[PHP] IE9 Large Post Hangs for 5 Minutes Plus

[Christopher Cowan]

I'm working on an issue with IE9. I have a web app that posts a multipart form 
via Ajax. The content-length is about 1MB often larger (uploading GPS tracks). 
Chrome, Safari and Firefox all make the POST request then immediately (after 
the POST completes receives the response). IE on the other hand seems to hold 
on to the connection for up to five minutes (sometimes more). On Apache, the 
request eventually completes; on Nginx, the request never makes it to the 
php-fpm process.

ON Nginx I have the keep alives set to 65 seconds. Apache the keep alives are 
turned off (since I'm running mod_php under mpm-prefork). 

Any suggestions on how to fix this issue?

Chris Cowan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DB] PHP & Database Problems -- Code Snippets

[Christopher Jones]

I noticed the use of SQL concatenation like:


$allowed_fields = array
   (  'Site' =>$_POST['Site'], 'MedRec' => $_POST['MedRec'], 'Fname' => 
$_POST['Fname'], 'Lname' => $_POST['Lname'] ,
   'Phone' => $_POST['Phone'] , 'Sex' => $_POST['Sex']  , 'Height' => 
$_POST['Height']  );

if(empty($allowed_fields))
{
echo "ouch";
}

$query = "select * from Intake3 where 1 ";

foreach ( $allowed_fields as $key => $val )
{
if ( (($val != '')) )

{
$query .= " AND ($key = '$val') ";
}
$result1 = mysqli_query($cxn, $query);
}


and like


$query2 = "select * from Visit3 where 1 AND (Site = 'AA') AND (MedRec = 
$_GLOBALS[mdr])";


This is a "SQL Injection" security risk.  There is a lot of material
on the web about this, e.g
https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet

I cannot strongly enough suggest you rewrite the app to mitigate
against this issue.

Also, set error_reporting = E_ALL & E_STRICT in your php.ini file to
help you identify some of your other code issues.

Chris

--
christopher.jo...@oracle.com
http://twitter.com/#!/ghrd

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Uploading and creating an email attachment, WITHOUT a DB on server

[Christopher Svanefalk]

Addendum: what standard functions could I invoke to accomplish the file
system view part?

On Tue, Mar 27, 2012 at 2:37 PM, Christopher Svanefalk <
christopher.svanef...@gmail.com> wrote:

> Dear all,
>
> I am rather green to PHP and web programming in general, and would just
> like some pointers how to accomplish the following.
>
> I have a webpage on a remote host, which supports PHP but does not have a
> DB installed. Here, I have a form where the user can input personal
> credentials, which are then processed and sent as an email message to me
> from the server. This part work so far.
>
> I want to do the following: the user should be able to upload his/her CV.
> To do so, I need the following:
> 1) A way for the user to open a conventional file system view to select
> the file to upload
> 2) A way to take this file, add it as an attachment to the mail created in
> the form, and finally send the mail + attachment to my mail.
>
> Is this possible to do without intermediary storage in a DB? I.e. is it
> possible just to pass the attachment directly from working memory to the
> function for sending email? Or does it have to go intermediare storage?
>
> Thanks in advance for any help!
>
> --
> Best,
>
> Christopher Svanefalk
>
>


-- 
Best,

Christopher Svanefalk

[PHP] Uploading and creating an email attachment, WITHOUT a DB on server

[Christopher Svanefalk]

Dear all,

I am rather green to PHP and web programming in general, and would just
like some pointers how to accomplish the following.

I have a webpage on a remote host, which supports PHP but does not have a
DB installed. Here, I have a form where the user can input personal
credentials, which are then processed and sent as an email message to me
from the server. This part work so far.

I want to do the following: the user should be able to upload his/her CV.
To do so, I need the following:
1) A way for the user to open a conventional file system view to select the
file to upload
2) A way to take this file, add it as an attachment to the mail created in
the form, and finally send the mail + attachment to my mail.

Is this possible to do without intermediary storage in a DB? I.e. is it
possible just to pass the attachment directly from working memory to the
function for sending email? Or does it have to go intermediare storage?

Thanks in advance for any help!

-- 
Best,

Christopher Svanefalk

[PHP] Numeric help needed

[Christopher J Payne]

Hi everyone,

 

I am having a hard time with a numerical problem.

 

I need to round some numbers up and I've tried $round($number) and it
doesn't work so I'm misunderstanding something.

 

For example, if a user inputs 685000 I need it to round up to 69 or if
they input 149560 I need it to round up to 15.  What is the correct way
to do this as everything I have tried doesn't seem to affect the user
inputted figure at all.

 

Anyway help would REALLY be appreciated, I'm sure it's really simple but for
the life of me I'm stumped on why it's not working.

 

Chris

RE: [PHP] Online Form Creation

[Christopher Lee]

>My apologies if you took my comments as being rude. The point here is that if 
>you want advice, then we need to see what is causing you problems. Giving us 
>an outline of what you want isn't giving us anything other than "This is what 
>I want" -- with an implied "Do it".

Hi Tedd, I apologize as well Tedd. Reading back over my email it was not worded 
the best. I appreciate the assistance and promise to be more through when 
posting. This is part of the growing pains for me as a newbie.

Best,

Chris

-Original Message-
From: Tedd Sperling [mailto:tedd.sperl...@gmail.com]
Sent: Thursday, December 22, 2011 1:43 PM
To: PHP-General List
Cc: Christopher Lee
Subject: Re: [PHP] Online Form Creation

On Dec 22, 2011, at 11:22 AM, Christopher Lee wrote:
> Tedd,
>
> I appreciate your reply to my post. In no way do I expect anyone to code for 
> me. If that were the case I would hire someone. I have posted to this list 
> numerous times and, if I am not mistaken, the list is designed to ask for 
> suggestions, which I did. Being rude does not help anyone.
>
> I understand how to program radio buttons in a form that record 'instances' 
> of a response. I just was not sure how to set-up a similar matrix to allow 
> the user to enter a numerical value.
>
> I will follow your suggestion and submit my work.
>
> Best,
>
> Christopher

Christopher:

My apologies if you took my comments as being rude. The point here is that if 
you want advice, then we need to see what is causing you problems. Giving us an 
outline of what you want isn't giving us anything other than "This is what I 
want" -- with an implied "Do it".

My advice, the first step will be to create a form with elements like these:

http://rebel.lcc.edu/sperlt/citw229/examples/postform/index.php
http://rebel.lcc.edu/sperlt/citw229/examples/stickyradio/
http://rebel.lcc.edu/sperlt/citw229/examples/stickycheckbox/
http://rebel.lcc.edu/sperlt/citw229/examples/stickymultselect/

and then get it to work for you. If it fails, present it, and we'll comment.

Cheers,

tedd

PS: Everything you need for this first step is provided above. The next step 
will be cleaning the data and placing it into the database.


_
t...@sperling.com
http://sperling.com
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Online Form Creation

[Christopher Lee]

>Now, if you need help with writing the PHP that handles the data, then great!  
>This is the right place to ask!  But we need to see code you attempted, in 
>order to know your level of understanding, and so be able to guide better.

Hi Godiva, I appreciate all the great comments/suggestions from everyone. I 
probably could have worded my initial email a little better. Thank you to Tedd 
as well.

Best,

Christopher

-Original Message-
From: Govinda [mailto:govinda.webdnat...@gmail.com]
Sent: Thursday, December 22, 2011 12:15 PM
To: Christopher Lee
Cc: PHP-General List
Subject: Re: [PHP] Online Form Creation

> I understand how to program radio buttons in a form that record 'instances' 
> of a response. I just was not sure how to set-up a similar matrix to allow 
> the user to enter a numerical value.

Christopher,

Maybe Tedd was a little curt, but the language you used just made it seem like 
you had not done enough HTML work to really be able to sort out the difference 
between HTML problems (missing pieces in your understanding), and PHP problems.

HTML forms are totally independent of what you DO with the data that gets 
submitted when the user clicks the form's submit button.  HTML lets you lay out 
the form to look however you want..  (you can use HTML's ... 
to achieve the visual layout you want).  PHP is needed to HANDLE the data 
(receive it from the submitting form and save it to a db).   When you say, "You 
will see that the forms are in a matrix format", and, "...[you] are not sure 
how to set-up a similar matrix..."  it sounds like an HTML problem.  If you do 
need help with HTML layout, then practice, Google, and consulting an HTML list 
will be your best bet.

Now, if you need help with writing the PHP that handles the data, then great!  
This is the right place to ask!  But we need to see code you attempted, in 
order to know your level of understanding, and so be able to guide better.

> I will follow your suggestion and submit my work.


-Govinda
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Online Form Creation

[Christopher Lee]

On Dec 21, 2011, at 2:14 AM, Tedd Sperling wrote:

>I don't see a problem here.
>
>1. Figure out how to create a HTML form (Investigate HTML tables).
>2. Then write a PHP that will scrub the data and submit it to MySQL.
>
>The length and layout of the forms are of no significance.
>
>This is basic html/php -- try creating something and submit your work for our 
>review. If you want us to write the >code for you, please look elsewhere.

Tedd,

I appreciate your reply to my post. In no way do I expect anyone to code for 
me. If that were the case I would hire someone. I have posted to this list 
numerous times and, if I am not mistaken, the list is designed to ask for 
suggestions, which I did. Being rude does not help anyone.

I understand how to program radio buttons in a form that record 'instances' of 
a response. I just was not sure how to set-up a similar matrix to allow the 
user to enter a numerical value.

I will follow your suggestion and submit my work.

Best,

Christopher

-Original Message-
From: Tedd Sperling [mailto:tedd.sperl...@gmail.com]
Sent: Wednesday, December 21, 2011 12:05 PM
To: PHP-General List
Cc: Christopher Lee
Subject: Re: [PHP] Online Form Creation

On Dec 21, 2011, at 2:14 AM, Christopher Lee wrote:

> Hello All,
>
> I have two forms (see attached) that I would like to recreate and enable the 
> user to complete the form online. The data would be collected in a MySQL DB.
>
> http://ucensys.com/activities.pdf
>
> http://ucensys.com/guidelines.pdf
>
> You will see that the forms are in a matrix format. I am having trouble 
> figuring out the best way to create the form and ensure the data is collected 
> properly in the DB. Any suggestions would be greatly appreciated.
>
> Best,
>
> Christopher

I don't see a problem here.

1. Figure out how to create a HTML form (Investigate HTML tables).
2. Then write a PHP that will scrub the data and submit it to MySQL.

The length and layout of the forms are of no significance.

This is basic html/php -- try creating something and submit your work for our 
review. If you want us to write the code for you, please look elsewhere.

Cheers,

tedd

_
t...@sperling.com
http://sperling.com

This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Online Form Creation

[Christopher Lee]

Hello All,

I have two forms (see attached) that I would like to recreate and enable the 
user to complete the form online. The data would be collected in a MySQL DB.

http://ucensys.com/activities.pdf

http://ucensys.com/guidelines.pdf

You will see that the forms are in a matrix format. I am having trouble 
figuring out the best way to create the form and ensure the data is collected 
properly in the DB. Any suggestions would be greatly appreciated.

Best,

Christopher


This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

[PHP] PHP based online survey tool

[Christopher Lee]

Hello All,

I am looking to develop an online survey for a non-profit. The user should be 
able to complete the survey and see the results in the form of a visualization 
(i.e. pie chart) upon completion. I found this tool 
(http://www.iscripts.com/survey/)  but not sure how good it is. Does anyone 
have any suggestions for PHP based online survey tools? Any suggestions would 
be greatly appreciated. Thank you all in advance.

Best,

Christopher
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

RE: [PHP] RSS Feed

[Christopher Lee]

Hello Matijn,

Thank you for the response and the link. I had not tried Google but, instead, 
reached out to the list first. Thought I would get people who have developed 
similar tools with success..:-) I will certainly reference the link and give 
this  try.

Best,

Christopher

-Original Message-
From: Matijn Woudt [mailto:tijn...@gmail.com]
Sent: Tuesday, November 15, 2011 4:38 PM
To: Christopher Lee
Cc: php-general@lists.php.net
Subject: Re: [PHP] RSS Feed

Hi,

Have you tried google?
I tried and top hit was this one:
http://stackoverflow.com/questions/1501394/writing-an-rss-feed-to-mysql-using-php

I guess that's all you need.

Matijn

On Tue, Nov 15, 2011 at 9:30 PM, Christopher Lee  wrote:
> Hello All,
>
> I am interested in importing RSS Feed content into a MySQL database and 
> displaying the aggregated content on a website. I am thinking of developing 
> the website within a CMS type framework (i.e. Drupal). If anyone can refer me 
> to any resources in this area then that would be great. I hope that I have 
> adequately explained my needs. Thank you all in advance for your help.
>
> Best,
>
> Christopher
> This message is for the designated recipient only and may contain privileged, 
> proprietary, or otherwise private information. If you have received it in 
> error, please notify the sender immediately and delete the original. Any 
> other use of the email by you is prohibited.
>
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

[PHP] RSS Feed

[Christopher Lee]

Hello All,

I am interested in importing RSS Feed content into a MySQL database and 
displaying the aggregated content on a website. I am thinking of developing the 
website within a CMS type framework (i.e. Drupal). If anyone can refer me to 
any resources in this area then that would be great. I hope that I have 
adequately explained my needs. Thank you all in advance for your help.

Best,

Christopher
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

RE: [PHP] Friday Distraction

[Christopher Lee]

-Original Message-
From: Govinda [mailto:govinda.webdnat...@gmail.com]
Sent: Friday, October 21, 2011 4:31 PM
To: Tedd Sperling
Cc: PHP General
Subject: Re: [PHP] Friday Distraction

> Not meaning to be ignorant, but why?
>
> What's the point here?
>
> I have grandkids and about a dozen other species of relatives/friends trying 
> to get me to do stuff (i.e., like/friend/post/reply/accept) on FaceBook et 
> al, but I don't see the point. It looks like a total waste of time. Why 
> should I care if someone post something on their FaceBook account? I would 
> rather spend my time programming, teaching programming, and reading about 
> programming.
>
> Maybe I'm just getting too old for this stuff.
>
> Cheers,
>
> tedd

First, I hope that I am posting my response to Tedd correctly (no top posts..). 
Second, I totally agree with Tedd and I am only 36...:-)

Best,

Christopher


Tedd,
Your naturalness is always endearing, even when you play grumpy.  ;-)

It may seem like overly zealous waste of technology.. but look at it from 
another angle - It's just plain ole (ancient) human need for social 
interaction... piped through the latest tools.
The girls anyway certainly love FaceBook, et al., for the same reasons they 
ever loved the chance to compare social notes.

