[PHP] Re: Client does not support authentication protocol requested by server; consider upgrading MySQL client
Nic Begusarai [EMAIL PROTECTED] wrote in message news:... I just install MySql and trying to connect on localhost using PHP Error: Client does not support authentication protocol requested by server; consider upgrading MySQL client how to correct this problem rana -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
: [PHP] IDE recommendation-- (Free?)
Or may be you can use vim + ctags + cscope. I use these for months and I think these are best tools for develop on unix/linux. Very powerfull. Best regards, Yang Shiqi -- : Jeffery Fernandez [mailto:[EMAIL PROTECTED] : 20041217 21:45 : [EMAIL PROTECTED] : Re: [PHP] IDE recommendation-- (Free?) Mat Harris wrote: On Fri, Dec 17, 2004 at 08:20:36 -0500, GH wrote: Hi... I am looking for a FREE PHP IDE that uses syntax highlighting and code completion amongst other features... Do any of you have any recommendations... again I am looking for FREE (not much budget for me)? I use BOTH Linux and Windows I can heartily recommend SciTE (http://www.scintilla.org/SciTE.html) i believe it has the features you desire, plus, there is a version customised for php, available here http://amip.tools-for.net/SciTE-CVS.exe btw, there is a GTK+ version so you can use it on linux as well. Thanks Gary hope this helps mat here you go.. a well maintained list: http://www.thelinuxconsultancy.co.uk/phpeditors/ cheers, Jeffery http://melbourne.ug.php.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] header information problem
Dear Groups members. i am making a user protected page, the script works excellent on my local server, but online it gives me this error : Warning: Cannot modify header information - headers already sent by (output started at /home/me2resh/public_html/apex/upload/header.html:10) in /home/me2resh/public_html/apex/upload/upload.php on line 33 the script of the page is ? if (!isset($ID)){ include 'header.html'; echo No ID is Set.brYou Got To This Page By Mistake; include 'footer.html'; }else{ session_start(); include 'db.php'; include 'header.html'; $username = $_POST['username']; $password = $_POST['password']; if((!$username) || (!$password)){ echo Please enter ALL of the information! br /; include 'login_form.html'; include 'footer.html'; exit(); } $sql = mysql_query(SELECT * FROM user WHERE User_Login='$username' AND User_Password='$password'); $login_check = mysql_num_rows($sql); if($login_check 0){ session_register('ID'); $_SESSION['ID'] = $ID; while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); } session_register('User_First_Name'); $_SESSION['User_First_Name'] = $User_First_Name; session_register('User_Last_Name'); $_SESSION['User_Last_Name'] = $User_Last_Name; session_register('User_ID'); $_SESSION['User_ID'] = $User_ID; header(Location: login_success.php); } }else{ include 'header.html'; echo You could not be logged in! Either the username and password do not match!br / Please try again!br /; include 'login_form.html'; include 'footer.html'; } } ? Can anyone help me with that problem please ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] header information problem
In the else part, you have the possibility to echo to the screen and later on, then header(Location: ...); This is the bit which isn't allowed. If you are doing header(Location: ...);, you are not allowed to echo before it. On 18 Dec 2004, at 11:52, Ahmed Abdel-Aliem wrote: Dear Groups members. i am making a user protected page, the script works excellent on my local server, but online it gives me this error : Warning: Cannot modify header information - headers already sent by (output started at /home/me2resh/public_html/apex/upload/header.html:10) in /home/me2resh/public_html/apex/upload/upload.php on line 33 the script of the page is ? if (!isset($ID)){ include 'header.html'; echo No ID is Set.brYou Got To This Page By Mistake; include 'footer.html'; }else{ session_start(); include 'db.php'; include 'header.html'; $username = $_POST['username']; $password = $_POST['password']; if((!$username) || (!$password)){ echo Please enter ALL of the information! br /; include 'login_form.html'; include 'footer.html'; exit(); } $sql = mysql_query(SELECT * FROM user WHERE User_Login='$username' AND User_Password='$password'); $login_check = mysql_num_rows($sql); if($login_check 0){ session_register('ID'); $_SESSION['ID'] = $ID; while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); } session_register('User_First_Name'); $_SESSION['User_First_Name'] = $User_First_Name; session_register('User_Last_Name'); $_SESSION['User_Last_Name'] = $User_Last_Name; session_register('User_ID'); $_SESSION['User_ID'] = $User_ID; header(Location: login_success.php); } }else{ include 'header.html'; echo You could not be logged in! Either the username and password do not match!br / Please try again!br /; include 'login_form.html'; include 'footer.html'; } } ? Can anyone help me with that problem please ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
