date:20020606


 A)  Do you want to place a limit on the size of a single file being
 uploaded?
[...]
 Second, I want to be able to prevent my (limited) traffic to
 be exhausted. Simple reason: I pay for anything above let's say
 10 GB of traffic. So what PHP offers to me AFAIK enables me to
 protect my space, but not my traffic.


You are absolutly correct. Welcome to the client/server relationship. Your
PHP is *entirely* server side, meaning that (in a HTTP[S] PUT or POST) the
entire file is sent to PHP before it can work out if its too big or not.

However, there are some client side effects you can induce (such as the
browser limiting the file size, this can be set in the HTML FORM) - but as
this is client side there is no gaurentee that this request will be
honoured (still leaving you open for a custom / noncompliant browser to
upload giga-huge files to you).

In my experiance its best to give people access to FTP upload but thats
not always an option... I hope the information has helped you. The
following URL might be worth researching.

http://www.php.net/manual/en/features.file-upload.php

Look for information on MAX_FILE_SIZE and READ the user comments. The
manual + user comments usually holds the answers you seek. ;)
-- 
Dan Hardiker [[EMAIL PROTECTED]]
ADAM Software  Systems Engineer
First Creative Ltd



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] oracle again!!!!

2002-06-06 Thread Chris Hewitt


Michael,

I have not used Oracle from PHP but I may be able to provide some 
pointers/questions.

You do not say where the Oracle database is. If it is on the AIX 
computer then to connect you will need the system@tnsname form of user 
name to specify which connection in your tnsnames.ora file to use. (I 
assume you have modified the linux firewall to allow the ports used in 
the tnsnames.ora file to be open).

I assume that you have the Oracle client code loaded onto the linux 
computer.

If the database is local on the linux computer then maybe the firewall 
issue still applies. What Iwould look at first is the first error 
message. ORA-12546 is TNS:permission denied. This looks like the user 
that apache is run as cannot open the tnsnames.ora file. From the Oracle 
home you give, I think it should be trying to open 
/home/oracle/OraHome1/network/admin/tnsnames.ora
but cannot do so. Is the file located here?

Hope this helps.

Chris

Michael P. Carel wrote:

Hi,

I've tried installing php with oracle support to my RedHat Linux server. Im
recieving this error when executing a sample Ora fucntion to connect to the
oracle database.My oracle database works fine but my script canot connect.
I've tried this sample script with my AIX server but it works fine.  I
really dont know why ...
Please help. heres my sample connect script:

PutEnv(ORACLE_SID=oracle);
PutEnv(ORACLE_HOME=/home/oracle/OraHome1);

$connection = Ora_Logon(system,manager);


if($connection==false){
echo Ora_ErrorCode($connection).:. Ora_error($connection).BR;
exit;
}



And heres my warning error:

Warning: Oracle: Connection Failed: Error while trying to retrieve text for
error ORA-12546 in /home/www/htdocs/selecting.php on line 9

Warning: ora_errorcode(): supplied argument is not a valid
Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line
13

Warning: ora_error(): supplied argument is not a valid
Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line
13
:



I can connect to oracle remotely with my sqlplus using this account. Is
thereanything that i didnt know when settingup php with oracle in redhat
linux?



Thanks in advance.



Regards,
Mike





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] if() statements

2002-06-06 Thread Justin French


Hi,

I'm working on a 350+ line message board script with multiple SQL queries,
etc.

It's starting to get a noticeable (although not major) lag.  It's probably
the multiple MySQL queries, which I'm going to attempt to minimise and
optimise, but it also brings me to a question about if().

does the process of PHP digging it's way through multiple nested if()
statements slow down PHP, perhaps in comparison to a single line with an
include?

eg

?
if($something)
{
//
// 100 lines of code, queries and nested if()'s
//
}
?

versus

?
if($something)
{
include('100_lines_of_code.inc');
}
?

I personally like developing with include() files and keeping everything
modular, but have been avoiding this in part, due to the multiple includes
already found on my pages (eg sessions, fonts, config, header, footer,
content, function libraries = 7+ includes per page) and the possible concern
of so many includes slowing things down.

BUT, if larger if() blocks can cause a simular bottle-neck, then maybe i'll
go back to multiple includes...


Is there a good way to time scripts too?  All I can think of is comparing
time() or microtime() from the start and end of the scripts.


Thanks,

Justin French


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Secure File Upload

2002-06-06 Thread Christoph Starkmann


Hi Dan!

  A)  Do you want to place a limit on the size of a single file being
  uploaded?
 [...]
  Second, I want to be able to prevent my (limited) traffic to
  be exhausted. Simple reason: I pay for anything above let's say
  10 GB of traffic. So what PHP offers to me AFAIK enables me to
  protect my space, but not my traffic.
 You are absolutly correct. Welcome to the client/server 
 relationship. Your
 PHP is *entirely* server side, meaning that (in a HTTP[S] PUT 
 or POST) the
 entire file is sent to PHP before it can work out if its too 
 big or not.

I know this, not this new to CGI... ;) The only thing I thought/hoped
was that maybe there's a way to recieve the file size information before
upping the entire file. Like with email or news, where I can download
headers
seperated from the message body... But as far as I can see, this is not
possible. Sad but true ;)

So I have to trust my visitors ;)

Cheers,

Kiko

-- 
It's not a bug, it's a feature.
christoph starkmann
mailto:[EMAIL PROTECTED]
http://www.gruppe-69.com/
ICQ: 100601600
-- 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Secure File Upload

2002-06-06 Thread Jason Wong


On Thursday 06 June 2002 17:53, Christoph Starkmann wrote:

 I know this, not this new to CGI... ;) The only thing I thought/hoped
 was that maybe there's a way to recieve the file size information before
 upping the entire file. 

It is possible with some browsers:

 http://marc.theaimsgroup.com/?l=php-generalm=102079018906224w=2

-- 
Jason Wong - Gremlins Associates - www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design  Hosting * Internet  Intranet Applications Development *

/*
jogger, n.:
An odd sort of person with a thing for pain.
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Secure File Upload


 I know this, not this new to CGI... ;) The only thing I
 thought/hoped was that maybe there's a way to recieve the file size
 information before upping the entire file.

 It is possible with some browsers:
 http://marc.theaimsgroup.com/?l=php-generalm=102079018906224w=2


But you still have to rely on your visitors as they could simply use
another web browser should they wish to DoS your site. Security measures
such as logging in before allowing a file upload can come in useful here.

-- 
Dan Hardiker [[EMAIL PROTECTED]]
ADAM Software  Systems Engineer
First Creative Ltd



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] global variables without sessions on apache

2002-06-06 Thread Zac Hillier

Thanks Jason,

Works great in htaccess

Zac
- Original Message -
From: Jason Wong [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 4:08 AM
Subject: Re: [PHP] global variables without sessions on apache

 On Thursday 06 June 2002 06:05, Zac Hillier wrote:
  Miguel,

  I mean that the variables will never change per Virtual host but that
the
  site is a template for many sites and these vars are part of the
  distinction for each site / Virtual Host.

  So far the suggestions of using the  auto-prepend  in the php.ini have
not
  seemed to cater for this. Can you help further?

 The auto-prepend thing can be set per-site if you put it in the
apache.conf
 file, and possibly per-directory as well (haven't tried it) if put in
 .htaccess files.

 --
 Jason Wong - Gremlins Associates - www.gremlins.com.hk
 Open Source Software Systems Integrators
 * Web Design  Hosting * Internet  Intranet Applications Development *

 /*
 You will have a head crash on your private pack.
 */

 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Secure File Upload

2002-06-06 Thread Christoph Starkmann


Hi again, Dan!

 But you still have to rely on your visitors as they could simply use
 another web browser should they wish to DoS your site. 
 Security measures
 such as logging in before allowing a file upload can come in 
 useful here.

I think I have to agree at this point. I was just hoping I 
was simply missing some point, but then a login wil have to do.

Thanks for all your help...

Cheers,

Kiko

-- 
It's not a bug, it's a feature.
christoph starkmann
mailto:[EMAIL PROTECTED]
http://www.gruppe-69.com/
-- 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] date problem

2002-06-06 Thread John Holmes


So what did you get? Did it work? (No. I doubt it...) Don't just post a
question like Here's what I'm doing...fix it

Anyway, your really wasting your time by not using a date or timestamp
column. If you don't understand why or realize how easy it is to change
it, you've got a lot of learning to do.

The only way you can do it with a char column is to select the entire
database, load it into a PHP array, using strtotime() to (hopefully)
convert May 29, 2002, etc, into a unix timestamp, and then sort by
that timestamp. 

You just make things more difficult with a char column. I hope you don't
have any more queries based on time or date...

---John Holmes...

 -Original Message-
 From: andy [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, June 06, 2002 2:02 AM
 To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Subject: [PHP] date problem
 
 Hi there,
 
 I would like to count the users out of a mysql db who registered after
a
 certain date.
 
 The column I have in the db is a char and I do not want to change this
 anymore.
 This is how a typical entry looks like: May 29, 2002
 
 This is how I tryed it:
 
 // while '10...' is unix timestamp june 1, 02
 SELECT COUNT(*) AS c
 FROM users_table
 WHERE UNIX_TIMESTAMP( user_regdate )  '1022882400'
 
 Thanx for any help on that,
 
 andy
 
 
 
 
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] date problem


 SELECT COUNT(*) AS c
 FROM users_table
 WHERE UNIX_TIMESTAMP( user_regdate )  '1022882400'

 The only way you can do it with a char column is to select the entire
 database, load it into a PHP array, using strtotime() to (hopefully)
 convert May 29, 2002, etc, into a unix timestamp, and then sort by
 that timestamp.


Alternatively you could use the query you are now (if its returning the
correct subset of rows from the table). Replace COUNT(*) AS c with your
primary key field (eg: id), and then use mysql_count_row() [rtfm for more
details] rather than pulling the rows. From here it looks like your
fastest option, but your not providing enough information.

-- 
Dan Hardiker [[EMAIL PROTECTED]]
ADAM Software  Systems Engineer
First Creative Ltd



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] date problem

2002-06-06 Thread John Holmes


  SELECT COUNT(*) AS c
  FROM users_table
  WHERE UNIX_TIMESTAMP( user_regdate )  '1022882400'
 
  The only way you can do it with a char column is to select the
entire
  database, load it into a PHP array, using strtotime() to (hopefully)
  convert May 29, 2002, etc, into a unix timestamp, and then sort by
  that timestamp.
 
 
 Alternatively you could use the query you are now (if its returning
the
 correct subset of rows from the table). Replace COUNT(*) AS c with
your
 primary key field (eg: id), and then use mysql_count_row() [rtfm for
more
 details] rather than pulling the rows. From here it looks like your
 fastest option, but your not providing enough information.

The query shouldn't be returning anything, b/c a unix_timestamp of a
char type column is going to be zero. So zero will never be 
1022882400. 

Also, there is no MySQL_count_row(), function. Do you mean
MySQL_num_rows()? You should use COUNT(*) in your query instead of
MySQL_num_rows(), if the count is all your after. 

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Need some suggestions about community :)

2002-06-06 Thread Hawk


Sorry, my bad, meant a table for each user, not a database :)
But I'll go with the shared tables then :P

Håkan



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Modifying the sort order of a query


[snip]
I've just tried the sub-select approach. Works great on the first page -
shows names listed alphabetically sorted by country. However, once I click
on
'Next 20' both sorts go bye-bye (neither by name nor country).
[/snip]

I am late to the thread but I wanted to offer another suggestion. Retrieve
the data results into an array and sort the array. I like Peter's idea
though, using a case statement for the appropriate sort order information.
You could also set a variable ($lastSortOrder) to 'default', 'country',
'city', 'whatever' and place this variable within the query. Pseudocode
follows;

$lastSortOrder = default

$query = SELECT name, address, city, state, zip FROM table ;
$query .= ORDER BY  . $lastSortOrder . ;

input type=submit name=action value=Sort By Countrybr
input type=submit name=action value=Sort By Citybr

switch($action){
case Sort By Country:
$lastSortOrder = country
break;
case Sort By City:
$lastSortOrder = city
break;
}

I know this isn't complete but I HTH!

Jay




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Modifying the sort order of a query

2002-06-06 Thread Andre Dubuc


Thanks Jay,

Well, I went back to work on it, and with the combined suggestions from the 
list, it's working now. I just had to insert the sub-select on the called 
page as well. That seemed to be the problem.

Thanks for your suggestion -- I used part of it.

Regards,
Andre

On Thursday 06 June 2002 07:39 am, you wrote:
 [snip]
 I've just tried the sub-select approach. Works great on the first page -
 shows names listed alphabetically sorted by country. However, once I click
 on
 'Next 20' both sorts go bye-bye (neither by name nor country).
 [/snip]

 I am late to the thread but I wanted to offer another suggestion. Retrieve
 the data results into an array and sort the array. I like Peter's idea
 though, using a case statement for the appropriate sort order information.
 You could also set a variable ($lastSortOrder) to 'default', 'country',
 'city', 'whatever' and place this variable within the query. Pseudocode
 follows;

 $lastSortOrder = default

 $query = SELECT name, address, city, state, zip FROM table ;
 $query .= ORDER BY  . $lastSortOrder . ;

 input type=submit name=action value=Sort By Countrybr
 input type=submit name=action value=Sort By Citybr

 switch($action){
   case Sort By Country:
   $lastSortOrder = country
   break;
   case Sort By City:
   $lastSortOrder = city
   break;
 }

 I know this isn't complete but I HTH!

 Jay

-- 
Please pray the Holy Rosary to end the holocaust of abortion.
Remember in your prayers the Holy Souls in Purgatory.

