php-general Digest 24 Jun 2011 12:57:37 -0000 Issue 7373
php-general Digest 24 Jun 2011 12:57:37 - Issue 7373 Topics (messages 313685 through 313692): Call to undefined function 313685 by: admin.buskirkgraphics.com 313686 by: Shiplu Mokaddim 313688 by: admin.buskirkgraphics.com Get all the keys from a hierarchical hash 313687 by: Scott Baker 313689 by: Fatih P. Manipulate Request Headers after Redirect 313690 by: Louis Huppenbauer Re: Create a hierarchical hash from flat source 313691 by: Paul M Foster Re: this newsgroup and OE 313692 by: Jonesy Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- I am running a scheduled task for the first time since switching from linux to Windows IIS I am getting an error when the task runs. Fatal error: Call to undefined function mysql_connect() I ran php.exe -m to see that the MySQL Module is loaded. I have no issues unless I am running a php file in the Scheduled task. Any help would be appreciated Richard L. Buskirk ---End Message--- ---BeginMessage--- Sent from a handheld device On 24-Jun-2011, at 5:53 AM, ad...@buskirkgraphics.com wrote: I am running a scheduled task for the first time since switching from linux to Windows IIS I am getting an error when the task runs. Fatal error: Call to undefined function mysql_connect() I ran php.exe -m to see that the MySQL Module is loaded. I have no issues unless I am running a php file in the Scheduled task. Any help would be appreciated Richard, Create a sample scheduled task with a sample.php file. In that file call phpinfo() and save that content. After finishing the task find the configuration file (php.ini) location in your saved content. Just make sure mysql is activated there. Good luck Richard L. Buskirk ---End Message--- ---BeginMessage--- Okay, I am just start apologizing for my own ignorance. In the task scheduler I told the php.exe to use a older configuration file. TOTALLY my fault, seems PHP.ini file I used for the web was not the one I pointed the task manager at. Resolved and I will crawl back under my rock and read more about the proper Arguments for task manager next time before I post. Thanks Shiplu, and Negin for all your help. Richard L. Buskirk -Original Message- From: Shiplu Mokaddim [mailto:muquad...@gmail.com] Sent: Thursday, June 23, 2011 9:42 PM To: ad...@buskirkgraphics.com Cc: php-gene...@lists.php.net Subject: Re: [PHP] Call to undefined function Sent from a handheld device On 24-Jun-2011, at 5:53 AM, ad...@buskirkgraphics.com wrote: I am running a scheduled task for the first time since switching from linux to Windows IIS I am getting an error when the task runs. Fatal error: Call to undefined function mysql_connect() I ran php.exe -m to see that the MySQL Module is loaded. I have no issues unless I am running a php file in the Scheduled task. Any help would be appreciated Richard, Create a sample scheduled task with a sample.php file. In that file call phpinfo() and save that content. After finishing the task find the configuration file (php.ini) location in your saved content. Just make sure mysql is activated there. Good luck Richard L. Buskirk ---End Message--- ---BeginMessage--- I have a multi-tier hash (see below) and I'd like to be search the hash for a given $id, and return that section, regardless of how many layers deep it is. Sort of like how xpath works? Once I have that I'd like get ALL the children of a given node. So I could ask for 86, and get 36, 38, 56, etc and all THEIR children. Basically I want *all* the ID #s that are children. Array ( [88] = Array ( [109] = ) [86] = Array ( [36] = Array ( [8] = [121] = [127] = [135] = [144] = [161] = [165] = ) [38] = Array ( [18] = [39] = [156] = [158] = [182] = ) [56] = [97] = [107] = Array ( [240] = ) [115] = [123] = [146] = [149] = [223] = ) [157] = Array ( [3] = Array ( [5] = Array ( [11] = ) [13] = Array
php-general Digest 25 Jun 2011 04:13:51 -0000 Issue 7374
php-general Digest 25 Jun 2011 04:13:51 - Issue 7374 Topics (messages 313693 through 313715): Re: Manipulate Request Headers after Redirect 313693 by: Louis Huppenbauer 313696 by: Arthur Moczulski 313697 by: Louis Huppenbauer Re: [PHP-DB] Re: radio form submission 313694 by: Tamara Temple 313698 by: Chris Stinemetz 313700 by: Vitalii Demianets 313701 by: Richard Quadling 313703 by: Tamara Temple 313707 by: Richard Quadling 313708 by: Chris Stinemetz 313711 by: Jim Giner 313714 by: Andre Polykanine Re: php session_start dead lock 313695 by: Zaccone, Warren How PHP handles memory on exit 313699 by: Brad Lorge Upgrade or Die? 313702 by: admin.buskirkgraphics.com 313704 by: Richard S. Crawford 313705 by: james.nixsecurity.org 313706 by: Andy McKenzie 313709 by: Ashley Sheridan 313710 by: Robert Cummings 313712 by: Richard Quadling 313713 by: Nam Gi VU 313715 by: admin.buskirkgraphics.com Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Thanks for your response, but I don't think that will do. First - SERVER_PORT is the port the apache/iis/whatever server is working with (usually 80 or 443) Second - That would still be manipulating the headers for the response (As php mostly just generates the response, and not the request). I'm thinking more and more that this is not really a php-question (as it is server-side), but more of a js-question (client-side). thanks anyway! louis 2011/6/24 ad...