Re: [PHP-DB] works on command line, not on server
The Disguised Jedi wrote: try users@httpd.apache.org list On Tue, 25 Jan 2005 14:21:25 -0800, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I have a new installation of php on an existing apache 2 server, and something strange is happening. The file 'test.php' works and connects to the database when run through the command line, but when run from the web server (http://server/test.php) produces a segmentation fault: child pid 29056 exit signal Segmentation fault segmentation faults are a built in feature of the PHP/Apache2 setup whenever you don't use the PREFORK Apache2 worker module - I know barely enough to know this - this is due to threading (which is not supported with ?most? php extension - not sure if php itself has this problem also). Anyway bottom line switch to PREFORK worker module if your not already using it, alternatively you could try to get a stable threaded setup going but before you embark I'd like to paraphrase a higher PHP authority, Rasmus Leidorf (they don't get any higher actually) speaking in relation to using a threaded Apache2 worker module: Your in unchartered territory, good luck. and Nobody knows. php itself does work, and a file with only phpinfo() in it runs fine on both the server and the command line. Has anyone seen anything like this before? Any ideas? ?php $link = mysql_connect(localhost, user, pass) or die(Could not connect); mysql_select_db(disorder) or die(Could not select database); print hello; also you may need/wish to try the newer mysqli_* extension which is geared to the latest versions of MySQL. ? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Managing Many2Many with PHP/JS
Hi guys:
Thanks in advance for your help. I am newby in this
PHP stuff and I've got quite a problem here, and Ive
spent several days (and nights) trying to solve this
problem.
I am trying to manage a many to many relationship in a
web database application. I have three tables:
tbl_project (which contains the name of a development
project), tbl_Contraparte(which contains the name of
the organisations which manage the project) and
tbl_ProyOrg (which contains two fields: proy_id and
OrgSigla) and is the join table for the many2many
relationship.
I have created a form for the tbl_project table with
all the data referring to the project. Into this form
I´ve personalized some code (I have fetched from
internet) to create a table which dynamically creates
new rows into the tbl_ProyOrg table (in the client
side using JavaScript) with a drop down box, so the
page do not needs to reload every time the new row is
created.
As you will see my problem stands in populate the
select box with a query from a MySql database made
using PHP into the JavaScript function.
You can find the code following:
Thanks a lot
Best regards,
Alvaro.
OS: Linux Debian Sarge
Apache: 2.0
PHP: 4.3.10-2
Mysql: 4.1.8
!--Here starts the code--
?php
$hostname_monitoreo_conn = host;
$database_monitoreo_conn = database_name;
$username_monitoreo_conn = username;
$password_monitoreo_conn = password;
$monitoreo_conn =
mysql_pconnect($hostname_monitoreo_conn,
$username_monitoreo_conn, $password_monitoreo_conn) or
trigger_error(mysql_error(),E_USER_ERROR);
?
?php
mysql_select_db($database_monitoreo_conn,
$monitoreo_conn);
$query_rs_contraparte = SELECT orgSigla FROM
tbl_02Contraparte ORDER BY orgSigla ASC;
$rs_contraparte = mysql_query($query_rs_contraparte,
$monitoreo_conn) or die(mysql_error());
$row_rs_contraparte =
mysql_fetch_assoc($rs_contraparte);
$totalRows_rs_contraparte =
mysql_num_rows($rs_contraparte);
?
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01
Transitional//EN
http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd;
html
head
link rel=stylesheet href=monitoreo.css
type=text/css /
titleProjects by organisation/title
/head
body
h4Projects by organisation/h4
form action=./ins_ProyOrg.php method=post
enctype=multipart/form-data
Project_Id: input name=tf_proyId type=text
id=tf_proyId /
pa href=javascript:add_row()Add an
organisation/a/p
!-- Here begins the function to create a new row for
a new organisation--
script type=text/javascript
var rows = 1;
function add_row()
{
var counter;
var ptable = document.getElementById('tbl_ProyOrg');
var trow = document.createElement('tr'); //creates
the tag for a a new table row
trow.setAttribute('id', 'r' + rows); //Here IE 6.0
reports an error, but it works in Firefox1.0 and Opera
var ptd = new Array(4);
var arKind = Array('input', 'select', 'input');
//defines the kind of control
var arNames = Array('proyId[]','orgSigla[]','none');
//defines the name of the control
var arTypes = Array('hidden','text','button');
//defines de type of the control
for (counter = 0; counter arTypes.length;
counter++) //Loop wchich creates one by one the
elements of the table
{
ptd[counter] = document.createElement('td');
var p = document.createElement('span')
var pinput =
document.createElement(arKind[counter]);
pinput.setAttribute('name', arNames[counter]);
pinput.setAttribute('type', arTypes[counter]);
pinput.setAttribute('id', arNames[counter]);
/*
THE MAIN PROBLEM IS HERE (at least I guess so :) ). I
am trying to give the option values to the select
control,
from the query listed at the beginning of the file. I
suposse the big problem is in the array definition
but I have no idea of how to build a proper array.