May God bless you abundantly in His love!
For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Sessions question (-enable-trans-sid)

2002-06-06 Thread Jeff Field


Thanks to all for their help on this.  As a follow-up, and after a bunch of
playing around with this yesterday, here's what I've come to learn.  Perhaps
it will be helpful to others:

With enable-trans-id compiled into PHP and the following directives in
php.ini:

session.use_cookies = 0(PHP uses cookies for sessions - off)
session.use_trans_sid = 1  (PHP uses enable-trans-id for sessions - on)

PHP will automatically append the SID to the end of relative links 100% of
the time and will not use cookies no matter whether the user has cookies
enabled for their browser or not.

In the following case (and I presume the more normal way of doing things):

session.use_cookies = 1(PHP uses cookies for sessions - on)
session.use_trans_sid = 1  (PHP uses enable-trans-id for sessions - on)

PHP will behave the same way for those users that do *not* have cookies
enabled for their browser as in the first example, i.e. append links 100% of
the time.  However, for those users that have cookies enabled for their
browser, PHP will append the SID to the links only on the first hit to a
page.  Then, when a user requests the next page, the auto-rewriting of the
URI's stops and cookies are used from that point forward.

Actually, that all makes sense, as the first time a user requests a page,
there's no way for PHP to know if the browser will accept cookies or not.
But, on the second request, the browser will send the cookie back to PHP
(along with the appended URI), and PHP from that point on knows that the
browser accepts cookies and PHP will then drop the rewriting of the URI's.

I hope I've got this all correct.  The one observation I'd make in regards
to using cookies vs. URI's to maintain the session is this (and please
someone correct me if I'm wrong):

If a user does *not* have cookies enabled for their browser, you can lose
the session if the user hits an html page at your site (because PHP will not
be involved and will not rewrite the URI's for the .html page).  Not good.

If a user *does* have cookies enabled, they can hit non-PHP pages all they
want and when they get back to a PHP page, the session is still intact.

So, it would seem, while the SID being appended to all URI's should work for
all users, non-PHP pages will break the session (not good).  And, as for the
cookie method, not all users have cookies enabled for their browser (also,
not good).  Therefore, IMO, neither the cookie method or appending the URI
method will work as you'd like 100% of the time.

I suppose one thing you could do so that non-PHP pages won't break the
session for those users that don't have cookies enabled would be to just run
every page in your site through PHP.  That way, the URI's for every page
will be appended with the SID, and maybe that's the way to go.

Anyway, I hope I've got this all right and I hope it helps someone.

Jeff


 -Original Message-
 From: Jeff Field [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, June 05, 2002 11:56 AM
 To: [EMAIL PROTECTED]
 Subject: [PHP] Sessions question (-enable-trans-sid)


 Hi,

 I'm confused about one thing regarding sessions and haven't been able to
 find the definitive answer anywhere.  Hopefully, I can here.

 There are two ways to enable sessions:

 1) Session ID is passed through cookies
 2) Session ID is passed through the URL, either done manually or by
 automatic URL rewriting

 All the books, tutorials, etc. basically say that cookies are the
 way to go
 but when users don't have cookies enabled, you have to use the
 URL method.
 Since I have an e-commerce site that is available to the world,
 I'm assuming
 *some* are not going to have cookies enabled.  Duh!

 So, from what I've read, you can implement the URL method of sessions by
 either manually attaching the session ID to the URLs, or, by compiling PHP
 with enable-trans-sid, which will add the session ID to the URL's
 automatically.  The answer that I haven't been able to find is this:

 Is this a one or the other proposition?  IOW, if I implement sessions with
 cookies, then I can't use the URL method?  Or, if I implement the
 URL method
 (with enable-trans-sid), I can't use the cookie method?  Or, do
 they work in
 combination.  IOW, does PHP automatically know that if a user has cookies
 enabled, PHP will use the cookie method and, when cookies are
 *not* enabled,
 PHP automatically implements the URL method?

 Thanks for the help!

 Jeff


 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Stripping illegal characters out of an XML document

2002-06-06 Thread Daniel Pupius


Hi there. I'm working with RDF/XML that is strict on what characters are
allowed within the elements and attributes. I was wondering if anyone had a
script that processed a string and replaced all illegal-characters with
their HTML code, for example  is converted to  and  to . It should
also work for characters like é.

It would be possible to process the strings before they are inserted into
the XML document - if that is easier.

If there isn't a script that'll do this I'll have to write my own - which
could be quite time consuming ;(

Thanks

Dan



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Can't Connect to INFORMIX DB

2002-06-06 Thread Gastón


Thanks for the answer..

But this is the story now..

I've finally made Informix  PHP work using ODBC. That's working fine now.

And about native functions, i've downloaded the manual instalation of PHP,
and now i have the extensions, dlls, and all that stuff. But still can't
make it work.

I've set my extension_dir, from php.ini, like this:

extension_dir = C:\Php421\extensions\

And of course, that's the path where i have those files.

Any help will we appreciated!

Bye
Gastón.

Juraj Hasko [EMAIL PROTECTED] escribió en el mensaje
001f01c20c5b$dd6c8870$ec01db0a@HASKO">news:001f01c20c5b$dd6c8870$ec01db0a@HASKO...
 Hi,

 1. PHP native function for Informix will not work, because there is
missing php_ifx.dll extension in latest PHP 4.2.1 bundle for win32.

 2. you have probably error in instalation of Infomix ODBC drivers. The
file 'csql.iem' is part of standart instalation. Check your instalation ...

 Juraj
 System Administrator

 CAC LEASING Slovakia, a.s.
 mailto:[EMAIL PROTECTED]
 http://www.cacleasing.sk

 -Original Message-
 From: Gastón [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, June 04, 2002 8:19 PM
 To: [EMAIL PROTECTED]
 Subject: Can't Connect to INFORMIX DB
 
 
 Hi,
 I need some help (or maybe a lot), to get PHP connecting to my
 Informix DB.
 I'm pretty new to PHP, and i don't have a clue of what i'm doing wrong.
 
 I'm using IIS 4.0 under Win NT 4.0.
 with PHP 4.2.1
 
 I've tried to connect throw ODBC driver, and directly from
 native functions
 but both fail.
 The messages are:
 When i use ODBC:
 Warning: SQL error: [INTERSOLV][ODBC Informix
 driver][Informix]Cannot open
 file 'csql.iem' , SQL state S1000 in SQLConnect
 
 When i use native functions:
 PHP Warning: Unable to load dynamic library
 'C:\Php421\extensions\php_ifx.dll' - The specified procedure
 could not be
 found. in Unknown on line 0
 
 
 Thanks,
 Gastón.
 
 
 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] array_walk

2002-06-06 Thread Chris Boget


If you use array_walk with an associative array, the only
arguments that PHP automatically passes to the defined
array are the numerical/element keys.  Is there any way
you can force it to pass the associative keys?

For example, I have an array:

$bob = array( this = other );

Instead of passing this and other to your array, PHP 
passes 0 and other.  Is there any way I can make it
so that it passes this?

Chris



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Using checkboxes

2002-06-06 Thread Dan Koken


This always works for me..
==
/*  *\
**  chk[] is the list of check boxes sent to browser.
**  If chk[$i] equals $i as as you loop
** 
through the array.. then it was checked.
**  But first we need to set all the boxes that
** 
ain't checked to -1 or something other than $i
** 
$num_chk = number of $chk[] boxes sent
\*  */
for ($i=$num_chk; $i-1 ; $i--) {
if (!isset($chk[$i])) $chk[$i] = -1;
else{
$ii   = $chk[$i];
$chk[$i]  = -1;
$chk[$ii] = $ii;
}
}
/* Now you can loop through the chk[]
** list and find out what ones were set
*/
=
HTH. Good luck ... Dan


Dirk Beijaard wrote:

 Hey all,
 
 I have a form, generated in php, with a lot of checkboxes on it. They
 are initialized from the db. All checkboxes are in a 2d array and they
 come through to my processing script fine. The only problem is that
 the ones that are unchecked do not come through. I know that the post
 command only sends the checked boxes. What I would like to know is which
 ones were changed, ie checked or unchecked by the user. Right now I do
 it by putting a string with the old values in a hidden textbox and 
 comparing those to what I get back in the array. I have been thinking
 about writing some client side script to produce the differences.
 
 Does anyone know if there is a better way to do this? 
 
 Thanks,
 Dirk.
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Number formatting

2002-06-06 Thread Scott


Hi gang-

I am trying to format a number coming from a csv file that I am importing 
then sending to a database.  Being the wonderful program that Excel is 
there is a column that contains a number that only has a decmimal if there 
is a value.  So 3.05% will display, 3% will display as 3.  It is throwing 
my calculations off, I have tried using number format like this:

$aprTemp = number_format($apr, 2); which in the case of 3.05 will return 
305.00 and 300.00 for 3%.  Anyone have a snippet to test and display 
properly so that 3% would be 3.00, etc.

Thanks,

-Scott



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Can't Connect to INFORMIX DB

2002-06-06 Thread Michael Davey


Remove the semi-c0lon from the following line in php.ini:

;extension=php_ifx.dll

And then restart your web-server if your run PHP as a module...

Mikey

GastóN [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Thanks for the answer..

 But this is the story now..

 I've finally made Informix  PHP work using ODBC. That's working fine now.

 And about native functions, i've downloaded the manual instalation of
PHP,
 and now i have the extensions, dlls, and all that stuff. But still can't
 make it work.

 I've set my extension_dir, from php.ini, like this:

 extension_dir = C:\Php421\extensions\

 And of course, that's the path where i have those files.

 Any help will we appreciated!

 Bye
 Gastón.

 Juraj Hasko [EMAIL PROTECTED] escribió en el mensaje
 001f01c20c5b$dd6c8870$ec01db0a@HASKO">news:001f01c20c5b$dd6c8870$ec01db0a@HASKO...
  Hi,
 
  1. PHP native function for Informix will not work, because there is
 missing php_ifx.dll extension in latest PHP 4.2.1 bundle for win32.
 
  2. you have probably error in instalation of Infomix ODBC drivers. The
 file 'csql.iem' is part of standart instalation. Check your instalation
...
 
  Juraj
  System Administrator
 
  CAC LEASING Slovakia, a.s.
  mailto:[EMAIL PROTECTED]
  http://www.cacleasing.sk
 
  -Original Message-
  From: Gastón [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, June 04, 2002 8:19 PM
  To: [EMAIL PROTECTED]
  Subject: Can't Connect to INFORMIX DB
  
  
  Hi,
  I need some help (or maybe a lot), to get PHP connecting to my
  Informix DB.
  I'm pretty new to PHP, and i don't have a clue of what i'm doing wrong.
  
  I'm using IIS 4.0 under Win NT 4.0.
  with PHP 4.2.1
  
  I've tried to connect throw ODBC driver, and directly from
  native functions
  but both fail.
  The messages are:
  When i use ODBC:
  Warning: SQL error: [INTERSOLV][ODBC Informix
  driver][Informix]Cannot open
  file 'csql.iem' , SQL state S1000 in SQLConnect
  
  When i use native functions:
  PHP Warning: Unable to load dynamic library
  'C:\Php421\extensions\php_ifx.dll' - The specified procedure
  could not be
  found. in Unknown on line 0
  
  
  Thanks,
  Gastón.
  
  
  





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is this possible


On Thu, Jun 06, 2002 at 05:32:45AM -, James Edgar wrote:

 class myClass
   {
   function myFunc($var)
   {
   include(xml.inc);
   $obj = new xml($data,xml);  

And what happened when you ran this?  Why not tell us?  In the future, 
please post error messages and/or results so we can help you more 
accurately.

If you ran it, it'd probably say Class declarations may not be nested.  
Pretty clear.

The code for your xml class outside of myClass.  But, you can create the 
object inside the class.

So, put include('./xml.inc'); before class myClass and leave
$obj = new xml($data, 'xml'); where it is.

Enjoy,

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] array_walk


 Instead of passing this and other to your array, PHP
 passes 0 and other.  Is there any way I can make it
 so that it passes this?

[pulled from the manual directly]

Example 1. array_walk() example


$fruits = array (d=lemon, a=orange, b=banana, c=apple);


function test_alter ($item1, $key, $prefix) {

$item1 = $prefix: $item1;

}


function test_print ($item2, $key) {

echo $key. $item2br\n;

}

echo Before ...:\n;

array_walk ($fruits, 'test_print');

reset ($fruits);

array_walk ($fruits, 'test_alter', 'fruit');

echo ... and after:\n;

reset ($fruits);

array_walk ($fruits, 'test_print');




The printout of the program above will be:

Before ...:

d. lemon

a. orange

b. banana

c. apple

 and after:

d. fruit: lemon

a. fruit: orange

b. fruit: banana

c. fruit: apple



-- 
Dan Hardiker [[EMAIL PROTECTED]]
ADAM Software  Systems Engineer
First Creative Ltd



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Anthony Ritter


Is there any way to retrieve data (for example - the text *within* a table)
from another URL so that only the text appears and not the html (tables,
cells, colors, etc.)

Below is a script which opens and reads a URL and then outputs the complete
URL.

I am just looking for the text output.

Thank you in advance.
Tony Ritter
...

html
head
titleRetrieving text from a URL/title
/head
body
?
$theurl=http://www.blah.com;;
if (!($fp=fopen($theurl, r)))
 {
  echo Could not open the URL;
  exit;
 }
$contents= fread($fp, 100);
fclose($fp);
echo $contents;
echo br.This information retrieved frombr.a
href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T));
?
/body
/html




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Jason Wong


On Thursday 06 June 2002 23:43, Anthony Ritter wrote:
 Is there any way to retrieve data (for example - the text *within* a table)
 from another URL so that only the text appears and not the html (tables,
 cells, colors, etc.)

strip_tags()

-- 
Jason Wong - Gremlins Associates - www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design  Hosting * Internet  Intranet Applications Development *

/*
Help stamp out Mickey-Mouse computer interfaces -- Menus are for Restaurants!
*/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Leotta, Natalie (NCI/IMS)


In theory, I would guess you could use combinations of explode and strstr to
maybe explode on , then run strstr on  so you get everything after the 
but before the next .  Then you'd probably have to implode it or something.
There might be a better way to do it with just substr and strstr so you
don't have to explode it...

