Re: [PHP] Re: php and dynamic forms
On Tue, 2006-08-15 at 01:24 -0400, Robert Cummings wrote: On Tue, 2006-08-15 at 13:02 +0800, Bigmark wrote: Does anyone have a simple example script. In the first form include a hidden field that identifies the form when you are checking the post values after submission. This way you know exactly what form was submitted. Second if the first form has been submitted then you know that you need to present the second form also. THe second form should also have a hidden field so that it may be identified upon submission. In this way you can detect which form was submitted (submit buttons are problematic for determining which form was submitted). Then when you detect that the second form was submitted you can handle it's data as you please and then only present the first form. A basic example follows (completely unchecked for typos/errors): And of course it had errors :) See below... ?php $submittedForm = null; if( isset( $_POST['formSubmitted'] ) ) { $submittedForm = $_POST['formSubmitted']; if( $_POST['formSubmitted'] == 'form1' ) { // do something with its data. } else if( $_POST['formSubmitted'] == 'form2' ) { // do something with its data. } } ? form name=form1 method=post action=?= $_SERVER['PHP_SELF'] ? input type=hidden value=form1 / Should be: input type=hidden name=formSubmitted value=form1 / select name=game option value=11/option option value=22/option option value=33/option option value=../option /select input type=submit name=continue value=Continue / /form ?php if( $submittedForm == 'form1' ) { ? form name=form2 method=post action=?= $_SERVER['PHP_SELF'] ? input type=hidden value=form2 / Should be: input type=hidden name=formSubmitted value=form2 / select name=blah option value=fooFoo/option option value=feeFee/option option value=fiiFii/option option value=fohFoh/option option value=fumFum/option /select input type=submit name=continue value=Continue / /form ?php } ? Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php and dynamic forms
On Tue, 2006-08-15 at 13:02 +0800, Bigmark wrote: Does anyone have a simple example script. In the first form include a hidden field that identifies the form when you are checking the post values after submission. This way you know exactly what form was submitted. Second if the first form has been submitted then you know that you need to present the second form also. THe second form should also have a hidden field so that it may be identified upon submission. In this way you can detect which form was submitted (submit buttons are problematic for determining which form was submitted). Then when you detect that the second form was submitted you can handle it's data as you please and then only present the first form. A basic example follows (completely unchecked for typos/errors): ?php $submittedForm = null; if( isset( $_POST['formSubmitted'] ) ) { $submittedForm = $_POST['formSubmitted']; if( $_POST['formSubmitted'] == 'form1' ) { // do something with its data. } else if( $_POST['formSubmitted'] == 'form2' ) { // do something with its data. } } ? form name=form1 method=post action=?= $_SERVER['PHP_SELF'] ? input type=hidden value=form1 / select name=game option value=11/option option value=22/option option value=33/option option value=../option /select input type=submit name=continue value=Continue / /form ?php if( $submittedForm == 'form1' ) { ? form name=form2 method=post action=?= $_SERVER['PHP_SELF'] ? input type=hidden value=form2 / select name=blah option value=fooFoo/option option value=feeFee/option option value=fiiFii/option option value=fohFoh/option option value=fumFum/option /select input type=submit name=continue value=Continue / /form ?php } ? Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] break up variable and put each element in an array
On Mon, 14 Aug 2006 19:14:42 -0500, Richard Lynch wrote: On Mon, August 14, 2006 2:41 am, Ivo F.A.C. Fokkema wrote: On Sat, 12 Aug 2006 16:36:36 -0500, Richard Lynch wrote: On Fri, August 11, 2006 3:11 am, Ivo F.A.C. Fokkema wrote: Well, if it's true that some browsers on some platforms ignore the W3C standard, I guess we could use: Or perhaps these browsers pre-date W3C standards. :-) Sure, but in newer versions, they might update their code to follow the standards after all... wouldn't they? Of course! But are all my users going to run out and upgrade because some W3C weenie (from their persepctive) told them to? No. In fact, *some* of my users are so economically-challenged that their hardware doesn't support a W3C-compliant browser due to memory constraints. Holy sh*t! Seriously? Since it became a HTML specification back in 1999, that must be quite some old software. I just assumed people upgraded by then, so it wouldn't be a problem at all. Not too sure if it's the best economically-challenged way to go, since they're probably waiting for ever to get their system booted, but that's a different story. Do you happen to know their browser specs? I've went through the list of browsers visiting our website (based on JS statistics). These are the oldest, of every browser type, taken from the last 5000 page hits: Firefox 1.0 Mozilla 1.0 MS Internet Explorer 5.0 Netscape 7.0 Opera 7.5 Profile 1.0 Safari 1.2 WebTV/MSTV 2.6 MS IE 5.0 is pretty old :) And I don't even know 'Profile 1.0'... So I'm going to provide backwards-compatible code which: does not break anything for W3C-compliant browsers supports ancient browsers costs almost nothing in CPU time for any reasonable-sized GET/POST OK, OK, you won me over :) Do you want to add to the Digital Divide by not supporting ancient hardware/software, or do you want to only provide web services to the wealthy :-) :-) :-) EvilMUHAHAHAHAHH!/Evil Oh, sorry, was that out loud? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Codigo de Captcha en PHP
Hi Richard, my example is not safe, but already I wrote in the last part of my message to Ricardo that, by security, would be necessary to make use of session variables, for example, to pass the value of catpcha generated and to be able to compare it. The modification would be like this: ?php session_start(); $key = strtolower(substr(md5(rand()), 0, 4)); $_SESSION['captcha'] = $key; $im = imagecreatetruecolor(40, 20); $bg = imagecolorallocate($im, 0, 0, 0); $col_text = imagecolorallocate($im, 255, 255, 255); imagestring($im, 4, 4, 1, $key, $col_text); header('Content-type: image/png'); imagepng($im); imagedestroy($im); ? And the comparison would be between the value introduced by the user and the stored one in the session variable. Saludos, Julio Barroso -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] login script
Hello, I have a couple of questions first how do I check two tables is it? $sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND userpass = '$userpass'; Secondly my table just sends and returns straight values from the db but I expect some kind of encription is required. What is a simple, secure method. md5() or another method. Do I store an encypted file on the server and just decrypt it at the php page. my auth script at present ?php session_start(); $auth = false; // Assume user is not authenticated $username= $_REQUEST['username']; $userpass= $_REQUEST['userpass']; if (isset($username) isset($userpass)) { $sql = SELECT * FROM mytable WHERE username = '$username' AND userpass = '$userpass'; // Execute the query and put results in $result $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); // Get number of rows in $result. $num_rows = mysql_num_rows($result); if($num_rows == 0) { } else { $_SESSION['username']= $username; $_SESSION['userpass']= $userpass; header(Location: disclaimer.php); $auth = true; } } Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Image Destroy
