[PHP-DB] Re: using
It's just the syntax:
1. Don't use the "/" after .php:
abc";
maybe you will get the link you want.
Gabriel.
"MüCella Erdem Efe" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> Hi;
>
> I need to usestatement in a
xxx.php
> file.
>
> I have to use a php variable on the right of the day variable like href="abc.php/?day="+> .
> When i get this variable in abc.php file
>
> if (phpversion() <= "4.1.0")
> { $vars = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS); }
> else { $vars = $_REQUEST; }
> print_r($vars);
>
> Output is
> Array ( [day] =>(nothing)
>
> When i use a constant instead of variable like href="abc.php/?day=12-12-2002">.
> it works .
>
> Please help me about using a php variable in a href statement.
>
> thanks for your attention.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: disable History
Check the Header() function in the manual:
// Tels to the browser the page has caducated and forces to reload..
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// Avoids cahce. It seams it's what you want.
header("Cache-Control: no-cache, must-revalidate");
Gabriel.
"Open-Mind" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
How can I "disable" the use of History(Temporary Internet Files) in a page ?
(and don't tell me: it's easy: Tools->internet options->settings ...;-) ...
from script (htm ?, js ?, php ?) I want to do this ..)
PS: I have a script witch generate jpegs (cuts from a larger one) and
sometimes in browser I see older pictures ...
If I go to: Tools->internet options->settings-> chk for new versions every
visit to the page everything works just fine
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Sorry, "About security" is for this discution.
The message "About security" is for "Help with file upload". I placed the message outside. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] About security.
In your code, where you have:
if (is_uploaded_file($_FILES['ufile1']['name'])) {
copy($_FILES['ufile1']['name'], ".");
...
you should check the extension of the file been uploaded
you should'n accept files with php, cgi, asp, etc., extensions neither an
index file
if you do, some user (hacker) could upload a script and would be inside your
server
then check this:
if (is_uploaded_file($_FILES['ufile1']['name'])) {
if ( ){
copy($_FILES['ufile1']['name'], ".");
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Another way.
You can also pass the variable via POST to the script where the function is.
It remains a local variable.
Or you can set it as global like Chris says.
And another way is puting it in a cookie.
"Adam Symonds" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> Hi,
> I am starting to us functions with my work but I am having troubles
> With the variables in the functions..
>
> If I have the following function called from my page it will work but the
> variable won't
> ($username)
> but if I put this code straight on the page then it works fine..
>
> Any reason for the variable not to work in the function but in straight
> coding?
> Thanx
>
>
>
> Sample Function Below:
>
> ==
> function LoginSystem()
> {
> echo "";
> if ( !isset( $_SESSION['login'] ) ) {
>
> echo "";
> echo "Username: size=10> Password: size=10> ";
> echo "Not A Member
> Yet? ";
> echo "";
>
> } else {
> echo "Welcome $username href=../Users/Logout.php> size=1>Logout ";
> }
> echo "";
> }
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] more about permissions
Have in mind that some permissions can be changed only via FTP but some other can only be changed useing chmod(). If you want more security you should set the permission in the moment of the upload and change it again after it. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: Help with file upload
I made a mistake in my last message:
The lines that say:
ftp_chdir( $site , $folder );
ftp_site( $site , "chmod $mode $folder" );
should say:
ftp_chdir( $site , $folderbase );// this is the one that
was wrong
ftp_site( $site , "chmod $mode $folder" );
"Bunmi Akinmboni" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> Pls Help.
> I have done a lot of reading prior to this yet I just can't seem make it
> work. I wrote an upload program as seen below but the response I got was:
>
> Possible file upload attack. Filename: ayservenet.jpg Array ( [ufile1]
> => Array ( [name] => ayservenet.jpg [type] => image/pjpeg [tmp_name] =>
> /tmp/phpIMEhdh [error] => 0 [size] => 3030 ) )
>
> My codes are:
> File UPLOAD.HTM:
>
>
> Untitled Document
>
>
>
>
>
>
>
>
>
>
>
> File FUPROCESS.PHP:
> // In PHP earlier then 4.1.0, $HTTP_POST_FILES should be used instead
> of $_FILES.
