php-general Digest 8 Sep 2002 13:49:48 -0000 Issue 1573

Topics (messages 115635 through 115661):

How to do pass on information...
        115635 by: Chuck PUP Payne
        115636 by: Brad Bonkoski

header() problem!!!!
        115637 by: xdrag

Re: Proposal for securing PHP sessions
        115638 by: Justin French
        115649 by: M1tch
        115651 by: M1tch
        115652 by: M1tch
        115654 by: M1tch
        115655 by: Justin French
        115656 by: M1tch

Re: Credit Card Validation
        115639 by: Justin French
        115650 by: Boaz Yahav

php_flag in httpd.conf
        115640 by: Mitch Vincent
        115641 by: Jason Reid
        115644 by: Mitch Vincent

Stock Market data - where can I get it?
        115642 by: olinux

imagecopyresized problems
        115643 by: Brian & Shannon Windsor

split() - not working in this case
        115645 by: N. Pari Purna Chand
        115646 by: Bas Jobsen
        115647 by: Chris Wesley
        115653 by: N. Pari Purna Chand

Re: How to program very basic chat on PHP?
        115648 by: M
        115660 by: timo stamm

file include relative file addressing.
        115657 by: nelr

Re: generating variable names
        115658 by: timo stamm

Re: contact list re-ordering (php/mySQL CMS design)
        115659 by: timo stamm

Re: PHP and LDAP over SSL
        115661 by: Stig Venaas

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------
--- Begin Message ---
Hi,

I would like to know if there is a way that I can pass on an information
from a pull down menu into a sql query. Right now I have to right a PHP page
for each piece I am wanting to pass on. Example I have a movie database and
now if I want to see what is in my Anime Category that starts with "A" I
have to create a page like this:

Select * FROM database WHERE category = 'anime' AND title like 'A%'

I know I have to do an array? Would it be like this?

$category 
$letter 

Select * FROM database WHERE category = '$category' and title is like
'$letter'

But it get to the sql statement is where I am lost.

Chuck Payne
Magi Design and Support

--- End Message ---
--- Begin Message ---
Can't you make a form?
Lets say you have a lexical database for categories like:
ID    NAME
1     Anime
2     Action
etc...

then in the form so:
<select name='cat'>
<?php
$query = "select * from categories";
$result = run_query($query);
while($row = fetch_array($result)
{
        echo "<option value=$row[0]>$row[1]</option>";
}
free_result($result)
?>
</select>

This would send to the form action page the numerical representation of 
the categoried selected from the drop down list.

-Brad

Chuck PUP Payne wrote:
> Hi,
> 
> I would like to know if there is a way that I can pass on an information
> from a pull down menu into a sql query. Right now I have to right a PHP page
> for each piece I am wanting to pass on. Example I have a movie database and
> now if I want to see what is in my Anime Category that starts with "A" I
> have to create a page like this:
> 
> Select * FROM database WHERE category = 'anime' AND title like 'A%'
> 
> I know I have to do an array? Would it be like this?
> 
> $category 
> $letter 
> 
> Select * FROM database WHERE category = '$category' and title is like
> '$letter'
> 
> But it get to the sql statement is where I am lost.
> 
> Chuck Payne
> Magi Design and Support
> 
> 


--- End Message ---
--- Begin Message ---
Hi:
is this a bug?
[win98se + apache2.0.40 + PHP4.2.3 + IE6.0]

download1.php:
<?php
...
header("Cache-Control: no-cache, must-revalidate");
header("Content-Type:".$mime_type);
header("Content-Disposition: filename=$filename");
echo $filedata;
?>
works well....

download2.php:
<?php
...
header("Cache-Control: no-cache, must-revalidate");
header("Content-Type:".$mime_type);
header("Content-Disposition: attachment; filename=$filename");
echo $filedata;
?>
please pay attention to header("Content-Disposition: ...")
if you click this URL, for example "download2.php?id=1", then click the "save" button, 

your browser will suffer a fatal error. You can not do anything else now!
--- End Message ---
--- Begin Message ---
on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:

> Why not just use IP?
> I created a nice system, whereby if your IP is changed (or someone is
> hacking your session), the session is destroyed, and the user must log in.
> Does not add much overhead either.

large ISPs like AOL use variable IPs (your IP could change from page to
page)... that's a pretty good reason to start with.

if people get disconnected, they too are likely to have a new IP on most
dial-up ISPs.

