[PHP] Re: fopen/fgets
you close the input file in while loop ( fclose($fp); )
Bryan Koschmann - Gkt [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Can someone give me a hand here? I am really lost as to what is
going on.
I have a file that looks like this
user1,Store 1 - ABC street
user2,Store 2 - Northside
user3,Store 3 - East
I try to run my code, but I get a php log filled (~33 megs, the
input file
is only 12 lines):
[06-Mar-2003 15:22:53] PHP Warning: feof(): 1 is not a valid
File-Handle
resource in /home/perf/create_prefs.php on line 7
[06-Mar-2003 15:22:53] PHP Warning: fgets(): 1 is not a valid
File-Handle
resource in /home/perf/create_prefs.php on line 8
[06-Mar-2003 15:22:53] PHP Warning: feof(): 1 is not a valid
File-Handle
resource in /home/perf/create_prefs.php on line 7
[06-Mar-2003 15:22:53] PHP Warning: fgets(): 1 is not a valid
File-Handle
resource in /home/perf/create_prefs.php on line 8
While it is running it just stalls.
This is my code:
$fp = fopen(emaillist, r);
if (!$fp)
die(Error opening file. $php_errormsg);
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
echo $buffer;
$row = explode(',', $buffer);
if (!empty($row[0])) {
$user = $row[0];
$name = $row[1];
$stuff = [EMAIL PROTECTED] .
chosen_theme\=../themes/mystore_theme.php\n .
show_html_default\=0\n .
javascript_on\=1\n .
full_name\=$name\n .
use_signature\=0\n .
prefix_sig\=0\n;
$fileout = $user . _perf.pref;
$fout = fopen($fileout, w);
fputs($fout, $stuff);
fclose($fp);
fclose($fout);
}
}
Please help! I keep re-reading the docs at php.net for fopen fgets
and all
that with no luck!
Thanks,
Bryan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] crypt() MD5 problem on PHP 4.2.3
hi all,
?php
echo 'pre' .
'CRYPT_STD_DES ' . CRYPT_STD_DES . \n .
'CRYPT_EXT_DES ' . CRYPT_EXT_DES . \n .
'CRYPT_MD5 ' . CRYPT_MD5 . \n .
'CRYPT_BLOWFISH ' . CRYPT_BLOWFISH . '/pre';
echo crypt('clear_pass', '$1$salt1234$');
?
// outputs
CRYPT_STD_DES 1
CRYPT_EXT_DES 0
CRYPT_MD5 1
CRYPT_BLOWFISH 0
$1WrhY7RKpNLM
seems that crypt function uses DES instead of MD5 :((
configure output:
...
checking for standard DES crypt... yes
checking for extended DES crypt... no
checking for MD5 crypt... yes
checking for Blowfish crypt... no
...
previous PHP version (4.2.2) on the same system worked fine. the same
version of PHP (4.2.3) works fine on other computer (Slackware 8.1)
any ideas?
thanks,
adu
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Apache 2 and PHP
At http://www.php.net/ChangeLog-4.php#4.2.0 there is a note (Note: Apache2 support is EXPERIMENTAL.) Is this note still justified for PHP/4.2.2? Is it about security? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Apache 2
Hi, There is a note at http://www.php.net/ChangeLog-4.php for Version 4.2.0 (Note: Apache2 support is EXPERIMENTAL.) Is it still justified? adu -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Session problem
All you have to do is to call session_name(EmailSess); session_start(); in rest of pages. BTW: You don't really need to call session_name() Manisha [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am facing so many problems - first file lock and now for session - I still could not understand how to get the session value in another page. I am very new to PHP. I tried many many ways to get it Actually I want to store ID in a session and want to get back this ID in rest pages. Can you give me one by one step to do it. First page - session_name(EmailSess); session_start(); $ID = 1; session_register(ID); - How to get back this ID in another pages ? Please help, I am stuck Manisha -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: validating user input
No validating user input is needed if you are using OCIBindByName. See also the Avertisment at www.php.net/OCIBindByName [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi the M.L. I have to validate forms user inputs before the construction of my query to my Oracle DB Does anybody know the list of characters that should be rejected (for example ;) ? Do you have a function to validate it ? regards Laurent Drouet -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: From where was function called?
You can use the 'magic constants' __FILE__ and __LINE__ For example, if you have an editor that can replace the newline \n character, you can replace all \n with \nerror_log(__FILE__ . '[' . __LINE__ . ']'); Nico Van Der Dussen [EMAIL PROTECTED] wrote in message 3CC45EB5.6064.19C3129@localhost">news:3CC45EB5.6064.19C3129@localhost... Hi, I'm having a real problem: In a codeset of more than 5000 lines of code, I have a rogue call to a function. Is there a way I can determine in a function from where the call was made? (Filename, linenumber etc) Thanks Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to get allocated memory?
I get the PHP Fatal error: Allowed memory size of N bytes exhausted and I want to check free memory at some point in a script. How can I do that? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: deleting lines in a textfield
?php $file_name = 'test.txt'; $line_no_to_delete = 2; $f = fopen($file_name, 'rw+'); $s = explode(\n, fread($f, filesize($file_name))); unset($s[$line_no_to_delete - 1]); fseek($f, 0); fputs($f, implode(\n, $s)); fclose($f); ? Kris Vose [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How would you go about deleting a specific line in a textfield via PHP? For example, I want to delete line 2 only and save the changes. How would I go about doing this using fopen and fwrite? Kris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: adding numbers to a file
?php
$file_name = 'test.txt';
$new_value = rand(1000, 100);
$f = fopen($file_name, 'rw+');
$s = explode(\n, fread($f, filesize($file_name)));
$s[1] = substr($s[1], 0, 11) . $new_value;
fseek($f, 0);
fputs($f, implode(\n, $s));
fclose($f);
?
