[PHP-DB] Patch for Pear DB_ldap Bug 4884
Hello I'm using Pear DB_ldap with an Openldap2.0 server with the ldapv3 protocol. i was disappointed that the Bug #4884 for the Pear Package DB_ldap is not even applied to CVS. The Bug is listed here: http://pear.php.net/bugs/bug.php?id=4884 I am using the hack mentioned on #4884 and it works just fine. So why confuse people and not implement it? Can someone apply it? mfg -- Henrik Kröger <[EMAIL PROTECTED]> -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] css
On 2/9/06, JeRRy <[EMAIL PROTECTED]> wrote: > > Hi everyone, > > I have created this website in PHP and mySQL at > http://www.bps-testntag.com/ but have come accross an error I was not > aware of before. > > Now I am using stylesheets and I have been surfing the net for about 90 > minutes and yet to find a solution, so thought I'd post here, could be basic > but i can't find it online anywhere. Get alot of forum refrences but no > solution. > > Here is the code below before I continue: > >
[PHP-DB] Database storage and Sessions
Hi guys, I'm trying to create a small, publicly accessable database where security is a concern since want some users to have administrative access and others not to. The backend is MySQL 5.0.18 with PHP 5.1.2 on an Apache 2.0.55 server, and I am curious as to how much my session code and my database should interact to achieve a good balance of security and speed/overhead. I have come up with several approaches: 1. Use sessions to send the username and password from the website to the database, where the database will authenticate it and allow that user to log in with pre-defined privaledges. Administrators could create database user accounts. 2. Use sessions to store usernames and passwords completely in PHP, and then have a single non-administrative account that the PHP would use to access the database. A similar method would be used for administrative accounts as well. 3. Store all session-related information in the database (might be faster than using PHP to store the info?). As I said before, i'm trying to implement a reasonable amount of security without significantly impacting the overal speed of my system (frontend & backend). Any advice? -Sean
RE: [PHP-DB] Database storage and Sessions
Its not that much overhead to check it each time...but I would store the username (not the password) in the session along with an 'access_level' and some hash value to uniquely id that person/account each time (read the hash from the db before authorizing any alterations to the data). Check the session data on each page/action in the db to ensure the user has the authority. Administrators should never be allowed to create db accounts...they could be allowed to create access accounts in a application specific table. Granting other the right to create db accounts opens the system to all sorts of POTENTIAL problems. Admins should only be allowed to create accounts up to a certain level, not including (below) their own..nor should they be allowed to modify their own record to alter their own privs. The true db user accounts should be tightened to the absolute minimum set of priv required to do the activity of that user level (ie basic user (connect / select...ie view only), med user (connect, select, insert and update) should cover 95% of the interaction) and advanced users (connect, insert, update and [delete (maybe, depending on application goals)]). There should be only one superuser account that handles all other areas of db admin (backup, recovery, creation of tables/indeces, etc) and only one or two people should have access to this account. As for the production system, all actions should be logged to a table indicating the user, nature of the change, datestamp to provide a proper audit trail. This table should only only select and insert privs on it, so that even by accident, nothing can be deleted bastien From: "Sean Mumford" <[EMAIL