Re: [PHP] Session Problem
Brad Bonkoski wrote: How do you move from one page to the other? You have to pass the session along, I believe.. Something like: $s = SID; // session contant page2.php?$s You only need to pass the session identifier in the query string if you aren't using cookies. By default, sessions will be handled with cookies, so they work transparently. I suspect, as others have suggested, that there is a path/permission problem and the session data is not getting saved. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Securing user table with sha function
Haydar Tuna wrote: 1) If you protect your site from SQL Injection, you must replace all quote and blank character in your form data. (with string functions) A better approach is data inspection. For example, if you know a field should only ever contain letters, you can use ctype_alpha() to confirm that. Since alpha characters would never create a script injection, you don't even need to do anything further with it. If you need to allow dangerous characters, use an appropriate escaping algorithm. I work with MySQL all the time, so I use the real_escape_string() method of the mysqli object when necessary. The conceptual key to writing secure applications is understanding that ALL input is tainted (i.e. potentially dangerous). This includes the results of database queries. Your PHP application has no way to know the data coming out of the database is positively safe. Using inspection and escaping as appropriate, you transform tainted data into safe data. I will often do so this way: $mysql = array(); if (isset($_POST['firstName']) ctype_alpha($_POST['firstName'])) $mysql['firstName'] = $_POST['firstName']; if (isset($_POST['comments'])) // $database holds a mysqli object $mysql['comments'] = $database-real_escape_string($_POST['comments']); From this point onward in my application, all operations work with the values in the $mysql array, because I have either confirmed it as safe or escaped it appropriately. 3) if comparing passwords are true, then you must use session variables for username You don't have to, but it's generally convenient to do so. You should be aware of session hijacking and place safeguards in the session data, such as checking IP and/or user agent. 4) if user forget his or her password, you can send email to the user when the user answer password protected question. Kinda impossible if the password is hashed, isn't it? What a strange thought, though. I guess all those sites with password reminder functions have the password stored in plain text somewhere. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Securing user table with sha function
Tim wrote: Now moving on into other aspects of security :P I was thinking of a way to secure my login inputs the best way possible. [...] Maybe I'm missing something, but why not simply inspect and clean input to ensure that it's always properly escaped and safe to send to your database? It seems to me that's the most sensible way to address SQL injection. Hashing the data in your database has drawbacks, and anyway, do you want them to see even hashed data? I sure don't. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] counting hyperlink clicks in php
Brad Bonkoski wrote: I think the best way to do this would be to set an onClick (Javascript) event handler for each of the links, and then use AJAX style stuff to send the information to PHP on the server side, then PHP can log the link that was clicked, and keep track of the most clicked links. The only problem with this suggestion is the dependency on Javascript. This would not count clicks from browsers that don't support JS or from users who have disabled it in their browsers. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] css in mail()
Sancar Saran wrote: $mail= html head titleTitle/title style.$data./style /head body Html content /body /html; I stopped being a designer quite a long time ago, and I never learned how to compose HTML e-mail because I think it's a blight. I do, however, work with some talented designers, and they (and Google) tell me that the above is basically a terrible idea. Apparently e-mail clients do not support properly formed HTML very well. It is suggested not to use html/html tags or a head/head (most clients apparently strip the HTML header). The CSS should be inclined in the body, as wrong as that is in HTML/XHTML. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Change in 5.2.1 re. parsing of URL
Lewis Kapell wrote: http://www.mydomain.com/mypage.php/phonypage.pdf In this example there is a PHP script called mypage.php which serves up a PDF. Putting the extra text at the end of the URL makes it appear to the user's browser that the URL ends with '.pdf' rather than '.php'. We introduced this hack at my company because a few users were unable to view pages containing PDF or RTF content, presumably because of some combination of browser and/or firewall settings. This is the proper way to handle this. If it doesn't work, the user's browser is misconfigured. ?php header('Content-type: application/pdf'); // your PDF data ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: re another hand wringer
jekillen wrote: for($i = 0; $i $flen; $i++) // now it works { array_push($edata, $_POST[a_$z]); print $_POST[a_$z].'br'; // prints all values. $z++; }; I recommend you consider changing your loop to: for ($i = 1; $i = $flen; $i++) { array_push($edata, $_POST[a_$i]); print $_POST[a_$i] . br /\n; } There is no need whatsoever for a $z variable. It's just a waste of memory (albeit a little bit of memory, but why?). :) You're already iterating a loop, why not use the loop counter for your index? It'll make the code more readable too. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: WHERE problem
How about this instead, Mike? ?php // some code $fortune = mysql_query(SELECT text FROM fortunes ORDER BY RAND() LIMIT 1); $fortune = mysql_fetch_row($fortune); $fortune = sprintf( 'span class=quotecycquot;%squot;br /-Omniversalism.com/span', $fortune[0] ); // some more code ? MySQL is implemented in random code, so it can probably perform this operation faster, and this code is much cleaner. You may want to move away from mysql since it's essentially deprecated. I have switched to mysqli and prefer it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Securing user table with sha function
Hello again, if you crypt your usernames, it happened many problems. As you know, if you crypt any string to SHA1, you don't decrypt again. You cannot use username in your application. in my many application, I have crpyted password , I haven't cryrpt usernames. Becuase I used username for session authentication. for example if I want to action on the usernames or list of usernames , what can I do this? All of usernames are crypted. Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Haydar Tuna [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, 1) If you protect your site from SQL Injection, you must replace all quote and blank character in your form data. (with string functions) 2) After this step, you can compare your password (with SHA1) and database password field (with SHA1). 3) if comparing passwords are true, then you must use session variables for username 4) if user forget his or her password, you can send email to the user when the user answer password protected question. -- Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Tim [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, Now moving on into other aspects of security :P I was thinking of a way to secure my login inputs the best way possible. Seeing how many different types of injection attacks their is and while observing different authentication systems I often notice the sha() function being used for passwords, which of course is the minimum requirements to saving passwords but.. Why manipulate this information in clear text wether it be email or username or pass fields, such as when you use sessions/cookies, or any other method of passing authentication information from page to page (an sha hash is x times less geussable then any other human term)... AND how to secure for injection attacks? Now this is where i thought hey, on every login page there is a user and pass input field and thus this is the only place one could peak into my user table, and I don't want someone injecting through their as the user table (three fields seperate from profile, username, email, pass) is the key to entry to the site.. SO, why not just encrypt all three fields? And store copies of email and username (not pass :P) in another database unecrypted or with a salt for further recovery.. This would ensure that ANY information entered into the user and passowrd will be run through sha() thus creating a 40 char length hash and covering any (?) injection possiblity through a forged input in one of those fields via my select routine.. Just wondering what other security conscious people think of this plan even though it may slow down logins a tad but the tight security in my opinion justifies this.. Does anyone see an ugly flaw in this scheme? Does it look viable? Thanks for any input, Regards, Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: WHERE problem
2007. 02. 20, kedd keltezéssel 01.33-kor Fergus Gibson ezt írta: How about this instead, Mike? ?php // some code $fortune = mysql_query(SELECT text FROM fortunes ORDER BY RAND() LIMIT 1); $fortune = mysql_fetch_row($fortune); $fortune = sprintf( 'span class=quotecycquot;%squot;br /-Omniversalism.com/span', $fortune[0] ); // some more code ? MySQL is implemented in random code, so it can probably perform this operation faster, and this code is much cleaner. You may want to move away from mysql since it's essentially deprecated. I have switched to mysqli and prefer it. a week ago or something like that there was an extensive discussion here about ORDER BY RAND being slow and inefficient on large tables read this: http://www.titov.net/2005/09/21/do-not-use-order-by-rand-or-how-to-get-random-rows-from-table/ greets Zoltán Németh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Securing user table with sha function
-Message d'origine- De : Haydar Tuna [mailto:[EMAIL PROTECTED] Envoyé : mardi 20 février 2007 10:34 À : php-general@lists.php.net Objet : [PHP] Re: Securing user table with sha function Hello again, if you crypt your usernames, it happened many problems. As you know, if you crypt any string to SHA1, you don't decrypt again. You cannot use username in your application. in my many application, I have crpyted password , I haven't cryrpt usernames. Becuase I used username for session authentication. for example if I want to action on the usernames or list of usernames , what can I do this? All of usernames are crypted. OK then what if i consider using PHP's Mcrypt extension with a key to crypt/decrypt data, this would give me the possiblity to use a username crypted hash in the session variable and decrypt it at any moment with the proper key? Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Haydar Tuna [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, 1) If you protect your site from SQL Injection, you must replace all quote and blank character in your form data. (with string functions) 2) After this step, you can compare your password (with SHA1) and database password field (with SHA1). 3) if comparing passwords are true, then you must use session variables for username 4) if user forget his or her password, you can send email to the user when the user answer password protected question. -- Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Tim [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, Now moving on into other aspects of security :P I was thinking of a way to secure my login inputs the best way possible. Seeing how many different types of injection attacks their is and while observing different authentication systems I often notice the sha() function being used for passwords, which of course is the minimum requirements to saving passwords but.. Why manipulate this information in clear text wether it be email or username or pass fields, such as when you use sessions/cookies, or any other method of passing authentication information from page to page (an sha hash is x times less geussable then any other human term)... AND how to secure for injection attacks? Now this is where i thought hey, on every login page there is a user and pass input field and thus this is the only place one could peak into my user table, and I don't want someone injecting through their as the user table (three fields seperate from profile, username, email, pass) is the key to entry to the site.. SO, why not just encrypt all three fields? And store copies of email and username (not pass :P) in another database unecrypted or with a salt for further recovery.. This would ensure that ANY information entered into the user and passowrd will be run through sha() thus creating a 40 char length hash and covering any (?) injection possiblity through a forged input in one of those fields via my select routine.. Just wondering what other security conscious people think of this plan even though it may slow down logins a tad but the tight security in my opinion justifies this.. Does anyone see an ugly flaw in this scheme? Does it look viable? Thanks for any input, Regards, Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Securing user table with sha function
-Message d'origine- De : Fergus Gibson [mailto:[EMAIL PROTECTED] Envoyé : lundi 19 février 2007 12:01 À : php-general@lists.php.net Objet : [PHP] Re: Securing user table with sha function Tim wrote: Now moving on into other aspects of security :P I was thinking of a way to secure my login inputs the best way possible. [...] Maybe I'm missing something, but why not simply inspect and clean input to ensure that it's always properly escaped and safe to send to your database? It seems to me that's the most sensible way to address SQL injection. Yes i agree partially, an error in the cleaning algo could easily open up to injection, their are so many workarounds to standard input filtering how to catch them all? Hashing the data in your database has drawbacks, and anyway, do you want them to see even hashed data? I sure don't. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Securing user table with sha function
- Original Message - From: Tim [EMAIL PROTECTED] -Message d'origine- De : Haydar Tuna [mailto:[EMAIL PROTECTED] Envoyé : mardi 20 février 2007 10:34 À : php-general@lists.php.net Objet : [PHP] Re: Securing user table with sha function Hello again, if you crypt your usernames, it happened many problems. As you know, if you crypt any string to SHA1, you don't decrypt again. You cannot use username in your application. in my many application, I have crpyted password , I haven't cryrpt usernames. Becuase I used username for session authentication. for example if I want to action on the usernames or list of usernames , what can I do this? All of usernames are crypted. OK then what if i consider using PHP's Mcrypt extension with a key to crypt/decrypt data, this would give me the possiblity to use a username crypted hash in the session variable and decrypt it at any moment with the proper key? One aproach I have often seen to security is making things complicated, assuming that it will deter intrussion. Complicating things, though, rarely achieves anything useful. Being paranoid about some data you might be complicating your own work and that of those who will have to mantain and upgrade the application afterwards for very little gain. There are good and proven ways to secure an application. If you rarely see anyone going beyond those basic rules it is because the pay off is marginal in terms of security but too complicated in terms of mantainability. Take the user name you are so concerned about. Are you subscribed to eBay and get their newsletter? They send you their mailings with your username in clear to let you know it is indeed from them. eBay runs one of the most secure open sites in the world, and they don't mind sending your login name in the clear, and nor do I so, why should you? Just complicating things don't make a site more secure, it just complicates it. Satyam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mozilla/Opera issue
Hi All, I am clutching at straws here, but I have come across an issue that I don't know whether it's a PHP problem in my coding, or HTML, or something entirely different but I've never seen this happen before, and this list has always helped me out in the past with odd problems. I am developing a site at the moment which is causing a very unusual trait in both mozilla and opera browsers. http://www.reedsandmore.com.au/index2.php For example.. * Click on Clarinet Reeds More * Click on Bb Clarinet Reeds * You will see the first page showing the first 12 items (hopefully it will) * Scroll to the bottom and click on Next * Look at the page that gets refreshed... it's the first page again. Yet in the URL it shows the URL for page=2 * Now to actually bring up page 2, you can click on RELOAD, or simply click on Next at the bottom of the screen again. This will bring up the proper page 2. * Now do the same to bring up page 3. Same thing occurs. Page 2 is re-displayed, and page 3 will not come up until you click on Next again, or click on RELOAD. * The same thing happens in reverse back down through the pages. If anyone can point me in the right direction of this or if you have come across this in the past, please any assistance would be greatly appreciated. The code is valid to XHTML 1.0 Transitional as my initial thought was that something wasn't valid. Any help will be appreciated. Regards Chris Aitken The Web Hub Designer and Programmer Phone : 02 4648 0808 Mobile : 0411 132 075 - Making The Web Work The Web Hub http://www.thewebhub.com.au/ http://www.thewebhub.com.au/ mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] - Confidentiality Statement: This message is intended only for the use of the Addressee and may contain information that is PRIVILEDGED and CONFIDENTIAL. If you are not the intended recipient, dissemination of this communication is prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately.
