[PHP] mailto code for php
here is a website http://www.business-broker.co.nz/ under tell a friend is the page i need help. There is a your email box where you get a reply saying thanks for telling your friend about us msg which is ok but where we have problem is the your friends email box where we want a mailto command to send to the friend. We have no luck there could you please let us know the code we should use and where to use it if possible please it would help my sanity very much and where does it go is it in the .lib or the .php file thanks for the help marc gander [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uncompressing files on server
Which platform? How are the files compressed? Do you have access to the commandline on your server? Ian On Sun, 2004-12-19 at 23:00 -0500, Josh wrote: I have some PHP files from a content management system. I uploaded the compressed files to the server, but how do I un-compress them now? I am using Filezilla. Can it be done, or do I have to uncompress the file on my computer and then upload? thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen to own server
On Thu, 16 Dec 2004 10:02:02 -0800, Richard Lynch wrote: Doc wrote: I'm having a problem with fsockopen and was wondering has anyone ever noticed a case where it will work from machine1 (dev machine) to machine2. But when the was placed onto machine2 it wouldn't work connecting to it's own ip address; when connecting via telnet it returns: Escape character is '^]'. * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS AUTH=LOGIN] serverip IMAP4rev1 2003.339-cpanel at Wed, 15 Dec 2004 19:33:27 + (GMT) You *ARE* getting this when telnetting from/to the same machine, right?... Yes. the same machine. so I don't think it's the firewall. the error it returns is No such file or directory. So it seems that when it connects (which it does without failing), the file seems to be deleted, as the file the variable refers to doesn't exist on the fs either. if(($s = fsockopen($id[sockname], 0, $errno, $errstr)) === FALSE) $id[sockname] is in the format /tmp/filename with the filename changing based on a random value and there are no files with that format in /tmp Despite the user contributed note on http://php.net/manual/en/transports.unix.php I'm wondering if you shouldn't use the unix:// bit -- and try udg:// as well, if that doesn't work. Tried both without any success. Finally, if there are no files with that format in /tmp, how will this work? Or is that how unix socket streams are supposed to work? I'm ignorant in this area... But it seems to me that if you try to open a file that's not there, you SHOULD get FALSE back. :-) I'm as ignorant as you :) this is an ex-coworkers code. From what I can tell from the file should be there from when it connects initially (as that's the way it is when it's on the dev machine) but they're not although there is no failure to connect, which suggests to me that the file is deleted. it always returns false for some reason on this server. And what, if anything, are in $errno and $errstr? You've put them in there, you might as well use them :-) $errno 2 $errstr No such file or directory -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen to own server
On Thu, 16 Dec 2004 23:37:36 +0600, Raditha Dissanayake wrote: Escape character is '^]'. * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS AUTH=LOGIN] serverip IMAP4rev1 2003.339-cpanel at Wed, 15 Dec 2004 19:33:27 + (GMT) so I don't think it's the firewall. usually a good idea to disable firewalls when having trouble with socket code. Tried that. didn't make any difference. if(($s = fsockopen($id[sockname], 0, $errno, $errstr)) === FALSE) $id[sockname] is in the format /tmp/filename with the filename changing based on a random value and there are no files with that format in /tmp it always returns false for some reason on this server. not sure what you are trying to do but it sounds like you are using unix domain sockets where you should be using tcp. That's why it might work on one machine (where web and imap are both installed) and not on the other where you only have the web server but the imap server is remote. This is actually the opposite of what is happening. It will work on the remote server but not the local one. I've tried using unix:// and it made no difference. Any other suggestions? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP parse Excel and Access files
How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP parse Excel and Access files
On Sun, 25 Jan 2004 21:28, Kioto wrote: How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. Export from those apps as csv files -- David Robley Every thing in this world is an idea acted on. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mailto code for php
On Mon, 20 Dec 2004 19:57, [EMAIL PROTECTED] wrote: here is a website http://www.business-broker.co.nz/ under tell a friend is the page i need help. There is a your email box where you get a reply saying thanks for telling your friend about us msg which is ok but where we have problem is the your friends email box where we want a mailto command to send to the friend. We have no luck there could you please let us know the code we should use and where to use it if possible please it would help my sanity very much and where does it go is it in the .lib or the .php file Regretfully my crystal ball is out for it's pre-Christmas service so I have no idea of the code you are using. Perhaps if you were to post the relevant part of your script someone might be able to help you. -- David Robley Southern DOS: Y'all reckon? (Yup/Nope) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] UPDATE
Steve Marquez wrote:
I am trying to insert information into the database, have it automatically
place an ID Number, then update that particular record and replace the word
delete with the link.
The mysql_insert_id() does seem to be working. It does put in an id number
of 0 However, the code in general gives me an error everytime. It says
that it is near 'delete = a href...'
Can anyone help me with this?
Thanks!
--
Steve
?php
// log into our local server using the MySQL root user.
$dbh = mysql_connect( localhost, username, password );
// select the database.
mysql_select_db( imagesdb ) or die ( mysql_error() . \n );
?
-- snip --
?php
//This is for the text description of the gallery and the link
$insert_data2 = INSERT into images_upload_description (delete, name,
description)
VALUES ('delete', 'a
href=\http://www.domain.org/gallery/bomb/bottom_images.php?gallery_name=$ga
llery_name\ target=\bottom\$name/a', '$description');;
$response = mysql_query( $insert_data2, $dbh );
$id_num = mysql_insert_id();
$update_data = UPDATE images_upload_description SET delete = a
href=\http://www.domain.org/gallery/admin/delete.php?gallery_name=$gallery_
nameid_num=$id_num\ target=\bottom\Delete/a WHERE id_num =
\$id_num\;
$response = mysql_query( $update_data, $dbh );
if(mysql_error()) die ('database error'. mysql_error());
?
You forgot to put single quotes around the string that begins 'a href=
... ' in the line beginning:
$update_data = UPDATE images_upload_description SET delete = a
href=\http://www.domain.org/gallery/admin/delete.php?gallery_name=$gallery_nameid_num=$id_num\;
target=\bottom\Delete/a WHERE id_num = \$id_num\;
-John
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP parse Excel and Access files
Kioto wrote: How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. MS doesn't really support what it is you want to do. As already suggested you can export the CSV files and that works great... but I haven't had much luck trying to use the COM interfaces with Excel / Access. The main problem is: if there is any step in your process that requires interactive user input then you can't really use COM with PHP. I would love to be proved wrong here; it would make my life easier. :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Photogallery with features in php + DB
Dear friends, we would like to implement a photogallery where the users can upload some photographs,and then can rotate them. The photographs are stored in a temporary area waiting for approval. The system then performs the following operations 1)reduces the size of the photograph so that the largest edge is x 2)generates thumbnail for each photograph There should finally be an administrator login, which enables to authorise publication and to perform operations like rotating the photographs which are wrong. Do you know of any php based application, function, set of classes for implementing this features? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP parse Excel and Access files
There does appear to be a PEAR-based Excel reader located at: http://devel.akbkhome.com/svn/index.php/akpear/Spreadsheet_Excel_Reader/ However, I have not used it and cannot comment on its functionality. Good luck! -KBear Kioto wrote: How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP parse Excel and Access files
How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. I am pretty sure that you an set up odbc connections to access access databases. For excel, you could use com objects or I have used the perl SpreadSheet::ParseExcel module to read data from excel. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP parse Excel and Access files
kioto wrote: How to read and get data from Excel Files and Access Files. Can you post me articles and tutorials on the web-sites that explain the basic concept to create an interface for PHP and this files-type. Thanks so much to all. I believe there is a script on http://phpclasses.org to read/write ExCel files... Or, if not, Google for it, and it should turn up. I know they were using it at my previous job, and they didn't write it themselves. I pretty much stayed as far away from that MS code as I could, so never knew where it came from. Don't know how good it is, even. You may find it easier and more reliable to have the users export/import in CSV format instead, as others have noted. As for MS Access, you could set up a DSN and use http://php.net/odbc to connect to the database. Please note that MS Access was *not* designed for multiple connections, and it *will* have difficulties if your script gets any kind of heavy load (many users) on it. You may also want to consider OpenOffice as an alternative to these software products -- you might have better luck finding the internal formats of OpenOffice files published and more support in the OpenSource community for software that reads/writes their file formats. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using encrypted passwords
Dear friends,
is it possible to use encrypted passwords in php files, for connecting to a
database?
We do not like too much the idea of the password being in clear text.