@buskirkgraphics.com: Try If($_SERVER['SERVER_PORT'] == 302) { header('Referer: example.net'); } Richard L. Buskirk -Original Message- From: Louis Huppenbauer [mailto:louis.huppenba...@gmail.com] Sent: Friday, June 24, 2011 3:05 AM To: php-gene...@lists.php.net Subject: [PHP] Manipulate Request Headers after Redirect Hi there! I just have a small question concerning the http-protocol and php (and in specific the header-function, i think). Is it possible to manipulate the headers for the request which is sent after a 302-header? eg: Response: header('Referer: example.com'); header('Location: example.net'); Request (for the 302): header('Referer: example.net'); header('Cache: max-age=0); I think I need that for a login to a tomcat app from an external php-form. As of now the Login works fine, I just have to reload the page to actually be logged in (and that is quite a bother). Sincerely yours Louis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ---End Message--- ---BeginMessage--- Hey, this is what I understand: you want to manipulate headers of the request sent by the client directly after receiving a 302 response? If that's the case, than read further ;) Any client goes through the following process while communicating with a web-server: 1. get IP address from the domain (achieved thanks to DNSs) 2. create an IP socket connection with the obtained IP address 3. write an HTTP request through the socket 4. receive an HTTP response from the web-server. the answer will include status compatible with the HTTP protocol. In your example this process is repeated twice: 1. get ip of domain using dns 2. open a connection 3. write an http request to the socket 4. receive http with 302 status (the client as an http protocol compliant software continues with the alternative url provided by the 302 response) 5. get ip of domain specified as alternative url in received 302 using dns 6. open a new connection 7. write an http request to the newly opened socket 8. receive http response from web-server Your problem is exactly between point 4 and 5. Unfortunately for you that's client software's work to determine what will be done next. HTTP compliant software (which every browser is) will follow the redirection. So, unless a client provides you with some way of manipulating this behaviour, which is quite unlikely, this can't be done. Javascript won't be too much help in here as js scripts loaded into the browser live only in the lifetime of displaying the specific response. As 302 responses can't include any content like javascript code which can live in the lifetime of processing the response, so you can't control what's going on in here. The only way that comes my mind is to check if 302 response can hold any force behaviour sort of information which is taken under consideration by the client. Unfortunately, I don't think HTTP protocol specification defines anything like that (however something definitely worth checking). What you
Re: [PHP] Get all the keys from a hierarchical hash
use recursive calls to fetch them all in one array and there will be memory cost. refer array_keys function: http://php.net/manual/en/function.array-keys.php not sure but this should be working. function *get_keys_recursive*($arr) { while (list($k, $v) = each($arr)) { if (is_array($v) === true) { return array_keys(array_merge($v,* get_array_keys*($v))); } else { return array_keys($k); } } } On Thu, Jun 23, 2011 at 11:17 PM, Scott Baker bak...@canbytel.com wrote: I have a multi-tier hash (see below) and I'd like to be search the hash for a given $id, and return that section, regardless of how many layers deep it is. Sort of like how xpath works? Once I have that I'd like get ALL the children of a given node. So I could ask for 86, and get 36, 38, 56, etc and all THEIR children. Basically I want *all* the ID #s that are children. Array ( [88] = Array ( [109] = ) [86] = Array ( [36] = Array ( [8] = [121] = [127] = [135] = [144] = [161] = [165] = ) [38] = Array ( [18] = [39] = [156] = [158] = [182] = ) [56] = [97] = [107] = Array ( [240] = ) [115] = [123] = [146] = [149] = [223] = ) [157] = Array ( [3] = Array ( [5] = Array ( [11] = ) [13] = Array ( [6] = [7] = [98] = Array ( [81] = ) ) [111] = Array ( [10] = [17] = [110] = ) ) [148] = Array ( [9] = [87] = [102] = [104] = [114] = [130] = [133] = [160] = [201] = [237] = [238] = ) ) ) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Manipulate Request Headers after Redirect
