php-general Digest 14 Jun 2008 15:32:48 -0000 Issue 5514
php-general Digest 14 Jun 2008 15:32:48 - Issue 5514 Topics (messages 275382 through 275394): Re: Capture homepage screenshot 275382 by: Manuel Lemos Re: why are passwords stored encrypted in databases even when thedatathey protect is stored in the same database? 275383 by: Dietrich Bollmann 275384 by: Usamah M. Ali Re: Memory cache problem 275385 by: Nathan Nobbe Developing a recursive command parser 275386 by: Straps Re: PHP connection to external application 275387 by: hce 275390 by: Per Jessen Can I do in Drupal 275388 by: mukesh yadav 275391 by: Bastien Koert 275392 by: Daniel Brown 275394 by: Robert Cummings PHP time out for socket_recvfrom or socket_read block call 275389 by: hce Re: Kindla 0T, but here goes... 275393 by: Daniel Brown Administrivia: To subscribe to the digest, e-mail: [EMAIL PROTECTED] To unsubscribe from the digest, e-mail: [EMAIL PROTECTED] To post to the list, e-mail: [EMAIL PROTECTED] -- ---BeginMessage--- Hello, on 06/13/2008 02:46 PM Shiplu said the following: Hello, How can i capture homepage screenshot of a webpage by php? I know a way. I'll run a executable written in C/C++. when It will be called to process a screen shot It will just load the webpage in firefox and capture the image. It'll send the image path to php. The executable will be running. The problem with this solution is, I have to run X, Firefox in my web server, which doesn't look efficient for a server. I wanna know, is there any other way to achieve this? without creating a screen shot server. If you run PHP on Windows, you can use this PHP class that was just released and does exactly what you need. I think it could be adapted to work with Firefox too. http://www.phpclasses.org/win-screenshot -- Regards, Manuel Lemos PHP professionals looking for PHP jobs http://www.phpclasses.org/professionals/ PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ ---End Message--- ---BeginMessage--- On Fri, 2008-06-13 at 14:20 +0200, M. Sokolewicz wrote: Considering you're already jailing access by linking a specific url to a specific password you're making the impact of a hacked password pretty small. Which is a good thing :) I would recommend, if you go this way, to add an expiry date to the url/password combo. So for example you can only use that url/password combo for 3 days before it expires, after that, you need a new combo. Doing it this way (with server-generated passwords) you make sure that _if_ it were ever to fall into hands-it-should-not-be-in, it won't be there for long. - Tul P.S. in other words, sounds fine to me :) Thank you again! ...so finally I can get to work :) Best wishes, Dietrich On Fri, 2008-06-13 at 14:20 +0200, M. Sokolewicz wrote: Dietrich Bollmann wrote: Hi tul, So this was a very long and informative answer :) Thank you very much! On Fri, 2008-06-13 at 12:02 +0200, M. Sokolewicz wrote: [...] However, people usually write code which may (and will most of the time) containt exploitable sections which might give a malicious user the ability to get a dump of the database. A password dump is always interesting, since it gives a LOT of information. People usually don't use 1 password per login, but rather have a standard password for most things. So if the user is allowed to change his password, it should be encrypted always as there are chances that the same password is used at some other place? That makes a lot of sense to me :) If all passwords are generated by the system on the other hand and the user is not allowed to change his password, if further all the protected data is in the same database as the password, there would be no need for encrypting the passwords following your argumentation? But if some information is stored outside the database - in my case (simple file server) for example, the database only contains the file meta-data while the files themselves are stored in some data directory on the server - some malicious user who would have broken into the database could get hold of the files if the passwords are stored unencrypted; if some encryption scheme would have been used on the other hand the data found in the database wouldn't be of any use at all? And if the password should be recoverable some encryption with a key stored somewhere else would force the hacker to break into two systems, the database itself and the system which is used to store the key. That makes sense also. I didn't think about the fact that database and a directory on the server are two different things which would have to be hacked separately. So I am happy about writing my mail and getting such a nice answer before
[PHP] Developing a recursive command parser
Hi all, i'm trying to develop an application able to interpret commands loaded from a database or any other source similiar to this $strParam = 'title=%SESSION(sessionvar)' or a more complicated $strParam = 'title=%SESSION(sessionvar_%COOKIE(mycookievar))' What I need, is to find any special command starting width a configurable special char (% in this case), get the text inside it and elaborate it... The final result could be a simple string like these $strParam = 'title=My Session Title' and $strParam = 'title=My Session and Koookie Value' I'm starting to working on it, do you know if is there a way to accomplish to this using PCRE or if there is something just developed? Thanks, Straps -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP connection to external application