Example
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
'mysql_password' should be encrypted
Thanks in advance
--
symbulos partners
-.-
symbulos - ethical services for your organisation
http://www.symbulos.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] convert hidden form to get url
Hi there, Anyone got any suggestions on the best way to convert the snippet of code below (which I'm dynamically collecting from another website) to a get url (i.e. http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27 ) form action=http://www.somewebsite.co.uk/Availability.cgi; method=POST name=flightsForm id=flightsForm input type=hidden name=NUM_OF_ADTS value=1/ input type=hidden name=CABIN value=E/ input type=hidden name=B1_DAY value=27/ /form Thanks Martin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen to own server
Doc wrote: not sure what you are trying to do but it sounds like you are using unix domain sockets where you should be using tcp. That's why it might work on one machine (where web and imap are both installed) and not on the other where you only have the web server but the imap server is remote. This is actually the opposite of what is happening. It will work on the remote server but not the local one. I've tried using unix:// and it made no difference. Any other suggestions? WILD GUESS ALERT! What you got in /etc/hosts.allow and /etc/hosts.deny?... Or any kind of other anti-bad-guy technology?... Does it work if you use 127.0.0.1 for the IP/URL? How about the actual IP of the machine? localhost? Just throwing out random things to try that might lead you somewhere. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mailto code for php
[EMAIL PROTECTED] wrote: here is a website http://www.business-broker.co.nz/ under tell a friend is the page i need help. There is a your email box where you get a reply saying thanks for telling your friend about us msg which is ok but where we have problem is the your friends email box where we want a mailto command to send to the friend. We have no luck there could you please let us know the code we should use and where to use it if possible please it would help my sanity very much and where does it go is it in the .lib or the .php file http://php.net/mail should do the trick, if you've configured PHP correctly in: php.ini and if your machine is configured to *allow* the PHP user to send email using its MTA. If you cannot make that work, you may also be able to use something from http://phpclasses.org to connect to an SMTP server you control so that PHP can use that to send email. I've got *NO* idea what your .lib and .php files look like, so can't tell you where to put this code... But it should be right before the HTML that spits out the thanks reply -- and you should code your PHP so that it only sends the thanks reply if you actually managed to send the email out, and it should provide a useful error message if you failed to send the email out. Note that success in sending the email out does *NOT* guarantee successful delivery, any more than dropping a letter in a mailbox or handing a package to UPS/FedEx guarantees delivery. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP parse Excel and Access files
You may also want to consider OpenOffice as an alternative to these software products -- you might have better luck finding the internal formats of OpenOffice files published and more support in the OpenSource community for software that reads/writes their file formats. You know that brings up another great question. Does anyone have a suggestion for PHP - OpenOffice scripts? Sourceforge has a project that looks interesting... PHP DocWriter... does anyone have experience with this or other similar projects? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Uncompressing files on server
Josh wrote: I have some PHP files from a content management system. I uploaded the compressed files to the server, but how do I un-compress them now? I am using Filezilla. Can it be done, or do I have to uncompress the file on my computer and then upload? If you have a shell account (SSH or telnet) login on the webserver, you should be able to: 1. Login to the web server. 2. 'cd' to the directory containing the compressed file. 3a. gunzip NAMEOFCOMPRESSEDFILE.gz - OR -- 3b. unsip NAMEOFCOMPRESSEDFILE.zip 4. If there is a '.tar' file now, do: tar -xvf NAMEOFCOMPRESSEDFILE.tar If it's not a .gz or a .zip file, then how you uncompress it, or if you *can* uncompress it depends on what the compression is, and what software is or isn't on your webserver. PS If your webserver is a Windoze box, you're on your own, kid. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert hidden form to get url
Anyone got any suggestions on the best way to convert the snippet of code below (which I'm dynamically collecting from another website) to a get url (i.e. http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27 ) form action=http://www.somewebsite.co.uk/Availability.cgi; method=POST name=flightsForm id=flightsForm input type=hidden name=NUM_OF_ADTS value=1/ input type=hidden name=CABIN value=E/ input type=hidden name=B1_DAY value=27/ /form not sure I understandd exactly what you want. If you want the variables to show up in the query string you could either change the form method to get or change the action to form action=http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27; method=POST name=flightsForm id=flightsForm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] I really need help...
JoShQuNe \(TR\) wrote:
My problem is i have .txt file size of 3-5 kb with long rows. I have a
mysql table and a column
type of longtext, name html. What I have to do is: I have to open
.txt and read inside and
insert the content to html. My purpose is this but the problem is: I
easily upload .txt to
server, and read inside, BUT i can not enter it's content to html. I
followed the program up to
mysql query row its working correctly but when i write
mysql_query(INSERT INTO abc
(col1,col2,html) VALUES ('$col1','$col2','$file_contents')) or
die(ERROR!); it dies and give
error.
You should use something more like
$query = INSERT INTO abc (col1,col2,html) VALUES ('$col1', '$col2',
'$file_contents');
mysql_query($query) or trigger_error(mysql_error() . $query,
E_USER_ERROR);
This will give you details about the error and print the query you sent.
My observations: I put $file_contents instead of ERROR! message
i saw the content, i set
the type of html column to longblob, nothing changed: ERROR!,
So now you sort of know what you sent to the database, but not exactly
what you sent, and not what the database didn't like.
You were headed in the right direction, but didn't go far enough down this
road.
i made
another .php file which
uses a form, i copied .txt's content manually into textarea, it
succesfully inserted.
There are so many ways this could have have fixed whatever was wrong
before...
It at least proves that you *can* get this to work eventually, if you can
figure out what was different about *this* query and *that* query.
Then i
made 3 steps program; i uploaded .txt in first step then in second step
i inserted the content to
a textarea as it's value and at the third step i tried to add to
mysql, message was: ERROR!
Here you have another data point -- Something you are doing wrong here is
probably the same as the thing you are doing wrong in the first program.
But you need to get the error message from MySQL to find out what it is.
again. I tought it may be because of touching the textarea's content
and i clicked textarea
and pressed SPACE BAR :) really but of course nothing changed. One more
thing i tried to insert by
mysql_query(UPDATE abc SET html='$file_contents' WHERE col1='$col1'
and col2='$col2'); but still
it answered I can not enter this variable to html. When i delete
the long rows it achieves but
i need them and i need to this automatically by selecting the file and
inserting to mysql.
Please
please help me if you can. Below i've added the codes of program. I
will go insane if i can not
solve it. I am thinking about learning Perl to do that. Thank you very
much...
I can pretty much guarantee that you will have no more luck with Perl than
with PHP... More likely the opposite. :-)
?php
$html=html
head
titleHTML document/title
styleinput,textarea,td {font-family:verdana;font-size:10px;border:1px
#2D7BA2
solid;background:#BECCE7} /style
/head
body
form action='admin.php' method='POST' ENCTYPE='multipart/form-data'
table align='Center'
tr
tdMarka:/td
tdinput name='alan1' type='Text' size=30 value='$alan1'/td
/tr
tr
tdÜrün Grubu:/td
tdinput name='alan2' type='Text' size=30 value='$alan2'/td
/tr
tr
tdAlt Ürün Grubu:/td
tdinput name='alan3' type='Text' size=30 value='$alan3'/td
/tr
tr
tdResmin türü:/td
tdinput name='tur' type='Radio' value='jpg' checkedJPG input
name='tur' type='Radio'
value='gif'GIF/td
/tr
tr
tdDosya:/td
tdinput name='file' type='File'/td
/tr
tr
td colspan=2 align='Center'input type='Submit' value='Yolla'/td
/tr
/table
/form
;
if(empty($HTTP_POST_VARS)){echo $html;}
else {
$absolute_path = ../beyazesya/Del;
$size_limit = var;
$limit_size = 15;
$limit_ext = var;
$ext_count = 2;
$extensions = array(.jpg, .gif);
$geri = brbra href='#'
onclick='javascript:history.go(-1)'Geri/a;
$endresult = 'DOSYA BAÞARIYLA GÖNDERÝLDÝ..';
if ($file_name == ) {
$endresult='DOSYA SEÇMEDÝNÝZ.. $geri';
}else{
if (($size_limit == var) ($limit_size $file_size)) {
$endresult = 'DOSYA ÇOK BÜYÜK, EN FAZLA 150KB OLABÝLÝR $geri';
} else {
$ext = strrchr($file_name,'.');
if (($limit_ext == var) (!in_array($ext,$extensions))) {
$endresult = 'DOSYA TÜRÜ YALNIZCA .ZIP VEYA .RAR OLABÝLÝR.. $geri';
}else{
[EMAIL PROTECTED]($file, $absolute_path/file.txt) or die(DOSYA
KOPYALANAMADI.. $geri);
$dosyam=../beyazesya/Del/file.txt;
$fp=fopen($dosyam,r) or die(Cant open file);
while(!feof($fp)){
$buf = fgets($fp,8192);
$buffer=$buffer.$buf;
}
$buffer=eregi_replace(\t,,$buffer);
As a matter of good practice, change this to http://php.net/str_replace
which is faster than eregi_replace, since you're not using any of the
powerful features of eregi_replace.
$buffer=trim($buffer);
$f_a=$file_name;
$model=str_replace(.txt,,$f_a);
$resim=$model.$tur;
mysql_connect(xxx,yyy,zzz);
mysql_select_db(aaa);
$bb=mysql_query(SELECT *
Re: [PHP] fsockopen to own server
On Mon, 20 Dec 2004 07:51:46 -0800, Richard Lynch wrote: WILD GUESS ALERT! What you got in /etc/hosts.allow and /etc/hosts.deny?... nothing in there other than default install comments. Or any kind of other anti-bad-guy technology?... nope. Does it work if you use 127.0.0.1 for the IP/URL? How about the actual IP of the machine? localhost? d) none of the above :) Just throwing out random things to try that might lead you somewhere. much appreciated. I'm willing to sacrifice young lambs at this stage. Cheers Doc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Performance of magic_quotes_gpc ??
Michael Gale wrote:
I am working on a ticket tracking system and using htmlentities and
htmlspecialchars on text that gets inserted into the database.
code I have:
--snip--
if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body']) 5)
{
$query .= tentry_body = ' .
htmlentities(htmlspecialchars($_POST['tentry_body'])) . ';
You've already been told all about this one :-)
} else {
$status=li class=errorERROR with entry -- appears to be empty
!/li\n;
$check=1;
}
--snip--
In the archives people suggest that using mysql_escape_string should be
used, I then found that you could globally enable magic_quotes_gpc.