Craig Westerman [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I have a simple count file named count_db that contains ONLY the
following:
{
'total' = 3954
}
How do I open file, find numbers in the file, add $newnumbers to existing
numbers. Then write these new numbers over the original numbers and close
the file. I'm just needing to do this once a day to correct a poor count.
Thanks
Craig
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: [HELP] redirect browser pass variable !
{ header(Location: http://www.XXX.edu/index.php?variable=$variable;);
exit;}
Joe [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I am using header function to redirect browser.
{ header(Location: http://www.XXX.edu/index.php;);
exit;}
Although it can redirect the browser but variable had not pass to next
page.
So can anyone teach me how to pass variable and redirect browser at same
time?
Thx !
Joe
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Comparrison
http://php.net/ereg
Ron [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
How would I compare to variables where I would want one variable to equal
only part or some of the other variable?
Here is the code
?
if ($HTTP_USER_AGENT !== %MSIE 5.5%) {
print You must upgrade your browser;
} else {
exit;
}
?
Any suggestions
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: ImagePNG problem
Hi Andy, I don't need to use ImageCreateTrueColor() (or do I?). I just want to read a PNG24, write a text to it and save. I don't have GD 2.0.1. And again: I can read PNG24, but when I save it with ImagePNG($fileName), GD writes a PNG8 :-( adu Andrew Chase [EMAIL PROTECTED] wrote Make sure you have GD 2.0.1 and PHP 4.0.6 or later for creating true-color PNGs, per the manual: http://php.net/manual/en/function.imagecreatetruecolor.php -Andy -Original Message- From: Adrian Ciutureanu [mailto:[EMAIL PROTECTED]] Is there any way to tell ImagePNG() to create PNG24 images instead of PNG8 images? Seems that ImageCreateFromPNG() can read PNG24, but ImagePNG() writes only PNG8. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] ImagePNG problem
Is there any way to tell ImagePNG() to create PNG24 images instead of PNG8 images? Seems that ImageCreateFromPNG() can read PNG24, but ImagePNG() writes only PNG8. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: WSIWYG Editor using PHP?
All messages in this thread reffers to applications for edit PHP/HTML. The question was about a WSIWYG Editor for HTML files that runs in browser, not an application that you install and edit local files! Did anybody click on the link to EZEdit? Bob Clingan [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know of any WSIWYG editors that you can plug into a site using PHP. I recently used EZEdit which uses ColdFusion and was wondering if anything similar had been down with PHP. URL for EZEdit: http://www.siteobjects.com/index.cfm?fuseAction=showezedit Thanks. --Bob CC me I'm in digest mode -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: WSIWYG Editor using PHP?
EZEdit editor works 99% on client (JavaScript) and it works only in a IE5+ browser. You'll need ColdFusion only for remote file acces (commands like insert picture). Bob Clingan [EMAIL PROTECTED] wrote Does anyone know of any WSIWYG editors that you can plug into a site using PHP. I recently used EZEdit which uses ColdFusion and was wondering if anything similar had been down with PHP. URL for EZEdit: http://www.siteobjects.com/index.cfm?fuseAction=showezedit Thanks. --Bob CC me I'm in digest mode -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: String Comparison
Note that using strings without quotes generates a warning that is not
displayed in the default configuration of PHP. The message looks like
Warning: Use of undefined constant anyString - assumed 'anyString' in
test.php on line 3
(line 3: echo anyString;)
If you want to see these warnings, set
error_reporting = E_ALL
instead of
error_reporting = E_ALL ~E_NOTICE
in php.ini
--- Jason Bell [EMAIL PROTECTED] wrote
Hello.
I'm trying to compare two strings, and performa function if the are the
same. Easy right? I thought so until I tried it...
$query = select type from images where id=$id;
$result = mysql_query($query);
$type = mysql_result($result,0,type);
print $type;
if (image/pjpeg == $type) { print Type is JPG; };
returned:
image/pjpeg
Warning: Division by zero in /home/daelic/www/photo/mkthumb.php on line 8
Any idea on why this won't work?
Thanks!
Jason
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Client Machine Name
http://php.net/manual/en/language.variables.predefined.php $REMOTE_HOST = gethostbyaddr($REMOTE_ADDR); Dominic [EMAIL PROTECTED] wrote It's there anyway to find out the client machine name by using php? Thanks! Dominic -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Example forms
--- example.php --- ?=$myText? form method=post action=./example.php input type=text name=myText value=?=$myText?br input type=submit /form Denis Croombs [EMAIL PROTECTED] wrote in message 004701c11426$b94b7f10$[EMAIL PROTECTED]">news:004701c11426$b94b7f10$[EMAIL PROTECTED]... Hi I am transfering a NT IIS website with forms to APACHE and PHP, but need examples of how the forms work, can you please guide as to where I can find some and any other data to asist me as this is the first time I have used PHP. Many thanks Denis Croombs -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] removing lines from array
?
$recordsarray = file (../auto/records);
$remove = schopf.net ;
while(list($i, $line) = each($recordsarray)) {
if(ereg($remove, $line)) {
unset($recordsarray[$i]);
}
}
$newFileContent = implode('', $recordsarray);
?
