php-general Digest 15 Feb 2007 14:52:35 -0000 Issue 4627
php-general Digest 15 Feb 2007 14:52:35 - Issue 4627 Topics (messages 248896 through 248903): Password and FTP Folder 248896 by: Helder Lopes 248901 by: Brad Fuller Re: Extending DOMNode 248897 by: Rob Richards remote fopen not working, despite allow_url_fopen = on 248898 by: alex handle 248899 by: Aras 248900 by: alex handle 248902 by: Aras 248903 by: cajbecu Administrivia: To subscribe to the digest, e-mail: [EMAIL PROTECTED] To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: php-general@lists.php.net -- ---BeginMessage--- Hi people hi have a problem i need a script for make a ftp folder that have a password for enter Have anyway to do this?? /mrpostiga ---End Message--- ---BeginMessage--- -Original Message- From: Helder Lopes [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 5:32 AM To: php-general@lists.php.net Subject: [PHP]Password and FTP Folder Hi people hi have a problem i need a script for make a ftp folder that have a password for enter Have anyway to do this?? /mrpostiga you can upload .htaccess and .htpasswd files via FTP and password protect it. If you do a search for password protect htaccess you should find a lot of tutorials on how to create the .htaccess file and generate user/password combinations for the .htpasswd file. ---End Message--- ---BeginMessage--- Eli wrote: ?php class MyDOMNode extends DOMNode { public $v = 10; function __construct() {} } $dom = new DOMDocument(); $dom-registerNodeClass('DOMNode','MyDOMNode'); $dom-loadXML('roota//root'); echo $dom-firstChild-v; #-- not outputs 10 ? But I get the notice: PHP Notice: Undefined property: DOMElement::$v in ... I want the extension to be valid for all DOM nodes that are derived from DOMNode, such as DOMElement, DOMAttr, DOMNodeList, DOMText, etc... I try not to extend all the classes one by one. Due to the internals of the DOM extension, you need to register the class types that are actually instantiated and not the underlying base DOMNode class. Unfortunately in your case this means you need to register all of those classes separately. $dom-registerNodeClass('DOMElement','MyDOMNode'); $dom-registerNodeClass('DOMAttr','MyDOMNode'); $dom-registerNodeClass('DOMText','MyDOMNode'); ... Rob ---End Message--- ---BeginMessage--- Hi all, i recently upgraded a server from freebsd 5.x to 6.2 php 4.4.2 - php 4.4.4 apache 1.3 - apache 2.2.4. It worked all great till i noticed that the remote fopen()/file() did not work. allow_url_fopen is set to On and the httpd-error.log shows this error message: [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file() [a href='function.file'function.file/a]: php_network_getaddresses: getaddrinfo failed: hostname nor servname provided, or not known in /home/domains/x/xxx/tmp/remote.php on line 2 [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: Invalid argument in /home/domains/x/xxx/tmp/remote.php on line 2 A lynx from the server to google.com works. Then i put google.com in the /etc/hosts file and i got this message: [Thu Feb 15 14:19:47 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: HTTP request failed! in /home/domains/x/xxx/tmp/remote.php on line 2 With curl i can fetch remote content, but i have to put the domainname in the hosts file. Verry strange!? Here my test file: ?php var_dump(file('http://google.com/')); ? phpinfo and configure.log of the freebsd-ports is attached http://www.dict.cc/englisch-deutsch/Thanks+in+advance+TIA.htmlThanks in advance! Alex System FreeBSD 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP i386 Build Date Feb 14 2007 17:04:14 Configure Command './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--program-prefix=' '--disable-cgi' '--with-apxs2=/usr/local/sbin/apxs' '--with-regex=php' '--with-zlib=/usr' '--enable-zend-multibyte' '--prefix=/usr/local' 'i386-portbld-freebsd6.2' Server API Apache 2.0 Handler Virtual Directory Support disabled Configuration File (php.ini) Path /usr/local/etc/php.ini Scan this dir for additional .ini files /usr/local/etc/php additional .ini files parsed/usr/local/etc/php/extensions.ini PHP API 20020918 PHP Extension 20020429 Zend Extension 20050606 Debug Build no Zend Memory Manager enabled Thread Safety disabled Registered PHP Streams php, http, ftp, compress.zlib, compress.bzip2 This program makes use of the Zend Scripting Language
[PHP]Password and FTP Folder
Hi people hi have a problem i need a script for make a ftp folder that have a password for enter Have anyway to do this?? /mrpostiga
[PHP] Re: Extending DOMNode
Eli wrote: ?php class MyDOMNode extends DOMNode { public $v = 10; function __construct() {} } $dom = new DOMDocument(); $dom-registerNodeClass('DOMNode','MyDOMNode'); $dom-loadXML('roota//root'); echo $dom-firstChild-v; #-- not outputs 10 ? But I get the notice: PHP Notice: Undefined property: DOMElement::$v in ... I want the extension to be valid for all DOM nodes that are derived from DOMNode, such as DOMElement, DOMAttr, DOMNodeList, DOMText, etc... I try not to extend all the classes one by one. Due to the internals of the DOM extension, you need to register the class types that are actually instantiated and not the underlying base DOMNode class. Unfortunately in your case this means you need to register all of those classes separately. $dom-registerNodeClass('DOMElement','MyDOMNode'); $dom-registerNodeClass('DOMAttr','MyDOMNode'); $dom-registerNodeClass('DOMText','MyDOMNode'); ... Rob -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] remote fopen not working, despite allow_url_fopen = on
Hi all, i recently upgraded a server from freebsd 5.x to 6.2 php 4.4.2 - php 4.4.4 apache 1.3 - apache 2.2.4. It worked all great till i noticed that the remote fopen()/file() did not work. allow_url_fopen is set to On and the httpd-error.log shows this error message: [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file() [a href='function.file'function.file/a]: php_network_getaddresses: getaddrinfo failed: hostname nor servname provided, or not known in /home/domains/x/xxx/tmp/remote.php on line 2 [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: Invalid argument in /home/domains/x/xxx/tmp/remote.php on line 2 A lynx from the server to google.com works. Then i put google.com in the /etc/hosts file and i got this message: [Thu Feb 15 14:19:47 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: HTTP request failed! in /home/domains/x/xxx/tmp/remote.php on line 2 With curl i can fetch remote content, but i have to put the domainname in the hosts file. Verry strange!? Here my test file: ?php var_dump(file('http://google.com/')); ? phpinfo