[PHP] Passing by reference, assigning by reference?
Hi sports fans! I have a quick references related question. Ok, I'm passing a Page object by reference to another object: myClass-myFunction($objPage); What I want to do is store that Page object as part of the myClass object (see definition code below). My question is this: When assigning the Page object to be a variable of the myClass object do I store a reference to it or a copy of the reference? class myClass() { var $objPage; function myFunction($objPage) { // this way (a reference to the reference?): $this-objPage = $objPage; // or this way (a copy of the reference?): $this-objPage = $objPage; // code, code, code... } } Is there much difference? Does it really matter? I'm unsure if this is efficient or not. Can someone please shed some light on this. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to force a variable to be a custom object?
Hi all, Just a quickie today: I was wondering if I can declare a Class variable as a certain type of object. I'm using PHP 4 by the way. For example, if my class looks like this: class myClass { var $object; function someFunction() { // code, code, code } } Is there anyway I can limit the variable $object to be of a particular Class of object that I have made. Something like: class myClass { var $object *type=myOtherClass*; function someFunction() { // code, code, code } } Yes, yes, I know *type=myOtherClass* isn't PHP code, but do you see what I'm getting at? How would I achieve this? Is it even possible? And would I then also have to include/require the path to the myOtherClass definition script in the myClass definition? e.g. class myClass { *require_once('path/to/myOtherClass.php');* var $object *type=myOtherClass*; function someFunction() { // code, code, code } } Any ideas folks? All the best, Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How to force a variable to be a custom object?
Norbert Wenzel wrote: I don't know if this works in PHP4, but I would suggest to clear this in your constructur. But I don't know if this is always called in PHP4. class myClass { var $object; myClass() { $this-object = new OtherObject(); } } This isn't really forced, since you could change $object from outside the class. If there is a way you should declare $object private. That's not stylish, but I guess it works. I think PHP5 deals with private/public variables and all that gaff. PHP4 doesn't quite offer OO that well, but good enough if you strictly use your Class message interfaces! Thanks for the help Norbert. You're right - that would pretty much do the trick. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Be careful! Look at what this spammer did.
My website form also appeared to get hacked (I'm using that term very loosely), although I have no idea if anything actually got hacked. It definitely seems like an automated script that crawls the net probing every form. It triggered a bunch of emails to me but nothing that I wouldn't have got from someone filling in the form normally so I can't see what damage it has done. Perhaps (this is a GUESS) it has emailed the spammer useful information but I don't know how I could possibly tell if that has happened. This is an example of one of the emails I got sent (a simple details collecting form) - the interesting bit is in the Job Title field: == Name: [EMAIL PROTECTED] Email: [EMAIL PROTECTED] Job Title: [EMAIL PROTECTED] Content-Type: multipart/mixed; boundary1157386915== MIME-Version: 1.0 Subject: 90cfd7d5 To: [EMAIL PROTECTED] bcc: [EMAIL PROTECTED] From: [EMAIL PROTECTED] This is a multi-part message in MIME format. --===1157386915== Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit pzkd --===1157386915==-- Company Name: [EMAIL PROTECTED] Company Website: [EMAIL PROTECTED] Telephone: [EMAIL PROTECTED] Location: [EMAIL PROTECTED] === Notice that their hack contains a BCC to [EMAIL PROTECTED]. Perhaps this is an email account set up by the hacker. Richard Lynch wrote: Put a CAPTCHA on the form. The jerk is probably not actually using your form, but a script that walks the net looking for forms that have name=xyz where xyz is something that looks like a contact form or the URL has contact in it or... Anyway, if CAPTCHA doesn't do it, you can also put in a throttle to only accept N posts from IP a.b.c.d within X hours. I don't know what a CAPTCHA is but I'm going to take your second suggestion and make it only accept X form submits from each IP address over Y hours. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Be careful! Look at what this spammer did.
Cilliè wrote: - Original Message - From: Alex Gemmell [EMAIL PROTECTED] To: php-general@lists.php.net Sent: Thursday, August 18, 2005 12:11 PM Subject: Re: [PHP] Be careful! Look at what this spammer did. Notice that their hack contains a BCC to [EMAIL PROTECTED]. Perhaps this is an email account set up by the hacker. sorry, i'm a bit in the dark here. how did they manage to fill in bcc ? you mean that someone can spam from your site by bcc'ing messages to other mail accounts ? If you look at the code they inserted into my form it's all email headers. One of the headers is a BCC field. I don't actually think it worked (well, I hope it didn't) but you can see the hacker _intended_ to BCC the email to that AOL address. Come to think of it the AOL address is probably not the hacker's email address but some poor sod who would have recieved a spam email supposedly from my domain. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Be careful! Look at what this spammer did.
