete documentation about hardening a PHP
> box which is going to be used to offer hosting services. The machine
> will have Apache + PHP with VirtualDomains. Assuming Apache config is
> secure, which aspects would be affected for the activation of php
> module?

Use php over cgi and try a sbox/suexec wrapper to create a secure
environment.


>  I'd like a have a look to a complete php.ini checklist. I've been
> doing some basic research and I found useful some tips:
> - safe_mode on (solves remote execution of arbitrary code)
> - open_basedir "./" (solves browsing HD' server problem)

Safe_mode on makes a http fileupload for users impossible when using php as
a module. So the most php based apps like gallerys, cms cant run at your
environment.


> - some limits like memory or CPU time used by a given php script
> - disable fsockopen and pfsockopen (solves the problem in launching a
> connect to remote hosts from the PHP/web server).

Use a firewall or something like iptables to makes outgoing connections
forbidden. Use ulimits or other job restriction to set runtime limits for
the cgi processes.

>  Regarding last point, is there any php.ini option to disable ALL (at
> the same time) PHP dangerous network commands such as fsockopen?
>
>  Any more clues?

Learn more about your given webserver. Alls these problems are not generated
by php. You'll have the same problems when runing perl,python as a module
becaue all these runing under the rights of the webserver user.

regards
Joerg

--- End Message ---
--- Begin Message --- 
Warning:  imap_fetchstructure(): Bad message number in
e:\testroot\imap\index.php on line 52

I ust imap_fetchstructure function to get the structure of a message, and I
want to push the errors into an array.
I give a wrong message number and expect cause an imap error, which can be
get by using imap_errors().
But it does not work like that. I get nothing from imap_errors(), and the
browser print a waring like that :

Warning:  imap_fetchstructure(): Bad message number in
e:\testroot\imap\index.php on line 52

What can I do?

--- End Message ---
--- Begin Message --- 
* Thus wrote myhan ([EMAIL PROTECTED]):
> 
> I ust imap_fetchstructure function to get the structure of a message, and I
> want to push the errors into an array.
> I give a wrong message number and expect cause an imap error, which can be
> get by using imap_errors().
> But it does not work like that. I get nothing from imap_errors(), and the
> browser print a waring like that :
> 
> Warning:  imap_fetchstructure(): Bad message number in
> e:\testroot\imap\index.php on line 52
> 
> What can I do?

You can psudo trap the error message, if you have the php.ini
setting 'track_errors' on then you can do something like:

if (! @imap_fetchstructure(...) ) {
  array_push($errors, $php_errormsg);
}

The @ suppresses direct output to the browser. and php_errormsg
contains the string that woulda been sent.

HTH,

Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- Hello,

On 08/29/2003 01:34 PM, David T-G wrote:
% /var/qmail/control/concurrencyremote

Well, that's what I thought, but what I don't know is whether or not
qmail requires a restart to see it :-)

RTFM! :-)

I guess you just need to send a HUP signal to reload the configuration options.

--

Regards,
Manuel Lemos

Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--- End Message ---
--- Begin Message --- I'm logging in via a form, and on the form page it creates the session:

<?php
session_start();
if ($_POST['username'] == $username && $_POST['password'] == $password ) {
$_SESSION['loggedIn'] = true;
} else
$_SESSION['loggedIn'] = false;
?>


And later in the same page, I include another file which has the links to the pages within the secured section of the site:

<?php if ($_SESSION['loggedIn']) require("section_nav.php"); ?>


From there, when I go to another page, that same line of doesn't work, as the links are not shown. Any idea on why that's happening? Did I miss a step?



Seth Willits
------------------------------------------------------------------------ ---
President and Head Developer of Freak Software - http://www.freaksw.com
Q&A Columnist for REALbasic Developer Magazine - http://www.rbdeveloper.com
Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames

"Black holes are where God divided by zero."
-- Steven Wright
------------------------------------------------------------------------ ---
--- End Message ---
--- Begin Message --- 
* Thus wrote Seth Willits ([EMAIL PROTECTED]):
> I'm logging in via a form, and on the form page it creates the session:
> 
> <?php
>       session_start();
>       if ($_POST['username'] == $username && $_POST['password'] == 
>       $password  ) {
>               $_SESSION['loggedIn'] = true;
>       } else
>               $_SESSION['loggedIn'] = false;
> ?>
> ...
> 
> <?php if ($_SESSION['loggedIn']) require("section_nav.php"); ?>
> 
> 
> From there, when I go to another page, that same line of doesn't work,  
> as the links are not shown. Any idea on why that's happening? Did I  
> miss a step?

