php-general Digest 5 Mar 2011 05:41:35 -0000 Issue 7211
php-general Digest 5 Mar 2011 05:41:35 - Issue 7211 Topics (messages 311667 through 311682): Re: Somewhat OT - Stored Procedures 311667 by: Nathan Rixham 311668 by: Nathan Rixham Re: Overriding session length in existing session? 311669 by: Scott Baker 311676 by: Marc Guay Re: something about dates in mysql 311670 by: Florin Jurcovici Double method access (Hi everyone! :)) 311671 by: Paola Alvarez 311672 by: alex 311673 by: larry.garfieldtech.com 311675 by: Paola Alvarez Possible bug in PHP 5.3.5 with OAuth extension? 311674 by: Daniel Hong 311679 by: Daniel Hong 311680 by: Jim Lucas 311681 by: Daniel Hong 311682 by: Daniel Hong Returning a recordset to a desktop app 311677 by: Ken Watkins 311678 by: larry.garfieldtech.com Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Hi Nathan, Nathan Nobbe wrote: Also, bear in mind that personally I tend to favor OO paradigms for application development so would prefer feedback that incorporates that tendency. Initial thoughts are Bad: . Not well suited for ORM, particularly procedures which return multiple result sets consisting of columns from multiple tables . Greater potential for duplicated logic, I think this comes down to a well defined set of rules for any given application, read: convention required for success . Scripting languages are vendor specific, and likely most application developers have a limited understanding thereof Good: . Better performance . Fill in blank on convincing bullets here It's a trade-off thing, and to be looked at on a case by case basis. The major factors are - closer to the iron (better performance, as you said) - information hiding and security - code portability If you have multiple clients all doing the same procedure/routine then it can be wise to used stored procedures/routines, even just for things like administration and optimization, because the routine is decoupled from the app tier, with just the interface exposed, you can optimize without having to change app tier code, delegate to db admins and suchlike. Likewise, information hiding is also a property of security, you can expose the bare minimum without letting developers, or those with access to the code, see the full database layout and structure. Similarly you can set up logging at procedure level, and ensure acidity of transactions at db level. Some of the key factors though, are design choices in the way you code applications, OO and using ORMs is a significant choice, and perhaps you're better staying with what's familiar and delegating / trusting the ORM layer + visible code which you're used to and can tweak easily. If you were developing C/++ and running on pl-sql over virtuoso or something the advice may be different. Do remember that you aren't tied to RDBMS in any way though, there's a huge world of [ http://nosql-database.org/ choices and styles ] out there that also should/could be considered, many of which suit the OO style far better ;) Best, Nathan (namesake) ---End Message--- ---BeginMessage--- Richard Quadling wrote: At a fundamental level, my PHP code isn't concerning itself with any physical data structures. As much as possible my PHP code treats the sql data source as a processor ready to supply data in a standardized form (even hierarchical) and to accept data for storage (again hierarchical). My PHP code knows next to nothing about the table structure (why should it - it isn't a database). Exactly - separation of concerns, a core principal to learn and apply wherever you can. ---End Message--- ---BeginMessage--- On 03/04/2011 05:37 AM, Marc Guay wrote: Howdy. Don't sessions expire when the browser closes as a rule? Do you mean the session cookie? Why not store the cookie, if one exists, in a $_SESSION variable in your header file and then refer to that in the rest of your code, rather than the cookie. Then when you want to destroy the session cookie, you can overwrite it and the existing session will still flow using the $_SESSION vars until the browser closes. It's early here, I hope that sort of makes sense and that I've at least sort of understood the problem. I'm setting my session cookies, and my session data on the server to expire X days in the future. That's set globally in my header.php file. When the use logs in it stores their login information in the session and it's good for 7 days. I have an option on the login page public terminal that I want to make clear the session on browser close. The problem is that I've already (in
RE: [PHP] Check for open file
-Original Message- From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] Sent: Thursday, March 03, 2011 2:03 PM To: sstap...@mnsi.net Cc: php-general@lists.php.net Subject: RE: [PHP] Check for open file As far as I was aware, if you're in the middle of writing to a file and another script was attempting to write to it, the OS would prevent that as you had an open lock on it. -- Thanks, Ash http://www.ashleysheridan.co.uk And as it turned out, that was not the case. I started copying a 200MiB file from my desktop machine onto the Samba share. While that was copying, I got onto the server and tried to copy the file to /tmp and it happily did that for me without any indication that it was still being written to (which is was by the way.) So, that's not a good way of dealing with this. I think I'm going to have to go with a time delay function here ... -- There are potential problems using timing delays, and networking compounds them. It might be more robust to use some simple method outside of php to indicate a file is busy being copied, like using a reserved extension for the copy and then renaming to the proper filename after the copy is complete, or copying to a temp directory and then moving the file to the destination directory once copied (renames and moves take milliseconds). Assuming you're able to automate the copy process. Cheers Arno -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Help! Made a boo-boo encrypting credit cards
On Fri, 11 Feb 2011 14:42:18 -0800, Brian Dunning wrote:
Hey all -
I'm using mcrypt to store credit cards into MySQL. About 90%
of them decrypt fine, but about 10% decrypt as nonsense
(b1�\�JEÚU�A��� is a good example). Maybe there is a
character that appears in about 10% of my encryptions that's
not being encoded properly???