Justin


--- End Message ---
--- Begin Message ---
Ooooh, it's a lesson every day! Right, back to the drawing board :(

"Justin French" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:
>
> > Why not just use IP?
> > I created a nice system, whereby if your IP is changed (or someone is
> > hacking your session), the session is destroyed, and the user must log
in.
> > Does not add much overhead either.
>
> large ISPs like AOL use variable IPs (your IP could change from page to
> page)... that's a pretty good reason to start with.
>
> if people get disconnected, they too are likely to have a new IP on most
> dial-up ISPs.
>
> Justin
>
>


--- End Message ---
--- Begin Message ---
Okay, having had my own solution shot and burned ;), I would love to look at
yours, but unfortunately the page (well, the entire site), will not load.
It could be a temporary outage with either ISP, but is there anyway you
could post it here? (I perhaps flag it as large?).

On my site, I'm not really bothered about most of the session data being
hijacked, because  a user would still not be able to be malicious (any
serious function- like post article/forum message/etc) has a permission
check before it's executed, that verifies the username/password.
Of course, this then becomes a problem if the user has stored the password
in session, as this is the sensitive part.

Why oh why is AOL so terrible. I didn't like them before, but now! Grrrrr

Andy

"Mar Tin" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Dear all:
>
> Until I read the article "PHP Session security"
> (http://www.webkreator.com/php/configuration/php-session-security.html)
> I haven't noticed how insecure PHP Sessions are.
>
>
>
> Basically there're 2 problems:
>
> *) It's possible to hijack a session if you know the
> SID (session id)
>
>  1) If you're on a shared server (cheap webhosting)
> other users can get the SIDs by doing "ls /tmp/sess_*"
> (/tmp/ is defined on session.save_path on the config
> file, so it may be different).
>
>  2) When a user clicks on an external link, the
> browser sends the REFERER url and sometimes it
> contains the SID (if session.use_trans_sid is enabled)
>
> PHP offers a security measure: with
> session.referer_check it will reject SIDs comming from
> other referers, but the referer url can be easily
> forged.
>
> *) Users can read session data from the session files,
> which are owned by the server process (every user
> which has an account on the webserver can read server
> owned files)
>
> (If you're intrested in the subject I would recommend
> to read full the article:
> http://www.webkreator.com/php/configuration/php-session-security.html)
>
> I have developed some functions to avoid this
> problems. They replace the standard session functions
> (using session_set_save_handler), so you only have to
> include the file at the beggining of your script and
> (afaik) you're safe :)
>
> This is the idea:
>
> Apart from the session cookie, I set another one (with
> the same name and the string '_sec' appended). On this
> cookie I set a random KEY.
> The name of the file which contains the session data
> is the md5 hash of the SID and the KEY together. This
> turns impossible to guess the session id by looking at
> the filenames.
>
> To hide the data inside the file, the serialized
> string is crypted using the KEY as password, so nobody
> can see the content of your user's sessions.
>
> You can find the code here:
> http://www.n3rds.com.ar/files/docs/php_sessions/sess_handler.txt
>
> Im looking for suggestions to make it 100% compatible
> with the standard session functions, and I would like
> to hear some thougts about the idea
>
> Martin Sarsale
> [EMAIL PROTECTED]
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Finance - Get real-time stock quotes
> http://finance.yahoo.com


--- End Message ---
--- Begin Message ---
lol, no sooner had I spoke than it sprang back into action! I now have the
source you posted. Looking it over!