> // $realname = $_FILES['ufile1']['name'];
>
> if (is_uploaded_file($_FILES['ufile1']['name'])) {
> copy($_FILES['ufile1']['name'], ".");
> echo "$ufile1_name ";
> echo "DONE";
> echo " ";
> print_r($_FILES);
> } else {
> echo "Possible file upload attack. Filename: " .
> $_FILES['ufile1']['name'];
> echo " ";
> print_r($_FILES);
> }
> ?>
>
> Thanks.
> --
> 'Bunmi Akinmboni
> 5, Aibu Street, Off Bode Thomas Street,
> P.O. Box 6235, Surulere, Lagos, NIGERIA.
> Tel: (234) 1-813-3335
> Fax: (234) 1-583-2585 (Nigeria Only)
> Fax: 1 (309) 285-2383 (International)
> Email: [EMAIL PROTECTED]
> Web site: http://www.budelak.com
>http://www.ayserve.net
>
> Web Design, Web Hosting, Domain Registration, ICT Consultancy,
> Networking, Internet, eCommerce, System Integrator
> ===
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Help with file upload
For the message:
> Warning: move_uploaded_file(./ayservenet.jpg): failed to open stream:
> Permission denied in /home/ayserve/public_html/fu/fuprocess.php on line 6
you have to change the permissions of the file folder where you are copying
the file.
If you created it via FTP then you can't use copy() or move().
check:
echo fileperms( $folder );
if it's 33188 or 33279 it's ok but I think it is not the permission of your
folder.
I think you'll get 17901 or some other.
so you have to use ftp_chmod() of ftp_site() to change it..
try this:
$folderbase = "folderbase"; // it's the folder where your folder for
uploads is.
$folder = "foldername";// it's your folder for uploads.
$mode = "0777";
$site = ftp_connect ( "ftp.yourdomain.com" );
if( $site != FALSE ) {
$loged = ftp_login( $site , "your username", "your password" );
if( $loged ) {
ftp_chdir( $site , $folder );
ftp_site( $site , "chmod $mode $folder" );
}
ftp_quit( $site );
"John W. Holmes" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> Bunmi Akinmboni wrote:
>
> > Pls Help.
> > I have done a lot of reading prior to this yet I just can't seem make it
> > work. I wrote an upload program as seen below but the response I got
was:
> >
> > Possible file upload attack. Filename: ayservenet.jpg Array ( [ufile1]
> > => Array ( [name] => ayservenet.jpg [type] => image/pjpeg [tmp_name] =>
> > /tmp/phpIMEhdh [error] => 0 [size] => 3030 ) )
> [snip]
> > if (is_uploaded_file($_FILES['ufile1']['name'])) {
> > copy($_FILES['ufile1']['name'], ".");
> > echo "$ufile1_name ";
> > echo "DONE";
> > echo " ";
> > print_r($_FILES);
> > } else {
> > echo "Possible file upload attack. Filename: " .
> > $_FILES['ufile1']['name'];
> > echo " ";
> > print_r($_FILES);
> > }
> > ?>
>
> You should pass $_FILES['ufile1']['tmp_name'] to is_uploaded_file().
>
> --
> ---John Holmes...
>
> Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
>
> php|architect: The Magazine for PHP Professionals www.phparch.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Can't conect with mysql_connect(), please help.
