Re: [PHP] phpSearch
On Thu, 6 Jun 2002, millw0rm wrote: Hi, I m looking for a Search Engine kinda application which can search content inside my own website, which includes files like php, text, html as well as mySQL db... do u guys hav ne idea where i can find the application or r there ne1 who can develop it for me pls... i tried few applications like phpdig, Site Search, phpMySearch but unfortunately now of them got what I need... neways can u help me out. pls We do all that with mnogosearch (http://www.mnogosearch.ru/). miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] dumb guy needs smart answer
I get the following error statement from a PHP insert I am trying at http://www.solomonsporch.org/test.php Warning: Failed opening 'http://www.gospelcom.net/mnn/includes/pubNewsTease.php?li=yeslimit=4' for inclusion (include_path='c:\php4\pear') in e:\solomonsporch.org\test.php on line 12 I really don't know what I am doing -- but would sure appreciate getting this working. My host seems to be all set up. Thanks for your time! -Doug
Re: [PHP] dumb guy needs smart answer
It can't find the file you asked to include on line 12 of test.php. Post the code and we may be able to pin-point it. The first half of the error is to do with the default include path... in addition to the include path you set with include(), there is a default that PHP also checks (in your case, c:\php4\pear), which is set in php.ini. Justin French on 06/06/02 4:22 PM, Doug ([EMAIL PROTECTED]) wrote: I get the following error statement from a PHP insert I am trying at http://www.solomonsporch.org/test.php Warning: Failed opening 'http://www.gospelcom.net/mnn/includes/pubNewsTease.php?li=yeslimit=4' for inclusion (include_path='c:\php4\pear') in e:\solomonsporch.org\test.php on line 12 I really don't know what I am doing -- but would sure appreciate getting this working. My host seems to be all set up. Thanks for your time! -Doug -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP CGI cannot be accessed directly
Yes I have set cgi.force_redirect=0 in my php.ini file. I have trippled checked this! I am running PHP 4.2.0 on Win2K IIS5 as CGI. What am I missing? Any known bugs? Tx MH -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP version 4.2 and above
I'm working on a windows2000 platform and i need to use php version =4.2 for my graphics.How do i go about solving the problem of gd that can be supported by the above php version? The gd in phpdev 4(php version 4.06) cannot be supported by the bove php version. -Original Message- From: Miguel Cruz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 10:20 AM To: Opere, James Cc: PHP Windows Discussion List; PHP General Discussion List Subject: Re: [PHP] PHP version 4.2 and above On Wed, 22 May 2002, Opere, James wrote: I have aproblem with php = 4.2.I'm working on graphics but when i install php4.2, i get an error that it doesn't support GD library. Is there anybody who has any idea as to how it can be possible to use the above versions and still run my scripts successfully? Currently i'm using phpdev4 which with php 4.06 which does not support global variables but support the GD library for Graphics. Any version supports the GD library if you install it that way. But without knowing your platform it's hard to guess what you might have to do in order to get things going. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpSearch
Hello, try this: http://www.digitalgenesis.com/software/dgssearch.html --- Ali Reza Sajedi Webentwicklung und -betreuung BUP Goettingen 0551/54707-41 [EMAIL PROTECTED] http://www.bupnet.de --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using checkboxes
Hey all, I have a form, generated in php, with a lot of checkboxes on it. They are initialized from the db. All checkboxes are in a 2d array and they come through to my processing script fine. The only problem is that the ones that are unchecked do not come through. I know that the post command only sends the checked boxes. What I would like to know is which ones were changed, ie checked or unchecked by the user. Right now I do it by putting a string with the old values in a hidden textbox and comparing those to what I get back in the array. I have been thinking about writing some client side script to produce the differences. Does anyone know if there is a better way to do this? Thanks, Dirk.
[PHP] oracle again!!!!
Hi, I've tried installing php with oracle support to my RedHat Linux server. Im recieving this error when executing a sample Ora fucntion to connect to the oracle database.My oracle database works fine but my script canot connect. I've tried this sample script with my AIX server but it works fine. I really dont know why ... Please help. heres my sample connect script: PutEnv(ORACLE_SID=oracle); PutEnv(ORACLE_HOME=/home/oracle/OraHome1); $connection = Ora_Logon(system,manager); if($connection==false){ echo Ora_ErrorCode($connection).:. Ora_error($connection).BR; exit; } And heres my warning error: Warning: Oracle: Connection Failed: Error while trying to retrieve text for error ORA-12546 in /home/www/htdocs/selecting.php on line 9 Warning: ora_errorcode(): supplied argument is not a valid Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line 13 Warning: ora_error(): supplied argument is not a valid Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line 13 : I can connect to oracle remotely with my sqlplus using this account. Is thereanything that i didnt know when settingup php with oracle in redhat linux? Thanks in advance. Regards, Mike -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: [PHP-DB] cookies and Global variables
1. Cookies _has_ to be sent before anything else, that just is the case. 2. Sessions are the answer for thisone. Niklas -Original Message- From: Dib, Walid (MED, Stagiaire GEMS) [mailto:[EMAIL PROTECTED]] Sent: 6. kesäkuuta 2002 10:06 To: '[EMAIL PROTECTED]' Subject: [PHP-DB] cookies and Global variables Hello 1) I want to use cookies for my site, how can I do it? My browser warn me that headers are already sent!! 2) How can I use the same variables on all pages: for example: $login, I need this variable on all pages to send requests to a MySQL database. Thanks DIB Walid ### This message has been scanned by F-Secure Anti-Virus for Internet Mail. For more information, connect to http://www.F-Secure.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OOP Question in PHP
Scott Hurring [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Depends ;-) yea, really depnds, but as you mentioned, having parameterless constructors are more generic, especially when it comes to derive the classes. instead (with option #2), you could do something like: // Create new document $d = new Document(); // populate document $d-save(); and // Get existing doc $d = new Document(); $d-get(ID); i'd advise method names load() (as for retrieve) and save() (as for store) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP and SSI
Is it possible to use SSI with PHP? If so, where can I learn how to do this? TIA, Jerry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions on clustered machines
Hi Have a look at http://www.mohawksoft.com/phoenix/msession.html I just started playing with it and seems to be ok, except when I try my own session handler it chucks a core dump now, but if it is as good as they reckon I wont need my own handler :) Tom At 03:17 PM 6/06/2002, Cameron Just wrote: Hi, Just wondering if sessions can be shared on clustered webservers? ie one location for session.save_path which is shared amongst many machines. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] phplib, sessions and multiple dirs
greetings. i have a website running that has multiple user directories setup as HOST/username. Each username subdirectory has its own subdir named admin where i'm using phplib to do the session/user management and authentication. the problem i'm seeing is that when i login to username1/admin, i'm able to directly access username2/admin, even though the user/pw for that area is different in the auth_user table. obviously, this is not the desired functionality. each username subdir has its own set of config.php files where i have been trying to override the session.cookie_path in the hopes of at least restriciting the usage of the session cookie to the HOST/username path. i'm assuming that this has been encountered and solved before, but i have been unable to find any help via google or the other associated dev/php sites. i'm running php 4.2.1, apache 1.3.24 and mysql 3.23.49 on a rh6.2 system. any help or pointers to docs would be greatly appreciated. thanks. c. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] phpSearch
We do all that with mnogosearch (http://www.mnogosearch.ru/). gr8 it worked... thnx alot enjoy ;-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure File Upload
Hi Jim! ok, here are a few questions for you to clarify things. A) Do you want to place a limit on the size of a single file being uploaded? Yes. In fact, i would like to prevent having users upload too big files. There are two reasons: First, I don't want my server space to be consumed by files too big. Second, I want to be able to prevent my (limited) traffic to be exhausted. Simple reason: I pay for anything above let's say 10 GB of traffic. So what PHP offers to me AFAIK enables me to protect my space, but not my traffic. That's where my question comes from. B) Do you want to place a restriction that says after n'th number of files that have been uploaded equal 'X' ammount of space on the server disable file uploads? (this is what it sounds like you are asking, to me anyways) Nope. This would be quite easy, I guess. But that's not the problem, it's about traffic. Answer these two questions and it will help me alot Hope this did ;) Can you help me now? ;) Cheers, Kiko -- It's not a bug, it's a feature. christoph starkmann mailto:[EMAIL PROTECTED] http://www.gruppe-69.com/ ICQ: 100601600 -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP CGI cannot be accessed directly
I got the problem! php.ini is not saved in c:\winnt by default! Make sure your php.ini is in c:\winnt and NOT in your profile as saved by the installer! Mindhunter [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yes I have set cgi.force_redirect=0 in my php.ini file. I have trippled checked this! I am running PHP 4.2.0 on Win2K IIS5 as CGI. What am I missing? Any known bugs? Tx MH -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure File Upload
A) Do you want to place a limit on the size of a single file being uploaded? [...] Second, I want to be able to prevent my (limited) traffic to be exhausted. Simple reason: I pay for anything above let's say 10 GB of traffic. So what PHP offers to me AFAIK enables me to protect my space, but not my traffic. You are absolutly correct. Welcome to the client/server relationship. Your PHP is *entirely* server side, meaning that (in a HTTP[S] PUT or POST) the entire file is sent to PHP before it can work out if its too big or not. However, there are some client side effects you can induce (such as the browser limiting the file size, this can be set in the HTML FORM) - but as this is client side there is no gaurentee that this request will be honoured (still leaving you open for a custom / noncompliant browser to upload giga-huge files to you). In my experiance its best to give people access to FTP upload but thats not always an option... I hope the information has helped you. The following URL might be worth researching. http://www.php.net/manual/en/features.file-upload.php Look for information on MAX_FILE_SIZE and READ the user comments. The manual + user comments usually holds the answers you seek. ;) -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] oracle again!!!!