I did not use the takethislollipop.com app, so I don't know either what is its 
point (I hesitate like others said they do, to let apps grab all my FB data), 
but here I was just commenting on FB and social apps in general.

>From a programmer's perspective, I would say that selling things is just as 
>boring as aimless socializing.  WHAT ARE YOU programming anyway?  ;-) We 
>programmers just keep track of other peoples' details... and once the novelty 
>of solving problems (for solving sake) wears off, then it seems to me that 
>programming, as such, is no more interesting, in the end, than the stuff the 
>code serves.

What does truly uplifting/evolutionary code look like anyway?

-Govinda
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: 
http://www.php.net/unsub.php

This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] book quest

[Christopher Lee]

I agree with Daniel. I would be willing to contribute to that type of 
collaborative initiative.

Best,

Christopher Lee

-Original Message-
From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of Daniel Brown
Sent: Wednesday, September 28, 2011 7:24 PM
To: Andy McKenzie
Cc: php-general@lists.php.net
Subject: Re: [PHP] book quest

On Wed, Sep 28, 2011 at 19:13, Andy McKenzie  wrote:
>
> I agree with Bastien -- I've had great luck with the PHP books.
> "Beginning PHP4" has a permanent place on my shelf, even though PHP4
> is outdated.  "Beginning PHP5.3" hasn't quite supplanted it as a
> concept book, but is my go-to for "here's a way to solve this
> particular problem using a new version of PHP" book.

I'm still waiting for the day when folks on this list get together and say, 
"let's put all of our notes together, as beginners and intermediates, and put 
together a book for the newcomers, from the newcomers, by the newcomers, who 
can relate to them without the taint of overexperience."

If properly presented, it would not only be easy to shop to publishers, but 
it could also be one of the first truly collaborative publications to exist on 
biological remnants.

--

Network Infrastructure Manager
http://www.php.net/

--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: 
http://www.php.net/unsub.php

This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] PHP frameworks

[Christopher Lee]

Hello,

I am new to PHP and wanted to ask a question which I think is related to this 
discussion thread. What are you referring to when using the term "PHP 
Framework?" I downloaded Eclipse-JEE with PHP Development Tools. Would this 
development environment constitute a PHP Framework?

Best,

Christopher

From: Laruence [larue...@baidu.com]
Sent: Sunday, July 24, 2011 11:19 PM
To: Floyd Resler
Cc: PHP
Subject: Re: [PHP] PHP frameworks

Hi:

if you have high performance need, you can considering Yaf( a PHP
framework which is build in PHP extension)

http://pecl.php.net/package/Yaf

thanks

Best regards

惠新宸 Xinchen Hui
http://www.laruence.com/


On 2011/7/22 20:38, Floyd Resler wrote:
> On Jul 22, 2011, at 8:33 AM, Richard Quadling wrote:
>
>> On 22 July 2011 13:26, Floyd Resler  wrote:
>>> On Jul 21, 2011, at 11:41 PM, Micky Hulse wrote:
>>>
>>>> On Thu, Jul 21, 2011 at 6:44 PM, Shawn McKenzie  
>>>> wrote:
>>>>> A la CakePHP.  Will automagically build controllers and views for the
>>>>> admin of your tables/models if you wish.
>>>> Oooh, interesting! I will check out CakePHP! Thanks for tip! :)
>>>>
>>> I actually use my own framework.  I needed a very light weight, flexible 
>>> framework.  I designed it from the ground up to be very flexible and to use 
>>> AJAX and jQuery on the client side.  If you'd be interested in check it 
>>> out, just let me know and I'll give you a link to the source code.
>>>
>>> Take care,
>>> Floyd
>>
>> http://www.brandonsavage.net/why-every-developer-should-write-their-own-framework/
>>
> Good article!  I knew there was a reason why I never released mine but just 
> offer it up on occasion to someone who might find it useful!  :)
>
> Take care,
> Floyd
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] best ways to recruit volunteers for a PHP framework

[Christopher Lee]

I would definitely be interested in working on/developing the user manual for 
the project. You have my interest.

Best,

Christopher

From: jean-baptiste verrey [jeanbaptiste.ver...@gmail.com]
Sent: Tuesday, June 28, 2011 4:24 PM
To: php-general@lists.php.net
Subject: [PHP] best ways to recruit volunteers for a PHP framework

Hi everybody,

I have developed an ORM framework in PHP for the last 2 years and it's
becoming a more professional and nice solution so before doing a
new complete revamp I am going to look for volunteer developers to do a real
good version.

But I am wondering what would be the best and clearest way to present the
 project in order to get some people interested in it ?

I was thinking about
- showing the previous versions
- showing use cases
- showing unit testing (I'm doing test driven development)
- a short user manual (the project doesn't have any user manual yet!)

Thanks in advance!
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] all local sites stopped working ... [SOLVED]

[Marc Christopher Hall]

-Original Message-
From: cr.vege...@gmail.com [mailto:cr.vege...@gmail.com] 
Sent: Saturday, October 17, 2009 8:20 AM
To: Tommy Pham; general php
Subject: Re: [PHP] all local sites stopped working ... [SOLVED]

- Original Message - 
From: "Tommy Pham" 
To: "general php" 
Sent: Saturday, October 17, 2009 2:03 PM
Subject: Re: [PHP] all local sites stopped working ...


> From: "cr.vege...@gmail.com" 
> To: Tommy Pham ; general php 
> 
> Sent: Sat, October 17, 2009 4:49:53 AM
> Subject: Re: [PHP] all local sites stopped working ...
>
>
> - Original Message - From: "Tommy Pham" 
> To: "general php" 
> Sent: Saturday, October 17, 2009 1:29 PM
> Subject: Re: [PHP] all local sites stopped working ...
>
>
>> - Original Message 
>>> From: "cr.vege...@gmail.com" 
>>> To: Tommy Pham ; general php 
>>> 
>>> Sent: Sat, October 17, 2009 4:19:17 AM
>>> Subject: Re: [PHP] all local sites stopped working ...
>>>
>>> - Original Message - From: "Tommy Pham"
>>> To: "general php"
>>> Sent: Saturday, October 17, 2009 1:02 PM
>>> Subject: Re: [PHP] all local sites stopped working ...
>>>
>>>
>>> > - Original Message 
>>> >> From: "cr.vege...@gmail.com"
>>> >> To: Tommy Pham ; general php
>>> >> Sent: Sat, October 17, 2009 3:57:48 AM
>>> >> Subject: Re: [PHP] all local sites stopped working ...
>>> >>
>>> >> - Original Message - From: "Tommy Pham"
>>> >> To: "general php"
>>> >> Sent: Saturday, October 17, 2009 12:21 PM
>>> >> Subject: Re: [PHP] all local sites stopped working ...
>>> >>
>>> >>
>>> >> > - Original Message 
>>> >> >> From: "cr.vege...@gmail.com"
>>> >> >> To: John Black
>>> >> >> Cc: php-general@lists.php.net
>>> >> >> Sent: Sat, October 17, 2009 3:17:22 AM
>>> >> >> Subject: Re: [PHP] all local sites stopped working ...
>>> >> >>
>>> >> >> - Original Message - From: "John Black"
>>> >> >> To:
>>> >> >> Cc:
>>> >> >> Sent: Saturday, October 17, 2009 11:53 AM
>>> >> >> Subject: Re: [PHP] all local sites stopped working ...
>>> >> >>
>>> >> >>
>>> >> >> > cr.vege...@gmail.com wrote:
>>> >> >> >> In php.ini I defined: error_log = >> >> >> 
>>> >> >> >> C:\Inetpub\wwwroot\PHPError.log
>>> >> >> >> then restarted the server with iisreset.exe
>>> >> >> >> then started with IE: http://127.0.0.1/.../phpinfo.php
>>> >> >> >> and after 10 minutes still "Connecting / Waiting for >> >>
>>> .../phpinfo.php"
>>> >> >> >> and still no C:\Inetpub\wwwroot\PHPError.log created ...
>>> >> >> >> Other suggestions ?
>>> >> >> >> TIA, Cor
>>> >> >> >
>>> >> >> > So it is not just .php files which will not work? If you have >>

>>> >> >> >  >> >> >  >
>>> trouble >
>>> >> with
>>> >> >> .html files as well then it almost sounds like a firewall issue >>

>>> >> >>  >> since >>
>>> your
>>> >> >> connection "hangs" until timeout.
>>> >> >> >
>>> >> >> > Try this to see if the webserver is accepting a connection:
>>> >> >> > telnet 127.0.0.1 80
>>> >> >> > Then type the two lines below, ending each one with the enter 
>>> >> >> > key >> >> >  >> >
>>> (new >
>>> >> line)
>>> >> >> > HEAD / HTTP/1.1
>>> >> >> > Host: 127.0.0.1
>>> >> >> > (hit enter once more)
>>> >> >> >
>>> >> >> > And you should get an answer from your server, mine looks like 
>>> >> >> >  >> >> > this:
>>> >> >> > HTTP/1.1 200 OK
>>> >> >> > Date: Sat, 17 Oct 2009 09:49:16 GMT
>>> >> >> > Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8k DAV/2

>>> >> >> >  >> >> >  >
>>> >> SVN/1.6.5
>>> >> >> PHP/5.3.0 with Suhosin-Patch
>>> >> >> > Content-Type: text/html;charset=ISO-8859-1
>>> >> >> > Connection closed by foreign host.
>>> >> >> >
>>> >> >> >
>>> >> >> > Does this work?
>>> >> >>
>>> >> >> John,
>>> >> >> Opening a *.HTM file from Windows Explorer goes well.
>>> >> >
>>> >> > It's not the same thing as using your web browser and try to view 
>>> >> >  >> > the >
>>> *.HTM
>>> >> file(s) through IIS.  Notice the protocol difference file:// vs >> 
>>> >> http://.
>>> >> >
>>> >> >> So the webserver is accepting a connection ...
>>> >> >> Nevertheless, where should I enter: telnet 127.0.0.1 80 ?
>>> >> >> From the OS prompt C:\  ?
>>> >> >
>>> >> > In a command prompt.  Directory path doesn't matter.
>>> >> >
>>> >> From the C:\ prompt, I did:
>>> >> telnet 127.0.0.1 80[Enter]
>>> >> HEAD / HTTP/1.1[Enter]
>>> >> Host: 127.0.0.1 [Enter]
>>> >> [Enter]
>>> >> but all I get is a black window ...
>>> >
>>> > Looks like John was right about the firewall.  What service pack did >

>>> > you have
>>> before your recent windows update?  You'll need to disable the firewall 
>>> in
>>> services and try the telnet again.
>>> >
>>>
>>> Tommy,
>>> I did and do have Windows XP SP3. My firewall was turned off.
>>> I turned it On, but http://127.0.0.1/.../phpinfo.php is not working.
>>> I turned it Off, and http://127.0.0.1/.../phpinfo.php is not working
>>> and telnet commands don't show anything ...
>>> Any other idea ?
>>> TIA, Cor
>>
>
>> 1) Did you run that command for granting pe

RE: [PHP] mod primary key field - newbie question

[Marc Christopher Hall]

-Original Message-
From: Floyd Resler [mailto:fres...@adex-intl.com] 
Sent: Monday, July 13, 2009 5:41 PM
To: c...@hosting4days.com
Cc: php-general@lists.php.net
Subject: Re: [PHP] mod primary key field - newbie question

Sounds like you want to set the auto increment.  To do that, use this  
query:
alter table `table_name` auto_increment 1;

That will reset it to one.  Although I've never tried it, I assume you  
can give it another value.

Take care,
Floyd

On Jul 13, 2009, at 5:35 PM, c...@hosting4days.com wrote:

> newbie question ... I have a MySQL table where I want to update  
> (renumber) the primary numeric key field.
>
> - I successfully turned field off as a primary key index and UN auto  
> incremented it
> - then created new sequential numbers for it
> - then turned back on primary key index and re added auto increment in
>
>
> BUT when I make a new record it does NOT  start where new numbers stop
>
> last is 51
> next should be 52
>
> but jumps to 157
>
> Q: is there a way to reset the NEXT SERIAL ID NUMBER somewhere? how  
> do I fix this?
>
>
> --
> Thanks - RevDave
> Cool @ hosting4days . com
> [db-lists 09]
>
>
>
"alter table `table_name` auto_increment 1;"
Correct you can give it any value you wish it to start FROM. ie if you pass
51 as the value then the next will be Auto increment value will be 52
 

__ Information from ESET Smart Security, version of virus signature
database 4240 (20090713) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: How to authnticate and use contents from ${HOME}

[Marc Christopher Hall]

First time I've ever seen LAMP described as a language...
 

__ Information from ESET Smart Security, version of virus signature
database 4234 (20090711) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] CSS & tables

[Marc Christopher Hall]

and so I don't feel like a complete ass

http://jeffhowden.com/code/css/forms/ 
 

__ Information from ESET Smart Security, version of virus signature
database 4084 (20090518) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] CSS & tables

[Marc Christopher Hall]

I would like to add that last time I checked, this is the PHP Mailing List
and not CSS or anything else. Can we please get back to regular PHP banter?





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 4084 (20090518) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 4084 (20090518) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] CamelCase conversion to proper_c_style

[Marc Christopher Hall]

My suggestion is to use the Find and Replace feature of your code editing
software. Sorry to disagree with Mr. Hayes, however, if you do as he says
and replace as you go you will be creating errors as these variables,
functions, etc will most likely be CaSe SenSItiVe. Change one then you need
to change all. 

As always, do not forget the first three rules of code writing; backup,
backup, backup.

Marc Hall

"The difference between genius and stupidity is that genius has its limits."


*
Hi,

> I know it's probably heresy for a lot of coders, but does anyone know a
> function or class or regexp or somesuch which will scan through a PHP
> file and convert all the CamelCase code into proper C-type code? That
> is, "CamelCase" gets converted to "camel_case". I snagged a bunch of
> someone else's PHP code I'd like to modify, but it's coded the wrong
> way, so I'd like to fix it.
>
> (I'm teasing you CamelCase people. But I really would like to change
> this code around, because it doesn't happen to be my preference.)

I'd say, if you must, then change as you go. If you do it all in a
oner you'll likely introduce a shed load of problems.