Can you come up with a phony CC number that fails the
decryption? If so, please post:
$cc_number
binhex($iv)
binhex($cc_encrypt)
binhex($row['encrypt_iv']))
binhex($row['cc_encrypt']))
More below...
// Encryption is set up at the top of the script:
$crypto = mcrypt_module_open('rijndael-256', '', 'ofb', '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($crypto), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size($crypto);
$key = substr(md5('my_funky_term'), 0, $ks);
// When the card number is collected by the form, it's encrypted:
$cc_number = addslashes($_POST['cc_number']);
mcrypt_generic_init($crypto, $key, $iv);
$cc_encrypt = mcrypt_generic($crypto, $cc_number);
mcrypt_generic_deinit($crypto);
// This is written to the database:
$query = update accounts set cc_encrypt='$cc_encrypt', encrypt_iv='$iv',
other_fields='$other_stuff' where id='$account_id' limit 1;
$result = mysql_query($query) or die(mysql_error());
No mysql_real_escape_string()?
Both the cc_encrypt and encrypt_iv fields are tinytext, latin1_swedish_ci,
MyISAM, MySQL 5.0.91
Why are you using text fields for storing binary data?
Sounds like this could go horribly wrong for a number
or reasons.
In another script, when I retrieve, I first set it up at the top of the
script exactly like step #1 above, then retrieve it like this:
mcrypt_generic_init($crypto, $key, $row['encrypt_iv']);
$cc_number = trim(mdecrypt_generic($crypto, $row['cc_encrypt']));
mcrypt_generic_deinit($crypto);
/Nisse
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Overriding session length in existing session?
This is called globally in *all* my scripts. In another script I'd really like to set the session to expire after the browser closes if a uses clicks public terminal or something. Howdy. Don't sessions expire when the browser closes as a rule? Do you mean the session cookie? Why not store the cookie, if one exists, in a $_SESSION variable in your header file and then refer to that in the rest of your code, rather than the cookie. Then when you want to destroy the session cookie, you can overwrite it and the existing session will still flow using the $_SESSION vars until the browser closes. It's early here, I hope that sort of makes sense and that I've at least sort of understood the problem. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Help! Made a boo-boo encrypting credit cards
2011/3/4 Nisse Engström news.nospam.0ixbt...@luden.se:
On Fri, 11 Feb 2011 14:42:18 -0800, Brian Dunning wrote:
Hey all -
I'm using mcrypt to store credit cards into MySQL. About 90%
of them decrypt fine, but about 10% decrypt as nonsense
(b1�\�JEÚU�A��� is a good example). Maybe there is a
character that appears in about 10% of my encryptions that's
not being encoded properly???
Can you come up with a phony CC number that fails the
decryption? If so, please post:
$cc_number
binhex($iv)
binhex($cc_encrypt)
binhex($row['encrypt_iv']))
binhex($row['cc_encrypt']))
More below...
// Encryption is set up at the top of the script:
$crypto = mcrypt_module_open('rijndael-256', '', 'ofb', '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($crypto), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size($crypto);
$key = substr(md5('my_funky_term'), 0, $ks);
// When the card number is collected by the form, it's encrypted:
$cc_number = addslashes($_POST['cc_number']);
mcrypt_generic_init($crypto, $key, $iv);
$cc_encrypt = mcrypt_generic($crypto, $cc_number);
mcrypt_generic_deinit($crypto);
// This is written to the database:
$query = update accounts set cc_encrypt='$cc_encrypt', encrypt_iv='$iv',
other_fields='$other_stuff' where id='$account_id' limit 1;
$result = mysql_query($query) or die(mysql_error());
No mysql_real_escape_string()?
Both the cc_encrypt and encrypt_iv fields are tinytext, latin1_swedish_ci,
MyISAM, MySQL 5.0.91
Why are you using text fields for storing binary data?