Michael, I have not used Oracle from PHP but I may be able to provide some pointers/questions. You do not say where the Oracle database is. If it is on the AIX computer then to connect you will need the system@tnsname form of user name to specify which connection in your tnsnames.ora file to use. (I assume you have modified the linux firewall to allow the ports used in the tnsnames.ora file to be open). I assume that you have the Oracle client code loaded onto the linux computer. If the database is local on the linux computer then maybe the firewall issue still applies. What Iwould look at first is the first error message. ORA-12546 is TNS:permission denied. This looks like the user that apache is run as cannot open the tnsnames.ora file. From the Oracle home you give, I think it should be trying to open /home/oracle/OraHome1/network/admin/tnsnames.ora but cannot do so. Is the file located here? Hope this helps. Chris Michael P. Carel wrote: Hi, I've tried installing php with oracle support to my RedHat Linux server. Im recieving this error when executing a sample Ora fucntion to connect to the oracle database.My oracle database works fine but my script canot connect. I've tried this sample script with my AIX server but it works fine. I really dont know why ... Please help. heres my sample connect script: PutEnv(ORACLE_SID=oracle); PutEnv(ORACLE_HOME=/home/oracle/OraHome1); $connection = Ora_Logon(system,manager); if($connection==false){ echo Ora_ErrorCode($connection).:. Ora_error($connection).BR; exit; } And heres my warning error: Warning: Oracle: Connection Failed: Error while trying to retrieve text for error ORA-12546 in /home/www/htdocs/selecting.php on line 9 Warning: ora_errorcode(): supplied argument is not a valid Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line 13 Warning: ora_error(): supplied argument is not a valid Oracle-Connection/Cursor resource in /home/www/htdocs/selecting.php on line 13 : I can connect to oracle remotely with my sqlplus using this account. Is thereanything that i didnt know when settingup php with oracle in redhat linux? Thanks in advance. Regards, Mike -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] if() statements
Hi, I'm working on a 350+ line message board script with multiple SQL queries, etc. It's starting to get a noticeable (although not major) lag. It's probably the multiple MySQL queries, which I'm going to attempt to minimise and optimise, but it also brings me to a question about if(). does the process of PHP digging it's way through multiple nested if() statements slow down PHP, perhaps in comparison to a single line with an include? eg ? if($something) { // // 100 lines of code, queries and nested if()'s // } ? versus ? if($something) { include('100_lines_of_code.inc'); } ? I personally like developing with include() files and keeping everything modular, but have been avoiding this in part, due to the multiple includes already found on my pages (eg sessions, fonts, config, header, footer, content, function libraries = 7+ includes per page) and the possible concern of so many includes slowing things down. BUT, if larger if() blocks can cause a simular bottle-neck, then maybe i'll go back to multiple includes... Is there a good way to time scripts too? All I can think of is comparing time() or microtime() from the start and end of the scripts. Thanks, Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure File Upload
Hi Dan! A) Do you want to place a limit on the size of a single file being uploaded? [...] Second, I want to be able to prevent my (limited) traffic to be exhausted. Simple reason: I pay for anything above let's say 10 GB of traffic. So what PHP offers to me AFAIK enables me to protect my space, but not my traffic. You are absolutly correct. Welcome to the client/server relationship. Your PHP is *entirely* server side, meaning that (in a HTTP[S] PUT or POST) the entire file is sent to PHP before it can work out if its too big or not. I know this, not this new to CGI... ;) The only thing I thought/hoped was that maybe there's a way to recieve the file size information before upping the entire file. Like with email or news, where I can download headers seperated from the message body... But as far as I can see, this is not possible. Sad but true ;) So I have to trust my visitors ;) Cheers, Kiko -- It's not a bug, it's a feature. christoph starkmann mailto:[EMAIL PROTECTED] http://www.gruppe-69.com/ ICQ: 100601600 -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure File Upload
On Thursday 06 June 2002 17:53, Christoph Starkmann wrote: I know this, not this new to CGI... ;) The only thing I thought/hoped was that maybe there's a way to recieve the file size information before upping the entire file. It is possible with some browsers: http://marc.theaimsgroup.com/?l=php-generalm=102079018906224w=2 -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* jogger, n.: An odd sort of person with a thing for pain. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Secure File Upload
I know this, not this new to CGI... ;) The only thing I thought/hoped was that maybe there's a way to recieve the file size information before upping the entire file. It is possible with some browsers: http://marc.theaimsgroup.com/?l=php-generalm=102079018906224w=2 But you still have to rely on your visitors as they could simply use another web browser should they wish to DoS your site. Security measures such as logging in before allowing a file upload can come in useful here. -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] global variables without sessions on apache
Thanks Jason, Works great in htaccess Zac - Original Message - From: Jason Wong [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 4:08 AM Subject: Re: [PHP] global variables without sessions on apache On Thursday 06 June 2002 06:05, Zac Hillier wrote: Miguel, I mean that the variables will never change per Virtual host but that the site is a template for many sites and these vars are part of the distinction for each site / Virtual Host. So far the suggestions of using the auto-prepend in the php.ini have not seemed to cater for this. Can you help further? The auto-prepend thing can be set per-site if you put it in the apache.conf file, and possibly per-directory as well (haven't tried it) if put in .htaccess files. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* You will have a head crash on your private pack. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure File Upload
Hi again, Dan! But you still have to rely on your visitors as they could simply use another web browser should they wish to DoS your site. Security measures such as logging in before allowing a file upload can come in useful here. I think I have to agree at this point. I was just hoping I was simply missing some point, but then a login wil have to do. Thanks for all your help... Cheers, Kiko -- It's not a bug, it's a feature. christoph starkmann mailto:[EMAIL PROTECTED] http://www.gruppe-69.com/ -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] date problem
So what did you get? Did it work? (No. I doubt it...) Don't just post a question like Here's what I'm doing...fix it Anyway, your really wasting your time by not using a date or timestamp column. If you don't understand why or realize how easy it is to change it, you've got a lot of learning to do. The only way you can do it with a char column is to select the entire database, load it into a PHP array, using strtotime() to (hopefully) convert May 29, 2002, etc, into a unix timestamp, and then sort by that timestamp. You just make things more difficult with a char column. I hope you don't have any more queries based on time or date... ---John Holmes... -Original Message- From: andy [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 2:02 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [PHP] date problem Hi there, I would like to count the users out of a mysql db who registered after a certain date. The column I have in the db is a char and I do not want to change this anymore. This is how a typical entry looks like: May 29, 2002 This is how I tryed it: // while '10...' is unix timestamp june 1, 02 SELECT COUNT(*) AS c FROM users_table WHERE UNIX_TIMESTAMP( user_regdate ) '1022882400' Thanx for any help on that, andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] date problem
SELECT COUNT(*) AS c FROM users_table WHERE UNIX_TIMESTAMP( user_regdate ) '1022882400' The only way you can do it with a char column is to select the entire database, load it into a PHP array, using strtotime() to (hopefully) convert May 29, 2002, etc, into a unix timestamp, and then sort by that timestamp. Alternatively you could use the query you are now (if its returning the correct subset of rows from the table). Replace COUNT(*) AS c with your primary key field (eg: id), and then use mysql_count_row() [rtfm for more details] rather than pulling the rows. From here it looks like your fastest option, but your not providing enough information. -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] date problem
SELECT COUNT(*) AS c FROM users_table WHERE UNIX_TIMESTAMP( user_regdate ) '1022882400' The only way you can do it with a char column is to select the entire database, load it into a PHP array, using strtotime() to (hopefully) convert May 29, 2002, etc, into a unix timestamp, and then sort by that timestamp. Alternatively you could use the query you are now (if its returning the correct subset of rows from the table). Replace COUNT(*) AS c with your primary key field (eg: id), and then use mysql_count_row() [rtfm for more details] rather than pulling the rows. From here it looks like your fastest option, but your not providing enough information. The query shouldn't be returning anything, b/c a unix_timestamp of a char type column is going to be zero. So zero will never be 1022882400. Also, there is no MySQL_count_row(), function. Do you mean MySQL_num_rows()? You should use COUNT(*) in your query instead of MySQL_num_rows(), if the count is all your after. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Need some suggestions about community :)
Sorry, my bad, meant a table for each user, not a database :) But I'll go with the shared tables then :P Håkan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Modifying the sort order of a query
[snip] I've just tried the sub-select approach. Works great on the first page - shows names listed alphabetically sorted by country. However, once I click on 'Next 20' both sorts go bye-bye (neither by name nor country). [/snip] I am late to the thread but I wanted to offer another suggestion. Retrieve the data results into an array and sort the array. I like Peter's idea though, using a case statement for the appropriate sort order information. You could also set a variable ($lastSortOrder) to 'default', 'country', 'city', 'whatever' and place this variable within the query. Pseudocode follows; $lastSortOrder = default $query = SELECT name, address, city, state, zip FROM table ; $query .= ORDER BY . $lastSortOrder . ; input type=submit name=action value=Sort By Countrybr input type=submit name=action value=Sort By Citybr switch($action){ case Sort By Country: $lastSortOrder = country break; case Sort By City: $lastSortOrder = city break; } I know this isn't complete but I HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Modifying the sort order of a query
Thanks Jay, Well, I went back to work on it, and with the combined suggestions from the list, it's working now. I just had to insert the sub-select on the called page as well. That seemed to be the problem. Thanks for your suggestion -- I used part of it. Regards, Andre On Thursday 06 June 2002 07:39 am, you wrote: [snip] I've just tried the sub-select approach. Works great on the first page - shows names listed alphabetically sorted by country. However, once I click on 'Next 20' both sorts go bye-bye (neither by name nor country). [/snip] I am late to the thread but I wanted to offer another suggestion. Retrieve the data results into an array and sort the array. I like Peter's idea though, using a case statement for the appropriate sort order information. You could also set a variable ($lastSortOrder) to 'default', 'country', 'city', 'whatever' and place this variable within the query. Pseudocode follows; $lastSortOrder = default $query = SELECT name, address, city, state, zip FROM table ; $query .= ORDER BY . $lastSortOrder . ; input type=submit name=action value=Sort By Countrybr input type=submit name=action value=Sort By Citybr switch($action){ case Sort By Country: $lastSortOrder = country break; case Sort By City: $lastSortOrder = city break; } I know this isn't complete but I HTH! Jay -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions question (-enable-trans-sid)