Does the next page call session_start()?  all pages that use
$_SESSION, must call that first.


Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- On Friday, August 29, 2003, at 07:44 PM, Curt Zirzow wrote:

Does the next page call session_start()?  all pages that use
$_SESSION, must call that first.

Ohhh... ok. Thanks :)



Seth Willits
------------------------------------------------------------------------ ---
President and Head Developer of Freak Software - http://www.freaksw.com
Q&A Columnist for REALbasic Developer Magazine - http://www.rbdeveloper.com
Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames

"One day you'll be wandering through the darkness looking for guidance,
inspiration, and your purpose in life, and the next you'll turn around
and realize they've been standing right next to you the whole time."
-- Seth Willits
------------------------------------------------------------------------ ---
--- End Message ---
--- Begin Message --- 
Why do people insist on using their work address so we are plagued
with privacy notices and autorespond's letting us know that he will
be gone one extra day over the weekend....


p.s. you'll know why I'm griping if you reply to this <bg>
p.s.s. at least till i get him booted off the list <vbg>

cheers!

Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- 
You could equally ask why we get plagued with silly strap lines like

"I used to think I was indecisive, but now I'm not so sure."

HTH


On Saturday 30 Aug 2003 3:54 am, Curt Zirzow wrote:
> Why do people insist on using their work address so we are plagued
> with privacy notices and autorespond's letting us know that he will
> be gone one extra day over the weekend....
>
>
> p.s. you'll know why I'm griping if you reply to this <bg>
> p.s.s. at least till i get him booted off the list <vbg>
>
> cheers!
>
> Curt

--- End Message ---
--- Begin Message --- 
* Thus wrote Nicholas Robinson ([EMAIL PROTECTED]):
> You could equally ask why we get plagued with silly strap lines like
> 
> "I used to think I was indecisive, but now I'm not so sure."

No, you can't *equally* ask why.  It is perfectly acceptable to
have a signature attached to your email.  It is not acceptable to
have a 15 line message wrapped in a box describing the company's
privacy disclaimer.

oh, and it is hardly a strapline, or well.. mabey not :)

> 
> On Saturday 30 Aug 2003 3:54 am, Curt Zirzow wrote:
> > Why do people insist on using their work address so we are plagued
> > with privacy notices and autorespond's letting us know that he will
> > be gone one extra day over the weekend....

Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- 
After upgrading from php 4.0.x to 4.2.3 
many previous php scripts that had been working failed
becos of the "include" statement
The apache error log logged "segmentation fault"

I think it might have to do with AIX as there are
no problems for 4.2.3 which I've installed on Tru 64 Unix
(I've checked the php.ini file and the are the same on both platforms)

Anyone who has encountered this for AIX ?

--- End Message ---
--- Begin Message --- It seems that HTML is LAME, LAME,LAME when it comes to determining local directories.

I would like to somehow:

put image links relative to a base directory (if a relative URI is given)
and have PAGE links relative to the current page (if a relative URI is given)

What I seem to be able to do instead, is to:

   with NO <base  href="websitehost/~my_directory/"> in the header
   hard code the location of the images
   use relative URI for pages
-OR-
   with NO <base  href="websitehost/~my_directory/"> in the header
   use relative location of the images
   hard code the URI for pages

there seems no way to tell the browser to look below the base of the site for relative URI for images,
but do local to the current file relative for other pages.

And doing '"/someURI" makes the browser go off the site and not the base.

GRRRRR.

I can either get my images from a particular place on my site by hardcoding the exact UR
--- End Message ---
--- Begin Message --- Dennis Gearon wrote:

It seems that HTML is LAME, LAME,LAME when it comes to determining local directories.

This is a PHP list, not an HTML list. What does this have to do with PHP?

--
The above message is encrypted with double rot13 encoding.  Any unauthorized attempt 
to decrypt it will be prosecuted to the full extent of the law.

--- End Message ---
--- Begin Message --- Dennis Gearon wrote:

hmmmm, php outputs to the browser,
hmmm, browser reads HTML
hmmmmm,maybe somepeople who program in PHP have to dabble in HTML

Never said they don't, but the HTML PHP outputs has nothing to do with PHP. Take this to an HTML list/newsgroup.

--
The above message is encrypted with double rot13 encoding.  Any unauthorized attempt 
to decrypt it will be prosecuted to the full extent of the law.

--- End Message ---
--- Begin Message --- From what I see, the default timeout for a session is 1440 seconds or 24 minutes. I was gone for nearly an hour, came back, and the session was still valid. Must the value set in the config file be different than 1440, or am I misunderstanding session.gc_maxlifetime? I'd like for the user to be required to log in if they've been inactive for 10 minutes, or if they closed the browser window and opened another one.