I know this will be really simple, but I'm struggling to get my head round the use of imagedestroy() I have some code which uploads an image, resizes to create a smaller image and thumbnail then deletes the source image. My question is which images need to be destroyed? I've read the even reusing a variable name still keeps the old one in memory. Here is the code... $image1 = basename($_FILES['image1']['name']); $image2 = basename($_FILES['image2']['name']); $image3 = basename($_FILES['image3']['name']); $uploaddir = '/home/public_html/images/upload/'; $uploadfile1 = $uploaddir . basename($_FILES['image1']['name']); $uploadfile2 = $uploaddir . basename($_FILES['image2']['name']); $uploadfile3 = $uploaddir . basename($_FILES['image3']['name']); // echo 'pre'; if (move_uploaded_file($_FILES['image1']['tmp_name'], $uploadfile1)) { echo Image1 is valid, and was successfully uploaded.\n; } else { echo Possible file upload attack!\n; echo BR; } // echo 'pre'; if (move_uploaded_file($_FILES['image2']['tmp_name'], $uploadfile2)) { echo Image2 is valid, and was successfully uploaded.\n; } else { echo Possible file upload attack!\n; echo BR; } // echo 'pre'; if (move_uploaded_file($_FILES['image3']['tmp_name'], $uploadfile3)) { echo Image3 is valid, and was successfully uploaded.\n; } else { echo Possible file upload attack!\n; echo BR; } echo Car inserted into database; // Now Resize Images /* resizeToFile resizes a picture and writes it to the harddisk * * $sourcefile = the filename of the picture that is going to be resized * $dest_x = X-Size of the target picture in pixels * $dest_y = Y-Size of the target picture in pixels * $targetfile = The name under which the resized picture will be stored * $jpegqual = The Compression-Rate that is to be used */ function resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual) { /* Get the dimensions of the source picture */ $picsize=getimagesize($sourcefile); $source_x = $picsize[0]; $source_y = $picsize[1]; $source_id = imageCreateFromJPEG($sourcefile); /* Create a new image object (not neccessarily true colour) */ $target_id=imagecreatetruecolor($dest_x, $dest_y); /* Resize the original picture and copy it into the just created image object. Because of the lack of space I had to wrap the parameters to several lines. I recommend putting them in one line in order keep your code clean and readable */ $target_pic=imagecopyresampled($target_id,$source_id, 0,0,0,0, $dest_x,$dest_y, $source_x,$source_y); /* Create a jpeg with the quality of $jpegqual out of the image object $target_pic. This will be saved as $targetfile */ imagejpeg ($target_id,$targetfile,$jpegqual); return true; } //Set Quality to Max $jpegqual = '100'; //Resize Main Image $sourcefile = $uploadfile1; $targetfile = $uploaddir . 'main_' . basename($_FILES['image1']['name']); $dest_x = '570'; $dest_y = '428'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); $sourcefile = $uploadfile2; $targetfile = $uploaddir . 'main_' . basename($_FILES['image2']['name']); $dest_x = '570'; $dest_y = '428'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); $sourcefile = $uploadfile3; $targetfile = $uploaddir . 'main_' . basename($_FILES['image3']['name']); $dest_x = '570'; $dest_y = '428'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); //Create Thumbnails $sourcefile = $uploadfile1; $targetfile = $uploaddir . 'thumb_' . basename($_FILES['image1']['name']); $dest_x = '120'; $dest_y = '90'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); $sourcefile = $uploadfile2; $targetfile = $uploaddir . 'thumb_' . basename($_FILES['image2']['name']); $dest_x = '120'; $dest_y = '90'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); $sourcefile = $uploadfile3; $targetfile = $uploaddir . 'thumb_' . basename($_FILES['image3']['name']); $dest_x = '120'; $dest_y = '90'; resizeToFile ($sourcefile, $dest_x, $dest_y, $targetfile, $jpegqual); //Delete Uploaded Source Files as no longer required if(file_exists($uploadfile1)) unlink($uploadfile1); if(file_exists($uploadfile2)) unlink($uploadfile2); if(file_exists($uploadfile3)) unlink($uploadfile3); Should I be using imagedestroy($sourcefile) each time I create an image or imagedestroy($targetfile) or both? Many thanks in advance. Tom
Re: [PHP] login script
Ross wrote: first how do I check two tables is it? $sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND userpass = '$userpass'; That depends on what you are trying to achieve. Your example makes no sense at all. What are you trying to get from each table? How are they linked? etc! However, since this is a PHP list I suggest you try Googling for an introductory SQL tutorial or a SQL mailing list. Secondly my table just sends and returns straight values from the db but I expect some kind of encription is required. What is a simple, secure method. md5() or another method. Do I store an encypted file on the server and just decrypt it at the php page. my auth script at present ?php session_start(); $auth = false; // Assume user is not authenticated $username= $_REQUEST['username']; $userpass= $_REQUEST['userpass']; if (isset($username) isset($userpass)) { $sql = SELECT * FROM mytable WHERE username = '$username' AND userpass = '$userpass'; // Execute the query and put results in $result $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); // Get number of rows in $result. $num_rows = mysql_num_rows($result); if($num_rows == 0) { } else { $_SESSION['username']= $username; $_SESSION['userpass']= $userpass; header(Location: disclaimer.php); $auth = true; } } If that's your login script you have bigger problems than securing the passwords in the database. There is no escaping applied to the username and password you get from the browser - this is a massive security hole. See http://php.net/mysql_real_escape_string about that one. As far as securing the password goes, the most common approach is to store the MD5 hash in the DB. What you want is something like this... ?php session_start(); $auth = false; // Assume user is not authenticated $username = $_REQUEST['username']; $userpass = $_REQUEST['userpass']; if (!empty($username) !empty($userpass)) { $sql = SELECT * FROM mytable WHERE username = '.mysql_real_escape_string($username).' AND userpass = md5('.mysql_real_escape_string($userpass).'); // Execute the query and put results in $result $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); // Get number of rows in $result. if (mysql_num_rows($result) == 0) { // Login failed, blah blah blah } else { $_SESSION['username']= $username; $_SESSION['userpass']= $userpass; header(Location: disclaimer.php); $auth = true; } } ? -Stut -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] login script
On 15/08/06, Ross [EMAIL PROTECTED] wrote: Hello, I have a couple of questions first how do I check two tables is it? $sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND userpass = '$userpass'; Secondly my table just sends and returns straight values from the db but I expect some kind of encription is required. What is a simple, secure method. md5() or another method. Do I store an encypted file on the server and just decrypt it at the php page. my auth script at present ?php session_start(); $auth = false; // Assume user is not authenticated $username= $_REQUEST['username']; $userpass= $_REQUEST['userpass']; if (isset($username) isset($userpass)) { $sql = SELECT * FROM mytable WHERE username = '$username' AND userpass = '$userpass'; // Execute the query and put results in $result $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); // Get number of rows in $result. $num_rows = mysql_num_rows($result); if($num_rows == 0) { } else { $_SESSION['username']= $username; $_SESSION['userpass']= $userpass; header(Location: disclaimer.php); $auth = true; } } Question 1 - you are doing a join so there has to be a linking index between the two table ie select * from table1, table2 where table1.id = table2.userid (for example). Question 2 - md5 is sufficient, depends on what your are storing (ie credit card numbers may require a stronger encyption method. To check: $pass = md5(password); select * from table 1 where password = '$pass'; I think the php and mysql md5 functions differ but I may be wrong! -- http://www.web-buddha.co.uk http://www.projectkarma.co.uk
Re: [PHP] Image Destroy
On 8/15/06, Tom Chubb [EMAIL PROTECTED] wrote: I know this will be really simple, but I'm struggling to get my head round the use of imagedestroy() I have some code which uploads an image, resizes to create a smaller image and thumbnail then deletes the source image. My question is which images need to be destroyed? Straight from the manual: imagedestroy() frees any memory associated with image image. image is the image identifier returned by one of the image create functions, such as imagecreatetruecolor() So any time you call imagecreate* functions you need to also do an imagedestroy. In your case you need to add imagedestroy($target_id); imagedestroy($source_id); just before imagejpeg ($target_id,$targetfile,$jpegqual); return true; } -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image Destroy
On 8/15/06, chris smith [EMAIL PROTECTED] wrote: On 8/15/06, Tom Chubb [EMAIL PROTECTED] wrote: I know this will be really simple, but I'm struggling to get my head round the use of imagedestroy() I have some code which uploads an image, resizes to create a smaller image and thumbnail then deletes the source image. My question is which images need to be destroyed? Straight from the manual: imagedestroy() frees any memory associated with image image. image is the image identifier returned by one of the image create functions, such as imagecreatetruecolor() So any time you call imagecreate* functions you need to also do an imagedestroy. In your case you need to add imagedestroy($target_id); imagedestroy($source_id); just before imagejpeg ($target_id,$targetfile,$jpegqual); return true; } Oops! Move those imagedestroy calls after imagejpeg but before the return ;) -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mail reply-path