and configure.log of the freebsd-ports is attached http://www.dict.cc/englisch-deutsch/Thanks+in+advance+TIA.htmlThanks in advance! Alex System FreeBSD 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP i386 Build Date Feb 14 2007 17:04:14 Configure Command './configure' '--enable-versioning' '--enable-memory-limit' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--program-prefix=' '--disable-cgi' '--with-apxs2=/usr/local/sbin/apxs' '--with-regex=php' '--with-zlib=/usr' '--enable-zend-multibyte' '--prefix=/usr/local' 'i386-portbld-freebsd6.2' Server API Apache 2.0 Handler Virtual Directory Support disabled Configuration File (php.ini) Path /usr/local/etc/php.ini Scan this dir for additional .ini files /usr/local/etc/php additional .ini files parsed/usr/local/etc/php/extensions.ini PHP API 20020918 PHP Extension 20020429 Zend Extension 20050606 Debug Build no Zend Memory Manager enabled Thread Safety disabled Registered PHP Streams php, http, ftp, compress.zlib, compress.bzip2 This program makes use of the Zend Scripting Language Engine: Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies Configuration PHP Core Directive Local Value Master Value allow_call_time_pass_reference On On allow_url_fopen Off Off always_populate_raw_post_data Off Off arg_separator.input arg_separator.output asp_tagsOff Off auto_append_fileno valueno value auto_prepend_file no valueno value browscapno valueno value default_charset no valueno value default_mimetypetext/html text/html define_syslog_variables Off Off disable_classes no valueno value disable_functions no valueno value display_errors Off Off display_startup_errors Off Off doc_rootno valueno value docref_ext no valueno value docref_root no valueno value enable_dl On On error_append_string no valueno value error_log no valueno value error_prepend_stringno valueno value error_reporting 20392039 expose_php Off Off extension_dir /usr/local/lib/php/20020429 /usr/local/lib/php/20020429 file_uploadsOn On gpc_order GPC GPC highlight.bg#FF #FF highlight.comment #FF8000 #FF8000 highlight.default #BB #BB highlight.html #00 #00 highlight.keyword #007700 #007700 highlight.string#DD #DD html_errors On On ignore_repeated_errors Off Off ignore_repeated_source Off Off ignore_user_abort Off Off implicit_flush Off Off include_path.:/usr/local/share/pear .:/usr/local/share/pear log_errors On On log_errors_max_len 10241024 magic_quotes_gpcOn On magic_quotes_runtimeOff Off magic_quotes_sybase Off Off max_execution_time 30 30 max_input_time 60 60 memory_limit32M 32M open_basedirno valueno value output_bufferingno valueno value output_handler no valueno value post_max_size 8M 8M precision 12 12 register_argc_argv On On register_globalsOff On report_memleaks On On safe_mode Off On safe_mode_exec_dir no valueno value safe_mode_gid Off Off safe_mode_include_dir no valueno value sendmail_from no valueno value sendmail_path /usr/sbin/sendmail -t -i/usr/sbin/sendmail -t -i
RE: [PHP] remote fopen not working, despite allow_url_fopen = on
Alex, Either the domain you are trying to fetch data is unknown or your resolver settings do not point to a regular resolving server. (check /etc/resolv.conf) Aras Koktas [EMAIL PROTECTED] Business Excellence Development Phi.dot Internet Systems -Original Message- From: alex handle [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:52 PM To: php-general@lists.php.net Subject: [PHP] remote fopen not working, despite allow_url_fopen = on Hi all, i recently upgraded a server from freebsd 5.x to 6.2 php 4.4.2 - php 4.4.4 apache 1.3 - apache 2.2.4. It worked all great till i noticed that the remote fopen()/file() did not work. allow_url_fopen is set to On and the httpd-error.log shows this error message: [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file() [a href='function.file'function.file /a]: php_network_getaddresses: getaddrinfo failed: hostname nor servname provided, or not known in /home/domains/x/xxx/tmp/remote.php on line 2 [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: Invalid argument in /home/domains/x/xxx/tmp/remote.php on line 2 A lynx from the server to google.com works. Then i put google.com in the /etc/hosts file and i got this message: [Thu Feb 15 14:19:47 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: HTTP request failed! in /home/domains/x/xxx/tmp/remote.php on line 2 With curl i can fetch remote content, but i have to put the domainname in the hosts file. Verry strange!? Here my test file: ?php var_dump(file('http://google.com/')); ? phpinfo and configure.log of the freebsd-ports is attached Thanks in advance! Alex
Re: [PHP] remote fopen not working, despite allow_url_fopen = on
On 2/15/07, Aras [EMAIL PROTECTED] wrote: Alex, Either the domain you are trying to fetch data is unknown or your resolver settings do not point to a regular resolving server. (check /etc/resolv.conf) Aras Koktas [EMAIL PROTECTED] Business Excellence Development Phi.dot Internet Systems -Original Message- *From:* alex handle [mailto:[EMAIL PROTECTED] *Sent:* Thursday, February 15, 2007 3:52 PM *To:* php-general@lists.php.net *Subject:* [PHP] remote fopen not working, despite allow_url_fopen = on Hi all, i recently upgraded a server from freebsd 5.x to 6.2 php 4.4.2 - php 4.4.4 apache 1.3 - apache 2.2.4. It worked all great till i noticed that the remote fopen()/file() did not work. allow_url_fopen is set to On and the httpd-error.log shows this error message: [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file() [a href='function.file'function.file /a]: php_network_getaddresses: getaddrinfo failed: hostname nor servname provided, or not known in /home/domains/x/xxx/tmp/remote.php on line 2 [Thu Feb 15 14:15:42 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: Invalid argument in /home/domains/x/xxx/tmp/remote.php on line 2 A lynx from the server to google.com works. Then i put google.com in the /etc/hosts file and i got this message: [Thu Feb 15 14:19:47 2007] [error] [client xxx] PHP Warning: file( http://google.com/) [a href='function.file'function.file/a]: failed to open stream: HTTP request failed! in /home/domains/x/xxx/tmp/remote.php on line 2 With curl i can fetch remote content, but i have to put the domainname in the hosts file. Verry strange!? Here my test file: ?php var_dump(file('http://google.com/') http://google.com/%27%29); ? phpinfo and configure.log of the freebsd-ports is attached http://www.dict.cc/englisch-deutsch/Thanks+in+advance+TIA.htmlThanks in advance! Alex Hello Aras! my /etc/resolv.conf is ok - a host google.com works and i can reach google.com with lynx. There are no firewall or dns issues on the server.
