php-general Digest 21 May 2009 08:02:08 -0000 Issue 6132
php-general Digest 21 May 2009 08:02:08 - Issue 6132 Topics (messages 292839 through 292852): Re: Really basic PHP questions -- newbie here! 292839 by: Lenin product listing columns 292840 by: PJ 292841 by: PJ 292842 by: Ashley Sheridan 292843 by: Stephen 292844 by: PJ 292845 by: PJ 292846 by: Ashley Sheridan 292847 by: Michael A. Peters 292848 by: PJ 292849 by: PJ 292850 by: Michael A. Peters 292851 by: Ashley Sheridan table-less layouts; Ideas welcome 292852 by: Jim Lucas Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- If not following some classes. I'd suggest Ellen to watch the videos for a quick overview from NETTUTS and KillerPHP. www.killerphp.com also google for some vidoes. And you need to understand the facts of ServerSide, ClientSide, HTML, WebServer, Permission of Files etc. ---End Message--- ---BeginMessage--- I am about to bust my donkey again trying to set up a dynamic product listing for a web page using mysql, php CSS (the donkey ride). What better place to ask than here in guru heaven: 1. What's a good list/forum to ask for help on CSS - it just is too illogical. 2. With mysql, is the best way to populate list columns with ul and li or would just a simple column work fine? I have done this with a left navigation column and could repeat such columns next to each other with the final column with input fields for quantities ordered. Background could just be an image to fill the container div. Does that sound about right? Thanks for any suggestions. -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php ---End Message--- ---BeginMessage--- Forgot: you can get an idea of what I'm trying to do at http://www.chiccantine.com/preview.html -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php ---End Message--- ---BeginMessage--- On Wed, 2009-05-20 at 17:47 -0400, PJ wrote: Forgot: you can get an idea of what I'm trying to do at http://www.chiccantine.com/preview.html -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php The link you gave doesn't exist online, I'm getting a 404. What do you mean by a list in columns? Do you want a mysql select to be output as several columns of data, or one column per select? Ash www.ashleysheridan.co.uk ---End Message--- ---BeginMessage--- PJ wrote: I am about to bust my donkey again trying to set up a dynamic product listing for a web page using mysql, php CSS (the donkey ride). What better place to ask than here in guru heaven: 1. What's a good list/forum to ask for help on CSS - it just is too illogical. I suggest you take a look at sitepoint.com, for all aspects of web building and design. 2. With mysql, is the best way to populate list columns with ul and li or would just a simple column work fine? I have done this with a left navigation column and could repeat such columns next to each other with the final column with input fields for quantities ordered. Background could just be an image to fill the container div. Does that sound about right? Thanks for any suggestions. It seems to me that you are actually building a table and should use html tables. With css for the layout and formatting, of course. :) Stephen ---End Message--- ---BeginMessage--- Ashley Sheridan wrote: On Wed, 2009-05-20 at 17:47 -0400, PJ wrote: Forgot: you can get an idea of what I'm trying to do at http://www.chiccantine.com/preview.html -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php The link you gave doesn't exist online, I'm getting a 404. What do you mean by a list in columns? Do you want a mysql select to be output as several columns of data, or one column per select? :-[ sorry bout that... should have checked - was working with my mouth not my brain. It works now. I forgot to upload. hadn't thought about how many columns per select... ??? -- Hervé Kempf: Pour sauver la
Re: [PHP] product listing columns
On Wed, 2009-05-20 at 20:23 -0400, PJ wrote: Ashley Sheridan wrote: On Wed, 2009-05-20 at 19:20 -0400, PJ wrote: Ashley Sheridan wrote: On Wed, 2009-05-20 at 17:47 -0400, PJ wrote: Forgot: you can get an idea of what I'm trying to do at http://www.chiccantine.com/preview.html -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php The link you gave doesn't exist online, I'm getting a 404. What do you mean by a list in columns? Do you want a mysql select to be output as several columns of data, or one column per select? :-[ sorry bout that... should have checked - was working with my mouth not my brain. It works now. I forgot to upload. hadn't thought about how many columns per select... ??? -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php So you want the sql select to be dumped into a table as it exists in the database? There is a simple way to do this, if you know which fields are in your table, and that is just to use a while loop to iterate your records, and then explicitly output each field as you want it. This is the preferred way, and how I'd do it if I were you. print 'table'; // put column headers here $query = query here; $result = mysql_query($query); while($row = mysql_fetch_array($result)) { print 'tr'; print td{$row['field1'])/td; print td{$row['field2'])/td; print td{$row['field3'])/td; // etc print '/tr'; } print '/table'; Thanks, Ashley, So, you're advocating using tables... I thought it might be interesting to do the columns with div inline and then populate them with the query results. It worked marvellously for the navigation layout and I was able to add background and color to the product page, regardless which product page we're showing. Quite neat, really, and very simple. Anyway, I'm going to try. I must be nuts or something like glutton for punishment, but when you get it working, it's quite a satisfaction. :-) Thanks again. -- Hervé Kempf: Pour sauver la planète, sortez du capitalisme. - Phil Jourdan --- p...@ptahhotep.com http://www.ptahhotep.com http://www.chiccantine.com/andypantry.php I'm advocating tables on this one, as it is pretty much tabular data. Use th tags for your column headers and product names, and tds for the rest. It will be easier to display, but with actually give your content meaning, especially if you add a table legend, etc. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] table-less layouts; Ideas welcome
Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. TIA -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. TIA I forgot to mention that I have checked this in the following browsers all on Windows XP SP3 IE6 Mozilla Firefox 2.0.0.20 Mozilla Firefox 3.0.10 Safari 4 Public Beta Opera 9.64 the layout looked exactly the same between all the various browsers. If you have a different browser then mentioned above and you have a different layout let me know. If you could get me a screen shot, that would be great. Thank again. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
2009/5/21 Jim Lucas li...@cmsws.com Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. TIA I forgot to mention that I have checked this in the following browsers all on Windows XP SP3 IE6 Mozilla Firefox 2.0.0.20 Mozilla Firefox 3.0.10 Safari 4 Public Beta Opera 9.64 the layout looked exactly the same between all the various browsers. If you have a different browser then mentioned above and you have a different layout let me know. If you could get me a screen shot, that would be great. Thank again. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php But you're just using the same design semantic, but coding it in CSS instead of using table; it even has the same name! There appears to be nothing wrong with tables when used for the right reasons - they _are_ there for a reason. -- Luke Slater http://dinosaur-os.com/ :O)
[PHP] Re: table-less layouts; Ideas welcome
Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Why? Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php Looks clever, but unfortunately it solves a problem which does not exist. In other words, and with all due respect: useless. When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. Yes. table tags are intended to represent tables. It's as if the authors of HTML foresaw a need... ;) Browsers render them quite well. They are valid in all versions of HTML including HTML 5. Why not use them? The evil of tables is in abusing them for layout purposes. Where entire pages are inside tables. Where you find tables inside table cells of other tables (I've seen them nested 6, 7 levels, no kidding). It goes against fluidity, accessability, maintainability, and everything that's sane and right. Tableless design means you abstain from such table abuse, that you do not use tables for enforcing layouts. Not that you get rid of tables altogether. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Really basic PHP questions -- newbie here!
Ellen Heitman wrote: Hello! I would really appreciate some answers to a few basic questions. I have done some research online, but it would greatly help me to get direct answers. 1. If my site needs to be available to many browsers, including those that may not be entirely up-to-date, is PHP a safe option? I mean, I know that Flash is something people have to have enabled on their browsers, but I thought I read that PHP is available to all recent browsers as long as the server the site is hosted on supports PHP. Is this true? No, and it's not even wrong, either ;) PHP is a programming language. You use it to create programs (more commonly called scripts) that run on a web server. When a script is requested by a browser, the PHP interpreter on the server runs the script and only the result is sent back to the browser. This is a PHP script: ?php for(i = 0; i 5; i++) echo pHello world!/p\n; ? This is what it looks like to the browser: pHello world!/p pHello world!/p pHello world!/p pHello world!/p pHello world!/p There is no need for a browser of any generation to understand PHP, because it will never get to see it. Of course, as the PHP programmer you must make sure that your scripts' output can be handled by the intended clients. 2. How can I preview my PHP while I'm coding? I'm using TextWrangler. I have already followed the installation tutorial here: http://foundationphp.com/tutorials/php_leopard.php. The test PHP file does work in my Safari browser. However, when I try to preview my .php files created in TextWrangler with Safari it doesn't work. You need to put your PHP files in the web server's home directory, probably the same folder where you placed the test file from that article, and access them through http. That would look like http://localhost/yourscript.php 3. I need something that functions as an iframe. I've been reading that include() serves this purpose. No. Completely different things. However, I've found that I have the make the content in the iframe the main content and call the things around it. I want to do the reverse. I want the other content on the main html page in place, and just want to call the text in the frame box. Is this doable? Of course, with include() you can include the content of a file into a script file *before* it gets interpreted. But what it looks like in the resulting output and whether there is a box or a frame is entirely up to you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Check out system for Shopping Cart
Can you please help with my checkout script. I have been getting errors as shown below: Warning: mysqli_query() expects parameter 1 to be mysqli, object given in C:\wamp\www\draft\checkout.php on line 26 Warning: mysqli_affected_rows() expects parameter 1 to be mysqli, object given in C:\wamp\www\draft\checkout.php on line 28 Warning: mysqli_rollback() expects parameter 1 to be mysqli, object given in C:\wamp\www\draft\checkout.php on line 77 System error Warning: mysqli_close() expects parameter 1 to be mysqli, object given in C:\wamp\www\draft\checkout.php on line 83 for the script ?php include(mysql.class.php); include (header.php); //include (functions.php); $user = 1; $total = 178.93; include (mysql_connect.php); //Turn off autocommit //mysql_autocommit($con, FALSE); //Add orders to the order table $sql = INSERT INTO orders (user_id, total) VALUES ($user, $total); $r = mysqli_query($con, $sql); if (mysqli_affected_rows($con)==1) { $oid = mysql_insert_id($con); //Insert the specific order contents into the database // prepare query $sql = INSERT INTO order_contents(order_id, id, quantity, price) VALUES (?, ?, ?, ?); $stmt = mysqli_prepare($con, $sql); mysqli_stmt_bind_param($stmt, 'iiid', $oid, $id, $qty, $price); //execute each query, count the total affected: $affected = 0; foreach ($_SESSION['cart'] as $id = $item){ $qty = $item['quantity']; $price = $item['price']; mysqli_stmt_execute($stmt); $affected += mysqli_stmt_affected_rows($stmt); } mysqli_stmt_close($stmt); if ($affected ==count($_SESSION['cart'])) { mysqli_commit($con); echo'Thank you for your order'; }else{ mysqli_rollback($con); echo'Your order could not be processed'; } }else{ mysqli_rollback($con); echo'System error'; } mysqli_close($con); include (footer.html); ? Many Thanks VEE VEE _ View your Twitter and Flickr updates from one place – Learn more! http://clk.atdmt.com/UKM/go/137984870/direct/01/-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP5 based Web-Chat?