Re: [PHP] Mozilla/Opera issue
2007. 02. 20, kedd keltezéssel 21.40-kor Chris Aitken ezt írta: Hi All, I am clutching at straws here, but I have come across an issue that I don't know whether it's a PHP problem in my coding, or HTML, or something entirely different but I've never seen this happen before, and this list has always helped me out in the past with odd problems. I am developing a site at the moment which is causing a very unusual trait in both mozilla and opera browsers. http://www.reedsandmore.com.au/index2.php For example.. * Click on Clarinet Reeds More * Click on Bb Clarinet Reeds * You will see the first page showing the first 12 items (hopefully it will) * Scroll to the bottom and click on Next * Look at the page that gets refreshed... it's the first page again. Yet in the URL it shows the URL for page=2 * Now to actually bring up page 2, you can click on RELOAD, or simply click on Next at the bottom of the screen again. This will bring up the proper page 2. * Now do the same to bring up page 3. Same thing occurs. Page 2 is re-displayed, and page 3 will not come up until you click on Next again, or click on RELOAD. * The same thing happens in reverse back down through the pages. If anyone can point me in the right direction of this or if you have come across this in the past, please any assistance would be greatly appreciated. The code is valid to XHTML 1.0 Transitional as my initial thought was that something wasn't valid. I tried it with Firefox on Ubuntu Linux and IE on XP and the problem appears on both. The link itself points to the correct url. So the problem should be in your php code. Maybe it has something to do with sessions, but I cannot tell anything more unless you show your code. greets Zoltán Németh Any help will be appreciated. Regards Chris Aitken The Web Hub Designer and Programmer Phone : 02 4648 0808 Mobile : 0411 132 075 - Making The Web Work The Web Hub http://www.thewebhub.com.au/ http://www.thewebhub.com.au/ mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] - Confidentiality Statement: This message is intended only for the use of the Addressee and may contain information that is PRIVILEDGED and CONFIDENTIAL. If you are not the intended recipient, dissemination of this communication is prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mozilla/Opera issue
Your code is probably flawed,try putting some debug code in, echo out some variables and see what happens. -- Regards, Clive. Real Time Travel Connections {No electrons were harmed in the creation, transmission or reading of this email. However, many were excited and some may well have enjoyed the experience.} -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Install / update php rpm packages with FC6
Dear All, Mine is FC6 System... When I install the php rpm package, the problem as the following : [EMAIL PROTECTED] php]$ rpm -qa | grep libc glibc-common-2.5-3 libcap-devel-1.10-25 libcroco-0.6.1-2.1 glibc-headers-2.5-3 glibc-2.5-3 libcap-1.10-25 libc-client2006-2006e-2.fc6 glibc-devel-2.5-3 libcroco-devel-0.6.1-2.1 [EMAIL PROTECTED] php]$ sudo rpm -Uhv php* warning: php-5.1.6-3.3.fc6.i386.rpm: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2 error: Failed dependencies: libc-client.so.1 is needed by php-imap-5.1.6-3.3.fc6.i386 [EMAIL PROTECTED] php]$ Edward. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PDO database drivers
I upgraded PHP 5.2 = 5.2.1 and added PDO support. It installed the SQLLITE driver by default. I wanted to add the MYSQL driver. I ran pecl install PDO_MYSQL and it failed with an autoconf error. I then downloaded the driver from pecl and unpacked it, but there were no instructions on installing it, and there is no configure script. Has anyone done this? Thanks, Sandy Keathley -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PDO database drivers
Sandy Keathley wrote: I upgraded PHP 5.2 = 5.2.1 and added PDO support. It installed the SQLLITE driver by default. I wanted to add the MYSQL driver. I ran pecl install PDO_MYSQL and it failed with an autoconf error. It probably depends on how you're installing PHP. If you're using a distribution's built-in PHP support, there should be a PDO/mysql package or in Gentoo's case pdo and mysql use flags. If you're compiling from source, just add --with-pdo-mysql to your ./configure line. I then downloaded the driver from pecl and unpacked it, but there were no instructions on installing it, and there is no configure script. Why use pecl? It's built-in to PHP. jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: LOL, preg_match still not working.
I sorry, what is the variable text in the message. Is there any text that is always constant, e.g., This is a test of the emergency broadcast system. Inherently, your object seems obvious. The problem is that you are not providing enough examples. Show us some that you want to match AND some that should not match. Beauford wrote: Read my original email for the example string, I have referred to this in every one of my emails. It's even at the bottom of this one. -Original Message- From: Al [mailto:[EMAIL PROTECTED] Sent: February 18, 2007 10:35 AM To: php-general@lists.php.net Subject: [PHP] Re: LOL, preg_match still not working. If you want help, you must provide some example text strings that are to be matched. You keep posting your pattern and that's the problem. Beauford wrote: Mails been down since this morning (sorry, that's yesterday morning). Anyway, not sure if this went through, so here it is again. -- The bottom line is I want to allow everything in the expression and nothing else. The new line does not seem to be an issue - I can put as many returns as I want, but as soon as I add some punctuation, it falls apart. As I said before, the ! and the period from my original example are reported as invalid - as they are in the expression they should be valid, I'm sure there are other examples as well, but you can see what the problem is. If I take out the ! and period from my example and leave the new lines in, it works fine. Thanks -Original Message- From: Gregory Beaver [mailto:[EMAIL PROTECTED] Sent: February 17, 2007 12:21 PM To: Beauford Cc: PHP Subject: [PHP] Re: LOL, preg_match still not working. Beauford wrote: Hi, I previously had some issues with preg_match and many of you tried to help, but the same problem still exists. Here it is again, if anyone can explain to me how to get this to work it would be great - otherwise I'll just remove it as I just spent way to much time on this. Thanks Here's the code. if(empty($comment)) { $formerror['comment'] = nocomments; } elseif(!preg_match('|[EMAIL PROTECTED]*();:_. /\t-]+$|', $comment)) { $formerror['comment'] = invalidchars; } This produces an error, which I believe it should not. Testing 12345. This is a test of the emergency broadcast system. WAKE UP!! Hi, Your sample text contains newlines. If you wish to allow newlines, instead of \t you should use the whitespace selector \s ?php $comment = 'Testing 12345. This is a test of the emergency broadcast system. WAKE UP!!'; if(!preg_match('|[EMAIL PROTECTED]*();:_.\s/-]+$|', $comment)) { echo 'oops'; } else { echo 'ok'; } ? Try that code sample, and you'll see that it says ok What exactly are you trying to accomplish with this preg_match()? What exactly are you trying to filter out? I understand you want to eliminate invalid characters but why are they invalid? I ask because there may be a simpler way to solve the problem, if you can explain what the problem is. Thanks, Greg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problems processing UNIX timestamps in events directory
Hi all. I have an odd problem. I am building an events directory and when users search, they provide a date range ie Feb 16 2007 to March 12 2007 as one of the options for searching. The system then creates an array of timestamps from this and then polls the database for all events whose lifetimes (start to end data) intersect with or contain the user date ranges. The system then checks how many of those dates map onto the dates provided by the user and returns an array of events on specific dates, all by comparing timestamps. The system is working like a dream apart from the following. If the user selects a start date prior to March 26 2007 or after October 29th 2007 all is well. If they specify a start date after March 26 the events are not being pulled in. I have converted the user-friendly date output to timestamps to check and sure enough, when the user selects a start date before March 26 2007, March 26 2007 is output as: 1174863600 ...after that it becomes: 117486 ...a difference of 3600 Is this anything to do with leap seconds or any other clock drift phenomenon anyone has seen before? Much hair being torn out at present! -- http://www.web-buddha.co.uk
Re: [PHP] Classified Ads Script
On 2/19/07, Matt Arnilo S. Baluyos (Mailing Lists) [EMAIL PROTECTED] wrote: Hello everyone, I'm planning to put up a local classified ads website and I'm looking for an open-source script for this. I've already had some links from Google and Sourceforge but I'd like to get some opinions on people who've already run a classifieds website as to what they're using and what they think of it. Best Regards, Matt -- Stand before it and there is no beginning. Follow it and there is no end. Stay with the ancient Tao, Move with the present. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php We use GeoClassifieds by GeoDesic Solutions. With a little bit of effort I was able to tie it in with our subscriber database. There is a free version, and if I remember correctly the basic version is what we use. Far cheaper to even buy the basic than to write your own, although our situation is simplified because classifieds are offered free to subscribers. Therefore I have no experience of how well anything associated with the payment side, incentives, etc. works. Regards - Miles
Re: [PHP] Problems processing UNIX timestamps in events directory
Dave Goodchild wrote: I have converted the user-friendly date output to timestamps to check and sure enough, when the user selects a start date before March 26 2007, March 26 2007 is output as: 1174863600 ...after that it becomes: 117486 ...a difference of 3600 Is this anything to do with leap seconds or any other clock drift phenomenon anyone has seen before? Much hair being torn out at present! That certainly looks like the end of DST (daylight saving time). HTH, Arpad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Language construct
echo, include and a few others are language constructs because they are part of the language itself rather than being functions in the same category as regular functions are. This means that they are integral part of the language, just like 'if', or any operator +, *, etc, though they look pretty much like functions. It means that though syntactically they look as functions and in the manual they are listed under functions, this is only to make them easy to use, understand and locate in the documentation. That is why certain rules for functions can be relaxed, such as requiring parenthesis around its arguments, which are not actually needed but are there so that they have the same look as regular functions. Satyam - Original Message - From: Balasubramanyam A [EMAIL PROTECTED] To: php-general@lists.php.net Sent: Tuesday, February 20, 2007 3:32 PM Subject: [PHP] Language construct Hello all, I'm new to this group and I'm learning PHP. I want to know what is the exact definition for Language Construct. Could someone please explain about this? No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.441 / Virus Database: 268.18.3/693 - Release Date: 19/02/2007 17:01 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Language construct
Hello all, I'm new to this group and I'm learning PHP. I want to know what is the exact definition for Language Construct. Could someone please explain about this?
