php-windows Digest 3 May 2002 11:13:09 -0000 Issue 1125
Topics (messages 13498 through 13507):
Re: PHP generation of <select> fields
13498 by: Dash McElroy
Re: Php on windows - Linux and Windows Editors
13499 by: Russell Griechen
Simple string function help needed
13500 by: RS Herhuth
13501 by: Ross Fleming
Re: Why Global Variables turned off??
13502 by: Matt Parlane
13503 by: theN
13505 by: Matt Parlane
13507 by: Luis Ferro
R: [PHP-WIN] Php on windows - Linux and Windows Editors
13504 by: Alberto. Sartori
Re: PHP and Java
13506 by: Opere, James
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
It's been a while since I've done a 'for' statement...
Here's my new working code:
<?php
for ($i=01;$i<=12;$i++) {
if($i == date("m")) {
$selected = " selected";
}
else {
$selected = "";
}
print "<option
value=\"".date("m",mktime(0,0,0,$i))."\"$selected>".date("F",mktime(0,0,0,$i
))."</option>\n";
}
?>
I found that you have to put quotes around the date() paramaters (like
date("m") instead of date(m)) or PHP will put an error message in your
error.log file in Apache (2.0.35/php4.2.0). Here's the message:
PHP Notice: Use of undefined constant m - assumed 'm' in C:\Program
Files\Apache Group\Apache2\htdocs\select.php on line 3
My error log was huge because of this (and the failed first attempt of this
code).
-Dash
-----Original Message-----
From: George Nicolae [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 02, 2002 3:19 PM
To: [EMAIL PROTECTED]
Subject: [PHP-WIN] Re: PHP generation of <select> fields
you make two mistakes. let's see the correct code:
for ($i=1;$i<=12;$i++)
{
if($i == date(m))
//first here ^^^ (must be == not just one "=")
{
$selected = " selected";
}
//here is the second: if $selected ="selected" for $i=4 (may) $i will be
remain selected for all month > then may
//you need the following line to correct this problem.
else $selected="";
print "<option
value=\"".date(m,mktime(0,0,0,$i))."\"$selected>".date(F,mktime(0,0,0,$i))."
</option>\n";
}
--
Best regards,
George Nicolae
IT Manager
___________________
PaginiWeb.com - Professional Web Design
www.PaginiWeb.com
"Dash McElroy" <[EMAIL PROTECTED]> wrote in message
ABA3F1F1A223D411BE6C006008A6F7E23E6425@MSX1-PTON">news:ABA3F1F1A223D411BE6C006008A6F7E23E6425@MSX1-PTON...
> I am trying to use PHP to generate and automatically select the current
> month in an HTML Form. Here is the code that flails:
>
> for ($i=01;$i<=12;$i++) {
> if($i = date(m)) {
> $selected = " selected";
> }
> print "<option
>
value=\"".date(m,mktime(0,0,0,$i))."\"$selected>".date(F,mktime(0,0,0,$i))."
> </option>\n";
> }
>
> The output is a large amount of April's in the Select dropdown box - my
> machine then goes crazy for a while whilst the hard drive chunks like mad.
>
> Thanks.
>
> -Dash
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---CoffeeCup at http://www.coffeecup.com has a Linux Version of CoffeeCup Html Editor. You can download a Trial copy to see if it works for you. I am thinking of making a Linux box...if you do check it out ...please post your evaluation. I have used the Windows Version for several years. Russell Griechen ----- Original Message ----- From: "Sukhwinder Singh" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, May 01, 2002 5:55 AM Subject: [PHP-WIN] Php on windows - Linux and Windows Editors--- End Message ---
--- Begin Message ---List, This is an easy one but I'm under the gun and need some help. I have a situation where I need to trim the last four elements of a string off from a variable. Examples of what the string will look like(teses are known, trusted values and won't change): $string = "Atlanta CEO" $string = "Los Angeles CFO" What I need to do is strip the last four characters off of each string so that I'm just returning the city, not the group (CFO, CIO, COO etc.) How do I do this in PHP? Thanks in advance! Ron--- End Message ---
--- Begin Message ---Here you go: $string = substr($string, 0, -4); Ross -----Original Message----- From: RS Herhuth [mailto:[EMAIL PROTECTED]] Sent: 04 May 2001 02:06 To: [EMAIL PROTECTED] Subject: [PHP-WIN] Simple string function help needed List, This is an easy one but I'm under the gun and need some help. I have a situation where I need to trim the last four elements of a string off from a variable. Examples of what the string will look like(teses are known, trusted values and won't change): $string = "Atlanta CEO" $string = "Los Angeles CFO" What I need to do is strip the last four characters off of each string so that I'm just returning the city, not the group (CFO, CIO, COO etc.) How do I do this in PHP? Thanks in advance! Ron -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php--- End Message ---
--- Begin Message ---
Hi...