Hello, I like to install a forum for my customers and additional a PHP5 based Web-Chat system with publich and private chatrooms. What can you recommend? Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # http://www.tamay-dogan.net/ Michelle Konzack http://www.can4linux.org/ Apt. 917 http://www.flexray4linux.org/ 50, rue de Soultz Jabber linux4miche...@jabber.ccc.de 67100 Strasbourg/France IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947 ICQ #328449886Tel. FR: +33 6 61925193 signature.pgp Description: Digital signature
[PHP] Re: PHP5 based Web-Chat?
Michelle Konzack wrote: Hello, I like to install a forum for my customers and additional a PHP5 based Web-Chat system with publich and private chatrooms. What can you recommend? Nothing :D - anything php based would involve polling which will kill any server when trying to create a realtime chat environment (1 request per second per chatter + 1 for each message send + normal hits) - so say 30 chatters and you have at a minimum 30 requests per second with all the weight and db hits they involve. in all honesty I'd recommend using openfire together with sparkweb or a custom client - that combo is premade, feature packed, opensource and can easily handle circa 50k users in realtime per server (connections and things aside). Additionally its a proper jabber server so you can have desktop clients, mods and of course full featured IM with custom addresses, openid and integrated in with yahoo, gtalk, msn, aol, *whatever* accounts as well. going down the php route is a complete waste of time imho (unless you are creating a custom php socket server which bypasses apache, implementing XMPP and connecting in the users client via flash, flex or a java client) yours, not of a very strong opinion, nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit
[PHP] MYSQL 5 auto increment not working
Hi All I know this is not strictly a PHP question, but i have a problem whenever i insert a record using PHP. Basically the auto increment field does not work at all. Here's the structure of the table that i'm using: CREATE TABLE `children` ( `cid` int(4) NOT NULL auto_increment, `cname` char(50) default NULL, `csname` char(50) default NULL, PRIMARY KEY (`cid`) ) ENGINE=InnoDB I use PHP 5.1 and MYSQL 5 I'm pretty sure the code i use to insert the data is sound since i've tested it with older versions of MYSQL. Has anyone else had similar problems?
Re: [PHP] MYSQL 5 auto increment not working
2009/5/21 Leidago !Noabeb leid...@googlemail.com Hi All I know this is not strictly a PHP question, but i have a problem whenever i insert a record using PHP. Basically the auto increment field does not work at all. Here's the structure of the table that i'm using: CREATE TABLE `children` ( `cid` int(4) NOT NULL auto_increment, `cname` char(50) default NULL, `csname` char(50) default NULL, PRIMARY KEY (`cid`) ) ENGINE=InnoDB I use PHP 5.1 and MYSQL 5 I'm pretty sure the code i use to insert the data is sound since i've tested it with older versions of MYSQL. Has anyone else had similar problems? Did you left empty the field `cid` (PK) in your INSERT statement?
Re: [PHP] Check out system for Shopping Cart
On Thu, May 21, 2009 at 7:32 AM, Vernon St.Croix vstcr...@hotmail.comwrote: *Warning*: mysqli_query() expects parameter 1 to be mysqli, object given in *C:\wamp\www\draft\checkout.php* on line *26* ***for the script ?php include(mysql.class.php); include (header.php); //include (functions.php); $user = 1; $total = 178.93; include (mysql_connect.php); //Turn off autocommit //mysql_autocommit($con, FALSE); //Add orders to the order table $sql = INSERT INTO orders (user_id, total) VALUES ($user, $total); $r = mysqli_query($con, $sql);* The warning message is saying that it's expecting the first parameter you passed in mysqli_query() to be a mysqli link identifier, i.e., that the variable $con used in the line above be your connection to the database. Somewhere before this function call, you need to set $con: $con = *mysqli_connect* ($host, $username, $passwd, $dbname); -- Lex
Re: [PHP] MYSQL 5 auto increment not working
Leidago !Noabeb wrote: Hi All I know this is not strictly a PHP question, but i have a problem whenever i insert a record using PHP. Basically the auto increment field does not work at all. Here's the structure of the table that i'm using: CREATE TABLE `children` ( `cid` int(4) NOT NULL auto_increment, `cname` char(50) default NULL, `csname` char(50) default NULL, PRIMARY KEY (`cid`) ) ENGINE=InnoDB I use PHP 5.1 and MYSQL 5 I've just tried creating that table and doing a few inserts - works just fine here - mysql 5.0.26. /Per -- Per Jessen, Zürich (26.7°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: MYSQL 5 auto increment not working
Leidago !Noabeb wrote: Hi All I know this is not strictly a PHP question, but i have a problem whenever i insert a record using PHP. Basically the auto increment field does not work at all. Here's the structure of the table that i'm using: CREATE TABLE `children` ( `cid` int(4) NOT NULL auto_increment, `cname` char(50) default NULL, `csname` char(50) default NULL, PRIMARY KEY (`cid`) ) ENGINE=InnoDB I use PHP 5.1 and MYSQL 5 I'm pretty sure the code i use to insert the data is sound since i've tested it with older versions of MYSQL. Has anyone else had similar problems? *works for me* check cid is empty in your insert statement check you haven't hit rows, seeing as you are using int 4 drop and recreate the table (or truncate) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] product listing columns
On 5/21/09 3:05 AM, Ashley Sheridan a...@ashleysheridan.co.uk wrote: I'm advocating tables on this one, as it is pretty much tabular data. i too would put a table of product data in an html table. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: table-less layouts; Ideas welcome
On 5/21/09 5:06 AM, O. Lavell olav...@xs4all.nl wrote: Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Why? it's a zen practice. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP5 based Web-Chat?
Hello Nathan, Am 2009-05-21 13:44:38, schrieb Nathan Rixham: Nothing :D grmpf - anything php based would involve polling which will kill any server when trying to create a realtime chat environment (1 request per second per chatter + 1 for each message send + normal hits) - so say 30 chatters and you have at a minimum 30 requests per second with all the weight and db hits they involve. if you check http://chat.tchatche.com/ then you will see, they refesh only all 5-8 seconds. Currently I have encountered a maximum of ~4800 users connected at once. I am already trying a small thing with 5 frames imitating the above website and already used it with 10 clients at once which work on a Quad-Xeon (P3/550MHz/768MByte) on a 2.5 MBit Internet connection. in all honesty I'd recommend using openfire together with sparkweb or a custom client - that combo is premade, feature packed, opensource and can easily handle circa 50k users in realtime per server (connections and things aside). Additionally its a proper jabber server so you can have desktop clients, mods and of course full featured IM with custom addresses, openid and integrated in with yahoo, gtalk, msn, aol, *whatever* accounts as well. I have a Jabber Server (Package jabber; Debian Distribution) installed but no one want to use it... Pidgin is working perfectly with it and is available on ALL Operating Systems. However, I need a Webinterface where People can connect to others een if they have NO Laptop/Smartphone with them. Is there a USER Web-Interface to Jabber? going down the php route is a complete waste of time imho (unless you are creating a custom php socket server which bypasses apache, implementing XMPP and connecting in the users client via flash, flex or a java client) I was thinking on a Flash/Java solution too, but I do not know HOW TO create this Flash-Stuff and do not even code Java. yours, not of a very strong opinion, nathan Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # http://www.tamay-dogan.net/ Michelle Konzack http://www.can4linux.org/ Apt. 917 http://www.flexray4linux.org/ 50, rue de Soultz Jabber linux4miche...@jabber.ccc.de 67100 Strasbourg/France IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947 ICQ #328449886Tel. FR: +33 6 61925193 signature.pgp Description: Digital signature
Fwd: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
One more thing, should I use @ for security purpose or not so that the use can reply me with the errors so that I can troubleshoot the problem more effectively. Sumit -- Forwarded message -- From: Ashley Sheridan a...@ashleysheridan.co.uk Date: Thu, May 21, 2009 at 6:36 PM Subject: Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE To: Sumit Sharma sumitp...@gmail.com Cc: php-general@lists.php.net On Thu, 2009-05-21 at 18:22 +0530, Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit I'd advise using something like mysql_real_escape_string() (assuming you are using a MySQL database that is) on each variable of data before you insert it into the database. You could go further and validate specific data, so check that a field which you expect a number only contains a number, etc. Ash www.ashleysheridan.co.uk
Re: [PHP] table-less layouts; Ideas welcome
On Thu, May 21, 2009 at 01:02:07AM -0700, Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. I have to agree with the other responders, that in both these cases, I think even W3C would agree that tables are the proper matrix for what you're doing. In fact, if styles were turned off, putting them in tables would have them still display properly. But for the record, this was good work. They look nice. ;-} Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Fwd: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