: [PHP] header information problem
I don't understand why you want to include header.html before you redirect the users to the login_success.php? By the way, you 'd better to add mysql_escape_string() with the username and password to ensure the security of your code. Coz we can't believe any users' input from web. May be the sql injection with your site. Just be careful. Best regards, Yang Shiqi -- : Ahmed Abdel-Aliem [mailto:[EMAIL PROTECTED] : 20041218 18:52 : [EMAIL PROTECTED] : [PHP] header information problem Dear Groups members. i am making a user protected page, the script works excellent on my local server, but online it gives me this error : Warning: Cannot modify header information - headers already sent by (output started at /home/me2resh/public_html/apex/upload/header.html:10) in /home/me2resh/public_html/apex/upload/upload.php on line 33 the script of the page is ? if (!isset($ID)){ include 'header.html'; echo No ID is Set.brYou Got To This Page By Mistake; include 'footer.html'; }else{ session_start(); include 'db.php'; include 'header.html'; $username = $_POST['username']; $password = $_POST['password']; if((!$username) || (!$password)){ echo Please enter ALL of the information! br /; include 'login_form.html'; include 'footer.html'; exit(); } $sql = mysql_query(SELECT * FROM user WHERE User_Login='$username' AND User_Password='$password'); $login_check = mysql_num_rows($sql); if($login_check 0){ session_register('ID'); $_SESSION['ID'] = $ID; while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); } session_register('User_First_Name'); $_SESSION['User_First_Name'] = $User_First_Name; session_register('User_Last_Name'); $_SESSION['User_Last_Name'] = $User_Last_Name; session_register('User_ID'); $_SESSION['User_ID'] = $User_ID; header(Location: login_success.php); } }else{ include 'header.html'; echo You could not be logged in! Either the username and password do not match!br / Please try again!br /; include 'login_form.html'; include 'footer.html'; } } ? Can anyone help me with that problem please ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
: [PHP] header information problem
And if you have some special intent, you can use ob_start(). Best regards, Yang Shiqi -- : yangshiqi [mailto:[EMAIL PROTECTED] : 20041218 19:36 : 'Ahmed Abdel-Aliem'; '[EMAIL PROTECTED]' : : [PHP] header information problem I don't understand why you want to include header.html before you redirect the users to the login_success.php? By the way, you 'd better to add mysql_escape_string() with the username and password to ensure the security of your code. Coz we can't believe any users' input from web. May be the sql injection with your site. Just be careful. Best regards, Yang Shiqi -- : Ahmed Abdel-Aliem [mailto:[EMAIL PROTECTED] : 20041218 18:52 : [EMAIL PROTECTED] : [PHP] header information problem Dear Groups members. i am making a user protected page, the script works excellent on my local server, but online it gives me this error : Warning: Cannot modify header information - headers already sent by (output started at /home/me2resh/public_html/apex/upload/header.html:10) in /home/me2resh/public_html/apex/upload/upload.php on line 33 the script of the page is ? if (!isset($ID)){ include 'header.html'; echo No ID is Set.brYou Got To This Page By Mistake; include 'footer.html'; }else{ session_start(); include 'db.php'; include 'header.html'; $username = $_POST['username']; $password = $_POST['password']; if((!$username) || (!$password)){ echo Please enter ALL of the information! br /; include 'login_form.html'; include 'footer.html'; exit(); } $sql = mysql_query(SELECT * FROM user WHERE User_Login='$username' AND User_Password='$password'); $login_check = mysql_num_rows($sql); if($login_check 0){ session_register('ID'); $_SESSION['ID'] = $ID; while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); } session_register('User_First_Name'); $_SESSION['User_First_Name'] = $User_First_Name; session_register('User_Last_Name'); $_SESSION['User_Last_Name'] = $User_Last_Name; session_register('User_ID'); $_SESSION['User_ID'] = $User_ID; header(Location: login_success.php); } }else{ include 'header.html'; echo You could not be logged in! Either the username and password do not match!br / Please try again!br /; include 'login_form.html'; include 'footer.html'; } } ? Can anyone help me with that problem please ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Fax Gateway
I have to setup a HTML-Form to Fax Gateway and I am looking for some way to do this in PHP. Generally have the Fax-Modem and nothing more right now. Does anybody have any experiancs with this? Thanks for any help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fax Gateway