"M1tch" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Okay, having had my own solution shot and burned ;), I would love to look
at
> yours, but unfortunately the page (well, the entire site), will not load.
> It could be a temporary outage with either ISP, but is there anyway you
> could post it here? (I perhaps flag it as large?).
>
> On my site, I'm not really bothered about most of the session data being
> hijacked, because  a user would still not be able to be malicious (any
> serious function- like post article/forum message/etc) has a permission
> check before it's executed, that verifies the username/password.
> Of course, this then becomes a problem if the user has stored the password
> in session, as this is the sensitive part.
>
> Why oh why is AOL so terrible. I didn't like them before, but now! Grrrrr
>
> Andy
>
> "Mar Tin" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > Dear all:
> >
> > Until I read the article "PHP Session security"
> > (http://www.webkreator.com/php/configuration/php-session-security.html)
> > I haven't noticed how insecure PHP Sessions are.
> >
> >
> >
> > Basically there're 2 problems:
> >
> > *) It's possible to hijack a session if you know the
> > SID (session id)
> >
> >  1) If you're on a shared server (cheap webhosting)
> > other users can get the SIDs by doing "ls /tmp/sess_*"
> > (/tmp/ is defined on session.save_path on the config
> > file, so it may be different).
> >
> >  2) When a user clicks on an external link, the
> > browser sends the REFERER url and sometimes it
> > contains the SID (if session.use_trans_sid is enabled)
> >
> > PHP offers a security measure: with
> > session.referer_check it will reject SIDs comming from
> > other referers, but the referer url can be easily
> > forged.
> >
> > *) Users can read session data from the session files,
> > which are owned by the server process (every user
> > which has an account on the webserver can read server
> > owned files)
> >
> > (If you're intrested in the subject I would recommend
> > to read full the article:
> > http://www.webkreator.com/php/configuration/php-session-security.html)
> >
> > I have developed some functions to avoid this
> > problems. They replace the standard session functions
> > (using session_set_save_handler), so you only have to
> > include the file at the beggining of your script and
> > (afaik) you're safe :)
> >
> > This is the idea:
> >
> > Apart from the session cookie, I set another one (with
> > the same name and the string '_sec' appended). On this
> > cookie I set a random KEY.
> > The name of the file which contains the session data
> > is the md5 hash of the SID and the KEY together. This
> > turns impossible to guess the session id by looking at
> > the filenames.
> >
> > To hide the data inside the file, the serialized
> > string is crypted using the KEY as password, so nobody
> > can see the content of your user's sessions.
> >
> > You can find the code here:
> > http://www.n3rds.com.ar/files/docs/php_sessions/sess_handler.txt
> >
> > Im looking for suggestions to make it 100% compatible
> > with the standard session functions, and I would like
> > to hear some thougts about the idea
> >
> > Martin Sarsale
> > [EMAIL PROTECTED]
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Finance - Get real-time stock quotes
> > http://finance.yahoo.com
>
>


--- End Message ---
--- Begin Message ---
Just out of curiosity, do you know if any part (e.g. x1.x2.x3.x4) of the IP
remains static when AOL changes it? Even if it's only the first part, that's
better than nothing.
I'm having a headache now, because I'm already behind schedule, and this has
just thrown a spanner in the works  :( (but still thanks for bringing it up
now, rather than at production time!)


"Justin French" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:
>
> > Why not just use IP?
> > I created a nice system, whereby if your IP is changed (or someone is
> > hacking your session), the session is destroyed, and the user must log
in.
> > Does not add much overhead either.
>
> large ISPs like AOL use variable IPs (your IP could change from page to
> page)... that's a pretty good reason to start with.
>
> if people get disconnected, they too are likely to have a new IP on most
> dial-up ISPs.
>
> Justin
>
>


--- End Message ---
--- Begin Message ---
Nope, have no idea... I've just allways been told (and adhered to) the rule
that you don't trust anything client side, which would include IP address'.
Even if you could get it working for AOL, what about some other ISP located
in Australia, South Africa, or anywhere else on the planet that you've never
heard of?

Don't trust IPs.  AOL was just an example.


Justin


on 08/09/02 8:50 PM, M1tch ([EMAIL PROTECTED]) wrote:

> Just out of curiosity, do you know if any part (e.g. x1.x2.x3.x4) of the IP
> remains static when AOL changes it? Even if it's only the first part, that's
> better than nothing.
> I'm having a headache now, because I'm already behind schedule, and this has
> just thrown a spanner in the works  :( (but still thanks for bringing it up
> now, rather than at production time!)
> 
> 
> "Justin French" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> on 08/09/02 5:04 AM, M1tch ([EMAIL PROTECTED]) wrote:
>> 
>>> Why not just use IP?
>>> I created a nice system, whereby if your IP is changed (or someone is
>>> hacking your session), the session is destroyed, and the user must log
> in.
>>> Does not add much overhead either.
>> 
>> large ISPs like AOL use variable IPs (your IP could change from page to
>> page)... that's a pretty good reason to start with.
>> 
>> if people get disconnected, they too are likely to have a new IP on most
>> dial-up ISPs.
>> 
>> Justin
>> 
>> 
> 
> 

--- End Message ---
--- Begin Message ---
One thing that I did that may help.
Every time a session is opened, the system insists on writing to disk on
every page, whether the session is updated or not.
With a lot of users, this is a bit of a system bog.