Sounds like this could go horribly wrong for a number
or reasons.
In another script, when I retrieve, I first set it up at the top of the
script exactly like step #1 above, then retrieve it like this:
mcrypt_generic_init($crypto, $key, $row['encrypt_iv']);
$cc_number = trim(mdecrypt_generic($crypto, $row['cc_encrypt']));
mcrypt_generic_deinit($crypto);
/Nisse
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Considering their is no validation of the credit card number, you
could just use a random string of numbers starting with 99.
According to
http://en.wikipedia.org/wiki/List_of_Bank_Identification_Numbers#References,
nothing starts with 99.
--
Richard Quadling
Twitter : EE : Zend
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Somewhat OT - Stored Procedures
On 3 March 2011 18:30, Nathan Nobbe quickshif...@gmail.com wrote: Hey gang, (Yes Tedd, I like your style, when it pertains to how you address the list :)) I have a new curiosity that's arisen as a result of a new contract I'm working on, I'd like to bounce around some thoughts off the list and see what you folks think if interested. The topic at hand is stored procedures. Frankly, I've hardly ever even seen these in use, and what I'm trying to figure out are good rules of thumb as to where / when / how they are best used in application development. Also, bear in mind that personally I tend to favor OO paradigms for application development so would prefer feedback that incorporates that tendency. Initial thoughts are Bad: . Not well suited for ORM, particularly procedures which return multiple result sets consisting of columns from multiple tables . Greater potential for duplicated logic, I think this comes down to a well defined set of rules for any given application, read: convention required for success . Scripting languages are vendor specific, and likely most application developers have a limited understanding thereof Good: . Better performance . Fill in blank on convincing bullets here I've also done some reading on MSSQL vs. MySQL and found that the former offers much more features. I've also read that most databases only see roughly 40% of the feature sets being used for typical applications in the wild, and would agree from personal experience it is accurate. From my standpoint MySQL is popular because the features it offers are the features folks are really looking, one of those 80/20 things... I stumbled into this link on a google search, it's from '04 but looks to be relevant to this day http://www.codinghorror.com/blog/2004/10/who-needs-stored-procedures-anyways.html Your thoughts appreciated, -nathan Hello Nathan. I develop for and on Windows using IIS7 and MS SQL Server 7/2000/2005/2008. Almost exclusively I use prepared statements to talk to stored procedures and views. I use triggers and constraints to enforce RDI. I _do_ have the occasional hacky script which includes SQL, but only 'cause I was being lazy and wanted to do a one off change. At a fundamental level, my PHP code isn't concerning itself with any physical data structures. As much as possible my PHP code treats the sql data source as a processor ready to supply data in a standardized form (even hierarchical) and to accept data for storage (again hierarchical). My PHP code knows next to nothing about the table structure (why should it - it isn't a database). It does know that a customer object has a set of properties and a set of instruments of change which are passed to the SQL server to effect the data and are cached locally. PHP deals in objects/entities. Stored procedures provide the translation between the OOP and the RDBMS. This provides a nice clean interface between PHP and the data. The stored procedures and views are all pre-compiled - with their internal usage statistics to make best use of available indices and are tuned to the actual data rather than something I thought I knew about the data usage when I designed the DB. So speed is much more significant. Having every single SQL statement compiled from scratch for a 1 off use would seem wasteful. Multiple result sets are completely fine (at least for MS SQL Server) - Admittedly you have to currently process the result sets in sequential order (i.e. set 1 before moving to set 2 - can't move back to set 1). But that is something quite easy to work with when you know the limitation. And is the easiest way to get hierarchical data into PHP for me. I get all the relevant data in 1 hit rather than getting the data with potential mis-matching values due to the realtime multi-user environment. And, as I create apps with security levels, I can implement all of that on the server. No way to get around the security as there is no access to the tables directly. Portability is certainly an issue. But I don't use any other DB system. So, for me, it isn't an issue. BUT. Due to the abstraction layer PHP, sees a set of objects related to physical entities and has behaviour to manipulate the entities, re-engineering the best solution for Oracle or mysql would be an appropriate exercise. One size does NOT fit all. Never has. Never will. Having said all of that. One of the departments bought an app a few years ago that provided a set of stored procedures to amend the data, but didn't restrict access to the live data. As a consequence there were bugs where the app has failed to implement the same code as the stored procedures. That took us a while to work out. We just assumed that the stored procedures were in use. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Check for open file