There may be an easier way - but this is the first thing that popped into my
head, and it might at least get you looking in a good direction.

Good luck!

-Natalie

-Original Message-
From: Anthony Ritter [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, June 06, 2002 11:44 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Retrieving text from a URL using PHP


Is there any way to retrieve data (for example - the text *within* a table)
from another URL so that only the text appears and not the html (tables,
cells, colors, etc.)

Below is a script which opens and reads a URL and then outputs the complete
URL.

I am just looking for the text output.

Thank you in advance.
Tony Ritter
...

html
head
titleRetrieving text from a URL/title
/head
body
?
$theurl=http://www.blah.com;;
if (!($fp=fopen($theurl, r)))
 {
  echo Could not open the URL;
  exit;
 }
$contents= fread($fp, 100);
fclose($fp);
echo $contents;
echo br.This information retrieved frombr.a
href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T)); ?
/body /html




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Leotta, Natalie (NCI/IMS)


I wish I'd seen this before I sent my message!

-Original Message-
From: Jason Wong [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, June 06, 2002 10:46 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Retrieving text from a URL using PHP


On Thursday 06 June 2002 23:43, Anthony Ritter wrote:
 Is there any way to retrieve data (for example - the text *within* a 
 table) from another URL so that only the text appears and not the html 
 (tables, cells, colors, etc.)

strip_tags()

-- 
Jason Wong - Gremlins Associates - www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design  Hosting * Internet  Intranet Applications Development *

/*
Help stamp out Mickey-Mouse computer interfaces -- Menus are for
Restaurants! */


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] long PHP array and HTML forms question

2002-06-06 Thread Steven Jarvis


Jason Wong wrote:
 Page 2:
 I want the user to be able to use none, some, or all of the fields, 
 so I
 don't know how many elements will be in the array.

 $color[] = $_POST[color];

 That should be:

   $color = $_POST[color];

 Actually from your results below it seems like you've enabled 
 register_globals
 and it's not necessary to explicit (re)assign $color.

Right. I'm used to working on a machine that doesn't have 
register_globals enabled, so it's just habit. Unfortunately, that 
particular hosting provider enables them.




 First question: is there something I can do at this point to cut the
 empty entries

 foreach ($color as $key = $val) {
   if ($val) {
 $tmp[] = $val;
   }
 }
 $color = $tmp;

 That will remove empty values from $color.

Ahh. That's exactly what I needed!

Thanks,

Steven


Steven Jarvis
Web Developer
Arkansas Democrat-Gazette
Northwest Edition


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Anthony Ritter


Thank you Jason.

I'm still trying to figure out how to implement the strip_tags() function on
the script below so that the output of the URL is straight text.

Please advise if you get a chance.

TR
.

html
head
titleRetrieving text from a URL/title
/head
body
?
$theurl=http://www.blah.com;;
if (!($fp=fopen($theurl, r)))
 {
  echo Could not open the URL;
  exit;
 }
$contents= fread($fp, 100);
fclose($fp);
echo $contents;
echo br.This information retrieved frombr.a
href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T));
?
/body
/html




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] if() statements


On Thu, Jun 06, 2002 at 07:52:28PM +1000, Justin French wrote:

 It's starting to get a noticeable (although not major) lag.  It's probably
 the multiple MySQL queries, which I'm going to attempt to minimise and
 optimise, but it also brings me to a question about if().

 does the process of PHP digging it's way through multiple nested if()
 statements slow down PHP, perhaps in comparison to a single line with an
 include?

If() statements definitely slow programs down.  BUT, the size of the
code inside the if satement isn't the real issue.  It's the process of
making the true/false decision that takes the work.  Of course, the
longer the code inside the if statement, the longer it takes run that
particular part of the code if that code is executed.


 I personally like developing with include() files and keeping everything
 modular,

Regarding includes, they add overhead.  Includes come in handy where
the included file is used in other scripts too.


 Is there a good way to time scripts too?  All I can think of is comparing
 time() or microtime() from the start and end of the scripts.

Yep.  That's the simplest thing to do, but I believe there are 
benchmarking classes/functions out there.

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Mail routing/reply to woes

2002-06-06 Thread Dennis Gearon


I am the webperson for a couple of sites, new ones. I've set up several
addresses, some I get and respond to.

What I would like, for all the addresses on the box, is for someone to
be able to run their browser's mailere to be able to download the mail,
and also send mail from the server th3e account is hosted on. 

This owuld cause the reply to address to be their account name, AND more
importantly, have the sent from/routing to come from that box. These
boxes are for 12 step anonymous organizations and I don't want their
home email address being connected to the usage of the site.

Can POP3 do this, or IMAP, or either?
-- 

If You want to buy computer parts, see the reviews at:
http://www.cnet.com/
**OR EVEN BETTER COMPILATIONS**!!
http://sysopt.earthweb.com/userreviews/products/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stripping illegal characters out of an XML document


On Thu, Jun 06, 2002 at 12:47:57PM +0100, Daniel Pupius wrote:

 Hi there. I'm working with RDF/XML that is strict on what characters are
 allowed within the elements and attributes. I was wondering if anyone had a
 script that processed a string and replaced all illegal-characters with
 their HTML code, for example  is converted to  and  to . It should
 also work for characters like é.

Here's what I use.  I grab the file and stick it into the $Contents
string.  Then, I clean it up with the following regex's.  Finally, I 
pass it to the parse function.

   #  Escape ampersands.
   $Contents = preg_replace('/(amp;|)/i', 'amp;', $Contents);

   #  Remove all non-visible characters except SP, TAB, LF and CR.
   $Contents = preg_replace('/[^\x20-\x7E\x09\x0A\x0D]/', \n, $Contents);

Of course, you can similarly tweak $Contents to drop or modify any other
characters you wish.

That's snipet is from my PHP XML Parsing Basics tutorial at
http://www.analysisandsolutions.com/code/phpxml.htm


 It would be possible to process the strings before they are inserted into
 the XML document - if that is easier.

While that's nice, it's not fool proof.  What if someone circumvents
your insertion process and gets a bad file into the mix?  You still need
to clean things as they come out just to be safe.

Enjoy,

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stripping illegal characters out of an XML document

2002-06-06 Thread Daniel Pupius


Thanks, I've created a delimited file of all the HTML Character references.
I then loop through and do a replace as previously suggested.   However,
IE's XML Parser still doesn't like the eacute; which represents é

For all intents and purposes it's ok and works with the RDF processor.
However, I'd like IE to be able to view the XML file just for completeness.

Da


Analysis  Solutions [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 On Thu, Jun 06, 2002 at 12:47:57PM +0100, Daniel Pupius wrote:

  Hi there. I'm working with RDF/XML that is strict on what characters are
  allowed within the elements and attributes. I was wondering if anyone
had a
  script that processed a string and replaced all illegal-characters with
  their HTML code, for example  is converted to  and  to . It should
  also work for characters like é.

 Here's what I use.  I grab the file and stick it into the $Contents
 string.  Then, I clean it up with the following regex's.  Finally, I
 pass it to the parse function.

#  Escape ampersands.
$Contents = preg_replace('/(amp;|)/i', 'amp;', $Contents);

#  Remove all non-visible characters except SP, TAB, LF and CR.
$Contents = preg_replace('/[^\x20-\x7E\x09\x0A\x0D]/', \n,
$Contents);

 Of course, you can similarly tweak $Contents to drop or modify any other
 characters you wish.

 That's snipet is from my PHP XML Parsing Basics tutorial at
 http://www.analysisandsolutions.com/code/phpxml.htm


  It would be possible to process the strings before they are inserted
into
  the XML document - if that is easier.

 While that's nice, it's not fool proof.  What if someone circumvents
 your insertion process and gets a bad file into the mix?  You still need
 to clean things as they come out just to be safe.

 Enjoy,

 --Dan

 --
PHP classes that make web design easier
 SQL Solution  |   Layout Solution   |  Form Solution
 sqlsolution.info  | layoutsolution.info |  formsolution.info
  T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
  4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Anyone?


I posted this yesterday and did not get any response at all?  Just wondering
if someone can give me some insight into some security measures for a
content management application...

Posted 06/05/2002
Ok, I am not a security expert so I would like to know if my security
measures I have implimented is adequate enough to keep people out.  Any
pointers on this would be very helpful as I am trying to impliment a secure
way for people to update a website through the use of a content management
application.  Example of code is as follows

// Login form - index.php
form name=authenticate method=post action=auth_done.php
  input type=text name=user size=20 maxlength=20br
  input type=password name=pw size=20 maxlength=20br
Select an image to identify yourself as an administrator.br
   select name=image
 option value=image01.jpgimage01/option
 option value=image02.jpgimage02/option
 option value=image03.jpgimage03/option
 option value=image04.jpgimage04/option
 option value=image05.jpgimage05/option
   /selectbrbr
  input type=submit name=Login value=Login
  input type=reset name=Reset value=Reset
/form

// Authentication checker - auth_done.php
  #check fields for valid entries in form
if ((!$u_name) || (!$p_word) || (!$image)){
 header(Location: index.php);
 exit;
}
  connects to database
require '/path/to/database/connection/script/dbcon.php';
  #selects database table containing users that are allowed to
use application
$db_table = 'users';
$sql = SELECT * from $db_table WHERE un = \$user\ AND pw =
password(\$pw\);
$result = mysql_query($sql,$dbh) or die(Couldn't execute query);
  #loops through all records to find a match
$num = mysql_numrows($result);
 if ($num !=0) {
  #creates variables for sessions
  $p_hash = $p_word;
  $to_hash = $image;
  #creates md5 hash of image user selected
  $pstring = md5($to_hash);
  #creates md5 hash of password user entered
  $image_sel = md5(uniqid(microtime($p_word),1));
  #starts session for user
   session_start();
  #registers variables created (md5 of password, username, 
image) in session
   session_register('user');
   session_register('$pstring');
   session_register('$image_sel');
  #captures users ip address (logging stuff, not listed in this
code for security reasons)
  $ipaddy = $REMOTE_ADDR;
  #echoes success message to authenticated user
  $msg_success = bYou have been authorized to make changes to the
website! Your IP address has been recorded and sent to the administrator:
$ipaddy/b;
  } else {
  #this prints if user name and password combination is not
found in database
  print pYou are not authorized to use this application!/p;
  exit;
  }

Now on each page in the content management app I have these lines of code:
#Start the session#
session_start();
#check session variables#
if (isset($HTTP_SESSION_VARS['user']) ||
isset($HTTP_SESSION_VARS['$image_sel']) ||
isset($HTTP_SESSION_VARS['$pstring'])) {
 $main = Some kinda message for page in question;
#connects to database#
require '/path/to/database/connection/script/dbcon.php';
 #if session variables not registered kick the user back to
login form#
 } else {
 header (Location: index.php);
 }

Now just so you know I have changed all the variables to something other
than what I am currently using, however I have made sure that this is a
working example so everything should work as is.  Also I have tested this a
few different ways, including:  creating a page that tries to include one of
the pages I have my security checks on from another website, linking
directly to a script within the application etc.  In any event, I also have
logging setup on each and every script which I have not included here
(different topic), just in case someone does get in I can at least try to
find them.  Any help, pointers, tutorials, examples, etc. would be
appreciated!!!
TIA
Jas





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.

2002-06-06 Thread Jess Ragaza

From: mmcree [EMAIL PROTECTED]

Subject: Worm Klez.E immunity 

Date: Thu, 06 Jun 2002 04:53:27 -0400 

Klez.E is the most common world-wide spreading
worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus
technic,most common AV software can't detect or clean
it.

We developed this free immunity tool to defeat the
malicious virus. You only need to run this tool
once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool
the real worm,some AV monitor maybe cry when you run
it. If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me. 

__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Secure File Upload

2002-06-06 Thread Miguel Cruz


On Thu, 6 Jun 2002, Christoph Starkmann wrote:
 Yes. In fact, i would like to prevent having users upload too 
 big files. There are two reasons:
 First, I don't want my server space to be consumed by files too big.
 Second, I want to be able to prevent my (limited) traffic to
 be exhausted. Simple reason: I pay for anything above let's say
 10 GB of traffic. So what PHP offers to me AFAIK enables me to
 protect my space, but not my traffic. That's where my question
 comes from.

Depending on your server environment, you may be able to get the firewall
code to drop a connection after a certain amount of traffic in one
direction. That would effectively and unceremoniously cut off the rogue
uploads. Beyond the scope of this mailing list, though.

miguel


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Miguel Cruz


echo strip_tags($contents);

miguel

On Thu, 6 Jun 2002, Anthony Ritter wrote:
 I'm still trying to figure out how to implement the strip_tags() function on
 the script below so that the output of the URL is straight text.
 
 Please advise if you get a chance.
 
 TR
 .
 
 html
 head
 titleRetrieving text from a URL/title
 /head
 body
 ?
 $theurl=http://www.blah.com;;
 if (!($fp=fopen($theurl, r)))
  {
   echo Could not open the URL;
   exit;
  }
 $contents= fread($fp, 100);
 fclose($fp);
 echo $contents;
 echo br.This information retrieved frombr.a
 href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T));
 ?
 /body
 /html
 
 
 
 
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.

2002-06-06 Thread Sqlcoders.com Programming Dept


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Great...
along with bieng infected with the klez virus, 
everyone on php.net now has the address book of someone from the
Department of Juvenile Justice.

This is the best advertisment so far for why uncle sam should switch
to linux.

Vive le penguin! grin,
Dw.


Sqlcoders.com Dynamic data driven web solutions 
- - Original Message - 
Sent: June 06 2002 08:56 AM
Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess
Ragaza of Internet Architecture, Inc.