On 6/13/08, Per Jessen [EMAIL PROTECTED] wrote: hce wrote: I am not certain if the msg_send / msg_receive in PHP can talk to the external C program msg_send / msg_receive as PHP and external C program are in different processes, different memory spaces. System V message queues are intended for just that; IPC = Inter Process Communication. (a) A simple way is if for every PHP request, it opens socket, sends a request and gets a response from the C server then closes the socket. It should work, but I am not sure: (i) if the open / close socket per request will cause delays and performance issues. They will cause both delays and performance issues. But whether these will matter for your use is a different question. The process you've describe (open,get,close) is no different to sending an email or getting a web-page. People send a lot of email and serve a lot of webpages without major performance issues :-) (ii) What is the maximum number concurrent requests in a PHP web application? That's up to your webserver - if it's big enough, you can serve a lot of concurrent requests. Will the maximum socket number / or port number (up to 2^16) be a bottleneck for large number of concurrent requests (hundred and thousands)? Probably not. (b) If for all PHP requests share only one socket to connect to the external C server, I am not sure if the PHP is able to do multiplex responses for each request as the PHP is stateless. PHP is stateless ?? PHP is a scripting language, not a protocol. Besides, it would take quite a bit of work to make your thousands of concurrent PHP requests share a single socket. Sorry for not being clear here. I was saying PHP web application is stateless, not the PHP. You are right, it would take more efforts to use the share a single socket. It is not an option. Anyway, thanks for all your responses and suggestions. It was good suggestion to use SOAP and Web services, but we have very small latency requirement, I have already worried about the delay in the lower level of socket, it will be evern more processing delays for useing SOAP and Web services. I'll keep eye on that option if our processing delay requirement can be altered. Thank you. Kind Regards,. Jim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Can I do in Drupal
Hi, I'm new to PHP and i have got an asign a job in PHP. I need to develop a site where a admin can handle a site like a CMS. e.g. updating a site without any tech guy. Is it possible using Drupal? If yes then can you please suggest how to go.. thank you
[PHP] PHP time out for socket_recvfrom or socket_read block call
Hi, How can use time out mechanism in PHP when calling socket_recvfrom or socket_read (in block service)? I know the non-block system call can be used, but I need to use a block system call, the block socket_recvfrom or socket_read should be either returned to be failed, or canceled when a time out is occurred. Thank you. Kind Regards, Jim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP connection to external application
hce wrote: Anyway, thanks for all your responses and suggestions. It was good suggestion to use SOAP and Web services, but we have very small latency requirement, I have already worried about the delay in the lower level of socket, it will be evern more processing delays for useing SOAP and Web services. Agree - it's only extra overhead. Jim, if I were you, I'd go for the socket-communication, i.e. TCP. That setup is being used for all kinds of stuff - unless your latency requirements are extreme, I think TCP will be fine. /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Can I do in Drupal
On Sat, Jun 14, 2008 at 5:57 AM, mukesh yadav [EMAIL PROTECTED] wrote: Hi, I'm new to PHP and i have got an asign a job in PHP. I need to develop a site where a admin can handle a site like a CMS. e.g. updating a site without any tech guy. Is it possible using Drupal? If yes then can you please suggest how to go.. thank you yes, download drupal and install it -- Bastien Cat, the other other white meat
Re: [PHP] Can I do in Drupal
On Sat, Jun 14, 2008 at 5:57 AM, mukesh yadav [EMAIL PROTECTED] wrote: Hi, I'm new to PHP and i have got an asign a job in PHP. I need to develop a site where a admin can handle a site like a CMS. e.g. updating a site without any tech guy. Is it possible using Drupal? If yes then can you please suggest how to go.. http://www.catb.org/esr/jargon/html/S/STFW.html -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Kindla 0T, but here goes...
On Fri, Jun 13, 2008 at 7:58 PM, Ryan S [EMAIL PROTECTED] wrote: Hey guys! Thanks for replying! Cant find any midi flash player... looks like it has to be mp3, in which case can anybody recommend a place for open licensed mp3s for songs like happy birthday etc maybe just instrumental stuff? You can install stuff to convert MIDI files to MP3's. FFMPEG is the most popular, but doesn't do it directly. You'd have to first use something like Timidity to convert MIDI to PCM Waveform, and then the resulting .wav to MP3 with FFMPEG. Doing that would allow you to convert files on the fly, without having to find a specific format each time you need a media file. -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Can I do in Drupal
On Sat, 2008-06-14 at 10:35 -0400, Daniel Brown wrote: On Sat, Jun 14, 2008 at 5:57 AM, mukesh yadav [EMAIL PROTECTED] wrote: Hi, I'm new to PHP and i have got an asign a job in PHP. I need to develop a site where a admin can handle a site like a CMS. e.g. updating a site without any tech guy. Is it possible using Drupal? If yes then can you please suggest how to go.. http://www.catb.org/esr/jargon/html/S/STFW.html *lol* Whoever did that webpage needs to STFW about character encodings. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Can I do in Drupal
On Sat, Jun 14, 2008 at 11:32 AM, Robert Cummings [EMAIL PROTECTED] wrote: On Sat, 2008-06-14 at 10:35 -0400, Daniel Brown wrote: http://www.catb.org/esr/jargon/html/S/STFW.html *lol* Whoever did that webpage needs to STFW about character encodings. Why? What?s wrong with how they?re doing it? -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Can I do in Drupal
On Sat, 2008-06-14 at 11:38 -0400, Daniel Brown wrote: On Sat, Jun 14, 2008 at 11:32 AM, Robert Cummings [EMAIL PROTECTED] wrote: On Sat, 2008-06-14 at 10:35 -0400, Daniel Brown wrote: http://www.catb.org/esr/jargon/html/S/STFW.html *lol* Whoever did that webpage needs to STFW about character encodings. Why? What?s wrong with how they?re doing it? Methinks you already know! :D -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Can the PHP binaries be moved through different folders on Linux/OSX?