Hi all Im trying to send emails using the mail() function but im having a problem. Because the box that the scripts sit on is a shared web-hosting package the Reply-path part of the header always comes up as [EMAIL PROTECTED] but i have set the from part of the header to [EMAIL PROTECTED] A lot of people are not getting the emails (most are) and im picking that its because the domains on the 2 header parts are different and they have some sort of antispam policy which blocks these. Apart from changing the domains or email addresses to be the same has anyone seen this problem before and if so can you give advice or point me to some relevant docs on it? I have tried to change the Replay-path: part of the header with code but it seems to default to the above. Thanks in advance for any help!! Cheers Bob - Try the all-new Yahoo! Mail . The New Version is radically easier to use The Wall Street Journal
Re: [PHP] Re: Internet Explorer doesn't display UTF-8 page using UTF-8 encoding
At 7:42 PM -0500 8/14/06, Richard Lynch wrote: What a mess MS makes of things! Except sales. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php and dynamic forms
At 1:24 AM -0400 8/15/06, Robert Cummings wrote: On Tue, 2006-08-15 at 13:02 +0800, Bigmark wrote: Does anyone have a simple example script. In the first form include a hidden field that identifies the form when you are checking the post values after submission. This way you know exactly what form was submitted. Second if the first form has been submitted then you know that you need to present the second form also. THe second form should also have a hidden field so that it may be identified upon submission. In this way you can detect which form was submitted (submit buttons are problematic for determining which form was submitted). Then when you detect that the second form was submitted you can handle it's data as you please and then only present the first form. A basic example follows (completely unchecked for typos/errors): -snip- Rob's most excellent code. To expand, one could also run the self referencing loop through a switch statement controlled by the hidden value and have as many forms as you wanted. I do this all the time. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: header lost session variables.
So, could anyone here then explain why in other server my system it works fine? I check the two servers configuration and it´s the same, they has only one difference, one´s running php 5.0 and the other´s running php 5.1.4 Is there some difference between this two versions? João Cândido de Souza Neto [EMAIL PROTECTED] escreveu na mensagem news:[EMAIL PROTECTED] Hi guys. Anyone here know why in some cases when i use (header(Location: ???); the system lost the session variables? Any tips will be apreciated. Thanks in advantge. -- João Cândido de Souza Neto Curitiba Online [EMAIL PROTECTED] (41) 3324-2294 (41) 9985-6894 http://www.curitibaonline.com.br -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sorting array after array_count_values
hi to all! I have an array of products $products $products = array_count_values($products); now I have an array where $key is product number and $value is how many times I have such a product in the array. I want to sort this new array that product with the most duplicates are on the first place, but what ever I use (rsort, krsort,..) i loose product numbers (key). any suggestions? thanks. -afan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Capturing System output
Hello All.. Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? Thanks -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capturing System output
On Tuesday 15 August 2006 09:19, Brad Bonkoski wrote: Hello All.. Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? Thanks -Brad I'd take a look at shell_exec. There'sa comment about capturing stderr. I'm not sure if shell_exec captures stderr, but it should at least point you in the right direction. Just do a search for stderr and you should find some good info. -- Ray Hauge Programmer/Systems Administrator American Student Loan Services www.americanstudentloan.com 1.800.575.1099 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capturing System output
Stut wrote: Brad Bonkoski wrote: Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? I may be missing something, but why in the name of all that is holy would you want to shell out to try connecting to mysql? Why not use mysql_connect and avoid the potentially massive security hole you're building? -Stut Perhaps poor illustration of the question...the question being how to issue system like commands in PHP which would allow you to trap not only stdout, but also stderr. -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Capturing System output
Hello, If you are working on a Linux system, you can try appending: 21 To the end of your command, so that you end up with: Mysql -u $user -p{$pass} 21 What this does is tell the shell to redirect anything from stderr to go through stdout. If you want to get -really- fancy you can use proc_open, which will give you handles for the process' stdout, stderr, and stdin. HTH, K. Bear -Original Message- From: Brad Bonkoski [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 15, 2006 10:38 AM To: Stut Cc: PHP List Subject: Re: [PHP] Capturing System output Stut wrote: Brad Bonkoski wrote: Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? I may be missing something, but why in the name of all that is holy would you want to shell out to try connecting to mysql? Why not use mysql_connect and avoid the potentially massive security hole you're building? -Stut Perhaps poor illustration of the question...the question being how to issue system like commands in PHP which would allow you to trap not only stdout, but also stderr. -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capturing System output
Brad Bonkoski wrote: Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? I may be missing something, but why in the name of all that is holy would you want to shell out to try connecting to mysql? Why not use mysql_connect and avoid the potentially massive security hole you're building? -Stut -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capturing System output
On Tuesday 15 August 2006 09:38, Brad Bonkoski wrote: Stut wrote: Brad Bonkoski wrote: Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? I may be missing something, but why in the name of all that is holy would you want to shell out to try connecting to mysql? Why not use mysql_connect and avoid the potentially massive security hole you're building? -Stut Perhaps poor illustration of the question...the question being how to issue system like commands in PHP which would allow you to trap not only stdout, but also stderr. -Brad Best example I found was: $shell_return = shell_exec($shell_command. 21); that should redirect stderr to stdout and thus you'd get both. -- Ray Hauge Programmer/Systems Administrator American Student Loan Services www.americanstudentloan.com 1.800.575.1099 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail reply-path
bob pilly wrote: Im trying to send emails using the mail() function but im having a problem. Because the box that the scripts sit on is a shared web-hosting package the Reply-path part of the header always comes up as [EMAIL PROTECTED] but i have set the from part of the header to [EMAIL PROTECTED] A lot of people are not getting the emails (most are) and im picking that its because the domains on the 2 header parts are different and they have some sort of antispam policy which blocks these. Apart from changing the domains or email addresses to be the same has anyone seen this problem before and if so can you give advice or point me to some relevant docs on it? I have tried to change the Replay-path: part of the header with code but it seems to default to the above. I think you're looking for the 'Return-Path' header rather than the reply-path. (Or perhaps even Reply-To?) Try something like this: $from = 'A User [EMAIL PROTECTED]'; $eol = \r\n; /* or sometimes \n */ $headers = Return-Path: $from$eol; $headers .= From: $from$eol; mail($to,$subject,$message,$headers); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] system, exec, shell_exec, passthru [RESOLVED]