On Thu, 2009-05-21 at 19:17 +0530, Sumit Sharma wrote: One more thing, should I use @ for security purpose or not so that the use can reply me with the errors so that I can troubleshoot the problem more effectively. Sumit -- Forwarded message -- From: Ashley Sheridan a...@ashleysheridan.co.uk Date: Thu, May 21, 2009 at 6:36 PM Subject: Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE To: Sumit Sharma sumitp...@gmail.com Cc: php-general@lists.php.net On Thu, 2009-05-21 at 18:22 +0530, Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit I'd advise using something like mysql_real_escape_string() (assuming you are using a MySQL database that is) on each variable of data before you insert it into the database. You could go further and validate specific data, so check that a field which you expect a number only contains a number, etc. Ash www.ashleysheridan.co.uk I'd avoid using @ in favour of turning the errors off in your php.ini or .htaccess, as there's no chance of you missing a statement here or there. It's generally accepted practice to have errors and warnings turned off on a live server, and to only use them on development servers. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
At 1:02 AM -0700 5/21/09, Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php Any source for the above? :-) Your work, as always, is top-notch. I've tested both your table and calendar in other browsers and they work quite well-- congratulations. My thoughts are -- my understanding the reason why tables have received such bad-press is that designers have abused tables in holding designs together with nested tables AND in doing so made it difficult for the visually disabled to pull content from the site. Screen readers do not read the screen but rather read the source and pull out of it what they (the screen reader program) think is content. Translating nested tables becomes an impossible job for them. In that light, if one compares your code with the amount of code to do this with tables, I don't see much difference. With tables, one uses tr and td whereas your code uses div class=table_tr and div class=table_td -- while you do it nicely, I really don't see much difference in structure or verbosity. Furthermore, styling your table as compared to a standard table is nearly identical -- I don't see an advantage to either. Additionally, and not of your doing, even the new css tables don't solve this verbosity problem but instead offer more difficulties for browsers -- such as Safari doesn't understand caption-side correctly. In any event, I wouldn't mind seeing the php that creates your calendar. I'm working on a project at the moment where I need to review week, month, two-month, and three-month displays. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: Fwd: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA INDATABASE
if you really want to get to the real low level details of an app... unless you're dealing with an app that's seriously crunching, and extremely sensitive to returning data to the user's browser in a timely manner, you should write all replies back to a db/tbl... this would allow you as the developer to have a complete trek of the actions/paths (to an extent) for any potential debugging issue. -Original Message- From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] Sent: Thursday, May 21, 2009 7:00 AM To: Sumit Sharma Cc: php-general@lists.php.net Subject: Re: Fwd: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA INDATABASE On Thu, 2009-05-21 at 19:17 +0530, Sumit Sharma wrote: One more thing, should I use @ for security purpose or not so that the use can reply me with the errors so that I can troubleshoot the problem more effectively. Sumit -- Forwarded message -- From: Ashley Sheridan a...@ashleysheridan.co.uk Date: Thu, May 21, 2009 at 6:36 PM Subject: Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE To: Sumit Sharma sumitp...@gmail.com Cc: php-general@lists.php.net On Thu, 2009-05-21 at 18:22 +0530, Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit I'd advise using something like mysql_real_escape_string() (assuming you are using a MySQL database that is) on each variable of data before you insert it into the database. You could go further and validate specific data, so check that a field which you expect a number only contains a number, etc. Ash www.ashleysheridan.co.uk I'd avoid using @ in favour of turning the errors off in your php.ini or .htaccess, as there's no chance of you missing a statement here or there. It's generally accepted practice to have errors and warnings turned off on a live server, and to only use them on development servers. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Shared memory - linx and PHP newbie
Hi I have a query regarding shared memory created under Linux and then accessing it by PHP script. For my application, I have created a shared memory block in Debian Linux using the shm_open(..), ftruncate(...) and mmap(...) function calls. The shared memory block is of size 6304 bytes long. It is store 197 strings of 32 characters long. I am confident that the shared memory block is correctly created because when I go navigate to the /shm directory I find the shared memory block called /program.SCShared present and it is of size 6304 bytes. In addition to that, I have also written some strings to to the shared memory, where each string starts at every 32 bytes. I have verified that I can read these strings back successfully. What I would like to do now is have some PHP script to read the strings out of the shared memory so the strings can be displayed on a web page. From what I can gather from the PHP web site, it appears that I need to use the shared memory functions as given in http://au.php.net/manual/en/ref.shmop.php. Specifically, since my strings start at 32-byte boundaries, the function: string *shmop_read* ( int $shmid , int $start , int $count); seems to be the ideal read routine to use. For example, if I want to read the third string, I believe i write: $shm_data = shmop_read($shmid, 64, 32); Below is my code: == ?php $shm_key = ftok(/dev/shm/program.SCShared, 't'); if ($shm_key 0) { echo ftok failed\n; } $shm_id = shmop_open ($shm_key,w,0,0); if (!empty($shm_id)) { echo \n Shared memory exists; } else { echo \n Shared memory doesnt exists; } $shm_size = shmop_size ($shm_id); echo \n the size of shared memory is $shm_size; $shm_data = shmop_read($shm_id, 0, 32); $shm_data = unserialize($shm_data); echo \n read is $shm_data; $i = strpos($shm_data, \0); if ($i === false) { echo \n String is NULL; } else { $result = substr($shm_data, 3904, $i); print_r($result); } shmop_close($shm_id); echo \nDetached from shared memory; ? == Running this script shows, it appears that I'm connecting to my shared memory /dev/shm/program.SCShared because Shared memory exists is displayed. However, I get the following which I would like some help with: 1) The size of the memory block is returning 1 and not 6304 bytes as expected. I believe 1 is the default size if the memory block is created from scratch using *shm_attach. Does the same apply to shmop_open. If so, why is it being created?* 2) The call $shm_data = shmop_read($shm_id, 0, 32), which reads the first string, returns no result. Does any know why this is the case when I know that there is a string there because I have added it there using some C code. 3) Is there another way I can access these strings without using the shmop_blah routines? I have tried using shm_attach(...), shm_get_var(...), but this seems to be too hard because it requires variable keys. Should I be using MySQL? Any help will be greatly appreciated, especially answering 2) as to why I can't read the data. Regards, Richard.
Re: [PHP] Re: MYSQL 5 auto increment not working
On Thu, May 21, 2009 at 9:34 AM, Nathan Rixham nrix...@gmail.com wrote: Leidago !Noabeb wrote: Hi All I know this is not strictly a PHP question, but i have a problem whenever i insert a record using PHP. Basically the auto increment field does not work at all. Here's the structure of the table that i'm using: CREATE TABLE `children` ( `cid` int(4) NOT NULL auto_increment, `cname` char(50) default NULL, `csname` char(50) default NULL, PRIMARY KEY (`cid`) ) ENGINE=InnoDB I use PHP 5.1 and MYSQL 5 I'm pretty sure the code i use to insert the data is sound since i've tested it with older versions of MYSQL. Has anyone else had similar problems? *works for me* check cid is empty in your insert statement check you haven't hit rows, seeing as you are using int 4 drop and recreate the table (or truncate) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php openfire is something you may want to look at...it has a flash client in there somewhere...also i believe you can find FLEX based IM chat code that you can use -- Bastien Cat, the other other white meat
Re: [PHP] Shared memory - linx and PHP newbie
On Thu, May 21, 2009 at 10:15, Richard W rw180...@gmail.com wrote: Any help will be greatly appreciated, especially answering 2) as to why I can't read the data. Are you certain that the problem lies within the shmop reading? Check to see if the file is actually being accessed properly, the key is good from your ftok(), etc. You may also want to make sure that things as basic as permissions and 'who created' vs. 'who can read' (since you're trying to run it from the web server) match up appropriately. With just a cursory glance, the shmop_read() piece itself looks fine, which suggests to me that there may be other problems. See if the logs spit anything out, or try to debug the things with an `or die(Here's the error.\n);` tacked onto the end of the suspected lines. If it's crashing out, consider a cachegrind or debug_backtrace() run. As for the memory being read, I'd agree that it does seem that it is, since shm_open() is returning something other than FALSE, but that doesn't mean that it's `=== TRUE` either. It may instead be returning a message or another unexpected result that, in empty(), may evaluate to TRUE and allow it to echo out the message in your test condition. -- /Daniel P. Brown daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ 50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP5 based Web-Chat?