-Original Message-
From: Richard Kurth [mailto:[EMAIL PROTECTED]]
Sent: 23 iulie 2001 02:36
To: php
Subject: [PHP] removing lines from array
I an trying to figure out how to remove lines from a text file from
within an array.
I fill the array with this
The lines I what to remove have this in them
What I need is how to loop through this array and pull out
the lines
that have what is in the $remove variable.
Then I will write the array to a temp file and thin copy it back to
the records file
This is a small sample of the file I what two remove lines from
mx - schopf.net High www.schopf.net
ptr - readinggenius.tv 207.200.75.55 24
a - time-management-by-higher-productivity.com 207.252.75.55 24
ptr www speedreading123.com 207.200.75.55 24
ptr - mindbodyspirit123.com 207.200.75.247 24
a www schopf.net 207.252.75.242 24
soa - schopf.net
dns1.northwesthost.com:dns2.northwesthost.com:[EMAIL PROTECTED]
westhost.com:10800:3600:604800:86400 -
Best regards,
Richard
mailto:[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Check for exist function
http://php.net/require_once -Original Message- From: ROsen [mailto:[EMAIL PROTECTED]] Sent: 23 iulie 2001 14:17 To: [EMAIL PROTECTED] Subject: [PHP] Check for exist function Hi, How can I check, thath some function is declared and to do not declare it second time ( with require ) ? Thanks, Rosen Marinov -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] formating numbers to two decimal points - money - best ways
? $c = 12.3456; echo number_format($c, 2); ? http://php.net/number_format -Original Message- From: Tim Olsen [mailto:[EMAIL PROTECTED]] Sent: 18 iulie 2001 10:52 To: [EMAIL PROTECTED] Subject: [PHP] formating numbers to two decimal points - money - best ways Anyone have functions for formatting numbers being multiplied by variables and whatnot to two decimal points - rounded up? As for displaying total cost, etc? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Output (Urgent!)
How do you know it worked? :) -Original Message- From: Morten Winkler Jørgensen [mailto:[EMAIL PROTECTED]] Sent: 17 iulie 2001 12:54 To: [EMAIL PROTECTED] Subject: Re: [PHP] Output (Urgent!) How you want to get a value from client side to php on the same page? Well. Actually I didn't invent the code. I just correcteded it so it worked on my installation. I must admit I was amazed that it somehow worked, but it did. Kind regards, Morten Winkler -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Adding elements to an array
$MyArray['BUYVAL'] = 1.23;
-Original Message-
From: Sharat Hegde [mailto:[EMAIL PROTECTED]]
Sent: 17 iulie 2001 13:11
To: [EMAIL PROTECTED]
Subject: [PHP] Adding elements to an array
Hello,
I have a requirement to add elements to an associate array
dynamically based
on some conditions. I initialize the array with the 1st
associate array
element
$MyArray = array('DATETIME' = $DateTime);
How do I add more elements to this associate array. I am
using PHP 3 and
array_merge and other functions for arrays are not supported
in PHP3. I am
trying the following:
$MyArray[] = array(BUYVAL = 1.23);
but if I try and get the value of $MyArray[BUYVAL], I get nothing.
I am sure this must be simple, but I do not seem to be
getting it right!!
Regards,
Sharat Hegde
Phone: 6560360 Ext 4680
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] regexp. king needed (is it possible ???)
? $s = 'somthing opentag1 .any content in between .. closetag1 somthing else'; $opentag = 'opentag1'; $closetag = 'closetag1'; $other_content = 'the other content'; $content = ereg_replace(.*$opentag, '', ereg_replace($closetag.*, '', $s)); $new_str = ereg_replace($opentag.*$closetag, $opentag $other_content $closetag, $s); // $content = ' .any content in between .. '; // $new_str = 'somthing opentag1 the other content closetag1 somthing else' ? $content = '?=$content?';br $new_str = '?=$new_str?' -Original Message- From: Jeroen Olthof [mailto:[EMAIL PROTECTED]] Sent: 17 iulie 2001 17:38 To: [EMAIL PROTECTED] Subject: [PHP] regexp. king needed (is it possible ???) ereg_replace($opentag([^*]*)$closetag, $this-OPENTAG.$loopHandle.$this-CLOSETAG, $template); how do I get al hold on the \\1 part of the replacement. basicly I want to replace opentag1 .any content in between .. closetag1 with opentag2 onewordonly closetag2 but still need the .any content in between .. is this possible in some way ??? kind regards Jeroen Olthof -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] how to strip just the img tag from html file?
$printerFriendlyContent = eregi_replace('img[^]*', '', $htmlContent);
You can also use
$printerFriendlyContent = eregi_replace('src=[^]*',
'src=images/spacer.gif', $htmlContent);
to preserve formatting (spacer.gif = 1x1 px transparent)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: 16 iulie 2001 14:53
To: [EMAIL PROTECTED]
Subject: [PHP] how to strip just the img tag from html file?
I've created a printer-friendly version of a page
(PHP/MySQL) and want to
have just the img tags automatically removed. I thought about using
strip_tags() but I'm not able to predict what html tags to
include as the
exceptions so that they would not be removed too. How can I
do this? Thank
you!