Hello, This problem has now been resolved. The problem as described below was NOT caused by PHP. The problem was actually a file permissions/ownership problem. A.) The apache webserver runs as a user with specific priviledges. On this particular server the webserver runs as user 'apache'. B.) The file that CGI/PHP 'myprog' was attempting to open for input was owned by a different user. The user 'apache' had no rights to the file. C.) Because the CGI was unable to open the input file, several following output files failed to be generated. Thus the error in PHP. The resolution was to place files, to be accessed by the apache webserver user, in directories and files that are owned by apache:apache, or nobody:nogroup. chown apache:apache /mydirectory cd mydirectory chown apache:apache -R * [or] chown nobody:nogroup /mydirectory cd mydirectory chown nobody:nogroup -R * I hope this helps people with similar problems in the future. All the best, Peter Hello, I am trying the run an external application with command line arguments using PHP under linux. ie: $command=myprog $arg1 $arg2 textfile.txt; system(echo \$command\ test.txt); system($command); $handle=fopen(textfile.txt,r); if($handle!=NULL) { while(!feof($handle)) { ... } fclose($handle); } I test my input arguments for the 'system' call by dumping the command into a text file. I can then test the command in the console. The commands work fine when run from the console. The commands don't work when run through the system command. I have tried system, exec, passthru, and shell_exec to no avail. Am I missing some permissions thing in my php.ini file? Thanks for any insight, Peter -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Setting flags versus checking for existing/nonexisting values
Hello, Is it a better practice to set flags to determine the action of your code or is it perfectly acceptable to have your code determine what it should do based on the existence (or lack thereof) of data? For example: ?php if($value == 1) { $flag = true; } if($flag === true) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? versus: ?php if($value == 1) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? Of course this is an overly simplistic example but you get the idea. Are there pros and cons to both sides or should I just avoid the latter example all together? Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] login script
I would hope that MD5 hashing is MD5 hashing no matter where it originates. However, I think it's better to use the database server's implementation. I believe it is less likely to be changed in future versions, and it removes some processing time from the front end. Additionally, if you ever move away from PHP, you have one less line of platform-specific code to change. On 8/15/06, Dave Goodchild [EMAIL PROTECTED] wrote: $pass = md5(password); select * from table 1 where password = '$pass'; I think the php and mysql md5 functions differ but I may be wrong! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] readdir() question
I have a script to list the files in a directory: select name=letters ?php $open = opendir(.); while ($file = readdir($open) != false) { ? option value=?=$file??=$file?/option ?php } ? /select /form And all I am getting are 1s. I think I'm doing it right, what is the disconnect? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting flags versus checking for existing/nonexisting values
Chris W. Parker wrote: Hello, Is it a better practice to set flags to determine the action of your code or is it perfectly acceptable to have your code determine what it should do based on the existence (or lack thereof) of data? For example: ?php if($value == 1) { $flag = true; } if($flag === true) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? versus: ?php if($value == 1) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? Of course this is an overly simplistic example but you get the idea. Are there pros and cons to both sides or should I just avoid the latter example all together? Thanks, Chris. Pros: potentially more readable code. Cons: Wasted energy typing unnecessary lines of code. Really I would say it comes down to coder preference. (and why would you avoid the latter all together? Testing a boolean may be cleaner, but setting the boolean still relies on the value of $value, so if that value was fubar then the boolean would be too.) -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ftp_chmod
Hi gang: Before php 5, how did you guys handle ftp_chmod? Keep in mind: a) I'm working on a shared host; b) I'm trying to change permissions via php 4; c) because of (a) (I think) functions such as chmod() don't work; d) and lastly, any references/code on how to manage files (i.e., delete files and change permissions) via php 4 on a shared *nix server would be greatly appreciated. Thanks in advance. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ftp_chmod
tedd wrote: Hi gang: Before php 5, how did you guys handle ftp_chmod? Oh, I'd probably try the code outlined in the user contributed section of the ftp_chmod manual page. Keep in mind: a) I'm working on a shared host; b) I'm trying to change permissions via php 4; c) because of (a) (I think) functions such as chmod() don't work; d) and lastly, any references/code on how to manage files (i.e., delete files and change permissions) via php 4 on a shared *nix server would be greatly appreciated. Unless your shared host has those functions disabled, they should work fine as long as you have proper permission to do things like chmod and delete (unlink). -- John C. Nichel IV Programmer/System Admin (ÜberGeek) Dot Com Holdings of Buffalo 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting flags versus checking for existing/nonexisting values
Brad Bonkoski mailto:[EMAIL PROTECTED] on Tuesday, August 15, 2006 10:04 AM said: Pros: potentially more readable code. Cons: Wasted energy typing unnecessary lines of code. Really I would say it comes down to coder preference. (and why would you avoid the latter all together? Testing a boolean may be cleaner, but setting the boolean still relies on the value of $value, so if that value was fubar then the boolean would be too.) Thanks for the response. Those are basically the same assumptions I had. I was curious to find out if there were more points I should be aware of. To answer your question, in case the cons outweigh the pros. If I felt an overwhelming majority of the people on the list said, In my experience you should always set flags because you'll run into a, b, c, d, e, f, g, etc. I would probably agree to avoid the latter practice altogether. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Easier way to get the name of a variable?
Hello, After some intense searching of Google I found one example at http://us2.php.net/language.variables on how to get the name of a variable. But it looks pretty expensive. ?php function vname($var, $scope=false, $prefix='unique', $suffix='value') { if($scope) $vals = $scope; else $vals = $GLOBALS; $old = $var; $var = $new = $prefix.rand().$suffix; $vname = FALSE; foreach($vals as $key = $val) { if($val === $new) $vname = $key; } $var = $old; return $vname; } ? Anyone aware of a simple language construct(?) that can do this? I'm on PHP 4.3.9. Thanks, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Max File Upload
Is there anyway to overwrite the max file upload in php.ini per instant? I'd like to have users controlled on a certain website to have more then average uploads but the site runs on a shared hosting environment. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Max File Upload
Tom Ray [Lists] wrote: Is there anyway to overwrite the max file upload in php.ini per instant? I'd like to have users controlled on a certain website to have more then average uploads but the site runs on a shared hosting environment. http://us3.php.net/ini_set -- John C. Nichel IV Programmer/System Admin (ÜberGeek) Dot Com Holdings of Buffalo 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting flags versus checking for existing/nonexisting values
On Tue, 2006-08-15 at 10:12 -0700, Chris W. Parker wrote: Brad Bonkoski mailto:[EMAIL PROTECTED] on Tuesday, August 15, 2006 10:04 AM said: Pros: potentially more readable code. Cons: Wasted energy typing unnecessary lines of code. Really I would say it comes down to coder preference. (and why would you avoid the latter all together? Testing a boolean may be cleaner, but setting the boolean still relies on the value of $value, so if that value was fubar then the boolean would be too.) Thanks for the response. Those are basically the same assumptions I had. I was curious to find out if there were more points I should be aware of. To answer your question, in case the cons outweigh the pros. If I felt an overwhelming majority of the people on the list said, In my experience you should always set flags because you'll run into a, b, c, d, e, f, g, etc. I would probably agree to avoid the latter practice altogether. If it's just the mere existence that determines the value then isset() is fine. But if the value is determined by a boolean value of the variable and defaults to some value when not set, then I almost always assign to a flag so that subsequent checks don't need to perform both the isset() check and the value check (presuming you care about E_NOTICE which I do :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] 'weird error' possibly related to APC... how to begin debugging?