Michelle Konzack wrote: Hello Nathan, Am 2009-05-21 13:44:38, schrieb Nathan Rixham: Nothing :D grmpf - anything php based would involve polling which will kill any server when trying to create a realtime chat environment (1 request per second per chatter + 1 for each message send + normal hits) - so say 30 chatters and you have at a minimum 30 requests per second with all the weight and db hits they involve. if you check http://chat.tchatche.com/ then you will see, they refesh only all 5-8 seconds. Currently I have encountered a maximum of ~4800 users connected at once. I am already trying a small thing with 5 frames imitating the above website and already used it with 10 clients at once which work on a Quad-Xeon (P3/550MHz/768MByte) on a 2.5 MBit Internet connection. in all honesty I'd recommend using openfire together with sparkweb or a custom client - that combo is premade, feature packed, opensource and can easily handle circa 50k users in realtime per server (connections and things aside). Additionally its a proper jabber server so you can have desktop clients, mods and of course full featured IM with custom addresses, openid and integrated in with yahoo, gtalk, msn, aol, *whatever* accounts as well. I have a Jabber Server (Package jabber; Debian Distribution) installed but no one want to use it... Pidgin is working perfectly with it and is available on ALL Operating Systems. However, I need a Webinterface where People can connect to others een if they have NO Laptop/Smartphone with them. Is there a USER Web-Interface to Jabber? going down the php route is a complete waste of time imho (unless you are creating a custom php socket server which bypasses apache, implementing XMPP and connecting in the users client via flash, flex or a java client) I was thinking on a Flash/Java solution too, but I do not know HOW TO create this Flash-Stuff and do not even code Java. yours, not of a very strong opinion, nathan hi - there is a load of really high quality open source flash (well as3) stuff, really you want to be using the ignite realtime / jive stuff http://www.igniterealtime.org/projects/index.jsp its all java and flash and open source. openfire is a 2 minute install and all web based interfaces for admin - v good java server sparkweb is a flex based web interface thats v good, has chat and im in it, again you just upload it and your done xiff api is the as3 framework for flex and it's v good - it use it on a few sites and its so light its unreal + instant / realtime. it's not worth bastardizing these old techs when you can have the cutting edge stuff set up in minutes (hours the first time). Even if you customise the ass off it and use a bespoke front end in flex / flash, you are still going to be much faster than the php route and a MUCH better end product that's light on the server. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Azure SDK for PHP
Microsoft's Azure cloud computing framework has now been exposed to PHP. I haven't tested any of the features myself, but it seems like a pretty interesting (and leverage-able) concept to work with... figured I'd pass the word along. http://phpazure.codeplex.com/ -- // Todd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.php which could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
On Thu, 2009-05-21 at 10:44 -0500, Shawn McKenzie wrote: Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.php which could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com Well, yeah, there isn't any events or anything attached to any day! Like I said, easy enough to tweak and output a link on a particular date that matches something in the database. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Yeah, it doesn't work here, either. On Thu, May 21, 2009 at 11:44 AM, Shawn McKenzie nos...@mckenzies.netwrote: Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.phpwhich could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Azure SDK for PHP
haliphax wrote: Microsoft's Azure cloud computing framework has now been exposed to PHP. I haven't tested any of the features myself, but it seems like a pretty interesting (and leverage-able) concept to work with... figured I'd pass the word along. http://phpazure.codeplex.com/ cheers for that - looks interesting, even if only for awareness sakes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Ashley Sheridan wrote: On Thu, 2009-05-21 at 10:44 -0500, Shawn McKenzie wrote: Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.php which could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com Well, yeah, there isn't any events or anything attached to any day! Like I said, easy enough to tweak and output a link on a particular date that matches something in the database. Ash www.ashleysheridan.co.uk OK, sorry. I thought it was supposed to do something. Nice never the less. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
I'd be more fond of unrolling some of those loops and feeding the data into a proper template than tweaking what looks like really half-arsed code. On Thu, May 21, 2009 at 11:57 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: On Thu, 2009-05-21 at 10:44 -0500, Shawn McKenzie wrote: Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.phpwhich could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com Well, yeah, there isn't any events or anything attached to any day! Like I said, easy enough to tweak and output a link on a particular date that matches something in the database. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP class question
I have the following situation. I wrote some software and split it up into functionality: class core { function go{ } } class A extends core { // PHP4 constructor function A { $this-go(); } } class B extends core { } In core I define functions and variables that are to be used through out my program and to address those functions/variables I just use $this- . Now I ran into a situation where class A needs to be extended with another class. This is not my choice, it's part of a framework I have to use. Currently I solved this by doing this: class A extends framework_class { $var core; // PHP4 constructor function A { $this-core = new core(); $this-core-go(); } } The question I have, is this a good solution, is it the only solution or are there different ways to tackle this? As you might see it needs to run in PHP4. -- Peter van der Does GPG key: E77E8E98 IRC: Ganseki on irc.freenode.net Blog: http://blog.avirtualhome.com Forums: http://forums.avirtualhome.com Jabber ID: pvanderd...@gmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: table-less layouts; Ideas welcome
On 21/05/2009 10.02, Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. TIA Table-less html is a silly idea. Semantic html where tables represent tables makes sense instead. A calendar IS a table, semantically speaking, so emulating it with css-p is useless torture. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
On Thu, 2009-05-21 at 12:14 -0400, Eddie Drapkin wrote: I'd be more fond of unrolling some of those loops and feeding the data into a proper template than tweaking what looks like really half-arsed code. On Thu, May 21, 2009 at 11:57 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: On Thu, 2009-05-21 at 10:44 -0500, Shawn McKenzie wrote: Ashley Sheridan wrote: Tedd, I've got a fairly simple calendar script in PHP here http://www.ashleysheridan.co.uk/coding.php?group=phparticle=coding_php_calendar.phpwhich could be adapted fairly easily with the right tweaks. Ash www.ashleysheridan.co.uk I cant get the calendar on your site to do anything. No links and clicks do nothing. FF 3.0.10 / Ubuntu. -- Thanks! -Shawn http://www.spidean.com Well, yeah, there isn't any events or anything attached to any day! Like I said, easy enough to tweak and output a link on a particular date that matches something in the database. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php How do you mean feeding it into a proper template? Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Jim Lucas wrote: Jim Lucas wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. Hi Jim, I personally like these kinds of experiments. One thing people are not mentioning is that you now have greater and more efficient control over the look and feel of your layouts. My only suggestion is maybe shorter naming conventions. :-) That is because I type all day, and each character ends up weighing into the time it takes to develop stuff.. (so 'table_th' could become 't_th', or even 't_h'). If you are going for easy to to read, then nevermind on this.. it's just a personal preference. ;-) Donovan -- =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o D. BROOKE EUCA Design Center WebDNA Software Corp. WEB: http://www.euca.us | http://www.webdna.us =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o WebDNA: [** Square Bracket Utopia **] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Check out system for Shopping Cart
Vernon, CC messages to php-general to keep responses on-list. See my comments inline. On Thu, May 21, 2009 at 12:06 PM, Vernon St.Croix vstcr...@hotmail.comwrote: I have amended as you advised and the mysqli errors are now gone. Thanks for that. I however have another one I can't get rid of: *Warning*: Invalid argument supplied for foreach() in * C:\wamp\www\draft\checkout.php* on line *53* Your order could not be processed. *checkout.php* ?php code snipped include (mysql_connect.php); //Turn off autocommit $con = mysqli_connect (localhost, root, , rum); mysqli_autocommit($con, FALSE); //Add orders to the order table $sql = INSERT INTO orders (user_id, total) VALUES ($user, $total); $r = mysqli_query($con, $sql); code snipped * foreach ($_SESSION['cart'] as $id = $item){* $qty = $item['quantity']; $price = $item['price']; mysqli_stmt_execute($stmt); $affected += mysqli_stmt_affected_rows($stmt); } The reason you're getting this warning is that foreach is expecting $_SESSION['cart'] to be an array. Do a print_r() or var_dump() of $_SESSION['cart'] to see what is actually being passed to the function. mysqli_stmt_close($stmt); if ($affected ==count($_SESSION['cart'])) { mysqli_commit($con); echo'Thank you for your order'; }else{ mysqli_rollback($con); echo'Your order could not be processed'; } }else{ mysqli_rollback($con); echo'System error'; } mysqli_close($con); include (footer.html); ? VEE -- Lex
[PHP] Re: PHP class question
Peter van der Does wrote: I have the following situation. I wrote some software and split it up into functionality: class core { function go{ } } class A extends core { // PHP4 constructor function A { $this-go(); } } class B extends core { } In core I define functions and variables that are to be used through out my program and to address those functions/variables I just use $this- . Now I ran into a situation where class A needs to be extended with another class. This is not my choice, it's part of a framework I have to use. Currently I solved this by doing this: class A extends framework_class { $var core; // PHP4 constructor function A { $this-core = new core(); $this-core-go(); } } The question I have, is this a good solution, is it the only solution or are there different ways to tackle this? As you might see it needs to run in PHP4. has to extend? if it *has* to extend then you have no choice, but you may want to look up on class inheritance, specifically inheritance vs composition. also the isa / hasa rule /should/ always apply. which one of the following is true 1: A isa framework_class_name 2: A hasa framework_class_name if it's 1 then you extend if it's 2 then A should contain an instance of framework_class eg: class A { var $framework_class = new framework_class_name(); } you can also always proxy the methods you need. all in, this appears to be a design pattern issue and really can't help any more unless you give some specifics. (like the source of your classes and the framework class you need to extend) regards, nathan incidentally, I play inheritance vs composition as game with my 4 year old son, and he's really good - the untainted mind of a child can easily solve things us older types find more complex. eg: car isa wheel, car hasa wheel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