So, I hold the contents of a session when 'read', in a global variable.
Then, in the write function, I see if it's changed. If it has, I do the
write. If it hasn't, I simply return from the function.

"Mar Tin" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Dear all:
>
> Until I read the article "PHP Session security"
> (http://www.webkreator.com/php/configuration/php-session-security.html)
> I haven't noticed how insecure PHP Sessions are.
>
>
>
> Basically there're 2 problems:
>
> *) It's possible to hijack a session if you know the
> SID (session id)
>
>  1) If you're on a shared server (cheap webhosting)
> other users can get the SIDs by doing "ls /tmp/sess_*"
> (/tmp/ is defined on session.save_path on the config
> file, so it may be different).
>
>  2) When a user clicks on an external link, the
> browser sends the REFERER url and sometimes it
> contains the SID (if session.use_trans_sid is enabled)
>
> PHP offers a security measure: with
> session.referer_check it will reject SIDs comming from
> other referers, but the referer url can be easily
> forged.
>
> *) Users can read session data from the session files,
> which are owned by the server process (every user
> which has an account on the webserver can read server
> owned files)
>
> (If you're intrested in the subject I would recommend
> to read full the article:
> http://www.webkreator.com/php/configuration/php-session-security.html)
>
> I have developed some functions to avoid this
> problems. They replace the standard session functions
> (using session_set_save_handler), so you only have to
> include the file at the beggining of your script and
> (afaik) you're safe :)
>
> This is the idea:
>
> Apart from the session cookie, I set another one (with
> the same name and the string '_sec' appended). On this
> cookie I set a random KEY.
> The name of the file which contains the session data
> is the md5 hash of the SID and the KEY together. This
> turns impossible to guess the session id by looking at
> the filenames.
>
> To hide the data inside the file, the serialized
> string is crypted using the KEY as password, so nobody
> can see the content of your user's sessions.
>
> You can find the code here:
> http://www.n3rds.com.ar/files/docs/php_sessions/sess_handler.txt
>
> Im looking for suggestions to make it 100% compatible
> with the standard session functions, and I would like
> to hear some thougts about the idea
>
> Martin Sarsale
> [EMAIL PROTECTED]
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Finance - Get real-time stock quotes
> http://finance.yahoo.com


--- End Message ---
--- Begin Message ---
You have be a little clearer.  What do you want to return on true?

a) the card number appears to be numerically valid
b) the card has enough credit left on it to place the order

I'll assume A.

You need to decide what cards are going to be accepted, and look for a class
or set of functions which validate that number as numerically valid, given a
certain TYPE of card.  Ie, VISA's numeric specs for a valid looking card
number, will be different to others.



I'm pretty sure I've seen a class on phpclasses.org


Justin



on 08/09/02 7:03 AM, Jeff Lewis ([EMAIL PROTECTED]) wrote:

> I know it's been posted here several times and I've looked through the
> archives but I just need something very simple for this. I have a form that
> already takes in user information but now before accepting the information,
> I'd like to pass the credit card information to a function and return true or
> false.
> 
> Is anyone using something like this that is simple?
> 
> Jeff
> 

--- End Message ---
--- Begin Message ---
Check Out

Credit Card validation routine. Uses MOD 10 to check if credit card
number is valid.
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=74

Validating Credit Card Numbers Without Bank Involvement 
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=333

A set of functions to check the validity of a credit card number.
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=458

After discovering some credit card validation routines didn't work -
here is one that I found works with all the numbers I have tried so far
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=505

Validation function for LUHNMod10 and variant. Can discriminate credit
card numbers of varying lengths. Uses [Double >> Sum-of-Digits]
transform.
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=1463

Credit Card Identification and Validation Class - The credit card class
provides methods for cleaning, validating and identifying the type of
credit card numbers.
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=1805

Real-Time Transaction Processing PHP Class. Credit Cards & Checks.
Supports system check, address verification, authorization and deposit,
deposit, credit, commercial card, electronic check debit, and more.
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=3107

ECHO-PHP Class Real Time Transaction Processor v1.4.4 for Credit Cards
and Checks / ACH
http://www.weberdev.com/index.php3?GoTo=get_example.php3?count=3190

Sincerely

berber

Visit http://www.weberdev.com/ Today!!!
To see where PHP might take you tomorrow.