PROTECTED]> To: Subject: [PHP-DB] Database storage and Sessions Date: Fri, 10 Feb 2006 16:05:15 -0500 Hi guys, I'm trying to create a small, publicly accessable database where security is a concern since want some users to have administrative access and others not to. The backend is MySQL 5.0.18 with PHP 5.1.2 on an Apache 2.0.55 server, and I am curious as to how much my session code and my database should interact to achieve a good balance of security and speed/overhead. I have come up with several approaches: 1. Use sessions to send the username and password from the website to the database, where the database will authenticate it and allow that user to log in with pre-defined privaledges. Administrators could create database user accounts. 2. Use sessions to store usernames and passwords completely in PHP, and then have a single non-administrative account that the PHP would use to access the database. A similar method would be used for administrative accounts as well. 3. Store all session-related information in the database (might be faster than using PHP to store the info?). As I said before, i'm trying to implement a reasonable amount of security without significantly impacting the overal speed of my system (frontend & backend). Any advice? -Sean -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] SQL request on DBase file
Hi, I have to rewrite an application from ASP. In this application, I receive DBase files which may be saved into Oracle. In ASP, I used a generic driver and I made SQL requests on these files. It is possible with PHP on Linux ? Do you have some examples ? Thank you very much. David. signature.asc Description: Ceci est une partie de message numériquement signée
RE: [PHP-DB] SQL request on DBase file
Whats wonrg with the manual? http://ca3.php.net/manual/en/ref.oracle.php http://www.zend.com/products/zend_core/zend_core_for_oracle Bastien From: David BERCOT <[EMAIL PROTECTED]> To: php-db@lists.php.net Subject: [PHP-DB] SQL request on DBase file Date: Sat, 11 Feb 2006 00:28:16 +0100 Hi, I have to rewrite an application from ASP. In this application, I receive DBase files which may be saved into Oracle. In ASP, I used a generic driver and I made SQL requests on these files. It is possible with PHP on Linux ? Do you have some examples ? Thank you very much. David. << signature.asc >> -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Help getting php up and running
I run a Debian unstable system with apache 1.3 installed. I had PHP installed and running then tried to install Acid/Base for Snort. That installation did not work properly so I attempted to remove the components but then I lost php support. I removed all the PHP files and reattemtped to install. No joy. Anyone have any ideas of what may be an issue. I have the following installed ii libapache-mod-php44.4.2-1 server-side, HTML-embedded scripting languag rc libapache2-mod-php5 5.0.5-3 server-side, HTML-embedded scripting languag ii php4 4.4.2-1 server-side, HTML-embedded scripting languag ii php4-common 4.4.2-1 Common files for packages built from the php ii php4-mysql4.4.2-1 MySQL module for php4 And this is my modules.conf ClearModuleList AddModule mod_so.c AddModule mod_macro.c LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so LoadModule status_module /usr/lib/apache/1.3/mod_status.so LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so LoadModule access_module /usr/lib/apache/1.3/mod_access.so LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so LoadModule includes_module /usr/lib/apache/1.3/mod_include.so LoadModule includes_module /usr/lib/apache2/modules/libphp4.so For the life of me I can't figure out why following the instructions won't get this up and running this time. I think I'm missing a file somewhere. Don -- - Powered by Debian Linux - --- -- - Powered by Debian Linux - -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] PHP - form question (form extensions)