On 21/5/09 09:02, Jim Lucas wrote: I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... [snip] But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. The responses suggesting that even W3C would let you use tables for data tables are too weak. W3C recommend you use the best possible semantic (X)HTML for your structured content and, if you want to style it, suggest a skin or skins for that structure with CSS. This is why table is the wrong tool for grid layout and the /right/ tool for tabular data. This isn't semantics for the sake of semantics. Table markup implies a series of relationships that user agents can use in two basic ways: 1) Render content appropriately to communicate tabular relationships. For example, text browsers and browser/user stylesheets in GUI browsers can arrange tables in rows and columns, stick borders between cells, embolden/color header cells and captions, repeat header rows after a page break when printing. GUI browsers can copy table markup to system clipboards such that you can paste the table into a word processor or spreadsheet as a table. Screen readers can read or braille the table caption or summary when the table receives focus, and render an individual data cell's headers when it receives content focus. 2) Provide navigational functionality. For example, popular screen readers use table markup to give users commands to list tables on a page, jump to the next table, move to the next row rather than the next cell, query a cell for its headers, read row-by-row, or read column-by-column. For example: http://www.freedomscientific.com/Training/Surfs-Up/Tables.htm http://www.freedomscientific.com/Training/Surfs-up/Table_Reading_Commands.htm So replacing good data markup ( http://www.webaim.org/techniques/tables/ ) with a tree of div elements involves a substantial loss of functionality, and accessibility. If for some reason, you /must/ use generic div elements instead of real tabular markup, I strongly recommend you annotate them with WAI-ARIA attributes (grid and related roles). Supporting clients will expose similar structural information to assistive technology as you would get with (X)HTML tables. WAI-ARIA has poor support compared to bog-standard (X)HTML tables, but it should be supported by the some of the newest browsers and screen readers (e.g. Firefox 3, IE8, and JAWS 10). Calendar markup is a very tricky one. But I'd certainly take advantage of (X)HTML's dedicated markup for relationships ( tables, lists, headings, hyperlinks ) to help users navigate the calendar and to ensure a decent presentation (even without your CSS) is applied, rather than expect users to parse linearized div elements. Some useful discussion at: http://www.joedolson.com/articles/2006/10/describing-a-semantic-calendar/ http://diveintoaccessibility.org/day_19_using_real_table_headers.html http://georgiatechcatea.wordpress.com/2007/01/16/accessible-calendars-for-blogs-and-websites/ -- Benjamin Hawkes-Lewis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
Benjamin Hawkes-Lewis wrote: On 21/5/09 09:02, Jim Lucas wrote: I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... [snip] But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. The responses suggesting that even W3C would let you use tables for data tables are too weak. W3C recommend you use the best possible semantic (X)HTML for your structured content and, if you want to style it, suggest a skin or skins for that structure with CSS. This is why table is the wrong tool for grid layout and the /right/ tool for tabular data. This isn't semantics for the sake of semantics. Table markup implies a series of relationships that user agents can use in two basic ways: 1) Render content appropriately to communicate tabular relationships. For example, text browsers and browser/user stylesheets in GUI browsers can arrange tables in rows and columns, stick borders between cells, embolden/color header cells and captions, repeat header rows after a page break when printing. GUI browsers can copy table markup to system clipboards such that you can paste the table into a word processor or spreadsheet as a table. Screen readers can read or braille the table caption or summary when the table receives focus, and render an individual data cell's headers when it receives content focus. 2) Provide navigational functionality. For example, popular screen readers use table markup to give users commands to list tables on a page, jump to the next table, move to the next row rather than the next cell, query a cell for its headers, read row-by-row, or read column-by-column. For example: http://www.freedomscientific.com/Training/Surfs-Up/Tables.htm http://www.freedomscientific.com/Training/Surfs-up/Table_Reading_Commands.htm So replacing good data markup ( http://www.webaim.org/techniques/tables/ ) with a tree of div elements involves a substantial loss of functionality, and accessibility. If for some reason, you /must/ use generic div elements instead of real tabular markup, I strongly recommend you annotate them with WAI-ARIA attributes (grid and related roles). Supporting clients will expose similar structural information to assistive technology as you would get with (X)HTML tables. WAI-ARIA has poor support compared to bog-standard (X)HTML tables, but it should be supported by the some of the newest browsers and screen readers (e.g. Firefox 3, IE8, and JAWS 10). Calendar markup is a very tricky one. But I'd certainly take advantage of (X)HTML's dedicated markup for relationships ( tables, lists, headings, hyperlinks ) to help users navigate the calendar and to ensure a decent presentation (even without your CSS) is applied, rather than expect users to parse linearized div elements. Some useful discussion at: http://www.joedolson.com/articles/2006/10/describing-a-semantic-calendar/ http://diveintoaccessibility.org/day_19_using_real_table_headers.html http://georgiatechcatea.wordpress.com/2007/01/16/accessible-calendars-for-blogs-and-websites/ -- Benjamin Hawkes-Lewis yup, if you are ever in doublt as to whether you are doing things correctly or not, highlight the entire web page in question, copy it, and paste it in to a very basic text editor. Then read from line 1 to the end, if any of it doesn't make sense or seems misplaced, then it's been made incorrectly. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: table-less layouts; Ideas welcome
On Thu, 2009-05-21 at 09:54 -0400, tedd wrote: My thoughts are -- my understanding the reason why tables have received such bad-press is that designers have abused tables in holding designs together with nested tables AND in doing so made it difficult for the visually disabled to pull content from the site. Screen readers do not read the screen but rather read the source and pull out of it what they (the screen reader program) think is content. Translating nested tables becomes an impossible job for them. I've heard a rumor this is exaggerated, and I buy it to some extent. Lynx had an algorithm for distinguishing simple tabular data from more complex (and probably layout) tables back in 1999. I'd assume a serious screen reader with more development resources behind it could do better, and I don't think heuristics for working with this would even be particularly hard. This isn't to say tangled table markup is never a problem. It is, both for human and machine readers. But as much as I like CSS -- and as much as it simplifies many designs -- there are some cases for which table layouts are easier and/or more robust, so I almost just wish we'd accepted the horse was out of the barn and tried to figure out an easy way to signal distinctions between layout tables and semantic tabular data, rather than trying to get the entire internet to completely retool. A few years ago, I started marking my layout tables with class=layout. Not always a perfect solution, but makes the distinction easy (and turns out to be a useful styling convention as well), and if table-based layouts really are a significant obstacle to machine readers, my guess is something like this would get us over that hurdle a lot faster than waiting for everyone to give up those layouts. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] table-less layouts; Ideas welcome
this reminds me of the classic line in Real Programmers Don't Use Pascal: Besides, the determined Real Programmer can write Fortran programs in any language. On 5/21/09 4:02 AM, Jim Lucas li...@cmsws.com wrote: Since this has been a topic of dicussion, I figured I would add my thoughts. I have been toying with the idea of doing a table-less layouts involving tabular data, calendars, etc... Recent threads have finally made me do it. Let me know what you think. http://www.cmsws.com/examples/templates/div_tables.php http://www.cmsws.com/examples/templates/div_tables.phps (source for above) http://www.cmsws.com/examples/templates/div_cal.php When you turn off the styles, the calendar becomes pretty rough on the eyes, but still accessible. Same thing with the tabular data structure. But, not knowing how the various types of accessibility applications work, I am guessing that the layout to an application trying to read it should work fairly well. Let me know if I am way off the mark with my thoughts. If you want to respond off list, that if fine by me. TIA -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: table-less layouts; Ideas welcome
At 11:48 AM -0600 5/21/09, Weston C wrote: On Thu, 2009-05-21 at 09:54 -0400, tedd wrote: My thoughts are -- my understanding the reason why tables have received such bad-press is that designers have abused tables in holding designs together with nested tables AND in doing so made it difficult for the visually disabled to pull content from the site. Screen readers do not read the screen but rather read the source and pull out of it what they (the screen reader program) think is content. Translating nested tables becomes an impossible job for them. [1] I've heard a rumor this is exaggerated, and I buy it to some extent. Lynx had an algorithm for distinguishing simple tabular data from more complex (and probably layout) tables back in 1999. I'd assume a serious screen reader with more development resources behind it could do better, and I don't think heuristics for working with this would even be particularly hard. [2] This isn't to say tangled table markup is never a problem. It is, both for human and machine readers. But as much as I like CSS -- and as much as it simplifies many designs -- there are some cases for which [3] table layouts are easier and/or more robust, so I almost just wish we'd accepted the horse was out of the barn and tried to figure out an easy way to signal distinctions between layout tables and semantic tabular data, rather than trying to get the entire internet to completely retool. [4] A few years ago, I started marking my layout tables with class=layout. Not always a perfect solution, but makes the distinction easy (and turns out to be a useful styling convention as well), and if table-based layouts really are a significant obstacle to machine readers, my guess is something like this would get us over that hurdle a lot faster than waiting for everyone to give up those layouts. Weston: With regard to [1] -- while it might look like a simple problem to solve, let me present a simple example to show it's not. Above is your text -- let's say that I create a table that is a simple 2 x 2 table. It's a table that has two rows and two columns. Now, let me place your text in that table like so: 1 | 2 3 | 4 Or, I could do it like this: 1 | 3 2 | 4 Could you be certain that your algorithm would figure out which way it needs to present the text to a blind person? Remember, it should present the text in the correct order, namely 1, 2, 3 and 4. However, newsprint and layouts often uses both types of presentation. Now compound that with cells holding images, place-holders, empty cells and cells with navigation elements, flash, videos, and such -- and you might have a better appreciation as to the problem screen readers face. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: table-less layouts; Ideas welcome
On 21/5/09 18:48, Weston C wrote: I almost just wish we'd accepted the horse was out of the barn and tried to figure out an easy way to signal distinctions between layout tables and semantic tabular data, rather than trying to get the entire internet to completely retool. One year after HTML 4.0 recommended stylesheets over table layouts, WCAG 1.0 (published in 1999) explained how /authors/ could distinguish between layout tables and data tables: 1) When writing a presentational table, stick to the elements table, tr, td. Do not use the headers, scope, axis, or summary attributes. Make sure layout tables make sense when linearized. 2) When writing a data table, add the elements th, thead, tbody, tfoot, caption, and col and the attributes headers, scope, axis, and summary wherever appropriate. http://www.w3.org/TR/WCAG10/#gl-table-markup No algorithm for guessing whether a table matching the first class (but which could have been authored before WCAG 1.0 or in ignorance of WCAG 1.0) is a layout or data table has ever been specified, as far as I know. You are entirely correct that text browsers and screen readers do indeed use such algorithms, however. This is why it's more crucial to use data table markup for data tables than to avoid presentational table markup for grid layout. Fast forward a decade, and authors are getting another tool in our toolbox, not a million miles away from your 'class=layout'. I don't think it's very well specified yet, but: http://www.w3.org/TR/wai-aria/#presentation -- Benjamin Hawkes-Lewis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problems working with HTML using PHP's XML tools (placing mixed text/html into xpath-specified nodes...)