Hi there! I just have a small question concerning the http-protocol and php (and in specific the header-function, i think). Is it possible to manipulate the headers for the request which is sent after a 302-header? eg: Response: header('Referer: example.com'); header('Location: example.net'); Request (for the 302): header('Referer: example.net'); header('Cache: max-age=0); I think I need that for a login to a tomcat app from an external php-form. As of now the Login works fine, I just have to reload the page to actually be logged in (and that is quite a bother). Sincerely yours Louis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Create a hierarchical hash from flat source
On Thu, Jun 23, 2011 at 01:57:24PM -0400, Robert Cummings wrote: On 11-06-23 12:54 PM, Tamara Temple wrote: On Jun 22, 2011, at 5:24 PM, Scott Baker wrote: On 06/22/2011 03:17 PM, Simon J Welsh wrote: You still need to pass the value by reference to assign_children(), so: $new =$leaf[$pid]; assign_children($pid,$list,$new); One last thing I fixed was that PHP was complaining that run-time pass by reference was deprecated. I changed assign_children to be function assign_children($id,$list,$leaf) Which solved that also! Ah, pointers, how we love them. The bane of every CS undergrad. Bane? I thought they were elegant :) The way you know they're *not* elegant is that hardly any language since C has included them. We worship at the alter of languages with garbage collection. ;-} Paul -- Paul M. Foster http://noferblatz.com http://quillandmouse.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: this newsgroup and OE
On Wed, 22 Jun 2011 11:38:22 -0400, Jim Giner wrote: Well - it's a secret until one asks I guess. Thanks Shawn for the info. Since you say it's been happening for years, I guess there's no hope for resolution. Can you or someone else recommend a newsgroup client that functions better with this group? slrn has worked for me with Gmane ng's for many years. Currently using slrn 0.9.9p1 under FreeBSD. HTH, Jonesy -- Marvin L Jones| jonz | W3DHJ | linux 38.24N 104.55W | @ config.com | Jonesy | OS/2 * Killfiling google banter.com: jonz.net/ng.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Manipulate Request Headers after Redirect
Thanks for your response, but I don't think that will do. First - SERVER_PORT is the port the apache/iis/whatever server is working with (usually 80 or 443) Second - That would still be manipulating the headers for the response (As php mostly just generates the response, and not the request). I'm thinking more and more that this is not really a php-question (as it is server-side), but more of a js-question (client-side). thanks anyway! louis 2011/6/24 ad...@buskirkgraphics.com: Try If($_SERVER['SERVER_PORT'] == 302) { header('Referer: example.net'); } Richard L. Buskirk -Original Message- From: Louis Huppenbauer [mailto:louis.huppenba...@gmail.com] Sent: Friday, June 24, 2011 3:05 AM To: php-general@lists.php.net Subject: [PHP] Manipulate Request Headers after Redirect Hi there! I just have a small question concerning the http-protocol and php (and in specific the header-function, i think). Is it possible to manipulate the headers for the request which is sent after a 302-header? eg: Response: header('Referer: example.com'); header('Location: example.net'); Request (for the 302): header('Referer: example.net'); header('Cache: max-age=0); I think I need that for a login to a tomcat app from an external php-form. As of now the Login works fine, I just have to reload the page to actually be logged in (and that is quite a bother). Sincerely yours Louis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [PHP-DB] Re: radio form submission
On Jun 24, 2011, at 6:28 AM, Chris Stinemetz wrote: So I am trying to keep this simple and just assign the value with the radio button and then insert it into mysql database, but with the following code I am getting the mysql error: Unknown column '250kbps' in 'field list' when I choose the first radio button. I think it has to do with the value being a string, but I haven't been able to figure out the fix. This one's fairly simple. You need to surround string values in the SQL with quote marks (single or double will do so it doesn't get confused about what the value you're trying insert is. . $_POST['post_tptest'] . , ' . $_POST['post_tptest'] . ', Since you're using double quotes to enclose the SQL statement, use single quotes to enclose the actual string you're inserting. Did you know that if you use a PHP variable inside a double quoted string it will be interpolated correctly? No need to break it up with concatenation, etc., if you don't want to. It's possibly debatable which is the best practice and which is a bigger performance hit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php session_start dead lock