Sorry for all the basic questions :)


Seth Willits
------------------------------------------------------------------------ ---
President and Head Developer of Freak Software - http://www.freaksw.com
Q&A Columnist for REALbasic Developer Magazine - http://www.rbdeveloper.com
Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames

"Not everything that can be counted counts, and not everything that counts
can be counted."
-- Albert Einstein
------------------------------------------------------------------------ ---
--- End Message ---
--- Begin Message --- 
Hi,

Saturday, August 30, 2003, 1:55:02 PM, you wrote:
SW>  From what I see, the default timeout for a session is 1440 seconds or  
SW> 24 minutes. I was gone for nearly an hour, came back, and the session  
SW> was still valid. Must the value set in the config file be different  
SW> than 1440, or am I misunderstanding session.gc_maxlifetime? I'd like  
SW> for the user to be required to log in if they've been inactive for 10  
SW> minutes, or if they closed the browser window and opened another one.


SW> Sorry for all the basic questions :)


SW> Seth Willits
SW> ------------------------------------------------------------------------ 
SW> ---
SW> President and Head Developer of Freak Software - http://www.freaksw.com
SW> Q&A Columnist for REALbasic Developer Magazine -  
SW> http://www.rbdeveloper.com
SW> Webmaster for REALbasic Game Central - http://www.freaksw.com/rbgames

SW> "Not everything that can be counted counts, and not everything that  
SW> counts
SW>   can be counted."
SW>      -- Albert Einstein
SW> ------------------------------------------------------------------------ 
SW> ---


The session timeout just sets the maximum time before the session data
becomes valid for a garbage collect. If a garbage collect is not
triggered the data is still valid as far as php is concerned. You have
to implement your own timeout checks if you need exactly 24 minutes.
You can do this by storeing the last accessed time in the $_SESSION
array and check it on each start.
I think by default garbage is collected 1 in every 100 hits. (1%)
If it done on every hit it would start to impact performance on busy
sites.

-- 
regards,
Tom

--- End Message ---
--- Begin Message --- 
* Thus wrote Seth Willits ([EMAIL PROTECTED]):
> From what I see, the default timeout for a session is 1440 seconds or  
> 24 minutes. I was gone for nearly an hour, came back, and the session  
> was still valid. Must the value set in the config file be different  
> than 1440, or am I misunderstanding session.gc_maxlifetime? I'd like  
> for the user to be required to log in if they've been inactive for 10  
> minutes, or if they closed the browser window and opened another one.

The issue with the session still being around when your browser
closed then reopened has to with the ini setting:

  session.cookie_lifetime

You want it to be 0, for it to expire as soon as the browser closes.

You might want to manage your lifetime of the session yourself,
like Tom Rogers suggested.  This will also avoid issues with clock
settings on the client's computer. So a set up with something like
this:

php.ini:
session.cookie_lifetime = 0

file.php:
$lifetime = (60 * 10); // 10 minutes lifetime
session_start();
if (! empty($_SESSION['last_access'] && 
      $_SESSION['last_access'] >= (time() + $lifetime) ) {

  //  Session has expired
  $_SESSION = array(); // kill session

} else {
  $_SESSION['last_access'] = time();
}

-OR-

if you're not worried about the client's clock being fast or slow:

php.ini:
session.cookie_lifetime = 10;

Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- 
Hi,

I have some questions. Is it possible to pass login data such
as username and password to the HTTP Basic Authentication
dialog box from PHP? How do you code that?

Is it also possible to get the variable data from the Authentication
dialog once login? I tried putting phpinfo() in an index.php page inside
the web protected directory but I can only see the username in the
variables..



Calixto Ong II

--- End Message ---
--- Begin Message --- 
* Thus wrote BhongOng ([EMAIL PROTECTED]):
> Hi,
> 
> I have some questions. Is it possible to pass login data such
> as username and password to the HTTP Basic Authentication
> dialog box from PHP? How do you code that?

I know for sure with Basic authentication you can't.

> 
> Is it also possible to get the variable data from the Authentication
> dialog once login? I tried putting phpinfo() in an index.php page inside
> the web protected directory but I can only see the username in the
> variables..

Answers to this and probably other questions that might come up
about authentication:

  http://php.net/features.http-auth



Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

--- End Message ---
--- Begin Message --- 
Dear Guys,
I want to store an image created by GD functions to a field of my DB. I can
not save it to a string to save it to blob field. Can any one help me with a
simple sample code?
Regards,
Mohammad

--- End Message ---

Reply via email to