Is there a straightforward way (or, heck, any way) of placing mixed html/text content into xpath-specified nodes using any of PHP's XML tools? So far, I've tried SimpleXML and the DOM and things aren't coming out well. SimpleXML: /* $filename contains path to valid XML file, $xpathxpr contains valid XPath expression matching at least one document node, $fillval contains a mixed well-formed text/xhtml string to be pre-pended within each matching node */ $sx = simplexml_load_file($filename); $nodes = $sx-xpath($xpathxpr); foreach($nodes as $node) { $children = $node-children(); $children[0] = $fillval . $children[0]; } This only sortof works. I get $fillval appended before the original contents of each matching docment node but if I've put any markup in, it's all there as literal text (ie, a href=http://php.net;php.net/a wouldn't show up as a link, you'd see the actual markup when the document is rendered). A variation on this that I tried is creating a new SimpleXMLElement object, with the mixed text/markup string as an argument passed to the constructor, since the docs seem to indicate this is blessed. Weirdly, when I do this, it seems to actually be stripping out the markup and just giving the text. For example: $s = new SimpleXMLElement('a href=#Boo/a') echo $s; yields Boo (and echo $s-a yields nothing). This would be such a huge bug I have a hard time believing it, so I have to suspect there's a dance I'm not doing to make this work correctly. DOM XML: /* again, $filename contains path to valid XML file, $xpathxpr contains valid XPath expression matching at least one document node, $fillval contains a mixed well-formed text/xhtml string to be pre-pended within each matching node */ $domDoc = new DOMDocument(); $domDoc-loadHTML(file_get_contents($filename)); $search = new DOMXPath($domDoc); $nodes = $search-query($xpathxpr); foreach($nodes as $emt) { $f = $domDoc-createDocumentFragment(); $f-appendXML($fillval . $emt-nodeValue); $emt-nodeValue = ''; $emt-appendChild($f); } This also gets mixed results. It gets cranky and issues warnings about any HTML entities (despite that it seems it should be clear this is an HTML document given the invocation of loadHTML), and while I'm seeing some markup make it through, I'm not in other cases. I haven't quite figured out the difference. I can come up with some runnable tests if it will help, but I'm hoping someone's already familiar with the general issues with using PHP's XML tools to work with HTML that they can make some good commentary on the matter. Thanks, Weston -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit Use prepared statements. If you are just starting out, I would recommend using a database abstraction layer, such as MDB2 from pear. Doing it now is a LOT easier than porting an existing web application to use a database abstraction layer. With prepared statement, sql injection is not an issue. Example of prepared statement with MDB2: $types = Array('integer','text','integer'); $q = 'SELECT somefield,someotherfield FROM sometable WHERE afield ? AND bfield=? AND cfield ? ORDER BY somefield'; $sql = $mdb2-prepare($q,$types,MDB2_PREPARE_RESULT); $args = Array($var1,$var2,$var3); $rs = $sql-execute($args); Prepared statements pretty much neuter any and all sql injection attempts, assuming the database supports prepared statements (otherwise the abstraction layer may emulate them which could possibly be prone to vulnerabilities). While you do not need to use an abstraction layer to use prepared statements, the advantage of an abstraction layer is that your code will be much easier to port to a different database - advantageous to your client if they ever want to change databases, advantageous to you if you ever want to resuse you code for another client (assuming your contract does not give exclusive ownership of your code to your existing client). The user the web server connects with should be as restricted as possible. It should only have permission to connect to the database from the host where the web server is running (localhost if running on same machine as the sql server) and should not be granted any permissions it does not absolutely need. The file containing the database authentication credentials should end in .php and not .inc, and if at all possible, should be outside the web root (you can modify the include path to add a directory outside the web root that has includes - or include the file full path). Make sure error reporting is turned off on the production web server (you can still read errors in the web server log). If at all possible, run php compiled with the suhosin core patch and also run the suhosin loadable module. -=- You shouldn't need addslashes with prepared statements. You should run user input through an existed tested input filter, such as http://htmlpurifier.org/ rather than trying to re-invent the wheel and create your own. Script kiddies have scripts that test webapps for input vulnerabilities (both xss and sql injection), and some of them are rather tricky and browser specific. A community driven project like HTMLPurifier is more likely to catch malicious input than something you cobble together. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP class question
Peter van der Does wrote: I have the following situation. I wrote some software and split it up into functionality: class core { function go{ } } class A extends core { // PHP4 constructor function A { $this-go(); } } class B extends core { } In core I define functions and variables that are to be used through out my program and to address those functions/variables I just use $this- . Now I ran into a situation where class A needs to be extended with another class. This is not my choice, it's part of a framework I have to use. This doesn't make sense. You say class A needs to be extended with another class, however what you show below is class A extending framework_class. Show your classes and we can help I think. Currently I solved this by doing this: class A extends framework_class { $var core; // PHP4 constructor function A { $this-core = new core(); $this-core-go(); } } The question I have, is this a good solution, is it the only solution or are there different ways to tackle this? As you might see it needs to run in PHP4. I'm sure there are. This doesn't look right to me, but I'm confused by your examples. -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problems working with HTML using PHP's XML tools (placing mixed text/html into xpath-specified nodes...)
Weston C wrote: Is there a straightforward way (or, heck, any way) of placing mixed html/text content into xpath-specified nodes using any of PHP's XML tools? So far, I've tried SimpleXML and the DOM and things aren't coming out well. Not sure if it is of any use to you, I don't use XPath at all, but this php class modifies existing DOMDocument objects for filtering purposes and may give you an idea of how it is done: http://www.clfsrpm.net/xss/cspfilter_class.phps For a clearer example of adding a node to an existing document - from http://www.clfsrpm.net/xss/dom_script_test.phps That page is hard to read as it was butchered from another script, so here are the demonstrative parts: $import_prepare = 'div' . $somexmlcontentinastring . '/div'; $newDom = new DOMDocument(1.0,UTF-8); $newDom-loadXML($import_prepare); $elements = $newDom-getElementsByTagName(div); $imported_div = $elements-item(0); Now - $imported_div is an object node containing all the xml in import_prepare (you don't have to put it in a div, I did there because it's a form so I don't know the structure of xml input, putting it in a div gave me a known element that would be parent of all input) - but it is a node for the $newDom DOMDocument, I need to import it into the DOMDocument I am using. $testDiv = $myxhtml-importNode($imported_div,true); Now, $testDiv an a DOM object associated with the DOMDocument I want to import the node into. $xmlBody-appendChild($testDiv); Now the node is a child of the $xmlBody node, and has been incorporated into my DOMDocument. -=-=-=- importHTML() is problematic with some characters. Better to convert your additions to well formed xml and use importXML(); -=-=-=- While I am currently using DOMDocument for everything (yes, everything), I'm still learning it - do not consider me a guru on it's use. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Forms validation and creation- easier solution?
On 20/05/2009 9.03, Angelo Zanetti wrote: Hi all. We have done quite a few projects and we are looking to find better ways to implementing forms. Forms seem to be quite time consuming and repetitive. Generally are there any classes or libraries that will assist with: 1. Easy creation of forms (fields and layout) 2. Validation of specific fields within the forms (server side not JS) 3. Decrease in time required to setup the forms pages any other comments are welcome. Thanks in advance Angelo Elemental http://www.elemental.co.zahttp://www.elemental.co.za/ Dynamic Web and Mobile Solutions Personally I created a little Class that handles it. First I create an array of associative arrays, every associative array represents an input of an abstract type (similar to the webforms, meaning i have stuff like type=telephone). Stuff like $inputs[]=array( name = foobar, required = true, type = string, // text is reserved to textarea label = Foo Bar, error_required = you need to provide a Foo Bar value, dummy, group = main ); etc. Then I create an array for groups. $group[main] = array( type = block, // types are either block which means div, set which means fieldset, paragraph which means p or a raw html opening tag. parent = NULL //optional of course, if set to the name of another group, then the group becomes a child of the referenced group. ) Then I create an associative array of options for the form. Finally, I call the class constructor with the three arrays as params. The class provides me with a few nifty functions: * toHtml(); (do I need to explain?) * toArray(); Returns the inputs, options, and groups inside a single array, with the value altered when necessary * wasSubmitted(); Does some guesswork to see if the form was submitted, there's a lot of smart automagicness inside. * runAutoChecks(); Runs the checks he can, like the validity of emails in 'type' = 'email' inputs, pattern validation for input with a set pattern, required inputs, fills the error array with error messages, sets class[]='error' to wrongly filled inputs... * wasValidInput(); Returns true if none of the autochecks or eventual manual checks returned an error. And it works like this: [...] if ($form-wasSubmitted()){ $form-runAutoChecks(); /* Additional non-automatable controls */ // None in this case if ($form-wasValidInput()){ // success, do stuff } else { // show errors and form again } } else { echo $form-toHtml(); } There are other things I didn't list, like the fact that ever input has options to specify a wrapper (class and id are associated to the wrapper if it's defined), the form encoding automatically changes in case of a file input, etc etc etc... The types are abstracted enough that one could easily make a function that automatically creates the code for a first draft of the forum out of the db schema of an eventual table. Of course you'd have to provide error messages, remove unnecessary inputs, adding new ones... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: table-less layouts; Ideas welcome
