php-general Digest 7 Aug 2010 02:22:49 -0000 Issue 6883
php-general Digest 7 Aug 2010 02:22:49 - Issue 6883 Topics (messages 307344 through 307359): Protecting PHP scripts called via AJAX from evil 307344 by: Marc Guay 307345 by: Ashley Sheridan 307346 by: Joshua Kehn 307348 by: tedd 307349 by: Marc Guay Re: Quotes vs. Single Quote 307347 by: tedd 307353 by: Bill Guion 307354 by: Richard Quadling Re: PHP The Anthem 307350 by: Joshua Kehn 307351 by: tedd 307352 by: Joshua Kehn how do you upload to a 3rd-party remote server? 307355 by: Govinda 307356 by: shiplu 307357 by: Govinda 307358 by: Daniel P. Brown question about compiling a portable web server for linux 307359 by: lainme Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc ---End Message--- ---BeginMessage--- On Fri, 2010-08-06 at 09:41 -0400, Marc Guay wrote: Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc I think the only sensible way to solve this is to pass a unique authentication key with each request. Usually this is done with the session id, which is checked on the server-side each time an action is triggered. Sure, someone could look at the session id and copy it to a script, but sessions usually expire after a certain amount of time if they don't remain active. Even if someone did start up a script with a valid session id and make repeated requests to your system, they should only have the session id if they are a valid user of your system anyway, so whether they do it via a browser or not shouldn't make much of a difference. If you're worried about someone logging in and using an automated process to abuse your system, you could add a logging method to your PHP code that tracks every action a user makes. This way, you can then have checks in your code to look for suspicious activity and destroy a session. Suspicious activity could be anything from lots of invalid requests to a continuous stream of requests and requests made at too regular an interval. Thanks, Ash http://www.ashleysheridan.co.uk ---End Message--- ---BeginMessage--- On Aug 6, 2010, at 9:41 AM, Marc Guay wrote: Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Marc- The best way (and what I currently use) is to add a nonce style value to the form with a random name and then also add that to the session. $nonce = sha1(microtime(true)); $name = sha1(rand(0,10)); $_SESSION['nonce'] = array($name = $nonce); ?input type=hidden value=?php echo $nonce; ?
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 04:10, Rick Dwyer rpdw...@earthlink.net wrote: Hi List. I've mentioned before that I am both just beginning to learn PHP AND I have inherited a number of pages that I'm trying to clean up the w3c validation on. Something that confuses me is how the code on the page is written where in one instance, it follows this: echo table border='1'tr And elsewhere on the page it follows: echo 'table border=1tr In what I've read and from many of the suggestions from this board, the latter seems to be the better way to code, generally speaking. It isn't better or worse. The only thing that makes a difference is what suits you - stick to what works for you. Both double-quotes and single-quotes can result in gotchas (in double quotes you have to escape more, which you have to keep in mind, whereas in single quotes you have a lot less power, which you might forget). There's no difference in performance, which leaves just one thing: personal preference. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 07:34, Peter Lind peter.e.l...@gmail.com wrote:
On 6 August 2010 04:10, Rick Dwyer rpdw...@earthlink.net wrote:
Hi List.
I've mentioned before that I am both just beginning to learn PHP AND I have
inherited a number of pages that I'm trying to clean up the w3c validation
on.
Something that confuses me is how the code on the page is written where in
one instance, it follows this:
echo table border='1'tr
And elsewhere on the page it follows:
echo 'table border=1tr
In what I've read and from many of the suggestions from this board, the
latter seems to be the better way to code, generally speaking.
It isn't better or worse. The only thing that makes a difference is
what suits you - stick to what works for you. Both double-quotes and
single-quotes can result in gotchas (in double quotes you have to
escape more, which you have to keep in mind, whereas in single quotes
you have a lot less power, which you might forget). There's no
difference in performance, which leaves just one thing: personal
preference.
Regards
Peter
--
hype
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
/hype
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
You also have heredoc ...
?php
$array = array('value' = 'A daft div. Click me and you\'re a numpty.');
echo END_HTML_WITH_EMBEDDED_JS
html
head
titleAll In One/title
/head
body
divThe div below should say that it is a daft div and if you
click it then you're a numpty./div
div class=daft onClick=alert('You clicked a \daft\ div and
you\'re a numpty');{$array['value']}/div
/body
/html
END_HTML_WITH_EMBEDDED_JS;
?
will output ...
html
head
titleAll In One/title
/head
body
div class=daft onClick=alert('You clicked a \daft\ div and
you\'re a numpty');A daft div. Click me and you're a numpty./div
/body
/html
The above example shows how escaping can be minimized. I've done it
manually, but it could have been done by using htmlentities() or
htmlspecialchars() with ENT_QUOTES.