-----Original Message-----
From: Jeff Lewis [mailto:[EMAIL PROTECTED]] 
Sent: Saturday, September 07, 2002 11:03 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Credit Card Validation


I know it's been posted here several times and I've looked through the
archives but I just need something very simple for this. I have a form
that already takes in user information but now before accepting the
information, I'd like to pass the credit card information to a function
and return true or false.

Is anyone using something like this that is simple?

Jeff
--- End Message ---
--- Begin Message ---
Though the manual says it's possible I have bene unable to turn the PHP 
engine on and of per *directory*..

Towards the top of the httpd.conf file I have :

<Directory />

     Options FollowSymLinks
     AllowOverride None

     php_flag engine off

</Directory>


Then further down for a directory I need PHP in I have

<Directory "/usr/site/www/www.foobar.com/*">

     Options FollowSymLinks
     AllowOverride None

     php_flag engine off

</Directory>

And this doesn't work.. Note that it does seem to work including it in 
<VirtualHost> directives but I'm using mod_vhost_alias so I don't have 
<virtualhost> directives for all my sites..

Thanks to anyone that can help, please CC this address with replies!

-Mitch

I can only please one person per day. Today is not your day. Tomorrow 
doesn't look good either.

--- End Message ---
--- Begin Message ---
Change off to on in the last <directory> container or omit it if php is
enabled by default. thats probaly where the problem is.

Jason Reid
[EMAIL PROTECTED]
--
AC Host Canada
www.achost.ca
----- Original Message -----
From: "Mitch Vincent" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, September 07, 2002 9:39 PM
Subject: [PHP] php_flag in httpd.conf


> Though the manual says it's possible I have bene unable to turn the PHP
> engine on and of per *directory*..
>
> Towards the top of the httpd.conf file I have :
>
> <Directory />
>
>      Options FollowSymLinks
>      AllowOverride None
>
>      php_flag engine off
>
> </Directory>
>
>
> Then further down for a directory I need PHP in I have
>
> <Directory "/usr/site/www/www.foobar.com/*">
>
>      Options FollowSymLinks
>      AllowOverride None
>
>      php_flag engine off
>
> </Directory>
>
> And this doesn't work.. Note that it does seem to work including it in
> <VirtualHost> directives but I'm using mod_vhost_alias so I don't have
> <virtualhost> directives for all my sites..
>
> Thanks to anyone that can help, please CC this address with replies!
>
> -Mitch
>
> I can only please one person per day. Today is not your day. Tomorrow
> doesn't look good either.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>


--- End Message ---
--- Begin Message ---
Oops -- that was a typo, I did have it On in the last directive.. I was 
changing it all around before I sent the email..


On Saturday, September 7, 2002, at 08:45  PM, Jason Reid wrote:

> Change off to on in the last <directory> container or omit it if php is
> enabled by default. thats probaly where the problem is.
>
> Jason Reid
> [EMAIL PROTECTED]
> --
> AC Host Canada
> www.achost.ca
> ----- Original Message -----
> From: "Mitch Vincent" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, September 07, 2002 9:39 PM
> Subject: [PHP] php_flag in httpd.conf
>
>
>> Though the manual says it's possible I have bene unable to turn the 
>> PHP
>> engine on and of per *directory*..
>>
>> Towards the top of the httpd.conf file I have :
>>
>> <Directory />
>>
>>      Options FollowSymLinks
>>      AllowOverride None
>>
>>      php_flag engine off
>>
>> </Directory>
>>
>>
>> Then further down for a directory I need PHP in I have
>>
>> <Directory "/usr/site/www/www.foobar.com/*">
>>
>>      Options FollowSymLinks
>>      AllowOverride None
>>
>>      php_flag engine off
>>
>> </Directory>
>>
>> And this doesn't work.. Note that it does seem to work including it in
>> <VirtualHost> directives but I'm using mod_vhost_alias so I don't have
>> <virtualhost> directives for all my sites..
>>
>> Thanks to anyone that can help, please CC this address with replies!
>>
>> -Mitch
>>
>> I can only please one person per day. Today is not your day. Tomorrow
>> doesn't look good either.