Thanks to all for their help on this. As a follow-up, and after a bunch of playing around with this yesterday, here's what I've come to learn. Perhaps it will be helpful to others: With enable-trans-id compiled into PHP and the following directives in php.ini: session.use_cookies = 0(PHP uses cookies for sessions - off) session.use_trans_sid = 1 (PHP uses enable-trans-id for sessions - on) PHP will automatically append the SID to the end of relative links 100% of the time and will not use cookies no matter whether the user has cookies enabled for their browser or not. In the following case (and I presume the more normal way of doing things): session.use_cookies = 1(PHP uses cookies for sessions - on) session.use_trans_sid = 1 (PHP uses enable-trans-id for sessions - on) PHP will behave the same way for those users that do *not* have cookies enabled for their browser as in the first example, i.e. append links 100% of the time. However, for those users that have cookies enabled for their browser, PHP will append the SID to the links only on the first hit to a page. Then, when a user requests the next page, the auto-rewriting of the URI's stops and cookies are used from that point forward. Actually, that all makes sense, as the first time a user requests a page, there's no way for PHP to know if the browser will accept cookies or not. But, on the second request, the browser will send the cookie back to PHP (along with the appended URI), and PHP from that point on knows that the browser accepts cookies and PHP will then drop the rewriting of the URI's. I hope I've got this all correct. The one observation I'd make in regards to using cookies vs. URI's to maintain the session is this (and please someone correct me if I'm wrong): If a user does *not* have cookies enabled for their browser, you can lose the session if the user hits an html page at your site (because PHP will not be involved and will not rewrite the URI's for the .html page). Not good. If a user *does* have cookies enabled, they can hit non-PHP pages all they want and when they get back to a PHP page, the session is still intact. So, it would seem, while the SID being appended to all URI's should work for all users, non-PHP pages will break the session (not good). And, as for the cookie method, not all users have cookies enabled for their browser (also, not good). Therefore, IMO, neither the cookie method or appending the URI method will work as you'd like 100% of the time. I suppose one thing you could do so that non-PHP pages won't break the session for those users that don't have cookies enabled would be to just run every page in your site through PHP. That way, the URI's for every page will be appended with the SID, and maybe that's the way to go. Anyway, I hope I've got this all right and I hope it helps someone. Jeff -Original Message- From: Jeff Field [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 11:56 AM To: [EMAIL PROTECTED] Subject: [PHP] Sessions question (-enable-trans-sid) Hi, I'm confused about one thing regarding sessions and haven't been able to find the definitive answer anywhere. Hopefully, I can here. There are two ways to enable sessions: 1) Session ID is passed through cookies 2) Session ID is passed through the URL, either done manually or by automatic URL rewriting All the books, tutorials, etc. basically say that cookies are the way to go but when users don't have cookies enabled, you have to use the URL method. Since I have an e-commerce site that is available to the world, I'm assuming *some* are not going to have cookies enabled. Duh! So, from what I've read, you can implement the URL method of sessions by either manually attaching the session ID to the URLs, or, by compiling PHP with enable-trans-sid, which will add the session ID to the URL's automatically. The answer that I haven't been able to find is this: Is this a one or the other proposition? IOW, if I implement sessions with cookies, then I can't use the URL method? Or, if I implement the URL method (with enable-trans-sid), I can't use the cookie method? Or, do they work in combination. IOW, does PHP automatically know that if a user has cookies enabled, PHP will use the cookie method and, when cookies are *not* enabled, PHP automatically implements the URL method? Thanks for the help! Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Stripping illegal characters out of an XML document
Hi there. I'm working with RDF/XML that is strict on what characters are allowed within the elements and attributes. I was wondering if anyone had a script that processed a string and replaced all illegal-characters with their HTML code, for example is converted to and to . It should also work for characters like é. It would be possible to process the strings before they are inserted into the XML document - if that is easier. If there isn't a script that'll do this I'll have to write my own - which could be quite time consuming ;( Thanks Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Can't Connect to INFORMIX DB
Thanks for the answer.. But this is the story now.. I've finally made Informix PHP work using ODBC. That's working fine now. And about native functions, i've downloaded the manual instalation of PHP, and now i have the extensions, dlls, and all that stuff. But still can't make it work. I've set my extension_dir, from php.ini, like this: extension_dir = C:\Php421\extensions\ And of course, that's the path where i have those files. Any help will we appreciated! Bye Gastón. Juraj Hasko [EMAIL PROTECTED] escribió en el mensaje 001f01c20c5b$dd6c8870$ec01db0a@HASKO">news:001f01c20c5b$dd6c8870$ec01db0a@HASKO... Hi, 1. PHP native function for Informix will not work, because there is missing php_ifx.dll extension in latest PHP 4.2.1 bundle for win32. 2. you have probably error in instalation of Infomix ODBC drivers. The file 'csql.iem' is part of standart instalation. Check your instalation ... Juraj System Administrator CAC LEASING Slovakia, a.s. mailto:[EMAIL PROTECTED] http://www.cacleasing.sk -Original Message- From: Gastón [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 8:19 PM To: [EMAIL PROTECTED] Subject: Can't Connect to INFORMIX DB Hi, I need some help (or maybe a lot), to get PHP connecting to my Informix DB. I'm pretty new to PHP, and i don't have a clue of what i'm doing wrong. I'm using IIS 4.0 under Win NT 4.0. with PHP 4.2.1 I've tried to connect throw ODBC driver, and directly from native functions but both fail. The messages are: When i use ODBC: Warning: SQL error: [INTERSOLV][ODBC Informix driver][Informix]Cannot open file 'csql.iem' , SQL state S1000 in SQLConnect When i use native functions: PHP Warning: Unable to load dynamic library 'C:\Php421\extensions\php_ifx.dll' - The specified procedure could not be found. in Unknown on line 0 Thanks, Gastón. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] array_walk
If you use array_walk with an associative array, the only arguments that PHP automatically passes to the defined array are the numerical/element keys. Is there any way you can force it to pass the associative keys? For example, I have an array: $bob = array( this = other ); Instead of passing this and other to your array, PHP passes 0 and other. Is there any way I can make it so that it passes this? Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Using checkboxes
This always works for me.. == /* *\ ** chk[] is the list of check boxes sent to browser. ** If chk[$i] equals $i as as you loop ** through the array.. then it was checked. ** But first we need to set all the boxes that ** ain't checked to -1 or something other than $i ** $num_chk = number of $chk[] boxes sent \* */ for ($i=$num_chk; $i-1 ; $i--) { if (!isset($chk[$i])) $chk[$i] = -1; else{ $ii = $chk[$i]; $chk[$i] = -1; $chk[$ii] = $ii; } } /* Now you can loop through the chk[] ** list and find out what ones were set */ = HTH. Good luck ... Dan Dirk Beijaard wrote: Hey all, I have a form, generated in php, with a lot of checkboxes on it. They are initialized from the db. All checkboxes are in a 2d array and they come through to my processing script fine. The only problem is that the ones that are unchecked do not come through. I know that the post command only sends the checked boxes. What I would like to know is which ones were changed, ie checked or unchecked by the user. Right now I do it by putting a string with the old values in a hidden textbox and comparing those to what I get back in the array. I have been thinking about writing some client side script to produce the differences. Does anyone know if there is a better way to do this? Thanks, Dirk. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Number formatting
Hi gang- I am trying to format a number coming from a csv file that I am importing then sending to a database. Being the wonderful program that Excel is there is a column that contains a number that only has a decmimal if there is a value. So 3.05% will display, 3% will display as 3. It is throwing my calculations off, I have tried using number format like this: $aprTemp = number_format($apr, 2); which in the case of 3.05 will return 305.00 and 300.00 for 3%. Anyone have a snippet to test and display properly so that 3% would be 3.00, etc. Thanks, -Scott -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Can't Connect to INFORMIX DB
Remove the semi-c0lon from the following line in php.ini: ;extension=php_ifx.dll And then restart your web-server if your run PHP as a module... Mikey GastóN [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks for the answer.. But this is the story now.. I've finally made Informix PHP work using ODBC. That's working fine now. And about native functions, i've downloaded the manual instalation of PHP, and now i have the extensions, dlls, and all that stuff. But still can't make it work. I've set my extension_dir, from php.ini, like this: extension_dir = C:\Php421\extensions\ And of course, that's the path where i have those files. Any help will we appreciated! Bye Gastón. Juraj Hasko [EMAIL PROTECTED] escribió en el mensaje 001f01c20c5b$dd6c8870$ec01db0a@HASKO">news:001f01c20c5b$dd6c8870$ec01db0a@HASKO... Hi, 1. PHP native function for Informix will not work, because there is missing php_ifx.dll extension in latest PHP 4.2.1 bundle for win32. 2. you have probably error in instalation of Infomix ODBC drivers. The file 'csql.iem' is part of standart instalation. Check your instalation ... Juraj System Administrator CAC LEASING Slovakia, a.s. mailto:[EMAIL PROTECTED] http://www.cacleasing.sk -Original Message- From: Gastón [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 8:19 PM To: [EMAIL PROTECTED] Subject: Can't Connect to INFORMIX DB Hi, I need some help (or maybe a lot), to get PHP connecting to my Informix DB. I'm pretty new to PHP, and i don't have a clue of what i'm doing wrong. I'm using IIS 4.0 under Win NT 4.0. with PHP 4.2.1 I've tried to connect throw ODBC driver, and directly from native functions but both fail. The messages are: When i use ODBC: Warning: SQL error: [INTERSOLV][ODBC Informix driver][Informix]Cannot open file 'csql.iem' , SQL state S1000 in SQLConnect When i use native functions: PHP Warning: Unable to load dynamic library 'C:\Php421\extensions\php_ifx.dll' - The specified procedure could not be found. in Unknown on line 0 Thanks, Gastón. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Is this possible
On Thu, Jun 06, 2002 at 05:32:45AM -, James Edgar wrote: class myClass { function myFunc($var) { include(xml.inc); $obj = new xml($data,xml); And what happened when you ran this? Why not tell us? In the future, please post error messages and/or results so we can help you more accurately. If you ran it, it'd probably say Class declarations may not be nested. Pretty clear. The code for your xml class outside of myClass. But, you can create the object inside the class. So, put include('./xml.inc'); before class myClass and leave $obj = new xml($data, 'xml'); where it is. Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] array_walk
Instead of passing this and other to your array, PHP passes 0 and other. Is there any way I can make it so that it passes this? [pulled from the manual directly] Example 1. array_walk() example $fruits = array (d=lemon, a=orange, b=banana, c=apple); function test_alter ($item1, $key, $prefix) { $item1 = $prefix: $item1; } function test_print ($item2, $key) { echo $key. $item2br\n; } echo Before ...:\n; array_walk ($fruits, 'test_print'); reset ($fruits); array_walk ($fruits, 'test_alter', 'fruit'); echo ... and after:\n; reset ($fruits); array_walk ($fruits, 'test_print'); The printout of the program above will be: Before ...: d. lemon a. orange b. banana c. apple and after: d. fruit: lemon a. fruit: orange b. fruit: banana c. fruit: apple -- Dan Hardiker [[EMAIL PROTECTED]] ADAM Software Systems Engineer First Creative Ltd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Retrieving text from a URL using PHP
Is there any way to retrieve data (for example - the text *within* a table) from another URL so that only the text appears and not the html (tables, cells, colors, etc.) Below is a script which opens and reads a URL and then outputs the complete URL. I am just looking for the text output. Thank you in advance. Tony Ritter ... html head titleRetrieving text from a URL/title /head body ? $theurl=http://www.blah.com;; if (!($fp=fopen($theurl, r))) { echo Could not open the URL; exit; } $contents= fread($fp, 100); fclose($fp); echo $contents; echo br.This information retrieved frombr.a href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T)); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieving text from a URL using PHP
On Thursday 06 June 2002 23:43, Anthony Ritter wrote: Is there any way to retrieve data (for example - the text *within* a table) from another URL so that only the text appears and not the html (tables, cells, colors, etc.) strip_tags() -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Help stamp out Mickey-Mouse computer interfaces -- Menus are for Restaurants! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Retrieving text from a URL using PHP
In theory, I would guess you could use combinations of explode and strstr to maybe explode on , then run strstr on so you get everything after the but before the next . Then you'd probably have to implode it or something. There might be a better way to do it with just substr and strstr so you don't have to explode it... There may be an easier way - but this is the first thing that popped into my head, and it might at least get you looking in a good direction. Good luck! -Natalie -Original Message- From: Anthony Ritter [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 11:44 AM To: [EMAIL PROTECTED] Subject: [PHP] Retrieving text from a URL using PHP Is there any way to retrieve data (for example - the text *within* a table) from another URL so that only the text appears and not the html (tables, cells, colors, etc.) Below is a script which opens and reads a URL and then outputs the complete URL. I am just looking for the text output. Thank you in advance. Tony Ritter ... html head titleRetrieving text from a URL/title /head body ? $theurl=http://www.blah.com;; if (!($fp=fopen($theurl, r))) { echo Could not open the URL; exit; } $contents= fread($fp, 100); fclose($fp); echo $contents; echo br.This information retrieved frombr.a href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T)); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Retrieving text from a URL using PHP
I wish I'd seen this before I sent my message! -Original Message- From: Jason Wong [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] Retrieving text from a URL using PHP On Thursday 06 June 2002 23:43, Anthony Ritter wrote: Is there any way to retrieve data (for example - the text *within* a table) from another URL so that only the text appears and not the html (tables, cells, colors, etc.) strip_tags() -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Help stamp out Mickey-Mouse computer interfaces -- Menus are for Restaurants! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] long PHP array and HTML forms question
Jason Wong wrote: Page 2: I want the user to be able to use none, some, or all of the fields, so I don't know how many elements will be in the array. $color[] = $_POST[color]; That should be: $color = $_POST[color]; Actually from your results below it seems like you've enabled register_globals and it's not necessary to explicit (re)assign $color. Right. I'm used to working on a machine that doesn't have register_globals enabled, so it's just habit. Unfortunately, that particular hosting provider enables them. First question: is there something I can do at this point to cut the empty entries foreach ($color as $key = $val) { if ($val) { $tmp[] = $val; } } $color = $tmp; That will remove empty values from $color. Ahh. That's exactly what I needed! Thanks, Steven Steven Jarvis Web Developer Arkansas Democrat-Gazette Northwest Edition -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieving text from a URL using PHP