On 3 March 2011 19:59, Ashley M. Kirchner ash...@pcraft.com wrote: Is there a clean or reliable way of checking to see if a file is still being written to before doing anything with it? Here's the scenario: we have a Samba share that we can copy files to (from within Windows or Macs). The server picks up the file and does some processing of said file. At the moment this is all a manual process: we copy a file into the Samba share, wait for that to finish then go to a web page (on the server) and tell it to process the file that was just copied into the Samba share. I'm trying to see if there is a way to automate this where a file, or multiple files, get copied into the share and the server picks them up and process automatically without needing any interaction. Can PHP detect this, or should I look into some delayed process of checking the file's modified time stamp versus current time and not touch the file till a certain threshold has been reached (say 30 seconds difference?). Ideas, suggestions, comments . I have a similar issue with files coming from a scanner connected to our network over a VPN. There end is only 10mb and the scans are significant. The one thing I found that I can rely on is the date the file was last modified. I have a process to copy the files if the saved file is more than 10 minutes old. Locking didn't happen (the scanning didn't create the file locked in any way). It was quite easy to amend the file whilst it was being written to by the scanner. Nothing I could do about that. The 10 minute delay on reading the file was fine for us. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Help! Made a boo-boo encrypting credit cards
Maybe I missed something here, but aren't the cc's held by the merchant account provider, and just an id by you to recharge(recurring or once), which can be disputed. I ask because it's been a while since I had to look at this. So let the OP's question take precedence, and mine secondary if necessary, if not then I'l move it to another post. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Check for open file
On Thu, Mar 3, 2011 at 14:59, Ashley M. Kirchner ash...@pcraft.com wrote: Can PHP detect this, or should I look into some delayed process of checking the file's modified time stamp versus current time and not touch the file till a certain threshold has been reached (say 30 seconds difference?). Give the native stat() function a spin: http://php.net/stat -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Check for open file
On Fri, 2011-03-04 at 09:55 -0500, Daniel Brown wrote: On Thu, Mar 3, 2011 at 14:59, Ashley M. Kirchner ash...@pcraft.com wrote: Can PHP detect this, or should I look into some delayed process of checking the file's modified time stamp versus current time and not touch the file till a certain threshold has been reached (say 30 seconds difference?). Give the native stat() function a spin: http://php.net/stat -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ Depending on the size of the file, wouldn't this fall under the 2gb limitation on windows 32bit OS? I ran into this problem on a project I was working on, and ended up switching to Python (but that is a WHOLE other conversation) just food for thought, since I am not sure of the size of files they are dealing with. Steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Delaying $(document).ready() in jQuery until php script finish
Richard Sharp wrote: I have been banging my head trying to figure out how to delay $(document).ready() command until my php script finish running and load data into a csv file. Any ideas *which* PHP script? are you returning an HTML document then keeping the script going in the background, /or/ are you requesting another script (by js, clicking a link, posting a form), /or/? I know it's a jQuery question, but it might be a PHP related gotcha. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Somewhat OT - Stored Procedures
Hi Nathan, Nathan Nobbe wrote: Also, bear in mind that personally I tend to favor OO paradigms for application development so would prefer feedback that incorporates that tendency. Initial thoughts are Bad: . Not well suited for ORM, particularly procedures which return multiple result sets consisting of columns from multiple tables . Greater potential for duplicated logic, I think this comes down to a well defined set of rules for any given application, read: convention required for success . Scripting languages are vendor specific, and likely most application developers have a limited understanding thereof Good: . Better performance . Fill in blank on convincing bullets here It's a trade-off thing, and to be looked at on a case by case basis. The major factors are - closer to the iron (better performance, as you said) - information hiding and security - code portability If you have multiple clients all doing the same procedure/routine then it can be wise to used stored procedures/routines, even just for things like administration and optimization, because the routine is decoupled from the app tier, with just the interface exposed, you can optimize without having to change app tier code, delegate to db admins and suchlike. Likewise, information hiding is also a property of security, you can expose the bare minimum without letting developers, or those with access to the code, see the full database layout and structure. Similarly you can set up logging at procedure level, and ensure acidity of transactions at db level. Some of the key factors though, are design choices in the way you code applications, OO and using ORMs is a significant choice, and perhaps you're better staying with what's familiar and delegating / trusting the ORM layer + visible code which you're used to and can tweak easily. If you were developing C/++ and running on pl-sql over virtuoso or something the advice may be different. Do remember that you aren't tied to RDBMS in any way though, there's a huge world of [ http://nosql-database.org/ choices and styles ] out there that also should/could be considered, many of which suit the OO style far better ;) Best, Nathan (namesake) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Somewhat OT - Stored Procedures