What is the best method ? Does magic_quotes have a large performance
issue ??
Would it not just be safer to turn it on ??
Safer as in more secure from hackers? No. It's not safer either way,
really, imho. The security doesn't come from adding slashes -- It comes
from knowing what the data *should* look like, and validating that it
*does* look like that, as strictly as possible.
Safer as in less likely I'll screw up? This could go either way. If you
understand what MagicQuotes does, how it works, and when it's appropriate
to rely on it (or not) it's a convenient feature. If you don't understand
how Magic Quotes works, then it's not a good thing to use. :-)
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Current Member Check
Brad Ciszewski wrote:
if($checkEmail != 0){
echo(centerfont color=\#99\The email address has already been
registerd with an account./font/center);
include(../includes/footer.php);
exit;
}
In addition to the egregious security hole noted by others, your basic
problem is you are confusing yourself (as almost every beginner does) with
the difference between:
The query was not successfully executed by the database.
The query returned no records.
$checkEmail is only going to be FALSE if the query *FAILED* to execute.
You should check for that.
But regardless of the email being in the database or not, $checkEmail will
be a non-FALSE value (and hence != 0) if the query ran successfully.
In other words, it's a successful query and result even *if* there are no
records in the database matching '$email'
What you need to do is use one of these:
http://php.net/mysql_num_rows
http://php.net/mysql_fetch_row
http://php.net/msyql_fetch_array
http://php.net/mysql_result
to determine if there were or were NOT any records returned.
It would actually be more efficient (and thus a good habit to form) to use:
select count(*) from ...
MySQL has some special code internally to make that SQL run efficiently.
You then want to check the actual result (not mysql_num_rows, one of the
others) to see if you got 0 or 1. (Or more than 1, if you somehow manage
to get duplicates in the database.)
To go even farther: You should *NEVER* use select * ...
It's *always* going to be the least efficient way to get the data you need
-- which may be exactly the same as the most efficient way, if you really
do need *all* the columns.
But you almost always don't really need *all* the columns, and even when
you do, sooner or later, somebody will add some kind of status/flag/new
column to the database that you do *NOT* need, and you'll be grabbing data
you don't need.
Name the columns you need.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Photogallery with features in php + DB
[snip] we would like to implement a photogallery where the users can upload some photographs,and then can rotate them. The photographs are stored in a temporary area waiting for approval. [/snip] http://gallery.menalto.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sanitizing/security
Matthew Weier O'Phinney wrote:
* Sebastian [EMAIL PROTECTED]:
just a question, what is the best way to sanitize your scripts when
you're
using $_GET or $_REQUEST in a query?
eg, i usually just do:
if(is_numeric($_REQUEST['id']))
{
mysql_query(SELECT id FROM table WHERE
id=.intval($_REQUEST['id']).);
}
what about when the GET is text? just use htmlspecialchars?
just looking for some advice to help keep my apps secure.
The proper method for doing this is to 'whitelist' -- in other words,
assume data is tainted, and only allow it if it passes certain criteria.
For text, you'll typically want to define what is allowed, create a
regular expression, and pass the value through that expression (this is
often called 'filtering').
By the way, if you're needing an integer ID in the test above, testing
for is_numeric() will not be enough -- it returns floats as well as
integers. Try:
if ($_REQUEST['id'] == strval(intval($_REQUEST['id'])))
For an id, you may also want to do:
$id = (int) $_REQUEST['id'];
if ($id 0){
}
While I can't think how a value of -5 is going to mess you up in any big
way, you might as well eliminate it, since it's not valid.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] File Locking during *other* file operations
I use this code, Not all my own, some from the php manual (probably
most of it in fact) I lock the file as filename.lock so that I can muck
about with it completely and then unlock the .lock and remove it.
M
function LockFile($file)
{
$LockFile = $file . .lock;# Lock the file
$lf = fopen ($LockFile, wx);
while ($lf === FALSE $i++ 20)
{
clearstatcache();
usleep(rand(5,85));
$lf = @fopen ($LockFile, 'x');
}
if ($lf !== False)
{
return array ($lf,$LockFile);
} else {
return FALSE;
}
}
###
#
# UnLockFile()
#
function UnLockFile($LockArray)
{
list($lf, $LockFile) = $LockArray;
fclose($lf);
unlink($LockFile);
}
-Original Message-
From: Michael Sims [mailto:[EMAIL PROTECTED]
Sent: 17 December 2004 15:28
To: php-general
Subject: RE: [PHP] File Locking during *other* file operations
Gerard Samuel wrote:
Im talking about file locking during deleting, and moving files.
Is it possible to perform file locking for these file operations?
Yes, have your scripts attempt to lock a separate lock file before
performing deleting or moving operations.
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
This message has been checked for all known viruses by the
CitC Virus Scanning Service powered by SkyLabs. For further information
visit
http://www.citc.it
___
This message has been checked for all known viruses by the
CitC Virus Scanning Service powered by SkyLabs. For further information visit
http://www.citc.it
___
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sanitizing/security
what about when the GET is text? just use htmlspecialchars? just looking for some advice to help keep my apps secure. What regular expression does one use when there really isn't a whole lot you can say about the text?... I mean, say for a guestbook or bulletin board or for a person's Bio or... You can limit it to a certain number of characters in length. You can mess with strip_tags and also do an ereg to rip out any kind of JavaScript on tags you want to *allow*. But then what? I mean, it seems like there's still an awful lot of wiggle room for mischief there, in an arbitrary string typed by the user. Do you typically check for the distribution of ABCDEF...XYZ and if it is too far from standard English, disallow it? How do you do that clearly/easily? What more *can* be done to validate data that is so free-form essentially? -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP 5 MySql 4.1 issue - can't connect to mysql.sock
Bingo. Many thanks. Barley wrote: If I run the script from a shell prompt as root, it outputs Yes. If I run as any other user, it outputs No. It also gives this error: Warning: mysqli_connect(): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13) Check permissions on /var/lib/mysql. From the sockets manpage: NOTES In the Linux implementation, sockets which are visible in the filesystem honour the permissions of the directory they are in. Their owner, group and their permissions can be changed. Creation of a new socket will fail if the process does not have write and search (execute) permission on the directory the socket is created in. Connecting to the socket object requires read/write permission. This behavior differs from many BSD-derived systems which ignore permissions for Unix sockets. Portable programs should not rely on this feature for security. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Very Odd Session Array Problem
Aaron Axelsen wrote: We have the chunk of code at the bottom of the page. It is behaving very strangly under php 4.3.9. Basically, if it is not coded exactly as listed below, it will not work right. The development server is running 5.0.3, and it works fine. However, the live server has 4.3.9. Is there something vastly different with arrays and session variables? You are going to have to define behaving very strangely and will not work right Right now, we've got *NOTHING* to work with in terms of what your problem is. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strip of code - what could be wrong?
Wiberg wrote:
I'm trying to figure out some code I haven't done myself, but I don't get
what could
be wrong. Check this code out:
the coder says he when he import files, he gets a result that the line
ends
at wrong positions... Is it 4096 that is wrong?
No, the 4096 is not wrong
It only reads 4096 characters at a time, but you are putting them into the
$rader array, and then you walk through the array, and then...
You don't show us how to put those pieces back together, so we have NO
IDEA what's wrong.
Post more code -- like the stuff up to and including the insert into DBcode.
WILD GUESSES:
What is the SQL definition of the column you are using to store the line?
Most likely your database is chopping off text that is too long.
/G
@varupiraten.se
$file = $rad[url_productlist];
$OpenFile = @fopen($file, r);
while (!feof ($OpenFile))
{
$buffer = fgets($OpenFile, 4096);
$rader[] = $buffer;
}
fclose ($OpenFile);
for($i=0; $icount($rader); $i++) {
// Delar av olika delar vid
$del = explode(, $rader[$i]);
insert into DBcode...
}
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.808 / Virus Database: 550 - Release Date: 2004-12-08
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] [Repost] Recursive Directory Iterator
This is my first time trying out the SPL iterators.
Im trying to figure out how to recursively move over a directory.
With the code that I've provided
1. Is this the correct way to use it? Im using recursive functions to
go deep.
I thought, that the class would do that for me somehow...
2. As it stands, it doesn't report the correct directory structure.
For example, if I had a directory in the root with another directory
under it,
the second directory doesnt get echoed.