Dotan Cohen wrote: It looks like you got hit with the same thing that I did. Are you recording IP addresses? Yep - The bunch of emails all came from the same IP address: 62.245.167.6 There was no browser/user agent given so it's clearly some sort of spyder/net trawling software. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] [OFF: object oriented question] OO discussion newsgroups?
Hello, I'd like to join a newsgroup that discusses object oriented design techniques. I'm getting to grips with OO stuff but could do with some specific guidance at times, especially while I'm a novice at it. I can't see an OO newsgroup here in news.php.net. Thanks for any suggestions. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] UML/OO/Design Pattern book recommendations?
Hello all! I am readjusting my brain from years of procedural programming and I'm rapidly improving my ability to program object-oriented PHP. I'm no expert but I am keen to get my hands on as much good teaching material as I can. I already have a good appreciation for OO concepts BUT I often tie myself in knots (code myself into a corner) because I don't know how to plan my OO projects correctly. Can anyone recommend some books that describe: - how to plan OO projects (PHP specific would be good but isn't necessary) - how to use UML (is UML what I am after?) - OO design patterns for web applications Thanks for helping me become a better programmer! Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] UML/OO/Design Pattern book recommendations?
Blimey! I'm not a regular to these lists so I certainly didn't expect replies from two names I recognise and respect from my years of trawling the internet for valuable PHP and CSS information! The books you both recommend look like exactly what I am after, with the slight caveat that I am actually using PHP4 at work and these books seem to focus on PHP5. I appreciate the real improvements PHP5 has over PHP4 with regards to OO but I have been a little hesitant to make the leap. Perhaps now I will do so. I've also been toying with a subscription to PHP Architect since it first came out. It felt a bit to advanced for me back then but maybe now I'm ready for it. Congrats Marco - I think you've bagged a new subscriber! (I've had StyleMaster for a short while now so you've already done your work John!) Thanks John and Marco for your swift replies, I'll be sure to check out those books. Alex On 17/08/05, Marco Tabini [EMAIL PROTECTED] wrote: Hello Alex On 8/17/05 9:33 AM, Alex Gemmell [EMAIL PROTECTED] wrote: Can anyone recommend some books that describe: - how to plan OO projects (PHP specific would be good but isn't necessary) http://www.amazon.com/exec/obidos/tg/detail/-/1590593804/qid=1124289801/sr=8 -4/ref=pd_bbs_4/103-9475507-6895034?v=glances=booksn=507846 - OO design patterns for web applications http://www.phparch.com/shop_product.php?itemid=96 (disclaimer: I work for the company that published this book). HTH, Marco Thanks for helping me become a better programmer! Alex -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] User Passwords: checking for unique chars
Hello! I'm checking user chosen passwords for validity and have created 7 tests. It's not 100% bulletproof but it will do for now. My problem is with the last check have 6 unique characters. I'm at a loss at how to check for this in a neat one-liner. My brain is starting to go off on some horribly complicated routines but I'm sure it can be done neatly (like the regular expressions). Can anyone help me with this? By the way - I've only just learnt regular expressions this morning so I'm no expert on them... # Code: function check_password($password) { # It exists if ( !isset($password) ) return false; # Not empty if ( empty($password) ) return false; #At least 8 characters long if ( strlen($password)8 ) return false; #Does not contain special characters e.g. ([EMAIL PROTECTED]:?,./;'`[=\]{space}) if ( !preg_match ('/[][)(.,[EMAIL PROTECTED]:?\/;\'`=\\s]/', $password) ) return false; #Contain at least one number if ( !preg_match ('/\\d/', $password) ) return false; #Contain at least one letter if ( !preg_match ('/[a-zA-Z]/', $password) ) return false; #Have 6 unique characters if ( ? ) return false; return true; } Thanks, Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User Passwords: checking for unique chars
Wow - good job! That nailed it and in one neat line too! Thanks very much Richard and thanks also to Mike for his help too. I'm really liking these php lists! On Mon, 14 Feb 2005 09:41:00 -0800 (PST), Richard Lynch [EMAIL PROTECTED] wrote: Alex Gemmell wrote: I'm checking user chosen passwords for validity and have created 7 tests. It's not 100% bulletproof but it will do for now. My problem is with the last check have 6 unique characters. I'm at a loss at how to check for this in a neat one-liner. if (count(count_chars($password, 1)) 6) return false; http://php.net/count_chars No regex at all :-) -- Like Music? http://l-i-e.com/artists.htm -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User Passwords: checking for unique chars