On Thu, May 21, 2009 at 12:10 PM, tedd tedd.sperl...@gmail.com wrote: Could you be certain that your algorithm would figure out which way it needs to present the text to a blind person? My own experience browsing the web with Lynx (which for the most part, tends to ignore table layout, giving you the content of table cells in source order) suggests that order doesn't end up being a significant issue. The common layouts tend to read surprising well in source order. Navigation is usually at the top or the left, so you encounter it quickly. If there's any problem, most of the time it's that the page author has done something hideous with a lot of images with no alt text or abuse of HTML entitites, or part of the navigation structure is only accessible via javascript or flash or something like that... all separate issues from repurposing tabular markup. And when there *is* some kind of a layout issue, most of the time it's easy to adapt as a human reader by searching/scanning (sometimes easier than if you're looking at a bad visual layout). The tools that enhance accessibility on a page in these respects really don't have a lot to do with whether there's tabular markup -- if you want to enable easy access to page navigation, you can add semantic information about that regardless. In fact, that information is quite likely more important and less prevalent than what you end up with even most CSS-positioned sites, given that the vast majority of them simply provide stylesheets for the purposes of... visual layout, and what you're left with when a screen reader ignores them is linear source-ordered elements. None of this is to say that CSS can't be very useful in addressing this problem (and other problems), or that there aren't some problems with tabular markup. The presentation example you mentioned is actually going to be an issue with even real tabular data without some care taken in the markup. And I don't want to go back to coding 1999 markup for 1999 browsers. Mostly my point is that the problem with using tables is a bit more limited in size than it's often made out to be, there are other ways of dealing with the accessibility and semanticity issues involved, some of them potentially more effective. And for some cases, table layouts just work better. I think we'd be better off with a wide variety of professionals who can balance these different issues than with a tables considered harmful summary. Now compound that with cells holding images, place-holders, empty cells and cells with navigation elements, flash, videos, and such -- and you might have a better appreciation as to the problem screen readers face. These are actually some of the heuristic markers I believe some browsers actually use (and if they don't, they certainly could). If you have a table whose cells largely contain highly mixed markup, largely presentational elements, no alternative data, chances are pretty good that it isn't tabular data. And... Benjamin Hawkes-Lewis bhawkesle...@googlemail.com WCAG 1.0 ... explained how /authors/ could distinguish between layout tables and data tables: 1) When writing a presentational table, stick to the elements table, tr, td. Do not use the headers, scope, axis, or summary attributes. Make sure layout tables make sense when linearized. 2) When writing a data table, add the elements th, thead, tbody, tfoot, caption, and col and the attributes headers, scope, axis, and summary wherever appropriate. Exactly. These are great markers for distinguishing between where authors were using table markup semantically or presentationally. I think in practice there are probably many others available. Fast forward a decade, and authors are getting another tool in our toolbox, not a million miles away from your 'class=layout'. I don't think it's very well specified yet, but: http://www.w3.org/TR/wai-aria/#presentation I'm actually amazed... this is very nearly what I proposed in some discussions back in 2004. I eventually shifted to class=layout because it had some other practical benefits and everybody I talked to seemed to feel cluttering up the attribute space with yet another item was wrong (on top of this sortof general malaise about repurposed table markup), especially when considering how much semantic mileage you can get out of class attributes. I'd be totally happy to see anything like it adopted, though, and as I said before, think it'd push the semantic web forward faster than waiting for everyone to come around to doing things one blessed way. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Michael A. Peters wrote: Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit Use prepared statements. If you are just starting out, I would recommend using a database abstraction layer, such as MDB2 from pear. Doing it now is a LOT easier than porting an existing web application to use a database abstraction layer. With prepared statement, sql injection is not an issue. Example of prepared statement with MDB2: $types = Array('integer','text','integer'); $q = 'SELECT somefield,someotherfield FROM sometable WHERE afield ? AND bfield=? AND cfield ? ORDER BY somefield'; $sql = $mdb2-prepare($q,$types,MDB2_PREPARE_RESULT); $args = Array($var1,$var2,$var3); $rs = $sql-execute($args); Prepared statements pretty much neuter any and all sql injection attempts, assuming the database supports prepared statements (otherwise the abstraction layer may emulate them which could possibly be prone to vulnerabilities). While you do not need to use an abstraction layer to use prepared statements, the advantage of an abstraction layer is that your code will be much easier to port to a different database - advantageous to your client if they ever want to change databases, advantageous to you if you ever want to resuse you code for another client (assuming your contract does not give exclusive ownership of your code to your existing client). The user the web server connects with should be as restricted as possible. It should only have permission to connect to the database from the host where the web server is running (localhost if running on same machine as the sql server) and should not be granted any permissions it does not absolutely need. The file containing the database authentication credentials should end in .php and not .inc, and if at all possible, should be outside the web root (you can modify the include path to add a directory outside the web root that has includes - or include the file full path). Make sure error reporting is turned off on the production web server (you can still read errors in the web server log). If at all possible, run php compiled with the suhosin core patch and also run the suhosin loadable module. -=- You shouldn't need addslashes with prepared statements. You should run user input through an existed tested input filter, such as http://htmlpurifier.org/ rather than trying to re-invent the wheel and create your own. Script kiddies have scripts that test webapps for input vulnerabilities (both xss and sql injection), and some of them are rather tricky and browser specific. A community driven project like HTMLPurifier is more likely to catch malicious input than something you cobble together. PDO is another good option. You shouldn't have to worry about escaping or SQL injections, though suhosin is a great idea. http://php.net/manual/book.pdo.php -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Suhosin is completely not-related to SQL, though, I don't know why you'd bring it up... On Thu, May 21, 2009 at 3:42 PM, Shawn McKenzie nos...@mckenzies.netwrote: Michael A. Peters wrote: Sumit Sharma wrote: Hi, I am designing a php website for my client which interact with database. This is my first project for any client (I hope he is not reading this mail ;-) ). I am a bit more concerned with database security. Can somebody shed some light on the security measurements, precautions, and functions related to database security in general to make sure that the data is safely stored updated and retried from database. I have already used htmlentities(), strip_tags(), addhashes(), and some regular expressions to check security. Looking for help beyond this. Thanks in advance... Sumit Use prepared statements. If you are just starting out, I would recommend using a database abstraction layer, such as MDB2 from pear. Doing it now is a LOT easier than porting an existing web application to use a database abstraction layer. With prepared statement, sql injection is not an issue. Example of prepared statement with MDB2: $types = Array('integer','text','integer'); $q = 'SELECT somefield,someotherfield FROM sometable WHERE afield ? AND bfield=? AND cfield ? ORDER BY somefield'; $sql = $mdb2-prepare($q,$types,MDB2_PREPARE_RESULT); $args = Array($var1,$var2,$var3); $rs = $sql-execute($args); Prepared statements pretty much neuter any and all sql injection attempts, assuming the database supports prepared statements (otherwise the abstraction layer may emulate them which could possibly be prone to vulnerabilities). While you do not need to use an abstraction layer to use prepared statements, the advantage of an abstraction layer is that your code will be much easier to port to a different database - advantageous to your client if they ever want to change databases, advantageous to you if you ever want to resuse you code for another client (assuming your contract does not give exclusive ownership of your code to your existing client). The user the web server connects with should be as restricted as possible. It should only have permission to connect to the database from the host where the web server is running (localhost if running on same machine as the sql server) and should not be granted any permissions it does not absolutely need. The file containing the database authentication credentials should end in .php and not .inc, and if at all possible, should be outside the web root (you can modify the include path to add a directory outside the web root that has includes - or include the file full path). Make sure error reporting is turned off on the production web server (you can still read errors in the web server log). If at all possible, run php compiled with the suhosin core patch and also run the suhosin loadable module. -=- You shouldn't need addslashes with prepared statements. You should run user input through an existed tested input filter, such as http://htmlpurifier.org/ rather than trying to re-invent the wheel and create your own. Script kiddies have scripts that test webapps for input vulnerabilities (both xss and sql injection), and some of them are rather tricky and browser specific. A community driven project like HTMLPurifier is more likely to catch malicious input than something you cobble together. PDO is another good option. You shouldn't have to worry about escaping or SQL injections, though suhosin is a great idea. http://php.net/manual/book.pdo.php -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Eddie Drapkin wrote: Suhosin is completely not-related to SQL, though, I don't know why you'd bring it up... Well, because the post that I was replying to brought it up and I happen to agree that it's a good idea even though it has nothing to do with SQL :-) Michael A. Peters wrote: Use prepared statements. If you are just starting out, I would recommend using a database abstraction layer, such as MDB2 from pear. Doing it now is a LOT easier than porting an existing web application to use a database abstraction layer. With prepared statement, sql injection is not an issue. Example of prepared statement with MDB2: $types = Array('integer','text','integer'); $q = 'SELECT somefield,someotherfield FROM sometable WHERE afield ? AND bfield=? AND cfield ? ORDER BY somefield'; $sql = $mdb2-prepare($q,$types,MDB2_PREPARE_RESULT); $args = Array($var1,$var2,$var3); $rs = $sql-execute($args); Prepared statements pretty much neuter any and all sql injection attempts, assuming the database supports prepared statements (otherwise the abstraction layer may emulate them which could possibly be prone to vulnerabilities). While you do not need to use an abstraction layer to use prepared statements, the advantage of an abstraction layer is that your code will be much easier to port to a different database - advantageous to your client if they ever want to change databases, advantageous to you if you ever want to resuse you code for another client (assuming your contract does not give exclusive ownership of your code to your existing client). The user the web server connects with should be as restricted as possible. It should only have permission to connect to the database from the host where the web server is running (localhost if running on same machine as the sql server) and should not be granted any permissions it does not absolutely need. The file containing the database authentication credentials should end in .php and not .inc, and if at all possible, should be outside the web root (you can modify the include path to add a directory outside the web root that has includes - or include the file full path). Make sure error reporting is turned off on the production web server (you can still read errors in the web server log). *If at all possible, run php compiled with the suhosin core patch and also run the suhosin loadable module.* -=- You shouldn't need addslashes with prepared statements. You should run user input through an existed tested input filter, such as http://htmlpurifier.org/ rather than trying to re-invent the wheel and create your own. Script kiddies have scripts that test webapps for input vulnerabilities (both xss and sql injection), and some of them are rather tricky and browser specific. A community driven project like HTMLPurifier is more likely to catch malicious input than something you cobble together. PDO is another good option. You shouldn't have to worry about escaping or SQL injections, though suhosin is a great idea. http://php.net/manual/book.pdo.php -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP class question