On Saturday 18 December 2004 20:00, Neo Theone wrote: I have to setup a HTML-Form to Fax Gateway and I am looking for some way to do this in PHP. Generally have the Fax-Modem and nothing more right now. Does anybody have any experiancs with this? hylafax -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* Fry: Hey, I don't see you planning for your old age. Bender: I got plans. I'm gonna turn my on/off switch to off. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP + MSSQL Problem
Hello guyz, sorry my bad english, im brazilian and i'll try to write in english... I use actually PHP 5.02 with MySQL in my site, but now i have to access an external server that use MS SQL Server running at windows 2000 server edition, firtly i tried to connect and it fails, because i don't have activately properly MSSQL support in php.ini... I changed the php.ini and enabled the support for MSSQL and now i can connect without errors, BUT when make an query to an table the query return NO MATCHES, i have sure that the SQL line is correct (i already used it on(or in? i don't know the difference =P) other site - in other server - and it works AND i have sure that the SQL should return data because the WHERE point to an fiels value that exists... It looks like PHP can't communicate with MSSQL but it connect! Strange... I need help friends, waiting for replys, hugs. Sorry my bad english, cya. ___ Yahoo! Acesso Grátis - Instale o discador do Yahoo! agora. http://br.acesso.yahoo.com/ - Internet rápida e grátis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP problem
First off i`m using windows 2000 advance server with PHP 4.3 i believe it is.I can reboot my server and it will go away for awhile. http://syp-triple-h.com/webpost http://automotionsclub.com/guestbook that is some links that will show the access violation and it is at the end of the script. Thank You Mike H -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Fax Gateway
On Sat, 2004-12-18 at 13:00 +0100, Neo Theone wrote: I have to setup a HTML-Form to Fax Gateway and I am looking for some way to do this in PHP. Generally have the Fax-Modem and nothing more right now. Does anybody have any experiancs with this? Thanks for any help I did something similar to this in perl a long time ago. Basically, you can build an interface to a hylafax server and build a postscript file with php (or other scripting language) and then call the hylafax command with the postscript file. Actually, the interface was part of a web interface to display the current status of hylafax, so all you really need is the hylafax commandlines and call them with php. -Robby -- /*** * Robby Russell | Owner.Developer.Geek * PLANET ARGON | www.planetargon.com * Portland, OR | [EMAIL PROTECTED] * 503.351.4730 | blog.planetargon.com * PHP/PostgreSQL Hosting Development *--- Now supporting PHP5 --- / -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mixed strings
Hi All, I'm wondering if anyone knows if there's a way of sending strings of mixed type to a UDP socket. I'm storing the data I need to send in an array. Parsing the array with a foreach, I'm sending out the various pieces to the socket with fwrite. Unfortunately, it seems that UDP terminates each message and the client is expecting everything in one chunk with each byte of a specific type (ie. ASCII, INTEGER, BCD) Is there any way I can write a string of mixed types to an open UDP socket as a single message? Ian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] File Upload Problem
I am trying to run a file upload using PHP as a CGI script and am running into an odd error. The error I am getting is the dreaded Server Error -- Error 500 Premature end of script headers: php.cgi Here is the diagnosis I have done. 1. The php.cgi executable deals with scripts correctly when using the GET method. 2. The php.cgi script deals with POST method requests properly when the enctype is NOT multipart/form-data This rules out suexec type errors. (in any case the suexec log shows everything is good). 3. File uploads using the mod_php work fine (this rules out apache not accepting the file) 4. the CGI log shows the request being sent to the script, and that there is no result. 5. The above error is not script dependent, the error occurs with a on-line script that prints the string it ran when the form enctype is multipart/form-data. 6. The upload script is being taken from a different box running different versions of apache/php and the script works correctly there. I have tried this with various version of php all with the same results. I have built it with php.4.3.10. Here are the configure options from the phpinfo report: './configure' '--enable-force-cgi-redirect' '--with-openssl' '--with-curl' '--with-mysql' '--with-cgi' '--with-pfpro=/home/wayne/verisign/payflowpro/linuxrh9' '--with-gd' '--with-jpeg-dir' '--with-zlib-dir' '--with-xpm-dir' '--with-freetype-dir' '--enable-ftp' I have the following file variables set: error_reporting 2039 file_uploads On log_errors On max_input_time -1 post_max_size 8M safe_mode off upload_max_filesize 2M upload_tmp_dir /tmp Any Ideas? Thanks in Advance Wayne -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Strip of code - what could be wrong?