Only the JS code needed the escaping. The \ because the is in an
attribute value (which used as the delimiter) and the \' because the
' is used as a string delimiter for the alert() call.
Obviously, it IS a bit of a mess. Using normal string concatenation,
it becomes a lot harder.
?php
$array = array('value' = 'A daft div. Click me and you\'re a numpty.');
echo html
head
titleAll In One/title
/head
body
divThe div below should say that it is a \daft\ div and if you
click it then you're a numpty./div
div class=\daft\ onClick=\alert('You clicked a \\\daft\\\ div
and you\'re a numpty');\{$array['value']}/div
/body
/html;
?
So, 3 \. The first \ is to escape the second \, the third to escape
the . Which results in \ which is an escape of the in the HTML.
Now imagine the above string was a search and replace via some regular
expression. Sure you _can_ work it out, but sometimes you just keep
adding \ until it works.
You may need upto 6 \ in a row... or more!
Richard.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP The Anthem
At 4:57 PM -0700 8/5/10, Daevid Vincent wrote: http://www.youtube.com/watch?v=S8zhmiS-1kw http://shiflett.org/blog/2010/aug/php-anthem ...some people have way too much time. ;-) I agree. I don't have time to do nonsense and don't understand how people who are successful can waste time like this. Besides IMO, this is another example of hip-flop. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 11:00 PM -0400 8/5/10, Paul M Foster wrote:
On Thu, Aug 05, 2010 at 10:10:26PM -0400, Rick Dwyer wrote:
echo table border='1'tr
And elsewhere on the page it follows:
echo 'table border=1tr
Not acceptable and sloppy. Be consistent in your coding style. In
general, HTML attributes should be surrounded by double quotes. I don't
know about javascript. Moreover, it's generally better to simply output
HTML rather than to echo it, like:
table border=1tr
td
?php echo $some_value; ?
/td
Rick:
I agree with Paul.
I would only add that you should use what languages best serve your
needs. While it may not be obvious, the statement:
table border=1
is flawed (IMO).
The best way to handle this is to define a class (or id) for the
table in a css file and then set the border (i.e., styling) to
whatever you want. For example, your HTML would look like:
table class=my_table
And your CSS would contain:
.my_table
{
border: 1px solid black;
}
That way at some future date, you may want to change the border
color, size, whatever and it's a trivial thing to do so without
having to search through all your code to find ill-placed styling
attributes.
As I always say, neither CSS, PHP, or any web language exist in a
vacuum. It always best to use whatever language that makes your life
(and others) simpler.
Cheers,
tedd
PS: Considering that this is Friday. I have a grammar question for
the group. I said above:
neither CSS, PHP, or any web language exist in a vacuum.
Is the word neither appropriate in this sentence?
Normally, two items can be compared by neither or nor, but what
about more than two items? Is it appropriate to use neither or
nor for more than two items?
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Aug 6, 2010, at 8:08 AM, tedd wrote:
At 10:10 PM -0400 8/5/10, Rick Dwyer wrote:
2nd question, in the 3 [2] lines below:
$checkstat = select field from table where fieldid = $field_id;
$result1 = @mysql_query($checkstat,$connection) or die(Couldn't execute
query);
If I were to recode in the latter style, should they not look like this:
$checkstat = 'select field from table where fieldid = '.$field_id.'';
$result1 = @mysql_query($checkstat,$connection) or die('Couldn\'t execute
query');
Rick:
Others gave you good advice on quotes, but I'll address your second question
on database queries.
The following is in the form of what I normally do:
$query = SELECT field FROM table WHERE field_id = '$field_id' ;
$result = mysql_query($query) or die(Couldn't execute query);
Please note these are my preferences (others may have different preferences):
1. I use UPPERCASE for all MySQL syntax.
2. I do not use the @ before mysql_query because that suppresses errors. I
prefer to see errors and fix them.
3. It's not necessary to include the second argument (i.e., $connection) in
mysql_query.
4. IMO, a query should be named $query and a result should be named $result.
If I have several results, then I use $result1, $result2, $result3, and so on.
5. I try to match MySQL field names to PHP variable names, such as field_id =
'$field_id'. This makes it easier for me to read and debug.
6. Also note that the PHP variable $field_id is enclosed in single quotes
within the query.
7. For sake of readability, in the query I also place a space after the last
single quote and before the ending double quote, such as field_id =
'$field_id' . -- I do not like, nor is it readable, to have a singledouble
quote (i.e., ').