--- End Message ---
--- Begin Message ---
I would like to have a dynamic graph of market
indices. Where I can get this data (free and paid).

I have found several applications that grab yahoo
finance data, but I don't think this flies very well
with yahoo.

CBS MarketWatch seems to be quite pricey. Can anyone
recommend a source?

Thanks,
olinux

__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
--- End Message ---
--- Begin Message ---
I'm trying to use imagecopyresized to generate a thumbnail image and then
store the image in the proper place, but I'm running into some problems.

I'm using the standard code:

$src_img =
imagecreatefromjpeg("../php/images/".$HTTP_POST_FILES['imagefile']['name']);

if (imagesx($src_img)<$max_width){
        imagejpeg($src_img);
        exit();
}

$dst_img = imagecreate(80,60);
imagecopyresized($dst_img,$src_img,0,0,80,60,80,60,imagesx($src_img),imagesy
($src_img));
imagejpeg($dst_img);

this will give me this output:

3JFIF>CREATOR: gd-jpeg v2.0 (using IJG JPEG v62), default quality
C    $.' ",#(7),01444'9=82<.342C 
2!!22222222222222222222222222222222222222222222222222

What I need is for imagecopyresized to make a new file that I can then give
a new name and copy into the files that I want it to go to, such as..

copy ($dst_img, "../php/thumbs/".$thumb_name);

If I try to this, I get the following error...

Warning: Unable to open 'Resource id #4' for reading: No such file or
directory in /u/php/uppic.php on line 55


(uppic.php is the name of the .php script this is in)

Am I missing something obvious?

Thanks,

Brian



--- End Message ---
--- Begin Message ---

I have a string 
$to = " abcd <[EMAIL PROTECTED]>, efgh <[EMAIL PROTECTED]>" ;

I want a function returning an array of
indivial names+mailids like from the $to seperated by ","
something like
$tos[0] = "abcd <[EMAIL PROTECTED]>";
$tos[1] = "efgh <[EMAIL PROTECTED]>";

Now split() in the following function*** is notworking as needed.
ie, I'm getting 
$tos[0] = "abcd";
$tos[1] = "efgh";

Not the complete name + <mailid>,
Why ?
/Chandu

***
function split_addresses($addr) {
 $ad = array();
 $ad = split(",",$addr);
return $ad;
}

--- End Message ---
--- Begin Message ---
<?
function split_addresses($addr) {
 $ad = array();
 $ad = split(",",$addr);
 return $ad;
}

$tos=array();
$to = " abcd <[EMAIL PROTECTED]>, efgh <[EMAIL PROTECTED]>";
$tos=split_addresses($to);
echo $tos[1];
?>

echos efgh <[EMAIL PROTECTED]> ?? Whats the problem? Maybe you output to a browser 
and don't see <[EMAIL PROTECTED]> cause its between <>



Op zondag 08 september 2002 10:17, schreef N. Pari Purna Chand:
> I have a string
> $to = " abcd <[EMAIL PROTECTED]>, efgh <[EMAIL PROTECTED]>" ;
>
> I want a function returning an array of
> indivial names+mailids like from the $to seperated by ","
> something like
> $tos[0] = "abcd <[EMAIL PROTECTED]>";
> $tos[1] = "efgh <[EMAIL PROTECTED]>";
>
> Now split() in the following function*** is notworking as needed.
> ie, I'm getting
> $tos[0] = "abcd";
> $tos[1] = "efgh";
>
> Not the complete name + <mailid>,
> Why ?
> /Chandu
>
> ***
> function split_addresses($addr) {
>  $ad = array();
>  $ad = split(",",$addr);
> return $ad;
> }
--- End Message ---
--- Begin Message ---
On Sun, 8 Sep 2002, N. Pari Purna Chand wrote:

> $to = " abcd <[EMAIL PROTECTED]>, efgh <[EMAIL PROTECTED]>" ;

> Now split() in the following function*** is notworking as needed.
> ie, I'm getting
> $tos[0] = "abcd";
> $tos[1] = "efgh";

split didn't do anything wrong.  use your browser's "view source" to see
the desired output.  funny things, those less-than & greater-than
characters ... they make browsers think you've created an HTML tag!