Thanks
--
dirr('.');
function dirr($dir)
{
$dir = new RecursiveDirectoryIterator($dir);
foreach($dir as $foo)
{
echo $foo-getPathname() . 'br /';
if ($foo-hasChildren())
{
$bar = $foo-getChildren();
foreach($bar as $foo2)
{
if ($foo2-hasChildren())
{
dirr($foo2-getPathname());
}
else
{
echo $foo2-getPathName() . 'br /';
}
}
}
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] convert hidden form to get url
Sorry for not been clear. The snippet of html is code I am getting dynamically using curl from another website. I want to then convert that html code into a url like http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27. Best Regards Martin -Original Message- From: Matt M. [mailto:[EMAIL PROTECTED] Sent: 20 December 2004 16:09 To: Martin Reeves Cc: [EMAIL PROTECTED] Subject: Re: [PHP] convert hidden form to get url Anyone got any suggestions on the best way to convert the snippet of code below (which I'm dynamically collecting from another website) to a get url (i.e. http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY =27 ) form action=http://www.somewebsite.co.uk/Availability.cgi; method=POST name=flightsForm id=flightsForm input type=hidden name=NUM_OF_ADTS value=1/ input type=hidden name=CABIN value=E/ input type=hidden name=B1_DAY value=27/ /form not sure I understandd exactly what you want. If you want the variables to show up in the query string you could either change the form method to get or change the action to form action=http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_D AY=27 method=POST name=flightsForm id=flightsForm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] File Upload Problem
Wayne Donaho wrote: I am trying to run a file upload using PHP as a CGI script and am running into an odd error. The error I am getting is the dreaded Server Error -- Error 500 Premature end of script headers: php.cgi Some more analysis ideas: On the very first line of your script, print out something and call http://php.net/flush and then exit;. Or is that what your it ran script does? Just want to be sure you have the exit; in there to be SURE it's a server configuration error, and not something actually in your script to kill PHP/CGI/Apache-child. Check httpd.conf settings -- Perhaps you specifically disallowed certain kinds of HTTP requests there... I have no idea *how* you can do this, or if you can do this, but I hypothesize that it's possible to be done, so maybe you did it. I know you can disallow GET and/or POST etc, but not sure you can fine-tune it down to mime-type or not. It's up to you to figure out if this can be done, and if you've done it in httpd.conf or not. Possibly also in .htaccess, also. See if you can trigger the problem with *other* valid types of ENCTYPE -- The one used in the ubiquitous PostToHost function comes to mind. If you can determine that it's more than just multipart/form-data, and also include, say, 'application/x-www-form-urlencoded' then it may help identify the source or the problem. For fun, take out the suexec on your development server and prove, once and for all, that it's not related to suexec. Since you've already tried so many other things, compile PHP without *ANY* of the extra stuff. No payfloPRO. No GD. No zlib. No jpeg. No xpm. No curl. No nothin' but --with-cgi (or whatever it is). Just to eliminate other software from the picture of possible culprits. Are you doing any of this through SSL? You don't really say, but you've got SSL in the ./configure... Try it without SSL, of course, if you've only tried with SSL so far. Don't see how it could help, but error_reporting E_ALL is always a Good Idea. :-) Here is the diagnosis I have done. 1. The php.cgi executable deals with scripts correctly when using the GET method. 2. The php.cgi script deals with POST method requests properly when the enctype is NOT multipart/form-data This rules out suexec type errors. (in any case the suexec log shows everything is good). 3. File uploads using the mod_php work fine (this rules out apache not accepting the file) 4. the CGI log shows the request being sent to the script, and that there is no result. 5. The above error is not script dependent, the error occurs with a on-line script that prints the string it ran when the form enctype is multipart/form-data. 6. The upload script is being taken from a different box running different versions of apache/php and the script works correctly there. I have tried this with various version of php all with the same results. I have built it with php.4.3.10. Here are the configure options from the phpinfo report: './configure' '--enable-force-cgi-redirect' '--with-openssl' '--with-curl' '--with-mysql' '--with-cgi' '--with-pfpro=/home/wayne/verisign/payflowpro/linuxrh9' '--with-gd' '--with-jpeg-dir' '--with-zlib-dir' '--with-xpm-dir' '--with-freetype-dir' '--enable-ftp' I have the following file variables set: error_reporting 2039 file_uploads On log_errors On max_input_time -1 post_max_size 8M safe_mode off upload_max_filesize 2M upload_tmp_dir /tmp -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mixed strings
Ian Firla wrote: I'm wondering if anyone knows if there's a way of sending strings of mixed type to a UDP socket. I'm storing the data I need to send in an array. Parsing the array with a foreach, I'm sending out the various pieces to the socket with fwrite. fwrite converts your input to string. Check the arg-list at: http://php.net/fwrite Unfortunately, it seems that UDP terminates each message and the client is expecting everything in one chunk with each byte of a specific type (ie. ASCII, INTEGER, BCD) Is there any way I can write a string of mixed types to an open UDP socket as a single message? I doubt it. Write an encoder/decoder to go from your internal data structure to string and back. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP + MSSQL Problem
Alaor Barroso wrote: I changed the php.ini and enabled the support for MSSQL and now i can connect without errors, BUT when make an query to an table the query return NO MATCHES, i have sure that the SQL line is correct (i already used it on(or in? i don't know the difference =P) other site - in other server - and it works AND i have sure that the SQL should return data because the WHERE point to an fiels value that exists... It looks like PHP can't communicate with MSSQL but it connect! Strange... Show us some source code. Any error messages show up? If not, try to use http://php.net/mssql_error to get some error messages to show up. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] header information problem
Ahmed Abdel-Aliem wrote: Dear Groups members. i am making a user protected page, the script works excellent on my local server, but online it gives me this error : Your local server has output_buffering turned ON in php.ini Your online server does not. Warning: Cannot modify header information - headers already sent by (output started at /home/me2resh/public_html/apex/upload/header.html:10) in /home/me2resh/public_html/apex/upload/upload.php on line 33 . . . include 'header.html'; . . . header(Location: login_success.php); First of all, you CANNOT do header once PHP has started sending HTML/content to the browser. Think (or learn) about how HTTP headers and content works, and it will be obvious why. Secondly, header(Location: ...) is BAD PROGRAMMING! The Location: header is part of the HTTP protocol to inform browsers when a document has *MOVED*. You have *not* moved your login script, nor your success page, nor any other on-line document. You are using (abusing) the Location: header as if it were a PHP programming construct such as 'if/else/while/include/echo/...' which it is not. Don't do that. You would be MUCH better off to just: include 'login_success.php'; here. You might need to re-structure a few things in your code, but it will be much cleaner in the end. In the short run, you can just turn on output buffering on your online server, and it will work -- In the long run, your code will be difficult to maintain, impossible to debug, and have weird logic until you re-structure it to deal with any kind of 'headers' first, then use include to pull in the correct html/php, and never, ever, ever, use header(Location: ) for anything except a document that has moved from one URL to another. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using encrypted passwords
On Tuesday 21 December 2004 00:03, symbulos partners wrote:
is it possible to use encrypted passwords in php files, for connecting to a
database?
We do not like too much the idea of the password being in clear text.
Example
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
'mysql_password' should be encrypted
Why? It's not going to offer any protection. If I know your encrypted password
and am able to access your database using it there is no reason for me to
know what your cleartext password is. In other words if I am able to read the
file containing your password (whether encrypted or cleartext) then I can
access your database.
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
APL is a write-only language. I can write programs in APL, but I can't
read any of them.
-- Roy Keir
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Scope issue
GH wrote: Hi I am having an issue with I think it is the scope of variables: I have a file that I am including which has the following ?php // +-- // | PHP Source // +-- // echo got language.phpbr /; global $langauge; $language['project_name'] = P.L.I.M.S; $language['sub_project_name'] = DCR CC; ? In my main file, I am attempting to from with in a function call $language['project_name'] and i am failing... can you offer any advice? Unless you are *inside* of a function definition, 'global' makes no sense whatsoever in PHP. Get rid of it unless you are inside function body. But in your main script *DO* put: global $language; inside of your function body -- That's where you need it to be. You may also want to consider passing $language in as an argument to your function. Or, if it *MUST* be a global variable, use $LANGUAGE so that it stands out in the rest of your script. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Using constructs like unset() in expressions like ()()
Tomas Tintera wrote:
Richard Lynch wrote:
Perhaps something like this:
function my_unset($var){
global $$var;
$wasset = isset($$var);
unset($$var);
return $wasset;
}
my_unset(a); //unset($a);
Or, in a more general way:
function forcereturn ($php){
return eval($php);
}
Damned if I understand *why* you want this, mind you. :-)
Thank you, Richard. That's what I am looking for.
Your first solution may not be usable, because the variable to unset may
not be a global variable.
Well it most certainly cannot be a local variable, and you have to use
'global' inside your function to see it if it's going to be seen at all.
If you want this to apply to variables inside the scope of another
function calling this function, you'd still want 'global', I think to have
any hope of making it work.
The second solution (that using eval()) may
have a bug, because the unset() is called in a local-scope of the
function forcereturn() (and so the variable unset()ted differs from
the variable that we really want to unset()).
You would need to include 'global $a' in the $php code to be eval-ed.
However, there can be used eval() instead of forcereturn():
?php (True==False) or (eval('unset($a);')); ?
Nevertheless, this solution has defects for general use: A lot of
expressions with no return value can't be called with eval() (e.g.
eval('break;') is not a good idea).
eval in general is usually not a good idea. :-)
ps. I want it because it seems to be practical to write the whole
program in a one expression (usually composed of AND and OR
operators). And it's nice. When reading such a code, you can feel as
when reading poetry ;).
It sounds to me like you would be happier programming in a language such
as Lisp, Forth, or Scheme, or maybe even Prolog.
These languages all conform (more or less) to your desired syntax goal.
PHP doesn't.
Trying to hack something in there that will do what you desire will
probably only lead to bugs and big-time maintenance problems.
Or you could write your own language, sort of like PHP, only with none of
the specialized language constructs and make everything a function (like
Lisp and all those mentioned above).