Richard Quadling wrote: At a fundamental level, my PHP code isn't concerning itself with any physical data structures. As much as possible my PHP code treats the sql data source as a processor ready to supply data in a standardized form (even hierarchical) and to accept data for storage (again hierarchical). My PHP code knows next to nothing about the table structure (why should it - it isn't a database). Exactly - separation of concerns, a core principal to learn and apply wherever you can. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Double method access (Hi everyone! :))
Hi there!, I have been reading this list before but this is my first post. Reading some code from Symfony I got this: $this-getTable()-getColumns() ...when you can use this double method access?, I used before the regular $this-getTable(), but two?. I mean I have been trying but I got an error* * Fatal error: Call to a member function ... on a non-object in ... Thanks! Paola PS: BTW, sorry my english isnt really good
Re: [PHP] Double method access (Hi everyone! :))
On 03/04/2011 09:25 PM, Paola Alvarez wrote: Hi there!, I have been reading this list before but this is my first post. Reading some code from Symfony I got this: $this-getTable()-getColumns() ...when you can use this double method access?, I used before the regular $this-getTable(), but two?. I mean I have been trying but I got an error* * Fatal error: Call to a member function ... on a non-object in ... I think the problem is $this-getTable() returns non-object. There is nothing wrong with using multiply - as long as return-value from previous call is an object. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Double method access (Hi everyone! :))
That's called method chaining. -getColumns() will get called on the object returned by -getTable(). That is, getTable() returns an object (presumably representing an SQL table, I guess), and that object has a getColumns() method, which you call. This is an extremely common style in Javascript code that has been gaining widespread use in PHP OO circles in recent years. If leveraged properly it can create very compact, very readable, very powerful code. (And if done stupidly can lead to a horrid mess, but that's true of any coding style.) --Larry Garfield On 3/4/11 1:25 PM, Paola Alvarez wrote: Hi there!, I have been reading this list before but this is my first post. Reading some code from Symfony I got this: $this-getTable()-getColumns() ...when you can use this double method access?, I used before the regular $this-getTable(), but two?. I mean I have been trying but I got an error* * Fatal error: Call to a member function ... on a non-object in ... Thanks! Paola PS: BTW, sorry my english isnt really good -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Possible bug in PHP 5.3.5 with OAuth extension?
Hello, I'm using the PHP OAuth extension and running into a strange issue. I'm not sure if it's a bug in PHP 5.3.5, or if it's a bug in the OAuth extension when installed on a system with PHP 5.3.5. On a machine with PHP 5.3.5, when I call OAuth::fetch() with http method of POST, the debug info is showing that it is sending as a GET request. As a result, the resource that I'm fetching returns with failure since it will only respond to a POST request. I tested this out on two different machines, and getting the same result on both. One machine is Ubuntu 10.04 with nginx 0.8.54 and PHP 5.3.5. The other is CentOS 5.5 with apache 2.2 and PHP 5.3.5. I have another Ubuntu 10.04 machine with PHP 5.3.3, and I am not having this issue on that machine. The OAuth debug info is correctly showing http method of POST. I guess I'll need to use PHP 5.3.3 in the mean time, but it would be great to know what the problem is. Thanks, daniel
Re: [PHP] Double method access (Hi everyone! :))
Hi, thanks a lot Alex and Larry for your very clear answer! Paola, On Fri, Mar 4, 2011 at 4:33 PM, la...@garfieldtech.com la...@garfieldtech.com wrote: That's called method chaining. -getColumns() will get called on the object returned by -getTable(). That is, getTable() returns an object (presumably representing an SQL table, I guess), and that object has a getColumns() method, which you call. This is an extremely common style in Javascript code that has been gaining widespread use in PHP OO circles in recent years. If leveraged properly it can create very compact, very readable, very powerful code. (And if done stupidly can lead to a horrid mess, but that's true of any coding style.) --Larry Garfield On 3/4/11 1:25 PM, Paola Alvarez wrote: Hi there!, I have been reading this list before but this is my first post. Reading some code from Symfony I got this: $this-getTable()-getColumns() ...when you can use this double method access?, I used before the regular $this-getTable(), but two?. I mean I have been trying but I got an error* * Fatal error: Call to a member function ... on a non-object in ... Thanks! Paola PS: BTW, sorry my english isnt really good -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Overriding session length in existing session?