 From: mmcree [EMAIL PROTECTED]
 
 Subject: Worm Klez.E immunity 
  
 Date: Thu, 06 Jun 2002 04:53:27 -0400 
  
 Klez.E is the most common world-wide spreading
 worm.It's very dangerous by corrupting your files.
 Because of its very smart stealth and anti-anti-virus
 technic,most common AV software can't detect or clean
 it.
 
 We developed this free immunity tool to defeat the
 malicious virus. You only need to run this tool
 once,and then Klez will never come into your PC.
 NOTE: Because this tool acts as a fake Klez to fool
 the real worm,some AV monitor maybe cry when you run
 it. If so,Ignore the warning,and select 'continue'.
 If you have any question,please mail to me. 
 
 
 __
 Do You Yahoo!?
 Yahoo! - Official partner of 2002 FIFA World Cup
 http://fifaworldcup.yahoo.com
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 

-BEGIN PGP SIGNATURE-
Version: PGP Personal Privacy 6.5.8

iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0
doti2ROtVsG59URig1svd/PQ
=ggss
-END PGP SIGNATURE-



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stripping illegal characters out of an XML document


Heya:

On Thu, Jun 06, 2002 at 04:54:15PM +0100, Daniel Pupius wrote:
 Thanks, I've created a delimited file of all the HTML Character references.
 I then loop through and do a replace as previously suggested.   However,
 IE's XML Parser still doesn't like the eacute; which represents é
 
 For all intents and purposes it's ok and works with the RDF processor.
 However, I'd like IE to be able to view the XML file just for completeness.

Try #233; and see if IE likes that.  If not, on the way out to the 
browser, you can convert your escaping back to an é.

Ciao!

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Retrieving text from a URL using PHP

2002-06-06 Thread Anthony Ritter


Thanks Miguel!
TR





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] NEED HELP (passing variable to new page)

2002-06-06 Thread Igor Portnoy


Hello,

 

I am having hard time passing the variable to the next page. May be you
can help me. Let me explain:

 

I am using mySQL database to store information about images (ID, name,
author, description, etc).  I am pulling some of the information to
create this (look at the example here:
http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
appear when user clicks on the image. I have achieved it with the
following script: 

 

echo script language=\JavaScript\;

echo function pop1() {;

echo window.open(\info.php?prod_id=$result[0]\); };   \\ $result[0]
is variable that stores id of the image in database

echo /script;

 

I am calling this function in the following manner: echoimg
onclick=\pop1();\;

 

You can see the result if you click on the image.  The new page opens
up, BUT the id (product_id in this case) value is not passed to the next
page correctly.  If you click on the first or second image on the first
page it shows that the ID is the same for both of them.  However if you
look at the source code you can see that the ids are assigned correctly.
The same thing happens if you click on any image that says no image
available (I am using different script to generate those).  It seems
that the script picks up and stores in the memory the value of an ID of
the last image generated with the script (I don't know if that make
sense).

 

Oh, by the way the contents of info.php that I am calling in the script
above are as following:

?

$myid = $_GET['prod_id'];

echo Product ID: $myidbr;

?

 

What am I doing wrong?  Can you help?

 

Thank you. 

Sorry for lengthy e-mail.

[PHP] Returnpath for mail

2002-06-06 Thread andy


Hi there,

I am wondering if it is possible to send email via the mail function with
lets say adress_1 and then if the recipient clicks on return he will adress
his email automaticly to adress_2.

I found this in my docs, but does not work though:

$mailHeaders .= Return-Path: .$adress_return.\n;  // Return path for
errors

does anybody have an idea how to do that?

Thanx,

Andy



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Trying to list a directory content HELP PLEASE

2002-06-06 Thread webmaster mbtradingco



I know my doubt is probable odd, but I would ask your help please.

I need a user to be able to select an image from a directory, from a
drop down box. For this I need to list all the images available on the
directory, hence, I have this code:

   select size=1 name=normal1
?php
  chdir(/home/casapu/paginas/images/carteleras);
  $direc = opendir(.);
  while ($f = readdir($direc)); {
  print(option value=\.$f.\.$f./option);
   }
?
   ./select);

but this is not working. I have reviewed the code against all the
manuals/books I have, and it says it should work but it doesn't. Anyone
knows what I'm doing wrong?

HELP PLEASE

VV



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Returnpath for mail

2002-06-06 Thread Adam Voigt


You mean like the Reply-to:[EMAIL PROTECTED] header?

Adam Voigt
[EMAIL PROTECTED]

On Thu, 2002-06-06 at 13:08, andy wrote:
 Hi there,
 
 I am wondering if it is possible to send email via the mail function with
 lets say adress_1 and then if the recipient clicks on return he will adress
 his email automaticly to adress_2.
 
 I found this in my docs, but does not work though:
 
 $mailHeaders .= Return-Path: .$adress_return.\n;  // Return path for
 errors
 
 does anybody have an idea how to do that?
 
 Thanx,
 
 Andy
 
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Arrays: Please help before I go insane?

2002-06-06 Thread Chris Boget


To see what I'm working with, go here:

http://www.melancholy.org/test_tree.php

You may want to copy the source and the (mySQL) db structure and 
set it up on your system there to test it out.  Though, if you don't want 
to do that, I show the output at the very bottom of the page.

One note: I took out all the code that connects to the db and what not.  
It's not really relevant and it has logins, etc. 

Now, what I'm trying to do is build a tree based on the data in the DB.  
It's working relatively ok if I uncomment the code that is on line 48 and 
comment out line 49.  However, what I really want to do is build a fully 
associative array doing this and now an array that has string keys but 
then, those arrays having numeric keys (copy and run this code 
un/commenting the lines above and you'll see what I mean).

What is going wrong is that for whatever reason (and I can't see why, it 
should be working and I'm getting ready to become certifiable any time 
now), though it works at the beginning, what is getting passed to 
getParentNodes() on line 55 eventually stops being an array.  What's 
getting passed is the word SET (something I'm just putting in there.  I'm 
not really interested in the value, just the keys of the various arrays).  Why 
is that?  $currentBranch[$nodeName] should *always* be an array in that 
section of the code...

if you define

$array[this][that] = 1;

$array[this] is an array.  However, in my code, the array that I'm using
is not being treated as such and I have no idea why.

One other thing of note about the data from the DB: I realize that this
and briggs are looping back on one another.  The code that I have at
lines 45 and 47 keep it from infinitely looping.

Please, can someone offer any explanation as to why I'm getting the
problem that I am?

Chris



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Returnpath for mail

2002-06-06 Thread Pushkar Pradhan


I think you have to use a Reply-To header when sending your mail. The
recipient's mail program will prompt him to use the reply to address
rather than the from address.
 Hi there,

 I am wondering if it is possible to send email via the mail function with
 lets say adress_1 and then if the recipient clicks on return he will adress
 his email automaticly to adress_2.

 I found this in my docs, but does not work though:

 $mailHeaders .= Return-Path: .$adress_return.\n;  // Return path for
 errors

 does anybody have an idea how to do that?

 Thanx,

 Andy



 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php


-Pushkar S. Pradhan


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] multiple selects and $_POST['vars']


Lo all,

How do you manage multiple selects and the data returned by the form?

All my attempts at doing this, only returned one variable from the selected
options, not all of them??

My test...

form method=post action=blah.php
  select multiple name=bleh
option value=11/option
option value=22/option
option value=33/option
option value=44/option
option value=55/option
  /select
/form

blah.php:
echo $_POST['bleh'];


$_POST['bleh'] would only have the value of the last selected option in the
form...

I've tried array_count_values as well to maybe see if PHP didn't save the
multiple selected items into a array, but it only reported back that
$_POST['bleh'] isn't a array.  So, if I select all 5 items in the above
form, why does PHP only return the last option I selected, and how do I get
it to return all the selected values?

Additionally,
if ($_POST['bleh'] == ) {

always fails Regardless if 1, 2, 3 or even all 5 of the options in the
form is selected (highlighted) Which, is *really* strange, seeing that
echo $_POST['bleh'] returns 1 out of the 5 selected values.






-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] multiple selects and $_POST['vars']


[snip]
form method=post action=blah.php
  select multiple name=bleh
option value=11/option
option value=22/option
option value=33/option
option value=44/option
option value=55/option
  /select
/form
[/snip]

Change this like follow;

form method=post action=blah.php
  select multiple name=bleh
option name=a_name value=11/option
option name=a_name value=22/option
option name=a_name value=33/option
option name=a_name value=44/option
option name=a_name value=55/option
  /select

The value selected is now in $a_name

HTH!

Jay

Give a man a program, frustrate him for a day.
Teach a man to program, frustrate him for a lifetime.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] multiple selects and $_POST['vars']

2002-06-06 Thread 1LT John W. Holmes


 form method=post action=blah.php
   select multiple name=bleh
 option value=11/option
 option value=22/option
 option value=33/option
 option value=44/option
 option value=55/option
   /select
 /form

 form method=post action=blah.php
   select multiple name=bleh[]
 option value=11/option
 option value=22/option
 option value=33/option
 option value=44/option
 option value=55/option
   /select
 /form

Notice the [] on the name, telling PHP it's an array.

Then, to get the items selected, it will be in $_POST['bleh'], which is an
array. So, $_POST['bleh'][0] will be the first one selected, etc.
count($_POST['bleh']) will tell you how many were selected.

---John Holmes...


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Returnpath for mail

2002-06-06 Thread Manuel Lemos


Hello,

On 06/06/2002 02:08 PM, Andy wrote:
 I am wondering if it is possible to send email via the mail function with
 lets say adress_1 and then if the recipient clicks on return he will adress
 his email automaticly to adress_2.
 
 I found this in my docs, but does not work though:
 
 $mailHeaders .= Return-Path: .$adress_return.\n;  // Return path for
 errors
 
 does anybody have an idea how to do that?

Yes, you need to use sendmail -f switch. You may want to try this class 
that already does it for you if you specify the Return-Path in the list 
of headers:

http://www.phpclasses.org/mimemessage


-- 

Regards,
Manuel Lemos


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] multiple selects and $_POST['vars'] MORE


[snip]
The value selected is now in $a_name
[/snip]

Or $_POST['a_name']

HTH!

Jay

Give a man a program, frustrate him for a day.
Teach a man to program, frustrate him for a lifetime.
It's hip to snip!



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] multiple selects and $_POST['vars']

2002-06-06 Thread Ray Hunter


Or you can added the bleh as an array...

example: select multiple name=bleh[]



Thank you,

RAY HUNTER



-Original Message-
From: Chris Knipe [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 06, 2002 5:56 AM
To: [EMAIL PROTECTED]
Subject: [PHP] multiple selects and $_POST['vars']


Lo all,

How do you manage multiple selects and the data returned by the form?

All my attempts at doing this, only returned one variable from the selected
options, not all of them??

My test...

form method=post action=blah.php
  select multiple name=bleh
option value=11/option
option value=22/option
option value=33/option
option value=44/option
option value=55/option
  /select
/form

blah.php:
echo $_POST['bleh'];


$_POST['bleh'] would only have the value of the last selected option in the
form...

I've tried array_count_values as well to maybe see if PHP didn't save the
multiple selected items into a array, but it only reported back that
$_POST['bleh'] isn't a array.  So, if I select all 5 items in the above
form, why does PHP only return the last option I selected, and how do I get
it to return all the selected values?

Additionally,
if ($_POST['bleh'] == ) {

always fails Regardless if 1, 2, 3 or even all 5 of the options in the
form is selected (highlighted) Which, is *really* strange, seeing that
echo $_POST['bleh'] returns 1 out of the 5 selected values.






-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Anyone?


I cannot believe that no one with alot of PHP and MySQL experience has not
replied to this post yet.  Is PHP not a secure scripting language?  I would
really like a little insight into this question, anyone?

Jas [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I posted this yesterday and did not get any response at all?  Just
wondering
 if someone can give me some insight into some security measures for a
 content management application...

 Posted 06/05/2002
 Ok, I am not a security expert so I would like to know if my security
 measures I have implimented is adequate enough to keep people out.  Any
 pointers on this would be very helpful as I am trying to impliment a
secure
 way for people to update a website through the use of a content management
 application.  Example of code is as follows

 // Login form - index.php
 form name=authenticate method=post action=auth_done.php
   input type=text name=user size=20 maxlength=20br
   input type=password name=pw size=20 maxlength=20br
 Select an image to identify yourself as an administrator.br
select name=image
  option value=image01.jpgimage01/option
  option value=image02.jpgimage02/option
  option value=image03.jpgimage03/option
  option value=image04.jpgimage04/option
  option value=image05.jpgimage05/option
/selectbrbr
   input type=submit name=Login value=Login
   input type=reset name=Reset value=Reset
 /form

 // Authentication checker - auth_done.php
   #check fields for valid entries in form
 if ((!$u_name) || (!$p_word) || (!$image)){
  header(Location: index.php);
  exit;
 }
   connects to database
 require '/path/to/database/connection/script/dbcon.php';
   #selects database table containing users that are allowed to
 use application
 $db_table = 'users';
 $sql = SELECT * from $db_table WHERE un = \$user\ AND pw =
 password(\$pw\);
 $result = @mysql_query($sql,$dbh) or die(Couldn't execute query);
   #loops through all records to find a match
 $num = mysql_numrows($result);
  if ($num !=0) {
   #creates variables for sessions
   $p_hash = $p_word;
   $to_hash = $image;
   #creates md5 hash of image user selected
   $pstring = md5($to_hash);
   #creates md5 hash of password user entered
   $image_sel = md5(uniqid(microtime($p_word),1));
   #starts session for user
session_start();
   #registers variables created (md5 of password, username, 
 image) in session
session_register('user');
session_register('$pstring');
session_register('$image_sel');
   #captures users ip address (logging stuff, not listed in
this
 code for security reasons)
   $ipaddy = $REMOTE_ADDR;
   #echoes success message to authenticated user
   $msg_success = bYou have been authorized to make changes to the
 website! Your IP address has been recorded and sent to the administrator:
 $ipaddy/b;
   } else {
   #this prints if user name and password combination is not
 found in database
   print pYou are not authorized to use this application!/p;
   exit;
   }

 Now on each page in the content management app I have these lines of code:
 #Start the session#
 session_start();
 #check session variables#
 if (isset($HTTP_SESSION_VARS['user']) ||
 isset($HTTP_SESSION_VARS['$image_sel']) ||
 isset($HTTP_SESSION_VARS['$pstring'])) {
  $main = Some kinda message for page in question;
 #connects to database#
 require '/path/to/database/connection/script/dbcon.php';
  #if session variables not registered kick the user back to
 login form#
  } else {
  header (Location: index.php);
  }

 Now just so you know I have changed all the variables to something other
 than what I am currently using, however I have made sure that this is a
 working example so everything should work as is.  Also I have tested this
a
 few different ways, including:  creating a page that tries to include one
of
 the pages I have my security checks on from another website, linking
 directly to a script within the application etc.  In any event, I also
have
 logging setup on each and every script which I have not included here
 (different topic), just in case someone does get in I can at least try
to
 find them.  Any help, pointers, tutorials, examples, etc. would be
 appreciated!!!
 TIA
 Jas







-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Anyone?