Thank you Jason. I'm still trying to figure out how to implement the strip_tags() function on the script below so that the output of the URL is straight text. Please advise if you get a chance. TR . html head titleRetrieving text from a URL/title /head body ? $theurl=http://www.blah.com;; if (!($fp=fopen($theurl, r))) { echo Could not open the URL; exit; } $contents= fread($fp, 100); fclose($fp); echo $contents; echo br.This information retrieved frombr.a href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T)); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] if() statements
On Thu, Jun 06, 2002 at 07:52:28PM +1000, Justin French wrote: It's starting to get a noticeable (although not major) lag. It's probably the multiple MySQL queries, which I'm going to attempt to minimise and optimise, but it also brings me to a question about if(). does the process of PHP digging it's way through multiple nested if() statements slow down PHP, perhaps in comparison to a single line with an include? If() statements definitely slow programs down. BUT, the size of the code inside the if satement isn't the real issue. It's the process of making the true/false decision that takes the work. Of course, the longer the code inside the if statement, the longer it takes run that particular part of the code if that code is executed. I personally like developing with include() files and keeping everything modular, Regarding includes, they add overhead. Includes come in handy where the included file is used in other scripts too. Is there a good way to time scripts too? All I can think of is comparing time() or microtime() from the start and end of the scripts. Yep. That's the simplest thing to do, but I believe there are benchmarking classes/functions out there. --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mail routing/reply to woes
I am the webperson for a couple of sites, new ones. I've set up several addresses, some I get and respond to. What I would like, for all the addresses on the box, is for someone to be able to run their browser's mailere to be able to download the mail, and also send mail from the server th3e account is hosted on. This owuld cause the reply to address to be their account name, AND more importantly, have the sent from/routing to come from that box. These boxes are for 12 step anonymous organizations and I don't want their home email address being connected to the usage of the site. Can POP3 do this, or IMAP, or either? -- If You want to buy computer parts, see the reviews at: http://www.cnet.com/ **OR EVEN BETTER COMPILATIONS**!! http://sysopt.earthweb.com/userreviews/products/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripping illegal characters out of an XML document
On Thu, Jun 06, 2002 at 12:47:57PM +0100, Daniel Pupius wrote: Hi there. I'm working with RDF/XML that is strict on what characters are allowed within the elements and attributes. I was wondering if anyone had a script that processed a string and replaced all illegal-characters with their HTML code, for example is converted to and to . It should also work for characters like é. Here's what I use. I grab the file and stick it into the $Contents string. Then, I clean it up with the following regex's. Finally, I pass it to the parse function. # Escape ampersands. $Contents = preg_replace('/(amp;|)/i', 'amp;', $Contents); # Remove all non-visible characters except SP, TAB, LF and CR. $Contents = preg_replace('/[^\x20-\x7E\x09\x0A\x0D]/', \n, $Contents); Of course, you can similarly tweak $Contents to drop or modify any other characters you wish. That's snipet is from my PHP XML Parsing Basics tutorial at http://www.analysisandsolutions.com/code/phpxml.htm It would be possible to process the strings before they are inserted into the XML document - if that is easier. While that's nice, it's not fool proof. What if someone circumvents your insertion process and gets a bad file into the mix? You still need to clean things as they come out just to be safe. Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripping illegal characters out of an XML document
Thanks, I've created a delimited file of all the HTML Character references. I then loop through and do a replace as previously suggested. However, IE's XML Parser still doesn't like the eacute; which represents é For all intents and purposes it's ok and works with the RDF processor. However, I'd like IE to be able to view the XML file just for completeness. Da Analysis Solutions [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On Thu, Jun 06, 2002 at 12:47:57PM +0100, Daniel Pupius wrote: Hi there. I'm working with RDF/XML that is strict on what characters are allowed within the elements and attributes. I was wondering if anyone had a script that processed a string and replaced all illegal-characters with their HTML code, for example is converted to and to . It should also work for characters like é. Here's what I use. I grab the file and stick it into the $Contents string. Then, I clean it up with the following regex's. Finally, I pass it to the parse function. # Escape ampersands. $Contents = preg_replace('/(amp;|)/i', 'amp;', $Contents); # Remove all non-visible characters except SP, TAB, LF and CR. $Contents = preg_replace('/[^\x20-\x7E\x09\x0A\x0D]/', \n, $Contents); Of course, you can similarly tweak $Contents to drop or modify any other characters you wish. That's snipet is from my PHP XML Parsing Basics tutorial at http://www.analysisandsolutions.com/code/phpxml.htm It would be possible to process the strings before they are inserted into the XML document - if that is easier. While that's nice, it's not fool proof. What if someone circumvents your insertion process and gets a bad file into the mix? You still need to clean things as they come out just to be safe. Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Anyone?
I posted this yesterday and did not get any response at all? Just wondering if someone can give me some insight into some security measures for a content management application... Posted 06/05/2002 Ok, I am not a security expert so I would like to know if my security measures I have implimented is adequate enough to keep people out. Any pointers on this would be very helpful as I am trying to impliment a secure way for people to update a website through the use of a content management application. Example of code is as follows // Login form - index.php form name=authenticate method=post action=auth_done.php input type=text name=user size=20 maxlength=20br input type=password name=pw size=20 maxlength=20br Select an image to identify yourself as an administrator.br select name=image option value=image01.jpgimage01/option option value=image02.jpgimage02/option option value=image03.jpgimage03/option option value=image04.jpgimage04/option option value=image05.jpgimage05/option /selectbrbr input type=submit name=Login value=Login input type=reset name=Reset value=Reset /form // Authentication checker - auth_done.php #check fields for valid entries in form if ((!$u_name) || (!$p_word) || (!$image)){ header(Location: index.php); exit; } connects to database require '/path/to/database/connection/script/dbcon.php'; #selects database table containing users that are allowed to use application $db_table = 'users'; $sql = SELECT * from $db_table WHERE un = \$user\ AND pw = password(\$pw\); $result = mysql_query($sql,$dbh) or die(Couldn't execute query); #loops through all records to find a match $num = mysql_numrows($result); if ($num !=0) { #creates variables for sessions $p_hash = $p_word; $to_hash = $image; #creates md5 hash of image user selected $pstring = md5($to_hash); #creates md5 hash of password user entered $image_sel = md5(uniqid(microtime($p_word),1)); #starts session for user session_start(); #registers variables created (md5 of password, username, image) in session session_register('user'); session_register('$pstring'); session_register('$image_sel'); #captures users ip address (logging stuff, not listed in this code for security reasons) $ipaddy = $REMOTE_ADDR; #echoes success message to authenticated user $msg_success = bYou have been authorized to make changes to the website! Your IP address has been recorded and sent to the administrator: $ipaddy/b; } else { #this prints if user name and password combination is not found in database print pYou are not authorized to use this application!/p; exit; } Now on each page in the content management app I have these lines of code: #Start the session# session_start(); #check session variables# if (isset($HTTP_SESSION_VARS['user']) || isset($HTTP_SESSION_VARS['$image_sel']) || isset($HTTP_SESSION_VARS['$pstring'])) { $main = Some kinda message for page in question; #connects to database# require '/path/to/database/connection/script/dbcon.php'; #if session variables not registered kick the user back to login form# } else { header (Location: index.php); } Now just so you know I have changed all the variables to something other than what I am currently using, however I have made sure that this is a working example so everything should work as is. Also I have tested this a few different ways, including: creating a page that tries to include one of the pages I have my security checks on from another website, linking directly to a script within the application etc. In any event, I also have logging setup on each and every script which I have not included here (different topic), just in case someone does get in I can at least try to find them. Any help, pointers, tutorials, examples, etc. would be appreciated!!! TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.
From: mmcree [EMAIL PROTECTED] Subject: Worm Klez.E immunity Date: Thu, 06 Jun 2002 04:53:27 -0400 Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Secure File Upload
On Thu, 6 Jun 2002, Christoph Starkmann wrote: Yes. In fact, i would like to prevent having users upload too big files. There are two reasons: First, I don't want my server space to be consumed by files too big. Second, I want to be able to prevent my (limited) traffic to be exhausted. Simple reason: I pay for anything above let's say 10 GB of traffic. So what PHP offers to me AFAIK enables me to protect my space, but not my traffic. That's where my question comes from. Depending on your server environment, you may be able to get the firewall code to drop a connection after a certain amount of traffic in one direction. That would effectively and unceremoniously cut off the rogue uploads. Beyond the scope of this mailing list, though. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieving text from a URL using PHP
echo strip_tags($contents); miguel On Thu, 6 Jun 2002, Anthony Ritter wrote: I'm still trying to figure out how to implement the strip_tags() function on the script below so that the output of the URL is straight text. Please advise if you get a chance. TR . html head titleRetrieving text from a URL/title /head body ? $theurl=http://www.blah.com;; if (!($fp=fopen($theurl, r))) { echo Could not open the URL; exit; } $contents= fread($fp, 100); fclose($fp); echo $contents; echo br.This information retrieved frombr.a href=\$theurl\$theurl/abr.on .(date(l jS F Y g:i a T)); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Great... along with bieng infected with the klez virus, everyone on php.net now has the address book of someone from the Department of Juvenile Justice. This is the best advertisment so far for why uncle sam should switch to linux. Vive le penguin! grin, Dw. Sqlcoders.com Dynamic data driven web solutions - - Original Message - Sent: June 06 2002 08:56 AM Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. From: mmcree [EMAIL PROTECTED] Subject: Worm Klez.E immunity Date: Thu, 06 Jun 2002 04:53:27 -0400 Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0 doti2ROtVsG59URig1svd/PQ =ggss -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Stripping illegal characters out of an XML document
Heya: On Thu, Jun 06, 2002 at 04:54:15PM +0100, Daniel Pupius wrote: Thanks, I've created a delimited file of all the HTML Character references. I then loop through and do a replace as previously suggested. However, IE's XML Parser still doesn't like the eacute; which represents é For all intents and purposes it's ok and works with the RDF processor. However, I'd like IE to be able to view the XML file just for completeness. Try #233; and see if IE likes that. If not, on the way out to the browser, you can convert your escaping back to an é. Ciao! --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieving text from a URL using PHP
Thanks Miguel! TR -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] NEED HELP (passing variable to new page)
Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. Sorry for lengthy e-mail.
[PHP] Returnpath for mail
Hi there, I am wondering if it is possible to send email via the mail function with lets say adress_1 and then if the recipient clicks on return he will adress his email automaticly to adress_2. I found this in my docs, but does not work though: $mailHeaders .= Return-Path: .$adress_return.\n; // Return path for errors does anybody have an idea how to do that? Thanx, Andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Trying to list a directory content HELP PLEASE
I know my doubt is probable odd, but I would ask your help please. I need a user to be able to select an image from a directory, from a drop down box. For this I need to list all the images available on the directory, hence, I have this code: select size=1 name=normal1 ?php chdir(/home/casapu/paginas/images/carteleras); $direc = opendir(.); while ($f = readdir($direc)); { print(option value=\.$f.\.$f./option); } ? ./select); but this is not working. I have reviewed the code against all the manuals/books I have, and it says it should work but it doesn't. Anyone knows what I'm doing wrong? HELP PLEASE VV -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Returnpath for mail
You mean like the Reply-to:[EMAIL PROTECTED] header? Adam Voigt [EMAIL PROTECTED] On Thu, 2002-06-06 at 13:08, andy wrote: Hi there, I am wondering if it is possible to send email via the mail function with lets say adress_1 and then if the recipient clicks on return he will adress his email automaticly to adress_2. I found this in my docs, but does not work though: $mailHeaders .= Return-Path: .$adress_return.\n; // Return path for errors does anybody have an idea how to do that? Thanx, Andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Arrays: Please help before I go insane?