Hi there! I'm trying to figure out some code I haven't done myself, but I don't get what could be wrong. Check this code out: the coder says he when he import files, he gets a result that the line ends at wrong positions... Is it 4096 that is wrong? /G @varupiraten.se $file = $rad[url_productlist]; $OpenFile = @fopen($file, r); while (!feof ($OpenFile)) { $buffer = fgets($OpenFile, 4096); $rader[] = $buffer; } fclose ($OpenFile); for($i=0; $icount($rader); $i++) { // Delar av olika delar vid $del = explode(, $rader[$i]); insert into DBcode... } --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.808 / Virus Database: 550 - Release Date: 2004-12-08 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Storing binary data within a php script.
Hi all, Well so far my attempts to make this work have failed so i thought i would try here. What i have is an installation script that has to write a few files to the webserver. Im trying to cut down on the amount of files that need to be uploaded/modified etc. So what im trying to do is include all the data in one file. What the user then uploads and the physical visual basic program activates the script what in turn sets up the web server side. The problem comes when im trying to handle the ascii values for the binary data. Warning: Unexpected character in input: '' (ASCII=3) state=2. I basicly have 3 questions. 1) Is it possible to store binary data in text form during transport and then using php's file writing functions to output the file? 2) How would i do it as i guess i have to encode the ascii characters but how would i do that? 3)Is there any better ways you suggest me to do this. Im trying to this for two reasons first is to make the application usable by anyone and the second reason is to try to push the boundarys of the langage. I would like anyones comments and views on this please. Any views might help me come to a result. Thanks Jamie -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP + MSSQL Problem
Alaor Barroso wrote: It looks like PHP can't communicate with MSSQL but it connect! Strange... What server platform are you using? If you are on *nix you will need to install freetds and then build php with freetds support before you can use mssql with it. Under a windows server platform this may not be necessary, I have never tried on windows. - Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP 5 MySql 4.1 issue - can't connect to mysql.sock
I am familiar with MySql, Linux and database programming in general, but I have not used PHP very much. On my server, I had an application running just fine under PHP 4.1 and MySql 3.23. For various reasons, I needed to move to MySql 4.1. When I did so, the PHP application was broken. I poked around and found that I needed to upgrade to PHP 5 to get mysqli support. I did so with no problems. I built PHP from source on a RedHat 7.3 box. Here's the problem: I can only connect to MySql via a PHP script if I run that script as root. Here is the example script I have been using: ?php $DB = mysqli_connect(localhost,user,pass); if (! $DB) { echo No.; } else { echo Yes.; } ? If I run the script from a shell prompt as root, it outputs Yes. If I run as any other user, it outputs No. It also gives this error: Warning: mysqli_connect(): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13) This means I can't run PHP scripts via apache. I can log in to mysql via the command line with user/pass without any problems. Apache is connecting to PHP no problem, as I have a Hello world type PHP script running and can access it via the web. But no PHP script can connect to MySql unless it is run as root... Can anyone point me in the right direction? I have a feeling this is something very simple. Thanks! Gregg
[PHP] Prado
Hi there! Anyone used PRADO? What's YOUR opinion? *curious* http://www.xisc.com/ /G @varupiraten.se --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.818 / Virus Database: 556 - Release Date: 2004-12-17 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Recursive Directory Iterator