There is one additional thing that I do, but it requires an included
function. For your kind review, in my query I do this:
$result = mysql_query($query) or die(report($query,__LINE__,__FILE__)));
and the report function I include to the script is:
?php
// show dB errors ==
function report($query, $line, $file)
{
echo($query . 'br' .$line . 'br' . $file . 'br' . mysql_error());
}
?
That way, if something goes wrong, the report function will show in what file
and at what line number the error occurred. Now, this is OK for development,
but for production you should comment out the echo so you don't report errors
publicly. Besides, you should have all the errors fixed before your script
becomes production anyway, right? :-)
HTH,
tedd
Tedd,
Well said! I pretty much follow those same standards as well.
Especially with the naming of variables to match field names. I also make sure
that any form field names match my database names. It makes updating and
inserting records so much easier! I've written a database class that allows me
to update and insert records as easily as this:
$db-insert(table_name,$_POST);
$db-update(table_name,id_field_name,$id,$_POST);
And, yes, I do sanitize the data to make sure it doesn't do bad things to my
database! :)
Take care,
Floyd
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 13:31, tedd tedd.sperl...@gmail.com wrote: I have a grammar question for the group. I said above: neither CSS, PHP, or any web language exist in a vacuum. Is the word neither appropriate in this sentence? Normally, two items can be compared by neither or nor, but what about more than two items? Is it appropriate to use neither or nor for more than two items? http://en.wikipedia.org/wiki/Neither says that either can be used for many items if they are in a list (like you've used), so neither would probably follow the same argument. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Fri, Aug 6, 2010 at 8:31 AM, tedd tedd.sperl...@gmail.com wrote:
While it may not be obvious, the statement:
table border=1
is flawed (IMO).
The best way to handle this is to define a class (or id) for the table in
a css file and then set the border (i.e., styling) to whatever you want. For
example, your HTML would look like:
table class=my_table
And your CSS would contain:
.my_table
{
border: 1px solid black;
}
I more or less agree with you, but sometimes it's technically a little
more difficult than that. The border attribute on the table tag
affects not only the table itself, but also the cells inside it. The
CSS attribute only draws a border around the table. I believe the CSS
equivalent of how most browsers (I tested Fx 3.6.8, IE 7, Google
Chrome 5, Opera 10.53, and Safari (Windows) 5.0.1) render table
border=1 takes a little more:
table.my_table,
table.my_table thead tr th,
table.my_table tbody tr th,
table.my_table tfoot tr th,
table.my_table thead tr td,
table.my_table tbody tr td,
table.my_table tfoot tr td
{
border: solid 1px black;
}
And, of the browsers listed above, IE7 did not render the table
correctly. (I'm guessing it must not properly handle the child CSS
selectors.) If you do it without the child selectors:
table.my_table,
table.my_table th,
table.my_table td
{
border: solid 1px black;
}
All the browsers render it the same, but it has the side effect that
cells in nested tables also inherit the borders unless you do
something to exclude them:
table.my_table,
table.my_table th,
table.my_table td
{
border: solid 1px black;
}
table.my_table table,
table.my_table table th,
table.my_table table td
{
border: none;
}
As is often the case with CSS, that's a good bit more text to
accomplish the same effect as an older, smaller attribute. :-)
Andrew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Protecting PHP scripts called via AJAX from evil
Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protecting PHP scripts called via AJAX from evil
On Fri, 2010-08-06 at 09:41 -0400, Marc Guay wrote: Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc I think the only sensible way to solve this is to pass a unique authentication key with each request. Usually this is done with the session id, which is checked on the server-side each time an action is triggered. Sure, someone could look at the session id and copy it to a script, but sessions usually expire after a certain amount of time if they don't remain active. Even if someone did start up a script with a valid session id and make repeated requests to your system, they should only have the session id if they are a valid user of your system anyway, so whether they do it via a browser or not shouldn't make much of a difference. If you're worried about someone logging in and using an automated process to abuse your system, you could add a logging method to your PHP code that tracks every action a user makes. This way, you can then have checks in your code to look for suspicious activity and destroy a session. Suspicious activity could be anything from lots of invalid requests to a continuous stream of requests and requests made at too regular an interval. Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Protecting PHP scripts called via AJAX from evil
On Aug 6, 2010, at 9:41 AM, Marc Guay wrote: Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Marc- The best way (and what I currently use) is to add a nonce style value to the form with a random name and then also add that to the session. $nonce = sha1(microtime(true)); $name = sha1(rand(0,10)); $_SESSION['nonce'] = array($name = $nonce); ?input type=hidden value=?php echo $nonce; ? name=?php echo $name; ? /?php Then in the processing code check the nonce value to ensure (a) it exists, and (b) it matches the current session. You can also log all events in a table, filtering out user who make too many requests per minute / second / etc, depending on what you are using the AJAX bit for. Thanks, -Josh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 9:09 AM -0400 8/6/10, Andrew Ballard wrote:
On Fri, Aug 6, 2010 at 8:31 AM, tedd tedd.sperl...@gmail.com wrote:
While it may not be obvious, the statement:
table border=1
is flawed (IMO).