Re: [PHP] Re: Change in 5.2.1 re. parsing of URL
We are already using the Content-type header (I should have mentioned that in my first message). And to say that the user's browser is misconfigured is no solution, since we don't have the ability to reconfigure it. If all of our users were on a local network there would be no problem. But that's not our situation. Thank you, Lewis Kapell Computer Operations Seton Home Study School Fergus Gibson wrote: Lewis Kapell wrote: http://www.mydomain.com/mypage.php/phonypage.pdf In this example there is a PHP script called mypage.php which serves up a PDF. Putting the extra text at the end of the URL makes it appear to the user's browser that the URL ends with '.pdf' rather than '.php'. We introduced this hack at my company because a few users were unable to view pages containing PDF or RTF content, presumably because of some combination of browser and/or firewall settings. This is the proper way to handle this. If it doesn't work, the user's browser is misconfigured. ?php header('Content-type: application/pdf'); // your PDF data ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Latin letter problem!
Hi, I'm building an simple CMS system. I have built almost everything but one thing buggs me... I have a MySQL database built for publishing news (Id,title,newsContent,timestamp). And I have a php web page that displays that content. The problem is with the charset, in the database the settings are following: character set latin2 collation latin2_croatian_ci; and in the tables character set utf8; I display the data in the php page using utf8 I see all the non-PHP content pure HTML content capable of seeing croatian letter čćžšđ, but in the news section I only see čćđ. But they are on the same page! I tried putting other HTML charsets like iso-8859-1,iso-8859-2 etc... But in all the scenarios I get the HTMl part working but PHP not working vice-versa... Please help me it is a very important web page if you need any other information just ask! Thank you very much in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Manual contradiction concerning string access?
Dear list, today, I read in a german PHP forum about a problem with accessing an offset of a string. For example, if you have a variable like $string = this is my string; and you want to access the third character at once, I would suggest to use $string{2} so this will return the i. The (german!) manual says about that: (http://de.php.net/manual/de/language.types.string.php#language.types.string.substr) *Anmerkung: * Für Abwärtskompatibilität können Sie für den selben Zweck immer noch die Array-Klammern verwenden. Diese Syntax wird jedoch seit PHP 4 missbilligt. (Translation:) *Note: *For downwards compatibility you may use the array brackets as well. But as of PHP 4, this syntax is deprecated. The english manual says: (Link: http://de.php.net/manual/en/language.types.string.php#language.types.string.substr ) *Note: * They may also be accessed using braces like $str{42} for the same purpose. However, using square array-brackets is preferred because the {braces} style is deprecated as of PHP 6. I'm a little bit confused by now. Which style should I pick? I use PHP 4 and 5. Is there any other difference? It would be great if someone could solve that contradiction within the manual, too. Thanks in advance. Sincere regards Christian Heinrich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Manual contradiction concerning string access?
AFAIK the english manual is more up to date, so I would follow that greets Zoltán Németh 2007. 02. 20, kedd keltezéssel 17.15-kor Christian Heinrich ezt írta: Dear list, today, I read in a german PHP forum about a problem with accessing an offset of a string. For example, if you have a variable like $string = this is my string; and you want to access the third character at once, I would suggest to use $string{2} so this will return the i. The (german!) manual says about that: (http://de.php.net/manual/de/language.types.string.php#language.types.string.substr) *Anmerkung: * Für Abwärtskompatibilität können Sie für den selben Zweck immer noch die Array-Klammern verwenden. Diese Syntax wird jedoch seit PHP 4 missbilligt. (Translation:) *Note: *For downwards compatibility you may use the array brackets as well. But as of PHP 4, this syntax is deprecated. The english manual says: (Link: http://de.php.net/manual/en/language.types.string.php#language.types.string.substr ) *Note: * They may also be accessed using braces like $str{42} for the same purpose. However, using square array-brackets is preferred because the {braces} style is deprecated as of PHP 6. I'm a little bit confused by now. Which style should I pick? I use PHP 4 and 5. Is there any other difference? It would be great if someone could solve that contradiction within the manual, too. Thanks in advance. Sincere regards Christian Heinrich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
2007. 02. 20, kedd keltezéssel 08.17-kor Jim Lucas ezt írta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zoltán Németh // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
Németh Zoltán wrote: 2007. 02. 20, kedd keltezéssel 08.17-kor Jim Lucas ezt írta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zoltán Németh // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush nothing is wrong with it, just confusing -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
Németh Zoltán wrote: 2007. 02. 20, kedd keltezéssel 08.17-kor Jim Lucas ezt írta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zoltán Németh // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I would suggest using either assoc or row this way there is no confusion. Plus it doesn't take as much resources. :) -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Understanding session variables with input field and register_global
I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? O. Wyss -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
2007. 02. 20, kedd keltezéssel 08.28-kor Jim Lucas ezt írta: Németh Zoltán wrote: 2007. 02. 20, kedd keltezéssel 08.17-kor Jim Lucas ezt írta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zoltán Németh // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I would suggest using either assoc or row this way there is no confusion. Plus it doesn't take as much resources. :) ok, it's probably better to decide which to use in advance and then stick to that one... it's always better to plan carefully before coding, and use the optimal tools needed for the job. however, I think sometimes everyone starts coding without detailed plans ;) greets Zoltán Németh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; = = = Original message = = = N~~meth Zolt~~n wrote: 2007. 02. 20, kedd keltez~~ssel 08.17-kor Jim Lucas ezt ~~rta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zolt~~n N~~meth // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I would suggest using either assoc or row this way there is no confusion. Plus it doesn't take as much resources. :) -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Understanding session variables with input field and register_global
[snip] I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? [/snip] $_SESSION['username'] = $username; But really, you should turn off register_globals (holy war will not ensue at this point, everyone knows the value). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] WHERE problem
[snip] Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; [/snip] I suggested that yesterday. :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Understanding session variables with input field and register_global
2007. 02. 20, kedd keltezéssel 17.32-kor Otto Wyss ezt írta: I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. the manual says ( http://hu.php.net/manual/en/ref.session.php ) If register_globals is enabled, then the global variables and the $_SESSION entries will automatically reference the same values which were registered in the prior session instance. However, if the variable is registered by $_SESSION then the global variable is available since the next request. that's why it is the same I think you should read the value from $_POST and put it into $_SESSION to change it hope that helps Zoltán Németh On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? O. Wyss -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Understanding session variables with input field and register_global
-Original Message- From: Otto Wyss [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 11:32 AM To: php-general@lists.php.net Subject: [PHP] Understanding session variables with input field and register_global I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? O. Wyss -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I'm not familiar with an ini setting such as register_globals that would give you similar functionality with session variables. IMHO it seems unlikely that anyone would want EVERY form variable saved in the session (Like the value of your Submit button :P)... .. but if you REALLY want to do it, you could do something like this: foreach($_POST as $key = $val) { $_SESSION[$key] = $val; } HTH, Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
2007. 02. 20, kedd keltezéssel 11.39-kor [EMAIL PROTECTED] ezt írta: Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; that's not new :) a couple of people recommended it earlier today/yesterday this is perfect, but only if the table is not very large. see http://www.titov.net/2005/09/21/do-not-use-order-by-rand-or-how-to-get-random-rows-from-table/ greets Zoltán Németh = = = Original message = = = N~~meth Zolt~~n wrote: 2007. 02. 20, kedd keltez~~ssel 08.17-kor Jim Lucas ezt ~~rta: Mike Shanley wrote: I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); ARRAY??? what's wrong with that? http://hu.php.net/manual/en/function.mysql-fetch-array.php and then you can of course refer to it with indexes, both numeric and associative I don't see anything problematic with that... greets Zolt~~n N~~meth // Ready to ship... Referring to it via an index... could be the problem $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush I would suggest using either assoc or row this way there is no confusion. Plus it doesn't take as much resources. :) -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Change in 5.2.1 re. parsing of URL
Lewis Kapell wrote: We are already using the Content-type header (I should have mentioned that in my first message). Hmmm. So you have a PHP script that sets the mimetype correctly and then outputs straight PDF data, but the user's browser does not accept it as a PDF because the extension of the script is PHP? I find that strange. If you can't find a better solution (something weird is going on in my mind) maybe a work-around is mod_rewrite? You could link to the PHP script with a PDF extension and then rewrite it to the PHP extension behind the scenes. And to say that the user's browser is misconfigured is no solution, since we don't have the ability to reconfigure it. If all of our users were on a local network there would be no problem. But that's not our situation. I agree it's not a solution, but client misconfiguration is difficult, often impossible, to solve with server-side scripting. If you could identify the misconfiguration, your site could offer a how-to document to instruct users how to configure their software correctly. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] WHERE problem
Ah.. sorry Jay. I had like 8,000 emails today and must have missed some of the original responses. Or maybe I'm just trying to look smart by riding on your coat-tails. Either way, apologies for the repeated information. -TG = = = Original message = = = [snip] Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; [/snip] I suggested that yesterday. :) ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Change in 5.2.1 re. parsing of URL
Fergus Gibson wrote: Lewis Kapell wrote: We are already using the Content-type header (I should have mentioned that in my first message). Hmmm. So you have a PHP script that sets the mimetype correctly and then outputs straight PDF data, but the user's browser does not accept it as a PDF because the extension of the script is PHP? I find that strange. It's rare but it does happen. We suspect it's a behavior exhibited by certain browsers in combination with certain firewall settings, or something like that. If you can't find a better solution (something weird is going on in my mind) maybe a work-around is mod_rewrite? You could link to the PHP script with a PDF extension and then rewrite it to the PHP extension behind the scenes. I'll look into that. Thanks for the tip. - Lewis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Manual contradiction concerning string access?