We ran the checks and found no problems with the disks. All disks are accessible, there are no I/O errors or disk access errors. What has me bewildered is this started happening quite recently. If it's not hardware, then perhaps a new usage pattern is revealing a flaw in our php session handling code. I have a suspicion it may be related our use of AJAX. When a page is loaded in the browser we invoke PHP scripts asynchronously while another page may still be loading, which could cause two threads at the same time to want to lock the same session file in /var/tmp. I am wondering if such a thing could result in a perpetual deadlock in php_flock when invoked from session_start. We have a PHP script loading a page and from the page we have a javascript invoking another php script via Ajax which posts data that refreshes content dynamically via the DOM. The script that is invoked via AJAX is not calling session_start, it is invoking session_id() only. Yet it works. It does reuse the same session id as we establish context with a database using it. I am going to play with this and see if adding session_start before session_id() in the php script that is executed via AJAX may be involved. When you said, there could be other things - please share some other ideas. perhaps others have seen this? as well as if anyone thinks this theory has validity. thank you. -Original Message- From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of Daniel Brown Sent: Thursday, June 23, 2011 3:42 PM To: Zaccone, Warren Cc: php-general@lists.php.net Subject: Re: [PHP] php session_start dead lock On Thu, Jun 23, 2011 at 15:27, Zaccone, Warren wzacc...@telcordia.com wrote: We recently started experiencing a problem on our server (httpd 2.2.19, PHP 5.3.6) where all of the apache child processes hang in PHP code and no longer process requests. I am running Apache as prefork on Solaris 10 with 256 children, and found that within a few minutes all 256 httpd child processes are stuck, and it's always in the same place within php_session_start in a php_flock call. Stack trace is shown below. The file it is trying to flock is /var/tmp/sess_2e39aabaf226819b67f29da477892e91. May want to consider fsck'ing that drive, Warren. You may have some bad clusters that are causing disk I/O issues. Just one of many possibilities, of course, but the least favorite of all, obviously. -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Manipulate Request Headers after Redirect
Hey, this is what I understand: you want to manipulate headers of the request sent by the client directly after receiving a 302 response? If that's the case, than read further ;) Any client goes through the following process while communicating with a web-server: 1. get IP address from the domain (achieved thanks to DNSs) 2. create an IP socket connection with the obtained IP address 3. write an HTTP request through the socket 4. receive an HTTP response from the web-server. the answer will include status compatible with the HTTP protocol. In your example this process is repeated twice: 1. get ip of domain using dns 2. open a connection 3. write an http request to the socket 4. receive http with 302 status (the client as an http protocol compliant software continues with the alternative url provided by the 302 response) 5. get ip of domain specified as alternative url in received 302 using dns 6. open a new connection 7. write an http request to the newly opened socket 8. receive http response from web-server Your problem is exactly between point 4 and 5. Unfortunately for you that's client software's work to determine what will be done next. HTTP compliant software (which every browser is) will follow the redirection. So, unless a client provides you with some way of manipulating this behaviour, which is quite unlikely, this can't be done. Javascript won't be too much help in here as js scripts loaded into the browser live only in the lifetime of displaying the specific response. As 302 responses can't include any content like javascript code which can live in the lifetime of processing the response, so you can't control what's going on in here. The only way that comes my mind is to check if 302 response can hold any force behaviour sort of information which is taken under consideration by the client. Unfortunately, I don't think HTTP protocol specification defines anything like that (however something definitely worth checking). What you can try though is extending whole the communication between client and web-server. So: 1. send the original request 2. receive the 302 response 3. send the request for alternative url 4. web-server checks the referrer of the request received and sends an answer needed, so you receive a response which guides your client To achieve that you need an access to the server-side application. Let me know if that's any help. On 24 June 2011 08:37, Louis Huppenbauer louis.huppenba...