-- 
Richard Heyes
HTML5 graphing: RGraph (www.rgraph.net)
PHP mail: RMail (www.phpguru.org/rmail)
PHP datagrid: RGrid (www.phpguru.org/rgrid)
PHP Template: RTemplate (www.phpguru.org/rtemplate)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 4036 (20090427) __

The message was checked by ESET Smart Security.

http://www.eset.com




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] 800 pound gorilla

[Marc Christopher Hall]

-Original Message-
From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of Daniel
Brown
Sent: Monday, April 20, 2009 9:52 AM
To: Marc Christopher Hall
Cc: php-general@lists.php.net
Subject: Re: [PHP] 800 pound gorilla

On Mon, Apr 20, 2009 at 09:48, Marc Christopher Hall
 wrote:
> Sun buys MySQL and now Oracle buys Sun (not final, yet). What will happen
> with the main db we PHP'ers have come to know and love especially since v
5

Become a MySQL developer and help make the decision.

-- 

daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
50% Off All Shared Hosting Plans at PilotPig: Use Coupon DOW1


Ahhh, I love the smell of condescension first thing in the morning. BTW I am
a MySQL developer thank you. A developer does not an owner make. Where do
you get the idea that Oracle would put this to a democratic vote?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] 800 pound gorilla

[Marc Christopher Hall]

Sun buys MySQL and now Oracle buys Sun (not final, yet). What will happen
with the main db we PHP'ers have come to know and love especially since v 5

RE: [PHP] 800 pound gorilla

[Marc Christopher Hall]

-Original Message-
From: Bob McConnell [mailto:r...@cbord.com] 
Sent: Monday, April 20, 2009 9:59 AM
To: Marc Christopher Hall; php-general@lists.php.net
Subject: RE: [PHP] 800 pound gorilla

From: Marc Christopher Hall
> 
> Sun buys MySQL and now Oracle buys Sun (not final, yet). What will
happen
> with the main db we PHP'ers have come to know and love especially
since v 5

Speak for yourself, I prefer PostgreSQL. But there are already two
announced forks of MySQL, created by developers that left after Sun
bought the company. So I don't think you'll be in any trouble. I did a
Google search last week on "executives departing MySQL" and found them.

Bob McConnell




This being a PHP forum I will stand down on a performance/stability debate
over PostgreSQL and MySQL. These responses are what I was fishing for. My
gut reaction was "Not again!" and this time I initially feared a future axe
to MySQL. Upon further thought (and a few deep breaths) I agree that for the
near future, an immediate canning of MySQL would not be in Oracle's best
interest. However, since Oracle has been the competition and (I had no idea
other developers had already begun a fork of MySQL) I believe that Oracle
will close the door on MySQL eventually.

Time will tell. Meanwhile, back to work for me.

-Marc Hall


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Possible Server Infection?

[Marc Christopher Hall]

I recommend switching to Hostgator for your ded and ask them for their
custom modsec. I'm not affiliated with them except that I am a customer and
have been for 6 years. I do bring this up because you stated that they "do
not know" which if true tells me that do not know how to do even the
smallest things necessary to manage a box. Of course, as an afterthought,
are you paying for a managed or unmanaged server?

Just my 2 cents.





-Original Message-
From: sono...@fannullone.us [mailto:sono...@fannullone.us] 
Sent: Saturday, April 04, 2009 7:12 PM
To: php-general@lists.php.net
Subject: [PHP] Possible Server Infection?

Hi all,

I was wondering if someone might know about a problem I'm having on

my server.  It appears that I've been infected by a rogue PHP  
script(?).  Something has gone through my server and placed .htaccess  
files in every directory that didn't have one with contents that look  
like this:

Options -MultiViews
ErrorDocument 404 //graphics/cc/52.php

The path is different for each file and corresponds to the directory

that it's in.  The php document name is a different number for each  
file I've found.

Does this sound familiar to anyone?  What would be the purpose of  
placing files like these in the directories?  As far as I know, there  
isn't a file called "52.php" anywhere on my site, so this doesn't  
make any sense to me.

I realize that this is a very general question, but I'm hoping that

someone has seen or heard of this type of thing before and can help me  
eliminate the problem.

I'm using A2 Hosting and they don't know why this happened.

Thanks,
Frank

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3988 (20090404) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3988 (20090404) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Security Support

[Marc Christopher Hall]

I is a hi skool gradjuate

-Original Message-
From: abdulazeez alugo [mailto:defati...@hotmail.com] 
Sent: Sunday, March 29, 2009 7:10 PM
To: gp...@thenetnow.com; php-general@lists.php.net
Subject: RE: [PHP] Security Support



 

> From: gp...@thenetnow.com
> To: php-general@lists.php.net
> Date: Sun, 29 Mar 2009 17:12:32 -0400
> Subject: [PHP] Security Support
> 
> Good Morning / Afternoon,
> 
> We run several of our own servers:
> 
> - Dell Power Edge 1U, Pentium,
> - FreeBSD (6.x soon to be 7.x)
> - along with all the standard Web Application installation (PHP Apache
Exim, 
> Pop3, Proftp, MySQL etc etc).
> 
> What I am asking here, is if any one in this community has the knowledge
to 
> act as a security consultant in an occasional, as required basis. Anyone 
> interested should have expience with Apache, PHP, Perl on the FreeBSD 
> platform.
> 
> We are more than willing to compensate for services rendered, and are more

> than willing to discuss terms.
> 
> In the end, we would be more than willing to share any non-fudiciary 
> information with anyone who could find it useful (via this or other
mailing 
> lists).
> 
> We are asking any interested parties to contact us off-list such that we 
> don't need to make any private matters public.
> 
> This is a bonified request, as we can setup servers ourselves, but simply
do 
> not have the time to research various run time, and security related
items.
> 
> TIA,
> 
> -Grant 


Hey Guys,

Let's be honest with ourselves here. If you've applied for this job, let me
see your hands up!!!

 

Alugo Abdulazeez

www.frangeovic.com

_
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx


__ Information from ESET Smart Security, version of virus signature
database 3973 (20090329) __

The message was checked by ESET Smart Security.

http://www.eset.com

 

__ Information from ESET Smart Security, version of virus signature
database 3973 (20090329) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Frameworks / obstinate?

[Marc Christopher Hall]

My personal take on this goes something like this:

I'm not a huge fan of re-inventing the wheel. However, it seems that since
the first stable release of PHP 5 into the wild a much needed emphasis has
been placed on OOP solutions within the PHP world. Don't read me wrong, I
know the importance wasn't lost on folks who already had a good programming
head on their shoulders, yet, in all fairness our hands were a bit tied (and
I feel that I may receive some argument here) until PHP 5 reached its first
stable release. 

That being said, I find that quite a few of the frameworks still seem to be
fledglings and a lot of the new OS projects being built on them are like
wheels with some lumps. Even a few commercial projects seem to be like this.
I also have a positive outlook with PHP5 and 6 and that is that this
language is finally reaching maturity. It is something that I believe and
hope allow for continued growth of our new projects without feeling the need
to dump them like I saw with the PHP4 projects. 

On a final rambling note, I like some of the new frameworks I've looked into
recently, like CodeIgniter, Yii even Sapphire holds some promise (have a
look at the cleaner version in progress). I find myself wanting to add to
them, wanting to help improve them and occasionally I too have a fleeting
moment where I think "How would my framework be different if I built one
from scratch?" Then I realize I don't have that kind of time! lol My clients
are waiting. Also, I don't seem to have much trouble switching between
frameworks or languages for that matter (PERL, PHP, ASP(bleh), JavaScript,
ActionScript) and I guess because of that I find myself just trying to find
the best solution for the clients need at hand and build from there.


 

-Original Message-
From: Daniel Kolbo [mailto:kolb0...@umn.edu] 
Sent: Sunday, March 22, 2009 4:54 PM
To: php-general@lists.php.net
Cc: Tony Marston
Subject: [PHP] Frameworks / obstinate?

Tony Marston wrote:
> "Nitsan Bin-Nun"  wrote in message 
> news:d47da0100903220910q7bb66706s6255f0fc89b98...@mail.gmail.com...
>   
>> Don't forget to attach the message to the list.
>>
>> Regarding the frameworks, which of them, for your opinion, will take the
>> fastest time to learn and get into code?
>> 
>
> Generally speaking if something is fast to learn it is also the first to
run 
> out of steam. If it doesn't have more features than you can learn in five 
> minutes the it doesn't have enough features to do anything useful, or with

> any degree of flexibility.
>
>   
Hello,

I changed the subject because I did not want to steal Nitsan's thread.
There seem to be a ton of frameworks, one-click installation web 
applications, the latest and greatest wiz-bang applications out there.  
I find myself extremely reluctant to dig into these code sets.  It seems 
when I do attempt to use one of these pre-coded applications I end up 
eventually wanting to modify the code outside of the original extent of 
the project.  Invariably I get frustrated and end up wishing I initially 
begun the development from scratch.  Employers seem to be wanting me to 
have experience with all kinds of 'gimicky' solutions, but I am 
reluctant to be constantly learning new applications (that i'd prefer to 
rewrite myself).  Am I just being hard headed and reluctant to change, 
or is my stance justified?  I suppose the answer is the middle-path.  
That is, read some new projects, take the bits I like, leave the bits I 
don't, etc...The problem is this isn't very marketable.  But I suppose, 
the proof is in the pudding.  What a banal way to end an email, eh?

What are your thoughts in regard to these two forces: wiz-bang 
frameworks vs. raw php development?
thanks,





__ Information from ESET Smart Security, version of virus signature
database 3953 (20090321) __

The message was checked by ESET Smart Security.

http://www.eset.com

 

__ Information from ESET Smart Security, version of virus signature
database 3953 (20090321) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: So called "PHP Expert"

[Marc Christopher Hall]

This is why I am pushing for legislation to make this a licensed profession.

-Original Message-
From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] 
Sent: Friday, March 20, 2009 9:18 PM
To: Shawn McKenzie
Cc: php-general@lists.php.net
Subject: Re: [PHP] Re: So called "PHP Expert"

On Fri, 2009-03-20 at 18:57 -0500, Shawn McKenzie wrote:
 <דניאל דנון wrote:
> > I'm a member of some forums about some topics,
> > One of them include a programming forum.
> > 
> > Now, I've visited there a week ago and saw a topic with the title "Free
> > security",
> > Someone who calls himself a PHP expert (and said that he could teach me PHP
> > since my level is so low), and pretends to have so many clients,
> > Posted the following code.
> > 
> > The code is written badly, and in his words - "its the best security,
> > without this you aren't secured".
> > Now, I am looking for a way to explain to him he is no PHP Professional, but
> > I can't find the right sentence. Will you help me?
> > And here is the code of the so-called "PHP Professional" who has "very large
> > amount of big clients" and "can teach me PHP".
> > Help me find something to say to him - I am not so good at that kind of
> > stuff
> > 
> > Kind regards,
> > Daniel
> > 
> > 
> > * > ###
> > ## aNtisQL by Moriel Pahima.
> > ###
> > $getadd=strtolower($_SERVER[REQUEST_URI]);
> > $adr1 = $getadd;
> > $adr2x = explode("?",$adr1);
> > $adr = $adr1;
> > foreach( $_POST as $post => $value )
> > $postcc.="$post => $value\n";
> > foreach ( $_COOKIE as $cook => $value )
> > $cookiecc.="$cook => $value\n";
> > foreach ( $_GET as $get => $value )
> > $getcc.="$get => $value\n";
> > ###
> > check($adr1);
> > check($postcc);
> > check($getcc);
> > check($cookiecc);
> > function check($antisql){
> > if (
> > eregi("union",$antisql)&&eregi("from",$antisql)
> > Or
> > eregi("ibf_",$antisql)&&eregi("select",$antisql)
> > Or
> > eregi("insert",$antisql)&&eregi("order",$antisql)
> > Or
> > eregi("update",$antisql)&&eregi("where",$antisql)
> > Or
> > eregi("`",$antisql)&&eregi("truncate",$antisql)
> > Or
> > eregi("null",$antisql)&&eregi("alter",$antisql)
> > ){
> > errorview();
> > }
> > if (
> > eregi(h3x("union"),$antisql)&&eregi(h3x("from"),$antisql)
> > Or
> > eregi(h3x("ibf_"),$antisql)&&eregi(h3x("select"),$antisql)
> > Or
> > eregi(h3x("insert"),$antisql)&&eregi(h3x("order"),$antisql)
> > Or
> > eregi(h3x("update"),$antisql)&&eregi(h3x("where"),$antisql)
> > Or
> > eregi(h3x("`"),$antisql)&&eregi(h3x("truncate"),$antisql)
> > Or
> > eregi(h3x("null"),$antisql)&&eregi(h3x("alter"),$antisql)
> > ){
> > errorview();
> > }
> > if (
> > eregi(h3x("UNION"),$antisql)&&eregi(h3x("FROM"),$antisql)
> > Or
> > eregi(h3x("IBF_"),$antisql)&&eregi(h3x("SELECT"),$antisql)
> > Or
> > eregi(h3x("INSERT"),$antisql)&&eregi(h3x("ORDER"),$antisql)
> > Or
> > eregi(h3x("UPDATE"),$antisql)&&eregi(h3x("WHERE"),$antisql)
> > Or
> > eregi(h3x("`"),$antisql)&&eregi(h3x("TRUNCATE"),$antisql)
> > Or
> > eregi(h3x("NULL"),$antisql)&&eregi(h3x("ALTER"),$antisql)
> > ){
> > errorview();
> > }
> > }
> > ###
> > ## All Rights Reserved!
> > ###
> > function errorview(){
> > echo << > 
> > aNtisQL ANTI SQL-INJECTION SYSTEM 
> > by Moriel Pahima
> > 
> > antisql;
> > die();
> > }
> > ###
> > function h3x($envar){
> > $hax3d = bin2hex($envar);
> > $hax3d  = chunk_split($hax3d , 2, "%");
> > $hax3d  = "%" . substr($hax3d , 0, strlen($hax3d ) - 1);
> > return $hax3d;
> > }
> > ?>*
> > 
> 
> Tell him that the PHP experts and me (PHP hobbyist) on this list won't
> even pick through his code because it is a garbled mass of shit!
> 
> Maybe someone else will disagree and say that its a masterpiece, then
> I'll bow out gracefully.
> 
> -- 
> Thanks!
> -Shawn
> http://www.spidean.com
> 
Nah, the GMS managed to pretty much cover it!