To see what I'm working with, go here: http://www.melancholy.org/test_tree.php You may want to copy the source and the (mySQL) db structure and set it up on your system there to test it out. Though, if you don't want to do that, I show the output at the very bottom of the page. One note: I took out all the code that connects to the db and what not. It's not really relevant and it has logins, etc. Now, what I'm trying to do is build a tree based on the data in the DB. It's working relatively ok if I uncomment the code that is on line 48 and comment out line 49. However, what I really want to do is build a fully associative array doing this and now an array that has string keys but then, those arrays having numeric keys (copy and run this code un/commenting the lines above and you'll see what I mean). What is going wrong is that for whatever reason (and I can't see why, it should be working and I'm getting ready to become certifiable any time now), though it works at the beginning, what is getting passed to getParentNodes() on line 55 eventually stops being an array. What's getting passed is the word SET (something I'm just putting in there. I'm not really interested in the value, just the keys of the various arrays). Why is that? $currentBranch[$nodeName] should *always* be an array in that section of the code... if you define $array[this][that] = 1; $array[this] is an array. However, in my code, the array that I'm using is not being treated as such and I have no idea why. One other thing of note about the data from the DB: I realize that this and briggs are looping back on one another. The code that I have at lines 45 and 47 keep it from infinitely looping. Please, can someone offer any explanation as to why I'm getting the problem that I am? Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Returnpath for mail
I think you have to use a Reply-To header when sending your mail. The recipient's mail program will prompt him to use the reply to address rather than the from address. Hi there, I am wondering if it is possible to send email via the mail function with lets say adress_1 and then if the recipient clicks on return he will adress his email automaticly to adress_2. I found this in my docs, but does not work though: $mailHeaders .= Return-Path: .$adress_return.\n; // Return path for errors does anybody have an idea how to do that? Thanx, Andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -Pushkar S. Pradhan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] multiple selects and $_POST['vars']
Lo all, How do you manage multiple selects and the data returned by the form? All my attempts at doing this, only returned one variable from the selected options, not all of them?? My test... form method=post action=blah.php select multiple name=bleh option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form blah.php: echo $_POST['bleh']; $_POST['bleh'] would only have the value of the last selected option in the form... I've tried array_count_values as well to maybe see if PHP didn't save the multiple selected items into a array, but it only reported back that $_POST['bleh'] isn't a array. So, if I select all 5 items in the above form, why does PHP only return the last option I selected, and how do I get it to return all the selected values? Additionally, if ($_POST['bleh'] == ) { always fails Regardless if 1, 2, 3 or even all 5 of the options in the form is selected (highlighted) Which, is *really* strange, seeing that echo $_POST['bleh'] returns 1 out of the 5 selected values. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] multiple selects and $_POST['vars']
[snip] form method=post action=blah.php select multiple name=bleh option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form [/snip] Change this like follow; form method=post action=blah.php select multiple name=bleh option name=a_name value=11/option option name=a_name value=22/option option name=a_name value=33/option option name=a_name value=44/option option name=a_name value=55/option /select The value selected is now in $a_name HTH! Jay Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiple selects and $_POST['vars']
form method=post action=blah.php select multiple name=bleh option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form form method=post action=blah.php select multiple name=bleh[] option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form Notice the [] on the name, telling PHP it's an array. Then, to get the items selected, it will be in $_POST['bleh'], which is an array. So, $_POST['bleh'][0] will be the first one selected, etc. count($_POST['bleh']) will tell you how many were selected. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Returnpath for mail
Hello, On 06/06/2002 02:08 PM, Andy wrote: I am wondering if it is possible to send email via the mail function with lets say adress_1 and then if the recipient clicks on return he will adress his email automaticly to adress_2. I found this in my docs, but does not work though: $mailHeaders .= Return-Path: .$adress_return.\n; // Return path for errors does anybody have an idea how to do that? Yes, you need to use sendmail -f switch. You may want to try this class that already does it for you if you specify the Return-Path in the list of headers: http://www.phpclasses.org/mimemessage -- Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] multiple selects and $_POST['vars'] MORE
[snip] The value selected is now in $a_name [/snip] Or $_POST['a_name'] HTH! Jay Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime. It's hip to snip! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] multiple selects and $_POST['vars']
Or you can added the bleh as an array... example: select multiple name=bleh[] Thank you, RAY HUNTER -Original Message- From: Chris Knipe [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 5:56 AM To: [EMAIL PROTECTED] Subject: [PHP] multiple selects and $_POST['vars'] Lo all, How do you manage multiple selects and the data returned by the form? All my attempts at doing this, only returned one variable from the selected options, not all of them?? My test... form method=post action=blah.php select multiple name=bleh option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form blah.php: echo $_POST['bleh']; $_POST['bleh'] would only have the value of the last selected option in the form... I've tried array_count_values as well to maybe see if PHP didn't save the multiple selected items into a array, but it only reported back that $_POST['bleh'] isn't a array. So, if I select all 5 items in the above form, why does PHP only return the last option I selected, and how do I get it to return all the selected values? Additionally, if ($_POST['bleh'] == ) { always fails Regardless if 1, 2, 3 or even all 5 of the options in the form is selected (highlighted) Which, is *really* strange, seeing that echo $_POST['bleh'] returns 1 out of the 5 selected values. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Anyone?
I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? Jas [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I posted this yesterday and did not get any response at all? Just wondering if someone can give me some insight into some security measures for a content management application... Posted 06/05/2002 Ok, I am not a security expert so I would like to know if my security measures I have implimented is adequate enough to keep people out. Any pointers on this would be very helpful as I am trying to impliment a secure way for people to update a website through the use of a content management application. Example of code is as follows // Login form - index.php form name=authenticate method=post action=auth_done.php input type=text name=user size=20 maxlength=20br input type=password name=pw size=20 maxlength=20br Select an image to identify yourself as an administrator.br select name=image option value=image01.jpgimage01/option option value=image02.jpgimage02/option option value=image03.jpgimage03/option option value=image04.jpgimage04/option option value=image05.jpgimage05/option /selectbrbr input type=submit name=Login value=Login input type=reset name=Reset value=Reset /form // Authentication checker - auth_done.php #check fields for valid entries in form if ((!$u_name) || (!$p_word) || (!$image)){ header(Location: index.php); exit; } connects to database require '/path/to/database/connection/script/dbcon.php'; #selects database table containing users that are allowed to use application $db_table = 'users'; $sql = SELECT * from $db_table WHERE un = \$user\ AND pw = password(\$pw\); $result = @mysql_query($sql,$dbh) or die(Couldn't execute query); #loops through all records to find a match $num = mysql_numrows($result); if ($num !=0) { #creates variables for sessions $p_hash = $p_word; $to_hash = $image; #creates md5 hash of image user selected $pstring = md5($to_hash); #creates md5 hash of password user entered $image_sel = md5(uniqid(microtime($p_word),1)); #starts session for user session_start(); #registers variables created (md5 of password, username, image) in session session_register('user'); session_register('$pstring'); session_register('$image_sel'); #captures users ip address (logging stuff, not listed in this code for security reasons) $ipaddy = $REMOTE_ADDR; #echoes success message to authenticated user $msg_success = bYou have been authorized to make changes to the website! Your IP address has been recorded and sent to the administrator: $ipaddy/b; } else { #this prints if user name and password combination is not found in database print pYou are not authorized to use this application!/p; exit; } Now on each page in the content management app I have these lines of code: #Start the session# session_start(); #check session variables# if (isset($HTTP_SESSION_VARS['user']) || isset($HTTP_SESSION_VARS['$image_sel']) || isset($HTTP_SESSION_VARS['$pstring'])) { $main = Some kinda message for page in question; #connects to database# require '/path/to/database/connection/script/dbcon.php'; #if session variables not registered kick the user back to login form# } else { header (Location: index.php); } Now just so you know I have changed all the variables to something other than what I am currently using, however I have made sure that this is a working example so everything should work as is. Also I have tested this a few different ways, including: creating a page that tries to include one of the pages I have my security checks on from another website, linking directly to a script within the application etc. In any event, I also have logging setup on each and every script which I have not included here (different topic), just in case someone does get in I can at least try to find them. Any help, pointers, tutorials, examples, etc. would be appreciated!!! TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Yes, PHP is a secure programming language. On Thu, 2002-06-06 at 13:18, Jas wrote: I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? Jas [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I posted this yesterday and did not get any response at all? Just wondering if someone can give me some insight into some security measures for a content management application... Posted 06/05/2002 Ok, I am not a security expert so I would like to know if my security measures I have implimented is adequate enough to keep people out. Any pointers on this would be very helpful as I am trying to impliment a secure way for people to update a website through the use of a content management application. Example of code is as follows // Login form - index.php form name=authenticate method=post action=auth_done.php input type=text name=user size=20 maxlength=20br input type=password name=pw size=20 maxlength=20br Select an image to identify yourself as an administrator.br select name=image option value=image01.jpgimage01/option option value=image02.jpgimage02/option option value=image03.jpgimage03/option option value=image04.jpgimage04/option option value=image05.jpgimage05/option /selectbrbr input type=submit name=Login value=Login input type=reset name=Reset value=Reset /form // Authentication checker - auth_done.php #check fields for valid entries in form if ((!$u_name) || (!$p_word) || (!$image)){ header(Location: index.php); exit; } connects to database require '/path/to/database/connection/script/dbcon.php'; #selects database table containing users that are allowed to use application $db_table = 'users'; $sql = SELECT * from $db_table WHERE un = \$user\ AND pw = password(\$pw\); $result = @mysql_query($sql,$dbh) or die(Couldn't execute query); #loops through all records to find a match $num = mysql_numrows($result); if ($num !=0) { #creates variables for sessions $p_hash = $p_word; $to_hash = $image; #creates md5 hash of image user selected $pstring = md5($to_hash); #creates md5 hash of password user entered $image_sel = md5(uniqid(microtime($p_word),1)); #starts session for user session_start(); #registers variables created (md5 of password, username, image) in session session_register('user'); session_register('$pstring'); session_register('$image_sel'); #captures users ip address (logging stuff, not listed in this code for security reasons) $ipaddy = $REMOTE_ADDR; #echoes success message to authenticated user $msg_success = bYou have been authorized to make changes to the website! Your IP address has been recorded and sent to the administrator: $ipaddy/b; } else { #this prints if user name and password combination is not found in database print pYou are not authorized to use this application!/p; exit; } Now on each page in the content management app I have these lines of code: #Start the session# session_start(); #check session variables# if (isset($HTTP_SESSION_VARS['user']) || isset($HTTP_SESSION_VARS['$image_sel']) || isset($HTTP_SESSION_VARS['$pstring'])) { $main = Some kinda message for page in question; #connects to database# require '/path/to/database/connection/script/dbcon.php'; #if session variables not registered kick the user back to login form# } else { header (Location: index.php); } Now just so you know I have changed all the variables to something other than what I am currently using, however I have made sure that this is a working example so everything should work as is. Also I have tested this a few different ways, including: creating a page that tries to include one of the pages I have my security checks on from another website, linking directly to a script within the application etc. In any event, I also have logging setup on each and every script which I have not included here (different topic), just in case someone does get in I can at least try to find them. Any help, pointers, tutorials, examples, etc. would be appreciated!!! TIA Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To
Re: [PHP] Returnpath for mail
Andy, I stand to be corrected, but I think you mean the user hits reply rather than return, in which case it is Reply-To you need. I think Return-Path is for error messages for undeliverable mail. Now someone is probably going to tell me I'm quite wrong... Regards Chris andy wrote: Hi there, I am wondering if it is possible to send email via the mail function with lets say adress_1 and then if the recipient clicks on return he will adress his email automaticly to adress_2. I found this in my docs, but does not work though: $mailHeaders .= Return-Path: .$adress_return.\n; // Return path for errors does anybody have an idea how to do that? Thanx, Andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help on Session and cockies
A have two webs made in php, both uses a authentication based on session suport. I use in every page a session_start(); and a session_name( name); to get different name for the sessions but when i get login i one web, and then go to the other i get the same login. what happend? What means the session_name? I use php-4.2.0 and apache-1.3.24 in a lunux box. Any help will be apreciated. Regards. Marcos Lois Bermúdez [EMAIL PROTECTED] IQC-Services. Carretera provincial 60 - 1 36210 Vigo - Pontevedra Tel: +34 986 281 830 Fax: +34 986 415 074 http://www.iqc-services.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] am i just a session tracking idiot?