This is my first time trying out the SPL iterators. Im trying to figure out how to recursively move over a directory. With the code that I've provided 1. Is this the correct way to use it? Im using recursive functions to go deep. I thought, that the class would do that for me somehow... 2. As it stands, it doesn't report the correct directory structure. For example, if I had a directory in the root with another directory under it, the second directory doesnt get echoed. Thanks -- dirr('.'); function dirr($dir) { $dir = new RecursiveDirectoryIterator($dir); foreach($dir as $foo) { echo $foo-getPathname() . 'br /'; if ($foo-hasChildren()) { $bar = $foo-getChildren(); foreach($bar as $foo2) { if ($foo2-hasChildren()) { dirr($foo2-getPathname()); } else { echo $foo2-getPathName() . 'br /'; } } } } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: 4.3.10 breaking things? Back working after reverting to 4.3.9
Michael Sims wrote: Ben wrote: Reverting back to 4.3.9 with the same build configuration options used in 4.3.10 has fixed the problems with the various scripts. Do you use Zend Optimizer? No, but thanks for the suggestion! Turning off php accelerator in my php.ini seems to have solved the problem for phpmyadmin and squirrelmail. Many thanks! FWIW, if you are building pdflib 6.0.1 support into php I found I had to use the php binding files from pdflib instead of the ones included in the ext/pdf directory of the php source. And you should also be aware that the previously optional parameters for some of the pdf functions are no longer optional. - Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP 5 MySql 4.1 issue - can't connect to mysql.sock
Try mysqli_connect(127.0.0.1, user, pass); Then MySQLI will try to use TCP/IP as opposed to a local socket. Jed Barley wrote: I am familiar with MySql, Linux and database programming in general, but I have not used PHP very much. On my server, I had an application running just fine under PHP 4.1 and MySql 3.23. For various reasons, I needed to move to MySql 4.1. When I did so, the PHP application was broken. I poked around and found that I needed to upgrade to PHP 5 to get mysqli support. I did so with no problems. I built PHP from source on a RedHat 7.3 box. Here's the problem: I can only connect to MySql via a PHP script if I run that script as root. Here is the example script I have been using: ?php $DB = mysqli_connect(localhost,user,pass); if (! $DB) { echo No.; } else { echo Yes.; } ? If I run the script from a shell prompt as root, it outputs Yes. If I run as any other user, it outputs No. It also gives this error: Warning: mysqli_connect(): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13) This means I can't run PHP scripts via apache. I can log in to mysql via the command line with user/pass without any problems. Apache is connecting to PHP no problem, as I have a Hello world type PHP script running and can access it via the web. But no PHP script can connect to MySql unless it is run as root... Can anyone point me in the right direction? I have a feeling this is something very simple. Thanks! Gregg -- _ (_)___Jed Smith, Code Monkey | / __| [EMAIL PROTECTED] | [EMAIL PROTECTED] | \__ \ +1 541 606-4145 _/ |___/ Signed mail preferred (PGP 0x703F9124) |__/http://personal.jed.bz/keys/jedsmith.asc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Storing binary data within a php script.
This is done in a few examples using base64_encode() and base64_decode(). A particular OpenGL example I can recall encoded a small (~20k) DLL directly into the PHP source that relied upon it, then unpacked it at runtime. Ah, there it is: ** snip ** if ( is_file( SimpleWndProc.dll ) ? filesize( SimpleWndProc.dll ) != 2560 : 1 ) { $dll = eNrtVU9IFGEUf7NpTbZue1hCYqlvQT3JslsG0clt/aho1XHNDOnguDutY+uMzh80 . KDrYQTPJS1TUoWMEdSpYrEOEsQl66yD9gT1ILCHhIcqDML35Zla3IgO7mQ9+733v /* ... */ . dxBP8K4dRTzGcY6dBwcd8sBgVupS0lgfi9siXnQPAErZOyqrYXMXwO/8l7oiy5Fv . kdWIJ8pHfdFAdH90uzf+D/QDFVAQCA==; $dllout = fopen( SimpleWndProc.dll, wb ); if ( !$dllout ) die( Unable to extract SimpleWndProc.dll ); fwrite( $dllout, gzuncompress( base64_decode( $dll ) ) ); fclose( $dllout ); --- That's from an iridium example. You just base64 encode the data and enclose it in a string. Of course, that's simply one way of doing it. Jed Jamie wrote: Hi all, Well so far my attempts to make this work have failed so i thought i would try here. What i have is an installation script that has to write a few files to the webserver. Im trying to cut down on the amount of files that need to be uploaded/modified etc. So what im trying to do is include all the data in one file. What the user then uploads and the physical visual basic program activates the script what in turn sets up the web server side. The problem comes when im trying to handle the ascii values for the binary data. Warning: Unexpected character in input: '' (ASCII=3) state=2. I basicly have 3 questions. 