- Shawna
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Rename a File?
http://php.net/rename -Original Message- From: Randy Johnson [mailto:[EMAIL PROTECTED]] Sent: 13 iulie 2001 20:53 To: Randy Johnson; Chris Lambert - WhiteCrown Networks; [EMAIL PROTECTED] Subject: [PHP] Rename a File? How do I rename a file on Linux in PHP? Thanks Randy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] charset
http://www.w3.org/TR/WD-html40-970708/charset.html -Original Message- From: Mark Lo [mailto:[EMAIL PROTECTED]] Sent: 12 iulie 2001 08:46 To: [EMAIL PROTECTED] Subject: [PHP] charset Hi, What will the problem if i don't specific what charset to use in the metal tag. And also, what is the CHARSET of UTF-8. What charset to use if i want my web page to display chinese and english. Thank you Mark -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] associative arrays
$result = mysql_db_query(database,select item1, item2 from table);
while ($row = mysql_fetch_array($result)) {
$myArray[$row['item1']] = $row['item2'];
}
-Original Message-
From: Martin Lucas [mailto:[EMAIL PROTECTED]]
Sent: 12 iulie 2001 16:25
To: '[EMAIL PROTECTED]'
Subject: [PHP] associative arrays
Hi everybody
i have the following database query:
$result=mysql_db_query(database,select item1,item2 from table);
while ($row=mysql_fetch_array($result)){
$a=$row[item1];
$b=$row[item2];
}
what i need is an associative array, with $a as key and $b as value,
containing each item1 and item2 from the database
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Array problem in PHP. Please help.
foreach($oldArray as $a)) {
list($key, $value) = each($a);
$newArray[$key] = $value;
}
-Original Message-
From: Michael Champagne [mailto:[EMAIL PROTECTED]]
Sent: 12 iulie 2001 17:37
To: PHP General Mailing List
Subject: [PHP] Array problem in PHP. Please help.
Ok, here's the print_r() output of my 2 arrays. The first
really just has an
extra dimension. How can I get the format of the first one
looking like the
bottom one (just an array of key = value pairs)?
Thanks!
Array ( [0] = Array ( [trade_date] = Trade Date )
[1] = Array ( [settle_date] = Settlement Date )
[2] = Array ( [symbol] = Symbol )
[3] = Array ( [blank] = Blank Field )
[4] = Array ( [account] = Broker Account )
[5] = Array ( [symbol_desc] = Symbol Description )
[6] = Array ( [symbol_desc] = Symbol Description )
[7] = Array ( [first_money] = First Money ) )
Array ( [trade_date] = Trade Date
[settle_date] = Settlement Date
[symbol] = Symbol
[account] = Broker Account
[symbol_desc] = Symbol Description
[first_money] = First Money
[buy_sell] = Buy/Sell [comm] )
--
Michael Champagne, Software Engineer
Capital Institutional Services, Inc.
wk: [EMAIL PROTECTED]
hm: [EMAIL PROTECTED]
**
This communication is for informational purposes only. It is not
intended as an offer or solicitation for the purchase or sale of
any financial instrument or as an official confirmation of any
transaction, unless specifically agreed otherwise. All market
prices, data and other information are not warranted as to
completeness or accuracy and are subject to change without
notice. Any comments or statements made herein do not
necessarily reflect the views or opinions of Capital Institutional
Services, Inc. Capital Institutional Services, Inc. accepts no
liability for any errors or omissions arising as a result of
transmission. Use of this communication by other than intended
recipients is prohibited.
**
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Variables
That's IMPOSIBLE!
-Original Message-
From: James Bartlett [mailto:[EMAIL PROTECTED]]
Sent: 11 iulie 2001 05:27
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Variables
I have tried that also...it still does not want to work...
- Original Message -
From: Dallas K.
To: James Bartlett ; [EMAIL PROTECTED]
Sent: Wednesday, July 11, 2001 5:43 AM
Subject: Re: [PHP] Variables
don't use the quotes
if($test1 == $test2)
{echo True;
}
else
{echo False;
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Getting the title of a web page
?
$f = fopen($fileName, 'r');
$s = fread($f, 1024);
fclose($f);
$pageTitle = eregi_replace('.*title', '',
eregi_replace('/title.*', '', $s));
?
-Original Message-
From: Heiko Wilms [mailto:[EMAIL PROTECTED]]
Sent: 11 iulie 2001 13:32
To: [EMAIL PROTECTED]
Subject: [PHP] Getting the title of a web page
Hi,
when I open a web page within my php-script with fopen(...) I
only want
to get back the title of the page. How can I do this?
Heiko
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Cookie Expiry Dates?
int setcookie (string name [, string value [, int expire [, string path [, string domain [, int secure]) expire = time() + 3600*24*30; Note that 'expire' is the client relative to GMT time. So, if the client has the local time set to 01/01/1985, your cookie will be born dead ;) -Original Message- From: Jeff Lewis [mailto:[EMAIL PROTECTED]] Sent: 11 iulie 2001 15:54 To: [EMAIL PROTECTED] Subject: [PHP] Cookie Expiry Dates? I'd like to set a cookie that never expires or at least one that lasts a month, how can I set it? Does it have to be with time? I am using SetCookie. Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Cookie Expiry Dates?