On Mon, 14 Feb 2005 10:17:53 -0800, Chris W. Parker [EMAIL PROTECTED] wrote: Alex Gemmell mailto:[EMAIL PROTECTED] on Monday, February 14, 2005 7:24 AM said: Hello! Hi! # Code: beingfunnynotmean!Do you also have a label on your computer that says Computer?/beingfunnynotmean! Some questions (because I'm curious): 1. Why would you *not* allow special characters? Wouldn't allowing special characters make the password stronger? 2. Why are you forcing the password to have all unique characters? I don't think I've ever read this as being a recommendation for strong passwords. Chris. Oh! You're so mean!! ;) A lot of people are making some great points. I feel I must strighten this out a little. While I may not be the best coder in the world I do have my reasons. I originally made the passwords automatically generated and emailed to the user. Nice complicated ones! I was immediately shot down for doing this because no one here liked the idea of having complicated passwords! I was told to allow the user to chose their own so I merely wanted to make sure no one could have stupid passwords like aaa. So I just added a few limitations. Besides, my small website doesn't hold any sensitive information about anyone so it wouldn't be the end of the world if some cracked it! So, no special characters because the passwords don't need to be THAT strong (nor would any of our users chose passwords that good - I'll bet money on it!). Oh, and the password won't have ALL unique chars, I was thinking 6 unique chars and a minimum of 8 chars for the whole password (could be more if they chose). -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
On Sun, 6 Feb 2005 19:36:23 -0500, Andre Dubuc [EMAIL PROTECTED] wrote: On Sunday 06 February 2005 07:18 pm, Alex Gemmell wrote: Hello, I am building a login system for my website but I keep experiencing an error on a specific PHP page that I have never encountered before and it seems worryingly low-level! It says: The remote procedure call failed. And that's it! Nothing else is on the page. Sometimes I get a slightly different (but equally scary) error: PHP has encountered a Stack overflow I've googled these errors and some people have posted them but I found no solution. I've searched the PHP bug database but found nothing. Has anyone else encountered this and is there a solution? FYI: Other (more simple) PHP scripts work fine (so my PHP installation seems to be ok) and this error only started happening last week. I haven't changed this PHP/MySQL installation in months. I'm testing my script on a (Windows) server in my office on which this error occurs. When I upload it to a second remote (Linux) test server it works fine! Office Server: Windows 2000 Server + IIS 5.1, PHP Version 4.3.9 (Zend Engine v1.3.0), MySQL 3.23.49. *CGI Version - I am considering changing to ISAPI. Would this help do you think? Remote Server: Linux + Apache, PHP Version 4.1.2 (Zend Engine v1.1.1), MySQL 3.23.39. Any ideas gratefully received! Thanks, Alex First off: register_globals=on on Windows server, register_globals=off in Linux, by any chance? I ran into a similar problem (w/o the 'low-level' messages). Are you calling https for login procedures? Had a problem with that too. Hth, Andre Thank you Andre! That was spot on - my Windows PHP installation has register_globalsoff. When I turned it on the error messages disappeared. Success! FYI: I found this in the PHP manual: If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled. I was using session_register() in one place so perhaps this was the problem? PHP manual also says this: Caution If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister(). Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Remote Procedure Call Failed
On Mon, 07 Feb 2005 18:14:22 +0100, Jochem Maas [EMAIL PROTECTED] wrote: Alex Gemmell wrote: .. Well, I have a few lines like these two: session_register('email_address'); $_SESSION['email_address'] = $email_address; If I simply delete the first line (session_register('email_address');) everything will still work... right? yes - on one condition: somewhere in you app/script you must make a call to session_start() before attempting to use the $_SESSION superglobal var. Great! That's exactly what I wanted to hear. I know to use session_start() at the beginning of my scripts so it looks like I am good to go! Thank you to each of you who helped me with this! -- Alex Gemmell |:| [EMAIL PROTECTED] |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Remote Procedure Call Failed
Hello, I am building a login system for my website but I keep experiencing an error on a specific PHP page that I have never encountered before and it seems worryingly low-level! It says: The remote procedure call failed. And that's it! Nothing else is on the page. Sometimes I get a slightly different (but equally scary) error: PHP has encountered a Stack overflow I've googled these errors and some people have posted them but I found no solution. I've searched the PHP bug database but found nothing. Has anyone else encountered this and is there a solution? FYI: Other (more simple) PHP scripts work fine (so my PHP installation seems to be ok) and this error only started happening last week. I haven't changed this PHP/MySQL installation in months. I'm testing my script on a (Windows) server in my office on which this error occurs. When I upload it to a second remote (Linux) test server it works fine! Office Server: Windows 2000 Server + IIS 5.1, PHP Version 4.3.9 (Zend Engine v1.3.0), MySQL 3.23.49. *CGI Version - I am considering changing to ISAPI. Would this help do you think? Remote Server: Linux + Apache, PHP Version 4.1.2 (Zend Engine v1.1.1), MySQL 3.23.39. Any ideas gratefully received! Thanks, Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php