I think that my suggestion is still a valid solution, someone correct
me if I'm wrong. Let's say your code went like this:
session_start();
// Check to see if the session variable has already been set, if not
if (!isset($_SESSION['var'])){
// Check to see if it's been stored in a cookie
if (isset($_COOKIE['var'])){
$_SESSION['var'] = $_COOKIE['var'];
}
// If not, set the session variable and store it in a cookie for 7 days
else{
$_SESSION['var'] = value;
setcookie (var, $_SESSION['var'], time()+86400 * 7, /,
.domain.com);
}
}
echo Here I am using my session variable, it's value is .$_SESSION['var'];
So if that's in the header of every page, but you want to make an
acception if the person is using a public computer, you just add
something like:
if ($_POST['public_terminal'] === TRUE){
// Delete the cookie
setcookie(var,,time() - 3600);
}
echo Here I am *still* using my session variable, it's value is
.$_SESSION['var']. and it will expire when the browser closes;
Marc
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Returning a recordset to a desktop app
Hi All. I have a Windows desktop app that I created using Visual Foxpro (a database app). I want to write a PHP script that I will call from my desktop app. The script will simply query a MySQL database on my web server and return the recordset to the desktop app. My question is simply this: What is the preferred method for passing this recordset back to the desktop app? I'm assuming that there's no reasonable way to send a recordset back without converting it to an array or XML or an object or something? How do I return the data in the recordset to the desktop app? Thanks for your advice. Ken Watkins -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Returning a recordset to a desktop app
Assuming you mean that the PHP script is on a web server somewhere and the desktop app is hitting it over HTTP, it's no different than any other response. Anything you print will be sent back to the client, in this case your desktop a.. So if you want to send XML back, you'd build a string with your XML (either manually or using the DOM or SimpleXML APIs or a 3rd party like QueryPath or whatever floats your boat) and print it, just as you would HTML. Note that you may need to explicitly set headers with header() to make sure the desktop app reads it properly. --Larry Garfield On 3/4/11 5:48 PM, Ken Watkins wrote: Hi All. I have a Windows desktop app that I created using Visual Foxpro (a database app). I want to write a PHP script that I will call from my desktop app. The script will simply query a MySQL database on my web server and return the recordset to the desktop app. My question is simply this: What is the preferred method for passing this recordset back to the desktop app? I'm assuming that there's no reasonable way to send a recordset back without converting it to an array or XML or an object or something? How do I return the data in the recordset to the desktop app? Thanks for your advice. Ken Watkins -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Possible bug in PHP 5.3.5 with OAuth extension?
Correction: I stated the incorrect version of PHP that does not seem to have this issue. The version of PHP that works correctly is 5.3.2, not 5.3.3. Thanks, daniel On Fri, Mar 4, 2011 at 11:40 AM, Daniel Hong dan...@amagineinc.com wrote: Hello, I'm using the PHP OAuth extension and running into a strange issue. I'm not sure if it's a bug in PHP 5.3.5, or if it's a bug in the OAuth extension when installed on a system with PHP 5.3.5. On a machine with PHP 5.3.5, when I call OAuth::fetch() with http method of POST, the debug info is showing that it is sending as a GET request. As a result, the resource that I'm fetching returns with failure since it will only respond to a POST request. I tested this out on two different machines, and getting the same result on both. One machine is Ubuntu 10.04 with nginx 0.8.54 and PHP 5.3.5. The other is CentOS 5.5 with apache 2.2 and PHP 5.3.5. I have another Ubuntu 10.04 machine with PHP 5.3.3, and I am not having this issue on that machine. The OAuth debug info is correctly showing http method of POST. I guess I'll need to use PHP 5.3.3 in the mean time, but it would be great to know what the problem is. Thanks, daniel
Re: [PHP] Re: Possible bug in PHP 5.3.5 with OAuth extension?
On 3/4/2011 5:18 PM, Daniel Hong wrote: Correction: I stated the incorrect version of PHP that does not seem to have this issue. The version of PHP that works correctly is 5.3.2, not 5.3.3. Can you give us an example of what you are doing? Jim Lucas Thanks, daniel On Fri, Mar 4, 2011 at 11:40 AM, Daniel Hong dan...@amagineinc.com wrote: Hello, I'm using the PHP OAuth extension and running into a strange issue. I'm not sure if it's a bug in PHP 5.3.5, or if it's a bug in the OAuth extension when installed on a system with PHP 5.3.5. On a machine with PHP 5.3.5, when I call OAuth::fetch() with http method of POST, the debug info is showing that it is sending as a GET request. As a result, the resource that I'm fetching returns with failure since it will only respond to a POST request. I tested this out on two different machines, and getting the same result on both. One machine is Ubuntu 10.04 with nginx 0.8.54 and PHP 5.3.5. The other is CentOS 5.5 with apache 2.2 and PHP 5.3.5. I have another Ubuntu 10.04 machine with PHP 5.3.3, and I am not having this issue on that machine. The OAuth debug info is correctly showing http method of POST. I guess I'll need to use PHP 5.3.3 in the mean time, but it would be great to know what the problem is. Thanks, daniel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Possible bug in PHP 5.3.5 with OAuth extension?