if (arKind[counter] == 'select')
{
var num_rec = ?php echo $totalRows_rs_contraparte;
?;
var list_rec = ?php echo $row_rs_contraparte; ?;
var source_combo = new Array(num_rec);
for (i=0, i num_rec, i++)
{
source_combo[i]= list_rec[i];
}
pinput.options(source_combo[i]);
}
*/
if (arTypes[counter] == 'button')
{
pinput.setAttribute('value', 'x');
pinput.onclick = removeNode;
pinput.rId = 'r' + rows;
}
//This is the part which actually creates the table
row
p.appendChild(pinput);
ptd[counter].appendChild(p);
trow.appendChild(ptd[counter]);
}
ptable.appendChild(trow);
[PHP-DB] authenticating users with phpmysql
Hi All, I am trying to create a page with 2 text boxes a name and a password with a submit button.The user must enter his username and password that is stored in mysql to access the site. With the following code i get a successfull connection with a blank username and password but when i enter a wrong username and password i get a error that is correct. html headtitleMySQL Connection/title/head body div align=centre form action=?php echo $_SERVER[PHP_SELF]; ? method=POST Name: input type=text name=txt_namenbsp; Password: input type=text name=txt_passwordnbsp; br /input type=submit value=Submit /div /form /body /html ?php $db_host = localhost; $db_user = $_POST[txt_name]; $db_password = $_POST[txt_password]; $db_name = data; $connection = @mysql_connect ($db_host, $db_user, $db_password) or die (error connecting); echo connection successful!; ? What is the best way to authenticate users against mysql for login? Regards __ http://www.webmail.co.za the South African FREE email service -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] firebird - equivalent of stristr() in Stored Procedure.
hi Guys,
I'm using Firebird 1.5 with PHP5.
I have a problem where by I am trying to do the equivelant of:
$a = 'A';
$b = 'AG';
if (stristr($b, $a)) {
// do something.
}
Inside a Stored procedure, where $a and $b are both input variables
to the stored procedure.
The Interbase Lang Ref (PDF) doesn't help
me here - I've tried all sorts of forms of syntax using CONTAINS and LIKE
but it all gives syntax errors... (which didn't surprise me!)
Then I thought that I could used Ard Biesheuvels php_ibase_udf UDF lib for
firebird, php_ibase_udf.c is in the php cvs (somewhere); this lib allows access
to php functions defined in your calling scripts. at any rate I get BLR type
errors
when I tried to use the UDFs (btw googling php_ibase_udf.c doesn't return a
lot, but
you will definitely find one email mentioning the BLR error!!). Actually I have
tried
setting up this UDF lib on 3 different servers (all fbird1.5/php5 - different
minor versions)
with out any luck.
does anyone have a clue as to how do the equivalent of the PHP above inside
a firebird stored procedure? or possibly can point out so good
literature/examples
(all the good firebird stuff seems to be in russian) on/of 'advanced' stored
procedures.
alternatively is there anyone out there that has gotten the php_ibase_udf UDF
lib
to work (Lester Caine have you tried it yet?, I ask you specifically because
your
name often pops up on php lists in relation to firebird :-).
before any says: why not ask the developer - we'll his is an aquaintance of
mine,
I have his mobile number and I have asked him!, its just a case of he has _no_
time
(due to dissitation/research commitments) to dig into the problem and
I know that he will help when he gets some free time again, but for now I'm on
mine own.
hope somebody can give me a clue :-),
thanks and regards,
Jochem
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] firebird - equivalent of stristr() in Stored Procedure.