@gmail.comwrote: Thanks for your response, but I don't think that will do. First - SERVER_PORT is the port the apache/iis/whatever server is working with (usually 80 or 443) Second - That would still be manipulating the headers for the response (As php mostly just generates the response, and not the request). I'm thinking more and more that this is not really a php-question (as it is server-side), but more of a js-question (client-side). thanks anyway! louis 2011/6/24 ad...@buskirkgraphics.com: Try If($_SERVER['SERVER_PORT'] == 302) { header('Referer: example.net'); } Richard L. Buskirk -Original Message- From: Louis Huppenbauer [mailto:louis.huppenba...@gmail.com] Sent: Friday, June 24, 2011 3:05 AM To: php-general@lists.php.net Subject: [PHP] Manipulate Request Headers after Redirect Hi there! I just have a small question concerning the http-protocol and php (and in specific the header-function, i think). Is it possible to manipulate the headers for the request which is sent after a 302-header? eg: Response: header('Referer: example.com'); header('Location: example.net'); Request (for the 302): header('Referer: example.net'); header('Cache: max-age=0); I think I need that for a login to a tomcat app from an external php-form. As of now the Login works fine, I just have to reload the page to actually be logged in (and that is quite a bother). Sincerely yours Louis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Manipulate Request Headers after Redirect
Thank you for your answer! You are more or less correct - And as I saw it to be too much work (or just more or less impossible) I changed my approach to the problem. I am now sending several separated request with JavaScript (jQuery to be exact) without a 302, since I know in advance where I'll have to go anyway. So this issue can be considered closed! Sincerely yours Louis 2011/6/24 Arthur Moczulski arthur.moczul...@gmail.com: Hey, this is what I understand: you want to manipulate headers of the request sent by the client directly after receiving a 302 response? If that's the case, than read further ;) Any client goes through the following process while communicating with a web-server: 1. get IP address from the domain (achieved thanks to DNSs) 2. create an IP socket connection with the obtained IP address 3. write an HTTP request through the socket 4. receive an HTTP response from the web-server. the answer will include status compatible with the HTTP protocol. In your example this process is repeated twice: 1. get ip of domain using dns 2. open a connection 3. write an http request to the socket 4. receive http with 302 status (the client as an http protocol compliant software continues with the alternative url provided by the 302 response) 5. get ip of domain specified as alternative url in received 302 using dns 6. open a new connection 7. write an http request to the newly opened socket 8. receive http response from web-server Your problem is exactly between point 4 and 5. Unfortunately for you that's client software's work to determine what will be done next. HTTP compliant software (which every browser is) will follow the redirection. So, unless a client provides you with some way of manipulating this behaviour, which is quite unlikely, this can't be done. Javascript won't be too much help in here as js scripts loaded into the browser live only in the lifetime of displaying the specific response. As 302 responses can't include any content like javascript code which can live in the lifetime of processing the response, so you can't control what's going on in here. The only way that comes my mind is to check if 302 response can hold any force behaviour sort of information which is taken under consideration by the client. Unfortunately, I don't think HTTP protocol specification defines anything like that (however something definitely worth checking). What you can try though is extending whole the communication between client and web-server. So: 1. send the original request 2. receive the 302 response 3. send the request for alternative url 4. web-server checks the referrer of the request received and sends an answer needed, so you receive a response which guides your client To achieve that you need an access to the server-side application. Let me know if that's any help. On 24 June 2011 08:37, Louis Huppenbauer louis.huppenba...@gmail.com wrote: Thanks for your response, but I don't think that will do. First - SERVER_PORT is the port the apache/iis/whatever server is working with (usually 80 or 443) Second - That would still be manipulating the headers for the response (As php mostly just generates the response, and not the request). I'm thinking more and more that this is not really a php-question (as it is server-side), but more of a js-question (client-side). thanks anyway! louis 2011/6/24 ad...@buskirkgraphics.com: Try If($_SERVER['SERVER_PORT'] == 302) { header('Referer: example.net'); } Richard L. Buskirk -Original Message- From: Louis Huppenbauer [mailto:louis.huppenba...