On Tue, 2007-02-20 at 17:21 +0100, Németh Zoltán wrote: AFAIK the english manual is more up to date, so I would follow that greets Zoltán Németh 2007. 02. 20, kedd keltezéssel 17.15-kor Christian Heinrich ezt írta: Dear list, today, I read in a german PHP forum about a problem with accessing an offset of a string. For example, if you have a variable like $string = this is my string; and you want to access the third character at once, I would suggest to use $string{2} Use [], internals recently (7 months or so ago) reversed their opinion of on deprecating [] for strings in favour of {}. The {} almost got deprecated itself, but was saved in lieu of user feedback on internals. So it would seem [] is the superior choice and {} may someday get cut. This is in spite of the PHP group original recommending {}. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Change in 5.2.1 re. parsing of URL
Lewis Kapell wrote: If this has nothing to do with PHP, maybe you can explain why the behavior was broken when I upgraded from 5.2.0 to 5.2.1, and started working again the instant I reverted back to 5.2.0. No other configuration changes were made on the web server. ?? Thank you, Lewis Kapell Computer Operations Seton Home Study School Jochem Maas wrote: Lewis Kapell wrote: There seems to be a behavior change introduced in 5.2.1 and I would like to know if it was deliberate. [snip] this is nothing to do with php - it's down to your webserver settings. are you using the save php.ini file? If different, maybe their is something that changed with the settings in that ini file. Check to see if you had a auto_prepend_file setting that was taking care of extracting that data from the URL and making it usable in the script. I remember doing a hack for something like this that required parsing the $_SERVER['QUERY_STRING'] back a few years ago. -- Enjoy, Jim Lucas Different eyes see different things. Different hearts beat on different strings. But there are times for you and me when all such things agree. - Rush -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Install / update php rpm packages with FC6
Do you really need to use an RPM package to install a PHP on FC. Why not yum install php instead... and for any extension you might want you just install that as well yum install php-gd as example. Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 1:22 PM To: [EMAIL PROTECTED] Cc: php Subject: [PHP] Install / update php rpm packages with FC6 Dear All, Mine is FC6 System... When I install the php rpm package, the problem as the following : [EMAIL PROTECTED] php]$ rpm -qa | grep libc glibc-common-2.5-3 libcap-devel-1.10-25 libcroco-0.6.1-2.1 glibc-headers-2.5-3 glibc-2.5-3 libcap-1.10-25 libc-client2006-2006e-2.fc6 glibc-devel-2.5-3 libcroco-devel-0.6.1-2.1 [EMAIL PROTECTED] php]$ sudo rpm -Uhv php* warning: php-5.1.6-3.3.fc6.i386.rpm: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2 error: Failed dependencies: libc-client.so.1 is needed by php-imap-5.1.6-3.3.fc6.i386 [EMAIL PROTECTED] php]$ Edward. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Latin letter problem!
On 20/02/07, Delta Storm [EMAIL PROTECTED] wrote: Hi, I'm building an simple CMS system. I have built almost everything but one thing buggs me... I have a MySQL database built for publishing news (Id,title,newsContent,timestamp). And I have a php web page that displays that content. The problem is with the charset, in the database the settings are following: character set latin2 collation latin2_croatian_ci; and in the tables character set utf8; I display the data in the php page using utf8 I see all the non-PHP content pure HTML content capable of seeing croatian letter čćžšđ, but in the news section I only see čćđ. But they are on the same page! I tried putting other HTML charsets like iso-8859-1,iso-8859-2 etc... But in all the scenarios I get the HTMl part working but PHP not working vice-versa... Please help me it is a very important web page if you need any other information just ask! Thank you very much in advance! Change it all to utf-8, and watch your problems disappear! I've lots of experience with that in Hebrew website design. Note that you will need the server to specify the utf-8 encoding in the header. The metatag is not enough. Dotan Cohen http://what-is-what.com/what_is/buffer_overflow.html http://lyricslist.com/lyrics/lyrics/47/402/pink_floyd/the_division_bell.html
RE: [PHP] Latin letter problem!
How are you setting the charset of the web page? Are you using header() or using html head section to set it? Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Delta Storm [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 6:04 PM To: php-general@lists.php.net Subject: [PHP] Latin letter problem! Hi, I'm building an simple CMS system. I have built almost everything but one thing buggs me... I have a MySQL database built for publishing news (Id,title,newsContent,timestamp). And I have a php web page that displays that content. The problem is with the charset, in the database the settings are following: character set latin2 collation latin2_croatian_ci; and in the tables character set utf8; I display the data in the php page using utf8 I see all the non-PHP content pure HTML content capable of seeing croatian letter čćžšđ, but in the news section I only see čćđ. But they are on the same page! I tried putting other HTML charsets like iso-8859-1,iso-8859-2 etc... But in all the scenarios I get the HTMl part working but PHP not working vice-versa... Please help me it is a very important web page if you need any other information just ask! Thank you very much in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Latin letter problem!
On 20/02/07, Peter Lauri [EMAIL PROTECTED] wrote: How are you setting the charset of the web page? Are you using header() or using html head section to set it? First, the header() function. Then again in the html tag, and a final time in the meta tag. This way cached pages and pages stored on disk will display properly as well. !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//HE http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; html dir=rtl xmlns=http://www.w3.org/1999/xhtml; xml:lang=he lang=he head meta http-equiv='Content-Type' content='text/html; charset=utf-8' / Dotan Cohen http://lyricslist.com/lyrics/artist_albums/5/112.html http://what-is-what.com/what_is/website.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php forcing a post??
I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks!
[PHP] Re: php forcing a post??
One simple way would be to have php send the page to the client. Then,it will look for the response. blackwater dev wrote: I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: php forcing a post??
Currently the form posts to /cgi/process Process does all sorts of stuff. I basically just want to step in the middle and do one small php thing and then send the form on to the process cgi script just like the form had posted it there. On 2/20/07, Al [EMAIL PROTECTED] wrote: One simple way would be to have php send the page to the client. Then,it will look for the response. blackwater dev wrote: I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php forcing a post??
fsockopen can probably help you with that http://www.php.net/fsockopen Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: blackwater dev [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 9:45 PM To: php-general@lists.php.net Subject: [PHP] php forcing a post?? I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php forcing a post??
Or cURL: http://php.net/curl Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: blackwater dev [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 9:45 PM To: php-general@lists.php.net Subject: [PHP] php forcing a post?? I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php forcing a post??
Peter Lauri wrote: Or cURL: http://php.net/curl Seems like a lot of work to me, not to mention added complexity. I highly doubt there's anything you can do in PHP that you can't do in the CGI script. If you really must do this, the easiest way would be to have the CGI call out to a PHP script, rather than trying to intercept the request itself. Alternatively, do an AJAX request in the onsubmit for the form that does the PHP bit, and if the response is good, then post the form. -Stut -Original Message- From: blackwater dev [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 20, 2007 9:45 PM To: php-general@lists.php.net Subject: [PHP] php forcing a post?? I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php forcing a post??
On Tue, February 20, 2007 1:45 pm, blackwater dev wrote: I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Google for Rasmus Lerdorf function PostToHost It's a lot simpler than you'd think, actually. You just fsockopen to port 80, compose a valid POST HTTP request and write it out. If you have file uploads in the original form, life gets slightly more complex, as you have to compose a more complicated POST, I guess, but it should still be a lot easier than you may be thinking. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Understanding session variables with input field and register_global
On Tue, February 20, 2007 10:32 am, Otto Wyss wrote: I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. You really really should turn OFF register_global for new code development... Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? If you want to sort out the mess of which variables are coming from where, use $_POST and $_SESSION and $_GET instead of $username You should not blindly put POST/GET data into your SESSION data. NEVER trust user-supplied data. Start reading about that here: http://phpsec.org/ O. Wyss -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] HTML form data to utf-8?
Just a general question that I don¹t know the answer to. I have users inputting data via an HTML form. I want to make sure that if they cut and paste from say Word that all the weird characters are converted to plain text (preferably utf-8 since that¹s what my database is). How would I go about doing this? Thanks!
Re: [PHP] Manual contradiction concerning string access?
On Tue, February 20, 2007 10:15 am, Christian Heinrich wrote: today, I read in a german PHP forum about a problem with accessing an offset of a string. For example, if you have a variable like $string = this is my string; and you want to access the third character at once, I would suggest to use $string{2} so this will return the i. The (german!) manual says about that: (http://de.php.net/manual/de/language.types.string.php#language.types.string.substr) *Anmerkung: * Für Abwärtskompatibilität können Sie für den selben Zweck immer noch die Array-Klammern verwenden. Diese Syntax wird jedoch seit PHP 4 missbilligt. (Translation:) *Note: *For downwards compatibility you may use the array brackets as well. But as of PHP 4, this syntax is deprecated. The english manual says: (Link: http://de.php.net/manual/en/language.types.string.php#language.types.string.substr ) *Note: * They may also be accessed using braces like $str{42} for the same purpose. However, using square array-brackets is preferred because the {braces} style is deprecated as of PHP 6. I'm a little bit confused by now. Which style should I pick? I use PHP 4 and 5. Is there any other difference? It would be great if someone could solve that contradiction within the manual, too. We have made a bit of a mess of this... In early versions of PHP, it was considered good by the PHP Dev Team to be able to access a string as an array. $third = $foo[2]; $foo[2] = 'j'; Later PHP Dev Team members thought that was icky and decided to change it to use {} and deprecated []. Still others thought it was icky and one should only use substr to read a string, and, I guess, never replace a single character directly in a string. Then, a backlash occurred, as far as I can tell, and [] was back in vogue, or at least {} was deprecated. There is still a camp that wants [] to die, and only have substr. The German translation is out of date, by one round of changes in all this. I am not 100% certain of the future status of [], but will personally be pretty cranky if it goes away, as I happen to like it. I know others feel differently, however, and would prefer to not have yet another flame war on this issue, so am trying to present a balanced view. I suspect that even if [] is still deprecated, or again deprecated, that it won't disappear as a feature for a long time, because it's just out there in too much code, and will be almost impossible to find and fix... You may want to check in with the internals@ list, as this is really more their kind of question/discussion... YMMV NAIAA IANAL -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Latin letter problem!