the error is this: PHP Fatal error: Exception thrown without a stack frame in Unknown on line 0 as you might guess line 0 doesn't exist in my 'Unknown' file... the problem is compounded by the fact that the error appears only sporadically (I personally only see them occasionally in the log). I'm running APC version 3.0.8, I have tried running APC 3.0.10 but that gives me a plethora of segfaults that I'd rather not get into. does anyone have any idea as to what could be the cause? cheers, Jochem -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Max File Upload
http://us2.php.net/manual/en/ini.core.php#ini.upload-max-filesize In later versions of PHP, you can't use ini_set to set upload_max_filesize ... The changeable option is PHP_INI_PERDIR now, meaning you can only change it in php.ini, .htaccess or httpd.conf ... http://us2.php.net/manual/en/ini.php#ini.list Like it says in the user contributed notes on that page, you have to use php_value in .htaccess to adjust the setting. Example: php_value upload_max_filesize 20M --- Jeremy C. Privett Director of Product Development Zend Certified Engineer Completely Unique [EMAIL PROTECTED] Phone: 303.459.4819 Fax: 303.459.4821 Web:www.completelyunique.com This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. Your compliance is appreciated. -Original Message- From: John Nichel [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 15, 2006 12:32 PM To: php-general@lists.php.net Subject: Re: [PHP] Max File Upload Tom Ray [Lists] wrote: Is there anyway to overwrite the max file upload in php.ini per instant? I'd like to have users controlled on a certain website to have more then average uploads but the site runs on a shared hosting environment. http://us3.php.net/ini_set -- John C. Nichel IV Programmer/System Admin (ÜberGeek) Dot Com Holdings of Buffalo 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
On 15/08/06, John Meyer [EMAIL PROTECTED] wrote: I have a script to list the files in a directory: select name=letters ?php $open = opendir(.); while ($file = readdir($open) != false) { ? option value=?=$file??=$file?/option ?php } ? /select /form And all I am getting are 1s. I think I'm doing it right, what is the disconnect? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Straight from the PHP readdir help... http://uk2.php.net/readdir ?php if ($handle = opendir('.')) { while (false !== ($file = readdir($handle))) { if ($file != . $file != ..) { echo $file\n; } } closedir($handle); } ? It does however strip out '.' or '..' but I'm sure you'll get the hang of it. HTH
Re: [PHP] 'weird error' possibly related to APC... how to begin debugging?
On Tue, August 15, 2006 2:27 pm, Jochem Maas wrote: the error is this: PHP Fatal error: Exception thrown without a stack frame in Unknown on line 0 I've seen messages like this in evaled code. I think I also saw something like this that was something really sick in the guts of PHP itself and it happened at startup from a buggy CVS version... I'm running APC version 3.0.8, I have tried running APC 3.0.10 but that gives me a plethora of segfaults that I'd rather not get into. does anyone have any idea as to what could be the cause? Is it feasible to try running without APC at all? If you can do that, and narrow down the problem to APC it would reduce your search space for the bug. Do you have any eval calls in your code? Precede them with time-stamped error_log of what you are about to eval() and then see if they correspond with your other error message. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Max File Upload
On Tue, August 15, 2006 1:50 pm, Jeremy Privett wrote: http://us2.php.net/manual/en/ini.core.php#ini.upload-max-filesize In later versions of PHP, you can't use ini_set to set upload_max_filesize ... The changeable option is PHP_INI_PERDIR now, meaning you can only change it in php.ini, .htaccess or httpd.conf ... http://us2.php.net/manual/en/ini.php#ini.list Like it says in the user contributed notes on that page, you have to use php_value in .htaccess to adjust the setting. Example: php_value upload_max_filesize 20M I do not know if it's still true, but at one time, if the upload_max_filesize had already been set in httpd.conf/php.ini, the .htaccess did not actually over-ride it, unless it was lower. IOW, the actual max size was the MINIMUM of htppd.conf/php.ini (the webhost) .htaccess (the application developer) and whatever was in that special value in the FORM (the web designer) This may have been a bug. It may have been a feature. It may no longer be true. My memory could be completely wrong, too :-) But, for sure, ini_set ain't gonna work as it's MUCH too late in the game for a file upload change. Also, I don't think '20M' will work in httpd.conf, as I don't think Apache considers '20M' to be a valid numeric value... You may need to use 2000 to get aproximately 20 Meg. You're on your own for whom to believe about what is the correct number to get exactly 20 Meg. :-) To solve the original problem, your safest bet is probably a different setting inside the VirtualHost of the httpd.conf -- I'm pretty sure that will follow the rules of VirtualHost inheritence and give your special customers that extra leeway. If all else fails, just crank up the number for everybody. It probably will make a lot of customers happy, and not hurt anybody very much. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
On Tue, August 15, 2006 1:19 pm, Chris W. Parker wrote: After some intense searching of Google I found one example at http://us2.php.net/language.variables on how to get the name of a variable. But it looks pretty expensive. ?php function vname($var, $scope=false, $prefix='unique', $suffix='value') { if($scope) $vals = $scope; else $vals = $GLOBALS; $old = $var; $var = $new = $prefix.rand().$suffix; $vname = FALSE; foreach($vals as $key = $val) { if($val === $new) $vname = $key; } $var = $old; return $vname; } ? Anyone aware of a simple language construct(?) that can do this? I'm on PHP 4.3.9. There is no function that can do this, because any given variable may have several different names based on the current scope. $foo = 5; function bar ($x) { return baz ($x); } function baz ($z) { echo What's your name?br /Who's your daddy?br /\n; echo vname($z); } $foobar = $foo; bar($foobar); Do you expect 'x' or 'foo' or 'foobar' as the output of your vname() function? I don't even know what you're going to get from reading that hack above, much less what to expect. You can come at this backwards by passing in the NAME of a variable, and using variable variables within the function to get the value. But 99.9% of the time one does that, one should have been using an array in the first place, and not variable variables. If you want to associate a name with a value throughout your program, you should DEFINITELY be using some kind of structure designed for that. Associative arrays work very well for this. Objects with properties also work. If the names are not predictable, the array solution is probably best, as there is movement in the PHP Internals list that may (or may not) make it impossible to dynamically add a property to an object. I've lost track of where that thread ended, so apologies if this is a non-issue. The array is probably the more correct construct for un-predictable names, unless there are pre-existing instances that are immutably and inherently already bound to the name/value you wish to store. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
On Tue, 2006-08-15 at 16:50 -0500, Richard Lynch wrote: If the names are not predictable, the array solution is probably best, as there is movement in the PHP Internals list that may (or may not) make it impossible to dynamically add a property to an object. Yikes!! Do you remember the subject line of the thread? i think that would break a lot of sites if they removed the ability to dynamically add object properties. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
On Tue, August 15, 2006 12:04 pm, John Meyer wrote: I have a script to list the files in a directory: select name=letters ?php $open = opendir(.); while ($file = readdir($open) != false) { ? option value=?=$file??=$file?/option ?php } ? /select /form And all I am getting are 1s. I think I'm doing it right, what is the disconnect? It's not a readdir question. It's an Order of Operations question. :-) $file = readdir($open) != false You probably believe that PHP is going to magically know that you want this bit: readdir($open) != false to be done first But PHP can't read your mind. It's going to look at the facts of the case. = and != have equal priority in PHP, and in case of a tie it will evaluate them left-to-right: $file = readdir($open) This gives you the name of the file. PHP then does the != false bit, comparing the name of a file with false. Unless your filename starts with one or more '0' characters, and then has alpha characters for the first non-numeric characters after the '0's, then it ain't gonna be equal to false, and it will always return 1. 'afile' != false 1 'filename' != false - 1 '000name' != false -- 0 '012name' != false -- 1 You really do need to put the parentheses in there, so PHP does things in the rigth order, just like the manual says to: http://php.net/readdir -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting flags versus checking for existing/nonexisting values