The problem comes when you are mixing variables recieved from the HTTP
request, and your own user variables. Consider the following code:
function authenticate_user(){
if($password == 'secret'){
$authenticated = 'yes';
}
return $authenticated;
}
If someone passes the variable authenticated=yes in the url request string,
the user will be authenticated no matter whether their password matches or
not. This is obviously a simplified example, and I'd hope that no
programmer would ever do this, but things like have been known to happen,
and there have already been exploits for it.
The logic behind the change is that it is really not much extra work to type
$_GET['something'] than just $something, and it is infinitely more secure -
so you should write your scripts using the $_REQUEST variables whenever
possible.
Hope that helps...
Matt
"Then" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All
>
> I am a PHP newbie. I don't understand why global variables are turned off
by
> default in PHP4.2.0... something to do with security. Could some one
please
> help me understand how it's a security issue. Thanks
--- End Message ---
--- Begin Message ---Hi At the cost of sounding dense...wouldn't POSTing the variables solve the problem. Then the user would not see them in the URL. [EMAIL PROTECTED] (Matt Parlane) wrote in [EMAIL PROTECTED]:">news:[EMAIL PROTECTED]: > Hi... > > The problem comes when you are mixing variables recieved from the HTTP > request, and your own user variables. Consider the following code: > > function authenticate_user(){ > if($password == 'secret'){ > $authenticated = 'yes'; > } > return $authenticated; > } > > If someone passes the variable authenticated=yes in the url request > string, the user will be authenticated no matter whether their password > matches or not. This is obviously a simplified example, and I'd hope > that no programmer would ever do this, but things like have been known > to happen, and there have already been exploits for it. > > The logic behind the change is that it is really not much extra work to > type $_GET['something'] than just $something, and it is infinitely more > secure - so you should write your scripts using the $_REQUEST variables > whenever possible. > > Hope that helps... > > Matt > > "Then" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> Hi All >> >> I am a PHP newbie. I don't understand why global variables are turned >> off > by >> default in PHP4.2.0... something to do with security. Could some one > please >> help me understand how it's a security issue. Thanks > > > -- Lots of Luck theN [EMAIL PROTECTED]--- End Message ---
--- Begin Message ---Posting the variables might solve the problem in this case, but remember that this is just an example, and I'm sure any creative mind could come up with a whole heap of ways you could exploit something like this. On the other hand though, you don't have to use it. If you are confident you can write an application without using the new superglobal arrays (and it is conceivably possible), you can just turn register_globals on. It's just a choice which was made by the PHP developers (rightly so I believe). Matt "Then" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi > > At the cost of sounding dense...wouldn't POSTing the variables solve the > problem. Then the user would not see them in the URL. > > > [EMAIL PROTECTED] (Matt Parlane) wrote in > [EMAIL PROTECTED]:">news:[EMAIL PROTECTED]: > > > Hi... > > > > The problem comes when you are mixing variables recieved from the HTTP > > request, and your own user variables. Consider the following code: > > > > function authenticate_user(){ > > if($password == 'secret'){ > > $authenticated = 'yes'; > > } > > return $authenticated; > > } > > > > If someone passes the variable authenticated=yes in the url request > > string, the user will be authenticated no matter whether their password > > matches or not. This is obviously a simplified example, and I'd hope > > that no programmer would ever do this, but things like have been known > > to happen, and there have already been exploits for it. > > > > The logic behind the change is that it is really not much extra work to > > type $_GET['something'] than just $something, and it is infinitely more > > secure - so you should write your scripts using the $_REQUEST variables > > whenever possible. > > > > Hope that helps... > > > > Matt > > > > "Then" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Hi All > >> > >> I am a PHP newbie. I don't understand why global variables are turned > >> off > > by > >> default in PHP4.2.0... something to do with security. Could some one > > please > >> help me understand how it's a security issue. Thanks > > > > > > > > > > -- > Lots of Luck > theN > [EMAIL PROTECTED]--- End Message ---