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] problem with PHP
GD-Aqua wrote: I would like to know what this mean`s. PHP has encountered an Access Violation at 01650AFD It means Windows is broken, and you should switch to Linux. :-) More specifically, some programmer somewhere has done something very very very wrong in their code. Exactly which code and where cannot be determined from what you've given us. What was in your script when it happened? What Modules (DLLs) do you have enabled in php.ini? What versions of what software are you using? -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] pspell on w32
php wrote: Thank you for the comments. I've run my script command line and found the following: Unhandled Error: C:\Aspell\dict/en-only.rws: The file C:\Aspell\data/iso8859-1. dat is not in the proper format. abnormal program termination It looks like the directory aspell is looking for is being referenced with the wrong type of slash? What do I do about that? It's actually more likely that the iso8859-1.dat file is corrupted. Perhaps you downloaded it as 'ASCII' instead of 'BINARY' from an FTP server. Or maybe it just got munged somewhere somehow. I'd try to locate another copy of that file, and (saving the old one) replace it. If you REALLY think it is the slashes, I guess you'd have to look at your configuration and PHP script to determine who is putting in the / where. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] first letter
hi if i have for example this variable $name = John; how can i echo the first letter only so the result on the browser will be J can anyone help ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] checking file type on upload
i have an upload form which i would only like to allow compressed zip files and rar files to be uploaded. currently i use if ($_FILES['userfile']['type'] != 'application/x-zip-compressed') which only seems to work in IE, doesn't work in mozila (haven't tried others) what the best way to detect if its a rar or zip file which works in a better range of browsers? someone gave me a suggestion to check if the file ends in .rar or .zip but that isn't very secure since anyone would be able to append it to the filename regardless of the actual file type. thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using encrypted passwords
Jason Wong wrote: Why? It's not going to offer any protection. If I know your encrypted password and am able to access your database using it there is no reason for me to know what your cleartext password is. In other words if I am able to read the file containing your password (whether encrypted or cleartext) then I can access your database. Sorry for the silly question, you are probably right. Would it be possible to encrypt the whole file, so that the password could not be read? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] An object oriented database in PHP?
Has anybody implemented an object oriented database in PHP yet? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Photogallery with features in php + DB
symbulos partners wrote: Dear friends, we would like to implement a photogallery where the users can upload some photographs,and then can rotate them. The photographs are stored in a temporary area waiting for approval. The system then performs the following operations 1)reduces the size of the photograph so that the largest edge is x 2)generates thumbnail for each photograph There should finally be an administrator login, which enables to authorise publication and to perform operations like rotating the photographs which are wrong. Do you know of any php based application, function, set of classes for implementing this features? http://php.net/images Also look into ImageMagik (aka 'convert') with http://php.net/exec Maybe even consider using a shell script to do a bunch of this scaling and thumbnailing, since you have time between the upload and publication anyway -- No sense making the poor user wait around for you PHP script to scale an image if they don't get to see the results until later anyway. YMMV. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using encrypted passwords
symbulos partners wrote:
Dear friends,
is it possible to use encrypted passwords in php files, for connecting to
a
database?
We do not like too much the idea of the password being in clear text.
Example
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
'mysql_password' should be encrypted
What do you think you gain by having the password encrypted there?
Please take us, step by step, through the algorithm by which this stops a
Bad Guy.
Because, basically, it would *NOT* do any good at all to encrypt it there.
In other words:
If the PHP script can 'read' that password to connect, and the Bad Guy can
read that password to connect, then what format that password is in is
irrelevent.
Whether your password looks like 'password' or
'DEE834KRMF88733JJFDYF6DE6WEY34FJVUEY7347' I can still copy and paste it
into my PHP script or command line and connect to MySQL, once I get to
that point.
If it bothers you that the password is there, then you need to make damn
sure the Bad Guys can't *read* that password.
If you can't reassure yourself of that, consider some other authentication
method or some other method of storing the password that you can protect.
Encrypting a string is not a magic bullet that makes it Secure
You're not looking at the Big Picture of how you can be attacked -- or at
least not understanding how this piece of the puzzle fits in, or you would
already know that encrypting the string here won't do anything useful.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert hidden form to get url
Martin Reeves wrote: Anyone got any suggestions on the best way to convert the snippet of code below (which I'm dynamically collecting from another website) to a get url (i.e. http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27 ) form action=http://www.somewebsite.co.uk/Availability.cgi; method=POST name=flightsForm id=flightsForm input type=hidden name=NUM_OF_ADTS value=1/ input type=hidden name=CABIN value=E/ input type=hidden name=B1_DAY value=27/ /form E. You do realize that the other web-site has a REAL GOOD probability of not responding to the GET URL at all, or at least not correctly, right? And that if you Google for Rasmus PostToHost you'll find a function that lets you send POST data to that other website, just as if you had filled out the form by hand, right? So I can't begin to see *why* you would want to convert to GET style... That said, you should be able to use http://php.net/preg_match to find all the type=hidden bits, and then another preg_match to find the name=... bits, and another preg_match to find all the value=... bits. One tricky part is that they *could* flip-flop the order of the name/value parts and still be in HTML spec. So you need to decide if it's worth worrying about that, or if they are consistent enough to not do that, and you can just ignore that wrinkle. There also could be inputs that are things the user actually *types* and you'd need to detect those and program something useful to go into them. Also be sure, in any case, that you send the name/value on the Submit button as well -- Some applications rely on that being there to work. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using encrypted passwords
Symbulos Partners wrote: Jason Wong wrote: Why? It's not going to offer any protection. If I know your encrypted password and am able to access your database using it there is no reason for me to know what your cleartext password is. In other words if I am able to read the file containing your password (whether encrypted or cleartext) then I can access your database. Sorry for the silly question, you are probably right. Would it be possible to encrypt the whole file, so that the password could not be read? Somewhere on your web server you are going to need to have whatever information is necessary for the web server to decrypt the file so that it can make use of it. That information will need to be readable by the user your web server is running as, just like your current file. About the only security benefit I can see from something like this is if the information required to decrypt the file came from the web site user over an SSL encrypted session, otherwise you are simply moving your plain text information to a different file. - Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen to own server
Doc wrote: On Mon, 20 Dec 2004 07:51:46 -0800, Richard Lynch wrote: WILD GUESS ALERT! What you got in /etc/hosts.allow and /etc/hosts.deny?... nothing in there other than default install comments. Or any kind of other anti-bad-guy technology?... nope. Does it work if you use 127.0.0.1 for the IP/URL? How about the actual IP of the machine? localhost? d) none of the above :) Just throwing out random things to try that might lead you somewhere. much appreciated. I'm willing to sacrifice young lambs at this stage. Okay, pull out ethereal and netstat -a to see what connections are being tried/attempted/whatever. Maybe even tcpdump to see what is going back and forth. If all else fails, here's a TOTAL HACK: Write a PHP script on some other server that connects back to the first server and opens the socket and does whatever you need it to do. Now have your script connect to the other server and use its sockets to do what you need. This is clearly *NOT* a Good Idea for a long-term solution, but could get you past this hump long enough to survive, and maybe even make you realize just why the same-machine system doesn't work. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] File Locking during *other* file operations
Robinson, Matthew wrote:
I use this code, Not all my own, some from the php manual (probably
most of it in fact) I lock the file as filename.lock so that I can muck
about with it completely and then unlock the .lock and remove it.
M
function LockFile($file)
{
$LockFile = $file . .lock;# Lock the file
$lf = fopen ($LockFile, wx);
while ($lf === FALSE $i++ 20)
{
clearstatcache();
usleep(rand(5,85));
$lf = @fopen ($LockFile, 'x');
How come you use wx up there, and just 'x' here?
Is there some reason for that?
One may (or may not) want to consider a mechanism for throwing out really
old lock files, since it's possible your PHP script or application would
eventually fail to remove a lock file... Or not, depending on how you
code the rest of it.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Very Odd Session Array Problem
Let me see if i can explain this. Basically, if i dont have this chunk of code: $quoteString = implode(,,$_SESSION['quotes'][$key]); $_SESSION['quotes'][$key] = explode(,,$quoteString); If i dont do that, when i do a print_r($_SESSION['quotes'][$key]) i get errors that say RECURSION and its almost like the arrays are making new arrays instead of just storing them in the one session array. It is a very odd problem. Does that make things any clearer? Richard Lynch wrote: Aaron Axelsen wrote: We have the chunk of code at the bottom of the page. It is behaving very strangly under php 4.3.9. Basically, if it is not coded exactly as listed below, it will not work right. The development server is running 5.0.3, and it works fine. However, the live server has 4.3.9. Is there something vastly different with arrays and session variables? You are going to have to define behaving very strangely and will not work right Right now, we've got *NOTHING* to work with in terms of what your problem is. -- Aaron Axelsen [EMAIL PROTECTED] Great hosting, low prices. Modevia Web Services LLC -- http://www.modevia.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Client does not support authentication protocol requested by server; consider upgrading MySQL client
Nic Begusarai wrote: Nic Begusarai [EMAIL PROTECTED] wrote in message news:... I just install MySql and trying to connect on localhost using PHP Error: Client does not support authentication protocol requested by server; consider upgrading MySQL client how to correct this problem Can you connect through the command line (or MS-DOS) using: 'mysql -u username -p database' You'll maybe need to dink around with $PATH or $path settings to get 'mysql' in your environment settings. If you can't connect from the command line, PHP has little hope of connecting. What version of PHP and MySQL and what server are you using? Did you provide a username/password to MySQL? Do you have any settings in php.ini or /etc/my.cnf or httpd.conf that you know of that might affect how you are authenticated with MySQL? Do you have mod_auth_mysql installed with Apache? And is it using the *SAME* version of MySQL that you compiled with the PHP client? If not, you have to make them match up. Did you get any kind of messages when you compiled Apache, MySQL, and PHP? Or did you compile them? What version of MySQL did you install? What version is built in with PHP? They have to match up, or it won't work. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
Ahmed Abdel-Aliem wrote: hi if i have for example this variable $name = John; how can i echo the first letter only so the result on the browser will be J can anyone help ? $name[0] -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: An object oriented database in PHP?