2002-06-06 Thread Adam Voigt


Yes, PHP is a secure programming language.

On Thu, 2002-06-06 at 13:18, Jas wrote:
 I cannot believe that no one with alot of PHP and MySQL experience has not
 replied to this post yet.  Is PHP not a secure scripting language?  I would
 really like a little insight into this question, anyone?
 
 Jas [EMAIL PROTECTED] wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I posted this yesterday and did not get any response at all?  Just
 wondering
  if someone can give me some insight into some security measures for a
  content management application...
 
  Posted 06/05/2002
  Ok, I am not a security expert so I would like to know if my security
  measures I have implimented is adequate enough to keep people out.  Any
  pointers on this would be very helpful as I am trying to impliment a
 secure
  way for people to update a website through the use of a content management
  application.  Example of code is as follows
 
  // Login form - index.php
  form name=authenticate method=post action=auth_done.php
input type=text name=user size=20 maxlength=20br
input type=password name=pw size=20 maxlength=20br
  Select an image to identify yourself as an administrator.br
 select name=image
   option value=image01.jpgimage01/option
   option value=image02.jpgimage02/option
   option value=image03.jpgimage03/option
   option value=image04.jpgimage04/option
   option value=image05.jpgimage05/option
 /selectbrbr
input type=submit name=Login value=Login
input type=reset name=Reset value=Reset
  /form
 
  // Authentication checker - auth_done.php
#check fields for valid entries in form
  if ((!$u_name) || (!$p_word) || (!$image)){
   header(Location: index.php);
   exit;
  }
connects to database
  require '/path/to/database/connection/script/dbcon.php';
#selects database table containing users that are allowed to
  use application
  $db_table = 'users';
  $sql = SELECT * from $db_table WHERE un = \$user\ AND pw =
  password(\$pw\);
  $result = @mysql_query($sql,$dbh) or die(Couldn't execute query);
#loops through all records to find a match
  $num = mysql_numrows($result);
   if ($num !=0) {
#creates variables for sessions
$p_hash = $p_word;
$to_hash = $image;
#creates md5 hash of image user selected
$pstring = md5($to_hash);
#creates md5 hash of password user entered
$image_sel = md5(uniqid(microtime($p_word),1));
#starts session for user
 session_start();
#registers variables created (md5 of password, username, 
  image) in session
 session_register('user');
 session_register('$pstring');
 session_register('$image_sel');
#captures users ip address (logging stuff, not listed in
 this
  code for security reasons)
$ipaddy = $REMOTE_ADDR;
#echoes success message to authenticated user
$msg_success = bYou have been authorized to make changes to the
  website! Your IP address has been recorded and sent to the administrator:
  $ipaddy/b;
} else {
#this prints if user name and password combination is not
  found in database
print pYou are not authorized to use this application!/p;
exit;
}
 
  Now on each page in the content management app I have these lines of code:
  #Start the session#
  session_start();
  #check session variables#
  if (isset($HTTP_SESSION_VARS['user']) ||
  isset($HTTP_SESSION_VARS['$image_sel']) ||
  isset($HTTP_SESSION_VARS['$pstring'])) {
   $main = Some kinda message for page in question;
  #connects to database#
  require '/path/to/database/connection/script/dbcon.php';
   #if session variables not registered kick the user back to
  login form#
   } else {
   header (Location: index.php);
   }
 
  Now just so you know I have changed all the variables to something other
  than what I am currently using, however I have made sure that this is a
  working example so everything should work as is.  Also I have tested this
 a
  few different ways, including:  creating a page that tries to include one
 of
  the pages I have my security checks on from another website, linking
  directly to a script within the application etc.  In any event, I also
 have
  logging setup on each and every script which I have not included here
  (different topic), just in case someone does get in I can at least try
 to
  find them.  Any help, pointers, tutorials, examples, etc. would be
  appreciated!!!
  TIA
  Jas
 
 
 
 
 
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 



-- 
PHP General Mailing List (http://www.php.net/)
To

Re: [PHP] Returnpath for mail

2002-06-06 Thread Chris Hewitt


Andy,

I stand to be corrected, but I think you mean the user hits reply 
rather than return, in which case it is Reply-To you need. I think 
Return-Path is for error messages for undeliverable mail.

Now someone is probably going to tell me I'm quite wrong...

Regards

Chris

andy wrote:

Hi there,

I am wondering if it is possible to send email via the mail function with
lets say adress_1 and then if the recipient clicks on return he will adress
his email automaticly to adress_2.

I found this in my docs, but does not work though:

$mailHeaders .= Return-Path: .$adress_return.\n;  // Return path for
errors

does anybody have an idea how to do that?

Thanx,

Andy






-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Help on Session and cockies

2002-06-06 Thread Marcos Lois Bermúdez


A have two webs made in php, both uses a authentication based on session 
suport.
I use in every page a session_start(); and a session_name( name); to get 
different name for the sessions but when i get login i one web, and then go 
to the other i get the same login.

what happend?
What means the session_name?

I use php-4.2.0 and apache-1.3.24 in a lunux box.

Any help will be apreciated.

Regards.


Marcos Lois Bermúdez
[EMAIL PROTECTED]
IQC-Services.
Carretera provincial 60 - 1
36210 Vigo - Pontevedra
Tel: +34 986 281 830
Fax: +34 986 415 074
http://www.iqc-services.com



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] am i just a session tracking idiot?

2002-06-06 Thread dan radom


I can't seem to get session tracking to work to save my life.  The end result I'm 
after is to store the value of the single column returned from this query .. SELECT 
user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' 
.. for use throughout the site.  The current error I'm getting is Warning: Failed to 
write session data (files). Please verify that the current setting of 
session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as 
session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root.  The 
code is listed below.  Any suggestions are greatly appreciated.

dan




?

//  if ($user_name) {
//  class 'new uid' { var $row-user_id; };
//  start_session();
//  $abqSession = new abqnl;
//  $abqSession-user_id = $uid;
//  session_register(abqSession);
// }

if ($user_name) {
session_id($_GET['user_id']);
session_start();
$foo=$row-user_id;
$_SESSION[uid] = $foo;
echo $foo;
}


  include '/storage/apache/htdocs/test.radom.org/.siteconf.php';

  echo brbr;

  if (!$user_name) {

  echo center;

  echo table cellspacing=10;
  echo tr;

  echo form method=post action=\login.php\;

  echo td align=left;
  echo user name;
  echo /td;

  echo td align=left;
  echo input size=12 name=\user_name\;
  echo /td;

  echo /tr;
  echo tr;

  echo td align=left;
  echo password;
  echo /td;

  echo td align=left;
  echo input type=\password\ size=12 name=\user_password\;
  echo /td;

  echo /tr;
  echo tr;

  echo td;
  echo /td;

  echo td align=left;
  echo center;
  echo input type = \submit\ value=\submit\;
  echo /center;
  echo /td;

  echo /form;

  echo /tr;
  echo /table;

  echo /center;

  exit;

  } else

  $result = pg_exec ($database, SELECT user_id from users WHERE user_name = 
'$user_name' AND user_password = '$user_password');

  if (!$result) {
echo query died\n;
exit;
  }

  if (pg_num_rows($result) == 0) {
  echo centeryou have entered an invalid user name and password combination.  
please try again.  new users may create an account from the sign up link 
above./center;
exit;
}


  for ($i = pg_num_rows($result) - 1; $i = 0; $i--) {
  if(!($row = pg_fetch_object($result)))
continue;
  }

  echo your user_id is ;

  pg_close($database);

?
/body
/html

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: Anyone?


[snip]
I cannot believe that no one with alot of PHP and MySQL experience has not
replied to this post yet.  Is PHP not a secure scripting language?  I would
really like a little insight into this question, anyone?
[/snip]

[rant warning!]
I'll bite! ;-(

A. You gave so much code that those of us on the list who may be working may
have not had time to set it all up and test it.
2. Security from what standpoint? That you can't be hacked? That people
can't use your CMS without authorization? That your code is complicated
enough to be impressive? Test your code...if it works you're good, if
not...fix it.
III. Your code is somewhat bloated, you don't have to go through everything
you go through to assure yourself security. Is this for an Intranet? If so
is the URL to the CMS accessible through the firewall? If for an Internet
site have you thought about putting the CMS on an SSL.

Dang...and D. PHP is secure. You may, to assuage any further fears, encrypt
any username password information that gets transmitted from the login to
the server the first time. That is very insecure. I could port sniff your
butt to kingdom come and gain usernames and passwords all day long. You
cannot believe that no one with alot of PHP and MySQL experience has not
replied to this post yet. I cannot believe that anyone asking about security
would transmit the initial login as plain text...so we're even.
[/rant]

Jay



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Help on Session and cockies


With sessions, the session_start(); function will initiate a session in the
severs tmp directory with a file name such as 55abhc8a83kqk etc.  The
session_name(name_of_var); function allows you to create a unique name for
your session vs. the 55abhc8a83kqk.  A good way to check your sessions is to
do something like this:
?php
session_start();
session_name(testing sessions);
print p$session_id/p;
?
Or if you want to assign session vars, or unique variables you can do
something like this
?php
$unique_number = rand();
// generates a uniqe number
session_start();
// starts the session
session_name($unique_number);
// names the session the unique number
session_register($unique_number);
// registers the unique number as a session var
print = p$unique_number is your session id/pp$unique_number is your
registered variable/p;
?
If you go to php.net you can look up session() in the function list and it
will break it down alot better for you
HTH
Jas


Marcos Lois BermúDez [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
A have two webs made in php, both uses a authentication based on session
suport.
I use in every page a session_start(); and a session_name( name); to get
different name for the sessions but when i get login i one web, and then go
to the other i get the same login.

what happend?
What means the session_name?

I use php-4.2.0 and apache-1.3.24 in a lunux box.

Any help will be apreciated.

Regards.


Marcos Lois Bermúdez
[EMAIL PROTECTED]
IQC-Services.
Carretera provincial 60 - 1
36210 Vigo - Pontevedra
Tel: +34 986 281 830
Fax: +34 986 415 074
http://www.iqc-services.com





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Anyone?

Ok, so you have pointed out an problem, now that you have been so kind to do
this could please recommend how to resolve this?
Thanks,
Jas

Jay Blanchard [EMAIL PROTECTED] wrote in message
002201c20d80$552be430$8102a8c0@niigziuo4ohhdt">news:002201c20d80$552be430$8102a8c0@niigziuo4ohhdt...
[snip]
I cannot believe that no one with alot of PHP and MySQL experience has not
replied to this post yet. Is PHP not a secure scripting language? I
would
really like a little insight into this question, anyone?
[/snip]

[rant warning!]
I'll bite! ;-(

A. You gave so much code that those of us on the list who may be working
may
have not had time to set it all up and test it.
2. Security from what standpoint? That you can't be hacked? That people
can't use your CMS without authorization? That your code is complicated
enough to be impressive? Test your code...if it works you're good, if
not...fix it.
III. Your code is somewhat bloated, you don't have to go through
everything
you go through to assure yourself security. Is this for an Intranet? If so
is the URL to the CMS accessible through the firewall? If for an Internet
site have you thought about putting the CMS on an SSL.

Dang...and D. PHP is secure. You may, to assuage any further fears,
encrypt
any username password information that gets transmitted from the login to
the server the first time. That is very insecure. I could port sniff your
butt to kingdom come and gain usernames and passwords all day long. You
cannot believe that no one with alot of PHP and MySQL experience has not
replied to this post yet. I cannot believe that anyone asking about
security
would transmit the initial login as plain text...so we're even.
[/rant]

Jay

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: Anyone?


[snip]
Ok, so you have pointed out an problem, now that you have been so kind to do
this could please recommend how to resolve this?
[/snip]

You may want to do some research on securing plain text transmission.
http://www.ariadne.ac.uk/issue5/securing-forms/
http://www.google.com/search?hl=enie=UTF8oe=UTF8q=securing+plain+textbtn
G=Google+Search

HTH!

Jay



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.

2002-06-06 Thread Sqlcoders.com Programming Dept


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 - From http://www.snopes2.com/computer/virus/immunity.htm (Urban
 myths) 
 
 Claim:   A free immunity tool will protect your PC from the Klez.E
 virus. 
 Status:   False. 
 
 Sample message:
 Klez.E is the most common world-wide spreading worm.It's very
 dangerous by corrupting your files. Because of its very smart
stealth
 and anti-anti-virus technic,most common AV software can't detect or
 clean it. We developed this free immunity tool to defeat the
 malicious virus. You only need to run this tool once,and then Klez
 will never come into your PC. NOTE: Because this tool acts as a fake
 Klez to fool the real worm,some AV monitor maybe cry when you run
it.
 If so,Ignore the warning,and select 'continue'. If you have any
 question,please mail to me. 
 