I can't seem to get session tracking to work to save my life. The end result I'm after is to store the value of the single column returned from this query .. SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' .. for use throughout the site. The current error I'm getting is Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root. The code is listed below. Any suggestions are greatly appreciated. dan ? // if ($user_name) { // class 'new uid' { var $row-user_id; }; // start_session(); // $abqSession = new abqnl; // $abqSession-user_id = $uid; // session_register(abqSession); // } if ($user_name) { session_id($_GET['user_id']); session_start(); $foo=$row-user_id; $_SESSION[uid] = $foo; echo $foo; } include '/storage/apache/htdocs/test.radom.org/.siteconf.php'; echo brbr; if (!$user_name) { echo center; echo table cellspacing=10; echo tr; echo form method=post action=\login.php\; echo td align=left; echo user name; echo /td; echo td align=left; echo input size=12 name=\user_name\; echo /td; echo /tr; echo tr; echo td align=left; echo password; echo /td; echo td align=left; echo input type=\password\ size=12 name=\user_password\; echo /td; echo /tr; echo tr; echo td; echo /td; echo td align=left; echo center; echo input type = \submit\ value=\submit\; echo /center; echo /td; echo /form; echo /tr; echo /table; echo /center; exit; } else $result = pg_exec ($database, SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password'); if (!$result) { echo query died\n; exit; } if (pg_num_rows($result) == 0) { echo centeryou have entered an invalid user name and password combination. please try again. new users may create an account from the sign up link above./center; exit; } for ($i = pg_num_rows($result) - 1; $i = 0; $i--) { if(!($row = pg_fetch_object($result))) continue; } echo your user_id is ; pg_close($database); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Anyone?
[snip] I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? [/snip] [rant warning!] I'll bite! ;-( A. You gave so much code that those of us on the list who may be working may have not had time to set it all up and test it. 2. Security from what standpoint? That you can't be hacked? That people can't use your CMS without authorization? That your code is complicated enough to be impressive? Test your code...if it works you're good, if not...fix it. III. Your code is somewhat bloated, you don't have to go through everything you go through to assure yourself security. Is this for an Intranet? If so is the URL to the CMS accessible through the firewall? If for an Internet site have you thought about putting the CMS on an SSL. Dang...and D. PHP is secure. You may, to assuage any further fears, encrypt any username password information that gets transmitted from the login to the server the first time. That is very insecure. I could port sniff your butt to kingdom come and gain usernames and passwords all day long. You cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. I cannot believe that anyone asking about security would transmit the initial login as plain text...so we're even. [/rant] Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Help on Session and cockies
With sessions, the session_start(); function will initiate a session in the severs tmp directory with a file name such as 55abhc8a83kqk etc. The session_name(name_of_var); function allows you to create a unique name for your session vs. the 55abhc8a83kqk. A good way to check your sessions is to do something like this: ?php session_start(); session_name(testing sessions); print p$session_id/p; ? Or if you want to assign session vars, or unique variables you can do something like this ?php $unique_number = rand(); // generates a uniqe number session_start(); // starts the session session_name($unique_number); // names the session the unique number session_register($unique_number); // registers the unique number as a session var print = p$unique_number is your session id/pp$unique_number is your registered variable/p; ? If you go to php.net you can look up session() in the function list and it will break it down alot better for you HTH Jas Marcos Lois BermúDez [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A have two webs made in php, both uses a authentication based on session suport. I use in every page a session_start(); and a session_name( name); to get different name for the sessions but when i get login i one web, and then go to the other i get the same login. what happend? What means the session_name? I use php-4.2.0 and apache-1.3.24 in a lunux box. Any help will be apreciated. Regards. Marcos Lois Bermúdez [EMAIL PROTECTED] IQC-Services. Carretera provincial 60 - 1 36210 Vigo - Pontevedra Tel: +34 986 281 830 Fax: +34 986 415 074 http://www.iqc-services.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Ok, so you have pointed out an problem, now that you have been so kind to do this could please recommend how to resolve this? Thanks, Jas Jay Blanchard [EMAIL PROTECTED] wrote in message 002201c20d80$552be430$8102a8c0@niigziuo4ohhdt">news:002201c20d80$552be430$8102a8c0@niigziuo4ohhdt... [snip] I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? [/snip] [rant warning!] I'll bite! ;-( A. You gave so much code that those of us on the list who may be working may have not had time to set it all up and test it. 2. Security from what standpoint? That you can't be hacked? That people can't use your CMS without authorization? That your code is complicated enough to be impressive? Test your code...if it works you're good, if not...fix it. III. Your code is somewhat bloated, you don't have to go through everything you go through to assure yourself security. Is this for an Intranet? If so is the URL to the CMS accessible through the firewall? If for an Internet site have you thought about putting the CMS on an SSL. Dang...and D. PHP is secure. You may, to assuage any further fears, encrypt any username password information that gets transmitted from the login to the server the first time. That is very insecure. I could port sniff your butt to kingdom come and gain usernames and passwords all day long. You cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. I cannot believe that anyone asking about security would transmit the initial login as plain text...so we're even. [/rant] Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Anyone?
[snip] Ok, so you have pointed out an problem, now that you have been so kind to do this could please recommend how to resolve this? [/snip] You may want to do some research on securing plain text transmission. http://www.ariadne.ac.uk/issue5/securing-forms/ http://www.google.com/search?hl=enie=UTF8oe=UTF8q=securing+plain+textbtn G=Google+Search HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - From http://www.snopes2.com/computer/virus/immunity.htm (Urban myths) Claim: A free immunity tool will protect your PC from the Klez.E virus. Status: False. Sample message: Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. Origins: The messages quoted above are correct in noting that Klez is a common worm which is currently spreading and infecting computers world-wide, but they contain no immunity tools that will protect your PC from Klez. Far from it: in classic trojan horse fashion, these messages (bearing a subject line of Worm Klez.E Immunity) are disguises that trick unsuspecting users into executing their attachments -- attachments which don't protect against the Klez virus but actually spread it. In other words, you opened one of these emails and now your system is sending out messages to everyone on your address book. HTH, Dw Sqlcoders.com Dynamic data driven web solutions - - Original Message - From: Leotta, Natalie (NCI/IMS) [EMAIL PROTECTED] To: 'Sqlcoders.com Programming Dept' [EMAIL PROTECTED] Sent: June 06 2002 09:57 AM Subject: RE: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. what made you say that we were infected? I didn't see anything in the email that looked at all virus-like (like at attachment). Was it filtered out at our mail server before I got the email? Thanks! -Natalie -Original Message- From: Sqlcoders.com Programming Dept [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 10:09 PM To: php general Cc: Jess Ragaza Subject: Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Great... along with bieng infected with the klez virus, everyone on php.net now has the address book of someone from the Department of Juvenile Justice. This is the best advertisment so far for why uncle sam should switch to linux. Vive le penguin! grin, Dw. Sqlcoders.com Dynamic data driven web solutions - - Original Message - Sent: June 06 2002 08:56 AM Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. From: mmcree [EMAIL PROTECTED] Subject: Worm Klez.E immunity Date: Thu, 06 Jun 2002 04:53:27 -0400 Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0 doti2ROtVsG59URig1svd/PQ =ggss -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQApfNf2pW/GxlpVEQIRjwCfShlMHJeDDjn7BnwMMrr4XA1LyHwAoK7+ biLWjqhinHYrFiL/thUB/XyM =OB6i -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQAsHdf2pW/GxlpVEQLgLQCghmZbJpmpDSpdAlgReGj2WJGCJ9oAoJx4 u7zwyxMRjtDqFZn8z6YUDO6p =iGzz -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Number formatting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi $aprTemp = number_format($apr, 2); which in the case of 3.05 will return 305.00 and 300.00 for 3%. Anyone have a snippet to test and display properly so that 3% would be 3.00, etc. you could try this... $val = sprintf(%0.02f, $val); Cheers - -- Shane www.shanewright.co.uk Public key: http://www.shanewright.co.uk/files/public_key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8/58q5DXg6dCMBrQRApb0AJsFZ7WxZK5PRguKZqNbRndVUnkl/QCgpafj VWVFBaJ9ysYxJqNP3Bxm2EI= =zrZI -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] multiple selects and $_POST['vars'] MORE
This is not how they work, the name goes under select not within option. And as others have suggested, using an array is key here: name=bleh[]. http://www.php.net/manual/en/faq.html.php#faq.html.select-multiple Regards, Philip Olson On Thu, 6 Jun 2002, Jay Blanchard wrote: [snip] The value selected is now in $a_name [/snip] Or $_POST['a_name'] HTH! Jay Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime. It's hip to snip! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there, Yes this is a virus, a Trojan horse to be precise. I was commenting that it's nice enough to publish the contents of the senders address book (see the mail To: cc: headers)... See my other email for details. HTH, Dw. - - Original Message - From: Chris Hewitt [EMAIL PROTECTED] To: Sqlcoders.com Programming Dept [EMAIL PROTECTED] Sent: June 06 2002 10:31 AM Subject: Re: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. Dw, Are you sure this originated from the source it says it did. It seems to be asking people to run a program even if AV software says do not. Sounds like a way to get a virus if you ask me. A pity we can't look at the full headers, I bet its not real. Regards Chris Sqlcoders.com Programming Dept wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Great... along with bieng infected with the klez virus, everyone on php.net now has the address book of someone from the Department of Juvenile Justice. This is the best advertisment so far for why uncle sam should switch to linux. Vive le penguin! grin, Dw. Sqlcoders.com Dynamic data driven web solutions - - Original Message - Sent: June 06 2002 08:56 AM Subject: [PHP] Fwd: Worm Klez.E immunity - a public service by Jess Ragaza of Internet Architecture, Inc. From: mmcree [EMAIL PROTECTED] Subject: Worm Klez.E immunity Date: Thu, 06 Jun 2002 04:53:27 -0400 Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQAVz9f2pW/GxlpVEQJtawCfXF05pf79aPD0KWedS0JLas8AizwAn2A0 doti2ROtVsG59URig1svd/PQ =ggss -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.8 iQA/AwUBPQAsX9f2pW/GxlpVEQI7VgCgvGDB+xAniz9a1fINBnvfNJeYjlsAnjta ouqXRvf+4IZ32pE4Se5lVVA6 =uaQY -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Anyone?