The best way to handle this is to define a class (or id) for the table in
a css file and then set the border (i.e., styling) to whatever you want. For
example, your HTML would look like:
table class=my_table
And your CSS would contain:
.my_table
{
border: 1px solid black;
}
I more or less agree with you, but sometimes it's technically a little
more difficult than that.
-snip-
As is often the case with CSS, that's a good bit more text to
accomplish the same effect as an older, smaller attribute. :-)
Andrew
Andrew:
The problem you cite is well said and your point is well taken.
However, the main point I am making is to move this problem totally
out of the HTML/PHP arena and place it where it belongs, which is
inside CSS -- after it *is* a presentation problem.
IMO, it is *far* better to deal with browser comparability problems
from one CSS file than it is to sort through all your PHP files
looking for the phrase table border=1. From my experience, when
you have a problem, it is always better to give it a name and deal
with it from one location.
As for older, smaller attributes, they are only getting older and
their importance lessens with time (I can relate.) :-)
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protecting PHP scripts called via AJAX from evil
At 9:41 AM -0400 8/6/10, Marc Guay wrote: Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc Marc: The logic should go like this. Your initial PHP script [1] first generates a form that employs an AJAX script to trigger the slave PHP script [2], right? If so, then have script [1] generate a unique token and place it in a SESSION, such as: $_SESSION['token'] = $token. Then have the PHP generated HTML form include a hidden input statement, such as: input type=hidden name=token value=?php echo($token);? Note, the hidden isn't providing any security -- it simply means that the value isn't printed to the browser window. Then have the slave PHP script [2] check the value in the $_SESSION['token'] with the value provided by the form. If the two match, then everything has been done via your server. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protecting PHP scripts called via AJAX from evil
Thanks everyone. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP The Anthem
On Aug 6, 2010, at 7:27 AM, tedd wrote: At 4:57 PM -0700 8/5/10, Daevid Vincent wrote: http://www.youtube.com/watch?v=S8zhmiS-1kw http://shiflett.org/blog/2010/aug/php-anthem ...some people have way too much time. ;-) I agree. I don't have time to do nonsense and don't understand how people who are successful can waste time like this. Besides IMO, this is another example of hip-flop. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php There is something wrong with having a little fun? Regards, -Josh Joshua Kehn | josh.k...@gmail.com http://joshuakehn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP The Anthem
At 10:30 AM -0400 8/6/10, Joshua Kehn wrote: On Aug 6, 2010, at 7:27 AM, tedd wrote: There is something wrong with having a little fun? Regards, -Josh Yes, it's a waste of time -- humbug! Cheers, tedd -- --- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP The Anthem
On Aug 6, 2010, at 11:12 AM, tedd wrote: At 10:30 AM -0400 8/6/10, Joshua Kehn wrote: On Aug 6, 2010, at 7:27 AM, tedd wrote: There is something wrong with having a little fun? Regards, -Josh Yes, it's a waste of time -- humbug! Cheers, tedd -- --- http://sperling.com/ Tedd- I guess that quarters game was a complete waste of time as well? :) Regards, -Josh Joshua Kehn | josh.k...@gmail.com http://joshuakehn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 8:31 AM -0400 08/06/10, tedd wrote: Cheers, tedd PS: Considering that this is Friday. I have a grammar question for the group. I said above: neither CSS, PHP, or any web language exist in a vacuum. Is the word neither appropriate in this sentence? Normally, two items can be compared by neither or nor, but what about more than two items? Is it appropriate to use neither or nor for more than two items? Somewhere along the line, probably in college (if it were before college, it would have been so long ago I would have forgotten it), a professor said to handle this sort of thing thusly: neither A, nor B, nor C A little more wordy, but completely unambiguous. -= Bill =- -- Don't find fault. Find a remedy. - Henry Ford -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 16:18, Bill Guion bgu...@comcast.net wrote: At 8:31 AM -0400 08/06/10, tedd wrote: Cheers, tedd PS: Considering that this is Friday. I have a grammar question for the group. I said above: neither CSS, PHP, or any web language exist in a vacuum. Is the word neither appropriate in this sentence? Normally, two items can be compared by neither or nor, but what about more than two items? Is it appropriate to use neither or nor for more than two items? Somewhere along the line, probably in college (if it were before college, it would have been so long ago I would have forgotten it), a professor said to handle this sort of thing thusly: neither A, nor B, nor C A little more wordy, but completely unambiguous. neither CSS, PHP, nor any web language exist in a vacuum. would probably do. All negatives, so little wiggle room really. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] how do you upload to a 3rd-party remote server?