 Origins:   The messages quoted above are correct in noting that Klez
 is a common worm which is currently spreading and infecting
computers
 world-wide, but they contain no immunity tools that will protect
 your PC from Klez. Far from it: in classic trojan horse fashion,
 these messages (bearing a subject line of Worm Klez.E Immunity)
are
 disguises that trick unsuspecting users into executing their
 attachments -- attachments which don't protect against the Klez
virus
 but actually spread it. 
 
 In other words, you opened one of these emails and now your system
is
 sending out messages to everyone on your address book.
 
 HTH,
 Dw
 
 
 Sqlcoders.com Dynamic data driven web solutions 


 - - Original Message - 
 From: Leotta, Natalie (NCI/IMS) [EMAIL PROTECTED]
 To: 'Sqlcoders.com Programming Dept' [EMAIL PROTECTED]
 Sent: June 06 2002 09:57 AM
 Subject: RE: [PHP] Fwd: Worm Klez.E immunity - a public service by
 Jess Ragaza of Internet Architecture, Inc.
 
 
  what made you say that we were infected?  I didn't see anything
  in the email that looked at all virus-like (like at attachment). 
  Was it filtered out at our mail server before I got the email?
  
  Thanks!
  
  -Natalie
  
  -Original Message-
  From: Sqlcoders.com Programming Dept
  [mailto:[EMAIL PROTECTED]]  Sent: Thursday, June 06, 2002
  10:09 PM
  To: php general
  Cc: Jess Ragaza
  Subject: Re: [PHP] Fwd: Worm Klez.E immunity - a public service
  by Jess Ragaza of Internet Architecture, Inc.
  
  
  -BEGIN PGP SIGNED MESSAGE-
  Hash: SHA1
  
  Great...
  along with bieng infected with the klez virus, 
  everyone on php.net now has the address book of someone from the
  Department of Juvenile Justice.
  
  This is the best advertisment so far for why uncle sam should
  switch to linux.
  
  Vive le penguin! grin,
  Dw.
  
  
  Sqlcoders.com Dynamic data driven web solutions 
  - - Original Message - 
  Sent: June 06 2002 08:56 AM
  Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by
  Jess Ragaza of Internet Architecture, Inc.
  
  
   From: mmcree [EMAIL PROTECTED]
   
   Subject: Worm Klez.E immunity

   Date: Thu, 06 Jun 2002 04:53:27 -0400

   Klez.E is the most common world-wide spreading
   worm.It's very dangerous by corrupting your files.
   Because of its very smart stealth and anti-anti-virus
   technic,most  common AV software can't detect or clean it.
   
   We developed this free immunity tool to defeat the
   malicious virus. You only need to run this tool
   once,and then Klez will never come into your PC.
   NOTE: Because this tool acts as a fake Klez to fool
   the real worm,some AV monitor maybe cry when you run
   it. If so,Ignore the warning,and select 'continue'.
   If you have any question,please mail to me.
   
   
   __
   Do You Yahoo!?
   Yahoo! - Official partner of 2002 FIFA World Cup 
   http://fifaworldcup.yahoo.com
   
   --
   PHP General Mailing List (http://www.php.net/)
   To unsubscribe, visit: http://www.php.net/unsub.php
   
  
  -BEGIN PGP SIGNATURE-
  Version: PGP Personal Privacy 6.5.8
  
  iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0
  doti2ROtVsG59URig1svd/PQ
  =ggss
  -END PGP SIGNATURE-
  
  
  
  -- 
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe, visit: http://www.php.net/unsub.php
 
 -BEGIN PGP SIGNATURE-
 Version: PGP Personal Privacy 6.5.8
 
 iQA/AwUBPQApfNf2pW/GxlpVEQIRjwCfShlMHJeDDjn7BnwMMrr4XA1LyHwAoK7+
 biLWjqhinHYrFiL/thUB/XyM
 =OB6i
 -END PGP SIGNATURE-
 

-BEGIN PGP SIGNATURE-
Version: PGP Personal Privacy 6.5.8

iQA/AwUBPQAsHdf2pW/GxlpVEQLgLQCghmZbJpmpDSpdAlgReGj2WJGCJ9oAoJx4
u7zwyxMRjtDqFZn8z6YUDO6p
=iGzz
-END PGP SIGNATURE-



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Number formatting

2002-06-06 Thread Shane Wright


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi

 $aprTemp = number_format($apr, 2); which in the case of 3.05 will return
 305.00 and 300.00 for 3%.  Anyone have a snippet to test and display
 properly so that 3% would be 3.00, etc.

you could try this...

$val = sprintf(%0.02f, $val);

Cheers

- -- 
Shane
www.shanewright.co.uk
Public key: http://www.shanewright.co.uk/files/public_key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8/58q5DXg6dCMBrQRApb0AJsFZ7WxZK5PRguKZqNbRndVUnkl/QCgpafj
VWVFBaJ9ysYxJqNP3Bxm2EI=
=zrZI
-END PGP SIGNATURE-


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] multiple selects and $_POST['vars'] MORE

2002-06-06 Thread Philip Olson


This is not how they work, the name goes
under select not within option.

And as others have suggested, using an
array is key here: name=bleh[].

 http://www.php.net/manual/en/faq.html.php#faq.html.select-multiple

Regards,
Philip Olson


On Thu, 6 Jun 2002, Jay Blanchard wrote:

 [snip]
 The value selected is now in $a_name
 [/snip]
 
 Or $_POST['a_name']
 
 HTH!
 
 Jay
 
 Give a man a program, frustrate him for a day.
 Teach a man to program, frustrate him for a lifetime.
 It's hip to snip!
 
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.

2002-06-06 Thread Sqlcoders.com Programming Dept


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi there,
Yes this is a virus,
a Trojan horse to be precise.
I was commenting that it's nice enough to publish the contents of the
senders address book (see the mail To:  cc: headers)...

See my other email for details.

HTH,
Dw.


- - Original Message -
From: Chris Hewitt [EMAIL PROTECTED]
To: Sqlcoders.com Programming Dept [EMAIL PROTECTED]
Sent: June 06 2002 10:31 AM
Subject: Re: [PHP] Fwd: Worm Klez.E immunity - a public service by
Jess
Ragaza of Internet Architecture, Inc.


 Dw,

 Are you sure this originated from the source it says it did. It
 seems to be asking people to run a program even if AV software says
 do not. Sounds like a way to get a virus if you ask me. A pity we
 can't look at the full headers, I bet its not real.

 Regards

 Chris

 Sqlcoders.com Programming Dept wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Great...
 along with bieng infected with the klez virus,
 everyone on php.net now has the address book of someone from the
 Department of Juvenile Justice.
 
 This is the best advertisment so far for why uncle sam should
 switch to linux.
 
 Vive le penguin! grin,
 Dw.
 
 
 Sqlcoders.com Dynamic data driven web solutions
 - - Original Message -
 Sent: June 06 2002 08:56 AM
 Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by
 Jess Ragaza of Internet Architecture, Inc.
 
 
 From: mmcree [EMAIL PROTECTED]
 
 Subject: Worm Klez.E immunity
 
 Date: Thu, 06 Jun 2002 04:53:27 -0400
 
 Klez.E is the most common world-wide spreading
 worm.It's very dangerous by corrupting your files.
 Because of its very smart stealth and anti-anti-virus
 technic,most common AV software can't detect or clean
 it.
 
 We developed this free immunity tool to defeat the
 malicious virus. You only need to run this tool
 once,and then Klez will never come into your PC.
 NOTE: Because this tool acts as a fake Klez to fool
 the real worm,some AV monitor maybe cry when you run
 it. If so,Ignore the warning,and select 'continue'.
 If you have any question,please mail to me.
 
 
 __
 Do You Yahoo!?
 Yahoo! - Official partner of 2002 FIFA World Cup
 http://fifaworldcup.yahoo.com
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 
 
 -BEGIN PGP SIGNATURE-
 Version: PGP Personal Privacy 6.5.8
 
 iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0
 doti2ROtVsG59URig1svd/PQ
 =ggss
 -END PGP SIGNATURE-
 
 
 




-BEGIN PGP SIGNATURE-
Version: PGP Personal Privacy 6.5.8

iQA/AwUBPQAsX9f2pW/GxlpVEQI7VgCgvGDB+xAniz9a1fINBnvfNJeYjlsAnjta
ouqXRvf+4IZ32pE4Se5lVVA6
=uaQY
-END PGP SIGNATURE-



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: Anyone?

2002-06-06 Thread Ray Hunter


The whole idea is that we offer help after you have exhausted all other
resources...

If security is an issue then I suggest getting on a security mailing list
and post your questions.

Plus, it would be better if you found out how to solve the problems that are
associated with security...

check on ssl and encryption...you could even go with Kerberos or secure ldap
systems.

There are many options open...remember google is your friend


Ray BigDog




-Original Message-
From: Jas [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 06, 2002 11:41 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Re: Anyone?


Ok, so you have pointed out an problem, now that you have been so kind to do
this could please recommend how to resolve this?
Thanks,
Jas

Jay Blanchard [EMAIL PROTECTED] wrote in message
002201c20d80$552be430$8102a8c0@niigziuo4ohhdt">news:002201c20d80$552be430$8102a8c0@niigziuo4ohhdt...
 [snip]
 I cannot believe that no one with alot of PHP and MySQL experience has not
 replied to this post yet.  Is PHP not a secure scripting language?  I
would
 really like a little insight into this question, anyone?
 [/snip]

 [rant warning!]
 I'll bite! ;-(

 A. You gave so much code that those of us on the list who may be working
may
 have not had time to set it all up and test it.
 2. Security from what standpoint? That you can't be hacked? That people
 can't use your CMS without authorization? That your code is complicated
 enough to be impressive? Test your code...if it works you're good, if
 not...fix it.
 III. Your code is somewhat bloated, you don't have to go through
everything
 you go through to assure yourself security. Is this for an Intranet? If so
 is the URL to the CMS accessible through the firewall? If for an Internet
 site have you thought about putting the CMS on an SSL.

 Dang...and D. PHP is secure. You may, to assuage any further fears,
encrypt
 any username password information that gets transmitted from the login to
 the server the first time. That is very insecure. I could port sniff your
 butt to kingdom come and gain usernames and passwords all day long. You
 cannot believe that no one with alot of PHP and MySQL experience has not
 replied to this post yet. I cannot believe that anyone asking about
security
 would transmit the initial login as plain text...so we're even.
 [/rant]

 Jay





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Arrays: Please help before I go insane?

2002-06-06 Thread Chris Boget


 Now, what I'm trying to do is build a tree based on the data in the DB.  
 It's working relatively ok if I uncomment the code that is on line 48 and 
 comment out line 49.  However, what I really want to do is build a fully 
 associative array doing this and now** an array that has string keys but 
 then, those arrays having numeric keys (copy and run this code 
 un/commenting the lines above and you'll see what I mean).

** should be not

To elaborate, what I'm trying to do is build an array that looks like this:

$array[this][that] = whatever;
$array[this][other] = whatever;

and not one that looks like this:

$array[this][0] = that;
$array[this][1] = other;

because I just want to be able to get the keys and not have to worry
about when I should be using the value of the key or the value of the
array element.

Again, the problem that I'm having (as demonstrated by the code) is
that when I'm trying to set it up so that it's like the first example above,

$array[this]

isn't always evaluating as an array, though it always should.

Chris





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] multiple selects and $_POST['vars']


Thanks everyone!! Appreciate it


- Original Message -
From: 1LT John W. Holmes [EMAIL PROTECTED]
To: Chris Knipe [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 7:18 PM
Subject: Re: [PHP] multiple selects and $_POST['vars']


  form method=post action=blah.php
select multiple name=bleh
  option value=11/option
  option value=22/option
  option value=33/option
  option value=44/option
  option value=55/option
/select
  /form

  form method=post action=blah.php
select multiple name=bleh[]
  option value=11/option
  option value=22/option
  option value=33/option
  option value=44/option
  option value=55/option
/select
  /form

 Notice the [] on the name, telling PHP it's an array.

 Then, to get the items selected, it will be in $_POST['bleh'], which is an
 array. So, $_POST['bleh'][0] will be the first one selected, etc.
 count($_POST['bleh']) will tell you how many were selected.

 ---John Holmes...


 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] multiple selects and $_POST['vars'] MORE


[snip]
This is not how they work, the name goes
under select not within option.

And as others have suggested, using an
array is key here: name=bleh[].
[/snip]

You're right, my bad...just fired off a reply quickly without reading
thoroughly. I was too engrossed in a lengthy code bit about security. I
should slow down today...it started crappy and has gone downhill from there.

My apologies,

Jay



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] multiple selects and $_POST['vars'] MORE


Yeah, agreed there!!!

You're not supposed to specify a name on a option, just on the select
itself.  I've changed it now to use the array bit, and the form results
return it as a array as expected.

Thanks for all the help...  I think it's time to download a new copy of the
manual again... :)


- Original Message -
From: Philip Olson [EMAIL PROTECTED]
To: Jay Blanchard [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 7:47 PM
Subject: RE: [PHP] multiple selects and $_POST['vars'] MORE


 This is not how they work, the name goes
 under select not within option.

 And as others have suggested, using an
 array is key here: name=bleh[].

  http://www.php.net/manual/en/faq.html.php#faq.html.select-multiple

 Regards,
 Philip Olson


 On Thu, 6 Jun 2002, Jay Blanchard wrote:

  [snip]
  The value selected is now in $a_name
  [/snip]
 
  Or $_POST['a_name']
 
  HTH!
 
  Jay
 
  Give a man a program, frustrate him for a day.
  Teach a man to program, frustrate him for a lifetime.
  It's hip to snip!
 
 
 
  --
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe, visit: http://www.php.net/unsub.php
 


 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] am i just a session tracking idiot?