On Tue, August 15, 2006 11:53 am, Chris W. Parker wrote: Is it a better practice to set flags to determine the action of your code or is it perfectly acceptable to have your code determine what it should do based on the existence (or lack thereof) of data? For example: ?php if($value == 1) { $flag = true; } if($flag === true) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? versus: ?php if($value == 1) { echo I wish I could come to the PHP meetup in Chicago! :(; } ? Of course this is an overly simplistic example but you get the idea. Are there pros and cons to both sides or should I just avoid the latter example all together? If the test is as simple as $value == 1, then setting a flag and testing the flag is silly, over-engineered, and error-prone, and it leads to code cruft which leads to bugs as alternative branches are less clear than if the test is done in-line. If the logic to figure out $flag is complicated, with multiple inputs, and the result is used in multiple places, then, by all means, figure it out once, and give the flag A GOOD NAME VARIABLE so that you can reference it again and again later, rather than wade through complicated test code over and over. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] ftp_chmod
At 1:20 PM -0400 8/15/06, John Nichel wrote: tedd wrote: Before php 5, how did you guys handle ftp_chmod? Oh, I'd probably try the code outlined in the user contributed section of the ftp_chmod manual page. Bingo ! Who would have thought exactly what I wanted was where I should have looked. Thanks for putting up with me. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Capturing System output
On Tue, August 15, 2006 9:19 am, Brad Bonkoski wrote: Had this problem in the past, and always programmed around it, but wondering if there is an easier way. Good Example: Creating a setup for connecting to a mysql database. Want to do something simple to make sure they have entered a valid username/password for the database. So, the idea is something like: $rc = exec(mysql -u $user -p{$pass}, $output); The problem is one error, the stderr does not go to the output array, but rather to the screen. Previously I would redirect the stderr to a file, and then evaluate the contents of the file, but is there an easier way to get this into the PHP variable with no risk of having the output make it through to the screen? In some OSes, in some shells, you can use: mysql -u $user -p{$pass} 21 The 21 is special code for redirect stdrrr (aka 2) to stdout (aka 2) Unless it's 21 which I always forget which is which... -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sorting array after array_count_values
On Tue, August 15, 2006 9:01 am, [EMAIL PROTECTED] wrote: I have an array of products $products $products = array_count_values($products); now I have an array where $key is product number and $value is how many times I have such a product in the array. I want to sort this new array that product with the most duplicates are on the first place, but what ever I use (rsort, krsort,..) i loose product numbers (key). http://php.net/asort -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail reply-path
On Tue, August 15, 2006 6:54 am, bob pilly wrote: Im trying to send emails using the mail() function but im having a problem. Because the box that the scripts sit on is a shared web-hosting package the Reply-path part of the header always comes up as [EMAIL PROTECTED] but i have set the from part of the header to [EMAIL PROTECTED] A lot of people are not getting the emails (most are) and im picking that its because the domains on the 2 header parts are different and they have some sort of antispam policy which blocks these. Apart from changing the domains or email addresses to be the same has anyone seen this problem before and if so can you give advice or point me to some relevant docs on it? I have tried to change the Replay-path: part of the header with code but it seems to default to the above. The Reply-path: you want to change is not a normal header, so you can cross off the idea of fixing it with the 4th arg to mail(). If you are using current PHP, there is yet another bonus argument, the 5th one, for this specific purpose, documented in the manual: http://php.net/mail If you are NOT using a version of PHP that has that 5th arg, then you could maybe use ini_set on the sendmail_path to add the -f there. (see man mail). That, however, would require that the user PHP runs as, which is what Apache runs as, be a trusted user in sendmail.cf, which your webhost may or may not have decided is a Good Idea, based on how much they trust their clients. Going farther afield, you could attempt to find an SMTP host/server/setup that would allow you to set these values to what you want -- I *think* that's do-able... I never had to go that far, personally, so can't be certain. You may also want to convince the recipients to white-list your address, so that the From/Reply-path/etc are all irrelevant for spam filtering. This has the advantage of being a long-term solution, for any reasonable implementation of spam-filtering that allows whitelisting by the recipient, no matter what spam-filtering rules are brought to bear in the future. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image Destroy
On Tue, August 15, 2006 5:45 am, Tom Chubb wrote: I know this will be really simple, but I'm struggling to get my head round the use of imagedestroy() I have some code which uploads an image, resizes to create a smaller image and thumbnail then deletes the source image. My question is which images need to be destroyed? Probably none. imagedestroy() just frees up the RAM in PHP that the image is taking up. If your script is about to end, imagedestroy() is gonna be moot, as ALL the RAM is going to be freed up. You *CAN* imagedestroy() both the orignal and the thumbnail as you finish each of your three images, if you are short on RAM, or just want to be extra squeaky clean. In no case, however, would it be $targetfile in your code. imagedestroy($target_pic); would make sense. imagedestroy($target_id); would make sense. You can only imagedestroy() the thing that comes back from: $destroyable = imagecreate...(); -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
Chris W. Parker wrote: Hello, After some intense searching of Google I found one example at http://us2.php.net/language.variables on how to get the name of a variable. But it looks pretty expensive. snip Anyone aware of a simple language construct(?) that can do this? I'm on PHP 4.3.9. get_defined_vars() can get you a list of all the currently defined variables. If you have the value of the variable, you can use array_search() to find the (first) key. I do have some misgivings about what you are trying to do though. I can't see a case where this would be the best way to solve a problem. David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] login script
On Tue, August 15, 2006 5:37 am, Ross wrote: I have a couple of questions first how do I check two tables is it? You probably should not have 2 tables at all. Both username and password would normally be stored in a single record in the same table CREATE TABLE user ( user_id int(11) auto_increment unique not null primary key, username text, password text ); /* You'd probably have other fields like name, address, email, etc */ $sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND userpass = '$userpass'; So it would just be: FROM user WHERE username = '$username' AND password = '$userpass' Second, SELECT * is Evil, for various reasons. You can Google and find the debates about it. Secondly my table just sends and returns straight values from the db but I expect some kind of encription is required. What is a simple, secure method. md5() or another method. Do I store an encypted file on the server and just decrypt it at the php page. You never ever ever actually decrypt it. But wait, you way, how can that work?! It's quite simple, really. The whole purpose of a one-way encryption is that you only store the ENCRYPTED result. Later, the user then has to put in the correct password, and you one-way encrypt that, and you compare the ENCRYPTED values. Either the encrypted values match, or the password is wrong. You can almost think of the ENCRYPTED value as being like a lock to which there is only one key that fits -- the password. To test if the key fits the lock, you don't make another copy of the key -- You just encrypt it, and see if it matches the shape of the lock. MD5 would be a perfectly reasonable one-way encryption scheme. So if the password was 'foo', then your MD5-encrypted value would be: acbd18db4cc2f85cedef654fccc4a4d8 Your database would have 'acbd18db4cc2f85cedef654fccc4a4d8' stored in it. When they login, you do: SELECT user_id, username FROM user WHERE username = '$username' AND password = md5('$userpass') Either the MD5 of their input ('foo') is the correct value you have stored: acbd18db4cc2f85cedef654fccc4a4d8 or they have the wrong password/key, and you should not let them in. ?php session_start(); $auth = false; // Assume user is not authenticated $username= $_REQUEST['username']; $userpass= $_REQUEST['userpass']; if (isset($username) isset($userpass)) { $sql = SELECT * FROM mytable WHERE username = '$username' AND userpass = '$userpass'; Yikes! You REALLY need to read about SQL-injection here: http://phpsec.org/ and start using this function: http://php.net/mysql_real_escape_string Also, your $username and $userpass should be constrained at all times to very specific validation rules. Can't be blank. Must be at least X characters. (you pick a nice X) Passwords should probably contain at least one non-alpha character. // Execute the query and put results in $result $result = mysql_query( $sql ) or die ( 'Unable to execute query.' ); or die() is a great simple way to demonstrate the basics of code. It's not something you would really really want to use on a production server, unless you are 100% sure that you've turned off display-errors and are logging your errors and you have a process in place to examine the logs... Something like http://php.net/set_error_handler and http://php.net/trigger_error would be more appropriate for real code. // Get number of rows in $result. $num_rows = mysql_num_rows($result); if($num_rows == 0) { } else { $_SESSION['username']= $username; $_SESSION['userpass']= $userpass; header(Location: disclaimer.php); Instead of a header(Location:) which has some issues involved, you could just do: require 'disclaimer.php'; exit; $auth = true; This doesn't do anything, at least not with your current code, nor with anything I've suggested here... } } -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] login script
On Tue, August 15, 2006 5:51 am, Dave Goodchild wrote: I think the php and mysql md5 functions differ but I may be wrong! You are wrong. :-) The whole point of MD5 is that MD5 is MD5, no matter where you go. Even ASP MD5 is the same as PHP MD5. Except it probably sucks for being too slow or you have to pay for it or something. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
Richard Lynch wrote: On Tue, August 15, 2006 12:04 pm, John Meyer wrote: I have a script to list the files in a directory: select name=letters ?php $open = opendir(.); while ($file = readdir($open) != false) { ? option value=?=$file??=$file?/option ?php } ? /select /form And all I am getting are 1s. I think I'm doing it right, what is the disconnect? It's not a readdir question. It's an Order of Operations question. :-) $file = readdir($open) != false You probably believe that PHP is going to magically know that you want this bit: readdir($open) != false to be done first No, and I fixed that. What I'm wondering about is why this false !== ($dirhandle = opendir('letters')) works, but this ($dirhandle = opendir('letters')) != false does not -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php and dynamic forms
On Mon, August 14, 2006 10:01 pm, Bigmark wrote: Can anyone tell me if this is possible- I currrently have a simple form with a textbox and submit button where a user chooses a number from 1-22 then on submit it opens another page with a table of results within another form. What i need is for the second form to be shown on the same page and just below form 1, then when the second form is submitted it then goes back to just form1. What i am trying to do is get rid of multiple pages and have the user stay on the same page for all admin functions. You can use include() files to simulate this with old-school PHP only technology. You can use CSS and hidden DIVs to do this with new-school PHP + AJAX technology. Somewhere in between, there is the whole DHTML debacle, which you probably want to avoid, but it could also be done that way. :-) There is also a pure CSS + Javascript non AJAX way, but it would involve dumping ALL the data out to the browser in the first place, and 22 tables of data is probably too much for that to be a reasonable user experience in performance. All that said, the PHP part is pretty much the same, no matter how you structure it, and you're really asking a CSS/Javascript/AJAX question, even though you don't realize it. One rule of thumb: If it happens all on the browser, in real-time, it CANNOT be a PHP question, cuz PHP lives on the server. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Chicago PHP Conference
I *knew* there was big city there, couldn't remember the name, but I failed on Google maps to find it... Sorry. I've even *been* to Windsor, and still couldn't remember the name. On Mon, August 14, 2006 8:55 pm, Paul Reinheimer wrote: -- I'm hopeful that by Spring 2007, flying to the US will be a less unpleasant experience than it is currently... -- As in the border guards would start stocking lubricant as well as rubber gloves? Windsor, Ontario Canada would probably be a better flight destination (you would likely end up hubing through toronto anyways, but would save you 3 hours of driving). Though the Windsor/Detroit border crossing is the busiest, and the guards there take it pretty seriously (ok, so I may have been deported once). paul On 8/14/06, Richard Lynch [EMAIL PROTECTED] wrote: For the US folks, Chicago is centrally-located, and flights to O'Hare and Midway are generally frequent and often go on sale. Global visitors might want to fly to Toronto or some other CA city close to Chicago and drive, though :-) I'm hopeful that by Spring 2007, flying to the US will be a less unpleasant experience than it is currently... On Sat, August 12, 2006 5:23 pm, Gerry D wrote: Richard, Within the US that might be ok, but given latest developments, who wants to fly into the US from elsewhere? I could drive from Canada if I take 2 weeks vacation... I don't want to be a show stopper, but I think you need to explain what your target audience is re global travel, not just weather in Chicago. Having said that, I like your idea. Gerry On 8/12/06, Richard Lynch [EMAIL PROTECTED] wrote: It may have started as a joke on PHP-General, but this just isn't funny anymore. I'm in the pre-planning phase of organizing a PHP Conference in Chicago. Due to Chicago weather patterns, the ideal time would be Spring or Autumn. Given that cheap airfare generally requires significant advance notice, I am pre-emptorily eliminating Autumn 2006 as a viable option. If you are interested in attending please reply OFF-LIST with your name, email, and some basic input for ideal time-frames in the FALL or SPRING of 2007. Suggested Topics would be great, and offers to be a Speaker by well-known responders would also be MOST welcome. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Paul Reinheimer Zend Certified Engineer -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image Destroy
On Tue, August 15, 2006 6:31 am, chris smith wrote: imagedestroy($target_id); imagedestroy($source_id); just before imagejpeg ($target_id,$targetfile,$jpegqual); return true; } If you destroy it before you write it to disk, you gonna get garbage for your disk JPEG. destroy $target_id *AFTER* you imagejpeg() it. Actually, PHP will complain if you try to destroy it first and then use it later, so you won't get the $targetfile to work at all, really. But if it did work it would just be junk, cuz that image ain't in RAM no more. PS Using $targetfile is just silly. $targetfile is already a string. Putting quotes around it just makes PHP build a new string with the same contents again, which is, well, silly. PHP might even optimize that away, it's so silly, but I'd recommend just leaving the excessive quotes off in the first place. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting flags versus checking for existing/nonexisting values