I believe you want to send a query something like: mysql_query(SET CHARACTER SET 'utf-8'); to convince PHP / MySQL client/server interaction to also be in UTF-8, on top of the internal storage engine storing things in UTF-8. More info about this SET stuff is at: http://dev.mysql.com/ I found the way to get PHP/MySQL to tell me what it was using, and mine was already in UTF-8, so I didn't actually get as far as trying it. :-v On Tue, February 20, 2007 10:03 am, Delta Storm wrote: Hi, I'm building an simple CMS system. I have built almost everything but one thing buggs me... I have a MySQL database built for publishing news (Id,title,newsContent,timestamp). And I have a php web page that displays that content. The problem is with the charset, in the database the settings are following: character set latin2 collation latin2_croatian_ci; and in the tables character set utf8; I display the data in the php page using utf8 I see all the non-PHP content pure HTML content capable of seeing croatian letter ÄÄžšÄ, but in the news section I only see ÄÄÄ. But they are on the same page! I tried putting other HTML charsets like iso-8859-1,iso-8859-2 etc... But in all the scenarios I get the HTMl part working but PHP not working vice-versa... Please help me it is a very important web page if you need any other information just ask! Thank you very much in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Latin letter problem!
PS Mozilla-based browsers want your charset in the HTTP Content-type header IE and IE-knockoff browsers want your charset in the META tags. You have to do *both* to get all browsers to play nicely. Sorry. On Tue, February 20, 2007 10:03 am, Delta Storm wrote: Hi, I'm building an simple CMS system. I have built almost everything but one thing buggs me... I have a MySQL database built for publishing news (Id,title,newsContent,timestamp). And I have a php web page that displays that content. The problem is with the charset, in the database the settings are following: character set latin2 collation latin2_croatian_ci; and in the tables character set utf8; I display the data in the php page using utf8 I see all the non-PHP content pure HTML content capable of seeing croatian letter ÄÄžšÄ, but in the news section I only see ÄÄÄ. But they are on the same page! I tried putting other HTML charsets like iso-8859-1,iso-8859-2 etc... But in all the scenarios I get the HTMl part working but PHP not working vice-versa... Please help me it is a very important web page if you need any other information just ask! Thank you very much in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
The reason I didn't go with the suggestions for this approach is that I want to accept new submissions to the database whose default id = 0. Thus, I can moderate them on the way in by giving them non-0 numbers. (I've changed the database row count call to fit the implementation since my posting of the code.) Thanks to everyone! [EMAIL PROTECTED] wrote: Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; -- Mike Shanley ~you are almost there~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problems processing UNIX timestamps in events directory
Dave Goodchild wrote: Hi all. I have an odd problem. I am building an events directory and when users search, they provide a date range ie Feb 16 2007 to March 12 2007 as one of the options for searching. The system then creates an array of timestamps from this and then polls the database for all events whose lifetimes (start to end data) intersect with or contain the user date ranges. The system then checks how many of those dates map onto the dates provided by the user and returns an array of events not directly related to your problem but sounds like your doing the search the hard way there should be no need to create an array of timestamps ... SELECT * FROM foo WHERE (startdate BETWEEN ? AND ?) OR enddate BETWEEN (? AND ?) http://dev.mysql.com/doc/refman/4.1/en/comparison-operators.html on specific dates, all by comparing timestamps. The system is working like a dream apart from the following. If the user selects a start date prior to March 26 2007 or after October 29th 2007 all is well. If they specify a start date after March 26 the events are not being pulled in. I have converted the user-friendly date output to timestamps to check and sure enough, when the user selects a start date before March 26 2007, March 26 2007 is output as: 1174863600 ...after that it becomes: 117486 ...a difference of 3600 Is this anything to do with leap seconds or any other clock drift phenomenon anyone has seen before? Much hair being torn out at present! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Language construct
On Tue, February 20, 2007 8:32 am, Balasubramanyam A wrote: I'm new to this group and I'm learning PHP. I want to know what is the exact definition for Language Construct. Could someone please explain about this? It's kind of like the core language definition of things such as: if (...) while (...) ?php and ? and so on In PHP, a handful of common things that many beginners *THINK* are functions are acutally Language Constructs: require include echo isset I belive most of them are documented as such in the manual now. Language Construct roughly corresponds to the grammar of the language, if you will. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problems processing UNIX timestamps in events directory
On Tue, February 20, 2007 8:25 am, Dave Goodchild wrote: I am building an events directory and when users search, they provide a date range ie Feb 16 2007 to March 12 2007 as one of the options for searching. The system then creates an array of timestamps from this and then Why would you create a range, which could potentially be quite a large set, instead of using the SQL BETWEEN operator, or even just using: WHERE whatdate = '$start_date' AND whatdate = '$end_date' It just seems to me like you are creating a giant JOIN for no real purpose, which is going to end up slogging your database as soon as you extend the date range out more than a few weeks... polls the database for all events whose lifetimes (start to end data) intersect with or contain the user date ranges. The system then checks how many of those dates map onto the dates provided by the user and returns an array of events on specific dates, all by comparing timestamps. The system is working like a dream apart from the following. If the user selects a start date prior to March 26 2007 or after October 29th 2007 all is well. If they specify a start date after March 26 the events are not being pulled in. I have converted the user-friendly date output to timestamps to check and sure enough, when the user selects a start date before March 26 2007, March 26 2007 is output as: 1174863600 ...after that it becomes: 117486 ...a difference of 3600 Is this anything to do with leap seconds or any other clock drift phenomenon anyone has seen before? Much hair being torn out at present! This probably is a daylight savings time issue... But if you don't care about the hour/minute/second, you probably should not be messing with Unix time-stamp in the first place... -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mozilla/Opera issue
We'd have to see source, but odds are really good that you are doing something like this: $page = $_SESSION['page']; $query = select stuff from reeds where .. limit 10 * $page; $_SESSION['page'] = $_GET['page']; So you are updating the 'page' a bit too late Of course, you've got a few hundred more lines of code in between all that, so it's not clear to you that this is happening. Add a bunch of: echo page: $pagebr /\n; lines all over the place until you can track it down. Or if this site is live, do more like: error_log(__FILE__ . ': ' . __LINE__ . page: $page); If all else fails, re-post, but include a link to your actual PHP source code. You can copy it into a .txt file, or, for maximum geekinees, on a Un*x based box, you can: ln -s products_list.php products_list.phps You then configure Apache to display .phps files as PHP Source (it should be in there but commented out) and then a link to the .phps file looks something like this: http://uncommonground.com/events.phps Only your code is probably/hopefully way more better than that old code I wrote. On Tue, February 20, 2007 4:40 am, Chris Aitken wrote: Hi All, I am clutching at straws here, but I have come across an issue that I don't know whether it's a PHP problem in my coding, or HTML, or something entirely different but I've never seen this happen before, and this list has always helped me out in the past with odd problems. I am developing a site at the moment which is causing a very unusual trait in both mozilla and opera browsers. http://www.reedsandmore.com.au/index2.php For example.. * Click on Clarinet Reeds More * Click on Bb Clarinet Reeds * You will see the first page showing the first 12 items (hopefully it will) * Scroll to the bottom and click on Next * Look at the page that gets refreshed... it's the first page again. Yet in the URL it shows the URL for page=2 * Now to actually bring up page 2, you can click on RELOAD, or simply click on Next at the bottom of the screen again. This will bring up the proper page 2. * Now do the same to bring up page 3. Same thing occurs. Page 2 is re-displayed, and page 3 will not come up until you click on Next again, or click on RELOAD. * The same thing happens in reverse back down through the pages. If anyone can point me in the right direction of this or if you have come across this in the past, please any assistance would be greatly appreciated. The code is valid to XHTML 1.0 Transitional as my initial thought was that something wasn't valid. Any help will be appreciated. Regards Chris Aitken The Web Hub Designer and Programmer Phone : 02 4648 0808 Mobile : 0411 132 075 - Making The Web Work The Web Hub http://www.thewebhub.com.au/ http://www.thewebhub.com.au/ mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] - Confidentiality Statement: This message is intended only for the use of the Addressee and may contain information that is PRIVILEDGED and CONFIDENTIAL. If you are not the intended recipient, dissemination of this communication is prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Classified Ads Script
On Mon, February 19, 2007 6:50 pm, Matt Arnilo S. Baluyos (Mailing Lists) wrote: Hello everyone, I'm planning to put up a local classified ads website and I'm looking for an open-source script for this. I've already had some links from Google and Sourceforge but I'd like to get some opinions on people who've already run a classifieds website as to what they're using and what they think of it. Is Craigslists available as source?... :-) As a surfer of classified ads, I'd have to say the most disappointing feature, for me, is usually the search. I rarely can get it to find what I want, and end up browsing through a lot of junk just to find the content I desire, or giving up as I run out of time... So without recommending any particular package, I'd suggest focusing on the search engine a lot. I'd also go out on a limb and suggest looking for one that's heavily CSS based, so you have good odds on getting the look you want without altering source code too much. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
On Mon, February 19, 2007 2:32 pm, Bruce Cowin wrote: Mike Shanley [EMAIL PROTECTED] 20/02/2007 9:23:08 a.m. I'd like to think I understood code a little better than this, but I've got a problem with my WHERE... I know it's the WHERE because I get a good result when I leave it out. And the random function is also working... I honestly can't figure it out. Thanks in advance for help with this laughable prob. --- // How many are there? $result = mysql_query(SELECT count(*) FROM fortunes); $max = mysql_result($result, 0); // Get randomized!... the moderated way... $randi = mt_rand(1, $max-1); $q = SELECT text FROM fortunes WHERE index = '$randi'; $choose = mysql_query($q); $chosen1 = mysql_fetch_array($choose); Are you certain that your 'index' field runs from 1 to $max-1 and you will never DELETE a fortune leaving a hole in your 'index' values?... Unless you really really really need the quality of the Merseinne Twister random generator, you could just do: SELECT text FROM fortunes ORDER BY rand() LIMIT 1 (Or is it random() in MySQL? I always confuse mysql/pg random function name...) Also, 'text' is a field type in SQL, so you may need: SELECT `text` to make it not be reserved word. Ditto for index - `index` perhaps. // Ready to ship... $fortune = 'span class=quotecycquot;' . $chosen1[0] . 'quot;br/-Omniversalism.com/span'; mysql_close(); As a matter of Code Style, you MAY want to consider doing: $chosen = mysql_result($choose, 0, 0); instead of creating a 1-element array and then accessing element 0 of that array. Some developers prefer to always do their PHP/mysql the same Others prefer to make it clear when they are getting a singleton database result, by using a different pattern of code. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
On Tue, February 20, 2007 10:46 am, Németh Zoltán wrote: 2007. 02. 20, kedd keltezéssel 11.39-kor [EMAIL PROTECTED] ezt Ãrta: Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; that's not new :) a couple of people recommended it earlier today/yesterday this is perfect, but only if the table is not very large. see http://www.titov.net/2005/09/21/do-not-use-order-by-rand-or-how-to-get-random-rows-from-table/ Another option for extremely large tables, is to ADD a field, say, 'random_cache' of type float, and index that field. You can then: SELECT id FROM whatever ORDER BY random_cache LIMIT $limit; Gather your id's together, and then: UPDATE whatever SET random_cache = random() WHERE id in ($ids) You'd have an index on id as well, of course. So, in essence, as you use up random rows, you re-assign those rows with a new random number, and toss them back in the pile It *does* re-shape the index on the random index, so if that gets too lop-sided and you are selecting a large $limit, the DB takesa beating, but this is still pretty efficient for what most people are trying to do most of the time. It puts the heavy lifting into a DB index, which is about as efficient as you're going to get. It is possible for two users to get the same random selection, if their queries inter-twine. You could wrap the whole thing in a transaction, possibly, if that's undesirable. I use this for a playlist of ~30 songs every day out of ~6 rows, and it works well. But I only do the queries once a day, and store the result, so maybe it won't scale well for heavily-trafficed site. I'd be interested in hearing anybody who benchmarks this compared to other methods, but confess I'm not in enough of a performance bind to feel the need to benchmark for myself. Though I know for sure it beat the ORDER BY random() on my usage, as that's what I had and it was killing me. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] WHERE problem