Ash
www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature 
database 3952 (20090320) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature 
database 3952 (20090320) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Stopping bad entries in PHP form

[Marc Christopher Hall]

IP lookups are like Marxism, great idea in theory, terrible in reality. IP's
can be spoofed. The best recommendation I can think of would be to add some
word filters to your (I'm assuming javascript) form validation script. Even
here caution needs to be used, i.e don't filter Moscow because there is a
Moscow, Idaho




-Original Message-
From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] 
Sent: Thursday, March 19, 2009 5:19 PM
To: Shawn McKenzie
Cc: php-general@lists.php.net
Subject: Re: [PHP] Stopping bad entries in PHP form

On Thu, 2009-03-19 at 16:04 -0500, Shawn McKenzie wrote:
> Ashley Sheridan wrote:
> > On Thu, 2009-03-19 at 13:46 -0700, sono...@fannullone.us wrote:
> >>I have a PHP form that allows end users to request a sample of the  
> >> products we sell.  Unfortunately, a person/people have found it and  
> >> are sending in bad requests.  We sell only within the US, and so I've  
> >> set up the form so that they must choose one of the 50 States.  But we

> >> keep getting requests with countries in the city field, i.e. "Moscow  
> >> Russia".
> >>
> >>Is there a way that I can scan for country names, etc. in the text  
> >> fields and stop a request from going through if it finds one of those  
> >> "banned" words?  I've searched for a solution but haven't been able to

> >> find it.
> >>
> >>If this is not enough info, please let me know.  Also, I only know  
> >> enough PHP just to be dangerous, so please be kind. =;)
> >>
> >> Thanks,
> >> Frank
> >>
> > Why make them enter the details? Let them choose from a select list
> > instead, forcing them to select a state.
> > 
> > 
> > Ash
> > www.ashleysheridan.co.uk
> > 
> 
> Ummm...  And what if they enter or select Texas?  You consider it a
> valid request even though they are really from Moscow and the other
> fields may be junk?
> 
> -- 
> Thanks!
> -Shawn
> http://www.spidean.com
> 
Is it viable to couple it with an IP lookup to see the country they
appear to be visiting from?


Ash
www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3949 (20090319) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3949 (20090319) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] PHP Site Security issue

[Marc Christopher Hall]

Original message:


I suggest you put in a support ticket with GoDaddy. The URL's are not
genuine and beyond that I would hazard a guess that possibly your site login
has been compromised. Again, contact GoDaddy or whomever your hosting
provider is. (You said you domain is with GD but you didn't say they were
the host; I am just assuming you meant host.)


Added message:
Anybody else get bounced by the list when replying to this thread? And how
is it Pravinc's email didn't get bounced for the inclusion of links and the
replies that included the message did?
 

__ Information from ESET Smart Security, version of virus signature
database 3948 (20090319) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Smarty Tips and Techniques

[Marc Christopher Hall]

The following comment is not intended to be helpful

*smacks head on desk repeatedly...*


This comment is..

I would hazard to say that if you are unwilling or unable to grasp OOP, MVCs
and any decent framework that is necessary then maybe stepping back and
tackling only things you can grasp. I do not mean to come across
condescending and I apologize if I have anyway; however, I do not see an
alternative solution for you. Stick to what you are comfortable with and
think about outsourcing the OOP to someone you can trust to write decent
code.





-Original Message-
From: Bob McConnell [mailto:r...@cbord.com] 
Sent: Thursday, March 19, 2009 11:06 AM
To: Virgilio Quilario
Cc: php-general@lists.php.net
Subject: RE: [PHP] Smarty Tips and Techniques

From: Virgilio Quilario
>> That looks nice, but how do I get to the point where I can understand
>> how to use it?
>>
>> I have also looked at the Smarty site , but
>> their documents assume significant experience in building and using
>> templates.
>>
>> Where can I find guidance or tutorials on how to do all of this,
>> starting with only a rudimentary knowledge of HTML and PHP. It would
be
>> best if they also focused on procedural rather than object oriented
>> code.
> 
> 
> When I started learning smarty, I spent most of my time doing research
> and that's really tiresome and it is so hard to find examples.
> Experimented a lot and listed those what's possible, then applied them
> to my projects.
> 
> Now to make them handy I posted them to my site so i can have a look
> whenever and wherever.
>
http://www.jampmark.com/php-programming/16-very-useful-smarty-scripting-
tips-and-techniques-to-make-templates-smarter.html
> 
> As a first step, maybe you should see the crash course at smarty
> http://www.smarty.net/crashcourse.php

Hi Virgil,

After your last post here, I looked at your site, then the Smarty site.
That was what triggered this question. Templates are a black art to me.
I don't even know where to begin to understand them. Every reference I
have looked at so far assumes that I already understand the MVC pattern,
which is also one of the dark arts.

Let me put it simply. I can't grok OO. I tried to do OOP for several
years, but it simply does not make any sense to me. As a direct result,
I don't understand the concept nor application of patterns. So how do I
figure out how to use templates without having to absorb those first?
Can I learn enough this way to determine if a site can be converted from
the current state (PHP and XHTML spaghetti) into templates and begin
that transformation?

Thank you,

Bob McConnell

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3948 (20090319) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3948 (20090319) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] left join does not work, why?

[Marc Christopher Hall]

Not to mention if this is written for v 5 then you need to wrap your joins
in ()

-Original Message-
From: Jan G.B. [mailto:ro0ot.w...@googlemail.com] 
Sent: Sunday, March 15, 2009 9:47 AM
To: PJ
Cc: Daniel Brown; php-general@lists.php.net
Subject: Re: [PHP] left join does not work, why?

2009/3/15 PJ :
> Daniel Brown wrote:
>> On Sat, Mar 14, 2009 at 19:51, PJ  wrote:
>>
>>> $sql1 = "SELECT b.id, b.title, b.sub_title, b.descr, b.comment,
>>> b.bk_cover, b.copyright, b.ISBN, b.language, b.sellers, c.publisher,
<---
>>> CONCAT_WS(' ', first_name, last_name) AS Author
>>> FROM book AS b
>>> LEFT JOIN book_author AS ab ON b.id = ab.bookID
>>> LEFT JOIN author AS a ON ab.authID=a.id
>>> LEFT JOIN book_publisher as abc ON b.id = abc.bookID // <---
>>> LEFT JOIN publishers AS c ON abc.publishers_id = c.id // <---
>>> ORDER BY title ASC ";
>>> $result1 = mysql_query($sql1, $db);
>>> $bookCount = mysql_num_rows($result1);
> The error reported now is to check the syntax near the commented out
lines.
> So, what is going on here? I understood that when the lines are
> commented out they are not lprocessed.
> When I deleted the commented out lines the errors went away.
> This does not make sense and obviously could be very misleading in
> debugging.
>

*How* are you commenting out? Mysql accepts /* such comments */, so if
you want to transform a line in your SQL query string into a comment,
you gotta do it that way.
so this is just wrong:
$x = " select *
// from foo
from bar";
and that query would be valid
"SELECT this/*, that*/ from x"

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3937 (20090314) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3937 (20090314) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] DOM - change a tag name ??

[Marc Christopher Hall]

Unfortunately, you are correct. This is the only way to do it at the moment.
tagName/nodeName are readonly in the DOM and are set when created. I know
this is possible in the .NET world and I am still beside myself as to which
is the better way.


-Original Message-
From: Michael A. Peters [mailto:mpet...@mac.com] 
Sent: Wednesday, March 11, 2009 1:40 PM
To: php-general@lists.php.net
Subject: Re: [PHP] DOM - change a tag name ??

Michael A. Peters wrote:
> If I'm manipulating a dom object, is there a way to change the tag name?
> I know you manipulate just about everything else in a node - but is the 
> tagName really off limits?
> 
> from the documentation for DOMElement -
> 
> /* Properties */
> readonly public bool $schemaTypeInfo ;
> readonly public string $tagName ;
> 
> so if I really needed to change it, I'd have to create a virgin node 
> with the new name, identical attributes and children, and replace the 
> existing node with the new one?
> 
> Is there any other way to alter the tagName without doing all that?
> 

I've not actually tried this (IE may be errors) - I will in a little 
bit, but is something like this really the only way to change a tag name?

function changeNodeElement($document,$node,$elementTag) {
$newNode = $document->createElement($elementTag);
// get all attributes from old node
$attributes = $node->attributes;
foreach ($attributes as $attribute) {
   $name = $attribute->name;
   $value = $attribute->value;
   $newNode->setAttribute($name,$value);
   }
// get all children from old node
$children = $node->childNodes();
foreach ($children as $child) {
   // clone node and add it to newNode
   $newChild = $child->cloneNode(true);
   $newNode->appendChild($newChild);
   }
// replace the old node with the newNode
$node->parent->replaceChild($newNode,$node);
}

It seems that changing the tag name should be a little easier. I don't 
expect s/oldtag/newtag/ but am I just missing something obvious?



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature
database 3927 (20090311) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature
database 3927 (20090311) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: PHP Frameworks

[Marc Christopher Hall]

@todd; Micah - Precisely why I presented the question anew. Not only do I not 
have enough time to troll through the archives; I was looking for a fresher set 
of responses based on today's smorgasbord. Thank you for your input; I have 
looked at both YII and CI and they look promising. I love the statement about 
PEAR! That gave me a chuckle. With PHP 5.3 around the corner and looking 
forward to both PHP/MySQL 6; I am ISO a framework that is just as forward 
looking. I have already worked with Sapphire/SilverStripe for a client of mine 
and I find it comes with a lot of overhead. It does seem to be a promising 
future contender.


Thanks - Marc
"Measure twice and cut once."

-Original Message-
From: haliphax [mailto:halip...@gmail.com] 
Sent: Monday, March 09, 2009 10:00 AM
To: php-general@lists.php.net
Subject: Re: [PHP] Re: PHP Frameworks

On Sun, Mar 8, 2009 at 11:57 PM, Micah Gersten
 wrote:
> Chetan Rane wrote:
>> HI
>>
>> I also was looking for various frameworks and came across a very nice
>> framework, which is feature rich as well as very fast
>>
>> You can see more details at http://www.yiiframework.com/
>>
>>
>> -Original Message-
>> From: Micah Gersten [mailto:news.php@micahscomputing.com]
>> Sent: Monday, March 09, 2009 9:52 AM
>> To: php-general@lists.php.net
>> Subject: [PHP] Re: PHP Frameworks
>>
>> HallMarc Websites wrote:
>>> First time caller; long time listener..
>>>
>>> I have been looking at various PHP MVC frameworks; Limb3, Symphony,
>> Mojavi,
>>> Navigator, WACT, etc.
>>>
>>> I'm looking for any input anyone might have regarding which framework
>> seems
>>> to be the most promising?
>>>
>>
>> I'm currently using Zend PHP Framework + Doctrine ORM.  Symfony has a
>> little better integration with Doctrine.  I chose the Zend PHP Framework
>> because of the rapid release schedule and large feature set.
>>
>> You might want to check the archives as this discussion has come up before.
>>
>
> Please keep on list by hitting reply-all.  Someone else already
> mentioned yii framework.

Yes, this discussion has been hashed and rehashed more times than most
of us care to think about. The only thing I have to add since the last
time this came up was that I have been using CodeIgniter lately on a
personal project of mine, and I find it quite pleasant. It's like
Cake, only slimmer--but not lacking in important core features. Pretty
quick little bugger, too, and very easy to learn.


-- 
// Todd

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


__ Information from ESET Smart Security, version of virus signature 
database 3920 (20090309) __

The message was checked by ESET Smart Security.

http://www.eset.com


 

__ Information from ESET Smart Security, version of virus signature 
database 3920 (20090309) __

The message was checked by ESET Smart Security.

http://www.eset.com
 


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: New PHP User with a simple question

[Christopher W]

Dear responders,

I was not sure which post was the best to respond to all of you so I chose 
the original.

I wanted to thank you all for taking the time to try and help answer my 
question.  I truly appreciate it.

For the record, I have a PHP book and I understand (I think) all the 
variables, functions, conditionals, loops, constants, etc. of PHP.  My 
problem, with no computer programming to speak of, was putting those 
variables, functions, conditionals, loops, constants, etc. together to make 
it do things I was hoping to accomplish.  I am hoping that with reading more 
tutorials, looking at other people's php files and lots of practicing I may 
one day "get it."

I am truly grateful for all the time all of you spent in trying to help.

-- 

""Christopher W""  wrote in message 
news:f5.56.55096.935eb...@pb1.pair.com...
> At least I hope it is simple...
>
> I am trying to get an HTML menu link to set a variable's value.  For 
> example, when a user clicks the "Home" button on my page it would cause 
> $page = "home"; or clicking the "About Us" button will set 
> $page="about_us"; etc.
>
> I think this should be fairly simple but being completely new to php I 
> just cannot seem to get it right.
>
> Any help would be greatly appreciate.
>
> Thank you in advance.
> -- 
>
>
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] New PHP User with a simple question

[Christopher W]

Kevin,

Your link, with some modifications to fit my site layout, worked just as I 
was hoping for.

Thank you very much.

-- 

"Kevin Waterson"  wrote in message 
news:20090126092451.7aab63ff.ke...@phpro.org...
>
>> > Sorry, I am also new to the etiquette of these mail lists.
>
> Hope this will get you started,
>
> http://www.phpro.org/tutorials/Introduction-to-PHP-templating.html
>
> Kevin
>
> http://phpro.org
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] New PHP User with a simple question

[Christopher W]

mation by doing
> print_r($_SERVER), and seeing what bits and pieces you can put together,
> but that's not nearly as good or reliable.
>
> Sorry if there's too much info, but I'm guessing this is roughly what
> you'll be doing.
> If you want to have more than one variable (like say a sub page) then
> you add  *&* between each variable. E.g
>
>Home -
>Archived News
>
> You can usually get away with just using *&* as the separator but it
> probably won't validate properly if your making it in xhtml (as you
> should be). Also, if your not sure what the %20 means (a space) then
> look up urlencode <http://au.php.net/manual/en/function.urlencode.php>
> and urldecode <http://au.php.net/url_decode>.
>
> Michael Kubler
> *G*rey *P*hoenix *P*roductions <http://www.greyphoenix.biz>
>
>
>
> Christopher W wrote:
>> At least I hope it is simple...
>>
>> I am trying to get an HTML menu link to set a variable's value.  For
>> example, when a user clicks the "Home" button on my page it would cause
>> $page = "home"; or clicking the "About Us" button will set 
>> $page="about_us";
>> etc.
>>
>> I think this should be fairly simple but being completely new to php I 
>> just
>> cannot seem to get it right.
>>
>> Any help would be greatly appreciate.
>>
>> Thank you in advance.
>>
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] New PHP User with a simple question

[Christopher W]

Sorry, I am also new to the etiquette of these mail lists.

Anyway what I was attempting to do, in the full picture, was be able to just 
switch the text in the text area without actually changing pages.  For 
example, if the user clicks "About Us" (from the home page) the page doesn't 
change, just the text (in the area I designated for text).