Jochem Maas wrote: hi Guys, hope somebody can give me a clue :-), well about 5 mins after I posted I managed to find a solution thanks to a man named Ivan Prenosil (who by all accounts knows where his firebird towel is ;-) http://www.volny.cz/iprenosil/interbase/ip_ib_code_string.htm (the stored procedure named 'Pos' on that page was basically what I was looking for.) btw - if somebody at google decided to throw all the Mozilla related references to the word 'firebird' out of the F** indexes I wouldn't loose any sleep over it. thanks and regards, Jochem -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] authenticating users with phpmysql
On Wed, 2005-01-26 at 12:44 +0200, it clown wrote: $db_user = $_POST[txt_name]; $db_password = $_POST[txt_password]; $db_name = data; $connection = @mysql_connect ($db_host, $db_user, $db_password) or die (error connecting); echo connection successful!; ? Replace this line - $connection = @mysql_connect ($db_host, $db_user, $db_password) or die (error connecting); - with this one - $connection = @mysql_connect($db_host, $db_user, $db_password) or die (Error connecting : .mysql_error()); - so you can debug better. However take a look here www.php.net/mysql_connect . $db_user and $db_password are the username and password to log on the MYSQL DATABASE. You probably want to login from a database table which will contain a password and username field. Here's an example : $dbHandle = mysql_connect($host, $user, $pass) or die (mysql_error()); mysql_select_db($db_name); $sql = SELECT * FROM `table_name` WHERE `user_field` = ' . $_POST[txt_name] . ' AND `pass_field` = ' . md5($_POST[txt_password]) . ' LIMIT 1; $result = mysql_query($sql, $dbHandle); if(mysql_num_rows($result)!=0) /* Logged on */ else /* Invalid Username/Password */ There're lots of tutorials out there, google's your friend. P.S. This is my first message on this maillist so I want to say hello to everyone ;-) -- Josip Dzolonga, dzolonga at mt dot net dot mk -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] storing images in database
if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad example, anybody can inject your query with
malicious sql commands.
Never trust user supplied data.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] authenticating users with phpmysql
That is incrediably risky since you are exposing the entire db for those
users. What about setting [limited] permissions for those users?
I woul move to a table based authentication, where you have a users table
and one [or more] mysql accounts with the bare minimum privileges to allow
the user to run the application. The below table structure could be the bare
minimum.
CREATE TABLE `users` (
`user_id` int(10) NOT NULL auto_increment,
`user_name` varchar(50) NOT NULL default '',
`user_password` varchar(50) NOT NULL default '',
PRIMARY KEY (`user_id`)
) TYPE=MyISAM AUTO_INCREMENT=1 ;
Then your code would besomething like this: (note there should be way more
validation of the username and password before attempting to execute the
query)
#60;html#62;
#60;head#62;#60;title#62;MySQL
Connection#60;/title#62;#60;/head#62;
#60;body#62;
#60;div align=centre#62;
#60;form action=#60;?php echo $_SERVER[PHP_SELF];?#62;
method=POST#62;
Name: #60;input type=text name=txt_name#62;nbsp;
Password: #60;input type=password
name=txt_password#62;nbsp;
#60;br /#62;#60;input type=submit value=Submit#62;
#60;/div#62;
#60;/form#62;
#60;/body#62;
#60;/html#62;
#60;?php
$user_name = @$_POST['txt_name'];
$user_pass = @$_POST['txt_password'];
if ((trim($user_name) = )(trim($user_pass) = ))
{
echo User not authorized. HIt the back button to login again;
die();
}//end if
$db_host = localhost;
$db_user = $account_name;
$db_password = $account_password;
$db_name = data;
$connection = @mysql_connect ($db_host, $db_user,$db_password) or die
(error connecting);
echo connection successful!;
$sql = select * from users where user_name =$user_name and
user_password = '$user_pass';
$result = mysql_query($sql) or die(Can't query because
.mysql_error());
if (mysql_num_rows($result)==1)
{
echo User auhorized;
}else{
echo User not authorized. HIt the back button to login again;
}//end if
?#62;
hth
Bastien
From: it clown [EMAIL PROTECTED]
To: php-db@lists.php.net
Subject: [PHP-DB] authenticating users with phpmysql
Date: Wed, 26 Jan 2005 12:44:38 +0200
Hi All,
I am trying to create a page with 2 text boxes a name and a
password with a submit button.The user must enter his
username and password that is stored in mysql to access the
site.
With the following code i get a successfull connection with
a blank username and password but when i enter a wrong
username and password i get a error that is correct.
html
headtitleMySQL Connection/title/head
body
div align=centre
form action=?php echo $_SERVER[PHP_SELF];
? method=POST
Name: input type=text
name=txt_namenbsp;
Password: input type=text
name=txt_passwordnbsp;
br /input type=submit value=Submit
/div
/form
/body
/html
?php
$db_host = localhost;
$db_user = $_POST[txt_name];
$db_password = $_POST[txt_password];
$db_name = data;
$connection = @mysql_connect ($db_host, $db_user,
$db_password) or die (error connecting);
echo connection successful!;
?