The whole idea is that we offer help after you have exhausted all other resources... If security is an issue then I suggest getting on a security mailing list and post your questions. Plus, it would be better if you found out how to solve the problems that are associated with security... check on ssl and encryption...you could even go with Kerberos or secure ldap systems. There are many options open...remember google is your friend Ray BigDog -Original Message- From: Jas [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 11:41 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Anyone? Ok, so you have pointed out an problem, now that you have been so kind to do this could please recommend how to resolve this? Thanks, Jas Jay Blanchard [EMAIL PROTECTED] wrote in message 002201c20d80$552be430$8102a8c0@niigziuo4ohhdt">news:002201c20d80$552be430$8102a8c0@niigziuo4ohhdt... [snip] I cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. Is PHP not a secure scripting language? I would really like a little insight into this question, anyone? [/snip] [rant warning!] I'll bite! ;-( A. You gave so much code that those of us on the list who may be working may have not had time to set it all up and test it. 2. Security from what standpoint? That you can't be hacked? That people can't use your CMS without authorization? That your code is complicated enough to be impressive? Test your code...if it works you're good, if not...fix it. III. Your code is somewhat bloated, you don't have to go through everything you go through to assure yourself security. Is this for an Intranet? If so is the URL to the CMS accessible through the firewall? If for an Internet site have you thought about putting the CMS on an SSL. Dang...and D. PHP is secure. You may, to assuage any further fears, encrypt any username password information that gets transmitted from the login to the server the first time. That is very insecure. I could port sniff your butt to kingdom come and gain usernames and passwords all day long. You cannot believe that no one with alot of PHP and MySQL experience has not replied to this post yet. I cannot believe that anyone asking about security would transmit the initial login as plain text...so we're even. [/rant] Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Arrays: Please help before I go insane?
Now, what I'm trying to do is build a tree based on the data in the DB. It's working relatively ok if I uncomment the code that is on line 48 and comment out line 49. However, what I really want to do is build a fully associative array doing this and now** an array that has string keys but then, those arrays having numeric keys (copy and run this code un/commenting the lines above and you'll see what I mean). ** should be not To elaborate, what I'm trying to do is build an array that looks like this: $array[this][that] = whatever; $array[this][other] = whatever; and not one that looks like this: $array[this][0] = that; $array[this][1] = other; because I just want to be able to get the keys and not have to worry about when I should be using the value of the key or the value of the array element. Again, the problem that I'm having (as demonstrated by the code) is that when I'm trying to set it up so that it's like the first example above, $array[this] isn't always evaluating as an array, though it always should. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiple selects and $_POST['vars']
Thanks everyone!! Appreciate it - Original Message - From: 1LT John W. Holmes [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 7:18 PM Subject: Re: [PHP] multiple selects and $_POST['vars'] form method=post action=blah.php select multiple name=bleh option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form form method=post action=blah.php select multiple name=bleh[] option value=11/option option value=22/option option value=33/option option value=44/option option value=55/option /select /form Notice the [] on the name, telling PHP it's an array. Then, to get the items selected, it will be in $_POST['bleh'], which is an array. So, $_POST['bleh'][0] will be the first one selected, etc. count($_POST['bleh']) will tell you how many were selected. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] multiple selects and $_POST['vars'] MORE
[snip] This is not how they work, the name goes under select not within option. And as others have suggested, using an array is key here: name=bleh[]. [/snip] You're right, my bad...just fired off a reply quickly without reading thoroughly. I was too engrossed in a lengthy code bit about security. I should slow down today...it started crappy and has gone downhill from there. My apologies, Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] multiple selects and $_POST['vars'] MORE
Yeah, agreed there!!! You're not supposed to specify a name on a option, just on the select itself. I've changed it now to use the array bit, and the form results return it as a array as expected. Thanks for all the help... I think it's time to download a new copy of the manual again... :) - Original Message - From: Philip Olson [EMAIL PROTECTED] To: Jay Blanchard [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 7:47 PM Subject: RE: [PHP] multiple selects and $_POST['vars'] MORE This is not how they work, the name goes under select not within option. And as others have suggested, using an array is key here: name=bleh[]. http://www.php.net/manual/en/faq.html.php#faq.html.select-multiple Regards, Philip Olson On Thu, 6 Jun 2002, Jay Blanchard wrote: [snip] The value selected is now in $a_name [/snip] Or $_POST['a_name'] HTH! Jay Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime. It's hip to snip! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] am i just a session tracking idiot?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi This may sound silly - but is there enough free disk space on whatever partition /tmp is mounted on? Alternatively, as a workaround, you could create a new directory and give the web server user permission to write to it and tell PHP to save sessions there. (this is actually better from a security standpoint as well; less chance of session hijacking). Cheers - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc On Thursday 06 June 2002 6:31 pm, dan radom wrote: I can't seem to get session tracking to work to save my life. The end result I'm after is to store the value of the single column returned from this query .. SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' .. for use throughout the site. The current error I'm getting is Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root. The code is listed below. Any suggestions are greatly appreciated. dan ? // if ($user_name) { //class 'new uid' { var $row-user_id; }; //start_session(); //$abqSession = new abqnl; //$abqSession-user_id = $uid; //session_register(abqSession); // } if ($user_name) { session_id($_GET['user_id']); session_start(); $foo=$row-user_id; $_SESSION[uid] = $foo; echo $foo; } include '/storage/apache/htdocs/test.radom.org/.siteconf.php'; echo brbr; if (!$user_name) { echo center; echo table cellspacing=10; echo tr; echo form method=post action=\login.php\; echo td align=left; echo user name; echo /td; echo td align=left; echo input size=12 name=\user_name\; echo /td; echo /tr; echo tr; echo td align=left; echo password; echo /td; echo td align=left; echo input type=\password\ size=12 name=\user_password\; echo /td; echo /tr; echo tr; echo td; echo /td; echo td align=left; echo center; echo input type = \submit\ value=\submit\; echo /center; echo /td; echo /form; echo /tr; echo /table; echo /center; exit; } else $result = pg_exec ($database, SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password'); if (!$result) { echo query died\n; exit; } if (pg_num_rows($result) == 0) { echo centeryou have entered an invalid user name and password combination. please try again. new users may create an account from the sign up link above./center; exit; } for ($i = pg_num_rows($result) - 1; $i = 0; $i--) { if(!($row = pg_fetch_object($result))) continue; } echo your user_id is ; pg_close($database); ? /body /html - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8 eav61ozpEGIbHXzIYU7zt5A= =EIC2 -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Anyone?
Sorry, never thought about using a search on forms to check my existing security measures... I am currently employing the use of SSL, however I am not that familiar with securing forms in the traditional sense so I do appreciate your comments. And also, I am not trying to show off my code, simply find ways to improve my existing ideas. Thanks again, jas Jay Blanchard [EMAIL PROTECTED] wrote in message 002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt">news:002301c20d82$444a6130$8102a8c0@niigziuo4ohhdt... [snip] Ok, so you have pointed out an problem, now that you have been so kind to do this could please recommend how to resolve this? [/snip] You may want to do some research on securing plain text transmission. http://www.ariadne.ac.uk/issue5/securing-forms/ http://www.google.com/search?hl=enie=UTF8oe=UTF8q=securing+plain+textbtn G=Google+Search HTH! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] FW: NEED HELP (passing variable to new page)
So can anybody help me with my problem? -Original Message- From: Igor Portnoy Sent: Thursday, June 06, 2002 9:36 AM To: '[EMAIL PROTECTED]' Subject: NEED HELP (passing variable to new page) Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. Sorry for lengthy e-mail.
Re: [PHP] am i just a session tracking idiot?
I've just tried that. /foo is owned by nobody and is mode 777. there's 135M available on that partition. * Shane Wright ([EMAIL PROTECTED]) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi This may sound silly - but is there enough free disk space on whatever partition /tmp is mounted on? Alternatively, as a workaround, you could create a new directory and give the web server user permission to write to it and tell PHP to save sessions there. (this is actually better from a security standpoint as well; less chance of session hijacking). Cheers - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc On Thursday 06 June 2002 6:31 pm, dan radom wrote: I can't seem to get session tracking to work to save my life. The end result I'm after is to store the value of the single column returned from this query .. SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' .. for use throughout the site. The current error I'm getting is Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root. The code is listed below. Any suggestions are greatly appreciated. dan ? // if ($user_name) { // class 'new uid' { var $row-user_id; }; // start_session(); // $abqSession = new abqnl; // $abqSession-user_id = $uid; // session_register(abqSession); // } if ($user_name) { session_id($_GET['user_id']); session_start(); $foo=$row-user_id; $_SESSION[uid] = $foo; echo $foo; } include '/storage/apache/htdocs/test.radom.org/.siteconf.php'; echo brbr; if (!$user_name) { echo center; echo table cellspacing=10; echo tr; echo form method=post action=\login.php\; echo td align=left; echo user name; echo /td; echo td align=left; echo input size=12 name=\user_name\; echo /td; echo /tr; echo tr; echo td align=left; echo password; echo /td; echo td align=left; echo input type=\password\ size=12 name=\user_password\; echo /td; echo /tr; echo tr; echo td; echo /td; echo td align=left; echo center; echo input type = \submit\ value=\submit\; echo /center; echo /td; echo /form; echo /tr; echo /table; echo /center; exit; } else $result = pg_exec ($database, SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password'); if (!$result) { echo query died\n; exit; } if (pg_num_rows($result) == 0) { echo centeryou have entered an invalid user name and password combination. please try again. new users may create an account from the sign up link above./center; exit; } for ($i = pg_num_rows($result) - 1; $i = 0; $i--) { if(!($row = pg_fetch_object($result))) continue; } echo your user_id is ; pg_close($database); ? /body /html - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8 eav61ozpEGIbHXzIYU7zt5A= =EIC2 -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] FW: NEED HELP (passing variable to new page)
It passes the wrong value to the next page. Click on first or the second image on the first page. In the new window the ID is set to 4, however the ID of first image is 2 not 4 (look at the source code). -Original Message- From: Ray Hunter [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 11:32 AM To: Igor Portnoy Subject: RE: [PHP] FW: NEED HELP (passing variable to new page) Your example works what is the problem... Thank you, RAY HUNTER -Original Message- From: Igor Portnoy [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 12:24 PM To: [EMAIL PROTECTED] Subject: [PHP] FW: NEED HELP (passing variable to new page) So can anybody help me with my problem? -Original Message- From: Igor Portnoy Sent: Thursday, June 06, 2002 9:36 AM To: '[EMAIL PROTECTED]' Subject: NEED HELP (passing variable to new page) Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. Sorry for lengthy e-mail. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] am i just a session tracking idiot?