@gmail.com] Sent: Friday, June 24, 2011 3:05 AM To: php-general@lists.php.net Subject: [PHP] Manipulate Request Headers after Redirect Hi there! I just have a small question concerning the http-protocol and php (and in specific the header-function, i think). Is it possible to manipulate the headers for the request which is sent after a 302-header? eg: Response: header('Referer: example.com'); header('Location: example.net'); Request (for the 302): header('Referer: example.net'); header('Cache: max-age=0); I think I need that for a login to a tomcat app from an external php-form. As of now the Login works fine, I just have to reload the page to actually be logged in (and that is quite a bother). Sincerely yours Louis -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
That worked perfectly! Thank you, Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How PHP handles memory on exit
Hey All, I have a question pertaining to how PHP handles the residual values in memory once a thread exits. I am working on some credit card processing logic and would like to ensure that the values I am working with are not being left to their own fortune after the application exits. Out of habbit, I have just been overwriting all the sensitive variables with x's (strings only). The concerns I have are: - Am I wasting my time? Does PHP already do this? - If a sensitive var had somehow been cast as an int, and then I overwrite it as a string, does that just change the pointer to another * copy* of the var typecast, or does it actually overwrite the original? - Does PHP store the argv/$_SERVER/$_REQUEST vars anywhere other than what is reachable in userland? If so is there a way to ensure they do not persist? Any help you can provide would be hugely useful! Regards, Brad
Re: [PHP] Re: [PHP-DB] Re: radio form submission
On Friday 24 June 2011 17:28:08 Chris Stinemetz wrote: That worked perfectly! And will work, until you decide to put quotes in button name for some reason. And until some malicious user forge POST request with $_POST['post_tptest'] = '; DROP DATABASE; -- But you can use prepared statements to be safe ) ...and they don't need all those fancy quoting/escaping/sanitizing ...and they have advantages for repetitive operations. And furthermore, I think Carthage must be destroyed. -- Vitalii -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
On 24 June 2011 15:44, Vitalii Demianets vi...@nppfactor.kiev.ua wrote: On Friday 24 June 2011 17:28:08 Chris Stinemetz wrote: That worked perfectly! And will work, until you decide to put quotes in button name for some reason. And until some malicious user forge POST request with $_POST['post_tptest'] = '; DROP DATABASE; -- But you can use prepared statements to be safe ) ...and they don't need all those fancy quoting/escaping/sanitizing ...and they have advantages for repetitive operations. And furthermore, I think Carthage must be destroyed. http://xkcd.com/327/ -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Upgrade or Die?
In shifting gears to a faster pace of development and release, Mozilla has opted to abandon security support for Firefox 4 immediately upon the release of version 5, which came out this week. This could be a risky move, since many users neglect to update their browsers immediately for various reasons, despite the pop-up reminders Firefox periodically displays. I will never understand this mindset. Full story : http://www.technewsworld.com/edpick/72739.html Richard L. Buskirk
Re: [PHP] Re: [PHP-DB] Re: radio form submission
On Jun 24, 2011, at 10:28 AM, Richard Quadling wrote: On 24 June 2011 15:44, Vitalii Demianets vi...@nppfactor.kiev.ua wrote: And furthermore, I think Carthage must be destroyed. Let's haul out the PHP war wagons! http://xkcd.com/327/ I so wanted to rename my daughter Little Chelsea Tables after I read that one. Randall is one mean mofo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade or Die?
That is indeed frustrating. I upgraded to FF 4 a month ago or so, and it's been nothing but a hassle. Out of frustration, I switched to Chrome, and I haven't looked back. On Fri, Jun 24, 2011 at 10:16 AM, ad...@buskirkgraphics.com wrote: In shifting gears to a faster pace of development and release, Mozilla has opted to abandon security support for Firefox 4 immediately upon the release of version 5, which came out this week. This could be a risky move, since many users neglect to update their browsers immediately for various reasons, despite the pop-up reminders Firefox periodically displays. I will never understand this mindset. Full story : http://www.technewsworld.com/edpick/72739.html Richard L. Buskirk -- Sláinte, Richard S. Crawford (rich...@underpope.com) http://www.underpope.com Publisher and Editor in Chief, Daikaijuzine (http://www.daikaijuzine.com)
Re: [PHP] Upgrade or Die?