Since I have never used php before (but have read some online and in books) 
what I was trying was:

if ($page == "home") {echo $home_text;}
elseif ($page == "about") {echo $about_text;}
...
else {echo $error_text;}

My problem is that I can't figure out how to get the link-click to assign 
the value to the variable.  I didn't try any php for that end because I 
really didn't know where to begin.

Thanks for the replies and the help.  I truly appreciate it.

-- 

"Lars Torben Wilson"  wrote in message 
news:36d4833b0901242313r435860b3q7f3f4f0eea621...@mail.gmail.com...
> 2009/1/24 Christopher W :
>> At least I hope it is simple...
>>
>> I am trying to get an HTML menu link to set a variable's value.  For
>> example, when a user clicks the "Home" button on my page it would cause
>> $page = "home"; or clicking the "About Us" button will set 
>> $page="about_us";
>> etc.
>>
>> I think this should be fairly simple but being completely new to php I 
>> just
>> cannot seem to get it right.
>>
>> Any help would be greatly appreciate.
>>
>> Thank you in advance.
>
> Hi there,
>
> A good way to increase your chance of getting a useful response is to
> post the smallest example you can which clearly illustrates the
> problem you're having. In this case, you say you're not able to get
> this to work, but we could waste quite a bit of time trying to guess
> what you've tried and what didn't work.
>
> In the simplest case, you could make your menu items look something
> like this: Home and then use $page
> = $_GET['page'] in your script, but I wouldn't recommend it since now
> you have user data floating around in your script and it will later
> become a pain in the butt to sanitize for security. For a learning
> script it'll be fine though.
>
>
> Torben 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] New PHP User with a simple question

[Christopher W]

At least I hope it is simple...

I am trying to get an HTML menu link to set a variable's value.  For 
example, when a user clicks the "Home" button on my page it would cause 
$page = "home"; or clicking the "About Us" button will set $page="about_us"; 
etc.

I think this should be fairly simple but being completely new to php I just 
cannot seem to get it right.

Any help would be greatly appreciate.

Thank you in advance.
-- 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Fatal error: Call to a member function on a non-object

[Christopher Vogt]

Hej,

I created a change request: http://bugs.php.net/bug.php?id=46601

Best regards

Christopher

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DEV] Fatal error: Call to a member function on a non-object

[Christopher Vogt]

Hej Jochem,

> this kind of thing belongs on php-general (and lets keep it on list
> please), if you have a serious proposal/rfc and/or one develops from a 
> discussion
> there then likely some of the old-hats will likely recommend escalating to
> internal.

I'm sorry I wasn't aware of this "procedure". I will start discussions
on general@ from now on.

>> But the question remains. Are there reasons to have a Fatal error here?
> 
> yes, it tells you your doing something impossible.

Well yes, but this does not mean it has to terminate. It could skip it
instead.

>> For comparison: Python throws an exception in a comparable case,
>> allowing me to handle the error.
> 
> PHP != Python. python is pure OO. php is hybrid. you have to refactor your
> code in different ways.

Python is, just as PHP, a multi-paradigm language. Both support
procedural, OOP and even functional programming styles.

> what this comes down to is this, python gives you exceptions free of
> charge, php asks you to implement and throw them yourself ...

You are right. This seems to be, what it comes down too. I can't say
that I am happy with it. And I think being able to handle fatal errors,
whenever possible would be a very useful feature.

What about E_RECOVERABLE_ERROR, couldn't calling a method on a
non-object trigger E_RECOVERABLE_ERROR, instead of E_ERROR?

Best regards

Christopher


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DEV] Fatal error: Call to a member function on a non-object

[Christopher Vogt]

Hej Stefan,

>> This was/is a question if something is worth a change request. This
>> concerns the development of PHP and in my eyes belongs on internals. Am
>> I mistaken here?
> 
> Yes, because you are like the 100th person to request that. A mail to
> general@ probably would have told you that.

I am sorry about that. I'll first consult general@ in the future.

Best regards

Christopher

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DEV] Fatal error: Call to a member function on a non-object

[Christopher Vogt]

Hej Jochem,

I understand there are many PHP beginners flooding the wrong lists with
the wrong questions, so I don't mind your harsh response. But I am not
one of them.

> please don't post this kind of question to internals. use [EMAIL PROTECTED]

This was/is a question if something is worth a change request. This
concerns the development of PHP and in my eyes belongs on internals. Am
I mistaken here?

> plenty, I suggest taking the time to get a better understanding of OO,
> the php implementation and the various related tools it offers
> (instanceof, "method-chaining", exceptions, etc, etc).

I have a good understanding of OOP. This is not a start for me. I am
just refactoring existing PHP code to be object-oriented. You say there
are plenty of reasons for a Fatal error, so please tell me a few, so I
understand the reasons.

> calling a method on an object that doesn't exist is tantamount to calling a 
> function
> which doesn't exist ... both are a fatal error.

Yes and maybe that is wrong two. But besides that, there is a difference
between the two. It hardly happens that a bug results in a call to a
non-existing function. But a bug can easily lead to an uninitialized
variable which is then treated as an object.

The problem with Fatal errors is that there is no way for me to handle
them. I use an error_handler in the production system. When an error or
unhandled exception occurs it displays an end-user-friendly error
message and then sends an email to our team's mailbox. Working with
arrays I can handle all sensible run-time errors using this methods.
Working with objects, I apparently cannot, because Fatal Error aren't
handled by the error_handler.

That's a serious problem because it completely hides a likely group of
errors from the notification system. I hopes this motivates the question
a little better.

But the question remains. Are there reasons to have a Fatal error here?

For comparison: Python throws an exception in a comparable case,
allowing me to handle the error.

Best regards

Christopher

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DB] Using oci_execute

[Christopher Jones]

Walter Galvão wrote:

Are you exceeding the PHP script time out, or exceeding the memory 
limit? 
I dont know. Doesnt appear any message. The script prints the 
last message before the oci_execute call.


I'd start by looking at the max_execution_time and memory_limit settings in 
php.ini.

Chris

--
Email: [EMAIL PROTECTED]  Tel: +1 650 506 8630
Twitter:  http://twitter.com/ghrdFree PHP Book: http://tinyurl.com/f8jad

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: [PHP-DB] Using oci_execute

[Christopher Jones]

Walter Galvão wrote:

Hi,

Im using the oracle instant client basic in my php app, with apache server.
When a query returns few rows, there is no problem.
Otherwise, the oci_execute method doesn return any records neither errors!
How can i solve this problem??

My implementation:

function executarSQL($conn, $stmt, $consulta){
 echo "Execute...";

 $r = oci_execute($stmt);

 if (!$r) {
  $erro = oci_error($stmt);
  trataErroSQL($conn, $consulta, $erro, "execute");
 }
 echo "Fim do Execute...";
 return $r;
}



What version of PHP?  What version of Instant Client?  What version of
the DB?

Are you exceeding the PHP script time out, or exceeding the memory
limit?

Is there an error from oci_parse or your fetch call?

Which fetch call are you using?

Does your error occur when there are lots of rows, or only when your
query contains a certain kind of datatype?

Chris

--
Email: [EMAIL PROTECTED]  Tel: +1 650 506 8630
Twitter:  http://twitter.com/ghrdFree PHP Book: http://tinyurl.com/f8jad

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] A better XSS trap (Feedback wanted)

[Christopher Vogt]

Hej everybody,

I built something I'd like to have feedback on. Looking at all the
template engines out there made me think.

I have two main requirements:
 - use PHP as the template language
 - effective XSS prevention without betting on discipline

Plain PHP only satisfies the first. I also couldn't find a PHP template
engine that satisfies both. (Savant doesn't.)

So here is my own minimal solution and I would like to know your
opinion. Also, if anybody has seen something like it out there, please
point me to it.

The Idea:
Automatically wrap every output string into a Decorator object, which
offers filtering methods like htmlentities. This also means intercepting
access to strings contained in Arrays and Objects in order to decorate them.

The code:
http://code.google.com/p/cvphplib/source/browse/trunk/cvphplib/
svn checkout http://cvphplib.googlecode.com/svn/trunk/cvphplib/

Example usage:
// first a simple string
evil' ); ?>
 triggers an error
htmlentities()?> works fine
urlencode()?>works fine
raw()?> outputs the unfiltered value

// extracting a bunch of filtered variables into the local scope
5, 'o'=>new O(), 'array' => array(''=>'') );
extract( CV_OutputFilter::filter($vars)->toArray() );
?>

// access to object members
var?> triggers an error
method()?> triggers an error
var->htmlentities()?> works fine
method()->htmlentities()?> works fine

// access to array elements
']?> triggers an error
']->htmlentities()?> works fine

// Iterating over an array
 works fine
 $value ){} ?> throws an exception, because
$key would not be filtered in this case

// decorating array keys requires some iterator magic
key_as($key) as $value ): ?>
htmlentities()?>: htmlentities()?> 



Problems:
 - potentially slow (due to many object instantiations and reflection)

Benefits:
 - effective XSS prevention without betting on discipline
 - template-engine-like variable extraction into local scope
 - clean and short syntax
 - very little to learn

Functionality already implemented, but not shown in the example:
 - register custom filter methods
 - enable __toString() with custom default filter
 - use tuple array(key,value) for $value instead of 'key_as'-magic
 - register custom filter applied on keys in ->toArray()
 - decoration of multidimensional arrays and webs of object references

More example code:
http://code.google.com/p/cvphplib/source/browse/trunk/cvphplib/examples/exampleOutputFilter.php
http://code.google.com/p/cvphplib/source/browse/trunk/cvphplib/tests/CV/Test_OutputFilter.php

So what do you think?

Best regards

Christopher



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Create PDFs with a strict layout automatically

[David Christopher Zentgraf]

On 27 Nov 2007, at 17:57, Brady Mitchell wrote:

FPDF is a great way to go - I've used it for other projects. Thought  
I'd share this method so you'd have more options. :)


Very much appreciated. :o)

I do want to include graphics dynamically as well, not just form data,  
so I think your approach wouldn't be quite as suited anyway(?).


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Create PDFs with a strict layout automatically

[David Christopher Zentgraf]

On 27 Nov 2007, at 14:09, Brady Mitchell wrote:

I had a similar situation where I needed to fill in the blanks on an  
existing PDF file. I used the createFDF function from http://koivi.com/fill-pdf-form-fields 
 in combination with pdftk (http://www.accesspdf.com/pdftk/) to  
merge the fdf data and pdf file into one.


Take a look at the fill_form and flatten options of pdftk.


Thanks, but by now I'm pretty much sold on the idea of FPDF and  
creating PDFs on the fly, inserting data I need as I go. Is there any  
advantage using pdftk?


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Create PDFs with a strict layout automatically

[David Christopher Zentgraf]

On 27 Nov 2007, at 12:25, Bastien Koert wrote:


you could also look at http://www.digitaljunkies.ca/dompdf/


Looks alright, but I'm wondering whether the results might be more  
accurate by laying the PDF out "by hand", instead of going through an  
intermediary step with CSS? I was also looking at http://pdml.sourceforge.net 
 with the same mixed feelings.


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Create PDFs with a strict layout automatically

[David Christopher Zentgraf]

On 27 Nov 2007, at 11:51, Chris wrote:


There are a few packages you can use.

http://pear.php.net/package/File_PDF
http://www.fpdf.org/

are two I know of, I'm sure there are more.


Thanks! The built-in PDFlib functions didn't seem to appealing, but  
FPDF looks pretty good. I'll certainly play around with it to see what  
it can do, but right of the bat it seems that templates aren't  
supported the way I would like them to. Importing a PDF is possible,  
but apparently they can only be treated like images.


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Create PDFs with a strict layout automatically

[David Christopher Zentgraf]

Hi,

I want to offer visitors of my site the possibility of downloading  
printable, foldable pocket guides for certain things that come out of  
my database. The problem is that items will be entered into the  
database very frequently, so I need to automate the process of  
creating these guides. Since they're supposed to work like flyers,  
with a proper front and back etc, the layout will need to be very  
strict and adhere to a template. I was thinking about PDFs, since they  
should keep their layout in print no matter what. But how would I  
create PDFs from a template on the fly using PHP?

Or is HTML with a special print style sheet the better solution?

Anybody have any experience?

Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Rendering problem (IE browser on windows + php on linux host)

[David Christopher Zentgraf]

What about comparing the pure HTML output of both servers _including  
headers_, for example with curl?


On 3 Nov 2007, at 23:46, Erick Paquin wrote:


Hi All,

If someone has seen this before it would greatly help me.

I have done a php site at work on my windows server. The site renders
perfectly in both Firefox & IE.

Transferred my site to my home server which is a ubuntu server.

Site renders perfect in Firefox but goes wacky in IE.

Thought this might be an apache/php config problem on my ubuntu server
so I tried to compare both my php.ini + apache config file and nothing
works so far.

Any Ideas?

Erick P.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] crop an image

[David Christopher Zentgraf]

Copying half a pixel? I dare say that's where the problem is.

Chrs,
Dav

On 31 Oct 2007, at 19:34, Merlin wrote:


Hi there,

I do have a small problem with the proportions of image copy

The image is originally vertical in 100px width and 141px height.
Now I want to crop it to 80 px width and 60px height. There should  
be no black area and the proportions should be OK. That means that I  
have to copy only part of the image. In this case it would be 40.5px  
from above (141-60 / 2 ) and until 100.5 (40.5+60).

This would crop the middle part of the image.

Now with imagecoyresampled I can set the starting point of 40.5px,  
but not the ending point. The image will have a black bottom.


Here is the code I am using:
imagecopyresampled($outputImg, $inputImg, 0,0, 0 , 40.5, 80, 60,  
$srcX, $srcY);


Thank you for any hint. Maybe somebody has a good idea on how to  
crop that image.


Best regards,

Merlin

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Stopping objects from auto-serializing

[David Christopher Zentgraf]

On 31 Oct 2007, at 17:23, hochprior wrote:


I got the following in my main .htaccess (and it works just fine...):
php_flag register_globals 0


Well apparently I'm not allowed to override register_globals.

Looking at the problem a little closer, it also doesn't seem like  
register_globals is the culprit. Browsing through the PHP bug reports  
a bit brought my attention to --enable-track-vars, which is enabled in  
my case. It sounds a little more like it has something to do with my  
problem, but I can't seem to find any documentation on this flag...


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stopping objects from auto-serializing

[David Christopher Zentgraf]

After some more playing around and a lot of print_r($SESSION)'s:

This specific PHP configuration seems to replace every entry in  
$_SESSION if a variable with the same name is used in the main script  
with that variable.