RE: [PHP]Password and FTP Folder
-Original Message- From: Helder Lopes [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 5:32 AM To: php-general@lists.php.net Subject: [PHP]Password and FTP Folder Hi people hi have a problem i need a script for make a ftp folder that have a password for enter Have anyway to do this?? /mrpostiga you can upload .htaccess and .htpasswd files via FTP and password protect it. If you do a search for password protect htaccess you should find a lot of tutorials on how to create the .htaccess file and generate user/password combinations for the .htpasswd file. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] remote fopen not working, despite allow_url_fopen = on
I do suppose this as a networking error rather than a php problem, or a bug which may be caused by your current combination of OS and software set. By the way, allow_url_fopen is set to OFF, not ON, as it is in the attachement of phpinfo in your previous mail. That would produce a different error i know, but an apache restart may be one more trial for this to work. Aras Koktas [EMAIL PROTECTED] Business Excellence Development Phi.dot Internet Systems -Original Message- From: alex handle [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 4:34 PM To: Aras Cc: php-general@lists.php.net Subject: Re: [PHP] remote fopen not working, despite allow_url_fopen = on Hello Aras! my /etc/resolv.conf is ok - a host google.com works and i can reach google.com with lynx. There are no firewall or dns issues on the server. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remote fopen not working, despite allow_url_fopen = on
Hello Aras! my /etc/resolv.conf is ok - a host google.com works and i can reach google.com with lynx. There are no firewall or dns issues on the server. try: var_dump(file('http://ip_google/')); replace ip_google with google`s main ip. cajb. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] remote fopen not working, despite allow_url_fopen = on
On 2/15/07, cajbecu [EMAIL PROTECTED] wrote: Hello Aras! my /etc/resolv.conf is ok - a host google.com works and i can reach google.com with lynx. There are no firewall or dns issues on the server. try: var_dump(file('http://ip_google/')); replace ip_google with google`s main ip. cajb. Hi cajb, I tried that before but, it doesn't even work with 127.0.0.1 or localhost. Got this Error: [Thu Feb 15 14:19:47 2007] [error] [client xxx] PHP Warning: file( http://72.14.207.99/) [a href='function.file'function.file/a]: failed to open stream: HTTP request failed! in /home/domains/x/xxx/tmp/remote.php on line 2 Alex
[PHP] Re: Extending DOMNode
Rob Richards wrote: Due to the internals of the DOM extension, you need to register the class types that are actually instantiated and not the underlying base DOMNode class. Unfortunately in your case this means you need to register all of those classes separately. $dom-registerNodeClass('DOMElement','MyDOMNode'); $dom-registerNodeClass('DOMAttr','MyDOMNode'); $dom-registerNodeClass('DOMText','MyDOMNode'); ... Not good... :-( ?php class MyDOMNode extends DOMNode { public $x = 100; } $dom = new DOMDocument(); $dom-registerNodeClass('DOMElement','MyDOMNode'); ? PHP Fatal error: DOMDocument::registerNodeClass(): Class MyDOMNode is not derived from DOMElement. So I have to extend DOMElement and register MyDOMElement. But all my nodes should be also based on MyDOMNode. Problem is that in PHP you can only extend one class in a time, so you cannot build your own class-tree which extends a base class-tree of DOM. :-/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Deny processing of non included files
OK here is the background: My app will: have an admin access at http://sitename/admin/ Obviously authenticated users only are allowed access.. Now my issues is this, i do all the processing from a single index.php in admin/ folder that includes files from all over the webapp directory structure for example modules/thismodule/admin/index.php folder for getting the admin page for the module or modules/thismodule/index.php for displaying the modules in the public part of the page etc.. You get the picture.. What i want is to restrict acces to all these included php files such that by typing http://sitename/modules/thismodule/admin/index.php, this file will only be processed by the browser if and only if it has been included by http://sitename/admin/index.php NO included php file should be able to be processed by itself or accessed even for files that do not output anything.. So essentially i think i may be doing somethings wrong.. 1. My included files assume the top file has initiated an instance of an certain object thus being able to use the resources of the instanced objects in the top file..(obviously i have the necessary checks to make sure the instance has been created before including the file) -Should i be initializing new instances of the object at the top of each included file to prevent errors from appearing incase someone access the file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... 2. what is the assesed security risk if someone access a file directly even if it does not output anything? 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? Security is driving me insane i'm becoming totally psychotic at the possiblity of someone taking over my admin systems... Regards, Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] mysql_affected_rows inaccurate?
Hi a long time ago I stopped using mysql_affected_rows because I believed it was giving me an inaccurate number. Now I was not very knowledged then so it could of been my own fault. Is this function safe and functional? Could it possibly give me the row result of a previous query I did and not the latest? -- View this message in context: http://www.nabble.com/mysql_affected_rows-inaccurate--tf3234567.html#a8988123 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Deny processing of non included files
Easy answer: deny access to them. Use your web server to prevent execution of the files. Generally, if you're using Apache, you can just do this: Directory /path/to/modules/ Order Allow,Deny Deny From All /Directory You may also be able to do that from a .htaccess file. If you can't configure the server, just use a define at the top of your index script: define('__INDEX_PHP',TRUE); Then just check it with a one-liner at the top of each script that is for inclusion only. Tim wrote: 1. My included files assume the top file has initiated an instance of an certain object thus being able to use the resources of the instanced objects in the top file..(obviously i have the necessary checks to make sure the instance has been created before including the file) -Should i be initializing new instances of the object at the top of each included file to prevent errors from appearing incase someone access the file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... I don't think you ever want include files to be executed in the wrong context. Just deny access. If anything, just make an index.php page in each module dir that contains only Thanks for visiting this page, but the link you followed is probably mistyped. Try a href=\$document_root\this/a instead. 2. what is the assesed security risk if someone access a file directly even if it does not output anything? Depends on what the file contains. If it contains this: `sudo rm -r $directory/*`, then the results could be disastrous, but let's hope that it wouldn't contain code like that. :-) 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? See above define(...) bit, which is really based on the old C header trick: #ifndef __SOME_FILE_H #define __SOME_FILE_H a bunch of stuff #endif jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Extending DOMNode
Eli wrote: Rob Richards wrote: Due to the internals of the DOM extension, you need to register the class types that are actually instantiated and not the underlying base DOMNode class. Unfortunately in your case this means you need to register all of those classes separately. $dom-registerNodeClass('DOMElement','MyDOMNode'); $dom-registerNodeClass('DOMAttr','MyDOMNode'); $dom-registerNodeClass('DOMText','MyDOMNode'); ... Not good... :-( ?php class MyDOMNode extends DOMNode { public $x = 100; } $dom = new DOMDocument(); $dom-registerNodeClass('DOMElement','MyDOMNode'); ? PHP Fatal error: DOMDocument::registerNodeClass(): Class MyDOMNode is not derived from DOMElement. So I have to extend DOMElement and register MyDOMElement. But all my nodes should be also based on MyDOMNode. Problem is that in PHP you can only extend one class in a time, so you cannot build your own class-tree which extends a base class-tree of DOM. :-/ maybe the runkit extension can help - no idea how big it might explode in your face if you try to hack the DOM* stuff with runkit :-) you never stated why you want to extend all the DOM classes, maybe there is a different way of achieving what you want (i.e. without going through the hassle of what you seem to have to do at the moment) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Deny processing of non included files
-Message d'origine- De : Jon Anderson [mailto:[EMAIL PROTECTED] Envoyé : jeudi 15 février 2007 17:11 À : Tim Cc : 'php-general' Objet : Re: [PHP] Deny processing of non included files Easy answer: deny access to them. Use your web server to prevent execution of the files. Generally, if you're using Apache, you can just do this: Directory /path/to/modules/ Order Allow,Deny Deny From All /Directory Great i'll go the .htaccess way i don't need any files accesible through the browser other then http://thissite/index.php and http://thissite/admin/index.php. You may also be able to do that from a .htaccess file. If you can't configure the server, just use a define at the top of your index script: define('__INDEX_PHP',TRUE); Then just check it with a one-liner at the top of each script that is for inclusion only. Tim wrote: 1. My included files assume the top file has initiated an instance of an certain object thus being able to use the resources of the instanced objects in the top file..(obviously i have the necessary checks to make sure the instance has been created before including the file) -Should i be initializing new instances of the object at the top of each included file to prevent errors from appearing incase someone access the file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... I don't think you ever want include files to be executed in the wrong context. Just deny access. Sure that's what i thought but couldn't get it to work you put me on the right track with the directory directive. If anything, just make an index.php page in each module dir that contains only Thanks for visiting this page, but the link you followed is probably mistyped. Try a href=\$document_root\this/a instead. Well i do have a blank index.html in ALL directories to stop directory listing.. 2. what is the assesed security risk if someone access a file directly even if it does not output anything? Depends on what the file contains. If it contains this: `sudo rm -r $directory/*`, then the results could be disastrous, but let's hope that it wouldn't contain code like that. :-) 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? See above define(...) bit, which is really based on the old C header trick: #ifndef __SOME_FILE_H #define __SOME_FILE_H a bunch of stuff #endif Ok lets just deny access :) Thanks a bunch ;) Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Banner rotation with links