Hi All I am working on a page which will write out a file (using another server-side language) and then that file will get uploaded nightly to someone else's FTP directory, on a 3rd party remote server. As I start to contemplate that last part about auto-uploading to someone else's FTP directory it escapes me what that code will need to look like.. I have some ideas, but I thought to just ask you first. Can someone outline that pseudo code in PHP for me?.. so I can translate it to the language I am working with? Or is this a shell operation? (where I am even more green.) Govinda govinda.webdnat...@gmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how do you upload to a 3rd-party remote server?
You have to maintain a queue if I understand it properly. PHP page will send request on one end of queue. And the server side cron will process from other end. Cron will upload it to ftp. Now you can implement a queue using database table or you can just use a file. Shiplu Mokadd.im My talks, http://talk.cmyweb.net Follow me, http://twitter.com/shiplu -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how do you upload to a 3rd-party remote server?
You have to maintain a queue if I understand it properly. PHP page will send request on one end of queue. And the server side cron will process from other end. Cron will upload it to ftp. Now you can implement a queue using database table or you can just use a file. can you elaborate? This kind of thing is all new to me. I need to see some sample code to even start to get an idea. Thanks for your (all) time, -Govinda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] how do you upload to a 3rd-party remote server?
On Fri, Aug 6, 2010 at 19:53, Govinda govinda.webdnat...@gmail.com wrote: can you elaborate? This kind of thing is all new to me. I need to see some sample code to even start to get an idea. Hopefully Tedd will notice this thread. He's the man when it comes to sample code. While there may be nothing directly-related to this (I don't know, I haven't looked), you may want to check http://php1.net/ to see some of his other samples for other issues that come up. -- /Daniel P. Brown UNADVERTISED DEDICATED SERVER SPECIALS SAME-DAY SETUP Just ask me what we're offering today! daniel.br...@parasane.net || danbr...@php.net http://www.parasane.net/ || http://www.pilotpig.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] question about compiling a portable web server for linux
Hi, I recently compiled a portable portable web server for linux, using lighttpd and php. But it seems that php can only run on machine with the same glibc version compiled it. How can I solve the problem?
Re: [PHP] question about compiling a portable web server for linux
On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: Hi, I recently compiled a portable portable web server for linux, using lighttpd and php. But it seems that php can only run on machine with the same glibc version compiled it. How can I solve the problem? It's not a PHP problem. If you compile something, it's compiled to the same architecture that you specify, which by default is yours. have you tried compiling your executable with the same setup as you're currently using? Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] question about compiling a portable web server for linux
thanks for the reply. I know it is not a PHP problem. And I want to know whether it is possible to make it architecture independent. On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: Hi, I recently compiled a portable portable web server for linux, using lighttpd and php. But it seems that php can only run on machine with the same glibc version compiled it. How can I solve the problem? It's not a PHP problem. If you compile something, it's compiled to the same architecture that you specify, which by default is yours. have you tried compiling your executable with the same setup as you're currently using? Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] question about compiling a portable web server for linux
On Sat, 2010-08-07 at 10:43 +0800, lainme wrote: thanks for the reply. I know it is not a PHP problem. And I want to know whether it is possible to make it architecture independent. On Sat, Aug 7, 2010 at 10:38 AM, Ashley Sheridan a...@ashleysheridan.co.ukwrote: On Sat, 2010-08-07 at 10:22 +0800, lainme wrote: Hi, I recently compiled a portable portable web server for linux, using lighttpd and php. But it seems that php can only run on machine with the same glibc version compiled it. How can I solve the problem? It's not a PHP problem. If you compile something, it's compiled to the same architecture that you specify, which by default is yours. have you tried compiling your executable with the same setup as you're currently using? Thanks, Ash http://www.ashleysheridan.co.uk You can't compile to be architecture independent. The best you can do is convert a language to a byte-code, like java. Thanks, Ash http://www.ashleysheridan.co.uk