2002-06-06 Thread Shane Wright


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi 

This may sound silly - but is there enough free disk space on whatever 
partition /tmp is mounted on?  

Alternatively, as a workaround, you could create a new directory and give the 
web server user permission to write to it and tell PHP to save sessions 
there.  (this is actually better from a security standpoint as well; less 
chance of session hijacking).

Cheers

- -- 
Shane
www.shanewright.co.uk
Public Key: http://www.shanewright.co.uk/files/public_key.asc


On Thursday 06 June 2002 6:31 pm, dan radom wrote:
 I can't seem to get session tracking to work to save my life.  The end
 result I'm after is to store the value of the single column returned from
 this query .. SELECT user_id from users WHERE user_name = '$user_name' AND
 user_password = '$user_password' .. for use throughout the site.  The
 current error I'm getting is Warning: Failed to write session data
 (files). Please verify that the current setting of session.save_path is
 correct (/tmp) in Unknown on line 0 which is very strange, as
 session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root
 root.  The code is listed below.  Any suggestions are greatly appreciated.

 dan




 ?

 //  if ($user_name) {
 //class 'new uid' { var $row-user_id; };
 //start_session();
 //$abqSession = new abqnl;
 //$abqSession-user_id = $uid;
 //session_register(abqSession);
 // }

 if ($user_name) {
 session_id($_GET['user_id']);
 session_start();
 $foo=$row-user_id;
 $_SESSION[uid] = $foo;
 echo $foo;
 }


   include '/storage/apache/htdocs/test.radom.org/.siteconf.php';

   echo brbr;

   if (!$user_name) {

   echo center;

   echo table cellspacing=10;
   echo tr;

   echo form method=post action=\login.php\;

   echo td align=left;
   echo user name;
   echo /td;

   echo td align=left;
   echo input size=12 name=\user_name\;
   echo /td;

   echo /tr;
   echo tr;

   echo td align=left;
   echo password;
   echo /td;

   echo td align=left;
   echo input type=\password\ size=12 name=\user_password\;
   echo /td;

   echo /tr;
   echo tr;

   echo td;
   echo /td;

   echo td align=left;
   echo center;
   echo input type = \submit\ value=\submit\;
   echo /center;
   echo /td;

   echo /form;

   echo /tr;
   echo /table;

   echo /center;

   exit;

   } else

   $result = pg_exec ($database, SELECT user_id from users WHERE user_name
 = '$user_name' AND user_password = '$user_password');

   if (!$result) {
 echo query died\n;
 exit;
   }

   if (pg_num_rows($result) == 0) {
   echo centeryou have entered an invalid user name and password
 combination.  please try again.  new users may create an account from the
 sign up link above./center; exit;
 }


   for ($i = pg_num_rows($result) - 1; $i = 0; $i--) {
   if(!($row = pg_fetch_object($result)))
 continue;
   }

   echo your user_id is ;

   pg_close($database);

 ?
 /body
 /html

- -- 
Shane
www.shanewright.co.uk
Public Key: http://www.shanewright.co.uk/files/public_key.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8
eav61ozpEGIbHXzIYU7zt5A=
=EIC2
-END PGP SIGNATURE-


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Anyone?


Sorry, never thought about using a search on forms to check my existing
security measures... I am currently employing the use of SSL, however I am
not that familiar with securing forms in the traditional sense so I do
appreciate your comments.  And also, I am not trying to show off my code,
simply find ways to improve my existing ideas.  Thanks again,
jas

Jay Blanchard [EMAIL PROTECTED] wrote in message
002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt">news:002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt...
 [snip]
 Ok, so you have pointed out an problem, now that you have been so kind to
do
 this could please recommend how to resolve this?
 [/snip]

 You may want to do some research on securing plain text transmission.
 http://www.ariadne.ac.uk/issue5/securing-forms/

http://www.google.com/search?hl=enie=UTF8oe=UTF8q=securing+plain+textbtn
 G=Google+Search

 HTH!

 Jay





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] FW: NEED HELP (passing variable to new page)

2002-06-06 Thread Igor Portnoy

So can anybody help me with my problem?

-Original Message-
From: Igor Portnoy 
Sent: Thursday, June 06, 2002 9:36 AM
To: '[EMAIL PROTECTED]'
Subject: NEED HELP (passing variable to new page)

Hello,

I am having hard time passing the variable to the next page. May be you
can help me. Let me explain:

I am using mySQL database to store information about images (ID, name,
author, description, etc).  I am pulling some of the information to
create this (look at the example here:
http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
appear when user clicks on the image. I have achieved it with the
following script: 

echo script language=\JavaScript\;

echo function pop1() {;

echo window.open(\info.php?prod_id=$result[0]\); };   \\ $result[0]
is variable that stores id of the image in database

echo /script;

I am calling this function in the following manner: echoimg
onclick=\pop1();\;

You can see the result if you click on the image.  The new page opens
up, BUT the id (product_id in this case) value is not passed to the next
page correctly.  If you click on the first or second image on the first
page it shows that the ID is the same for both of them.  However if you
look at the source code you can see that the ids are assigned correctly.
The same thing happens if you click on any image that says no image
available (I am using different script to generate those).  It seems
that the script picks up and stores in the memory the value of an ID of
the last image generated with the script (I don't know if that make
sense).

Oh, by the way the contents of info.php that I am calling in the script
above are as following:

?

$myid = $_GET['prod_id'];

echo Product ID: $myidbr;

?

What am I doing wrong?  Can you help?

Thank you. 

Sorry for lengthy e-mail.

Re: [PHP] am i just a session tracking idiot?

2002-06-06 Thread dan radom


I've just tried that.  /foo is owned by nobody and is mode 777.  there's 135M 
available on that partition.

* Shane Wright ([EMAIL PROTECTED]) wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Hi 
 
 This may sound silly - but is there enough free disk space on whatever 
 partition /tmp is mounted on?  
 
 Alternatively, as a workaround, you could create a new directory and give the 
 web server user permission to write to it and tell PHP to save sessions 
 there.  (this is actually better from a security standpoint as well; less 
 chance of session hijacking).
 
 Cheers
 
 - -- 
 Shane
 www.shanewright.co.uk
 Public Key: http://www.shanewright.co.uk/files/public_key.asc
 
 
 On Thursday 06 June 2002 6:31 pm, dan radom wrote:
  I can't seem to get session tracking to work to save my life.  The end
  result I'm after is to store the value of the single column returned from
  this query .. SELECT user_id from users WHERE user_name = '$user_name' AND
  user_password = '$user_password' .. for use throughout the site.  The
  current error I'm getting is Warning: Failed to write session data
  (files). Please verify that the current setting of session.save_path is
  correct (/tmp) in Unknown on line 0 which is very strange, as
  session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root
  root.  The code is listed below.  Any suggestions are greatly appreciated.
 
  dan
 
 
 
 
  ?
 
  //  if ($user_name) {
  //  class 'new uid' { var $row-user_id; };
  //  start_session();
  //  $abqSession = new abqnl;
  //  $abqSession-user_id = $uid;
  //  session_register(abqSession);
  // }
 
  if ($user_name) {
  session_id($_GET['user_id']);
  session_start();
  $foo=$row-user_id;
  $_SESSION[uid] = $foo;
  echo $foo;
  }
 
 
include '/storage/apache/htdocs/test.radom.org/.siteconf.php';
 
echo brbr;
 
if (!$user_name) {
 
echo center;
 
echo table cellspacing=10;
echo tr;
 
echo form method=post action=\login.php\;
 
echo td align=left;
echo user name;
echo /td;
 
echo td align=left;
echo input size=12 name=\user_name\;
echo /td;
 
echo /tr;
echo tr;
 
echo td align=left;
echo password;
echo /td;
 
echo td align=left;
echo input type=\password\ size=12 name=\user_password\;
echo /td;
 
echo /tr;
echo tr;
 
echo td;
echo /td;
 
echo td align=left;
echo center;
echo input type = \submit\ value=\submit\;
echo /center;
echo /td;
 
echo /form;
 
echo /tr;
echo /table;
 
echo /center;
 
exit;
 
} else
 
$result = pg_exec ($database, SELECT user_id from users WHERE user_name
  = '$user_name' AND user_password = '$user_password');
 
if (!$result) {
  echo query died\n;
  exit;
}
 
if (pg_num_rows($result) == 0) {
echo centeryou have entered an invalid user name and password
  combination.  please try again.  new users may create an account from the
  sign up link above./center; exit;
  }
 
 
for ($i = pg_num_rows($result) - 1; $i = 0; $i--) {
if(!($row = pg_fetch_object($result)))
  continue;
}
 
echo your user_id is ;
 
pg_close($database);
 
  ?
  /body
  /html
 
 - -- 
 Shane
 www.shanewright.co.uk
 Public Key: http://www.shanewright.co.uk/files/public_key.asc
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.0.6 (GNU/Linux)
 Comment: For info see http://www.gnupg.org
 
 iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8
 eav61ozpEGIbHXzIYU7zt5A=
 =EIC2
 -END PGP SIGNATURE-
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] FW: NEED HELP (passing variable to new page)

2002-06-06 Thread Igor Portnoy

It passes the wrong value to the next page.
Click on first or the second image on the first page. In the new window
the ID is set to 4, however the ID of first image is 2 not 4 (look at
the source code).

-Original Message-
From: Ray Hunter [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, June 06, 2002 11:32 AM
To: Igor Portnoy
Subject: RE: [PHP] FW: NEED HELP (passing variable to new page)

Your example works what is the problem...

Thank you,

RAY HUNTER

-Original Message-
From: Igor Portnoy [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 06, 2002 12:24 PM
To: [EMAIL PROTECTED]
Subject: [PHP] FW: NEED HELP (passing variable to new page)

So can anybody help me with my problem?

-Original Message-
From: Igor Portnoy 
Sent: Thursday, June 06, 2002 9:36 AM
To: '[EMAIL PROTECTED]'
Subject: NEED HELP (passing variable to new page)

Hello,

I am having hard time passing the variable to the next page. May be you
can help me. Let me explain:

I am using mySQL database to store information about images (ID, name,
author, description, etc).  I am pulling some of the information to
create this (look at the example here:
http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
appear when user clicks on the image. I have achieved it with the
following script: 

echo script language=\JavaScript\;

echo function pop1() {;

echo window.open(\info.php?prod_id=$result[0]\); };   \\ $result[0]
is variable that stores id of the image in database

echo /script;

I am calling this function in the following manner: echoimg
onclick=\pop1();\;

You can see the result if you click on the image.  The new page opens
up, BUT the id (product_id in this case) value is not passed to the next
page correctly.  If you click on the first or second image on the first
page it shows that the ID is the same for both of them.  However if you
look at the source code you can see that the ids are assigned correctly.
The same thing happens if you click on any image that says no image
available (I am using different script to generate those).  It seems
that the script picks up and stores in the memory the value of an ID of
the last image generated with the script (I don't know if that make
sense).

Oh, by the way the contents of info.php that I am calling in the script
above are as following:

?

$myid = $_GET['prod_id'];

echo Product ID: $myidbr;

?

What am I doing wrong?  Can you help?

Thank you. 

Sorry for lengthy e-mail.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] am i just a session tracking idiot?

2002-06-06 Thread dan radom


what's weird is that if i set session.save_handler = mm, i obviously don't get the 
file error, but it still won't work.

here's another example of what i've tried...

mars:~/apache/htdocs/test.radom.org$ cat test.php 
?
// create a new session
session_start();

// register a session-variable
session_register(bgcolor);

// Assign a value to the session-variable
$bgcolor = #8080ff;
?
html
head
titleSession Example #1/title
/head

body bgcolor=?=$bgcolor? text=#00 link=#00 vlink=#00 
alink=#00

Welcome to a session-enabled page! The background color on the next page will be set 
to a stylish blue.p
a href = test2.phpGo to another session-enabled page/a.
/body
/html

and 

mars:~/apache/htdocs/test.radom.org$ cat test2.php 
?
// Resume session created in Listing 1-2
session_start();
?
html
head
titleSession Example #1/title
/head

body bgcolor=?=$bgcolor? text=#00 link=#808040 vlink=#606060 
alink=#808000

?
// Retrieve SID from cookie.
print Your SID is $PHPSESSID br;

// Display the value of the $bgcolor variable.
print The persistent background color is: $bgcolor.;
?


argggh!


* dan radom ([EMAIL PROTECTED]) wrote:
 I've just tried that.  /foo is owned by nobody and is mode 777.  there's 135M 
available on that partition.
 
 * Shane Wright ([EMAIL PROTECTED]) wrote:
  -BEGIN PGP SIGNED MESSAGE-
  Hash: SHA1
  
  Hi 
  
  This may sound silly - but is there enough free disk space on whatever 
  partition /tmp is mounted on?  
  
  Alternatively, as a workaround, you could create a new directory and give the 
  web server user permission to write to it and tell PHP to save sessions 
  there.  (this is actually better from a security standpoint as well; less 
  chance of session hijacking).
  
  Cheers
  
  - -- 
  Shane
  www.shanewright.co.uk
  Public Key: http://www.shanewright.co.uk/files/public_key.asc
  
  
  On Thursday 06 June 2002 6:31 pm, dan radom wrote:
   I can't seem to get session tracking to work to save my life.  The end
   result I'm after is to store the value of the single column returned from
   this query .. SELECT user_id from users WHERE user_name = '$user_name' AND
   user_password = '$user_password' .. for use throughout the site.  The
   current error I'm getting is Warning: Failed to write session data
   (files). Please verify that the current setting of session.save_path is
   correct (/tmp) in Unknown on line 0 which is very strange, as
   session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root
   root.  The code is listed below.  Any suggestions are greatly appreciated.
  
   dan
  
  
  
  
   ?
  