WHERE id 0 would take care of that. Or, better yet, SEPARETE your 'id' field from your 'approved' field and don't try to be cheap with a one-byte (or even one-bit in some DBs) field. Over-loading the data field definition with dual meaning almost always turns into a problem down the line, in my experience. [Apologies if this has been said -- I'm having email threading issues at the moment...] On Tue, February 20, 2007 3:59 pm, Mike Shanley wrote: The reason I didn't go with the suggestions for this approach is that I want to accept new submissions to the database whose default id = 0. Thus, I can moderate them on the way in by giving them non-0 numbers. (I've changed the database row count call to fit the implementation since my posting of the code.) Thanks to everyone! [EMAIL PROTECTED] wrote: Different strokes for different folks... Might I toss a new recommendation into the mix? SELECT text FROM fortunes ORDER BY RAND() LIMIT 1; -- Mike Shanley ~you are almost there~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Change in 5.2.1 re. parsing of URL
On Mon, February 19, 2007 10:20 am, Lewis Kapell wrote: There seems to be a behavior change introduced in 5.2.1 and I would like to know if it was deliberate. A couple of years ago, PHP introduced functionality that made it possible to use a certain trick. I don't know how to describe this trick in words, so I will illustrate with an example. http://www.mydomain.com/mypage.php/phonypage.pdf In this example there is a PHP script called mypage.php which serves up a PDF. Putting the extra text at the end of the URL makes it appear to the user's browser that the URL ends with '.pdf' rather than '.php'. We introduced this hack at my company because a few users were unable to view pages containing PDF or RTF content, presumably because of some combination of browser and/or firewall settings. I find that version 5.2.1 breaks this behavior - attempting to visit a URL such as the above produces a 'page not found' error. Presumably because it is trying to find the file 'phonypage.pdf' which doesn't exist. My question is, should this be regarded as a bug which might be fixed? Or is this a deliberate change of behavior? It seems MUCH more likely to be a webserver configuration issue, as PHP has no control over what you are describing, really. The web server chooses to invoke PHP, or not, based on web server configuration. Not aware of any way to mess this one up, mind you, but there it is... So check your httpd.conf (or whatever IIS uses) settings. BTW: There was at least ONE browser way back in time, where the trick you are using never worked anyway. While I doubt that anybody on the planet is still using said browser (we're talking a version 4.x minor IE release, I believe...) you may want to consider the second half of this rant: http://richardlynch.blogspot.com So your URLs will just look like: http://example.com/mypage.pdf and the browser cannot POSSIBLY mess up because as far as the browser can tell, it's just a static PDF file it is getting [*]. For example, this PDF: http://uncommonground.com/events.pdf is generated by this code: http://uncommonground.com/events_pdf.phps and it is just as dynamic as the HTML calendar, from which it springs: http://uncommonground.com/events.htm Some day I plan on combining the two scripts into one, actually, as they are really mostly the same... But that's been on my ToDo list for many years now, and is unlikely to get done RSN. * To be pedantic, I should say that the browser cannot screw up any more than it would for a static PDF, as it could still manage to screw up quite a few things even with that... :-( -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: remote fopen not working, despite allow_url_fopen = on
On Mon, February 19, 2007 9:43 am, alex handle wrote: A minute ago i tried to run my test script (remote.php) on the shell and the remote fopen works!! The problem must be within the php apache module or apache self. Is there a way to debug the php apache module? Step #1. Create a page with ?php phpinfo();? in it, surf to it, and find the allow_url_fopen setting within that output. I'm betting dollars to donuts that the php.ini you changed has not yet been read by your webserver, because it isn't the right php.ini, or because you forgot to re-start Apache. Step #2. It's possible that your httpd.conf is messed up so that Apache (and thus PHP module) cannot manage to do a hostname lookup. If that's the case, you probably need to be checking in httpd.conf and asking on the Apache list... -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] css in mail()
On Mon, February 19, 2007 9:03 am, Danial Rahmanzadeh wrote: how can i use css with mail()? thank u Don't. HTML enhanced (cough, cough) email is used predominantly by spammers, so if you do this, you'll be back here in a few days/weeks/months asking what you can do to get your email to get through all the spam filters, and we'll just tell you to stop doing HTML-enhanced email. So let's save you, and us, a month-long debacle here, okay? If you absolutely positively cannot convince the client to not use HTML enhanced email, the MIME email class on http://phpclasses.org will take care of the grungy details, or you could use the PEAR class for this or you could Google for PHP MIME email and find a few zillion pages. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() and special ANSI characters
Just a guess: You could perhaps run all your data through base64 encoding or somesuch to be certain the characters to be serialized are all nice On Mon, February 19, 2007 8:56 am, Youri LACAN-BARTLEY wrote: Hi all, I'm just curious to find out if I'm the only person to have bumped into this kind of issue with serialize/unserialize. When I try and serialize an array containing a string value with the ± character (alt+241 ASCII) such as : 120GB 2X512MB 15.4IN DVD±RW VHP FR The resulting serialized array is truncated. ie. I would obtain : a:17:{i:0;s:1:A;i:1;s:7:TOSHIBA;i:2;s:4:3740;i:3;s:7:404D862;i:4;s:31:SATELLITE A100-044 CD/T2060-1.6;i:5;s:35:120GB 2X512MB 15.4IN DVD As you can see serialization seems to stall as soon as the ± character shows up. Do any of you have the same issue? And what could be a work around for this sort of problem. This has occurred on a Windows XP box running PHP 5.2.0. The string is obtained from a CSV file using ANSI encoding. Thanks, Youri -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] css in mail()
On Mon, February 19, 2007 10:56 am, Sancar Saran wrote: On Monday 19 February 2007 17:03, Danial Rahmanzadeh wrote: how can i use css with mail()? thank u ?php $data =''; $fp = fopen (site/themes/.$arrStat['theme']./css/main.css,r); while (!feof($fp)) { $data.= fgets($fp, 16384); } $mail= html head titleTitle/title style.$data./style /head body Html content /body /html; mail('[EMAIL PROTECTED]', 'You are welcome', $mail); ? No. This will only work on very badly-broken email clients. I believe, in fact, that the only email client broken enough for this to work is Outlook. Though I suspect some very lame web-based email client might actually work, come to think of it. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HTML form data to utf-8?
On Tue, February 20, 2007 3:49 pm, Jay Paulson wrote: Just a general question that I don¹t know the answer to. I have users inputting data via an HTML form. I want to make sure that if they cut and paste from say Word that all the weird characters are converted to plain text (preferably utf-8 since that¹s what my database is). How would I go about doing this? There are several examples in User Contributed Notes at: http://php.net/str_replace Probably some more examples in preg_replace. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Another hand wringer
On Sun, February 18, 2007 3:06 pm, jekillen wrote: iterator $i and given a_$i+1 names. If I test for the field names on post literally, a_1, a_2, a_...n, the values are getting posted properly. Save yourself a LOT of headaches and index-munging and just do this: input namea[1] value=whatever / input namea[2] value=whatever / input namea[3] value=whatever / Then: $a = $_POST['a']; //$a is now an array with indices 1, 2, and 3. The time you spend re-writing it this way will be paid off almost immediately. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] needed Yahoo like window for db query.
Use View Source on the Yahoo! page. There's no PHP in this question at all. It's all HTML, CSS, and JavaScript. On Sun, February 18, 2007 3:23 am, Chris Carter wrote: Need some help on getting some database result in a css popup like yahoo. The requirement is to open a div or a window similar to yahoo one. As you can see from the link below. http://news.yahoo.com/s/ap/20070218/ap_on_go_co/us_iraq On this if you click on the Images next to the links Iraq, President Bush, Hillary Rodham Clinton, Pentagon, etc. This opens a div within the page with the search result. They are using some JavaScript to achieve this. Is there anyone with idea of where to find a code for a similar kind of window. I need to present data from database in a similar kind or window. Any link, text to search in google or code would do :-| Thanks in advance, Chris -- View this message in context: http://www.nabble.com/needed-Yahoo-like-window-for-db-query.-tf3247592.html#a9027932 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_FILES path on client's machine?
On Sat, February 17, 2007 8:19 pm, Skip Evans wrote: I get the feeling from not finding an argument for the path on the client's machine for the complete path of a file in $_FILES that it might not be available for security reasons? Yes. It's none of your business where I store the file on my hard drive. :-) Sorry. The reason I am interested in this is to restore the value of a input type='file' field in a form if the user has to return to the form for validation reasons. One way this can be handled is the way Squirrel mail does it: Accept the upload on your server in some kind of staging area. Give the user the option of including that file, already uploaded, and/or uploading another. This has an added bonus of not making them upload a dang file just because they mis-typed their email or whatever else failed validation. You then just have to process the files from the staging area to the final resting place after everything passes validation. I'd like to restore the full value so the user does not have to browse the file again. Is there a way to do this? Not the way you are thinking, no. I thought perhaps there might be a $_FILES['image']['path'] value or something. One can see where you would think that, and everybody thinks this at first, until they think about it more, and realize just how much it would reveal about the users' computer and the Privacy Issues it opens up, and then they're like, Ohmigod, how could I have thought that was a Good Idea?! -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Startup: Unable to load dynamic library
If those files exist, you have probably managed to mix-n-match extension versions with your PHP install. You can't do that. Extension versions and PHP version have to match. If those files don't exist at all, you forgot to ask for these extensions when you re-compiled PHP, or forgot to use your package manager to ask for them separately when you installed. On Sat, February 17, 2007 7:53 pm, Noah wrote: Hi, I am running apache-2.2.4 and php5-5.2.1-2 and I am find some php related errors accumulating in /var/log/messages - look below. I've rebuilt php5 and apache2.2.4 and still the same issues. what else could be going on here. also 'apache restart' is fine but 'apache graceful' core dumps. any clues, Noah here they are: Feb 17 17:07:03 typhoon httpd: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613-debug/ftp.so' - Cannot open quot;/usr/local/lib/php/20060613-debug/ftp.soquot; in Unknown on line 0 Feb 17 17:07:03 typhoon httpd: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613-debug/ldap.so' - Cannot open quot;/usr/local/lib/php/20060613-debug/ldap.soquot; in Unknown on line 0 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Catch STDERR
On Sat, February 17, 2007 2:49 pm, Peter Lauri wrote: I am executing exec('some cool command', $stdout, $exitcode); That is fine. I get what I in the beginning wanted. However, now I need to catch the STDERR that the command is generating as well. Some of you might tell me to redirect STDERR to STDOUT, but that is not possible as I need to use the STDOUT as is to automate a process. I know I can do fwrite(STDERR, 'Output some error\n'); So could I fread(STDERR, SOMESIZE)? Do you need STDERR to go out to, err, wherever it goes, *AND* get it into your PHP script? Perhaps 'tee' (man tee) would let you do that. Or do you just need STDOUT in one variable, and STDERR in another, both in PHP? I think you could do something in shell to re-bind STDOUT to some other file/pipe, and then run your cool command... $tmpfile = tmpfile(); //I always get this one wrong. exec(rebind 2 $tmpfile; some cool command', $output, $error); $stderr = file_get_contents($tmpfile); It's probably not called 'rebind' but I know it's some shell command that does this. Possibly shell-specific, so you may even need to wrap the whole thing in a 'bash' call. Another option is to try to write a .sh shell script to get what you want for STDOUT to go where you want, and THEN just call that script (which has 'some cool command' at the end) from PHP, and let the weird-o shell stuff be done in a shell script, and not clutter up your PHP code with a complex shell script setup/tear-down. Is there anyone with experience of best way of doing this? Should I maybe use proc_open or something similar and then write it to a file, and then read that file? Hrm, doesnt make any sense to do that. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] LOL, preg_match still not working.