Chrome. Enough said. Now, if we can only convince the rest of the world ... Original Message From: ad...@buskirkgraphics.com To: php-general@lists.php.net Sent: Fri, Jun 24, 2011, 1:17 PM Subject: [PHP] Upgrade or Die? In shifting gears to a faster pace of development and release, Mozilla has opted to abandon security support for Firefox 4 immediately upon the release of version 5, which came out this week. This could be a risky move, since many users neglect to update their browsers immediately for various reasons, despite the pop-up reminders Firefox periodically displays. I will never understand this mindset. Full story : http://www.technewsworld.com/edpick/72739.html Richard L. Buskirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade or Die?
On Fri, Jun 24, 2011 at 1:30 PM, ja...@nixsecurity.org wrote: Chrome. Enough said. Now, if we can only convince the rest of the world ... Ugh. I can't stand Chrome. Of course, I gave up on Firefox years ago and went back to Opera, so it doesn't bother me when Firefox does something weird like this... -Andy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
On 24 June 2011 18:23, Tamara Temple tamouse.li...@gmail.com wrote: On Jun 24, 2011, at 10:28 AM, Richard Quadling wrote: On 24 June 2011 15:44, Vitalii Demianets vi...@nppfactor.kiev.ua wrote: And furthermore, I think Carthage must be destroyed. Let's haul out the PHP war wagons! http://xkcd.com/327/ I so wanted to rename my daughter Little Chelsea Tables after I read that one. Randall is one mean mofo. And because it is so relevant, I added it to the docs... http://docs.php.net/manual/en/security.database.sql-injection.php -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
radio select validation What I am doing wrong? I want to make sure a radio button is selected, but my current code allows insertion even when radio button isn't selected. My code is: //Generating radio buttons for store type with array echo 'Store type:br /br /'; $choices = array('corporate' = 'Cricket owned | ', 'premier' = 'Premier dealer'); foreach ($choices as $key = $choice) { echo input type='radio' name='store_type' value='$key'/ $choice \n; } //Validate the radio button submission if (!array_key_exists($_POST['store_type'], $choices)) { echo You must select a valid choice.; } Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade or Die?
On Fri, 2011-06-24 at 13:38 -0400, Andy McKenzie wrote: On Fri, Jun 24, 2011 at 1:30 PM, ja...@nixsecurity.org wrote: Chrome. Enough said. Now, if we can only convince the rest of the world ... Ugh. I can't stand Chrome. Of course, I gave up on Firefox years ago and went back to Opera, so it doesn't bother me when Firefox does something weird like this... -Andy Meh, I'm still using 3.6 on my main computer and 3.5 on my laptop. Using Fx4 at work, and I have to say, I prefer 3.6. Fx4 is slower, prone to crashing and a bit of a memory hog. I really hope Mozilla doesn't go the way of Google and create loads of new versions dropping support for the older ones as it goes, even if the 'older' versions are barely that old at all. -- Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Upgrade or Die?
On 11-06-24 01:16 PM, ad...@buskirkgraphics.com wrote: In shifting gears to a faster pace of development and release, Mozilla has opted to abandon security support for Firefox 4 immediately upon the release of version 5, which came out this week. This could be a risky move, since many users neglect to update their browsers immediately for various reasons, despite the pop-up reminders Firefox periodically displays. I will never understand this mindset. Full story : http://www.technewsworld.com/edpick/72739.html I downloaded version 497.3 from the future, it's great, it deletes itself before finishing the install because it knows there's a new more advanced version already out. Cheers, Rob. -- E-Mail Disclaimer: Information contained in this message and any attached documents is considered confidential and legally protected. This message is intended solely for the addressee(s). Disclosure, copying, and distribution are prohibited unless authorized. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
Call me backwards, but I prefer to keep my statements simple. I would first obtain the POST value before trying to pull up an array element. $stype=$_POST[''store_type']; if (!isset($stype)) (handle missing radio button) else $st_name=$choices[$stype]; for me (and the next guy who has to look at the code) this is simpler to follow, IMHO. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade or Die?