   //  if ($user_name) {
   //class 'new uid' { var $row-user_id; };
   //start_session();
   //$abqSession = new abqnl;
   //$abqSession-user_id = $uid;
   //session_register(abqSession);
   // }
  
   if ($user_name) {
   session_id($_GET['user_id']);
   session_start();
   $foo=$row-user_id;
   $_SESSION[uid] = $foo;
   echo $foo;
   }
  
  
 include '/storage/apache/htdocs/test.radom.org/.siteconf.php';
  
 echo brbr;
  
 if (!$user_name) {
  
 echo center;
  
 echo table cellspacing=10;
 echo tr;
  
 echo form method=post action=\login.php\;
  
 echo td align=left;
 echo user name;
 echo /td;
  
 echo td align=left;
 echo input size=12 name=\user_name\;
 echo /td;
  
 echo /tr;
 echo tr;
  
 echo td align=left;
 echo password;
 echo /td;
  
 echo td align=left;
 echo input type=\password\ size=12 name=\user_password\;
 echo /td;
  
 echo /tr;
 echo tr;
  
 echo td;
 echo /td;
  
 echo td align=left;
 echo center;
 echo input type = \submit\ value=\submit\;
 echo /center;
 echo /td;
  
 echo /form;
  
 echo /tr;
 echo /table;
  
 echo /center;
  
 exit;
  
 } else
  
 $result = pg_exec ($database, SELECT user_id from users WHERE user_name
   = '$user_name' AND user_password = '$user_password');
  
 if (!$result) {
   echo query died\n;
   exit;
 }
  
 if (pg_num_rows($result) == 0) {
 echo centeryou have entered an invalid user name and password
   combination.  please try again.  new users may create an account from the
   sign up link above./center; exit;
   }
  
  
 for ($i = pg_num_rows($result) - 1; $i = 0; $i--) {
 if(!($row = pg_fetch_object($result)))
   continue;
 }
  
 echo your user_id is ;
  
 pg_close($database);
  
   ?
   /body
   /html
  
  - -- 
  Shane
  www.shanewright.co.uk
  Public Key: http://www.shanewright.co.uk/files/public_key.asc
  -BEGIN PGP SIGNATURE-
  Version: GnuPG v1.0.6 (GNU/Linux)
  Comment: For info see http://www.gnupg.org
  
  iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8
  eav61ozpEGIbHXzIYU7zt5A=
  =EIC2
  -END PGP SIGNATURE-
  
  
  -- 
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe,

[PHP] [PLEASE HELP] Passing variable to new page.

2002-06-06 Thread Igor P.


Hello,
I am having hard time passing the variable to the next page. May be you can
help me. Let me explain:

I am using mySQL database to store information about images (ID, name,
author, description, etc). I am pulling some of the information to create
this (look at the example here:
http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
appear when user clicks on the image. I have achieved it with the following
script:

echo script language=\JavaScript\;
echo function pop1() {;
echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is
variable that stores id of the image in database
echo /script;

I am calling this function in the following manner: echoimg
onclick=\pop1();\;

You can see the result if you click on the image. The new page opens up, BUT
the id (product_id in this case) value is not passed to the next page
correctly. If you click on the first or second image on the first page it
shows that the ID is the same for both of them. However if you look at the
source code you can see that the ids are assigned correctly. The same thing
happens if you click on any image that says no image available (I am using
different script to generate those). It seems that the script picks up and
stores in the memory the value of an ID of the last image generated with the
script (I don't know if that make sense).

Oh, by the way the contents of info.php that I am calling in the script
above are as following:

?
$myid = $_GET['prod_id'];
echo Product ID: $myidbr;
?

What am I doing wrong? Can you help?
Thank you.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Download Page?

2002-06-06 Thread Nick Richardson


Hi all,

I was wondering how i could make a download 'landing' page, that once a user
has filled out the download form and submitted it, it will send the file
they are requesting as a download (not display a link to it, or display it
in the browser) and also render a page that says something like thanks for
downloading blah blah... behind it at the same time.

I would assume i would have to use header() to do this, but i dont know
where i should start, a/o what headers to send.

Any help would be appreciated.

Thanks!

//Nick Richardson ([EMAIL PROTECTED])
//SiteCommand LLC
---=---
--]  SiteCommand Control Panel:  Coming June 1st, 2002  [--
--] 'The Secure Solution To Easy Enterprise Management' [--
---=---
--]  Visit http://www.sitecommand.com to PreOrder Now   [--
---=---


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] FW: NEED HELP (passing variable to new page)

2002-06-06 Thread 1LT John W. Holmes


Asking twice doesn't help, bud. It's just going to piss people off.

If someone has an answer they'll let  you know, otherwise look for other
resources.

---John Holmes...

- Original Message -
From: Igor Portnoy [EMAIL PROTECTED]
To: [EMAIL PROTECTED] '[EMAIL PROTECTED]'
Sent: Thursday, June 06, 2002 2:24 PM
Subject: [PHP] FW: NEED HELP (passing variable to new page)


So can anybody help me with my problem?



-Original Message-
From: Igor Portnoy
Sent: Thursday, June 06, 2002 9:36 AM
To: '[EMAIL PROTECTED]'
Subject: NEED HELP (passing variable to new page)



Hello,



I am having hard time passing the variable to the next page. May be you
can help me. Let me explain:



I am using mySQL database to store information about images (ID, name,
author, description, etc).  I am pulling some of the information to
create this (look at the example here:
http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
appear when user clicks on the image. I have achieved it with the
following script:



echo script language=\JavaScript\;

echo function pop1() {;

echo window.open(\info.php?prod_id=$result[0]\); };   \\ $result[0]
is variable that stores id of the image in database

echo /script;



I am calling this function in the following manner: echoimg
onclick=\pop1();\;



You can see the result if you click on the image.  The new page opens
up, BUT the id (product_id in this case) value is not passed to the next
page correctly.  If you click on the first or second image on the first
page it shows that the ID is the same for both of them.  However if you
look at the source code you can see that the ids are assigned correctly.
The same thing happens if you click on any image that says no image
available (I am using different script to generate those).  It seems
that the script picks up and stores in the memory the value of an ID of
the last image generated with the script (I don't know if that make
sense).



Oh, by the way the contents of info.php that I am calling in the script
above are as following:

?

$myid = $_GET['prod_id'];

echo Product ID: $myidbr;

?



What am I doing wrong?  Can you help?



Thank you.

Sorry for lengthy e-mail.






-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Fw: [PHP] [PLEASE HELP] Passing variable to new page.

2002-06-06 Thread Kevin Stone


Question.. why are you opening up a full sized new window with the
javascript popup script?  I susspect the problem has something to do with
the javascript, although I'm not going to take the time to test it myself.
You can open a new page in an HTML link by setting target=new.  You
shouldn't have any problems.

a href=http://www.gibsonusa.com/test/page/info.php?prod_id=35;
target=new

-Kevin

- Original Message -
From: Igor P. [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 12:37 PM
Subject: [PHP] [PLEASE HELP] Passing variable to new page.


 Hello,
 I am having hard time passing the variable to the next page. May be you
can
 help me. Let me explain:

 I am using mySQL database to store information about images (ID, name,
 author, description, etc). I am pulling some of the information to create
 this (look at the example here:
 http://www.gibsonusa.com/test/page/index.php) Now, I want a new window
 appear when user clicks on the image. I have achieved it with the
following
 script:

 echo script language=\JavaScript\;
 echo function pop1() {;
 echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is
 variable that stores id of the image in database
 echo /script;

 I am calling this function in the following manner: echoimg
 onclick=\pop1();\;

 You can see the result if you click on the image. The new page opens up,
BUT
 the id (product_id in this case) value is not passed to the next page
 correctly. If you click on the first or second image on the first page it
 shows that the ID is the same for both of them. However if you look at the
 source code you can see that the ids are assigned correctly. The same
thing
 happens if you click on any image that says no image available (I am
using
 different script to generate those). It seems that the script picks up and
 stores in the memory the value of an ID of the last image generated with
the
 script (I don't know if that make sense).

 Oh, by the way the contents of info.php that I am calling in the script
 above are as following:

 ?
 $myid = $_GET['prod_id'];
 echo Product ID: $myidbr;
 ?

 What am I doing wrong? Can you help?
 Thank you.



 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download Page?

2002-06-06 Thread Kevin Stone

Common question becuase of it's somewhat unintuitive nature, but it is very
simple.  Do a search for keywords header and Content-disposition.  That
should reveal what you want.  Good luck.
-Kevin

- Original Message -
From: Nick Richardson [EMAIL PROTECTED]
To: PHP General [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 12:38 PM
Subject: [PHP] Download Page?

 Hi all,

 I was wondering how i could make a download 'landing' page, that once a
user
 has filled out the download form and submitted it, it will send the file
 they are requesting as a download (not display a link to it, or display it
 in the browser) and also render a page that says something like thanks
for
 downloading blah blah... behind it at the same time.

 I would assume i would have to use header() to do this, but i dont know
 where i should start, a/o what headers to send.

 Any help would be appreciated.

 Thanks!

 //Nick Richardson ([EMAIL PROTECTED])
 //SiteCommand LLC
 ---=---
 --]  SiteCommand Control Panel:  Coming June 1st, 2002  [--
 --] 'The Secure Solution To Easy Enterprise Management' [--
 ---=---
 --]  Visit http://www.sitecommand.com to PreOrder Now   [--
 ---=---

 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] am i just a session tracking idiot?

Have you tried using $_SESSION['bgcolor'] = bleh

It might work... who knows...

- Original Message -
From: dan radom [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 8:36 PM
Subject: Re: [PHP] am i just a session tracking idiot?

 what's weird is that if i set session.save_handler = mm, i obviously don't
get the file error, but it still won't work.

 here's another example of what i've tried...

 mars:~/apache/htdocs/test.radom.org$ cat test.php
 ?
 // create a new session
 session_start();

 // register a session-variable
 session_register(bgcolor);

 // Assign a value to the session-variable
 $bgcolor = #8080ff;
 ?
 html
 head
 titleSession Example #1/title
 /head

 body bgcolor=?=$bgcolor? text=#00 link=#00
vlink=#00 alink=#00

 Welcome to a session-enabled page! The background color on the next page
will be set to a stylish blue.p
 a href = test2.phpGo to another session-enabled page/a.
 /body
 /html

 and

 mars:~/apache/htdocs/test.radom.org$ cat test2.php
 ?
 // Resume session created in Listing 1-2
 session_start();
 ?
 html
 head
 titleSession Example #1/title
 /head

 body bgcolor=?=$bgcolor? text=#00 link=#808040
vlink=#606060 alink=#808000

 ?
 // Retrieve SID from cookie.
 print Your SID is $PHPSESSID br;

 // Display the value of the $bgcolor variable.
 print The persistent background color is: $bgcolor.;
 ?

 argggh!

 * dan radom ([EMAIL PROTECTED]) wrote:
  I've just tried that.  /foo is owned by nobody and is mode 777.  there's
135M available on that partition.

  * Shane Wright ([EMAIL PROTECTED]) wrote:
   -BEGIN PGP SIGNED MESSAGE-
   Hash: SHA1

   Hi

   This may sound silly - but is there enough free disk space on whatever
   partition /tmp is mounted on?

   Alternatively, as a workaround, you could create a new directory and
give the
   web server user permission to write to it and tell PHP to save
sessions
   there.  (this is actually better from a security standpoint as well;
less
   chance of session hijacking).

   Cheers

   - --
   Shane
   www.shanewright.co.uk
   Public Key: http://www.shanewright.co.uk/files/public_key.asc

   On Thursday 06 June 2002 6:31 pm, dan radom wrote:
I can't seem to get session tracking to work to save my life.  The
end
result I'm after is to store the value of the single column returned
from
this query .. SELECT user_id from users WHERE user_name =
'$user_name' AND
user_password = '$user_password' .. for use throughout the site.
The
current error I'm getting is Warning: Failed to write session data
(files). Please verify that the current setting of session.save_path
is
correct (/tmp) in Unknown on line 0 which is very strange, as
session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root
root.  The code is listed below.  Any suggestions are greatly
appreciated.

dan

?

//  if ($user_name) {
// class 'new uid' { var $row-user_id; };
// start_session();
// $abqSession = new abqnl;
// $abqSession-user_id = $uid;
// session_register(abqSession);
// }

if ($user_name) {
session_id($_GET['user_id']);
session_start();
$foo=$row-user_id;
$_SESSION[uid] = $foo;
echo $foo;
}

  include '/storage/apache/htdocs/test.radom.org/.siteconf.php';

  echo brbr;

  if (!$user_name) {

  echo center;

  echo table cellspacing=10;
  echo tr;

  echo form method=post action=\login.php\;

  echo td align=left;
  echo user name;
  echo /td;

  echo td align=left;
  echo input size=12 name=\user_name\;
  echo /td;

  echo /tr;
  echo tr;

  echo td align=left;
  echo password;
  echo /td;

  echo td align=left;
  echo input type=\password\ size=12 name=\user_password\;
  echo /td;

  echo /tr;
  echo tr;

  echo td;
  echo /td;

  echo td align=left;
  echo center;
  echo input type = \submit\ value=\submit\;
  echo /center;
  echo /td;

  echo /form;

  echo /tr;
  echo /table;

  echo /center;

  exit;

  } else

  $result = pg_exec ($database, SELECT user_id from users WHERE
user_name
= '$user_name' AND user_password = '$user_password');

  if (!$result) {
echo query died\n;
exit;
  }

  if (pg_num_rows($result) == 0) {
  echo centeryou have entered an invalid user name and password
combination.  please try again.  new users may create an account
from the
sign up link above./center; exit;
}

  for ($i = pg_num_rows($result) - 1; $i = 0; $i--) {
  if(!($row = pg_fetch_object($result)))
continue;
  }

  echo your user_id is ;

  pg_close($database);

?
/body
/html

   - --
   Shane
   www.shanewright.co.uk
   Public Key:

Re: [PHP] [PLEASE HELP] Passing variable to new page.