My site is hosted in a remote server. I can't find /etc/init.d/mysqld /etc does exists but /etc/init.d doesn't What I found is /usr/bin/msql2mysql /usr/bin/mysql_config /usr/bin/mysql /usr/bin/mysql_install_db /usr/bin/mysql_find_rows ... and a lot of files like /usr/bin/mysql The one that seems to be useful is /usr/lib/php4/mysql.so it's the socket, isn't? I guess that running /etc/init.d/mysqld start is kind of command line executing So, how can I start mysql from inside a php script? Thanks again. Gabriel. "Joe Nilson Zegarra Galvez" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > You must start your mysql server : > > do it: > > /etc/init.d/mysqld start > > and when you read the line > > mysql start [OK] > > your problem will be fix ;) > > Regards > > Nilson > > Gabriel Peugnet dijo: > > phpinfo() says: > > > > MySQL Support enabled > > > > MYSQL_SOCKET /var/lib/mysql/mysql.sock > > > > but in fact the file /var/lib/mysql/mysql.sock doesn't exists. > > > > So I understand that the first step is to check the configuration of > > MySQL, > > is it? > > > > > > "Dan Brunner" <[EMAIL PROTECTED]> escribió en el mensaje > > news:[EMAIL PROTECTED] > >> Hello!! > >> > >> Does that file "/var/lib/mysql/mysql.sock" exist?!!?!? > >> > >> Check to make sure mysql is running. > >> > >> > >> > >> Dan > >> > >> > >> On Oct 14, 2003, at 4:34 PM, [EMAIL PROTECTED] wrote: > >> > >> > I'm starting to use MySQL, well, trying to, and I get the next > >> message: > >> > > >> > Warning: mysql_connect(): Can't connect to local MySQL server through > >> > socket > >> > '/var/lib/mysql/mysql.sock' (2) > >> > > >> > The manual says that mysql_connect() can be called without arguments. > >> > That's > >> > what I'm doing. > >> > > >> > What's wrong? > >> > > >> > Thanks, > >> > Gabriel. > >> > > >> > -- > >> > PHP Database Mailing List (http://www.php.net/) > >> > To unsubscribe, visit: http://www.php.net/unsub.php > >> > > > > > -- > > PHP Database Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > - > Joe Nilson Zegarra Galvez >Sistemas Kola Real > Telefax : 0051-54-256658 > Movil: 0051-54-9603244 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Can't conect with mysql_connect(), please help.
phpinfo() says: MySQL Support enabled MYSQL_SOCKET /var/lib/mysql/mysql.sock but in fact the file /var/lib/mysql/mysql.sock doesn't exists. So I understand that the first step is to check the configuration of MySQL, is it? "Dan Brunner" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > Hello!! > > Does that file "/var/lib/mysql/mysql.sock" exist?!!?!? > > Check to make sure mysql is running. > > > > Dan > > > On Oct 14, 2003, at 4:34 PM, [EMAIL PROTECTED] wrote: > > > I'm starting to use MySQL, well, trying to, and I get the next message: > > > > Warning: mysql_connect(): Can't connect to local MySQL server through > > socket > > '/var/lib/mysql/mysql.sock' (2) > > > > The manual says that mysql_connect() can be called without arguments. > > That's > > what I'm doing. > > > > What's wrong? > > > > Thanks, > > Gabriel. > > > > -- > > PHP Database Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Can't conect with mysql_connect(), please help.
I'm starting to use MySQL, well, trying to, and I get the next message: Warning: mysql_connect(): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) The manual says that mysql_connect() can be called without arguments. That's what I'm doing. What's wrong? Thanks, Gabriel. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: Parse Errors...
I just sent you an email that was rejected.
Recipient address: [EMAIL PROTECTED]
Reason: Server rejected MAIL FROM address.
Diagnostic code: smtp;550 5.0.0 Access Denied for prodigy.net.mx
So here is the message:
For sending numbers with format I prefer the number_format() function.
Instead of these two lines:
$formatted = sprintf("%01.2f", $money);
echo $formatted;
I'd use only one line:
echo number_format( $money, 2 );
The output would be:
"123.10"
I'm sorry I can't help about the format "%01...". I'm not familiar with it.
Gabriel.
"Scott V Nipp" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
om...
> I keep receiving a parse error every time I try and view the page I
> am working on. I am developing this very simple application in
DreamWeaver
> MX 2004. Here are lines 3-16:
>
> mysql_select_db($database_Prod, $Prod);
> $query_Host = "SELECT Name FROM systems";
> $Host = mysql_query($query_Host, $Prod) or die(mysql_error());
> $row_Host = mysql_fetch_assoc($Host);
> $totalRows_Host = mysql_num_rows($Host);
>
> mysql_select_db($database_ProdUsers, $ProdUsers);
> $query_UserMod = "SELECT shell, home_dir FROM modification";
> $UserMod = mysql_query($query_UserMod, $ProdUsers) or die(mysql_error());
> $row_UserMod = mysql_fetch_assoc($UserMod);
> $totalRows_UserMod = mysql_num_rows($UserMod);
>
> ?>
>
> I am simply attempting to pull data from two separate tables in two
> separate databases. Every time I try to view my work, I am getting a
parse
> error on the 'mysql_select_db($database_ProdUsers, $ProdUsers);'
regardless
> of whether this is the first or second mysql_select_db. I imagine that I
am
> simply doing something obviously wrong here. Please help. Thanks.