On my home page i have all my banners in a MySQL database which includes the image path, the link, and the description as separate fields. The then do a MySQL query with a query that will look something like this: $query = select * FROM banner ORDER BY RAND() LIMIT 1; Seems to work just fine. -- Kevin Murphy Webmaster: Information and Marketing Services Western Nevada Community College www.wncc.edu 775-445-3326 On Feb 14, 2007, at 8:29 AM, Chris Carter wrote: How can I rotate a banner as well as the link in it within a page using PHP. This can be done as a include file php. Anybody please supply some code or a link for this. Thanks in advance. Chris -- View this message in context: http://www.nabble.com/Banner-rotation- with-links-tf3228157.html#a8968148 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Deny processing of non included files
At 4:44 PM +0100 2/15/07, Tim wrote: OK here is the background: My app will: have an admin access at http://sitename/admin/ Obviously authenticated users only are allowed access.. Now my issues is this, i do all the processing from a single index.php in admin/ folder that includes files from all over the webapp directory structure for example modules/thismodule/admin/index.php folder for getting the admin page for the module or modules/thismodule/index.php for displaying the modules in the public part of the page etc.. You get the picture.. What i want is to restrict acces to all these included php files such that by typing http://sitename/modules/thismodule/admin/index.php, this file will only be processed by the browser if and only if it has been included by http://sitename/admin/index.php NO included php file should be able to be processed by itself or accessed even for files that do not output anything.. So essentially i think i may be doing somethings wrong.. 1. My included files assume the top file has initiated an instance of an certain object thus being able to use the resources of the instanced objects in the top file..(obviously i have the necessary checks to make sure the instance has been created before including the file) -Should i be initializing new instances of the object at the top of each included file to prevent errors from appearing incase someone access the file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... 2. what is the assesed security risk if someone access a file directly even if it does not output anything? 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? Security is driving me insane i'm becoming totally psychotic at the possiblity of someone taking over my admin systems... Regards, Tim Tim: Use require_once (auth.php); in every include. This should be the same auth code you use for your admin page. If you want I can provide an example. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Extending DOMNode
Jochem Maas wrote: maybe the runkit extension can help - no idea how big it might explode in your face if you try to hack the DOM* stuff with runkit :-) you never stated why you want to extend all the DOM classes, maybe there is a different way of achieving what you want (i.e. without going through the hassle of what you seem to have to do at the moment) I want to add a common function to all nodes extended from DOMNode (e.g DOMElement, DOMText, DOMAttr, etc), and also keep the code maintainable so changing the common function will not force me to do in 10 places [I don't want to create a global function for this]. -thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieve value of newly inserted row.
Okay, I found the correct function and below is what I have: - Show quoted text - $insert1 = INSERT INTO table1 ( debit_card, card_type, card_number, exp_date, payment_amount, cvv_number, first_name, middle_name, last_name, address_1, address_2, city, zip_code, zip_4, phone_number, fax_number, email_address, receipt, comments, date_request_received, employee_received_call, research_phase_date, research_phase_user, submit_phase_date, submit_phase_user, status_code, state_code) VALUES ( '$debit_card', '$card_type', '$card_number', '$exp_date', '$amount', '$cvv', '$cc_first', '$cc_middle', '$cc_last', '$cc_address_1', '$cc_address_2', '$cc_city', '$cc_zip', '$cc_zip_4', '$cc_phone_number', '$cc_fax_number', '$cc_email_address', '$receipt', '$cc_comments', '$create_date', '$create_user', '$research_date', '$research_user', '$submit_date', '$submit_user', '$status_code', '$cc_state') SELECT scope_identity() INSERT INTO table2 ( credit_card_id, case_number, comments) VALUES ( 'scope_identity', '$case', '$comments'); echo $insert1; mssql_query($insert1) or die (Query failed: br /.mssql_get_last_message()); echo Insert complete; the scope_identity function is suppose to select the last inserted ID for the first insert statement. When my query executes, it appears to go thru all the steps correctly...it inserts the first record just fine, displays the echo of my query and returns the echo of Insert Complete HOWEVER, when I go to look at the data base there is NO data inserted into table2 even though my query returned that Insert Complete statement. Any ideas? On 2/14/07, Jim Lucas [EMAIL PROTECTED] wrote: Brad Fuller wrote: From looking on the web (MSDN) I found the @@identity and the explanation of what it is, but MS's example is horrible and does not show a good context for using this function. Could you elaborate more on its use? $q = mssql_query(INSERT INTO TableName(...) VALUES(...) SELECT LAST_INSERT_ID=@@IDENTITY); $r = mssql_fetch_assoc($q); HTH, Brad Might look at this http://us3.php.net/manual/en/function.mssql-query.php#46026 -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush
Re: [PHP] Re: Extending DOMNode
Eli wrote: Jochem Maas wrote: maybe the runkit extension can help - no idea how big it might explode in your face if you try to hack the DOM* stuff with runkit :-) you never stated why you want to extend all the DOM classes, maybe there is a different way of achieving what you want (i.e. without going through the hassle of what you seem to have to do at the moment) I want to add a common function to all nodes extended from DOMNode (e.g DOMElement, DOMText, DOMAttr, etc), and also keep the code maintainable so changing the common function will not force me to do in 10 places why? [I don't want to create a global function for this]. why not? -thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Retrieve value of newly inserted row.
Okay, I found the correct function and below is what I have: - Show quoted text - $insert1 = INSERT INTO table1 ( snip ) VALUES ( snip ) SELECT scope_identity() INSERT INTO table2 ( credit_card_id, case_number, comments) VALUES ( 'scope_identity', '$case', '$comments'); echo $insert1; mssql_query($insert1) or die (Query failed: br /.mssql_get_last_message()); echo Insert complete; the scope_identity function is suppose to select the last inserted ID for the first insert statement. When my query executes, it appears to go thru all the steps correctly...it inserts the first record just fine, displays the echo of my query and returns the echo of Insert Complete HOWEVER, when I go to look at the data base there is NO data inserted into table2 even though my query returned that Insert Complete statement. Any ideas? On 2/14/07, Jim Lucas [EMAIL PROTECTED] wrote: Brad Fuller wrote: From looking on the web (MSDN) I found the @@identity and the explanation of what it is, but MS's example is horrible and does not show a good context for using this function. Could you elaborate more on its use? $q = mssql_query(INSERT INTO TableName(...) VALUES(...) SELECT LAST_INSERT_ID=@@IDENTITY); $r = mssql_fetch_assoc($q); HTH, Brad Might look at this http://us3.php.net/manual/en/function.mssql-query.php#46026 -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I don't think you can do multiple inserts in a single query. Or maybe you can but the select statement after it causes the second insert not to be run? I don't know, but I've seen several examples - each use 2 separate insert queries. My reply to your original message was incomplete; I apologize $q1 = mssql_query(INSERT INTO Table1 (...) VALUES (...) SELECT SCOPE_IDENTITY() AS [SCOPE_IDENTITY]); $r = mssql_fetch_assoc($q1); $insert_id = $r['SCOPE_IDENTITY']; $q2 = mssql_query(INSERT INTO Table2 (...) VALUES ({$insert_id}, ...)); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Banner rotation with links
Kevin Murphy wrote: On my home page i have all my banners in a MySQL database which includes the image path, the link, and the description as separate fields. The then do a MySQL query with a query that will look something like this: $query = select * FROM banner ORDER BY RAND() LIMIT 1; Seems to work just fine. just wait till you have 10 items in that table :-) in practice that may never happen and maybe MySQL can optimize a SELECT that does ORDER BY RAND() LIMIT 1 (can anyone confirm what MySQL does with ORDER BY RAND() LIMIT 1 exactly in terms of scanning the table? - the MySQL docs don't mention whether this is scalable at all) *but* if that is not the case then using a field (call it 'randomized' or something like that) and indexing on that and then updating that field periodically with random integers using a cronjob script would make the resulting query alot more robust .. the compromise being that you don't get a different banner each request: $query = select * FROM banner ORDER BY randomized LIMIT 1; the compromise can be mitigated some what by doing something like this (assuming you use sessions): // BRC = Banner Random Count if (!isset($_SESSION['BRC'])) $_SESSION['BRC'] = 0; $query = select * FROM banner ORDER BY randomized LIMIT {$_SESSION['BRC']},1; $_SESSION['BRC']++; --Kevin Murphy Webmaster: Information and Marketing Services Western Nevada Community College www.wncc.edu 775-445-3326 On Feb 14, 2007, at 8:29 AM, Chris Carter wrote: How can I rotate a banner as well as the link in it within a page using PHP. This can be done as a include file php. Anybody please supply some code or a link for this. Thanks in advance. Chris --View this message in context: http://www.nabble.com/Banner-rotation-with-links-tf3228157.html#a8968148 Sent from the PHP - General mailing list archive at Nabble.com. --PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Retrieve value of newly inserted row.