Two things you can do to make displaying such data in a browser:

1) if you're trying to display text that has HTML entities in it,
   within a HTML page, use the htmlentities() function when
   printing output.   http://www.php.net/htmlentities

2) if you don't care about HTML at all, send a Content-type header that
   tells the browser what you're sending is text.
   header( "Content-type: text/plain" );

        g.luck,
        ~Chris




--- End Message ---
--- Begin Message ---
Yeah,
I have outputted to browser

Split() was working fine.. Sorry for the noise
on the list. But I have realised that the very moment
I posted the mail on the list.

/Chandu


----- Original Message ----- 
From: "Chris Wesley" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "N. Pari Purna Chand" <[EMAIL PROTECTED]>
Sent: Sunday, September 08, 2002 2:33 PM
Subject: Re: [PHP] split() - not working in this case


> On Sun, 8 Sep 2002, N. Pari Purna Chand wrote:
> 
> > $to = " abcd <[EMAIL PROTECTED]>, efgh <[EMAIL PROTECTED]>" ;
> 
> > Now split() in the following function*** is notworking as needed.
> > ie, I'm getting
> > $tos[0] = "abcd";
> > $tos[1] = "efgh";
> 
> split didn't do anything wrong.  use your browser's "view source" to see
> the desired output.  funny things, those less-than & greater-than
> characters ... they make browsers think you've created an HTML tag!
> 
> Two things you can do to make displaying such data in a browser:
> 
> 1) if you're trying to display text that has HTML entities in it,
>    within a HTML page, use the htmlentities() function when
>    printing output.   http://www.php.net/htmlentities
> 
> 2) if you don't care about HTML at all, send a Content-type header that
>    tells the browser what you're sending is text.
>    header( "Content-type: text/plain" );
> 
> g.luck,
>         ~Chris
> 
> 
> 
> 
> 

--- End Message ---
--- Begin Message ---
"Philip J. Newman" wrote:

> You could create a scema, or module that is called with each page load, that
> checks for messages when the user is logged in.  So when the message is
> stored into the databace, when the user loads the anypage while logged in it
> checks for new messages, and if the user has messages then the window pops
> up and the user can eather reply etc etc
>
> Phil

Hello Phil, your idea is interesting. I am evaluating it because it is not a
true 'chat' (if user doesnt load any page he will never see incoming msg), but
your idea is the only thing I have to this time.

Thanks

Mig


--- End Message ---
--- Begin Message ---
Hi Mig,


to create something that behaves more like a true "chat", you 
need an active client side.
For example, you could let a frame with the PHP be reloaded in a 
short interval.

To create a real chat, you need a socket connection. The best 
solution would be Flash (which has great functions for that). 
Java is another option.


Timo


Am Sonntag den, 8. September 2002, um 12:05, schrieb M:

> "Philip J. Newman" wrote:
>
>> You could create a scema, or module that is called with each 
>> page load, that
>> checks for messages when the user is logged in.  So when the 
>> message is
>> stored into the databace, when the user loads the anypage 
>> while logged in it
>> checks for new messages, and if the user has messages then the 
>> window pops
>> up and the user can eather reply etc etc
>>
>> Phil
>
> Hello Phil, your idea is interesting. I am evaluating it 
> because it is not a
> true 'chat' (if user doesnt load any page he will never see 
> incoming msg), but
> your idea is the only thing I have to this time.
>
> Thanks
>
> Mig

--- End Message ---
--- Begin Message ---
>From the root of a website: /

I had a file called /my.php which included a file /include/blah/my.inc.php

In my.php if I put the include_once( "./include/blah/my.inc.php" ); it works
fine
when my.php is in the root of the site.

If I move /my.php to /blah/my.php, no matter how I address
../include/blah/my.php or /include/blah/my.php I keep getting path errors.

