list.
Stop by and have a look!
Thanks...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of World Wide Web time
(1995)
Business Applications:
http://www.AppIdeas.com/
Open Source Applications:
http
songid field. Another thing to try is to "or die" your query
to check to see if the SQL syntax is OK:
$result=mysql_query($query,$connection) or die(mysql_error());
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutti
Yamin Prabudy pressed the little lettered thingies in this order...
> anybody know about the Luhn algorithm ??
> how can i do that in php
>
> yamin
>
http://www.zend.com/codex.php?id=31&single=1
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Applic
ery = "Insert INTO visits (visName, date)
values ('$name', NOW()) " ;
This returns a "-MM-DD HH:MM:SS" string that MySQL will
automatically convert to any of the date/time field types.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Appl
Mark Roedel pressed the little lettered thingies in this order...
> > -Original Message-
> > From: Christopher Ostmo [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, July 18, 2001 2:43 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] sql query successfu
to rewrite all of your of code
to eliminate errors. It only checks for the validity of your query.
To ask why this doesn't work would be the same thing as asking why
you can type this query from the command-line mysql client and the
query succeeds without an error. It succeeds and says
y("SELECT * FROM table ORDER BY rand()")) {
echo "Success!";
} else {
echo "Failure!";
}
Your statement above is checking to see if the fact that $sql is equal to
mysql_query("SELECT * FROM table ORDER BY rand()") is TRUE
onnection or
leave them open at the cost of requiring extra operating memory and system
resources.
Decisions, decisions...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
sent *tested* code that will fit on
a single line and will do exactly what the above is doing.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
Business Applications:
http://
n do some nifty stuff with english ordinal suffixes that have nothing to
do with dates or time).
http://www.php.net/manual/en/function.date.php
http://www.php.net/manual/en/function.mktime.php
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting e
d argument is not a valid MySQL result resource in
> c:\inetpub\wwwroot\PhpAndMysqlTest\test2\reg1.php3 on line 8
>
>
Change line 7 to this:
$result = mysql_db_query("users", $query) or die(mysql_error());
What is the error after you do that?
Christopher Ostmo
a.k.a. [EMAIL
n click on the following link:
>
> mailto: [EMAIL PROTECTED]?subject=More_Info
>
> If you do not wish to receive further mailings, please do NOT reply to this
> message.
>
But I do! I do! I LOVE Adult Entertainment. The Godfather and
Shawshank Redemption are two of my favorite
eval() ?
http://www.php.net/manual/en/function.eval.php
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
Business Applications:
http://www.AppIdeas.com/
Open Source App
Johan Vikerskog (ECS) pressed the little lettered thingies in this order...
> When i install PHP.
>
> Do i have to make anything special to activate the ldap function?
>
> //Johan
>
./configure --with-ldap
http://www.php.net/manual/en/install.configure.php
Good luck...
bove. Try:
${"element2".$z}
I quite honestly don't know what problems may arise when you place
the end variable within the quotes, but I've never been able to make code
work predictably that way.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Id
> }
> echo "
>
> Please use your Back button and
> try again
> (please do not Reload or Refresh your browser)
>
>
> ";
> exit;
> }
>
I didn't really examine the rest of the code too closely, but I'd be willing
to bet that the cod
ice.
>
Yes, I mis-read your statement. Sorry.
I was just wrong all around on this one! :-)
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
For a good time,
http://www.App
Ashley M. Kirchner pressed the little lettered thingies in this order...
> Christopher Ostmo wrote:
>
> > By law, the numbers are supposed to be
> > generated at random and not generated by any kind of algorithm or
> > formula.
>
> CC# must pass the Luhn MO
re becoming law). I don't recall how old the case is, so it
may have been a long time ago.
At any rate, I'm interested to see what you come up with now.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since th
rocessing. Since this solution requires sending the card to
the bank for processing to see if the number is valid, it would defeat the
purpose.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Inte
ript)
Unless it becomes absolutely ridiculous, I don't think that your bank is
going to complain for too many bad cards. After all, they're still making
money off of you. If they do get upset, you ought to find a new bank.
Seriously. Many banks would be very happy to have your b
pd process is owned by "nobody"
you can issue the following command from a prompt:
chown -R nobody /home/tgmalone/sessn-log
You must have root access to use chown. If you do not have root
access, you'll need to use chmod to make the directory world writable:
chmod -R 777 /home/tgm
urse).
Please don't take this as an anit-PostgreSQL message! I really like the
database server and I continue to use it. The fact of the matter is that in
a side-by-side comparison for nearly anything you could conceive of
doing with data storage/retrieval on the web, MySQL is going to have a
d
r server down considerably, but that's WAY beyond the scope of an
e-mail message.
If you want to find out more about that stuff, I recommend the book
called "MySQL" by Paul DuBois.
Have fun...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cut
theirs.
If you don't need decrypt capabilities, most (all?) SQL database servers
have support for one-way encryption.
It's not efficient to store user data in "PHP scripts" (or any other script
for that matter) as was stated in the initial message. If you have access
to a dat
and change line 109 to:
srand48((long)time(0) * (long)getpid() * (long)(php_combined_lcg()*(double)1.0));
You should check your server log files. If httpd is core dumping when
you run mycrypt commands, then this is your problem. The fix was
documented at bugs.php.net and was incorporated int
e also.