Symbulos Partners wrote: Has anybody implemented an object oriented database in PHP yet? Boy you are new ;) Check out the PEAR DB package for several OO implementations. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
Not sure if it's deprecated or not, but you can reference it as an array: echo $name[0]; or the more accepted method: echo substr($name,0,1); From: Ahmed Abdel-Aliem [EMAIL PROTECTED] Date: 2004/12/20 Mon PM 12:59:49 EST To: [EMAIL PROTECTED] Subject: [PHP] first letter hi if i have for example this variable $name = John; how can i echo the first letter only so the result on the browser will be J can anyone help ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
if i have for example this variable $name = John; how can i echo the first letter only so the result on the browser will be J echo $name[0]; You could also use the substr() function. Larry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] convert hidden form to get url
Sorry for not been clear. The snippet of html is code I am getting
dynamically using curl from another website. I want to then convert that
html code into a url like
http://www.somewebsite.co.uk/Availability?NUM_OF_ADTS=1CABIN=EB1_DAY=27.
you need something to parse the html, I found this:
http://php-html.sourceforge.net/
and here is a quick script to try:
include (htmlparser.inc);
$htmlText = 'form
action=http://www.somewebsite.co.uk/Availability.cgi; method=POST
name=flightsForm id=flightsForm
input type=hidden name=NUM_OF_ADTS value=1/
input type=hidden name=CABIN value=E/
input type=hidden name=B1_DAY value=27/
/form';
$parser = new HtmlParser ($htmlText);
while ($parser-parse()) {
// Data you can use here:
//
// $parser-iNodeType
// $parser-iNodeName
// $parser-iNodeValue
// $parser-iNodeAttributes
if ($parser-iNodeType == NODE_TYPE_ELEMENT) {
$tmp = $parser-iNodeAttributes;
if($parser-iNodeName == 'form') {
$url = $tmp['action'];
} elseif($parser-iNodeName == 'input') {
$qs[$tmp['name']] = $tmp['value'];
}
}
}
$tmp = array();
foreach($qs as $key = $value) {
print $key = $value br /;
$tmp[] = $key.'='.urlencode($value);
}
$url .= '?'.implode('',$tmp);
print 'url='.$url;
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Very Odd Session Array Problem
If i dont do that, when i do a print_r($_SESSION['quotes'][$key]) i get errors that say RECURSION and its almost like the arrays are making new If you have a SESSION['quotes'] array... and one of the elements in the array references the same SESSION['quotes'] array... then you are going to have recursion. It's not exactly an error, but it *is* a recursive array that never ends because it keeps pointing to itself. Hopefully this makes sense? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] An object oriented database in PHP?
[snip] Has anybody implemented an object oriented database in PHP yet? [/snip] Yes and/or no. Happy Holidays! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Using encrypted passwords
What you might want to try doing is to create a connect.php file that exists outside of your doc root that has the variables with your information and simply include this file when you need to connect to your DB. Now, this won't change the root problem - if someone's able to snoop your transmission then they can pull the info you're sending from the web server to the SQL server... But you'll run into this unless *the communication* between the two machines are encrpyted. This means that having specific files be encrpyted or not is somewhat pointless in this situation. -M Sorry for the silly question, you are probably right. Would it be possible to encrypt the whole file, so that the password could not be read? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
[begin untested code] $name = 'John'; echo substr($fname,0,1); [end untested code] That will print the first letter of the variable $name. substr(string,int start, int length); int length is optional. On Mon, 20 Dec 2004 19:59:49 +0200, Ahmed Abdel-Aliem [EMAIL PROTECTED] wrote: hi if i have for example this variable $name = John; how can i echo the first letter only so the result on the browser will be J can anyone help ? -- Ahmed Abdel-Aliem www.ApexScript.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Jasper Howard - Database Administration ApexEleven.com 530 559 0107 --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] first letter
echo $name{0};
See http://us2.php.net/manual/en/function.substr.php for more...
-Original Message-
From: Ahmed Abdel-Aliem [mailto:[EMAIL PROTECTED]
Sent: Monday, December 20, 2004 1:00 PM
To: [EMAIL PROTECTED]
Subject: [PHP] first letter
hi
if i have for example this variable
$name = John;
how can i echo the first letter only so the result on the
browser will be J
can anyone help ?
--
Ahmed Abdel-Aliem
www.ApexScript.com
--
PHP General Mailing List (http://www.php.net/) To
unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] An object oriented database in PHP?
We use Propel for all of our development. -Original Message- From: symbulos partners [mailto:[EMAIL PROTECTED] Sent: Monday, December 20, 2004 1:18 PM To: [EMAIL PROTECTED] Subject: [PHP] An object oriented database in PHP? Has anybody implemented an object oriented database in PHP yet? -- symbulos partners -.- symbulos - ethical services for your organisation http://www.symbulos.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Using encrypted passwords
On Tuesday 21 December 2004 02:15, symbulos partners wrote: Sorry for the silly question, you are probably right. Perhaps it would be better if you say what you are trying to achieve. Would it be possible to encrypt the whole file, so that the password could not be read? Encryption is only useful for data that is in transit or in storage. If the data is in use then it needs to be decrypted. If you're storing (or have) the means of decryption on the same system as where the encrypted data resides and someone malicious was able to get into your system they would have the encrypted data and also the means to decrypt it. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* We ought to make the pie higher. George W. Bush February 15, 2000 Comment made in Columbia, South Carolina during presidential campaign. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
$name = John;
echo $name{0};
you can also look into substr()
- Original Message -
From: Ahmed Abdel-Aliem [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, December 20, 2004 12:59 PM
Subject: [PHP] first letter
hi
if i have for example this variable
$name = John;
how can i echo the first letter only so the result on the browser will be
J
can anyone help ?
--
Ahmed Abdel-Aliem
www.ApexScript.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
Ahmed Abdel-Aliem wrote:
hi
if i have for example this variable
$name = John;
how can i echo the first letter only so the result on the browser will be J
can anyone help ?
echo $name{0};
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
echo $name[0]; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] first letter
$name = John;
how can i echo the first letter only so the result on the browser will be J
echo $name{0};
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] An object oriented database in PHP?
Jay Blanchard wrote: [snip] Has anybody implemented an object oriented database in PHP yet? [/snip] Yes and/or no. snip Maybe? -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Setting or Getting Relative Path for PHP Includes
Hey Folks, Hoping someone can aid me with a newbie-ish question. I often use PHP includes in my files to pull in assets, but I hard code the relative path to the root html directory for the sites that I'm working on in each file. Example below: ?php $path = '/home/virtual/sitename.com/var/www/html/'; //relative path to the root directory $inc_path = $path . 'code/inc/'; //path and folder the code includes folder is located $copy_path = $path . 'copy/'; //path and folder the copy is located ? I'd like to be able to set the relative path as a global variable from an external file so that I can modify one line of code to change the relative path across the site. This will allow me for easier coding in staging and development environments. What's the best way to do so? Can anyone provide a code example? Either that, or is there a way to call this variable from the server itself so that it's automatically -- and correctly -- set? Thanks, Anthony -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Install PHP4 on a Apache2 + PHP5 system
Hi guys, I have a server on which Apache2 and PHP5 are functioning well, but I also want to build in support for PHP4 because the webmail package I use isn't compatible with PHP5... So, I need to install PHP4 next to PHP5, and make my Directory in httpd.include use PHP4 for my webmail directory... Any idears how to install this 2 PHP versions together, and let it work? It is a server I didn't install myself, and for who knows, Plesk 7.0.4 is installed on it, so I'm not completely free to try things... I allready did some things, but till now without results... OS: Redhat ES3 my PHP5 configure options are: './configure' '--host=i686-redhat-linux-gnu' '--build=i686-redhat-linux-gnu' '--target=i386-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--enable-pic' '--disable-rpath' '--enable-inline-optimization' '--with-bz2' '--with-db4=/usr' '--with-curl' '--with-dom=/usr' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' '--with-gdbm' '--with-gettext' '--with-ncurses' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-png' '--with-pspell' '--with-regex=system' '--with-xml' '--with-expat-dir=/usr' '--with-dom' '--with-domxml' '--with-xmlrpc' '--with-pcre=/usr' '--with-zlib' '--with-layout=GNU' '--enable-bcmath' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-track-vars' '--enable-trans-sid' '--with-pear=/usr/share/pear' '--with-imap=shared' '--with-imap-ssl' '--with-kerberos=/usr/kerberos' '--with-ldap=shared' '--with-mysql=shared,/usr' '--with-pgsql=shared' '--enable-bcmath' '--enable-versioning' '--enable-calendar' '--enable-dbx' '--enable-dio' '--enable-mbregex' '--enable-mcal' '--with-mhash=' '--with-mcrypt=/usr/local' '--with-apxs2filter=/usr/sbin/apxs' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Accessing a Char in an Array