How do I get around this problem using only relative paths (no absolute or
placing in an include path)

Neil.


--- End Message ---
--- Begin Message ---
Hi Kevin,


I find it a bit awkward to mix variables and arrays in a pseudo 
array. But I guess you have reasons...

Anyhow, maybe this is what you want:


$variable1="one";
$variable2="two";
$variable3 = array();
$variable3[0]="three";
$variable4 = array();
$variable4[0]="four";
        
$j=1;
while($j<5){
        if (is_array(${"variable".$j})) {
                print(${"variable".$j}[0] . "<br />");
        } else {
                print(${"variable".$j} . "<br />");
        };
        $j++;
}


Timo


Am Freitag den, 6. September 2002, um 20:37, schrieb Kevin Heflin:

> Hoping someone can help me with this. Below I have an example 
> of what I'm trying to accomplish.
> Bottom line.. I need to print out $variable3[0] and $variable4[0]
> and my problem is that I'm trying to generate the variable 
> name. I can get this to work with $variable1 and $variable2 
> which are not arrays, however that doesn't help me much.
>
> Any suggestions would be appreciated.
>
> Kevin
>
>
>
> <?
>       $variable1="one";
>       $variable2="two";
>       $variable3[0]="three";
>       $variable4[0]="four";
>       
>       $j=1;
>       while($j<5){
>               print("${variable.$j} <BR>");
>               $j++;
>       }
>
>
>       $j=1;
>       while($j<5){
>               $k="\$variable".$j."[0]";
>               print("$k <BR>");
>               print("${variable.$k} <BR>");
>               $j++;
>       }
> ?>
>
>
> -- PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

--- End Message ---
--- Begin Message ---
Hi speedfreak,


uh, clients. Can't they just send the checks an be content? :-)

I have yet not done a user-sorted list in PHP/MySQL (I am using 
PHP since a week, now :-). But I think the following database 
setup should allow you to do it:

id      content above   below
1       lala            start   2
2       blah            1               3
3       sdfg            2               5
5       oll             3               end

By referencing to the entry displayed above/below, you can quite 
easily write functions for getting the list and for moving rows.


Timo


Am Samstag den, 7. September 2002, um 18:08, schrieb 
[EMAIL PROTECTED]:

> Dear guru's,
>
> Hit a problem while developing a CMS with php/mySQL. Part of this is a
> contact list and this works ok (add/edit/delete with
> insert/update/delete queries). Now the client has requested a new
> feature: ability to change the order in which the contacts are being
> presented in the public part of this CMS (don't ask me why). I've added
> a field 'show_pos' to the contacts table and am able to change 
> its value
> when I edit an existing record or add a new one. What I can't wrap my
> head around at the moment is how one deals with updating 'show_pos' for
> the OTHER records (while editing/deleting present record (WHERE
> id='$id')? Could anyone give me some pointers as to how this could be
> done in php and/or SQL (preferable). I sure hope anyone 
> understands what
> I mean ...
>
> Cheers!
>
> newbie@a_loss
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

--- End Message ---
--- Begin Message ---
On Wed, Sep 04, 2002 at 02:26:49PM +0200, Sren Henning Dalgaard wrote:
> I can make an ldap_connect with the ldaps://hostname/ parameter but what
> next:
> How can make an ldap_bind command?
> How can I encrypt and decrypt the data?

When using ldaps:// all communications are through SSL, you do bind
etc as usual and your data will be tunneled through SSL.

> How do I specify a key/certificate for encrypting and decrypting?

For SSL and the necessary encryption you only need a certificate at
the server. It seems you have done this, that is enough for the
communications to be encrypted. You may want to give your client a
certificate for the CA that signed the server certificate, see my
mail on LDAP and SSL on php-general from Aug 26th (and the mail I
replied to). It is also possible to give the client a certificate if
you want the server to know which client it is talking to.

For details on LDAP and SSL I suggest you look at OpenLDAP docs, in
OpenLDAP list archives etc. Doing SSL with OpenLDAP is the same
when using PHP and other tools. Using ldaps:// in the connect is
similar to using -H ldaps:// to OpenLDAP tools like ldapsearch etc.

Stig
--- End Message ---

Reply via email to