> > -Original Message-
> > From: Christopher Ostmo [mailto:[EMAIL PROTECTED]]
> > Sent: 5 iulie 2001 19:57
> > To: Adrian Ciutureanu
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: [PHP] Security of PHP code
> >
> >
> > Adrian Ciutur
HAVE to do one of two things:
1) Strip or otherwise block forward slashes and/or consecutive periods.
2) Declare the file path before the show_source() call and disallow
consecutive periods (".."), forward slashes or both. This is the method
used at slashdot.
Christopher Ostmo
a.k
NG you send over the netowrk (including the
value of a session ID that is being sent as a cookie value, the username
and password for a telnet session, the username and password for an
FTP session, etc). Packet sniffers are incredibly easy to find, get and
use (even for "script kiddies
ls or separate
scripts for each directory that you wish to allow, but nobody will ever get
your /etc/passwd file.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppIdeas.com/
--
PHP General Mailing List (http://www.php
he
goal.
2) Only do business with providers that will (even if you have to request
it) disable these commands AND chroot jail all logins.
Have fun...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppIdeas.com
ment field in this
table, you're really going to mess things up regardless of how you
resequence these values. If no other tables interact with this one (or if
you can easily and manually recreate the interactivity), you shouldn't
have any problems.
Christopher Ostmo
a.k.a. [EMAIL PRO
(assuming that you
believe that it's reasonable that someone can look over another's
shoulder and write down a 20 character string without the first person
noticing).
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://
on their
web site that processes shipping costs and have a PHP socket bring
the results back to your web browser. This elimnates the need to
simulate a button click. I have done this, but I am not yet at liberty to
release the code to the public domain.
It isn't difficult if you know
d you know they will) php always shows it from the included web log
> as
>
> \' How can I filter out these backslashes so they don't appear on the
> final public viewable page?
>
$var = stripslashes($var);
echo $var;
or
echo stripslashes($var);
http://www.php.net/manua
an e-mail message, you
probably want to add line breaks after each line:
$message .= $var."\n";
Check out string operators:
http://www.php.net/manual/en/language.operators.string.php
and assignement operators:
http://www.php.net/manual/en/language.operators.assignment.php
Good luck..
h requesting
IP addresss, log both into a database and check both for each page
request.
If the data being accessed is *that* important that a hacker would go
through that much trouble to hijack a session, you probably should
consider using SSL.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas
t; php_admin_flag safe_mode On
>
> Do those directives work in .htaccess files too?
>
According to:
http://www.php.net/manual/en/configuration.php
""Admin" configuration settings can only be set from within the main
Apache configuration files, and not from .htaccess fi
a database and possibly match it up
with a valid login in that database entry.
Doing the session coding yourself is a waste of time. You're not likely to
find a more reliable session tracking solution than what's built into
PHP4 as long as HTTP connections remain stateless.
C
PHP's sessions, you let PHP do the work for you.
Check out:
http://www.php.net/manual/en/ref.session.php
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppIdeas.com/
--
PHP General Mailing List (http://www.
> Thanks,
> Tyler
>
--with-mcrypt = [DIR]
You must have libmcrypt installed on your system (not the entire
mcrypt program, just the libraries) prior to compiling PHP.
Get it here:
http://mcrypt.hellug.gr/
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting
>
>
Checkout eval()
http://www.php.net/manual/en/function.eval.php
The second user contributed note contains an example of how to do this.
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppI
dslashes($val);
$val = htmlspecialchars($val);
You may also need to perform these functions on $key, depending on
your needs.
If you want to put the entire message into the DB, you can insert
$Message at the end of the script or individual values can be inerted
using the $key = $val pairs.
for ($i = 0; $actorsField1[$i]; $i++) {
echo "$actorsField1[$i]
$actorsField2[$i]";
}
Or however you want it to be formatted. The end result is that you have
a single SQL query.
Have fun...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppIdeas.com/
hould consider picking up the book called "MySQL." It covers this
sort of thing rather well.
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Meeting cutting edge dynamic
web site needs
For a good time,
http://www.AppIdeas.com/
eebie I've seen. With the recent release of the SSH2
patents, I wouldn't be surprised to see some REALLY good SSH clients
in the freeware community soon.
Have fun...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
For a good time,
http://www.AppIdeas.com/
--
PHP General Ma
.
Try placing the "echo $var;" portion within the curly braces. This will
cause the value of $var to be echoed for each result.
If I'm wrong, you'll need to send the code you are trying to use for
anyone to be of much help.
Good luck...
Christopher Ostmo
a.k.a. [EMAIL
end using the perl compatible REs
since they're more powerful, are documented much more thoroughly and
support for them is much easier to obtain.
If it's not possible to use PCREs, the above links (particularly the first)
whould contain details for just about anything you may need to do w
rsion of PHP, you'll need to find a
tool that can be invoked from the command prompt (such as perl) to do
this for you.
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
For a good time,
http://www.AppIdeas.com/
--
PHP General Mailing List (http://www.php.n
NT-
SIDE program. PHP is handled completely SERVER-SIDE, so no, this
cannot be done in PHP (unless, of course, the client and the server are
the same machine).
You'll be wanting to look into javascript or something more of that flavor.
Good luck...
Christopher Ostmo
a.k.a. [EMAIL PROTECT
50 matches
Mail list logo