you probably mean $cookie_expire = time() + 86400 * 365; -Original Message- From: James Holloway [mailto:[EMAIL PROTECTED]] Sent: 11 iulie 2001 16:02 To: [EMAIL PROTECTED] Subject: [PHP] Re: Cookie Expiry Dates? Hi Jeff, Yes, use time() Example 86400 seconds in a day. 3600 in an hour. Use some basic maths: $cookie_expire = time() * 86400 * 365; // Sets cookie for a year (365 days). James. Jeff Lewis [EMAIL PROTECTED] wrote in message 006101c10a08$874f93c0$76a1a8c0@LEWISJCIT">news:006101c10a08$874f93c0$76a1a8c0@LEWISJCIT... I'd like to set a cookie that never expires or at least one that lasts a month, how can I set it? Does it have to be with time? I am using SetCookie. Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] http header
Use $HTTP_REFERER http://php.net/manual/en/language.variables.predefined.php -Original Message- From: Jack [mailto:[EMAIL PROTECTED]] Sent: 11 iulie 2001 01:23 To: [EMAIL PROTECTED] Subject: [PHP] http header Dear all folks, I want to get the url of the previous page that my visitor came from. Is this correct to use http_header? Or what function that will help me do this job? Jack [EMAIL PROTECTED] Love your enemies, it will drive them nuts -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Getting any possible value inside an array
http://php.net/array_unique -Original Message- From: Aaron Bennett [mailto:[EMAIL PROTECTED]] Sent: 8 iulie 2001 08:52 To: [EMAIL PROTECTED] Subject: [PHP] Getting any possible value inside an array Hi everyone... Does someone have a quick and dirty way of returning _any_ possible value contained within an array? For instance: $myarray[0] = red; $myarray[1] = red; $myarray[2] = red; $myarray[3] = blue; $myarray[4] = green; $myarray[5] = blue; $myarray[6] = red; and i'd output red, blue and green, but not have multiple instances of each. Thanks in advance! -- Aaron Bennett -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Help with a variable
http://php.net/isset
-Original Message-
From: James Bartlett [mailto:[EMAIL PROTECTED]]
Sent: 9 iulie 2001 14:44
To: [EMAIL PROTECTED]
Subject: [PHP] Help with a variable
Hi,
Is there some way that I can check to see if a variable is present?
e.g.
if (variable is not present)
{
set variable to 0;
}
else
{
some code that uses variable;
}
Thanks for any advice.
James
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] mysql, interbase, etc
http://www.PostgreSQL.org -Original Message- From: kachaloo [mailto:[EMAIL PROTECTED]] Sent: 9 iulie 2001 16:58 To: [EMAIL PROTECTED] Subject: [PHP] mysql, interbase, etc Hi, Which db supports trigers and stored procedures and is also free ? I thought mysql supports it but to my dismay it does not it will support it in the near future Please help as I need to find one out soon. wht abt interbase is it anygood ? Regards, Vishal -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] $phpvar = javascriptvar???
You probably want to make statistics for web pages. The most common way
to do that is to use a PHP script that outputs an image and writes to a
database some data. The code may look like this:
/** stat.php /
?
$query = INSERT INTO stats
(id, remote_host, http_user_agent, http_referer, path,
query, screen)
VALUES
('$tracking_id', '$REMOTE_HOST', '$HTTP_USER_AGENT',
'$HTTP_REFERER', '$URI[path]', '$URI[query]',
'$scr');
$result = @pg_exec($conn, $query);
passthru('cat stat.png');
?
/** any_file.html ***/
script language=JavaScript
!--
scr = screen.width + 'x' + screen.height;
document.write('img src=stat.php?screen=' + scr + '');
//--
/script
-Original Message-
From: Romeo Manzur [mailto:[EMAIL PROTECTED]]
Sent: 5 iulie 2001 22:12
To: [EMAIL PROTECTED]
Subject: Re: [PHP] $phpvar = javascriptvar???
I want to store the value of screen.ColorDepth on a php var...
Thanks...
Kurt Lieber wrote:
As the original respondent said:
window.location = 'http://url?yourVar=' + yourVar;
from there, parse out the URL variable and store it into a
PHP variable and
you're good to go.
- Original Message -
From: Romeo Manzur [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 05, 2001 11:55 AM
Subject: [PHP] $phpvar = javascriptvar???
what I mean is, how could I save a javascript var value
on a php var???
Thanks...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Security of PHP code
$allowed_path = '/www/sites/mysite/teaching';
$file = realpath($file);
if(ereg(^$allowed_path, $file)) {
// it's OK
} else {
// possible attack!
}
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: 4 iulie 2001 15:29
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Security of PHP code
?
$allowed_path = /www/sites/mysite/teaching;
if (substr($file, 0, str_len($allowed_path)) $allowed_path )
{
die(not allowed!);
}
else
{
show_source($file);
}
?
I've missed part of the discussion, but if my understanding
of the issue
is correct (accepting a filename and path from a visitor to
the site to
display through a PHP script), then this solution is probably
inadequate...
If the user passes in a string like
/www/sites/mysite/teaching/../../../../etc/passwd, the first
part of the
string will pass your validity test, but the user may still be able to
ascend to a place where files you don't wish to share are stored.
A better solution may be to pass the filename through some
filter and then
concatenate that to your path. For example:
if(preg_match(/[^A-Za-z0-9]/, $file)) {
die(Invalid filename.);
}
else {
show_source($path . $file);
}
That's an awefully strict way to do it, but that's my
personal preference.
If you must accept information that contains a path, perhaps
just check
for '..' in the user input.