As most of you know, on Windows PHP does not require any specific path to run, and can be places in any path you want. Now, I'm planning to do a similar thing on Linux, and later OS X, which both will work the same. Now, my question: because autoconf requires prefixes for installation, will using the prefix like /home/user/temp/php, and later moving to another location, work correctly? If not, what problems can I expect? -- Bas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Memory cache problem
On 14 Jun 2008, at 01:02, tedd wrote: At 11:47 PM +0100 6/13/08, Stut wrote: On 13 Jun 2008, at 23:20, R B wrote: I search in both caches, and the video appears in the memory cache. Sorry, but that doesn't answer the question of why you/he doesn't want it to be cached. If he's trying to protect the videos from being copied then you're going to need to make it clear to him that you can't stop that from happening without DRM which is a whole other kettle of fish and usually not worth it. Aside from that I'm not aware of anything else you can do to stop clients caching your content. At the end of the day you have no reliable control over what happens after the data leaves the server. -Stut Caching is one thing, but viewing the video is another -- unless I am mistaken. While it's true that you have no control over the video file once it leaves the server, however, what the file does in a foreign environment is something else. Typically, DRM schemes are needed when someone wants to protect digital media from being copied to play in standard players. But, if you want to restrict playing a video to just your site, then that's another matter. One can place actionscript in the video that will stop it from playing if certain conditions are not met. For example, you can have a file that exits in your site, but no where else. If the video is downloaded and an attempt is made to play it, then the video simply looks for the companion file and if it's not there, then it won't play. Is this not true? Indeed, but things like that are easily stripped. In addition to that most DRM schemes have been broken. It also tends to create issues for some users who may want to view the videos at a time that suits them in a place where it's not feasible to stream it from your website. At the end of the day it comes down to the website and what limitations the users will put up with. Either way it's beyond the scope of this list. -Stut -- http://stut.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] GD brush tracing letters
Quick GD question, I'm building a custom CAPTCHA, and I want to 'trace' random letters (hopefully from a random font) with a brush. Is there an easy way to do this, or am I going to have to build some ridiculous custom library on my own to do it? Thanks! ec -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GD brush tracing letters
On Sun, Dec 16, 2007 at 7:16 PM, eric cash [EMAIL PROTECTED] wrote: Quick GD question, I'm building a custom CAPTCHA, and I want to 'trace' random letters (hopefully from a random font) with a brush. Is there an easy way to do this, or am I going to have to build some ridiculous custom library on my own to do it? Thanks! You'll need to ask that on a GD list. It's not PHP-related. http://www.libgd.org/Support -- /Daniel P. Brown Dedicated Servers - Intel 2.4GHz w/2TB bandwidth/mo. starting at just $59.99/mo. with no contract! Dedicated servers, VPS, and hosting from $2.50/mo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP connection to external application
On 6/14/08, Per Jessen [EMAIL PROTECTED] wrote: hce wrote: Anyway, thanks for all your responses and suggestions. It was good suggestion to use SOAP and Web services, but we have very small latency requirement, I have already worried about the delay in the lower level of socket, it will be evern more processing delays for useing SOAP and Web services. Agree - it's only extra overhead. Jim, if I were you, I'd go for the socket-communication, i.e. TCP. That setup is being used for all kinds of stuff - unless your latency requirements are extreme, I think TCP will be fine. Thanks Per. Yes, I'll indeed use the socket connection which will be the minimum process delays and overheads I can get. In option 2 you responsed: System V message queues are intended for just that; IPC = Inter Process Communication. The delays and overheads in message queue (in my option 2) may be smaller than the socket, but I guess that might require the external C server to be compiled with the PHP module as they are totally seperated. Thank you. Kind Regards. Jim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php