On Thu, 21 May 2009 14:08:11 -0500 Shawn McKenzie nos...@mckenzies.net wrote: This doesn't make sense. You say class A needs to be extended with another class, however what you show below is class A extending framework_class. I worded it wrong, I apologize. Class A needs to be an extension of the framework class. -- Peter van der Does GPG key: E77E8E98 IRC: Ganseki on irc.freenode.net Blog: http://blog.avirtualhome.com Forums: http://forums.avirtualhome.com Jabber ID: pvanderd...@gmail.com GetDeb Package Builder http://www.getdeb.net - Software you want for Ubuntu -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CSS tables
Hi, This post is another one that might be better asked on a CSS-list, but it is relevant to this thread. The calendar at http://php1.net/my-php-calendar/ seems to have a similar issue to a problem I am havingcell borders (sometimes) disappear in Firefox when you zoom out. In both this calendar and mine, the behavior is unpredictable---sometimes a border will be there, and other times not. In my case, I have a javascript mouseover, and the mouseover changes the border behavior below it. Does anybody have any experience with this? Thanks! -jessi tedd wrote: At 11:28 PM +0100 5/15/09, Nathan Rixham wrote: tedd wrote: However, there are occasions such as in a calendar where not using a table would be more than difficult. I haven't received a decree yet as to IF that would be considered column data or not. I'm gonna differ on this one, when you simply float each calender item to the left you're pretty much done, in many cases i find it easier than tables. Okay -- so you find them easier to use for this purpose. This is my little php calendar (not all the code is mine): http://php1.net/my-php-calendar/ and I use tables. I would not want to redo this script using pure css, but I probably will do it at some point. We all have investments into our code. Do you have a css calendar to show? Cheers, tedd -- Jessi Berkelhammer Downtown Emergency Service Center Computer Programming Specialist -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CSS tables
On Thu, 2009-05-21 at 13:05 -0700, Jessi Berkelhammer wrote: Hi, This post is another one that might be better asked on a CSS-list, but it is relevant to this thread. The calendar at http://php1.net/my-php-calendar/ seems to have a similar issue to a problem I am havingcell borders (sometimes) disappear in Firefox when you zoom out. In both this calendar and mine, the behavior is unpredictable---sometimes a border will be there, and other times not. In my case, I have a javascript mouseover, and the mouseover changes the border behavior below it. Does anybody have any experience with this? Thanks! -jessi tedd wrote: At 11:28 PM +0100 5/15/09, Nathan Rixham wrote: tedd wrote: However, there are occasions such as in a calendar where not using a table would be more than difficult. I haven't received a decree yet as to IF that would be considered column data or not. I'm gonna differ on this one, when you simply float each calender item to the left you're pretty much done, in many cases i find it easier than tables. Okay -- so you find them easier to use for this purpose. This is my little php calendar (not all the code is mine): http://php1.net/my-php-calendar/ and I use tables. I would not want to redo this script using pure css, but I probably will do it at some point. We all have investments into our code. Do you have a css calendar to show? Cheers, tedd -- Jessi Berkelhammer Downtown Emergency Service Center Computer Programming Specialist I've just zoomed out to the maximum Fx allows me, and the borders remain all the way through. Using Fx 2 on Linux. It could be a known issue, have the you checked Bugzilla? Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP class question
Peter van der Does wrote: On Thu, 21 May 2009 14:08:11 -0500 Shawn McKenzie nos...@mckenzies.net wrote: This doesn't make sense. You say class A needs to be extended with another class, however what you show below is class A extending framework_class. I worded it wrong, I apologize. Class A needs to be an extension of the framework class. Well I guess from my point of view there are several ways depending upon the requirements. Others that are better with OOP will chime in I'm sure. This I'll get flamed for, but you can use one instance of core as a global: class A extends framework_class { var $core; function A() { $this-core = $GLOBALS['core']; $this-core-go(); } } //in global scope in bootstrap or whatever $core = new core(); Along the same lines but more OOP and without globals, maybe use a registry class and store core in the registry. This also uses one instance of core: class Registry { protected $_objects = array(); function set($name, $object) { $this-_objects[$name] = $object; } function get($name) { return $this-_objects[$name]; } } class A extends framework_class { var $core; function A($registry) { //dunno if you need a reference here or not $this-core = $registry-get('core'); $this-core-go(); } //i guess you could also pass in core, but registry will give you all objects in the registry //function A(core) { //$this-core = $core; //$this-core-go(); //} } //this is in your bootstrap or whatever $core = new core(); $registry = new registry(); $registry-set('core', $core); Or, if you don't need an object, call it statically: class A extends framework_class { function A() { core::go(); } } -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP class question
Shawn McKenzie wrote: Peter van der Does wrote: On Thu, 21 May 2009 14:08:11 -0500 Shawn McKenzie nos...@mckenzies.net wrote: This doesn't make sense. You say class A needs to be extended with another class, however what you show below is class A extending framework_class. I worded it wrong, I apologize. Class A needs to be an extension of the framework class. Well I guess from my point of view there are several ways depending upon the requirements. Others that are better with OOP will chime in I'm sure. This I'll get flamed for, but you can use one instance of core as a global: class A extends framework_class { var $core; function A() { $this-core = $GLOBALS['core']; $this-core-go(); } } //in global scope in bootstrap or whatever $core = new core(); Along the same lines but more OOP and without globals, maybe use a registry class and store core in the registry. This also uses one instance of core: class Registry { protected $_objects = array(); function set($name, $object) { $this-_objects[$name] = $object; } function get($name) { return $this-_objects[$name]; } } class A extends framework_class { var $core; function A($registry) { //dunno if you need a reference here or not $this-core = $registry-get('core'); $this-core-go(); } //i guess you could also pass in core, but registry will give you all objects in the registry //function A(core) { //$this-core = $core; //$this-core-go(); //} } //this is in your bootstrap or whatever $core = new core(); $registry = new registry(); $registry-set('core', $core); Or, if you don't need an object, call it statically: class A extends framework_class { function A() { core::go(); } } I guess you could always do a singleton so that you always have the same instance. Add something like this to the core class (not tested): static $_instance; function getInstance() { if(self::$_instance === null) { self::$_instance = new self(); } return self::$_instance; } Then you can do: class A extends framework_class { var $core; function A() { $this-core = core::getInstance(); $this-core-go(); } } -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE
Eddie Drapkin wrote: Suhosin is completely not-related to SQL, though, I don't know why you'd bring it up... I brought it up because suhosin catches many exploits that otherwise get through, including exploits that allow inclusion of remote files that can then be used to run arbitrary commands on the server, send include files (such as the db authentication script) as plain text, all kinds of nasty can result. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP class question
Shawn McKenzie wrote: Shawn McKenzie wrote: Peter van der Does wrote: On Thu, 21 May 2009 14:08:11 -0500 Shawn McKenzie nos...@mckenzies.net wrote: This doesn't make sense. You say class A needs to be extended with another class, however what you show below is class A extending framework_class. I worded it wrong, I apologize. Class A needs to be an extension of the framework class. Well I guess from my point of view there are several ways depending upon the requirements. Others that are better with OOP will chime in I'm sure. This I'll get flamed for, but you can use one instance of core as a global: class A extends framework_class { var $core; function A() { $this-core = $GLOBALS['core']; $this-core-go(); } } //in global scope in bootstrap or whatever $core = new core(); Along the same lines but more OOP and without globals, maybe use a registry class and store core in the registry. This also uses one instance of core: class Registry { protected $_objects = array(); function set($name, $object) { $this-_objects[$name] = $object; } function get($name) { return $this-_objects[$name]; } } class A extends framework_class { var $core; function A($registry) { //dunno if you need a reference here or not $this-core = $registry-get('core'); $this-core-go(); } //i guess you could also pass in core, but registry will give you all objects in the registry //function A(core) { //$this-core = $core; //$this-core-go(); //} } //this is in your bootstrap or whatever $core = new core(); $registry = new registry(); $registry-set('core', $core); Or, if you don't need an object, call it statically: class A extends framework_class { function A() { core::go(); } } I guess you could always do a singleton so that you always have the same instance. Add something like this to the core class (not tested): static $_instance; function getInstance() { if(self::$_instance === null) { self::$_instance = new self(); } return self::$_instance; } Then you can do: class A extends framework_class { var $core; function A() { $this-core = core::getInstance(); $this-core-go(); } } bullseye, static is the way to approach when you only need a single instance however you don't always need to include a referent to the instance inside your class.. you can easily core::getInstance()-go() or core::go() and have class core store an instance of itself class core { var $instance; function getInstance() ..etc - been so long since i touched php4 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] CSS tables
There appears to be a bug in the FF3x cell line generating code. border-collapse is a mess, it doubles up some cell lines and drops others when drawing and redrawing tables. I had to make a nice lines between cells by assigning tds with bottom and right sides only. Al... Jessi Berkelhammer wrote: Hi, This post is another one that might be better asked on a CSS-list, but it is relevant to this thread. The calendar at http://php1.net/my-php-calendar/ seems to have a similar issue to a problem I am havingcell borders (sometimes) disappear in Firefox when you zoom out. In both this calendar and mine, the behavior is unpredictable---sometimes a border will be there, and other times not. In my case, I have a javascript mouseover, and the mouseover changes the border behavior below it. Does anybody have any experience with this? Thanks! -jessi tedd wrote: At 11:28 PM +0100 5/15/09, Nathan Rixham wrote: tedd wrote: However, there are occasions such as in a calendar where not using a table would be more than difficult. I haven't received a decree yet as to IF that would be considered column data or not. I'm gonna differ on this one, when you simply float each calender item to the left you're pretty much done, in many cases i find it easier than tables. Okay -- so you find them easier to use for this purpose. This is my little php calendar (not all the code is mine): http://php1.net/my-php-calendar/ and I use tables. I would not want to redo this script using pure css, but I probably will do it at some point. We all have investments into our code. Do you have a css calendar to show? Cheers, tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Parse ini file problem
Thodoris wrote: I am trying to parse an ini conf file using parse_ini_file but fails without returning something. I found this which is probably the reason: http://bugs.php.net/bug.php?id=44544 (the $ in the values) The problem is that this file has more than 7500 lines so it's kind of difficult to use quotes in all fields and there are several other reasons that I want to avoid quoting the values. In addition to that PHP 5.3 (which fixes this) is not stable yet and thus I can't install it in a production machine. So does anybody know any workarounds?? well, looks that the 3rd argument has always been a part of parse_ini_string() So, you could do this... $ini_data = parse_ini_string(file_get_contents($filename), FALSE, INI_SCANNER_RAW); I think this will work for you. Jim Lucas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php