I GOT IT! WooHoo! Thanks to a co-worker, this problem has been solved! I was using scope_identity incorrectly. This is how you should use it: INSERT INTO Table1 ( Column1, Column2) VALUES ( Value1, Value2) INSERT INTO Table2 ( Column1, Column2) VALUES ( scope_identity(), Value2) Using scope_identity() for the value in insert #2 will return the value of the identity field just created from insert #1. On 2/15/07, Brad Fuller [EMAIL PROTECTED] wrote: Okay, I found the correct function and below is what I have: - Show quoted text - $insert1 = INSERT INTO table1 ( snip ) VALUES ( snip ) SELECT scope_identity() INSERT INTO table2 ( credit_card_id, case_number, comments) VALUES ( 'scope_identity', '$case', '$comments'); echo $insert1; mssql_query($insert1) or die (Query failed: br /.mssql_get_last_message()); echo Insert complete; the scope_identity function is suppose to select the last inserted ID for the first insert statement. When my query executes, it appears to go thru all the steps correctly...it inserts the first record just fine, displays the echo of my query and returns the echo of Insert Complete HOWEVER, when I go to look at the data base there is NO data inserted into table2 even though my query returned that Insert Complete statement. Any ideas? On 2/14/07, Jim Lucas [EMAIL PROTECTED] wrote: Brad Fuller wrote: From looking on the web (MSDN) I found the @@identity and the explanation of what it is, but MS's example is horrible and does not show a good context for using this function. Could you elaborate more on its use? $q = mssql_query(INSERT INTO TableName(...) VALUES(...) SELECT LAST_INSERT_ID=@@IDENTITY); $r = mssql_fetch_assoc($q); HTH, Brad Might look at this http://us3.php.net/manual/en/function.mssql-query.php#46026 -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I don't think you can do multiple inserts in a single query. Or maybe you can but the select statement after it causes the second insert not to be run? I don't know, but I've seen several examples - each use 2 separate insert queries. My reply to your original message was incomplete; I apologize $q1 = mssql_query(INSERT INTO Table1 (...) VALUES (...) SELECT SCOPE_IDENTITY() AS [SCOPE_IDENTITY]); $r = mssql_fetch_assoc($q1); $insert_id = $r['SCOPE_IDENTITY']; $q2 = mssql_query(INSERT INTO Table2 (...) VALUES ({$insert_id}, ...));
RE: [PHP] Deny processing of non included files
Ok i have actually discovered a great side-effect that i thought i'd share with any interested by using these .htaccess directives. As i only have two index.php files on the site and they are the only two files accesible through browser i have done this: Files *.* Order Deny,Allow Deny from All /Files Files index.php Order Deny,Allow Allow from All /Files Files *.css Order Deny,Allow Allow from All /Files Now the great side affect i told you about is that you cannot blind check the presence of *.php files in any directory any you file you look for regardless if it exists returns a 403 forbidden, so it is impossible to find the structure of the site... You can though test for directories. These directives along with a site that uses index.php as an engine to generate content via includes, are great for really restricing site access (of course this does not mean my includes don't have holes but thats another issue) on top of a regular authentication. And makes it easier for my own authentication system as i only have to authenticate through one file index.php thus not needing any authentication on any of the included files as suggested, and not needing to worry about that test.php file that got forgotten during dev or something, or even a user uploading a $.php file i dont want him to execute.. Thanks guys, Regards, Tim -Message d'origine- De : Jon Anderson [mailto:[EMAIL PROTECTED] Envoyé : jeudi 15 février 2007 17:11 À : Tim Cc : 'php-general' Objet : Re: [PHP] Deny processing of non included files Easy answer: deny access to them. Use your web server to prevent execution of the files. Generally, if you're using Apache, you can just do this: Directory /path/to/modules/ Order Allow,Deny Deny From All /Directory You may also be able to do that from a .htaccess file. If you can't configure the server, just use a define at the top of your index script: define('__INDEX_PHP',TRUE); Then just check it with a one-liner at the top of each script that is for inclusion only. Tim wrote: 1. My included files assume the top file has initiated an instance of an certain object thus being able to use the resources of the instanced objects in the top file..(obviously i have the necessary checks to make sure the instance has been created before including the file) -Should i be initializing new instances of the object at the top of each included file to prevent errors from appearing incase someone access the file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... I don't think you ever want include files to be executed in the wrong context. Just deny access. If anything, just make an index.php page in each module dir that contains only Thanks for visiting this page, but the link you followed is probably mistyped. Try a href=\$document_root\this/a instead. 2. what is the assesed security risk if someone access a file directly even if it does not output anything? Depends on what the file contains. If it contains this: `sudo rm -r $directory/*`, then the results could be disastrous, but let's hope that it wouldn't contain code like that. :-) 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? See above define(...) bit, which is really based on the old C header trick: #ifndef __SOME_FILE_H #define __SOME_FILE_H a bunch of stuff #endif jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Banner rotation with links
On Feb 15, 2007, at 10:57 AM, Jochem Maas wrote: Kevin Murphy wrote: On my home page i have all my banners in a MySQL database which includes the image path, the link, and the description as separate fields. The then do a MySQL query with a query that will look something like this: $query = select * FROM banner ORDER BY RAND() LIMIT 1; Seems to work just fine. just wait till you have 10 items in that table :-) in practice that may never happen and maybe MySQL can optimize a SELECT that does ORDER BY RAND() LIMIT 1 (can anyone confirm what MySQL does with ORDER BY RAND() LIMIT 1 exactly in terms of scanning the table? - the MySQL docs don't mention whether this is scalable at all) Apparently a lot of folks think it's a bad idea on large tables... http://www.google.com/search?client=safarirls=enq=ORDER+BY+RAND ();ie=UTF-8oe=UTF-8 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] plugging gmmktime value into gmdate yields incorrect date
I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] plugging gmmktime value into gmdate yields incorrect date
And what are the time zones for those two different machines? And what is the time? :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 8:47 PM To: php-general@lists.php.net Subject: [PHP] plugging gmmktime value into gmdate yields incorrect date I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] mysql_affected_rows inaccurate?