1) Is it possible to store binary data in text form during transport and then using php's file writing functions to output the file? 2) How would i do it as i guess i have to encode the ascii characters but how would i do that? 3)Is there any better ways you suggest me to do this. Im trying to this for two reasons first is to make the application usable by anyone and the second reason is to try to push the boundarys of the langage. I would like anyones comments and views on this please. Any views might help me come to a result. Thanks Jamie -- _ (_)___Jed Smith, Code Monkey | / __| [EMAIL PROTECTED] | [EMAIL PROTECTED] | \__ \ +1 541 606-4145 _/ |___/ Signed mail preferred (PGP 0x703F9124) |__/http://personal.jed.bz/keys/jedsmith.asc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sanitizing/security
just a question, what is the best way to sanitize your scripts when you're using $_GET or $_REQUEST in a query? eg, i usually just do: if(is_numeric($_REQUEST['id'])) { mysql_query(SELECT id FROM table WHERE id=.intval($_REQUEST['id']).); } what about when the GET is text? just use htmlspecialchars? just looking for some advice to help keep my apps secure. cheers -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sanitizing/security
On Sat, 2004-12-18 at 22:50, Sebastian wrote: just a question, what is the best way to sanitize your scripts when you're using $_GET or $_REQUEST in a query? eg, i usually just do: if(is_numeric($_REQUEST['id'])) { mysql_query(SELECT id FROM table WHERE id=.intval($_REQUEST['id']).); } what about when the GET is text? just use htmlspecialchars? just looking for some advice to help keep my apps secure. For numeric values that I don't care about the value itself, only that it's numeric: $qString = SELECT * FROM table where id = .(0 + $_GET['someVar']). Binary operators are almost twice as fast as function calls. As for text... addSlashes() for mysql database if I'm using the raw mysql functions (which I don't do if I have a choice), otherwise I use the database layer's quote function which takes into consideration the database type. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sanitizing/security
mysql_escape_string() is what you're looking for. Jed Sebastian wrote: just a question, what is the best way to sanitize your scripts when you're using $_GET or $_REQUEST in a query? eg, i usually just do: if(is_numeric($_REQUEST['id'])) { mysql_query(SELECT id FROM table WHERE id=.intval($_REQUEST['id']).); } what about when the GET is text? just use htmlspecialchars? just looking for some advice to help keep my apps secure. cheers -- _ (_)___Jed Smith, Code Monkey | / __| [EMAIL PROTECTED] | [EMAIL PROTECTED] | \__ \ +1 541 606-4145 _/ |___/ Signed mail preferred (PGP 0x703F9124) |__/http://personal.jed.bz/keys/jedsmith.asc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sanitizing/security
From: Sebastian [EMAIL PROTECTED] just a question, what is the best way to sanitize your scripts when you're using $_GET or $_REQUEST in a query? eg, i usually just do: if(is_numeric($_REQUEST['id'])) { mysql_query(SELECT id FROM table WHERE id=.intval($_REQUEST['id']).); } what about when the GET is text? just use htmlspecialchars? just looking for some advice to help keep my apps secure. Sanitize it for what? Insertion into the database? Displaying to a user? Putting into an email? file? xml? There's no one solution for sanitizing, it's all a matter of what you're doing with the data and what you expect the data to be. If you expect the data to be an integer, then make it an integer. $input['value'] = (int)$_GET['value']; Now you can range check it or whatever. is_numeric() works, but will accept floating point and scientific numbers, by the way. You need addslashes() (or mysql_real_escape_string(), if appropriate) for text data going into the database. htmlspecialchars() or htmlentities() is appropriate for text that'll be shown to users on a web site. Text going into the headers of an email should normally be filtered for newlines so malicious users cannot inject additional headers. Shall I go on?? ;) ---John Holmes... UCCASS - PHP Survey System http://www.bigredspark.com/survey.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php