What is the best way to authenticate users against mysql
for login?
Regards
__
http://www.webmail.co.za the South African FREE email service
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] storing images in database
Yes, I totally agree. This was merely a sample code of how it could be done.
Not a definitive code samples of how to do it securely. There should be way
more validation, and better error handling too.
Bastien
From: Gareth Heyes [EMAIL PROTECTED]
To: php-db@lists.php.net
CC: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] storing images in database
Date: Wed, 26 Jan 2005 13:30:45 +
if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad example, anybody can inject your query with malicious
sql commands.
Never trust user supplied data.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] IIS, PHP, and session data
It turns out that the real problem was problem 1) I am not personally in control of our web server. I forwarded some of the posted messages to our IT department and they decided to change what they were telling me. They actually had register globals turned off not on. I changed my code to use the session array and it works beautifully now. Thank you all for your advice! - Matthew -Original Message- From: Simon Rees [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 25, 2005 4:25 PM To: php-db@lists.php.net Cc: Perry, Matthew (Fire Marshal's Office) Subject: Re: [PHP-DB] IIS, PHP, and session data On Tuesday 25 January 2005 20:20, Perry, Matthew (Fire Marshal's Office) wrote: I am having trouble with my session data on Microsoft IIS. Here is a little background of the problem: 1) I am not personally in control of our web server. Our IT department manages it. oh dear! ;-) They have IIS running on their sever and use MS SQL Server, but they have allowed me to use PHP instead of ASP. 2) I have Apache running on a local web server in our office (not the IT department). It accesses the SQL Server database remotely. I I can't comment on the use of register_globals or session_register as I always use the $_SESSION array but I do use PHP on IIS... Something that you might like to check is that the directory specified by: session.save_path in the IIS server's php.ini is a directory writable by the user that IIS masquerades. The default value for this is: c:\php\sessiondata which if your sysadmin installed php as Administrator will not be writable by the IIS user (normally IUSR_hostname). Either get the sysadmin to specify ( create) another dir that is writable by IIS or change the permissions on c:\php\sessiondata Assuming you're running Apache on a Linux (and probably other un*x) distribution you will find that the session.save_path variable is set to /tmp which is usually world writable. I think if you posted the exact error message it would tell me if this was happening to you or not... hth, Simon -- ~~ Simon Rees | [EMAIL PROTECTED] | ORA-03113: end-of-file on communication channel ~~ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] storing images in database
Thanks for all the tips guys. I'll keep the last couple for future
reference.
--
Chip
Gareth Heyes [EMAIL PROTECTED] wrote on 01/26/2005 05:30:45 AM:
if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad example, anybody can inject your query with
malicious sql commands.
Never trust user supplied data.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] works on command line, not on server
[EMAIL PROTECTED] wrote: Thanks, I already had prefork installed. I solved the problem by heaven help those that walk the threaded path heh :-) changing to php 5 from php 4. IC interesting to know. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Define constants: awkward usage?
Hi all,
I got this sets(20) of defined constants which using them as keys to an
array
eg
define(FNAME, fname);
farray = array( FNAME = hello ,...);
my question is how do I insert that directly into a javascript(to do
some client validation)
I need this:
var fname = document.addrform.fname.value
var fname = document.addrform.{FName}.value//don't work
var fname = document.addrform.{'FName'}.value//don't work
var fname = document.addrform.[FName].value//don't work
I know this work, but messey
$tmp = FNAME;
var fname = document.addrform.{$tmp}.value
I'am finding the use of define constants rather awkward. does anyone
make much use of them?
Thanks
Tony
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Define constants: awkward usage?
tony wrote:
Hi all,
I got this sets(20) of defined constants which using them as keys to an
array
eg
define(FNAME, fname);
farray = array( FNAME = hello ,...);
my question is how do I insert that directly into a javascript(to do
some client validation)
I need this:
var fname = document.addrform.fname.value
var fname = document.addrform.{FName}.value//don't work
var fname = document.addrform.{'FName'}.value//don't work
var fname = document.addrform.[FName].value//don't work
I know this work, but messey
$tmp = FNAME;
var fname = document.addrform.{$tmp}.value
you could try sprintf()/printf():
$output = sprintf('var fname = document.addrform.%s.value', FNAME );
or
printf('var fname = document.addrform.%s.value', FNAME );
I'am finding the use of define constants rather awkward. does anyone
make much use of them?
yes. :-) for...
session varnames
post/get varnames
bitwise flags
er...?
Thanks
Tony
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