--- Begin Message ---That would be easy to solve by just adding a non_overwrite flag to the vars and thrus forbid the vars from get/post to override vars in the varspace that come from programming and not from get/post... One would keep the global vars but would also have the security of the existing/declared vars be protected from overwrite (only get/post vars would be allowed to be overwriten between page initializations)... Cheers, Luis Ferro Matt Parlane wrote: >Posting the variables might solve the problem in this case, but remember >that this is just an example, and I'm sure any creative mind could come up >with a whole heap of ways you could exploit something like this. > >On the other hand though, you don't have to use it. If you are confident >you can write an application without using the new superglobal arrays (and >it is conceivably possible), you can just turn register_globals on. It's >just a choice which was made by the PHP developers (rightly so I believe). > >Matt > >"Then" <[EMAIL PROTECTED]> wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > >>Hi >> >>At the cost of sounding dense...wouldn't POSTing the variables solve the >>problem. Then the user would not see them in the URL. >> >> >>[EMAIL PROTECTED] (Matt Parlane) wrote in >>[EMAIL PROTECTED]:">news:[EMAIL PROTECTED]: >> >> >> >>>Hi... >>> >>>The problem comes when you are mixing variables recieved from the HTTP >>>request, and your own user variables. Consider the following code: >>> >>>function authenticate_user(){ >>> if($password == 'secret'){ >>> $authenticated = 'yes'; >>> } >>> return $authenticated; >>>} >>> >>>If someone passes the variable authenticated=yes in the url request >>>string, the user will be authenticated no matter whether their password >>>matches or not. This is obviously a simplified example, and I'd hope >>>that no programmer would ever do this, but things like have been known >>>to happen, and there have already been exploits for it. >>> >>>The logic behind the change is that it is really not much extra work to >>>type $_GET['something'] than just $something, and it is infinitely more >>>secure - so you should write your scripts using the $_REQUEST variables >>>whenever possible. >>> >>>Hope that helps... >>> >>>Matt >>> >>>"Then" <[EMAIL PROTECTED]> wrote in message >>>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >>> >>> >>>>Hi All >>>> >>>>I am a PHP newbie. I don't understand why global variables are turned >>>>off >>>> >>>> >>>by >>> >>> >>>>default in PHP4.2.0... something to do with security. Could some one >>>> >>>> >>>please >>> >>> >>>>help me understand how it's a security issue. Thanks >>>> >>>> >>> >>> >>> >> >>-- >>Lots of Luck >>theN >>[EMAIL PROTECTED] >> >> > > > > >--- End Message ---
--- Begin Message ---HomeSite 5.0 is another good editor for HTML with a nice php parser. Isn't free but you can download a trial copy from www.macromedia.com regards,Alb -----Messaggio originale----- Da: Russell Griechen [mailto:[EMAIL PROTECTED]] Inviato: venerd́ 3 maggio 2002 1.25 A: Sukhwinder Singh; [EMAIL PROTECTED] Oggetto: Re: [PHP-WIN] Php on windows - Linux and Windows Editors CoffeeCup at http://www.coffeecup.com has a Linux Version of CoffeeCup Html Editor. You can download a Trial copy to see if it works for you. I am thinking of making a Linux box...if you do check it out ...please post your evaluation. I have used the Windows Version for several years. Russell Griechen ----- Original Message ----- From: "Sukhwinder Singh" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, May 01, 2002 5:55 AM Subject: [PHP-WIN] Php on windows - Linux and Windows Editors -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php--- End Message ---
--- Begin Message ---I've been trying to do as you mentioned below.The only difference is that i'm using phpdev and i downloaded jdk1.1.8.Things are still not working(same error message).You can look at the attached php.ini and my configurations and advise me appropriately.--- End Message --------Original Message-----
From: Sandeep Murphy [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 02, 2002 1:06 PM
To: 'Opere, James'; [EMAIL PROTECTED]
Subject: RE: [PHP-WIN] PHP and Javahi,
chk out the following in ur PHP.INI file... the php_java.dll file shud be enabled and also chk out the config under the java tab... hv pasted below the config that works for me.....
gud luck,
sands
extension=php_java.dll
[Java]
;java.class.path = .\php_java.jar
;java.home = c:\jdk
;java.library = c:\jdk\jre\bin\hotspot\jvm.dll
;java.library.path = .\
;extension=php_java.dll
java.library.path="C:\apache\php\extensions;"
java.class.path="C:\apache\php\extensions\php_java.jar;C:\jdk1.3.1_01\weblogic\weblogic.jar;C:\JBuilder6\ProfileStateless\classes;"
java.home = "C:\jdk1.3.1_01\bin"
java.library = C:\jdk1.3.1_01\jre\bin\server\jvm.dll
-----Original Message-----
From: Opere, James [mailto:[EMAIL PROTECTED]]
Sent: quinta-feira, 2 de Maio de 2002 6:22
To: [EMAIL PROTECTED]
Subject: [PHP-WIN] PHP and Java
I have downloaded JDK1.1.8 and installed on a windows platform.The problem
is that when i copy a script, paste and try to run as a .php which has some
java in it, i get an error i.e
Fatal error: Cannot instantiate non-existent class: java in
c:\phpdev\www\phpjava.php on line 5
The script is as below:
<?php
// Create an instance of the System object
// using PHP's Java class
$system = new Java("java.lang.System");
// Get the Java version
$version = $system->getProperty("java.version");
// Write it to the screen
echo("Java Version: $version");
?>
Can anybody help me out there how i should do my configuration so that this
can run? I tried making changes in php.ini but i still get the same error.Do
i need to install anothere java? If not, how then should i go about it?
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