In an earlier thread labeled first letter, it was suggested that substr() be used. Check this out... http://us2.php.net/manual/en/function.substr.php. So my question is: What is faster using substr or accessing the string like an array? I know I could test this myself, but I thought someone may have done this already. Regards, Justin Palmer __ KISS (Keep It Simple, SEARCH)! Google::getUri( http://www.google.com ); Archives::getUri( http://marc.theaimsgroup.com/?l=php-general ); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Very Odd Session Array Problem
I understand the recursion part, but i dont understand why this fixes it: $quoteString = implode(,,$_SESSION['quotes'][$key]); $_SESSION['quotes'][$key] = explode(,,$quoteString); That is essentially just reading the values out, and sticking them back in. Jason Barnett wrote: If i dont do that, when i do a print_r($_SESSION['quotes'][$key]) i get errors that say RECURSION and its almost like the arrays are making new If you have a SESSION['quotes'] array... and one of the elements in the array references the same SESSION['quotes'] array... then you are going to have recursion. It's not exactly an error, but it *is* a recursive array that never ends because it keeps pointing to itself. Hopefully this makes sense? -- Aaron Axelsen [EMAIL PROTECTED] Great hosting, low prices. Modevia Web Services LLC -- http://www.modevia.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting or Getting Relative Path for PHP Includes
On Tuesday 21 December 2004 04:41, Anthony Baker wrote: Either that, or is there a way to call this variable from the server itself so that it's automatically -- and correctly -- set? Use a combination of one or more items from $_SERVER. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* I think if you say you're going to do something and don't do it, that's trustworthiness. George W. Bush August 30, 2000 From an CNN online chat. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting or Getting Relative Path for PHP Includes
I usually use a global variables file included in every page and map my directories that way.. example, have the file you include on each page have these line of code in it: ?php $GLOBALS['images'] = /images/; $GLOBALS['inc''] = /incl/; ? then those directories are mapped, all you have to do is use it this way, I chose images and and include directory for an example to use it for an image img src=?= $GLOBALS['images'] ?whatever.jpg To do includes for a stylesheet or somethin: link href=?= $GLOBALS['inc'] ?style.css type=text/css rel=stylesheet: -phpninja -Original Message- From: Anthony Baker [mailto:[EMAIL PROTECTED] Sent: Monday, December 20, 2004 12:41 PM To: [EMAIL PROTECTED] Subject: [PHP] Setting or Getting Relative Path for PHP Includes Hey Folks, Hoping someone can aid me with a newbie-ish question. I often use PHP includes in my files to pull in assets, but I hard code the relative path to the root html directory for the sites that I'm working on in each file. Example below: ?php $path = '/home/virtual/sitename.com/var/www/html/'; //relative path to the root directory $inc_path = $path . 'code/inc/'; //path and folder the code includes folder is located $copy_path = $path . 'copy/'; //path and folder the copy is located ? I'd like to be able to set the relative path as a global variable from an external file so that I can modify one line of code to change the relative path across the site. This will allow me for easier coding in staging and development environments. What's the best way to do so? Can anyone provide a code example? Either that, or is there a way to call this variable from the server itself so that it's automatically -- and correctly -- set? Thanks, Anthony -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Very Odd Session Array Problem
Aaron Axelsen wrote: I understand the recursion part, but i dont understand why this fixes it: $quoteString = implode(,,$_SESSION['quotes'][$key]); $_SESSION['quotes'][$key] = explode(,,$quoteString); That is essentially just reading the values out, and sticking them back in. As already stated, your items seem to be self-referencing. It would appear that this process is inserting the *values* of those referenced cells into the quotes array instead of inserting references to the array itself. Sort of like a paste special - values with Excel if that helps you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Install PHP4 on a Apache2 + PHP5 system
Rens Admiraal wrote: Hi guys, I have a server on which Apache2 and PHP5 are functioning well, but I also want to build in support for PHP4 because the webmail package I use isn't compatible with PHP5... So, I need to install PHP4 next to PHP5, and make my Directory in httpd.include use PHP4 for my webmail directory... Any idears how to install this 2 PHP versions together, and let it work? It is a server I didn't install myself, and for who knows, Plesk 7.0.4 is installed on it, so I'm not completely free to try things... I allready did some things, but till now without results... Use mod_proxy with apache2 to call a separate apache2-php4 installation. OS: Redhat ES3 my PHP5 configure options are: './configure' '--host=i686-redhat-linux-gnu' '--build=i686-redhat-linux-gnu' '--target=i386-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--enable-pic' '--disable-rpath' '--enable-inline-optimization' '--with-bz2' '--with-db4=/usr' '--with-curl' '--with-dom=/usr' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' '--with-gdbm' '--with-gettext' '--with-ncurses' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-png' '--with-pspell' '--with-regex=system' '--with-xml' '--with-expat-dir=/usr' '--with-dom' '--with-domxml' '--with-xmlrpc' '--with-pcre=/usr' '--with-zlib' '--with-layout=GNU' '--enable-bcmath' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-track-vars' '--enable-trans-sid' '--with-pear=/usr/share/pear' '--with-imap=shared' '--with-imap-ssl' '--with-kerberos=/usr/kerberos' '--with-ldap=shared' '--with-mysql=shared,/usr' '--with-pgsql=shared' '--enable-bcmath' '--enable-versioning' '--enable-calendar' '--enable-dbx' '--enable-dio' '--enable-mbregex' '--enable-mcal' '--with-mhash=' '--with-mcrypt=/usr/local' '--with-apxs2filter=/usr/sbin/apxs' -- Command Prompt, Inc., home of Mammoth PostgreSQL - S/ODBC and S/JDBC Postgresql support, programming shared hosting and dedicated hosting. +1-503-667-4564 - [EMAIL PROTECTED] - http://www.commandprompt.com PostgreSQL Replicator -- production quality replication for PostgreSQL -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Setting or Getting Relative Path for PHP Includes
As already suggested there are $_SERVER variables that can assist you here. Although if you plan on having an include file that will be included by every script in your site you could also use the __FILE__ constant. In your case the following would work: // main.inc.php, located in /home/virtual/sitename.com/var/www/html/ $path = dirname(__FILE__) . '/'; // now all relative includes with $path prefix should correctly resolve // to absolute pathnames -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] can I compile php source
hi, is there any way to compile php source to make binary file for protecting source code? best regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: can I compile php source
Qt wrote: hi, is there any way to compile php source to make binary file for protecting source code? best regards Yes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Accessing a Char in an Array
So my question is: What is faster using substr or accessing the string like an array? I don't know and in this case I don't care. Both syntaxes work fine, but for me the clarity of substr for users not familiar with the array-like construct makes it a better choice. And I have been known to ocassionally debug a script wrong because I thought a string was holding an array :( -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Install PHP4 on a Apache2 + PHP5 system
I have a server on which Apache2 and PHP5 are functioning well, but I also want to build in support for PHP4 because the webmail package I use isn't compatible with PHP5... So, I need to install PHP4 next to PHP5, and make my Directory in httpd.include use PHP4 for my webmail directory... I've never run this setup myself, but I just test this out and it worked for me. (I put it inside a VirtualHost, but you should be ok to put it in the Default server context too) # set up an alias to the php4 cgi binary ScriptAlias /cgi-bin/php4 /path/to/php4cgi # i want files in http://example.com/mail/ to be parsed with php4 Location /mail/ Action php4-script /cgi-bin/php4 AddHandler php4-script .php /Location You could use Directory too, but give it a file path, not a url. --Rick -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] can I compile php source
QT wrote: hi, is there any way to compile php source to make binary file for protecting source code? best regards Yes. http://www.catb.org/~esr/faqs/smart-questions.html -- By-Tor.com ...it's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] can I compile php source
Yes. There are a number of free php complier on web too. Please look at sf.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] checking file type on upload
Sebastian wrote: i have an upload form which i would only like to allow compressed zip files and rar files to be uploaded. currently i use if ($_FILES['userfile']['type'] != 'application/x-zip-compressed') which only seems to work in IE, doesn't work in mozila (haven't tried others) what the best way to detect if its a rar or zip file which works in a better range of browsers? someone gave me a suggestion to check if the file ends in .rar or .zip but that isn't very secure since anyone would be able to append it to the filename regardless of the actual file type. thanks. Your current method is not secure either. Content-Type header is supplied by the browser and can be easily spoofed. Mozilla just sends another type, mine is set to send application/zip for .zip files. The best bet is to use mime_content_type() function that checks the first few bytes. Still this does not help with malformed files, that can possibly exploit known vulnerabilities in archiving applications. If you put the files in publicly accessible location, be sure to check the file extension too. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: An object oriented database in PHP?