On 24 June 2011 19:39, Ashley Sheridan a...@ashleysheridan.co.uk wrote: On Fri, 2011-06-24 at 13:38 -0400, Andy McKenzie wrote: On Fri, Jun 24, 2011 at 1:30 PM, ja...@nixsecurity.org wrote: Chrome. Enough said. Now, if we can only convince the rest of the world ... Ugh. I can't stand Chrome. Of course, I gave up on Firefox years ago and went back to Opera, so it doesn't bother me when Firefox does something weird like this... -Andy Meh, I'm still using 3.6 on my main computer and 3.5 on my laptop. Using Fx4 at work, and I have to say, I prefer 3.6. Fx4 is slower, prone to crashing and a bit of a memory hog. I really hope Mozilla doesn't go the way of Google and create loads of new versions dropping support for the older ones as it goes, even if the 'older' versions are barely that old at all. That pattern of behaviour sounds exactly like Netscape all those years ago. -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Upgrade or Die?
Dear James, In case you love Chrome that much, be sure you not using its `remember password` feature or any one else share using your PC/laptop will see it super-easily! Nam On Sat, Jun 25, 2011 at 12:30 AM, ja...@nixsecurity.org wrote: Chrome. Enough said. Now, if we can only convince the rest of the world ... Original Message From: ad...@buskirkgraphics.com To: php-general@lists.php.net Sent: Fri, Jun 24, 2011, 1:17 PM Subject: [PHP] Upgrade or Die? In shifting gears to a faster pace of development and release, Mozilla has opted to abandon security support for Firefox 4 immediately upon the release of version 5, which came out this week. This could be a risky move, since many users neglect to update their browsers immediately for various reasons, despite the pop-up reminders Firefox periodically displays. I will never understand this mindset. Full story : http://www.technewsworld.com/edpick/72739.html Richard L. Buskirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [PHP-DB] Re: radio form submission
Hello Chris, Maybe I'm off topic, but wouldn't you consider JavaScript form validation? That will make your task easier and the user will see his/her error much earlier, before he/she submits the form. -- With best regards from Ukraine, Andre Skype: Francophile My blog: http://oire.org/menelion (mostly in Russian) Twitter: http://twitter.com/m_elensule Facebook: http://facebook.com/menelion Original message From: Chris Stinemetz chrisstinem...@gmail.com To: rquadl...@gmail.com Date created: , 9:44:05 PM Subject: [PHP] Re: [PHP-DB] Re: radio form submission radio select validation What I am doing wrong? I want to make sure a radio button is selected, but my current code allows insertion even when radio button isn't selected. My code is: //Generating radio buttons for store type with array echo 'Store type:br /br /'; $choices = array('corporate' = 'Cricket owned | ', 'premier' = 'Premier dealer'); foreach ($choices as $key = $choice) { echo input type='radio' name='store_type' value='$key'/ $choice \n; } //Validate the radio button submission if (!array_key_exists($_POST['store_type'], $choices)) { echo You must select a valid choice.; } Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Upgrade or Die?
The message for Netscape was very clear, the development community refused to write for it they had started a precedence that could not be forgotten. I say communities will not forget this act and remove the browser from their systems rather than be forced into an update for security reasons. Honestly, rarely do any of my customers use FF, and their reasons are justified in their mind, so I do not argue the point. This is another reason for security personnel, to credit their policies in denying FF on their network the same as they did with Netscape. Richard L. Buskirk Senior Software Engineer/Systems Administrator You can’t grow your business with systems that are on life support... -Original Message- From: Richard Quadling [mailto:rquadl...@gmail.com] Sent: Friday, June 24, 2011 5:38 PM To: a...@ashleysheridan.co.uk Cc: Andy McKenzie; php-general@lists.php.net Subject: Re: [PHP] Upgrade or Die? On 24 June 2011 19:39, Ashley Sheridan a...@ashleysheridan.co.uk wrote: On Fri, 2011-06-24 at 13:38 -0400, Andy McKenzie wrote: On Fri, Jun 24, 2011 at 1:30 PM, ja...@nixsecurity.org wrote: Chrome. Enough said. Now, if we can only convince the rest of the world ... Ugh. I can't stand Chrome. Of course, I gave up on Firefox years ago and went back to Opera, so it doesn't bother me when Firefox does something weird like this... -Andy Meh, I'm still using 3.6 on my main computer and 3.5 on my laptop. Using Fx4 at work, and I have to say, I prefer 3.6. Fx4 is slower, prone to crashing and a bit of a memory hog. I really hope Mozilla doesn't go the way of Google and create loads of new versions dropping support for the older ones as it goes, even if the 'older' versions are barely that old at all. That pattern of behaviour sounds exactly like Netscape all those years ago. -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php