I.e.
session_start() // $_SESSION["foo"] is now "bar"
$foo = "12345";
$var = "";

function test() {
$foo = "67890";
}
test();

After execution finished $_SESSION["foo"] is now "12345", but there's  
no $_SESSION["var"].

What's going on here?

On 31 Oct 2007, at 16:25, David Christopher Zentgraf wrote:



On 31 Oct 2007, at 16:16, Jochem Maas wrote:


are you using session_register()? (dont)
also are you setting the value in $_SESSION by reference?


No and no. The only time I'm writing to $_SESSION["basket"] is by  
setting $_SESSION["basket"][] = "foo", I'm never touching the actual  
$_SESSION["basket"] variable as such, but which is exactly what's  
happening.




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stopping objects from auto-serializing

[David Christopher Zentgraf]

On 31 Oct 2007, at 16:16, Jochem Maas wrote:


are you using session_register()? (dont)
also are you setting the value in $_SESSION by reference?


No and no. The only time I'm writing to $_SESSION["basket"] is by  
setting $_SESSION["basket"][] = "foo", I'm never touching the actual  
$_SESSION["basket"] variable as such, but which is exactly what's  
happening.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stopping objects from auto-serializing

[David Christopher Zentgraf]

On 31 Oct 2007, at 15:32, Jochem Maas wrote:

aside from this error (my guess is your not allowed to override it)  
I can't

see the problem of serialization .. don't put the object in $_SESSION?

...

what are you doing? show us the code?


I'm not putting the object in $_SESSION, but PHP apparently does on  
this specific configuration.
I'm saving an array of ids in $_SESSION["basket"], and on some pages I  
have an object called $basket.
Somehow this $basket gets saved into $_SESSION["basket"], where it  
simply does not belong because it makes my code barf.


Seems I'll have to rename my variables, but aside from this specific  
fix, I don't want any unneeded variables floating around my $_SESSION  
and I certainly don't want them to be globally_registered.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stopping objects from auto-serializing

[David Christopher Zentgraf]

On 31 Oct 2007, at 13:50, Larry Garfield wrote:


Try:

php_value register_globals Off


Same Apache misconfiguration error. Even though the host actually  
requires me to enable PHP processing via an "AddHandler" .htaccess  
directive, php_flag/value directives are throwing an error. Weird.



...but turning register globals off anyway is a good thing.


Indeed.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Stopping objects from auto-serializing

[David Christopher Zentgraf]

Hi,

I'm trying to set up my PHP app at my host, but am stumbling over the  
PHP configuration there. register_globals is enabled, which seems to  
auto-serialize my objects into $_SESSION, which in some cases  
overwrites variables in there. I'm not sure if register_globals is  
where the auto-serialization comes from, but it seems to be closely  
related at least and I'm not in my best form today...


I tried putting "php_flag register_globals off" into an .htaccess  
file, but that throws an Apache misconfiguration error.

Using set_ini() doesn't seem to do anything either.

Any advise on how to turn serialization off without dabbling with the  
configuration file?


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: [PHP-INSTALL] MySQL connector installation/upgrade problems

[David Christopher Zentgraf]

On  23. Oct 2007, at 21:07, Colin Guthrie wrote:


No, I reckon Jul 5th could be about right when was .45 released? I
had it in my head it was august but Jul doesn't seem too far before  
that

so entirely possible.


Ah sorry, I was thinking about source installs. RPMs keep the  
original creation date I guess. Not overly used to that.



Use rpm -qf  to see which package owns which files.


Probing two random files in include/mysql and and lib/mysql show they  
belong to MySQL-devel-community-5.0.45-0.rhel3.



you can also use rpm -V  to verify that the package has not be
modified on disk.


$ rpm -V MySQL-devel-community-5.0.45-0.rhel3
missing  d /usr/share/man/man1/comp_err.1.gz
missing  d /usr/share/man/man1/mysql_config.1.gz

I suppose this is, albeit not ideal, tolerable?


Does PHP 4 perhaps come with it's own mysql library in the source?
Perhaps you have to pass an argument?


Yes, as of PHP4 the --with-mysql is on by default. I tried specifying  
--with-mysql-dir=/usr and also shared,/usr, but to no avail.


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: [PHP-INSTALL] MySQL connector installation/upgrade problems

[David Christopher Zentgraf]

On  23. Oct 2007, at 20:33, Colin Guthrie wrote:


If you compile PHP and it finds v3 of mysql that means that you must
have the old development libraries for mysql 3 installed in some
capacity (I believe).

What is the output of:
rpm -qa --nosignature --nodigest | grep -i mysql

This should give some clues.


$ rpm -qa --nosignature --nodigest | grep -i mysql
MySQL-server-community-5.0.45-0.rhel3
mod_auth_mysql-20030510-2.ent
MySQL-shared-compat-5.0.45-0.rhel3
MySQL-client-community-5.0.45-0.rhel3
mysql-bench-3.23.58-16.RHEL3.1
MySQL-python-0.9.1-6
libdbi-dbd-mysql-0.6.5-5
perl-DBD-MySQL-2.1021-4.EL3
qt-MySQL-3.1.2-17.RHEL3
php-mysql-4.3.2-43.ent
MySQL-devel-community-5.0.45-0.rhel3

Now I'm even more confused, the 5.0.45 devel package *is* there.

I would imagine (don't know) that PHP would use the mysql_config  
program

to work out which mysql is installed and get the relevent cflags and
linking options. For me this is provided by the
MySQL-devel-community-5.0.27 package from MySQL... Is this definitely
installed?


$ mysql_config
Usage: /usr/bin/mysql_config [OPTIONS]
Options:
--cflags [-I/usr/include/mysql -g -pipe -march=i386 - 
mcpu=i686]

--include[-I/usr/include/mysql]
--libs   [-L/usr/lib/mysql -lmysqlclient -lz -lcrypt  
-lnsl -lm]
--libs_r [-L/usr/lib/mysql -lmysqlclient_r -lz - 
lpthread -lcrypt -lnsl -lm -lpthread]

--socket [/var/lib/mysql/mysql.sock]
--port   [3306]
--version[5.0.45]
--libmysqld-libs [-L/usr/lib/mysql -lmysqld -lz -lpthread - 
lcrypt -lnsl -lm -lpthread -lrt]


Doing a simple ls -l on both /usr/lib/mysql and /usr/include/mysql  
shows me that all libraries in there are from Jul 5th, which is too  
old to be my recent MySQL install. So these seem to be the files that  
need updating. Which package will do that for me?


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] MySQL connector installation/upgrade problems

[David Christopher Zentgraf]

On  23. Oct 2007, at 19:55, Martin Marques wrote:


Wouldn't it be easier to upgrade to CentOS 5?


We tried to explain that to our host, but their service *major  
expletive*, and other hosts in Tokyo ain't better either. :-(


Chrs,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] languages and PHP

[David Christopher Zentgraf]

Your biggest problem will be if you accept any kind of user input  
which could be in any kind of language.
Depending on your server configuration you'll probably have some  
serious cleaning and filtering to do.

I often have to employ this line for example:
foreach (array_keys($_POST) as $key) $clean[$key] =  
mb_convert_encoding($_POST[$key], "UTF-8");


Trying to make sure that you'll receive UTF-8 helps as well:
accept-charset="utf-8">


Magic-Quotes can be a mayor pain in the rear, especially if you're on  
a host where you can't turn them off.


Other than that I concur, keep everything in UTF-8, explicitly check  
everything you're not sure about for UTF-8 compliance and explicitly  
set all your database connections to use UTF-8 and store stuff in UTF-8.


Cheers.

UTF-8, UTF-8

On  27. Sep 2007, at 19:15, Angelo Zanetti wrote:


Hi all.

this is more of a general question but Im sure some people will  
have experience and also it will be useful to others who are  
looking for the same answers as I am.


What are the implications of having a site that has many different  
languages, including latin and non latin characters?


Firstly, can a mysql database handle these characters normally? or  
would you have to have a table for each language and set a  
different CHARSET for each language depending on the type of language?


Secondly, PHP and displaying the information: Is there anything  
that needs to change with regards to PHP and handling of these  
characters? OR is it able to handle all characters fine?


HTML: I assume the charset changes in the metatag in the  of  
the document?


Is there anything else that I might be missing or other problems  
that I should be aware of?


Thanks in advance.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SOAP in PHP on very restricted host?

[David Christopher Zentgraf]

On  26. Sep 2007, at 16:45, Nathan Nobbe wrote:


i hate to suggest it, but you might want to take a little time and
investigate what other restrictions you host has.  if the list is  
long you may want to consider a
move. it may seem arduous now, but the longer you wait the more  
arduous it will

become.


Oh, we know our host sucks major [primate] [primate][bodypart].
The plan is to eventually have our own servers in-house, but until  
then, there really isn't that much choice unfortunately. As far as we  
observed all of the major hosts in Tokyo (Hi from Japan!) are pretty  
much the same. And hosting abroad is out of the question, since  
latency goes right up and throughput down with every inch off the  
Japanese coast. Unless somebody has a good tip for a good host...



still on php4 (dont ask)


Ditto.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SOAP in PHP on very restricted host?

[David Christopher Zentgraf]

On  26. Sep 2007, at 16:14, mike wrote:


On 9/25/07, Nathan Nobbe <[EMAIL PROTECTED]> wrote:

i try to stay away from it if i can.


i think the same of SOAP. in my opinion a shower is the only place  
for soap.


Well put. :-D
I, too, fail to see what's so terribly special about it.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SOAP in PHP on very restricted host?

[David Christopher Zentgraf]

On  26. Sep 2007, at 15:26, Nathan Nobbe wrote:

i just read the first message in this thread and NuSoap immediately  
came to
mind. though it will solve your problem you may end up like me,  
hating to use
NuSoap under duress.  i think it was really popular back in th php4  
days when there
was nothing solid that could be built right into php.  anyway in my  
experience

its a relic and i try to stay away from it if i can.


I already see what you mean.
A big bummer is that even though it uses the same class name as the  
default PHP SOAP module, it uses a totally different syntax/method  
calls etc, which all seem slightly queer to me. Which is terrible  
since the library the gateway provides wants to call (and extend)  
SoapClient() in very specific ways.


I don't think I wanna go down this road very far...

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SOAP in PHP on very restricted host?

[David Christopher Zentgraf]

On  26. Sep 2007, at 13:19, mike wrote:


i've downloaded PEAR packages before and used them manually.

all PEAR is is PHP object code modules in a central place. nothing
special, really.

you just have to tweak some script paths and you can use
include/require on the files like normal.


That's what I thought, but PEAR::SOAP seems to depend on the PEAR  
base package. ...which I could probably install manually as well, I  
know.


But I just found out about NuSOAP (http://dietrich.ganx4.com/ 
nusoap/), which seems to be what I'm looking for, a no-strings- 
attached SOAP implementation. I'm trying my luck with this one for  
now. :)


Cheers,
Dav

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] open_basedir

[Christopher Deeley]

Can anyone tell me how to set open_basedir in php.ini, to two directories
like

open_basedir = c:\www & c:\myhomepage

thanks

Re: [PHP] PHP4 to PHP5 issue

[Christopher Weldon]

On Feb 5, 2007, at 2:00 PM, Jochem Maas wrote:


you don't need to use the box - you can install a 2nd copy of  
apache and
run php4 on it and use the apache ProxyPass directive to make the  
php4/apache

setup available via the apache(2)/php5 [std] webserver.

search the archives for 'ProxyPass'


You actually don't even have to run a second instance of Apache. From  
what I've heard of other hosting companies doing, you can use the  
same Apache installation and run PHP4 and PHP5 concurrently.


However, the only thing you'd have to do is one of the following:

1) For PHP4 apps and scripts, leave the .php extension and rename all  
PHP5 apps and scripts with a .php5 extension. Where you have the string:


DirectoryIndex index.php index.html

add: index.php5 to it. And where you have the string:

AddType application/x-httpd-php .php

Change it to:

AddType application/x-httpd-php4 .php

Also, add another line:

AddType application/x-httpd-php5 .php5

Make sure you include both the php4 and php5 modules, restart apache  
and voila! PHP4 and PHP5 on the same server using 1 installation of  
Apache.


2) Do the same as above, but use .php4 extensions instead of .php5.

3) Additionally, after doing 5 minutes of Googling, I found that you  
can have .htaccess files to control which applications use PHP4 and  
which use PHP5 with the following directive:


AddHandler application/x-httpd-php5 .php

This would circumvent having to rename the extensions of your PHP  
files, as you could then do directory specific PHP4/5 app running.  
You still have to make certain Apache has both the PHP4 and PHP5  
modules loaded, obviously.

--
Christopher Weldon
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
(866) 813-4603 x605

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Stuffing code into variable

[Christopher Weldon]

On Feb 3, 2007, at 9:09 PM, Albert Padley wrote:

It's late and I've been at this a long time today so I throw myself  
on the mercy of the list.


I have an echo statement that I use in conjunction with a MySQL query.

echo "\n" . $row['time'] . "\nclass=\"tabletext\">" . $row['field'] . "\n\"tabletext\">" . $row['division'] . "\n";


This works perfectly fine. However, I will be using the same code  
numerous times on the page and wanted to stuff it all into a  
variable. At this point I can't remember the proper syntax and  
quoting to get this right. Any takers?


Thanks.

Al Padley

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




You could always make it a function...ie:

function drawTableRow($sqlRow) {
return "\n". $sqlRow['time'] ." 
\n".$row['field'].""; // Simplified for  
time purposes.

}

// Execute the query
foreach ($row = mysql_fetch_array($query)) {
echo drawTableRow($row);
}

/me pours you a cold frosty one to soothe the pain of the long struggle
--
Christopher Weldon
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
(866) 813-4603 x605

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Billing client for studying documentation

[Christopher Weldon]

On Feb 3, 2007, at 8:09 PM, Mike Mannakee wrote:


I have a php project I have been working on for several months.  The
client's requirements have expanded to include interfacing to an  
online
service using xml, which I was familiar with but have never worked  
with
prior to this project.  I have spent a good number of hours reading  
up on
xml, and learning how to use it to integrate with this online  
service.  I
have also spent hours poring over hundreds of pages of  
documentation for the

online service itself.

My question is this - should I be billing the client for this  
time?  It is
needed to properly work with this framework, but it is not  
programming time

in itself.  Googling the topic has been useless.

Any advice?