Sometimes you can get fooled by the result. If nothing is changed on a update the result for this function will give 0, because nothing was affected. Although you might think so just because you are doing an update. However, an update doesn't necessary mean an update :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: altendew [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 6:06 PM To: php-general@lists.php.net Subject: [PHP] mysql_affected_rows inaccurate? Hi a long time ago I stopped using mysql_affected_rows because I believed it was giving me an inaccurate number. Now I was not very knowledged then so it could of been my own fault. Is this function safe and functional? Could it possibly give me the row result of a previous query I did and not the latest? -- View this message in context: http://www.nabble.com/mysql_affected_rows-inaccurate--tf3234567.html#a898812 3 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Extending DOMNode
Eli wrote: Rob Richards wrote: Due to the internals of the DOM extension, you need to register the class types that are actually instantiated and not the underlying base DOMNode class. Unfortunately in your case this means you need to register all of those classes separately. $dom-registerNodeClass('DOMElement','MyDOMNode'); $dom-registerNodeClass('DOMAttr','MyDOMNode'); $dom-registerNodeClass('DOMText','MyDOMNode'); ... Not good... :-( ?php class MyDOMNode extends DOMNode { public $x = 100; } $dom = new DOMDocument(); $dom-registerNodeClass('DOMElement','MyDOMNode'); ? PHP Fatal error: DOMDocument::registerNodeClass(): Class MyDOMNode is not derived from DOMElement. So I have to extend DOMElement and register MyDOMElement. But all my nodes should be also based on MyDOMNode. Problem is that in PHP you can only extend one class in a time, so you cannot build your own class-tree which extends a base class-tree of DOM. :-/ Ooops. Wasn't thinking when I wrote that. Yup, you will need to extend every one of the node types separately and then register those classes. Rob -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] plugging gmmktime value into gmdate yields incorrect date
date('Z') on the server producing the incorrect output returns 3600. On the other two, I get -18000 and -21600. That said, I don't see how that'd make a difference. The whole reason I'm using the gm* functions, in the first place, is because those are supposed to work with a fixed timezone - GMT. Testament to this is the fact that gmdate('Z') returns 0 on all three of those. Peter Lauri wrote: And what are the time zones for those two different machines? And what is the time? :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 8:47 PM To: php-general@lists.php.net Subject: [PHP] plugging gmmktime value into gmdate yields incorrect date I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session problems with 4.4.5?
Is anyone else having problems with session in 4.4.5? I'm under apache 1.3.27 in linux 2.4.34 and all my web sites break under 4.4.5. As soon as a page tries to register a session variable with session_register apache will segfault. Has worked perfectly fine for the past 2 years and like 10 version of PHP 4.4.X. [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] plugging gmmktime value into gmdate yields incorrect date
-Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:20 PM To: Peter Lauri Cc: php-general@lists.php.net Subject: Re: [PHP] plugging gmmktime value into gmdate yields incorrect date date('Z') on the server producing the incorrect output returns 3600. On the other two, I get -18000 and -21600. That said, I don't see how that'd make a difference. The whole reason I'm using the gm* functions, in the first place, is because those are supposed to work with a fixed timezone - GMT. Testament to this is the fact that gmdate('Z') returns 0 on all three of those. Peter Lauri wrote: And what are the time zones for those two different machines? And what is the time? :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 8:47 PM To: php-general@lists.php.net Subject: [PHP] plugging gmmktime value into gmdate yields incorrect date I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I may be way off... but isn't it redundant to use both gmdate() and gmmktime()? I thought each of these functions were used to convert your local time into GMT... So for example if you're GMT+5, the gmmktime() would subtract 5 hours, and then gmdate() would subtract another 5 hours? Like I said - I could be way off, but just a thought. -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Accessing cookies in PHP and Javascript
Assuming I have a cookie setcookie (username,$_SESSION['Username'], $expires); how can I access the same cookie in Javascript? Or how do I have to create a cookies so it's accessable as $_COOKIE[username] O. Wyss -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session Problem
I am having a problem where it appears that the session is not being saved properly. While on a page, I can start a session and set variables to it. however, when I go to the next page.. the session variables appear to have been cleared out. first page: session_start(); $_SESSION[user_level] = test; second page: session_start(); echo $_SESSION[user_level] ; We just installed php on the 2003 server. Is there maybe a problem with the php.ini file that I need to fix? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Problem
Does your system have permission to write to the temp directory? Put on error_reporting(E_ALL) and see if it throws an error. -Original Message- From: LoneWolf [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 2:35 PM To: php-general@lists.php.net Subject: [PHP] Session Problem I am having a problem where it appears that the session is not being saved properly. While on a page, I can start a session and set variables to it. however, when I go to the next page.. the session variables appear to have been cleared out. first page: session_start(); $_SESSION[user_level] = test; second page: session_start(); echo $_SESSION[user_level] ; We just installed php on the 2003 server. Is there maybe a problem with the php.ini file that I need to fix? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Problem
LoneWolf wrote: I am having a problem where it appears that the session is not being saved properly. While on a page, I can start a session and set variables to it. however, when I go to the next page.. the session variables appear to have been cleared out. first page: session_start(); $_SESSION[user_level] = test; How do you move from one page to the other? You have to pass the session along, I believe.. Something like: $s = SID; // session contant page2.php?$s second page: session_start(); echo $_SESSION[user_level] ; We just installed php on the 2003 server. Is there maybe a problem with the php.ini file that I need to fix? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Problem
-Original Message- From: LoneWolf [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 4:35 PM To: php-general@lists.php.net Subject: [PHP] Session Problem I am having a problem where it appears that the session is not being saved properly. While on a page, I can start a session and set variables to it. however, when I go to the next page.. the session variables appear to have been cleared out. Is there anything unusual about your setup that you failed to mention? (e.g. using frameset etc.) A few things to check: - Make sure cookies (at least session cookies) are enabled in your browser. - Try browsing the site from another computer. - Make sure session_start() is being called before any HTML output (including blank lines before the first ?php tag) -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] plugging gmmktime value into gmdate yields incorrect date
-Original Message- From: Brad Fuller [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:48 PM To: 'Terra Frost'; 'Peter Lauri' Cc: php-general@lists.php.net Subject: RE: [PHP] plugging gmmktime value into gmdate yields incorrect date -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:20 PM To: Peter Lauri Cc: php-general@lists.php.net Subject: Re: [PHP] plugging gmmktime value into gmdate yields incorrect date date('Z') on the server producing the incorrect output returns 3600. On the other two, I get -18000 and -21600. That said, I don't see how that'd make a difference. The whole reason I'm using the gm* functions, in the first place, is because those are supposed to work with a fixed timezone - GMT. Testament to this is the fact that gmdate('Z') returns 0 on all three of those. Peter Lauri wrote: And what are the time zones for those two different machines? And what is the time? :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 8:47 PM To: php-general@lists.php.net Subject: [PHP] plugging gmmktime value into gmdate yields incorrect date I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I may be way off... but isn't it redundant to use both gmdate() and gmmktime()? I thought each of these functions were used to convert your local time into GMT... So for example if you're GMT+5, the gmmktime() would subtract 5 hours, and then gmdate() would subtract another 5 hours? Like I said - I could be way off, but just a thought. -Brad Yes, I was a little off... gmmktime() takes a GMT date and converts it to a local unix timestamp. gmdate() takes a local unix timestamp and converts it to a GMT date. So in theory you *should* get the same date you put in, if using both functions like your example. I think you are on the right track with the Daylight Saving time issue. Starting this year, DST in the U.S. begins in March instead of April. Given that the year of your date input is 2000, it shouldn't be affected, but perhaps that is in fact the culprit? Your date 3/23 falls in between the previous and future DST start dates. Hmm... Have you gotten similar results using a different month/day? -Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-DEV] Suggestion: global variables being accessed in localscope