Anyways, like I say I could be way off base as far as what
the discussion
is actually about, and I haven't had near enough coffee this
morning, so
forgive me if I'm just talking nonsense =)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Parse URL parameters
?=a1 = '$a1'bra2 = '$a2'? :) -Original Message- From: Andy [mailto:[EMAIL PROTECTED]] Sent: 5 iulie 2001 10:20 To: [EMAIL PROTECTED] Subject: [PHP] Parse URL parameters How can I parse parameters sent with the URL of an pgp site? Example: I call the site with http://www.server.xyz/sub/site.php?a1=123a2=312 How can I get the values of a1 and a2? Thanks, folks! Andy. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Security of PHP code
http://php.net/realpath
$allowed_path = '/www/sites/mysite/teaching';
$file = realpath($file);
if(ereg(^$allowed_path, $file)) {
// it's OK
} else {
// possible attack!
}
-Original Message-
From: Steve Werby [mailto:[EMAIL PROTECTED]]
Sent: 5 iulie 2001 02:22
To: Sascha Schumann
Cc: Jon Haworth; 'Hankley, Chip'; PHP Mailingliste
Subject: Re: [PHP] Security of PHP code
Sascha Schumann [EMAIL PROTECTED] wrote:
On Wed, 4 Jul 2001, Steve Werby wrote:
Jon Haworth [EMAIL PROTECTED] wrote:
Yes, I would have thought this would do it:
if (strstr($file, /usr/local/apache/htdocs/) {
show_source($file);
[..]
Something along those lines will work. Without some kind
of limitations
built in, the page will be able to load any file that's
world-readable
so
it's a good idea to limit access to certain directories
or hardcode the
directory you want to give access to.
Imagine someone passing in
/usr/local/apache/htdocs/../../../../etc/passwd as path..
Excellent point. In addition to hardcoding the path I would
do something to
ensure that the file requested does not attempt to bypass
that directory.
I'd probably use a regex to make sure it doesn't include a
/ or if I want
to serve files from a deeper directory I'd do a regex or use
something like
strstr() to see if .. is within the filename. Personally,
I wouldn't make
a script that outputed a file on the server or a script's
code *and* allowed
the user to dictate what file was accessed.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] verifying that a dropdown was selected
select size=1 name=month
option value=0 selectedSelect month
option value=1January
. . .
/select
. . .
if(!$month) {
// please select month
} else {
// month selected
}
-Original Message-
From: Richard Kurth [mailto:[EMAIL PROTECTED]]
Sent: 5 iulie 2001 12:36
To: php
Subject: [PHP] verifying that a dropdown was selected
I have a dropdown box that is for selecting the month How can I be
verified that the customer has selected one of the months. I am using
verification like this but it does not do what I want for a dropdown
box it works fine for regular fields
if ($month == ) {
$month_err =
font color=redPlease enter the Month of
expiration!/fontbr
;
$send = no;
select name='month' size='1'
option value='00' /option
option value='01' 01/option
option value='02'02/option
option value='03'03/option
option value='04'04/option
option value='05'05/option
Best regards,
Richard
mailto:[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] optimal code
Is any of the versions below more effective?
/** Version 1 **/
?
if($condition) {
// some big code
} else {
// other big code
}
?
/** Version 2 **/
?
if($condition) {
include 'file_with_some _big_code.php';
} else {
include 'file_with_other_big_code.php';
}
?
/** Version 3 **/
?
if($condition) {
require 'file_with_some _big_code.php';
} else {
require 'file_with_other_big_code.php';
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Security of PHP code
This is a good code. Read http://php.net/realpath
-Original Message-
From: Christopher Ostmo [mailto:[EMAIL PROTECTED]]
Sent: 5 iulie 2001 19:57
To: Adrian Ciutureanu
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Security of PHP code
Adrian Ciutureanu pressed the little lettered thingies in
this order...
$allowed_path = '/www/sites/mysite/teaching';
$file = realpath($file);
if(ereg(^$allowed_path, $file)) {
// it's OK
} else {
// possible attack!
}
This is not good code.
A user could replace the $file in the URL with this:
/www/sites/mysite/teaching/../../../../etc/passwd
Since it starts with $allowed_path, your code has just been fooled.
The basic problem that I have seen with posts to this thread
is the fact
that many people do not understand how Unix servers address and/or
secure files. If what I have written above doesn't make any sense,
please go and pick up a book that covers Unix/Linux security. If you
don't, you are inviting a security breach. You may or may
not be aware
of this, but many hackers know Unix, it's security and it's common
vulnerabilities VERY well and they WILL exploit your code if it is
exploitable.
Simply checking to see if a particular path exists in the URL will
NEVER secure this issue.
Here's the script that I use:
?
require(common.php);
$f = ereg_replace(/,,$f);
commonHeader($f Source Code);
?
table border=1 cellpadding=3 cellspacing=0 bgcolor=#FF
trtd
?
show_source(./calendar/$f);
?
/td/tr
/table
?
commonFooter();
?
I explicitly declare the path and I delete all forward
slashes. This means
that if someone tries to send:
$f=calendar/../../../.../../../../etc/passwd
They instead send:
$f=calendar...etcpasswd
And the server interprets this as:
./calendar/calendar...etcpasswd
The bottom line is that no files outside of the intended
directory will ever
be viewable through this script, regardless of how clever, smart or
devious the user might be.
I could have gotten a little more fancy and given warnings if
there were
forward slashes, but the point is this: If you are allowing
real file names
to be passed as the parameter, you HAVE to do one of two things:
1) Strip or otherwise block forward slashes and/or
consecutive periods.