Hi Jim,
I'm using oauth to connect to Dropbox. The OAuth::getRequestToken()
and OAuth::getAccessToken()
works without a problem since (assuming) those are sent over the wire as a
GET request. When I try to issue a fetch command, for example:
$oauth-enableDebug()
$oauth-fetch('https://api.dropbox.com/0/account', array(),
OAUTH_HTTP_METHOD_POST);
print_r($oauth-debugInfo);
In the debug info, the SBS string is showing that the http request method
was GET, not POST.
When I execute the same code on a machine running PHP 5.3.2, the SBS string
shows POST.
I took a look at the source for the oauth extension, it looks like requests
could be made with PHP streams or with curl, but I couldn't tell what was
the default. There is an OAuth::setRequestEngine() which you can pass in a
constant for using either PHP streams or curl. The constant for using curl
(OAUTH_REQENGINE_CURL) doesn't exist. When I try to print the constant, it
just shows the undefined error message. I have the latest version of the
oauth extension installed, so not sure what's wrong.
When I view phpinfo, under oauth, it shows Request engine support is
php_streams. But I'm not sure this entirely matters since on the server that
does work, phpinfo shows that Request engine support is also php_streams.
On a side question, why is it only showing that php_streams is supported?
Why not curl as well? The php curl package is installed...
Thanks,
daniel
On Fri, Mar 4, 2011 at 5:30 PM, Jim Lucas li...@cmsws.com wrote:
On 3/4/2011 5:18 PM, Daniel Hong wrote:
Correction:
I stated the incorrect version of PHP that does not seem to have this
issue.
The version of PHP that works correctly is 5.3.2, not 5.3.3.
Can you give us an example of what you are doing?
Jim Lucas
Thanks,
daniel
On Fri, Mar 4, 2011 at 11:40 AM, Daniel Hong dan...@amagineinc.com
wrote:
Hello,
I'm using the PHP OAuth extension and running into a strange issue. I'm
not
sure if it's a bug in PHP 5.3.5, or if it's a bug in the OAuth extension
when installed on a system with PHP 5.3.5.
On a machine with PHP 5.3.5, when I call OAuth::fetch() with http method
of
POST, the debug info is showing that it is sending as a GET request. As
a
result, the resource that I'm fetching returns with failure since it
will
only respond to a POST request. I tested this out on two different
machines,
and getting the same result on both. One machine is Ubuntu 10.04 with
nginx
0.8.54 and PHP 5.3.5. The other is CentOS 5.5 with apache 2.2 and PHP
5.3.5.
I have another Ubuntu 10.04 machine with PHP 5.3.3, and I am not having
this issue on that machine. The OAuth debug info is correctly showing
http
method of POST.
I guess I'll need to use PHP 5.3.3 in the mean time, but it would be
great
to know what the problem is.
Thanks,
daniel
Re: [PHP] Re: Possible bug in PHP 5.3.5 with OAuth extension?
Ok, I'm such a dud. Looks like someone had already reported this exact bug
http://pecl.php.net/bugs/bug.php?id=22485
I actually was looking at the problematic method in the source, but didn't
catch the problem. But now that someone has pointed it out, it's so obvious.
I deserve a slap on the back of my head!
I've gone and install version 1.0.0 for the time being, seems to be working
fine.
-daniel
On Fri, Mar 4, 2011 at 6:19 PM, Daniel Hong dan...@amagineinc.com wrote:
Hi Jim,
I'm using oauth to connect to Dropbox. The OAuth::getRequestToken() and
OAuth::getAccessToken()
works without a problem since (assuming) those are sent over the wire as a
GET request. When I try to issue a fetch command, for example:
$oauth-enableDebug()
$oauth-fetch('https://api.dropbox.com/0/account', array(),
OAUTH_HTTP_METHOD_POST);
print_r($oauth-debugInfo);
In the debug info, the SBS string is showing that the http request method
was GET, not POST.
When I execute the same code on a machine running PHP 5.3.2, the SBS string
shows POST.