http://www.weberdev.com/get_example-4186.html From: JeRRy <[EMAIL PROTECTED]> To: php-db@lists.php.net Subject: [PHP-DB] PHP - form question (form extensions) Date: Sat, 11 Feb 2006 14:47:36 +1100 (EST) Hi, I have this form, but not sure how to offer extensions. In the "Enquiry Type" If "Advertising" is selected I want to have addition questions listed. Some will be checkbox questions and some textarea. But I only want the questions listed IF "Advertising" is selected, if it's not the questions do not show. How would I go about doing this? I have had a look on the web but did not come uo for a solution, I need a quick response, don't have alot of time on this. Here is my code below: (area refering to is Enquiry Type:NAME="enquirytype" SIZE="1"> GeneralMembershipPurchasingDeliveryAdvertisingEducationSuggestions) I want the questions to be listed either right under that or before the SUBMIT button. Can anyone assist me? (and only if Advertising is selected) ---form code--- BORDER="0"> Contact Us! First Name: MAXLENGTH="20">Last Name:TYPE="text" NAME="lastname" SIZE="25" MAXLENGTH="25"> Company:MAXLENGTH="25"> Email Address:NAME="emailaddress" SIZE="25" MAXLENGTH="25"> Phone #:MAXLENGTH="25"> Enquiry Type:SIZE="1"> GeneralMembershipPurchasingDeliveryAdvertisingEducationSuggestionsCountry:NAME="country" SIZE="1">AUSTRALIANEW ZEALANDFIJIUNITED KINGDOMGERMANYSWEDENCANADA-AFGHANISTANALBANIAALGERIAAMERICAN SAMOAANDORRAANGOLAANGUILLAANTARCTICAANTIGUA AND BARBUDAARGENTINAARMENIAARUBAAUSTRIAAZERBAIJANBAHAMASBAHRAINBANGLADESHBARBADOSBELARUSBELGIUMBELIZEBENINBERMUDABHUTANBOLIVIABOSNIA AND HERZEGOWINABOTSWANABOUVET ISLANDBRAZILBRITISH INDIAN OCEAN TERRITORYBRUNEI DARUSSALAMBULGARIABURKINA FASOBURUNDICAMBODIACAMEROONCANADACAPE VERDECAYMAN ISLANDSCENTRAL AFRICAN REPUBLICCHADCHILECHINACHRISTMAS ISLANDCOCOS (KEELING) ISLANDSCOLOMBIACOMOROSCONGOCOOK ISLANDSCOSTA RICACOTE D'IVOIRECROATIA (local name: Hrvatska)CUBACYPRUSCZECH REPUBLICDENMARKDJIBOUTIDOMINICADOMINICAN REPUBLICEAST TIMORECUADOREGYPTEL SALVADOREQUATORIAL GUINEAERITREAESTONIAETHIOPIAFALKLAND ISLANDS (MALVINAS)FAROE ISLANDSFIJIFINLANDFRANCEFRANCE, METROPOLITANFRENCH GUIANAFRENCH POLYNESIAFRENCH OTHERGABONGAMBIAGEORGIAGERMANYGHANAGIBRALTARGREECEGREENLANDGRENADAGUADELOUPEGUAMGUATEMALAGUINEAGUINEA-BISSAUGUYANAHAITIHEARD AND MC DONALD ISLANDSHONDURASHONG KONGHUNGARYICELANDINDIAINDONESIAIRAN (ISLAMIC REPUBLIC OF)IRAQIRELANDISRAELITALYJAMAICAJAPANJORDANKAZAKHSTANKENYAKIRIBATIKOREAKUWAITKYRGYZSTANLATVIALEBANONLESOTHOLIBERIALIBYAN ARAB JAMAHIRIYALIECHTENSTEINLITHUANIALOCATION NOT REPORTEDLUXEMBOURGMACAUMACEDONIAMADAGASCARMALAWIMALAYSIAMALDIVESMALIMALTAMARSHALL ISLANDSMARTINIQUEMAURITANIAMAURITIUSMAYOTTEMEXICOMICRONESIAMOLDOVA, REPUBLIC OFMONACOMONGOLIAMONTSERRATMOROCCOMOZAMBIQUEMYANMARNAMIBIANAURUNEPALNETHERLANDSNETHERLANDS ANTILLESNEW CALEDONIANEW ZEALANDNICARAGUANIGERNIGERIANIUENORFOLK ISLANDNORTHERN MARIANA ISLANDSNORWAYNot AvailableOMANPAKISTANPALAUPANAMAPAPUA NEW GUINEAPARAGUAYPERUPHILIPPINESPITCAIRNPOLANDPORTUGALPUERTO RICOQATARREUNIONROMANIARUSSIAN FEDERATIONRWANDASAINT KITTS AND NEVISSAINT LUCIASAINT VINCENTSAMOASAN MARINOSAO TOME AND PRINCIPESAUDI ARABIASENEGALSEYCHELLESSIERRA LEONESINGAPORESLOVAKIA (Slovak Republic)SLOVENIASOLOMON ISLANDSSOMALIASOUTH AFRICASOUTH GEORGIA SPAINSRI LANKAST. HELENAST. PIERRE AND MIQUELONSUDANSURINAMESWAZILANDSWEDENSWITZERLANDSYRIAN ARAB REPUBLICTAIWAN, PROVINCE OF CHINATAJIKISTANTANZANIA, UNITED REPUBLIC OFTHAILANDTOGOTOKELAUTONGATRINIDAD AND TOBAGOTUNISIATURKEYTURKMENISTANTURKS AND CAICOS ISLANDSTUVALUUGANDAUKRAINEUNITED ARAB EMIRATESUNITED KINGDOMUNITED STATESUNITED STATES MINORUNKNOWN LOCATIONURUGUAYUZBEKISTANVANUATUVATICAN CITY STATE (HOLY SEE)VENEZUELAVIET NAMVIRGIN ISLANDS (BRITISH)VIRGIN ISLANDS (U.S.)WALLIS AND FUTUNA ISLANDSWESTERN SAHARAYEMENZAMBIAZIMBABWEMessage: ---end form code--- Thankyou for your time. J -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php