On Sat, February 17, 2007 8:50 am, Beauford wrote: I've been over this a thousand times with various users on this list and escaping this and escaping that just doesn't matter. The error is that it thinks valid characters are invalid. In the case of the example I included, the ! and the period are invalid, which they should not be. The nocomments and invalidchars are constants. Thanks -Original Message- From: Ray Hauge [mailto:[EMAIL PROTECTED] Sent: February 17, 2007 9:45 AM To: Beauford Cc: PHP Subject: Re: [PHP] LOL, preg_match still not working. Maybe you just copied it wrong, but nocomments and invalidchars are not quoted, or they're constants. I don't think you have to, but you might need to escape some of the characters (namely * and .) in your regex. It's been a while, so I'd have to look it up. What's the error you are getting? Ray Hauge Primate Applications Beauford wrote: Hi, I previously had some issues with preg_match and many of you tried to help, but the same problem still exists. Here it is again, if anyone can explain to me how to get this to work it would be great - otherwise I'll just remove it as I just spent way to much time on this. Thanks Here's the code. if(empty($comment)) { $formerror['comment'] = nocomments; } elseif(!preg_match('|[EMAIL PROTECTED]*();:_. /\t-]+$|', I believe you want: '|[EMAIL PROTECTED]\\*\\(\\);:_\\. /\\t-]+$|' In particular: ? means maybe or maybe not the last PCRE expression, so the ! was maybe or maybe not exluded. Escape the ? with \\? $ means end, so escape that. * means 0 or more, so escape that. ( and ) are used to capture the contents of a matching sub-expresson. Escape those. . means ANY character, so escape that. \t would work only inside of in PHP, not '', so you want PHP \\t to turn into \t for PCRE which I think turns into a tab character... Actually, change the ' to and use \t and then I'm *sure* it is a tab. I'm almost for sure that at least some of the above is utter nonsense inside the [] where the special characters are not special at all, but I can never remember the rules, and since '\\x' for a non-special character turns into 'x' anyway, it doesn't hurt -- though it does clutter up the PCRE for an expert, who wonders why the heck you did that... You should also re-read http://php.net/pcre and the two main pages after that yet again. I've read them 500 times, and some of it has actually sunk in, so you're probably only got another 50 or so to go before it works for you :-) -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] counting hyperlink clicks in php
On Sat, February 17, 2007 1:53 pm, clive wrote: Denis L. Menezes wrote: Dear friends. I have a site where I have news headers. I wish to count the clicks on the news headers so that I can see how many times each of the the news has been viewed. This way I can show the most viewed news. Can one of you please advise hwo this can be done? add to each news item like clicked=1 and in the page where you display the news item, checked if clicked exists, if does write it to a file or a db (obviously with the news item id), if your using mysql, the heap table type is quite useful, you will however need to move the info to a more permanent table every x amount of clicks. Do you really only want to count the clicks from your own page? Or, put another way, if somebody posts an external link on slashdot and a news story is getting a zillion views from that, do you want to count those as well? It would seem to me that in your view script that displays the story you could simply do something like: update story set views = views + 1 where story_id = $story_id And not even worry about the mucking with AJAX nor tracking it from only your own page. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Securing user table with sha function
Your DB still has to link user X with the other table which has their contact info, or the login is kinda useless, as you don't know who they are easily... I suppose that after authentication you could look up the user ID in a totally separate query... But now suppose they change their email address. You've got to have a page to alter their SHA-encrypted data, driven from the contact info table. Seems to me that you then have to be super extra careful that nobody can mess with that page to wipe out the SHA data, or just over-write user X with user Y data... Not sure you really gain all that much, and it seems like the hassles are going to outweight the benefits... On Sat, February 17, 2007 4:45 am, Tim wrote: Hello, Now moving on into other aspects of security :P I was thinking of a way to secure my login inputs the best way possible. Seeing how many different types of injection attacks their is and while observing different authentication systems I often notice the sha() function being used for passwords, which of course is the minimum requirements to saving passwords but.. Why manipulate this information in clear text wether it be email or username or pass fields, such as when you use sessions/cookies, or any other method of passing authentication information from page to page (an sha hash is x times less geussable then any other human term)... AND how to secure for injection attacks? Now this is where i thought hey, on every login page there is a user and pass input field and thus this is the only place one could peak into my user table, and I don't want someone injecting through their as the user table (three fields seperate from profile, username, email, pass) is the key to entry to the site.. SO, why not just encrypt all three fields? And store copies of email and username (not pass :P) in another database unecrypted or with a salt for further recovery.. This would ensure that ANY information entered into the user and passowrd will be run through sha() thus creating a 40 char length hash and covering any (?) injection possiblity through a forged input in one of those fields via my select routine.. Just wondering what other security conscious people think of this plan even though it may slow down logins a tad but the tight security in my opinion justifies this.. Does anyone see an ugly flaw in this scheme? Does it look viable? Thanks for any input, Regards, Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Securing user table with sha function
On Mon, February 19, 2007 5:12 am, Fergus Gibson wrote: 4) if user forget his or her password, you can send email to the user when the user answer password protected question. Kinda impossible if the password is hashed, isn't it? What a strange thought, though. I guess all those sites with password reminder functions have the password stored in plain text somewhere. Yes. And email is inherently insecure medium, unless you have exchanged off-line key pairs or something and the user has the skill to install crypted email software packages. Even the sites that generate a new random password to email to you risk the email being inspected in transit, even if the password in the db is not plain text anywhere at all. You need at least 3 passwords to surf the web, really. #1. Real password for like, online banking, where you're pretty sure they have security right (well, the odds are good anyway) #2. Second level real password for, like, personal info sites, or important private data. #3. Useless throw-away password for stupid sites you don't really care about that require a password. You might even want a #1a for online shopping where you would HOPE the online store did it right, but don't want to risk the password that unlocks your bank account, just in case they are one of the ones that got it very very very wrong. Something like eBay or Amazon or PayPal, if you use them frequently, might warrant yet another good password. Now if I could just remember which EMAIL or USERNAME I used for each site, I'd be all set... :-( -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Securing user table with sha function
On Tue, February 20, 2007 4:08 am, Tim wrote: -Message d'origine- De : Haydar Tuna [mailto:[EMAIL PROTECTED] Envoyé : mardi 20 février 2007 10:34 À : php-general@lists.php.net Objet : [PHP] Re: Securing user table with sha function Hello again, if you crypt your usernames, it happened many problems. As you know, if you crypt any string to SHA1, you don't decrypt again. You cannot use username in your application. in my many application, I have crpyted password , I haven't cryrpt usernames. Becuase I used username for session authentication. for example if I want to action on the usernames or list of usernames , what can I do this? All of usernames are crypted. OK then what if i consider using PHP's Mcrypt extension with a key to crypt/decrypt data, this would give me the possiblity to use a username crypted hash in the session variable and decrypt it at any moment with the proper key? MySQL also has AES_CRYPT which will do this, so you needn't restrict yourself to PHP. You then have the tough question of whether it's more likely that your PHP source will be exposed and the key will leak out leaving you vulnerable to attack, or, perhaps, somebody on your server will manage to RUN your script that authenticates them in some way that gives them more access than they should, just because they can run the script with the key in it. On a shared server, for MOST webhosts, all the other users on that server can just read your PHP scripts using PHP because, duh, PHP has to be able to read your PHP script so PHP can readexecute your PHP script. [*] On a dedicated box where you, and only you, are the only user that has a valid login, it could help slow down an attack, or, perhaps, might open up a hole, if you code it wrong. There isn't a right answer because Security is not an off-the-rack suit. It's a custom-tailored suit to fit the application needs. Your online bank needs a lot different security than your local community forum. Applying bank level security measures to the local community forum adds user inconvenience with no real benefit. You should always consider Security in the context of the application with an eye to usability and smooth process flow on the business side, and not just ultimate security Nobody knows which is better for what you are doing, because we have NO IDEA what you are doing, and you can't really tell us in a post to PHP-General, even one as long as this. :-) * I am completely ignoring various commercial PHP-obfuscation tools other than this footnote to keep others from posting about them. They're out there, Google for them, use them if appropriate, coo coo ka choo. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quick organizational question...