Hello, on 12/20/2004 04:18 PM Symbulos Partners said the following: Has anybody implemented an object oriented database in PHP yet? What you seem to be looking for is something like Metastorage which implements Object-relational mappings API. Metastorage lets you describe a model of classes of objects with variables, relationships, validation rules and the types of functions that you need to manipulate your application objects. Then it generates a very compact and fast API made of classes that let you store and retrieve objects in any SQL based database, among other operations that your application may need. It also generates the database schema and a special class that you can use to install your model database schema just with a single function call. You may learn more about Metastorage here: http://www.meta-language.net/metastorage.html Here you can also see some screenshots that illustrate some features. http://www.meta-language.net/screenshots.html -- Regards, Manuel Lemos PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ PHP Reviews - Reviews of PHP books and other products http://www.phpclasses.org/reviews/ Metastorage - Data object relational mapping layer generator http://www.meta-language.net/metastorage.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting or Getting Relative Path for PHP Includes
Can use a directive on your .htaccess: php_value include_path /your/include/path/here This can also be set on your httd.conf in a virtual server basis. If you have access to php.ini is better to set the include there. Regards, Jordi. On Mon, 20 Dec 2004 12:41:06 -0800, Anthony Baker [EMAIL PROTECTED] wrote: Hey Folks, Hoping someone can aid me with a newbie-ish question. I often use PHP includes in my files to pull in assets, but I hard code the relative path to the root html directory for the sites that I'm working on in each file. Example below: ?php $path = '/home/virtual/sitename.com/var/www/html/'; //relative path to the root directory $inc_path = $path . 'code/inc/'; //path and folder the code includes folder is located $copy_path = $path . 'copy/'; //path and folder the copy is located ? I'd like to be able to set the relative path as a global variable from an external file so that I can modify one line of code to change the relative path across the site. This will allow me for easier coding in staging and development environments. What's the best way to do so? Can anyone provide a code example? Either that, or is there a way to call this variable from the server itself so that it's automatically -- and correctly -- set? Thanks, Anthony -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] imap_mail problems
Hello, I am having problems with this code below. The system is a FC1 server and it is supposed to send an email collecting some information of a computer. The problem I am having is with the and characters. When the $header variable is created, it does not work if you add the and characters. For some reason makes the whole string like null. Has anyone seen this behaviour? If I try manually to send an email it does work and php does have imap support on it. Thanks -pa snip $header = From: $fullNameField admin@ . trim(`/bin/hostname --fqdn`) . ; $registrationAddress = [EMAIL PROTECTED]; $subject = Registration ($productName); $message = Full name: $fullNameField Title: $titleField Company: $companyField ; // send email imap_mail($registrationAddress, $subject, $message, $header); snip -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: imap_mail problems
Hi Paul, Didn't use imap_mail but you can check out this http://phpmailer.sourceforge.net/ I am currently using it and it works like a charm. Very easy to use and I do not have problem like yours. Paul Aviles [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am having problems with this code below. The system is a FC1 server and it is supposed to send an email collecting some information of a computer. The problem I am having is with the and characters. When the $header variable is created, it does not work if you add the and characters. For some reason makes the whole string like null. Has anyone seen this behaviour? If I try manually to send an email it does work and php does have imap support on it. Thanks -pa snip $header = From: $fullNameField admin@ . trim(`/bin/hostname --fqdn`) . ; $registrationAddress = [EMAIL PROTECTED]; $subject = Registration ($productName); $message = Full name: $fullNameField Title: $titleField Company: $companyField ; // send email imap_mail($registrationAddress, $subject, $message, $header); snip -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] script PHP to detect IP address
[EMAIL PROTECTED] wrote: the REMOTE_ADDR environment variable (aka php superglobal) will give you the IPnumber of the inbound client. -- Original Message -- From: welly limston To: [EMAIL PROTECTED] Date: Friday, December 17, 2004 06:17:56 PM -0800 Subject: [PHP] script PHP to detect IP address Anybody out there who know the PHP script that can use to detect an IP address of a PC? If u dont know, maybe some sites address which have related with this topic, might be point me little. Many your help very appreciate. Thanks so much for ur respone - Do you Yahoo!? Yahoo! Mail - You care about security. So do we. -- End Original Message -- thank you for u information it's very usefull for me regards; welly __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [PHP] can I compile php source
and this response was helpful to the guy who asked the original question, how i mean, aside from showing that you know how to do a link, what did you show peace... -Original Message- From: John Nichel [EMAIL PROTECTED] Sent: Dec 20, 2004 4:32 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] can I compile php source QT wrote: hi, is there any way to compile php source to make binary file for protecting source code? best regards Yes. http://www.catb.org/~esr/faqs/smart-questions.html -- By-Tor.com ...it's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How can I write number into a execel file with COM.
for eg. thanks please. Shi MuQi LangFang ABC (China) v Tel:(86)-311-78764NN /(_)\ E-mail:[EMAIL PROTECTED] ^ ^
Re: [PHP] can I compile php source
Bruce Douglas wrote: and this response was helpful to the guy who asked the original question, how i mean, aside from showing that you know how to do a link, what did you show peace... Maybe you should read the link, then _maybe_ you'll understand. Would you feel better if I posted links to the archives and/or to Google to where numerous answers could be found to this question? Or maybe the OP could have just gone to the link I posted and seen those two suggestions in the 'Before You Ask' section. Then again, what was I thinking...people think for themselves? How silly of me. -Original Message- From: John Nichel [EMAIL PROTECTED] Sent: Dec 20, 2004 4:32 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] can I compile php source QT wrote: hi, is there any way to compile php source to make binary file for protecting source code? best regards Yes. http://www.catb.org/~esr/faqs/smart-questions.html -- By-Tor.com ...it's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Encryption
Hey all.
I am trying to get encryption working for my site.
I have found some code and set up a test bed for it, but it fails to return
the same value after the 26th item. I was hoping someone could take a look
and maybe tell me why? There is very little help out there for encryption.
If you know of a working example/tutorial, can you please reply with a link?
Many thanks,
Darren
?
global $arrAlphaVals;
global $intTot;
$intTot = 5000;
$arrAlphaVals = array();
function init()
{
global $arrAlphaVals;
global $intTot;
for ($i=0;$i$intTot;$i++)
{
$arrAlphaVals[$i] = sprintf(%016s, strtoupper(dechex($i)));
}
return $arrAlphaVals;
}
function main()
{
global $arrAlphaVals;
global $intTot;
init();
$arrError = array();
echo Encryption testbr\n;
for ($i=0;$i$intTot;$i++)
{
if ($i%1000 == 0)
{
echo $i.br;
flush();
}
$strInit = $arrAlphaVals[$i];
$strEncVal = encryptIt($strInit);
$strOut = decryptIt($strEncVal);
//echo In: .$strInit., Enc: .$strEncVal., Out: .$strOut.br;
if ($strOut != $strInit)
{
$strError .= Failed on: .$i.br\n;
$arrError[$strInit] = $strOut;
}
}
if (sizeof($arrError) 0)
{
// There were errors
foreach ($arrError as $strKey = $strVal)
{
echo Input: '.$strKey.' failed with result
'.$strVal.'br\n;
}
echo hr.$strError;
}
echo hrTested .$i. cases. Done.br\n;
}
function encryptIt($strIn)
{
$key = biteme;
$strRet = _mencrypt($strIn, $key);
return $strRet;
}
function decryptIt($strIn)
{
$key = biteme;
$strRet = _mdecrypt($strIn, $key);
return $strRet;
}
function _mencrypt($input,$key)
{
$input = str_replace(\n,,$input);
$input = str_replace(\t,,$input);
$input = str_replace(\r,,$input);
$key = substr(md5($key),0,24);
$td = mcrypt_module_open ('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
mcrypt_generic_init ($td, $key, $iv);
$encrypted_data = mcrypt_generic ($td, $input);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
return trim(chop(base64_encode($encrypted_data)));
}
//$input - stuff to decrypt
//$key - the secret key to use
function _mdecrypt($input,$key)
{
$input = str_replace(\n,,$input);
$input = str_replace(\t,,$input);
$input = str_replace(\r,,$input);
$input = trim(chop(base64_decode($input)));
$td = mcrypt_module_open ('tripledes', '', 'ecb', '');
$key = substr(md5($key),0,24);
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
mcrypt_generic_init ($td, $key, $iv);
$decrypted_data = mdecrypt_generic ($td, $input);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
return trim(chop($decrypted_data));
}
main();
?
The original encryption and decryption code came from Jeremy Stansfield
(http://www.weberdev.com/get_example-3752.html)
Thanks again!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php terminal.
Hello all.. Since my webhosting didnt provide me with telnet access, I would like to have a small software that created by php to do some bash function such as lynx, ls etc ? thx a lot :) -- === Best Regards Adwin Wijaya www.kuya-kuya.net www.e-rhema.net === -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help wth coding
Team I am trying to teach myself php through a book I got at the store. Its kinda rough with limited programming experience. I was wondering if you could take a look at my code and tell me or write the code so it Will work and make comments in it so I know what I did wrong. Here is the links. http://pastebin.com/131817 http://www.theufl.com/php/wrox_php/movie_details10.php I'm trying to use the EOD; or EOT; html container with a few functions. Also here is what the concept is. Basically what we are trying to do is create a detail page for movies. For example bruce almighty is movie id#1 When you get the table you see the name linked. Then when you click link, you will get that movies page. On that page you will have details about movie in a separate html table, and also Another table with movie critics. They will be able to post the date of review, review title, reviewer name, movie review coments, And on the far right will be a 5-star rating with check mark image. The top part table is going to show. Movie title, year of release, movie director, movie lead actor, how long the movie is, and movie health.. Any help would greatly appreciated, could we meet online and talk about it? Either through AIM or MSN Messger services? With this address. Let me know if you guys cant view any info or need any more info. Karl James (TheSaint) [EMAIL PROTECTED] http://theufl.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Help with code#2
Hey guys, Just to let you know I turned off my read receipt, sorry about that. I had forgot I had it on. Karl James (TheSaint) [EMAIL PROTECTED] http://theufl.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php terminal.
Since my webhosting didnt provide me with telnet access, I would like to have a small software that created by php to do some bash function such as lynx, ls etc ? thx a lot :) Honestly, just get a new ISP that provides SSH access - many, many of them do and it's not something that should be a value add feature (e.g., it shouldn't cost more to have shell access). To write an app to do this really falls under the reinventing the wheel category. Besides, if an ISP doesn't want you to be able to do whatever in a shell, the PHP user likely wouldn't have permissions to run the commands that you'd want to run anyhow. -M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
