Re: [PHP] Sorting files in a directory
Steve Marquez wrote: I know this code does not work, but I was curious if someone can take a look and tell me what is wrong? Thank you so much. Re-indent your code properly. If you do it will look like: ?php $pattern = .html*|.php*; if (is_dir(files/)) { if ($dh = opendir(files/)) { echo select name=\file\ size=\8\; while (($file = readdir($dh)) !== false) { if (ereg($pattern, $file)) if(strpos($file,'.')0) { $file_array = array($file); sort ($file_array); foreach($file_array as $key = $value) { echo option value=\$value\.$value./option; } } } echo /select; closedir($dh); } } ? You have a number of things you need to look at here. First, you don't have a final closing brace for your opening if() statement. Second, you're outputting the option tags INSIDE the while loop that reads the directory, so for every file you read your options list will get bigger. Well, it would, but you're also not using the right array append method; it should be: $file_array[] = $file; Next, you don't want to sort the array every time you add a file to it - just do it once when you're done. Try this: ?php $pattern = .html*|.php*; if (is_dir(files/) $dh = opendir(files/)) { echo 'select name=file size=8'; while (($file = readdir($dh)) !== false) { if (!ereg($pattern, $file)) continue; if(strpos($file,'.')1) continue; $file_array[] = $file; } sort ($file_array); foreach($file_array as $value) { echo 'option value=' . $value . '' . $value . '/option'; } echo /select; closedir($dh); } ? Syntax check is left as an exe3rcise for the student. =) Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Premature Ajax-ulation
Jay Blanchard wrote: One of my developers saw the following article; http://arstechnica.com/news.ars/post/20070802-security-experts-warn-deve lopers-about-the-risks-of-premature-ajax-ulation.html How are you securing Ajax? I know that for the most part we send data to a PHP script for processing, so all of the normal rules for sending that data apply (mysql_real_escape_string(), etc.) We secure AJAX the way we do anything that might take form input. We use intval() and floatval() on numeric fields to flat-out prevent text entry, we add slashes to strings where appropriate, check lengths and ranges, and do various other sanity checks. Other than being out of band and invisible to the user as a direct act, we don't see how AJAX is any different from normal form GET/POST work. I do agree with the article that some programmers put too much logic in the client side, but that's always been an issue, with or without AJAX. Remember the days when early shopping carts would store item prices on the client side, and use that data during checkout? You could edit your local data and knock $20 off an item. That sort of thing. You NEVER trust the client. Ever. You assume it simply cannot ever be completely secured. Period. Seeing something like this just shows me a developer that trusted the client, and it doesn't particularly surprise me when they get burned. Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Includes eating up my time
Dave M G wrote: Currently, my processes are taking under a second, but they can be around half a second or more. Although it all happens too fast for me to really notice as a person, it seems to me that a half second of processing time might be kind of long and lead to scalability problems. That's hardly the worst performance I've seen from a CMS, but you should know that nearly all CMS systems are slow, many slower than this, for similar reasons. The solution is usually to build a front-end cache, either in the CMS itself or using an external tool. For instance, MODx caches internally, while others rely on Apache/Enfold/etc. My first question is: Is a half second too long? I'm pretty sure it is, but maybe I'm just being paranoid. What do people consider to be acceptable time frames for processing a web page similar to what Wikipedia delivers? When you quote Wikipedia, you do realize that they're not a CMS, right, that they're a Wiki? There are some subtle differences. I haven't looked at Wikipedia's Wiki code (I like TWiki) but the Wikis I've used don't actually use a database or a billion classes to get their work done. They're more focused on editing an entire page of static content, which is stored on disk (and thus directly accessible by the server). If you want that kind of scalability you also MUST implement some sort of caching. PHP is a scripting language, and no scripting language will ever keep up with compiled code, no matter how good (and PHP is good). You might also consider looking at the Zend Optimizer - I've never tried it, but have heard good things. My second question is: Is there a systematic way of determining how to incrementally include files that people use? Or is it just a constant process of testing and checking? PHP does have an auto-include system called the autoloader. We use this heavily in Blackbird ESB to load classes on the fly when they're referenced. It only works for loading classes, but since you say that's what you have... Take a look here: http://us.php.net/autoload Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] import spreadsheet
Angelo Zanetti wrote: Hi guys Does anyone have any resources or links as to how to import a spreadsheet but it might have different number of columns and many sheets (those tab things at the bottom). What I thought of doing was creating a table that has 10 fields and if the file thats being imported only has 4 fields then the remaining six fields are blank. So basically my script must dynamically take the format (which changes) and try save it in the database in a semi standard format. If you're trying to be completely generic, why not have a table like: cells { id, - Auto increment, auto assign by DB file, - The file the sheet came from, if you're going to store more than one sheet, - The name of the sheet the cell is on column, - The column the cell is in row, - The row the cell is in value - The value or formula of the cell primary key(id), key (file, sheet, column, row), key(file, sheet), etc. } Then you can write your importer to go through every sheet/row/column and add cells to your database for each. Obviously, you don't bother to add empty cells. Once this is done, you can do things like: Get a cell directly: select * from cells where file='f' and sheet='x' and column='y' and row=z Get an entire column: select * from cells where file='f' and sheet='x' and row=z Get an entire row: select * from cells where file='f' and sheet='x' and column='y' Get a list of the available columns in a sheet: select distinct column from cells where file='f' and sheet='x' order by column Get a list of the sheets in use: select distinct sheet from cells where file='f' and order by sheet And so forth. The nice thing about this format is that it makes it really easy to do interesting things like write a Web front-end to spreadsheet data. You could have a little form that queries the list of files, and lets the user pick which they want. Then, for that file, you get the list of sheets. Once they select those, you get a list of all rows/columns in the sheet and use it to set up your table, and populate your grid with cells. With the above data structure, that's a few minutes' work. Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Authentication
Dan Shirah wrote: My application is only used within my company. I want to pull the NT Authenticated user that is logged in, cross reference that user with what I have pulled from ldap and verify the user's name is valid. If the username is valid I will assign it to a variable and use that variable to store the name of the user that submitted the requests. Yes, I am trying to get a single sign on method if possible. $_SERVER['REMOTE_ADDR'] works in bringing back the IP Address of the computer I'm kaing the request from, but $_SERVER['REMOTE_USER'] does not return anything. There's an ActiveX component floating around that will pull this information from the user's PC and make it available so Javascript can get it (and then pass it on to you). You have to instruct each user's browser to consider your site in the trusted zone, but it works fine after that. This is how Microsoft does SSO in their own browser. I didn't actually read too much into this link, but it might get you going: http://archives.devshed.com/forums/php-windows-119/newb-get-username-that-is-currently-logged-in-to-windows-1765301.html Basically, having the user put your site into the 'Trusted' zone allows Javascript to call out to things, which it can't do with default security settings. After you get it, then you have to pass it to the server. If you want to get this automatically, make the entry page (index/default/whatever) run this javascript work, then at the tail end of it redirect the user to the login page using a GET or POST query to pass in the username. If it fails to get the username the login page can then just ask for it. At least, maybe it will give you enough to Google now. Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Smarty template for parent-child form
Man-wai Chang wrote: Is there a template that presents a parent-child forms, for example, an invoice object which has a header(invoice no, date, customer code, invoice total) and multiple items (item no, item name, quantity, price, amount)? Go to http://smarty.php.net/manual/en/language.function.foreach.php What you do is assign the items to an array called, say, items. Then you use foreach in the template to iterate the array, just like you would in PHP itself. Example 7-8 (Contacts) is pretty close to what you're doing. Regards, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php