2) Declare the file path before the show_source() call and disallow
consecutive periods (..), forward slashes or both. This is
the method
used at slashdot.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
For a good time,
http://www.AppIdeas.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Security of PHP code
An observation: I presume (in my code) that $allowed_path is a root of
an allowed path. So, files in subfolders of allowed_path are also
allowed.
-Original Message-
From: Christopher Ostmo [mailto:[EMAIL PROTECTED]]
Sent: 5 iulie 2001 19:57
To: Adrian Ciutureanu
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Security of PHP code
Adrian Ciutureanu pressed the little lettered thingies in
this order...
$allowed_path = '/www/sites/mysite/teaching';
$file = realpath($file);
if(ereg(^$allowed_path, $file)) {
// it's OK
} else {
// possible attack!
}
This is not good code.
A user could replace the $file in the URL with this:
/www/sites/mysite/teaching/../../../../etc/passwd
Since it starts with $allowed_path, your code has just been fooled.
The basic problem that I have seen with posts to this thread
is the fact
that many people do not understand how Unix servers address and/or
secure files. If what I have written above doesn't make any sense,
please go and pick up a book that covers Unix/Linux security. If you
don't, you are inviting a security breach. You may or may
not be aware
of this, but many hackers know Unix, it's security and it's common
vulnerabilities VERY well and they WILL exploit your code if it is
exploitable.
Simply checking to see if a particular path exists in the URL will
NEVER secure this issue.
Here's the script that I use:
?
require(common.php);
$f = ereg_replace(/,,$f);
commonHeader($f Source Code);
?
table border=1 cellpadding=3 cellspacing=0 bgcolor=#FF
trtd
?
show_source(./calendar/$f);
?
/td/tr
/table
?
commonFooter();
?
I explicitly declare the path and I delete all forward
slashes. This means
that if someone tries to send:
$f=calendar/../../../.../../../../etc/passwd
They instead send:
$f=calendar...etcpasswd
And the server interprets this as:
./calendar/calendar...etcpasswd
The bottom line is that no files outside of the intended
directory will ever
be viewable through this script, regardless of how clever, smart or
devious the user might be.
I could have gotten a little more fancy and given warnings if
there were
forward slashes, but the point is this: If you are allowing
real file names
to be passed as the parameter, you HAVE to do one of two things:
1) Strip or otherwise block forward slashes and/or
consecutive periods.
2) Declare the file path before the show_source() call and disallow
consecutive periods (..), forward slashes or both. This is
the method
used at slashdot.
Christopher Ostmo
a.k.a. [EMAIL PROTECTED]
AppIdeas.com
Innovative Application Ideas
Meeting cutting edge dynamic
web site needs since the
dawn of Internet time (1995)
For a good time,
http://www.AppIdeas.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] RE: Deleting a string from a text file
?
$textFileName = 'filename.txt';
$strToDel = the_string;
$s = implode('', file($textFileName));
$p = strpos($s, $strToDel);
$len = strlen($strToDel);
if($p) {
$s = substr($s, 0, $p) . substr($s, $p+$len);
rename($textFileName, $textFileName . '~');
$f = fopen($textFileName, w);
fwrite($f, $s);
fclose($f);
}
?
-Original Message-
From: Stevenson, Christopher
[mailto:[EMAIL PROTECTED]]
Sent: 3 iulie 2001 11:35
To: '[EMAIL PROTECTED]'
Subject: Deleting a string from a text file
Hello, folks. I'm relatively new to this.
Would anyone be willing to give me some code that will delete
the first
occurrence of a string from a text file?
Thanks,
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] RE: Processing checkboxes in Dynamic tables
Variables that are not checked are not send by default.
Try the code below and see what variables are posted.
form method=get action=chkbox.html
?for($i = 0; $i 10; $i++):?
input type=checkbox name=p?=$i? value=1p?=$i?br
?endfor?
input type=submit
/form
To process variables you may use $HTTP_GET_VARS (or $HTTP_POST_VARS if
you preffer).
adu
PS: If you want the checkboxes to be checked by default you must use
CHECKED, not SELECT :)
-Original Message-
From: Michael Benbow [mailto:[EMAIL PROTECTED]]
Sent: 3 iulie 2001 12:08
To: [EMAIL PROTECTED]
Subject: Fw: Processing checkboxes in Dynamic tables
My apologies,
I was playing with the code and changed something before sending...
Where it reads INPUT TYPE=\CHECKBOX\ SELECT
NAME=\$p[$trade]\ the array should actually read p$trade
Peace,
Michael
- Original Message -
From: Michael Benbow
To: [EMAIL PROTECTED]
Sent: Tuesday, July 03, 2001 7:02 PM
Subject: Processing checkboxes in Dynamic tables
I have a solution to my problem already, but I am looking for
a far more economical way of doing this.
Currently my first page is four seperate tables with about 25
or so entries in each. I have gone through and automatically
allocated the name p101 through p125 to the checkboxes for
the first table, p201 through p225 to the checkboxes for the
second table, etc.
The user makes selections from each table, but seldomly
selects the majority. They choose which lines they want
processed then continue.
My problem is that with the above solution there are
automatically 200 variables being passed from page to page,
regardless of how many boxes are checked. The average amount
of boxes may be 10-15, and rarely is it more than 20.
Currently my code looks like the following...