[Taking this back on-list, as it's my final answer.] On Wed, February 14, 2007 5:30 pm, Christian Schneider wrote: Richard Lynch wrote: But the code that checks for E_NOTICE also has to be altered to check for E_STRICT... How many applications use error handlers. And how many of them rely on a specific code being a specific level? Out of curiousity: I wouldn't even know why someone would do something like that, perhaps you have a good example. Anyway, that's a BC break I find worth doing but I'm fully aware that you will disagree. Anybody on shared hosting who wants to log their errors somewhere out of the morass of system logs without dinking around with .htaccess is going to use set_error_handler. For that matter, if .htaccess is off, and you can't edit php.ini, set_error_handler is just about your only option for reasonable error handling. I think you will find that a LOT of distributed applications use this to avoid splatting PHP error messages out. Or, at least, they should be using it, as there's no other way without using something you can't rely on if your code is widely distributed in unknown environments. I know *I* have used it more than a few times. Once you decide to use set_error_handler, of course you are going to treat E_ERROR, E_NOTICE, E_USER_ERROR differently. You want to just halt your script for E_ERROR, but probably just tell yourself to fix the buglet of an E_NOTICE. You may even put them in separate logs, or perhaps even email yourself E_ERROR, but only log E_NOTICE. I *know* I have switch() statements on the error level in my error handlers, and you are going to break them. I can understand why the purist / anal-retentive camp wants un-initiliazed varaibles as E_STRICT rather than E_NOTICE, but does it really make that much difference? And, honestly, there *ARE* bugs that can be introduced if somebody makes a typo that results in using an unitialized variable. Though the PHP auto-initialization to '' (or 0 or false or whatever is suitable after type-juggling) works 99% of the time, imagine something like this: ?php /* lots of code */ $foo = 42; /* lots of code */ if ($foo === 42) echo foo!; ? Now imagine that somebody deletes all the lots of code and also accidentally deletes the initialization. The thing you believe should be E_STRICT is, in fact, an E_NOTICE worthy issue. Not only CAN this happen, it HAS happened to me, and the E_NOTICE made it patently obvious what had happened as soon as I ran my tests. Therefore, I believe the uninitialized variables should NOT be moved to E_STRICT. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] plugging gmmktime value into gmdate yields incorrect date
Brad Fuller wrote: -Original Message- From: Brad Fuller [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:48 PM To: 'Terra Frost'; 'Peter Lauri' Cc: php-general@lists.php.net Subject: RE: [PHP] plugging gmmktime value into gmdate yields incorrect date -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 3:20 PM To: Peter Lauri Cc: php-general@lists.php.net Subject: Re: [PHP] plugging gmmktime value into gmdate yields incorrect date date('Z') on the server producing the incorrect output returns 3600. On the other two, I get -18000 and -21600. That said, I don't see how that'd make a difference. The whole reason I'm using the gm* functions, in the first place, is because those are supposed to work with a fixed timezone - GMT. Testament to this is the fact that gmdate('Z') returns 0 on all three of those. Peter Lauri wrote: And what are the time zones for those two different machines? And what is the time? :) Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Terra Frost [mailto:[EMAIL PROTECTED] Sent: Thursday, February 15, 2007 8:47 PM To: php-general@lists.php.net Subject: [PHP] plugging gmmktime value into gmdate yields incorrect date I tried running the following script on three different servers: ?php echo gmdate('m, d, Y', gmmktime(0,0,0,3,23,2000) ); ? On two of the servers, I got 03, 23, 2000 back. On the other, however, I got 03, 22, 2000. This doesn't make any sense to me. On the servers that return the correct date (03, 23, 2000), gmmktime(0,0,0,3,23,2000) returns 953769600. On the server that returns the incorrect date (03, 22, 2000), gmmktime(0,0,0,3,23,2000) returns 953766000. There's a difference of 3600 between the two, which makes me think that some daylight savings time setting is to blame. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I may be way off... but isn't it redundant to use both gmdate() and gmmktime()? I thought each of these functions were used to convert your local time into GMT... So for example if you're GMT+5, the gmmktime() would subtract 5 hours, and then gmdate() would subtract another 5 hours? Like I said - I could be way off, but just a thought. -Brad Yes, I was a little off... gmmktime() takes a GMT date and converts it to a local unix timestamp. gmdate() takes a local unix timestamp and converts it to a GMT date. So in theory you *should* get the same date you put in, if using both functions like your example. I think you are on the right track with the Daylight Saving time issue. Starting this year, DST in the U.S. begins in March instead of April. Given that the year of your date input is 2000, it shouldn't be affected, but perhaps that is in fact the culprit? Your date 3/23 falls in between the previous and future DST start dates. Hmm... Have you gotten similar results using a different month/day? -Brad if you run: echo gmdate('I', gmmktime(0,0,0,3,23,2000) ); //Capital 'i' I (capital i) - 1 if Daylight Savings Time, 0 otherwise. This might help you -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Accessing cookies in PHP and Javascript
Your favorite search engine would provide you with far better JavaScript answers than a PHP mailing list... Otto Wyss wrote: Assuming I have a cookie setcookie (username,$_SESSION['Username'], $expires); how can I access the same cookie in Javascript? Parse out document.cookie. Or how do I have to create a cookies so it's accessable as $_COOKIE[username] document.cookie = username= + escape(username); You can add expiry, path, etc. with JavaScript, but you can google for that. jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problem Directing the Page with header
Hi, I am having problem with redirecting the page in user authenication page . I am working on my windows machine as a localhost with PHP Version 5.2.0. Everything is working good in local machine (in Windows) but now when i tried to upload the same code to the server which is using PHP Version 5.1.6, it does not seem to redirect my page. I have a main loginpage which on post goes to the logincheck.php and in Login.php i have all the stuffs to authenticate and redirect the user. I am pasting the logincheck.php code below. ?php session_start(); require_once 'functions.php'; $UserName = $_POST['UserName']; $Password = $_POST['Password']; $error = login_check($_POST); $adminAddress = getAbsolutePath().'adminlogin.php'; $userAddress = getAbsolutePath().'userlogin.php'; $samePage = getAbsolutePath().'login-new.php'; if (trim ($error)==) { $accesslevel = accessLevel($UserName); if ($accesslevel == admin){ $_SESSION[userid] = login($_POST); header(Location: $adminAddress); exit(); } else if ($accesslevel == user){ $_SESSION[userid] = login($_POST); header(Location: $userAddress); exit(); } } else { $errorMessage = '$error'; header(Location: $samePage); exit(); } ? Any Help would be highly aprriciated. Thanks a lot -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem Directing the Page with header
Ashish Rizal wrote: Hi, I am having problem with redirecting the page in user authenication page . I am working on my windows machine as a localhost with PHP Version 5.2.0. Everything is working good in local machine (in Windows) but now when i tried to upload the same code to the server which is using PHP Version 5.1.6, it does not seem to redirect my page. I have a main loginpage which on post goes to the logincheck.php and in Login.php i have all the stuffs to authenticate and redirect the user. I am pasting the logincheck.php code below. one thing to watch for is case-sensitivity. you have a logincheck.php and then a Login.php are you sure that the file has a 'L' in the name? This is actually all mute if you are running on a windows server also. Do you know what OS is on the server? Linux, BSD, Windows, Mac... when you say it does not seem to rediret my page... What does it do instead??? Error... ?php session_start(); require_once 'functions.php'; $UserName = $_POST['UserName']; $Password = $_POST['Password']; $error = login_check($_POST); $adminAddress = getAbsolutePath().'adminlogin.php'; $userAddress = getAbsolutePath().'userlogin.php'; $samePage = getAbsolutePath().'login-new.php'; if (trim ($error)==) { $accesslevel = accessLevel($UserName); if ($accesslevel == admin){ $_SESSION[userid] = login($_POST); header(Location: $adminAddress); exit(); } else if ($accesslevel == user){ $_SESSION[userid] = login($_POST); header(Location: $userAddress); exit(); } } else { $errorMessage = '$error'; header(Location: $samePage); exit(); } ? Any Help would be highly aprriciated. Thanks a lot -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_affected_rows inaccurate?