Mike

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




If the client didn't request this to begin with, and if you told them  
that you'd have to research how to do it when they asked you to do  
it, then absolutely! But, if you told them that you were proficient  
in that area, then did the research, and choose to bill the client  
for the hours you did for the research, then you may have a difficult  
time justifying the extra hours put into it if you are questioned.


In general, however, some research will always be required when  
dealing with outside sources/services because you have to learn how  
they transmit their data, how to interpret it, etc. This is all part  
of the development and "coding" for the project and should be billed  
to the client appropriately.

--
Christopher Weldon
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
(866) 813-4603 x605

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Who uses PHP

[Christopher Weldon]

Well, if you do not know the answer to my particular question, I'm
curious how might you respond to someone who says:

  PHP has to many security issues and should not be used with a
user authentication system.
  We should use XXX.


I think security mainly depends on the programmer and not on the
language he uses...

greets
Zoltán Németh


I totally agree.





You are not allowed to say 'Well, you're wrong. PHP is as secure as
anything else.' without explaining why.
Or, would you agree with the statement? Is there an 'XXX' that should
be used instead of PHP?



Of course not. As Zoltan stated above, security is dependent upon the  
programmer and not the language. But, if you aren't familiar with why  
PHP is considered so "insecure" its a result of people who can't/ 
don't know how to properly program PHP applications. PHP is an easy  
programming language to learn quickly and hit the ground running.  
These people (typically) don't care to check to make sure writing  
something like:


mysql_query('SELECT * FROM admins WHERE username = "'.$_GET 
['username'].'" and password = "'.$_GET['password'].'"');


is safe and secure. This is one of the bigger issues I've seen on  
some PHP applications. As you will (or perhaps already have read) on  
Chris S.'s site that a big thing to do in PHP apps is FIEO (Filter  
Input Escape Output). Applications written in this manner are  
insecure; PHP isn't what's insecure.


However, with my limited Computer Science training, FIEO is something  
that should be done in any application under any programming language  
- for security's sake.


So, rather than consider the difference in security of a programming  
language versus another, you should be asking the question "What does  
PHP offer me that XXX doesn't?". Alternatively, if the person on the  
other end is still too concerned about security, then you should be  
considering "How much easier is it for me to program secure  
applications in PHP than XXX?" If you do it right from the start,  
you'll find that PHP does not make it difficult to write secure apps.



Given the limited number of options for maintaining state
information, I would be hard pressed to see how any language could be
inherently more security or why one could not write PHP code which
implemented the same techniques as 'XXX'.

(No, I do not know what 'XXX' might be.)



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
Christopher Weldon
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
(866) 813-4603 x605

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] First Character In A String

[Christopher Deeley]

Can anyone tell me if there is a function to return the first letter in a
string, such as:

$surname="SMITH";
$forename="ALAN";

Is there a function which I can use to make $forename "A", so I can display
it as A SMITH?

Thank You In Advance

[PHP] Port Block

[Christopher Deeley]

I used to use mailenable to send e-mails from a site hosted on my computer,
to email anyone.

Now my ISP blocked port 25 so I can't connect directly to any smtp servers
like google to send e-mail directly from my computer.

Does anyone know of an open SMTP server which doesn't use port 25?

Re: [PHP] WebMail client

[Christopher Weldon]

Peter Lauri wrote:
> Hi,
> 
>  
> 
> Do you have any suggestion on WebMail clients written in PHP that is good
> and easy to install?
> 

http://hastymail.sourceforge.net/

--
Christopher Weldon

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download files outside DocumentRoot Dir

[Christopher Weldon]

Richard Lynch wrote:
> On Mon, September 25, 2006 3:57 pm, Christopher Weldon wrote:
>> On 2:36 pm 09/25/06 "Ramiro Cavalcanti" <[EMAIL PROTECTED]> wrote:
>>> Hi Christopher,
>>> at first, thank you for your answer.
>>>
>>> I'd like to know if it's possible use this when php is running like
>>> cgi (php-suexec). I've put this code at httpd.conf at ,
>>> then tryed to use it at .htaccess, but without successs.
>>>
>>> Thank you again.
>>>
>> Oh, in that case, you most definitely can't use the .htaccess
>> conditions.
>> PHP will have issues if you are running php-suexec.
>>
>> I'll see if I can think of any other ways around this, but php-suexec
>> definitely limits your usage for this simple fix right now.
> 
> If you *want* that ugly HTTP Auth popup box, you can search on php.net
> for code to do that.
> 
> If not, you can take that code, and replace the HTTP challenge with a
> simple login form.
> 
> If they aren't logged in, the download just doesn't go...
> 

How do you mean? The particular code that I was talking about included
doing authentication outside of an ugly HTTP Auth popup box and just
including a PHP script that checked that the user was authenticated, and
if not, either deny access to him or redirect them to a login page.

My proposal requires minimal amount of changes that the user would have
to do. He can keep his downloads in the web root and not have to load
ANY file into memory. The only PHP side of downloading a file that's in
the web root downloads folder is to check for authentication. Thus, a
very quick and scalable solution.

--
Chris Weldon

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download files outside DocumentRoot Dir

[Christopher Weldon]

On 2:36 pm 09/25/06 "Ramiro Cavalcanti" <[EMAIL PROTECTED]> wrote:
> Hi Christopher,
> at first, thank you for your answer.
>
> I'd like to know if it's possible use this when php is running like
> cgi (php-suexec). I've put this code at httpd.conf at ,
> then tryed to use it at .htaccess, but without successs.
>
> Thank you again.
>

Oh, in that case, you most definitely can't use the .htaccess conditions.
PHP will have issues if you are running php-suexec.

I'll see if I can think of any other ways around this, but php-suexec
definitely limits your usage for this simple fix right now.
--
Chris Weldon

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Download files outside DocumentRoot Dir

[Christopher Weldon]

Ramiro wrote:

Hi,
i'm trying to find a good solution to this problem. I want download files 
from a directory outside DocumentRoot.


This files cannot be downloaded through direct url like 
http://site/test.zip. It must be downloaded after user login.


I know i can do that using some functions like fread() + fopen() or 
readfile(), than i would echo file buffer to browser with correct headers. 
But, reading then dumping file to browser is a big problem to server.


I've made one test that shows me i will "eat" 1.8% of RAM (i've used "ps 
aux" at Linux, in a server with 2Gb of RAM) to download a 30Mb file at 
60kb/s speed. So, imagine what a dump-php-script can do with 50 to 100 
concurrently downloads. Probably i will need 1 TeraByte of RAM to provide 
downloads ;)


Theres my question now. Is there other way to protect files against direct 
downloading? (Obligating users to login and denying direct-url's).


I also know i can check referer by using Mod_Rewrite at Apache. But it isn't 
secure, since referer cannot be sent or be fake.


Please, help me ;)

Thank you !

Script i used to test:
?> 



What you can do is put the downloads in a separate directory actually in
your webroot. Then, use a .htaccess file to include a PHP file which
checks for authentication.

ie:

File in : /var/www/htdocs/downloads/file.zip
Accessible by: http://site/downloads/file.zip

.htaccess:

php_value auto_prepend_file "/var/www/htdocs/authenticate.php"

authenticate.php would theoretically have some code to check that the
user is authenticated, and if not, redirect to a login screen before any
headers are sent to the user.

--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] stripping with an OB callback [SOLVED]

[Christopher Watson]

Thanks for the follow-up Richard.  I am now bracketing my Fusebox core
includes with ob_start("ob_gzhandler") and ob_end_flush().  It's done
wonders for those large query results.  And since there is absolutely
nothing in this app that relies on multiple contiguous whitespace
characters, I'm good to go.

Christopher Watson

On 9/22/06, Richard Lynch <[EMAIL PROTECTED]> wrote:

Cannot compression be set in .htaccess?

Or even within the script???

I suspect you could even find a PHP class out there to compress and
send the right headers to do it all in PHP, regardless of server
settings...


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Help converting C to PHP

[Christopher Watson]

Definitely looks like a grouping and/or precedence problem.  Wish I
had more time to examine it.  Fine-tooth those parens again.

-Christopher

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Is there a list of all Timezones as an array or someting?

[Christopher Watson]

Might also want to have a look-see at the Date_TimeZone class of the
PEAR::Date package.  It seems pretty comprehensive with regard to time
zone coverage.

-Christopher

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] stripping with an OB callback

[Christopher Watson]

Bingo!  That's the ticket.  Thanks, Robert.

-Christopher

On 9/20/06, Robert Cummings <[EMAIL PROTECTED]> wrote:

Why settle for 30% speed boost when you can get 90% ...

   http://ca3.php.net/manual/en/function.ob-gzhandler.php

:)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] stripping with an OB callback

[Christopher Watson]

Hi Robert,

Well, I think the main reason I'm not using transparent output
compression is because this app shares php.ini with several other PHP
apps on the server, and I don't want to foist this change on the
admins of those apps.  I was trying to come up with a localized
strategy for trimming my app's output.

The  issue is not an issue for me.

-Christopher

On 9/20/06, Robert Cummings <[EMAIL PROTECTED]> wrote:

Should be an issue as long as you're not stripping whitespace from
between  tags. Although, one must wonder why you don't just
use output compression since all that whitespace would just compress
anyways as would all the other content. In fact 900k with fairly
standard content would shrink to about 90k.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] stripping with an OB callback

[Christopher Watson]

I've been coding with PHP for maybe a year.  So I'm somewhat new to
it.  But I've learned quickly, and created a fairly serious LAMP app
that is capable of returning large query results.  During my
investigation into various means for incrementally reducing the
response sizes, I've discovered output buffering with a callback
function.  So, as an experiment, I bracketed my includes of the
Fusebox files in index.php with ob_start('sweeper') and
ob_end_flush(), and placed the simple callback function at the top of
the file that performs a preg_replace on the buffer to strip all
excess space:

function sweeper($buffer) {
   return preg_replace("/\s\s+/", " ", $buffer);
}

Results?  Kinda nice!  A large query result measuring over 900K of
HTML is reduced to 600K.  With no change at the browser.  Still valid
HTML, and the browser happily gobbles it up and displays it cleanly.
It's just 30% faster getting to me.

Now, the question.  Is this going to bite me in the ass?  'Cause right
now, it looks dang good to me.  Great bang for the buck, as far as I'm
concerned.  I've been churning it over in my head, and I don't see a
situation (certainly not in my particular app) where doing this
whitespace reduction is going to backfire.  There isn't anything in
any of this that requires the contiguous non-word characters.

I have a feeling though, that one of you more learned PHPers are going
to tell me exactly where my ass is gonna start hurtin'.

Christopher Watson
Principal Architect
The International Variable Star Index (VSX)
http://vsx.aavso.org

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] php/css and .htaccess

[Christopher Weldon]

tedd wrote:

Hi gang:

I embedded php code inside css and changed my .htaccess to read --


 SetHandler application/x-httpd-php


-- so that the css file would be processed and executed by php. The end 
result was that everything worked and did what I wanted.


However, FireFox / Mozillia won't accept a css file if a .htaccess file 
reads as indicated above.


Any ideas as to how to get FireFox to play nice?

Thanks in advance for any replies.

tedd



That shouldn't be expected. The SetHandler only applies to the Apache 
handler side, as browsers should not be able to read those files 
(.htaccess). So, are you 100% positive that PHP is in fact processing 
the file?


--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] storing function names in db and running them as row is output?

[Christopher Weldon]

blackwater dev wrote:

great, thanks.  So if it's just text, eval won't do anything?

On 9/20/06, Christopher Weldon <[EMAIL PROTECTED]> wrote:


blackwater dev wrote:
> First, the example I have is not the real situation, just an example so
I
> don't want to get into why are you doing it like that, etc.  Just want
to
> see if it's possible.
>
> Basically, I want to store stuff in a text field in a db like this
"johns
> name is ucfirst('john adams') ".
>
> When I cycle through that row for output in my php script, I want it to
not
> see ucfirst as text but as the php function and run ithow is the
> possible?
>
> Thanks.
>

$db_query = mysql_query("select command from table");
if ($db_query && mysql_num_rows($db_query) > 0) {
   while ($array = mysql_fetch_array($db_query)) {
 eval($array['command']);
   }
}

eval() is your solution.

--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874





Umm, I believe eval will error out if it's just text. eval is basically 
processing a PHP command, so if you have something like "Bob Smith" and 
you run:


eval("Bob Smith");

It will error out because "Bob Smith" is not a something that can be 
processed by PHP.

--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Most stable combination of AMP?

[Christopher Weldon]

Børge Holen wrote:

On Wednesday 20 September 2006 18:06, Pawel Miroslawski wrote:

On 9/20/06, Kae Verens <[EMAIL PROTECTED]> wrote:

James Tu wrote:

Hi:

I'm trying to setup a dev environment using Apache, MySQL and PHP...to
develop an application that will go to production.
What is the most stable versions of the AMP components should I can
install?

The production environment will most likely live on a Linux machine. 
My dev environment will be on OS X.

that's a religious question. some people advocate some distributions over
others.

Personally, I recommend Fedora - it's easy to install, and you can use
"yum"
and "yumex" (graphical yum) for package management.

Kae

--

Hi
I agree it's a religious question.
I prefer Debian, apt-get is a really comfortable tool and it install all
require dependencies. All procedure LAMP install it only 4 commands ex.
apt-get install php5 :) It's a very fast and nice (best what i know).

Representant of debian's church ;)
Paul
 *
*


Disipel of the same church. Never any problems and rock stable.



Well, though I tout in favor of Debian MOST of the time (especially for 
stable distributions), sometimes it's not possible to use the stable 
distro releases, as they many times are way-behind the current version 
of the software and it limits you to the features you have available.


For example, the stable version of mod_php for apache under Debian is 
4.3.10-16, compared to the current stable release of PHP 4.4.4!


AIA, if you aren't too picky and don't need particular versions of your 
packages, then use your package manager to install them. Else, it's 
oftentimes better to compile and install packages from scratch as many 
compile-time options will increase performance for your particular 
hardware and allow customization (pick and choose what you do and don't 
want compiled into PHP). For both cases (especially if your development 
and production hardware are different), make sure you compile/install 
each environment with the same settings (configure options) to make 
absolutely certain that you don't have missing dependencies / 
expectations on your production system when they were there on the dev box.


--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] storing function names in db and running them as row is output?

[Christopher Weldon]

blackwater dev wrote:

First, the example I have is not the real situation, just an example so I
don't want to get into why are you doing it like that, etc.  Just want to
see if it's possible.

Basically, I want to store stuff in a text field in a db like this "johns
name is ucfirst('john adams') ".

When I cycle through that row for output in my php script, I want it to not
see ucfirst as text but as the php function and run ithow is the
possible?