$trade=101;
$result = mysql_query(SELECT * FROM $table_name WHERE ..);
if ($row = mysql_fetch_array($result)) {
do {
echo tr bgcolor=\#CBCFFF\\n;
echo td valign=\top\ nowrapfont size=\-2\;
echo INPUT TYPE=\CHECKBOX\ SELECT
NAME=\$p[$trade]\ OPTION VALUE=\$row[playerid]\;
echo $trade;
echo /td\n;
.
$trade=$trade+1;
.
} while.
etc.
Could someone please help me so only the variables which are
checked before the submit button is pressed are parsed, eg
p102, p107, p117, rather than every input variable which is
initialised on the site?
Thank you heaps in advace,
Michael.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] php-general subscription test
Hi all, This is only a test. Sorry for any inconvenience. adu -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] capatalising letters
http://php.net/manual/en/function.ucwords.php -Original Message- From: Jamie Saunders [mailto:[EMAIL PROTECTED]] Sent: 4 iulie 2001 14:57 To: [EMAIL PROTECTED] Subject: [PHP] capatalising letters Hi, I've got a list of strings in the following format: item one item two item three What I'd like to do now is to capitalise the first letter of each word so the list becomes: Item One Item Two Item Three Can anyone tell me how to do this? Thanks. Jamie Saunders [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] preg_match
try
ereg('^([a-z,A-Z,0-9]|_|-|\.)+@([a-z,A-Z,0-9]|_|-|\.)+\.([a-z,A-Z,0-9]|_
|-|\.){2,3}$', $email)
-Original Message-
From: Daniel Reichenbach [mailto:[EMAIL PROTECTED]]
Sent: 4 iulie 2001 15:05
To: Php-General
Subject: [PHP] preg_match
Hy,
i've got a string which looks like [EMAIL PROTECTED].
Now i wanted
to check it with preg_match like this:
if ( preg_match(
'/[\][a-z]([-a-z0-9_.])*@([-a-z0-9_]*\.)+[a-z]{2, }[\]/i',
$value ) ) {
print Valid mail address;
} else {
print Invalid mail address;
}
Unfortunatly this doesn't work. I think, i have to use a
different syntax
for the and braces. Can somebody give me a hint?
Thx,
Daniel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Security of PHP code
Here is something that happend to me: I forgot to tell Apache that .inc files must be parsed by PHP. All works fine if you include a .inc file, but if somebody guess .inc file name, he can see the content of that file! -Original Message- From: David A Dickson [mailto:[EMAIL PROTECTED]] Sent: 4 iulie 2001 16:43 To: php-general Subject: [PHP] Security of PHP code Is it possible for others to view the php code for pages I have written? I thought I heard someone say before that they could write a simple script to accomplish this. If anyone knows of any tacticts people might use to attack my code please post them hee. : David A. Dickson : [EMAIL PROTECTED] Get 250 color business cards for FREE! http://businesscards.lycos.com/vp/fastpath/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] javascript var on a php var...
window.location = 'http://url?yourVar=' + yourVar; -Original Message- From: Romeo Manzur [mailto:[EMAIL PROTECTED]] Sent: 5 iulie 2001 07:56 To: [EMAIL PROTECTED] Subject: [PHP] javascript var on a php var... hi, I want to know how could I save a javascript variable on a php variable??? Thanks... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] sessions and cache
Hi, I have a problem: if I use session_start(), the page will not cache. Is that normal? Adrian CIUTUREANU Software Developer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] sessions and cache
Thanks a lot! It works. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 2 iulie 2001 16:43 To: [EMAIL PROTECTED] Subject: Re: [PHP] sessions and cache Hi Adrian! On Mon, 02 Jul 2001, Adrian Ciutureanu wrote: Hi, I have a problem: if I use session_start(), the page will not cache. Is that normal? yes, check session.cache_limiter session.cache_expire in your php.ini -- teodor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] file upload
Try this:
--upload.php--
?php
if (is_uploaded_file($userfile)) {
move_uploaded_file($userfile, $new_location/$userfile_name);
} else {
echo Possible file upload attack: filename '$userfile'.;
}
?
-Original Message-
From: Wilbert Enserink [mailto:[EMAIL PROTECTED]]
Sent: 2 iulie 2001 17:08
To: [EMAIL PROTECTED]
Subject: [PHP] file upload
Hi all,
i'm using php version 4.0.5 and i'm playing around with the
file upload command using form and script which i copied
from php.net
Unfornunately the script is giving an error:
Warning: Unable to open '/tmp/phpmOSK48' for reading: No such
file or directory in /opt/guide/www.abc.de/upload/upload.php on line 8
Warning: Unable to move '/tmp/phpmOSK48' to '/tmp/phpmOSK48'
in /opt/guide/www.abc.de/upload/upload.php on line 8
anybody got a clue what i'm doing wrong here?
Thanx in advance!
Wilbert
-upload.html-
html
head
/head
body
FORM ENCTYPE=multipart/form-data ACTION=upload.php METHOD=POST
Send this file: INPUT NAME=userfile TYPE=file
INPUT TYPE=submit VALUE=Send File
/FORM
/body
/html
--upload.php--
?php
if (is_uploaded_file($userfile)) {
copy($userfile, $userfile);
} else {
echo Possible file upload attack: filename '$userfile'.;
}
/* ...or... */
move_uploaded_file($userfile, $userfile);
?
-
Pas de Deux
Van Mierisstraat 25
2526 NM Den Haag
tel 070 4450855
fax 070 4450852
http://www.pdd.nl
[EMAIL PROTECTED]
-
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