>
>
> Scott Nipp
> Phone: (214) 858-1289
> E-mail: [EMAIL PROTECTED]
> Web: http:\\ldsa.sbcld.sbc.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: Parse Errors...
Some times parse errors aren't in the line the interpreter says.
Looking at the code you sent I don't see the error but if your original code
is in a biger file try looking if the brackets {} or parenthesis of all the
code are balanced.
"Scott V Nipp" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
om...
> I keep receiving a parse error every time I try and view the page I
> am working on. I am developing this very simple application in
DreamWeaver
> MX 2004. Here are lines 3-16:
>
> mysql_select_db($database_Prod, $Prod);
> $query_Host = "SELECT Name FROM systems";
> $Host = mysql_query($query_Host, $Prod) or die(mysql_error());
> $row_Host = mysql_fetch_assoc($Host);
> $totalRows_Host = mysql_num_rows($Host);
>
> mysql_select_db($database_ProdUsers, $ProdUsers);
> $query_UserMod = "SELECT shell, home_dir FROM modification";
> $UserMod = mysql_query($query_UserMod, $ProdUsers) or die(mysql_error());
> $row_UserMod = mysql_fetch_assoc($UserMod);
> $totalRows_UserMod = mysql_num_rows($UserMod);
>
> ?>
>
> I am simply attempting to pull data from two separate tables in two
> separate databases. Every time I try to view my work, I am getting a
parse
> error on the 'mysql_select_db($database_ProdUsers, $ProdUsers);'
regardless
> of whether this is the first or second mysql_select_db. I imagine that I
am
> simply doing something obviously wrong here. Please help. Thanks.
>
>
> Scott Nipp
> Phone: (214) 858-1289
> E-mail: [EMAIL PROTECTED]
> Web: http:\\ldsa.sbcld.sbc.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: tutorial
Go to www.php.net, in the section Documentation you'll find manuals in several languages. "Novianto Dwiatmojo" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > > Hi everyone > > i'm a newbie in php, mysql and linux but i want to learn about it can you > guys help me or give me referal to any tutorial links. > thank you for your kindness. > > thanks >:P > > >sorry for my english >:- [ > > _ > STOP MORE SPAM with the new MSN 8 and get 2 months FREE* > http://join.msn.com/?page=features/junkmail -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: set password on a page
In my last replay I told you to find the manual in the wrong place. The right place is www.php.net "Sagerat" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > How do I set up password on a page so that only restricted people can open > it? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: best" upload method
I use file upload, it's faster than ftp because the ftp conection and login process takes a few seconds. You have to see that the permissions in each method are diferent. Some times you cannot delete a file copied with ftp useing the unlink() function unless you change the chmod. If you used the upload method you can use unlink() but not ftp_delete(). It has solutions but with a little of complexity. That's why I recomend the upload method and the functions copy() and unlink() for moveing and deleting files. You can use also the chmod() function with this method to change permissions. "Open-Mind" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > which is the "best" upload file method ? > file uploads or FTP commands from PHP > > thanks -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: set password on a page
Use setCookie() function. It places a global variable on the client that
your programs can verify after. See the manual for the use of the function.
Here is an example:
// Example of file chkacces.php.
with POST method.
if( ($pass != "xyz" ){// where "xyz" is the right password.
echo "You are not autorized to see this page";
return;
}
// Autorized.
setCookie( $USER, "autorized" );
header( "Location: index.php" );// redirects to index.php
?>
Example for your index.php file:
The variable set with setCookie() is not availabe until the script ends. See
details in the manual.
The manual is available in www.php.org
"Sagerat" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> How do I set up password on a page so that only restricted people can open
> it?
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