On Tue, August 15, 2006 11:53 am, Chris W. Parker wrote: Is it a better practice to set flags to determine the action of your code or is it perfectly acceptable to have your code determine what it should do based on the existence (or lack thereof) of data? For example: -snip- flag example I seldom use flags, but then again I never use if/elseif's either. Flags introduce another variable you have to keep track of. When do you turn them on/off becomes another step in your logic that is directly dependant upon data in the first place. So, if logic dictates a branch, then I place the condition on the data. As I see it, in this case, only three conditions can exist: 1. Data is there, or not there -- use isset() or !isset(); 2. Data is relative to a single value -- use if with equalities (i.e., =, ==,...); 3. Data is relative to two, or more, values -- use switch. That works for me. But, I'm sure that mileage for others vary. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] proxy server
On Mon, August 14, 2006 10:24 pm, John Taylor-Johnston wrote: I'm sure. CGI proxy I think is the key word I'm looking for. I would even pay $10 per year for an SMTP access account if it fixed my problems. Think about it from the angle of a person who would consider offering this service... There are a few zillion spammers out there that would pay a heck of a lot more than $10 per year... And that still wouldn't make it worth it for the headaches involved... So I truly believe that getting your IP off the black-lists, and getting the emails to pass through spam filtering is the better route. Also consider this: Whatever you did to get ON the black-lists, you're probably going to just do again with the new SMTP servers... So then they get black-listed, and you're at square one, minus the $10. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Chicago PHP Conference
At 6:09 PM -0500 8/15/06, Richard Lynch wrote: I *knew* there was big city there, couldn't remember the name, but I failed on Google maps to find it... Sorry. I've even *been* to Windsor, and still couldn't remember the name. I went to Windsor once, but it was closed. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
On Tue, August 15, 2006 5:56 pm, John Meyer wrote: Richard Lynch wrote: On Tue, August 15, 2006 12:04 pm, John Meyer wrote: I have a script to list the files in a directory: select name=letters ?php $open = opendir(.); while ($file = readdir($open) != false) { ? option value=?=$file??=$file?/option ?php } ? /select /form And all I am getting are 1s. I think I'm doing it right, what is the disconnect? It's not a readdir question. It's an Order of Operations question. :-) $file = readdir($open) != false You probably believe that PHP is going to magically know that you want this bit: readdir($open) != false to be done first No, and I fixed that. What I'm wondering about is why this false !== ($dirhandle = opendir('letters')) works, but this ($dirhandle = opendir('letters')) != false does not Do you really mean opendir() or do you mean readdir() ??? What value are you getting for $dirhandle? echo it out and see what it is. You also have != in one, and !== in the other. Those aren't the same. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail reply-path
At 11:06 AM -0400 8/15/06, Jon Anderson wrote: bob pilly wrote: Im trying to send emails using the mail() function but im having a problem. Because the box that the scripts sit on is a shared web-hosting package the Reply-path part of the header always comes up as [EMAIL PROTECTED] but i have set the from part of the header to [EMAIL PROTECTED] A lot of people are not getting the emails (most are) and im picking that its because the domains on the 2 header parts are different and they have some sort of antispam policy which blocks these. Apart from changing the domains or email addresses to be the same has anyone seen this problem before and if so can you give advice or point me to some relevant docs on it? I have tried to change the Replay-path: part of the header with code but it seems to default to the above. I think you're looking for the 'Return-Path' header rather than the reply-path. (Or perhaps even Reply-To?) This works for me (use your own name and domain): :-) $to = [EMAIL PROTECTED]; $re = Subject; $msg = Message\n; $headers = Return-path: [EMAIL PROTECTED]\r\n; $headers .= From: tedd [EMAIL PROTECTED]\r\n; $param5 = '-ftedd@' . $_SERVER['SERVER_NAME']; mail ($to, $re, $msg, $headers, $param5); tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
On Tue, August 15, 2006 5:05 pm, Robert Cummings wrote: On Tue, 2006-08-15 at 16:50 -0500, Richard Lynch wrote: If the names are not predictable, the array solution is probably best, as there is movement in the PHP Internals list that may (or may not) make it impossible to dynamically add a property to an object. Yikes!! Do you remember the subject line of the thread? i think that would break a lot of sites if they removed the ability to dynamically add object properties. It all started here: http://marc.theaimsgroup.com/?l=php-devm=114596465003800w=2 -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Image Destroy
Richard Lynch wrote: On Tue, August 15, 2006 6:31 am, chris smith wrote: imagedestroy($target_id); imagedestroy($source_id); just before imagejpeg ($target_id,$targetfile,$jpegqual); return true; } If you destroy it before you write it to disk, you gonna get garbage for your disk JPEG. destroy $target_id *AFTER* you imagejpeg() it. which is why i replied straight away with the fix ;) -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail reply-path
Richard Lynch wrote: On Tue, August 15, 2006 6:54 am, bob pilly wrote: Im trying to send emails using the mail() function but im having a problem. Because the box that the scripts sit on is a shared web-hosting package the Reply-path part of the header always comes up as [EMAIL PROTECTED] but i have set the from part of the header to [EMAIL PROTECTED] A lot of people are not getting the emails (most are) and im picking that its because the domains on the 2 header parts are different and they have some sort of antispam policy which blocks these. Apart from changing the domains or email addresses to be the same has anyone seen this problem before and if so can you give advice or point me to some relevant docs on it? I have tried to change the Replay-path: part of the header with code but it seems to default to the above. The Reply-path: you want to change is not a normal header, so you can cross off the idea of fixing it with the 4th arg to mail(). If you are using current PHP, there is yet another bonus argument, the 5th one, for this specific purpose, documented in the manual: http://php.net/mail If you are NOT using a version of PHP that has that 5th arg, then you could maybe use ini_set on the sendmail_path to add the -f there. (see man mail). That, however, would require that the user PHP runs as, which is what Apache runs as, be a trusted user in sendmail.cf, which your webhost may or may not have decided is a Good Idea, based on how much they trust their clients. and also safe_mode being off. Not sure why safe_mode affects this (ask the powers that be) but it does. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
On Tuesday 15 August 2006 16:50, Richard Lynch wrote: If the names are not predictable, the array solution is probably best, as there is movement in the PHP Internals list that may (or may not) make it impossible to dynamically add a property to an object. I've lost track of where that thread ended, so apologies if this is a non-issue. Gah! Please tell me you're joking. That would kill one of PHP's best features, the fact that you can have dynamic data structures. PHP != Java!!! -- Larry Garfield AIM: LOLG42 [EMAIL PROTECTED] ICQ: 6817012 If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. -- Thomas Jefferson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Easier way to get the name of a variable?
On Tue, 2006-08-15 at 19:01 -0500, Larry Garfield wrote: On Tuesday 15 August 2006 16:50, Richard Lynch wrote: If the names are not predictable, the array solution is probably best, as there is movement in the PHP Internals list that may (or may not) make it impossible to dynamically add a property to an object. I've lost track of where that thread ended, so apologies if this is a non-issue. Gah! Please tell me you're joking. That would kill one of PHP's best features, the fact that you can have dynamic data structures. PHP != Java!!! I read the list earlier (thanks Richard) and the final consensus was to enforce the restriction only if the class is defined as strict. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
Richard Lynch wrote: Do you really mean opendir() or do you mean readdir() ??? readdir(). The point is why do you need to put it as !== vs. != -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] readdir() question
John Meyer wrote: Richard Lynch wrote: Do you really mean opendir() or do you mean readdir() ??? readdir(). The point is why do you need to put it as !== vs. != They mean different things. !== means check the values are not the same AND check their types. != means check the values are not the same. http://www.php.net/manual/en/language.operators.comparison.php -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php