what's weird is that if i set session.save_handler = mm, i obviously don't get the file error, but it still won't work. here's another example of what i've tried... mars:~/apache/htdocs/test.radom.org$ cat test.php ? // create a new session session_start(); // register a session-variable session_register(bgcolor); // Assign a value to the session-variable $bgcolor = #8080ff; ? html head titleSession Example #1/title /head body bgcolor=?=$bgcolor? text=#00 link=#00 vlink=#00 alink=#00 Welcome to a session-enabled page! The background color on the next page will be set to a stylish blue.p a href = test2.phpGo to another session-enabled page/a. /body /html and mars:~/apache/htdocs/test.radom.org$ cat test2.php ? // Resume session created in Listing 1-2 session_start(); ? html head titleSession Example #1/title /head body bgcolor=?=$bgcolor? text=#00 link=#808040 vlink=#606060 alink=#808000 ? // Retrieve SID from cookie. print Your SID is $PHPSESSID br; // Display the value of the $bgcolor variable. print The persistent background color is: $bgcolor.; ? argggh! * dan radom ([EMAIL PROTECTED]) wrote: I've just tried that. /foo is owned by nobody and is mode 777. there's 135M available on that partition. * Shane Wright ([EMAIL PROTECTED]) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi This may sound silly - but is there enough free disk space on whatever partition /tmp is mounted on? Alternatively, as a workaround, you could create a new directory and give the web server user permission to write to it and tell PHP to save sessions there. (this is actually better from a security standpoint as well; less chance of session hijacking). Cheers - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc On Thursday 06 June 2002 6:31 pm, dan radom wrote: I can't seem to get session tracking to work to save my life. The end result I'm after is to store the value of the single column returned from this query .. SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' .. for use throughout the site. The current error I'm getting is Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root. The code is listed below. Any suggestions are greatly appreciated. dan ? // if ($user_name) { //class 'new uid' { var $row-user_id; }; //start_session(); //$abqSession = new abqnl; //$abqSession-user_id = $uid; //session_register(abqSession); // } if ($user_name) { session_id($_GET['user_id']); session_start(); $foo=$row-user_id; $_SESSION[uid] = $foo; echo $foo; } include '/storage/apache/htdocs/test.radom.org/.siteconf.php'; echo brbr; if (!$user_name) { echo center; echo table cellspacing=10; echo tr; echo form method=post action=\login.php\; echo td align=left; echo user name; echo /td; echo td align=left; echo input size=12 name=\user_name\; echo /td; echo /tr; echo tr; echo td align=left; echo password; echo /td; echo td align=left; echo input type=\password\ size=12 name=\user_password\; echo /td; echo /tr; echo tr; echo td; echo /td; echo td align=left; echo center; echo input type = \submit\ value=\submit\; echo /center; echo /td; echo /form; echo /tr; echo /table; echo /center; exit; } else $result = pg_exec ($database, SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password'); if (!$result) { echo query died\n; exit; } if (pg_num_rows($result) == 0) { echo centeryou have entered an invalid user name and password combination. please try again. new users may create an account from the sign up link above./center; exit; } for ($i = pg_num_rows($result) - 1; $i = 0; $i--) { if(!($row = pg_fetch_object($result))) continue; } echo your user_id is ; pg_close($database); ? /body /html - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8/6S75DXg6dCMBrQRAjhVAKCcAb1x2/rWZFqtDBKQTCYb4OCmdACgmax8 eav61ozpEGIbHXzIYU7zt5A= =EIC2 -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe,
[PHP] [PLEASE HELP] Passing variable to new page.
Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Download Page?
Hi all, I was wondering how i could make a download 'landing' page, that once a user has filled out the download form and submitted it, it will send the file they are requesting as a download (not display a link to it, or display it in the browser) and also render a page that says something like thanks for downloading blah blah... behind it at the same time. I would assume i would have to use header() to do this, but i dont know where i should start, a/o what headers to send. Any help would be appreciated. Thanks! //Nick Richardson ([EMAIL PROTECTED]) //SiteCommand LLC ---=--- --] SiteCommand Control Panel: Coming June 1st, 2002 [-- --] 'The Secure Solution To Easy Enterprise Management' [-- ---=--- --] Visit http://www.sitecommand.com to PreOrder Now [-- ---=--- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] FW: NEED HELP (passing variable to new page)
Asking twice doesn't help, bud. It's just going to piss people off. If someone has an answer they'll let you know, otherwise look for other resources. ---John Holmes... - Original Message - From: Igor Portnoy [EMAIL PROTECTED] To: [EMAIL PROTECTED] '[EMAIL PROTECTED]' Sent: Thursday, June 06, 2002 2:24 PM Subject: [PHP] FW: NEED HELP (passing variable to new page) So can anybody help me with my problem? -Original Message- From: Igor Portnoy Sent: Thursday, June 06, 2002 9:36 AM To: '[EMAIL PROTECTED]' Subject: NEED HELP (passing variable to new page) Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. Sorry for lengthy e-mail. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Fw: [PHP] [PLEASE HELP] Passing variable to new page.
Question.. why are you opening up a full sized new window with the javascript popup script? I susspect the problem has something to do with the javascript, although I'm not going to take the time to test it myself. You can open a new page in an HTML link by setting target=new. You shouldn't have any problems. a href=http://www.gibsonusa.com/test/page/info.php?prod_id=35; target=new -Kevin - Original Message - From: Igor P. [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 12:37 PM Subject: [PHP] [PLEASE HELP] Passing variable to new page. Hello, I am having hard time passing the variable to the next page. May be you can help me. Let me explain: I am using mySQL database to store information about images (ID, name, author, description, etc). I am pulling some of the information to create this (look at the example here: http://www.gibsonusa.com/test/page/index.php) Now, I want a new window appear when user clicks on the image. I have achieved it with the following script: echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; You can see the result if you click on the image. The new page opens up, BUT the id (product_id in this case) value is not passed to the next page correctly. If you click on the first or second image on the first page it shows that the ID is the same for both of them. However if you look at the source code you can see that the ids are assigned correctly. The same thing happens if you click on any image that says no image available (I am using different script to generate those). It seems that the script picks up and stores in the memory the value of an ID of the last image generated with the script (I don't know if that make sense). Oh, by the way the contents of info.php that I am calling in the script above are as following: ? $myid = $_GET['prod_id']; echo Product ID: $myidbr; ? What am I doing wrong? Can you help? Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Download Page?
Common question becuase of it's somewhat unintuitive nature, but it is very simple. Do a search for keywords header and Content-disposition. That should reveal what you want. Good luck. -Kevin - Original Message - From: Nick Richardson [EMAIL PROTECTED] To: PHP General [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 12:38 PM Subject: [PHP] Download Page? Hi all, I was wondering how i could make a download 'landing' page, that once a user has filled out the download form and submitted it, it will send the file they are requesting as a download (not display a link to it, or display it in the browser) and also render a page that says something like thanks for downloading blah blah... behind it at the same time. I would assume i would have to use header() to do this, but i dont know where i should start, a/o what headers to send. Any help would be appreciated. Thanks! //Nick Richardson ([EMAIL PROTECTED]) //SiteCommand LLC ---=--- --] SiteCommand Control Panel: Coming June 1st, 2002 [-- --] 'The Secure Solution To Easy Enterprise Management' [-- ---=--- --] Visit http://www.sitecommand.com to PreOrder Now [-- ---=--- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] am i just a session tracking idiot?
Have you tried using $_SESSION['bgcolor'] = bleh It might work... who knows... - Original Message - From: dan radom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 8:36 PM Subject: Re: [PHP] am i just a session tracking idiot? what's weird is that if i set session.save_handler = mm, i obviously don't get the file error, but it still won't work. here's another example of what i've tried... mars:~/apache/htdocs/test.radom.org$ cat test.php ? // create a new session session_start(); // register a session-variable session_register(bgcolor); // Assign a value to the session-variable $bgcolor = #8080ff; ? html head titleSession Example #1/title /head body bgcolor=?=$bgcolor? text=#00 link=#00 vlink=#00 alink=#00 Welcome to a session-enabled page! The background color on the next page will be set to a stylish blue.p a href = test2.phpGo to another session-enabled page/a. /body /html and mars:~/apache/htdocs/test.radom.org$ cat test2.php ? // Resume session created in Listing 1-2 session_start(); ? html head titleSession Example #1/title /head body bgcolor=?=$bgcolor? text=#00 link=#808040 vlink=#606060 alink=#808000 ? // Retrieve SID from cookie. print Your SID is $PHPSESSID br; // Display the value of the $bgcolor variable. print The persistent background color is: $bgcolor.; ? argggh! * dan radom ([EMAIL PROTECTED]) wrote: I've just tried that. /foo is owned by nobody and is mode 777. there's 135M available on that partition. * Shane Wright ([EMAIL PROTECTED]) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi This may sound silly - but is there enough free disk space on whatever partition /tmp is mounted on? Alternatively, as a workaround, you could create a new directory and give the web server user permission to write to it and tell PHP to save sessions there. (this is actually better from a security standpoint as well; less chance of session hijacking). Cheers - -- Shane www.shanewright.co.uk Public Key: http://www.shanewright.co.uk/files/public_key.asc On Thursday 06 June 2002 6:31 pm, dan radom wrote: I can't seem to get session tracking to work to save my life. The end result I'm after is to store the value of the single column returned from this query .. SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password' .. for use throughout the site. The current error I'm getting is Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 which is very strange, as session.save_path is set to /tmp, and tmp is drwxrwxrwt2 root root. The code is listed below. Any suggestions are greatly appreciated. dan ? // if ($user_name) { // class 'new uid' { var $row-user_id; }; // start_session(); // $abqSession = new abqnl; // $abqSession-user_id = $uid; // session_register(abqSession); // } if ($user_name) { session_id($_GET['user_id']); session_start(); $foo=$row-user_id; $_SESSION[uid] = $foo; echo $foo; } include '/storage/apache/htdocs/test.radom.org/.siteconf.php'; echo brbr; if (!$user_name) { echo center; echo table cellspacing=10; echo tr; echo form method=post action=\login.php\; echo td align=left; echo user name; echo /td; echo td align=left; echo input size=12 name=\user_name\; echo /td; echo /tr; echo tr; echo td align=left; echo password; echo /td; echo td align=left; echo input type=\password\ size=12 name=\user_password\; echo /td; echo /tr; echo tr; echo td; echo /td; echo td align=left; echo center; echo input type = \submit\ value=\submit\; echo /center; echo /td; echo /form; echo /tr; echo /table; echo /center; exit; } else $result = pg_exec ($database, SELECT user_id from users WHERE user_name = '$user_name' AND user_password = '$user_password'); if (!$result) { echo query died\n; exit; } if (pg_num_rows($result) == 0) { echo centeryou have entered an invalid user name and password combination. please try again. new users may create an account from the sign up link above./center; exit; } for ($i = pg_num_rows($result) - 1; $i = 0; $i--) { if(!($row = pg_fetch_object($result))) continue; } echo your user_id is ; pg_close($database); ? /body /html - -- Shane www.shanewright.co.uk Public Key:
Re: [PHP] [PLEASE HELP] Passing variable to new page.
echo script language=\JavaScript\; echo function pop1() {; echo window.open(\info.php?prod_id=$result[0]\); }; \\ $result[0] is variable that stores id of the image in database echo /script; I am calling this function in the following manner: echoimg onclick=\pop1();\; ^ You're not passing a value to the variable. Try using something like: (i'm NO java guru, and this definately isn't the list for java)... function pop1($id) { window.open(info.php?prod_id=$id); } and img src=blah onclick=pop1(12345) Where 12345 is the product ID that you assigned to variable prod_id, which will in return be displayed in the second PHP file. You're problem's related to the java script, not assigning the value to the variable. This isn't a PHP issue. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Download Page?
Kevin, You will need to send the header information for the file...then you can do a new header so that you show the thank you for downloading page... Thank you, RAY HUNTER -Original Message- From: Kevin Stone [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 12:49 PM To: PHP General Subject: Re: [PHP] Download Page? Common question becuase of it's somewhat unintuitive nature, but it is very simple. Do a search for keywords header and Content-disposition. That should reveal what you want. Good luck. -Kevin - Original Message - From: Nick Richardson [EMAIL PROTECTED] To: PHP General [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 12:38 PM Subject: [PHP] Download Page? Hi all, I was wondering how i could make a download 'landing' page, that once a user has filled out the download form and submitted it, it will send the file they are requesting as a download (not display a link to it, or display it in the browser) and also render a page that says something like thanks for downloading blah blah... behind it at the same time. I would assume i would have to use header() to do this, but i dont know where i should start, a/o what headers to send. Any help would be appreciated. Thanks! //Nick Richardson ([EMAIL PROTECTED]) //SiteCommand LLC ---=--- --] SiteCommand Control Panel: Coming June 1st, 2002 [-- --] 'The Secure Solution To Easy Enterprise Management' [-- ---=--- --] Visit http://www.sitecommand.com to PreOrder Now [-- ---=--- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php