I took a look at the source for the oauth extension, it looks like requests
could be made with PHP streams or with curl, but I couldn't tell what was
the default. There is an OAuth::setRequestEngine() which you can pass in a
constant for using either PHP streams or curl. The constant for using curl
(OAUTH_REQENGINE_CURL) doesn't exist. When I try to print the constant, it
just shows the undefined error message. I have the latest version of the
oauth extension installed, so not sure what's wrong.
When I view phpinfo, under oauth, it shows Request engine support is
php_streams. But I'm not sure this entirely matters since on the server that
does work, phpinfo shows that Request engine support is also php_streams.
On a side question, why is it only showing that php_streams is supported?
Why not curl as well? The php curl package is installed...
Thanks,
daniel
On Fri, Mar 4, 2011 at 5:30 PM, Jim Lucas li...@cmsws.com wrote:
On 3/4/2011 5:18 PM, Daniel Hong wrote:
Correction:
I stated the incorrect version of PHP that does not seem to have this
issue.
The version of PHP that works correctly is 5.3.2, not 5.3.3.
Can you give us an example of what you are doing?
Jim Lucas
Thanks,
daniel
On Fri, Mar 4, 2011 at 11:40 AM, Daniel Hong dan...@amagineinc.com
wrote:
Hello,
I'm using the PHP OAuth extension and running into a strange issue. I'm
not
sure if it's a bug in PHP 5.3.5, or if it's a bug in the OAuth
extension
when installed on a system with PHP 5.3.5.
On a machine with PHP 5.3.5, when I call OAuth::fetch() with http
method of
POST, the debug info is showing that it is sending as a GET request. As
a
result, the resource that I'm fetching returns with failure since it
will
only respond to a POST request. I tested this out on two different
machines,
and getting the same result on both. One machine is Ubuntu 10.04 with
nginx
0.8.54 and PHP 5.3.5. The other is CentOS 5.5 with apache 2.2 and PHP
5.3.5.
I have another Ubuntu 10.04 machine with PHP 5.3.3, and I am not having
this issue on that machine. The OAuth debug info is correctly showing
http
method of POST.
I guess I'll need to use PHP 5.3.3 in the mean time, but it would be
great
to know what the problem is.
Thanks,
daniel
[PHP] $GLOBALS example script on php.net
Dear all,
I was reading this page
http://php.net/manual/en/reserved.variables.globals.php and I found the
following script there :
Here's a function which returns an array of all user defined global
variables:
?php
function globals() {
$globals = $GLOBALS;
foreach (array(
'GLOBALS',
'_ENV',
'HTTP_ENV_VARS',
'_POST',
'HTTP_POST_VARS',
'_GET',
'HTTP_GET_VARS',
'_COOKIE',
'HTTP_COOKIE_VARS',
'_SERVER',
'HTTP_SERVER_VARS',
'_FILES',
'HTTP_POST_FILES',
'_REQUEST'
) as $var) {
unset($globals[$var]);
}
return $globals;
}
?
I think that this script UNSETS each supergobal variable,but page says that
it returns ALL user defined vars ? Can some one tell me how that is ?
Thank you,
Ashim
[PHP] PHP5.3.5: error message for date()
After a long battle to get my system back on air after a hard disk crash, I got PHP 5.3.5 running under Apache 2.2.3. I now get a diagnostic every time I call date(), complaining about a missing parameter. The manual states that the second parameter is optional, and even phpinfo doesn't know about this new requirement, as it contains the same diagnostic: Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 . Is this a bug, or a new requirement we will have to get used to? Roger Riordan AM -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP5.3.5: error message for date()
On 5/03/2011, at 8:29 PM, clanc...@cybec.com.au wrote: After a long battle to get my system back on air after a hard disk crash, I got PHP 5.3.5 running under Apache 2.2.3. I now get a diagnostic every time I call date(), complaining about a missing parameter. The manual states that the second parameter is optional, and even phpinfo doesn't know about this new requirement, as it contains the same diagnostic: Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Australia/Melbourne' for '11.0/DST' instead in D:\Websites\index.php on line 1 . Is this a bug, or a new requirement we will have to get used to? Roger Riordan AM It's not complaining about a missing parameter, it's complaining about the lack of a specified timezone. This warning was introduced in PHP5.1, and you either need to set the date.timezone INI setting, either in your php.ini or by using ini_set(), or by passing a valid timezone to date_default_timezone_set() before calling any other date-related functions. --- Simon Welsh Admin of http://simon.geek.nz/ Who said Microsoft never created a bug-free program? The blue screen never, ever crashes! http://www.thinkgeek.com/brain/gimme.cgi?wid=81d520e5e -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