As a beginner this is probably a Bad Idea to try to implement... You'll probably do it wrong anyway, on top of the mistakes you'll make building the application in the first place. Unless you have a lot of time to research MVC (Model View Controller) setups, and figure out what makes them tick, and how they differ, and what their strengths and weaknesses are... I'd not recommend starting with this, personally. Disclosure: I'm not generally a huge fan of MVC, particularly in the web environment where the usual MVC connections are missing in one branch, unless you are willing to rely on AJAX or something, which opens up whole other balls of wax. An MVC fan would probably give you the exact opposite advice... On Fri, February 16, 2007 9:05 pm, Mike Shanley wrote: Hi! Question: For a website that will have a database driven store, articles, an rss feed, and a few other things... not an enormous site, but one with growth potential, does it makes sense to organize the whole thing as includes through a single main page? It seems like a fun way to do things, but I was just wondering what you all thought. BTW- It's my first time here! Hello world! -- Mike Shanley ~you are almost there~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] reverse http authentication
On Fri, February 16, 2007 4:38 pm, Chris W wrote: I want to read a page that is protected with http authentication. How do I pass the user name and password to be authenticated with my php code? If you can't get http://username:[EMAIL PROTECTED] to work, try http://php.net/curl -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] css in mail()
Hi, On Wednesday 21 February 2007 01:14, Richard Lynch wrote: On Mon, February 19, 2007 10:56 am, Sancar Saran wrote: On Monday 19 February 2007 17:03, Danial Rahmanzadeh wrote: how can i use css with mail()? thank u ?php $data =''; $fp = fopen (site/themes/.$arrStat['theme']./css/main.css,r); while (!feof($fp)) { $data.= fgets($fp, 16384); } $mail= html head titleTitle/title style.$data./style /head body Html content /body /html; mail('[EMAIL PROTECTED]', 'You are welcome', $mail); ? No. This will only work on very badly-broken email clients. Really ? I did not have to much choices to check it, In KMAIL everything looks nice. Thanks for info I believe, in fact, that the only email client broken enough for this to work is Outlook. Though I suspect some very lame web-based email client might actually work, come to think of it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] New To PHP
I am new to php and was trying to view the code below. I do see in my browser the question that is being asked, but for some reason the answer is not displayed. I am copying this from a book and am sure I have typed everything as it should be typed. Can you please tell mw what might be wrong? Thank you. html headbasefont face=Arial/head body h2Q: This Creature can change color to blend in with its surroundings. What is its name?/h2 ?php // print output echo 'h2iA: Chameleon/i/h2'; ? /body /html
Re: [PHP] New To PHP
Does your server support php? Also, some hosting services require that any file with php in it must end with .php ... At least, those are my two guesses... Larry Chu wrote: html headbasefont face=Arial/head body h2Q: This Creature can change color to blend in with its surroundings. What is its name?/h2 ?php // print output echo 'h2iA: Chameleon/i/h2'; ? /body /html -- Mike Shanley ~you are almost there~ A new eye opens on March 5. -Omniversalism.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: New To PHP
Hello, if you test your machine support PHP, you can use the following script. if this script properly execute, your machine can execute php script. if not you must support PHP.:) ?php phpinfo(); ? -- Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Larry Chu [EMAIL PROTECTED], haber iletisinde sunlari yazdi:[EMAIL PROTECTED] I am new to php and was trying to view the code below. I do see in my browser the question that is being asked, but for some reason the answer is not displayed. I am copying this from a book and am sure I have typed everything as it should be typed. Can you please tell mw what might be wrong? Thank you. html headbasefont face=Arial/head body h2Q: This Creature can change color to blend in with its surroundings. What is its name?/h2 ?php // print output echo 'h2iA: Chameleon/i/h2'; ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Understanding session variables with input field and register_global
Hello, Can you send your code? I can help you :) -- Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Jay Blanchard [EMAIL PROTECTED], haber iletisinde sunlari yazdi:[EMAIL PROTECTED] [snip] I've an input field in a form input name=username type=text ... and with register_global I can use this field in PHP as variable $username. Yet if I use a session variable $_SESSION['username'] = 'value' the variable $username gets the same value. On the other side when I enter a value in the input field, the session variable isn't changed. So how can I set the session variable from the input field after it has changed? [/snip] $_SESSION['username'] = $username; But really, you should turn off register_globals (holy war will not ensue at this point, everyone knows the value). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: php forcing a post??
Hello, You can use the tutorial in the following link :) http://www.phpbuilder.com/tips/item.php?id=239 -- Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net blackwater dev [EMAIL PROTECTED], haber iletisinde sunlari yazdi:[EMAIL PROTECTED] I currently have an html page that posts to a cgi function. I need to interject some php in the middle. So, the form will post to itself, the php page will catch the post, check on thing and then pass along to the cgi page but the cgi page only handles posts. How can I still php in the middle and still have it 'post' to the cgi page? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Catch STDERR
[snip] Do you need STDERR to go out to, err, wherever it goes, *AND* get it into your PHP script? Perhaps 'tee' (man tee) would let you do that. Or do you just need STDOUT in one variable, and STDERR in another, both in PHP? I think you could do something in shell to re-bind STDOUT to some other file/pipe, and then run your cool command... $tmpfile = tmpfile(); //I always get this one wrong. exec(rebind 2 $tmpfile; some cool command', $output, $error); $stderr = file_get_contents($tmpfile); It's probably not called 'rebind' but I know it's some shell command that does this. Possibly shell-specific, so you may even need to wrap the whole thing in a 'bash' call. Another option is to try to write a .sh shell script to get what you want for STDOUT to go where you want, and THEN just call that script (which has 'some cool command' at the end) from PHP, and let the weird-o shell stuff be done in a shell script, and not clutter up your PHP code with a complex shell script setup/tear-down. [/snip] I'd like to get STDERR into one variable in PHP and STDOUT into one. This so that when we execute a script and there is an exit code different from 0 I want to show a log of error/notices during the script. Actually I want to show the whole process if it fails so 21 for exit code not equal to 0. I'll probably end up writing a patch for exec now :) /Peter www.dwsasia.com www.lauri.se www.carbon-free.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] New To PHP
Are you opening the .php file directly with your browser or via a web server? Does the web server have PHP support, and is it enabled? (PHP is server side, not browser side). Try creating the simple file on the webserver phpinfo.php containing just - ?php phpinfo(); ? - This should look something like http://66.225.219.162/~rvadmin/phpinfo.php when opened via your web server. David -- Original Message -- Date: Tue, 20 Feb 2007 17:11:22 -0800 (PST) From: Larry Chu [EMAIL PROTECTED] To: php-general@lists.php.net Subject: [PHP] New To PHP I am new to php and was trying to view the code below. I do see in my browser the question that is being asked, but for some reason the answer is not displayed. I am copying this from a book and am sure I have typed everything as it should be typed. Can you please tell mw what might be wrong? Thank you. html headbasefont face=Arial/head body h2Q: This Creature can change color to blend in with its surroundings. What is its name?/h2 ?php // print output echo 'h2iA: Chameleon/i/h2'; ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] css in mail()
If you are just using the code snippet below you will probably get problems in Outlook and some other clients. This because you haven't set the proper header. But I actually need to assume you did send with a more sophisticated version. Otherwise KMAIL probably displayed it incorrectly as well. Best regards, Best regards, Peter Lauri www.dwsasia.com - company web site www.lauri.se - personal web site www.carbonfree.org.uk - become Carbon Free -Original Message- From: Sancar Saran [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 21, 2007 3:02 AM To: [EMAIL PROTECTED] Cc: php-general@lists.php.net Subject: Re: [PHP] css in mail() Hi, On Wednesday 21 February 2007 01:14, Richard Lynch wrote: On Mon, February 19, 2007 10:56 am, Sancar Saran wrote: On Monday 19 February 2007 17:03, Danial Rahmanzadeh wrote: how can i use css with mail()? thank u ?php $data =''; $fp = fopen (site/themes/.$arrStat['theme']./css/main.css,r); while (!feof($fp)) { $data.= fgets($fp, 16384); } $mail= html head titleTitle/title style.$data./style /head body Html content /body /html; mail('[EMAIL PROTECTED]', 'You are welcome', $mail); ? No. This will only work on very badly-broken email clients. Really ? I did not have to much choices to check it, In KMAIL everything looks nice. Thanks for info I believe, in fact, that the only email client broken enough for this to work is Outlook. Though I suspect some very lame web-based email client might actually work, come to think of it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Catch STDERR
What are your speed requirements? You can use the ssh functions can ssh2_exec into yourself. You can get the error stream separately then... After the connection is open, it is basically as fast as exec. But there is a hit on connection. I wouldn't use this in webpage environment, but I do use it for CLI admin applications. I use it to run a stream of commands to many servers simultaneously. On 2/20/07, Peter Lauri [EMAIL PROTECTED] wrote: [snip] Do you need STDERR to go out to, err, wherever it goes, *AND* get it into your PHP script? Perhaps 'tee' (man tee) would let you do that. Or do you just need STDOUT in one variable, and STDERR in another, both in PHP? I think you could do something in shell to re-bind STDOUT to some other file/pipe, and then run your cool command... $tmpfile = tmpfile(); //I always get this one wrong. exec(rebind 2 $tmpfile; some cool command', $output, $error); $stderr = file_get_contents($tmpfile); It's probably not called 'rebind' but I know it's some shell command that does this. Possibly shell-specific, so you may even need to wrap the whole thing in a 'bash' call. Another option is to try to write a .sh shell script to get what you want for STDOUT to go where you want, and THEN just call that script (which has 'some cool command' at the end) from PHP, and let the weird-o shell stuff be done in a shell script, and not clutter up your PHP code with a complex shell script setup/tear-down. [/snip] I'd like to get STDERR into one variable in PHP and STDOUT into one. This so that when we execute a script and there is an exit code different from 0 I want to show a log of error/notices during the script. Actually I want to show the whole process if it fails so 21 for exit code not equal to 0. I'll probably end up writing a patch for exec now :) /Peter www.dwsasia.com www.lauri.se www.carbon-free.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Securing user table with sha function
Hello, Yes you are right I have no idea what he is doing. I'm sorry. I write a book now about PHP and I want to help people anywhere in the world. I like helping people because I'm a linux user. I am membership of Linux Community in Turkey. As you know, linux users share their knowledges or experiences. Again I'm sorry if you see me the wise guy. I only like helping people:) Sincercely. Haydar TUNA Republic Of Turkey - Ministry of National Education Education Technology Department Ankara / TURKEY Web: http://www.haydartuna.net Richard Lynch [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Tue, February 20, 2007 4:08 am, Tim wrote: -Message d'origine- De : Haydar Tuna [mailto:[EMAIL PROTECTED] Envoyé : mardi 20 février 2007 10:34 À : php-general@lists.php.net Objet : [PHP] Re: Securing user table with sha function Hello again, if you crypt your usernames, it happened many problems. As you know, if you crypt any string to SHA1, you don't decrypt again. You cannot use username in your application. in my many application, I have crpyted password , I haven't cryrpt usernames. Becuase I used username for session authentication. for example if I want to action on the usernames or list of usernames , what can I do this? All of usernames are crypted. OK then what if i consider using PHP's Mcrypt extension with a key to crypt/decrypt data, this would give me the possiblity to use a username crypted hash in the session variable and decrypt it at any moment with the proper key? MySQL also has AES_CRYPT which will do this, so you needn't restrict yourself to PHP. You then have the tough question of whether it's more likely that your PHP source will be exposed and the key will leak out leaving you vulnerable to attack, or, perhaps, somebody on your server will manage to RUN your script that authenticates them in some way that gives them more access than they should, just because they can run the script with the key in it. On a shared server, for MOST webhosts, all the other users on that server can just read your PHP scripts using PHP because, duh, PHP has to be able to read your PHP script so PHP can readexecute your PHP script. [*] On a dedicated box where you, and only you, are the only user that has a valid login, it could help slow down an attack, or, perhaps, might open up a hole, if you code it wrong. There isn't a right answer because Security is not an off-the-rack suit. It's a custom-tailored suit to fit the application needs. Your online bank needs a lot different security than your local community forum. Applying bank level security measures to the local community forum adds user inconvenience with no real benefit. You should always consider Security in the context of the application with an eye to usability and smooth process flow on the business side, and not just ultimate security Nobody knows which is better for what you are doing, because we have NO IDEA what you are doing, and you can't really tell us in a post to PHP-General, even one as long as this. :-) * I am completely ignoring various commercial PHP-obfuscation tools other than this footnote to keep others from posting about them. They're out there, Google for them, use them if appropriate, coo coo ka choo. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php