Thanks.



$db_query = mysql_query("select command from table");
if ($db_query && mysql_num_rows($db_query) > 0) {
  while ($array = mysql_fetch_array($db_query)) {
eval($array['command']);
  }
}

eval() is your solution.

--
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] R: [PHP] session_start() and fopen

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Fabri wrote:
> Hi Christopher: this is just a simplified code, I use it to generate some
> xml file, no loop is present.
> 
> Try it as it is: you will find that two files will be generated while it
> should be only one.
> If you remove 'session_start()' then only one file will be generated: that's
> correct!
> 
> Fabri 

Hey Fabri,

I cannot replicate this bug (PHP 4.2.3 on older server). I'm only
getting one file written. What version of PHP are you using?

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFCa33Zxvk7JEXkbERAkT6AJwODHyP1uvE7UjlAOsjSlTf83LS0ACgifny
XRbhB2bRYZsKCvCl09QLkS0=
=lSIJ
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session_start() and fopen

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Fabri wrote:
> Hello, would you please help me on this issue that is making me crazy?
> 
>  
> 
>  
> 
> I start a session with session_start() and I need to write a file, the file
> is written twice! If I remove session_start the code works obviously fine.
> 
> I used  the date as name of file so I can see the problem, otherwise the
> file is overwritten.
> 
>  
> 
> session_start();
> 
> $nome = date("Ymd-His");
> 
> $path = $nome . ".xml";
> 
> $fh = fopen($path, 'w');
> 
> if ($fh) {
> 
> fwrite($fh, 'ciao');
> 
> fclose($fh);
> 
> echo $path;
> 
> } 
> 
>  
> 
> does someone have an answer?
> 
> 

Yes, I believe you need to elaborate more on your objectives for the
code and what exactly you mean by the file being written twice. From the
code snippet above, it seems as though you are just going to overwrite a
file and destroy it's contents, not write to it twice.

This isn't being called from any sort of loop, is it?

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFCGnIZxvk7JEXkbERAj4OAKCVUc3lLkx7JcbwYavK/Qc/DYKtEQCfbU9w
EevaaQyHxc87B7qFwZxS0E4=
=BbS2
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Question on explode and join.

[Christopher Watson]

Definitely look into preg_match or even preg_replace, instead of
tokenizing the string and rubbing it up against an array of your own.
Iterate on your array of bad words, and then use Regular Expressions
to selectively hunt and squash.  You MAY be able to do it in one regex
operation by building a search pattern that covers everything.  Don't
know how much the PCRE functions can swallow at once, but it's worth a
try.

Christopher Watson
Principal Architect
The International Variable Star Index (VSX)
http://vsx.aavso.org


On 9/13/06, Beauford <[EMAIL PROTECTED]> wrote:

Hi,

I have a form which I want to check for inappropriate words before it is
posted. I have used explode to put the string into an array using a space as
the delimiter and then I check it against another array that contains the
inappropriate words.
I then replace the inappropriate words with *'s and join the array back into
a string.

This works perfectly except for one thing.

If the word in the string has a any kind of punctuation after it (period,
comma) it won't be matched.

So if  moron is an inappropriate word then "you are a moron" works, but "you
are a moron." won't.

Any ideas?

Thanks

This is my code.

function badwords($string) {

   $language = array(contains the inappropriate words);

   $words = explode(" ",$string);
   $count = count(explode(" ", $string));

   for($i = 0; $i < $count; $i++) {
   if(in_array(strtolower($words[$i]), $language)) {
   $words[$i] = "*";
   }
   }

   $newcomments = join(" ",$words);

   return $newcomments;
}




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mail() help

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

suresh kumar wrote:
> Hi,
>   I  am using php mail function to send mails to our customers.but when i 
> send mail to them.it is getting received in customers bulk folder .i want 
> mail to get received in customers inbox.i dont know the reason why its 
> getting stored in bulk folder.
>
>i attached the code.below,any one help me
> 
>   $to='[EMAIL PROTECTED]';
> 
> $subject='Password from MyAdTV';
> 
> $headers  = 'MIME-Version: 1.0' . "\r\n";
> 
> $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
> 
> $headers .= 'From: MyADTV @yahoo.co.in>' . 
> "\r\n";
> 
> $headers.= 'X-Mailer: PHP/' . phpversion(). "\r\n";
> 
> $sendmessage = "Here is the information you requestedYour 
> Logon name and Password details for MyADTV Account your LogonName 
> is : suresh  your Password is  rajaysIf You Want 
> To Login into Your MyADTV Account, href=\"Click'>http://myadtv.com/login.php\";>Click Here";
>   
>
>  mail($to,$subject,$sendmessage,$headers);
>   

Yes, you definitely have a problem with the From line, but I also
suggest that you turn your email into a multipart message - IE have a
plaintext version of your email as well as an HTML version of the email.
This not only will probably be less of a sign of "SPAM" because it won't
contain mostly HTML. I know SPAMAssassin has a rule that scores big SPAM
points for messages that are > 90% HTML.

Finally, after you fix all of those issues, if you still have a problem
with your messages being flagged as SPAM, send us the full email (with
all the headers) so we can see the reason behind the message being
marked as SPAM.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBx4pZxvk7JEXkbERAg6IAJ4pMh1DMNP+TrPIh+j7UHz51dSkqgCfUhzC
yiG9jiZDyjxPAjunLgOhiGo=
=z8H3
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] FUNCTION TO CHECK IMAGE

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

BBC wrote:
>> What types of images are these? JPG, PNG, GIF?
> Its jpg. Look... I don't know exactly what your point, I'm just asking you 
> about the function to resolve the size of image like the
> codes below:
> if (file_exists($img_path)){
> list($width,$height) = getimagesizes($img_path);
> }else{
> $width = $ height = $max_size;
> }
> So is there any other option to replace file_exists();?
> 

Well, if I do remember correctly, then you are uploading a file. If
that's the case, then rather than using file_exists() you should be
using is_uploaded_file. Once you've verified that is_uploaded_file()
returns true, then use move_uploaded_file() to move the file to
someplace on your filesystem. If that returns true, then you should not
have to check file_exists again and just be able to use get getimagesize().

So, a good function for this would probably be:

function getUploadedImageSize($image, $to_path) {
global $max_size;

$width = $height = $max_size;

if (is_uploaded_file($image)) {
if (move_uploaded_file($image, $to_path)) {
list($width,$height) = getimagesize($to_path);
}
}

return array($width, $height);
}

list($width, $height) = getUploadedImageSize($tmp, '/the/final/path');

BTW, I don't know if you did a copy and paste from your code or if you
just typed it in really quickly, but you do have a few syntactical
errors in the code above. First, the image sizing function is
getimagesize - singular, not plural. Second, in your assignment
statement, you have a space where there should not be one:

$width = $ height = $max_size;
  ^

Just wanted to make sure you knew about that in case it was copied and
pasted.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBjDqZxvk7JEXkbERAr3XAKCXlgni7S6KuHAOY9ch7O9AkRBmEgCfcd6u
Oc1YRxq4EhHkeJpspLW0RdU=
=Kxek
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] FUNCTION TO CHECK IMAGE

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

BBC wrote:
>> BBC wrote:
>>> Hi all.
>>> I'm having a problem regarding image handling. Sometimes an image can be 
>>> showed in browser normally (in my computer) but when I
>>> upload it into my site that image is not valid, so there is an issue in my 
>>> getimagesizes() function.
>>> Is there any function to recover such problem? I used 
>>> "if(file_exists($image_path))" but it couldn't solve the problem.
>>> Input would be appreciated
>> - From what it sounds like you are doing, you are uploading a file through
>> some form, then manipulating it's size. Is this correct?
> 
> Yes it is, but the uploading was going well (size is ok). When I show the 
> image on the web using getimagesizes(), 'sometimes' such
> image size couldn't be resolved.
> Is there any function to define that image is ok or not?
> 
>> What happens when you stop manipulating it's size and try to view just the 
>> uploaded
>> file?
> 
> Size of image (after or before uploading) would be same. but the issue still 
> there (sometimes)
> 
> 

What types of images are these? JPG, PNG, GIF?

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBaLsZxvk7JEXkbERAg62AJ4iWogZyWry445xv6bT8ld6Mfw79ACgkWhx
zfIJGqxli9pHPHrcHoi8FjI=
=sllc
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Really stupid cookie question

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brian Dunning wrote:
> I am embarrassed to ask this. If I set a cookie for 30 days, and the
> visitor comes back 25 days later but I do nothing to re-set the cookie,
> will his cookie expire in 5 days, or does his browser automatically
> reset it to another 30 days?
> 
> --PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

It will expire in 5 days.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBaHLZxvk7JEXkbERAgBXAJ400jfYjm5EggSZpCKt8s2tnEpy5QCgt3yZ
8Och6y0aCPxgJw6t1R/VQnE=
=oH63
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mail() help

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

suresh kumar wrote:
> Hi to all,
>   i am having one doubt regarding php mail function.i am using 
> php mail() function to send mail to the users.but when i send mail throught 
> php its going to the users bulk folder but not to the  user inbox.i dont know 
> the reason.
>
>Is there any setting that is requried in the php.ini file (or) the 
> user have to change their setting in their mail (or) is there any option 
> available to send mail to the user inbox.tnxs for reply
>
>  A.suresh
>
>   
> 
>   
> -
>  Find out what India is talking about on  - Yahoo! Answers India 
>  Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get 
> it NOW

There are several things you need to check for, and probably add to your
emails that you're sending.

Number one, add additional headers to make SPAM / Bulk filters realize
the message is not SPAM or should not be considered SPAM. IE:

$headers =  "From: Suresh Kumar <[EMAIL PROTECTED]>\r\n".
"X-Mailer: PHP 4.3.2\r\n".
"X-Sender: $_SERVER['HTTP_HOST']\r\n".
"X-Comment: If you can put a comment here, do it.\r\n";

mail($to, $subject, $body, $headers);

The above is considering you have already declared the $to, $subject,
and $body variables. Also, make sure your $subject is not
'undisclosed-recipients;' or something like that - it's a big no-no and
will definitely flag some SPAM filters. Put a valid e-mail address - but
you can still use the BCC-headers and everything should go just fine.
Alternatively, if your list is not too large, it looks better to run a
for / while loop to send each recipient a message directly (ie: not
using BCC) as that will cut down on the SPAM probability.

Second, if you are making MIME emails, make sure you are doing so
correctly. You can learn about creating multipart/alternative MIME
emails more at www.php.net/mail.

Finally, if none of the above works, it would be helpful for us to see
the headers of the received message from one of your recipients where
the message was put in the BULK folder.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBaG2Zxvk7JEXkbERAgZiAKCJVQfno2fAca13Sx7aXPWD2WMgUwCeOMBX
grbViYDnAXXy8l1i4liVHzE=
=ka5I
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] strip urls

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Merlin wrote:
> RalfGesellensetter schrieb:
>> Am Montag 11 September 2006 15:36 schrieb Merlin:
>>> I am trying to strip URL's out of a text. There is a function for
>>> this in php, but I can't find it anywhere. Can sombody help?
>>
>> hi, it's strip_tags and only removes the tags (> the plain text that would be displayed in a text browser.
> 
> Hi there,
> 
> thank you for the hint. This it the one I was searching for. However
> unfortunatelly the function also strips all other tags! I am looking for
> one that only does strip the  
> I am not so familar with regex, but I fear I would need to :-(
> 
> My guess is that it must be something like this:
> 
> $str = 'foo  test o';
> $str = preg_replace(' echo $str;
> 
> Can anybody help me on that? Thank you so much in advance.
> 
> Regards,
> 
> Merlin
> 

Two things:

First, you can actually specify which tags you don't want strip_tags to
take out. Say for example you want  and  tags to remain in the
string:

$string = strip_tags($string, '');

Second, don't forget the tags you'll need in the preg_replace function:

$str = preg_replace('/\]*\>/', "\1", $str);

You can use other characters, such as ! if you want instead of /, but
you have to use the same at the beginning and the end.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBZ9yZxvk7JEXkbERAhuUAJ4o4rBiypj2OwpHjrUj2e0XZ8FVhQCeJZ6e
eCOa+PYkyrRacqnT5VtoL/A=
=/r2e
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] does magic_quotes_gpc prevents sql injection through forms?

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Reinhart Viane wrote:
> 
> Seems that the only and best way to prevent mysql injection is the
> combination of mysql_real_escape_string combined with value validation.
> 

Yes, this should be what you use. When you think about application
design, not only should you escape the data going into the database for
security purposes. DBMS's have certain characters specific to them that
can make the DMBS think what's been inputted as a quote, but PHP won't
see it as a quote, and magic_quotes, addslashes, etc. won't catch it -
still leaving a security hole.

You should also be making sure you're inserting the proper data (ints in
integer fields, strings in varchar, char, text, etc. fields) so that
your DBMS doesn't start spitting SQL errors out in a log (or worse yet -
to your visitor) and cause nightmares for visitors entering seemingly
valid data when they aren't. This is definitely done in the case where
you don't have quotes around your data in the SQL query - as is done
sometimes with integer, double, etc.

Easy validation for integer:

is_numeric($_POST['var'])

Easy way to just straight-up typecast:

$clean['var'] = (int) $_POST['var'];

The best way is to check to see if it is_numeric rather than force it's
type to be integer - but for simplicities sake, it can be used.

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBXHEZxvk7JEXkbERAuf/AJ9Rs8TxgKjNlK6XR59KykTq3OXUdACeNPaW
O5j8lNIEWIaPA56ZdCttaUA=
=+ur0
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 4 OOP, re-using a object?

[Christopher Weldon]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Micky Hulse wrote:
> Micky Hulse wrote:
>> Any help, even a RTFM link, would be really appreciated. :)
> 
> Hi all,
> 
> A fellow list member gave answered my question off-list and pointed me
> here:
> 
> http://www.php.net/oop
> 
> Going to (re)read... It has been a while since I last worked with
> classes. :)
> 
> I asked because I was getting an error with my code... I thought it was
> how I was calling it.
> 
> Anyway, have a great day,
> Cheers,
> Micky
> 
> 

What's the error, and how do you have the class and functions defined?

- --
Christopher Weldon, ZCE
President & CEO
Cerberus Interactive, Inc.
[EMAIL PROTECTED]
979.739.5874
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBMjMZxvk7JEXkbERArjTAKCVd57A8Pj+aoaY0iF4BU/5A1dmawCeP3ku
h4bOmUAeBphVXvOfnnpOwUQ=
=JPWQ
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php