On Thu, February 15, 2007 10:06 am, altendew wrote: Hi a long time ago I stopped using mysql_affected_rows because I believed it was giving me an inaccurate number. Now I was not very knowledged then so it could of been my own fault. Is this function safe and functional? Could it possibly give me the row result of a previous query I did and not the latest? Works for me. It only counts rows that ACTUALLY CHANGED and not the number of rows that fit your WHERE clause. This can be confusing at first, but is quite useful, particularly for marking records dirty when you want to re-publish a record only if it really really changed in a large database - static publishing setup. http://php.net/mysql_affected_rows -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Deny processing of non included files
On Thu, February 15, 2007 9:44 am, Tim wrote: typing http://sitename/modules/thismodule/admin/index.php, this file will only be processed by the browser if and only if it has been included by http://sitename/admin/index.php One simple way to be sure it's not access directly by the browser is to just MOVE it out of the web tree and set up your include_path to include the new location. Then it can't be surfed to AT ALL, much less executed as PHP code. file directly? Or should i believe it doesn't really matter as in a production environment display_errors is set to off so no error output will be shown... Hmmm. Random bits of code being executed completely out of sequence in ways you've never even imaginged, much less tested. I don't think that's something you want to ignore, personally... 2. what is the assesed security risk if someone access a file directly even if it does not output anything? What does the file contain? exec(rm -rf /); mysql_query($_GET['query']); include $file; Hopefully you have nothing that blatantly wrong in your PHP. Unfortunately, you probably DO have something much more subtle somewhere in your PHP code, for any large project. I'd say the risk is fairly low, but the CONSEQUENCES are immeasurable. Given that it's trivial to move the files and set up include_path, I'd recommend you just fix it. 3. is their a way to check that a file has been included by such and such file or should i develop a hash system where the top page that includes files generates a hash, stores it in the db for the length of the script and in a variable, and have the included file check that the variable from the top file and the hash in the db correspond? You could do all that as well... Or, possibly, simply write robust code that errors out if more normal things are out of whack, like the DB object you expected to be created at the beginning. For that matter, your script should error out gracefully if, in the MIDDLE of your script, the DB process DIES. It's amazing how many PHP scripts don't have even rudimentary checking on their result, and just assume the DB is still there, just because mysql_connect( )succeeded at the beginning. Bad News: The DB could easily go down AFTER mysql_connect() but before you actually do anything useful. Your PHP code should handle that. Security is driving me insane i'm becoming totally psychotic at the possiblity of someone taking over my admin systems... But are you paranoid enough? :-) You are now in a normal state of security-conciousness. Learn to accept it, embrace it even. MUST READ: http://phpsec.org/ -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Deny processing of non included files
On Thu, February 15, 2007 10:11 am, Jon Anderson wrote: Easy answer: deny access to them. Use your web server to prevent execution of the files. Generally, if you're using Apache, you can just do this: Directory /path/to/modules/ Order Allow,Deny Deny From All /Directory You may also be able to do that from a .htaccess file. It's easy to get bit by this if you move your application over, and forget to include the .htaccess file in your tarball, as: tar -cvf export.tar * does NOT include .htaccess file :-( I've had it happen. I was lucky enough that the whole thing didn't work, as there were other .htaccess settings that made it immediately apparent things were not right. But if all you have in .htaccess is the blockage of the PHP scripts you don't want exposed, you could all too easily mess this up in a server move. There is no real reason for the include files to be in the web tree at all. They are NOT web documents, there should never be a URL that resolves to them, for anybody. Just move them out from the web tree completely, and breathe easier is my advice. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with Redirect
[Didn't I see this thread before?...] On Thu, February 15, 2007 7:39 pm, Ashish Rizal wrote: Hi friends, I am having problem with following code. I have actually made the whole code on same page (login.php) and the functions that i used in this code are in functions.php. Now this time it is showing the warning : Warning: Cannot modify header information - headers already sent by (output started at C:\Program Files\xampp\htdocs\fselection\login.php:1) in C:\Program Files\xampp\htdocs\fselection\login.php on line 19 The line 19 is header(Location: http://$host$uri/$extra;); Below is the list of code for login.php. The Server i am using is SunOS 5.10. ?php session_start(); require_once 'functions.php'; $UserName = $_POST['UserName']; $Password = $_POST['Password']; $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); $extra = 'adminlogin.php'; $loc = \http://$host$uri/$extra\;; if ($_POST){ $error = login_check($_POST); if (trim ($error)==) { $accesslevel = accessLevel($UserName); ? ?php //At a minimum, you need to do this here: session_write_close(); if ($accesslevel == admin){ $_SESSION[userid] = login($_POST); header(Location: http://$host$uri/$extra;); exit(); } else if ($accesslevel == user) { //echo this is user; $_SESSION[userid] = login($_POST); header('Location: userlogin.php'); exit(); } } else { print Error :$error; } You could also consider not doing a redirect at all, and just suck in the appropriate files with 'include' instead of wasting HTTP connections and bouncing the user like a basketball just to give them what they want... PS exit is not a function and should not have () PPS Blindly cramming all of $_POST into a session variable is a particularly Bad Idea from a security standpoint, and you need to study everything on this site before proceeeding: http://phpsec.org/ -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] array_pop() with key-value pair ???
Hi, Why isn't there a function that acts like array_pop() returns a pair of key-value rather than the value only ? Reason is, that in order to pop the key-value pair, you do: ?php $arr = array('a'=1,'b'=2,'c'=3,'d'=4); $arr_keys = array_keys($arr); $key = array_pop($arr_keys); $value = $arr[$key]; ? I benchmarked array_keys() function and it is very slow on big arrays since PHP has to build the array. While array_pop() can be acceleraed by the guts of PHP engine. -thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: array_pop() with key-value pair ???
More over.. PHP seems to be quiet slow when dealing with array_shift() array_unshift(), but it is much faster with array_pop() array_push(). I am not familiar with the PHP internals, but why not add a pointer to the start and end of the array? Good word can be said on PHP that accelerated at least count() function.. Maybe I require too much.. PHP is a rapid development scripting language.. not a massive optimized programming language.. :-/ Eli wrote: Hi, Why isn't there a function that acts like array_pop() returns a pair of key-value rather than the value only ? Reason is, that in order to pop the key-value pair, you do: ?php $arr = array('a'=1,'b'=2,'c'=3,'d'=4); $arr_keys = array_keys($arr); $key = array_pop($arr_keys); $value = $arr[$key]; ? I benchmarked array_keys() function and it is very slow on big arrays since PHP has to build the array. While array_pop() can be acceleraed by the guts of PHP engine. -thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Text Editor for Windows?
[snip] I am finding that notepad is lacking when correcting syntax errors in my php code. No line numbers. What can people recommend for use under Windows? [/snip] Zend Studio :-) ...but it's not for free. Check out the trial version. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php