[PHP] Some undefined function errors
Hi all. Recently, I wrote an email about the problem I was having with some Postgres functions that when those functions were called, I received the following error: Call to undefined function function_name. After some answers, I decided to rebuild a brand new linux virtual machine with Apache + PHP + Postgres, but I still get this annoying error messege with some functions like pg_prepare() and pg_escape_string(). I compiled Postgres with --without-readline option. I compiled PHP with --with-apxs2=/usr/local/apache2/bin/apxs and --with-pgsql=/usr/local/pgsql/ And the compilation process has no errors. What am I doing wrong? Do I have to change something in php_config.h file? If so, what do I have to change? Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Some undefined function errors
Yes. Phpinfo() tells me it's ok: pgsql PostgreSQL Support enabled PostgreSQL(libpq) Version 8.4.4 Multibyte character support disabled SSL support enabled Active Persistent Links 0 Active Links 0 Directive Local Value Master Value pgsql.allow_persistent On On pgsql.auto_reset_persistent Off Off pgsql.ignore_notice Off Off pgsql.log_notice Off Off pgsql.max_links Unlimited Unlimited pgsql.max_persistent Unlimited Unlimited My PHP version is 5.3.2. My PostgreSQL version is 8.4.4 and I'm running the server under the restrict 'postgres' user privileges since I can't run the daemon process as 'root'. Thank you for some help. --- Em qui, 20/5/10, Fernando ferna...@ggtours.ca escreveu: De: Fernando ferna...@ggtours.ca Assunto: Re: [PHP] Some undefined function errors Para: php-general@lists.php.net Data: Quinta-feira, 20 de Maio de 2010, 12:23 Sorry I miss read the question. It does seem that php is not picking up the pg module and cannot find the functions. I assume Postgresql is in fact installed at /usr/local/pgsql. If you run phpinfo(); can you see that PG is installed? On 20/05/2010 10:46, Giancarlo Boaron wrote: ** I make the function call in a php file. I'm not using stored procedures. If I create an empty php file and put only some of these functions, Apache reports de 'call to undefined function XXX'. --- Em *qui, 20/5/10, Fernando /ferna...@ggtours.ca/* escreveu: De: Fernando ferna...@ggtours.ca Assunto: Re: [GENERAL] [PHP] Some undefined function errors Para: pgsql-gene...@postgresql.org Data: Quinta-feira, 20 de Maio de 2010, 11:25 Are you calling store procedures that return cursors? I had this problem with cursors because the transaction gets committed and the cursor closed after they return. Mind you I had the problem on .NET using npgsql, so I might be way off. Cheers On 20/05/2010 10:05, Giancarlo Boaron wrote: Hi all. Recently, I wrote an email about the problem I was having with some Postgres functions that when those functions were called, I received the following error: Call to undefined functionfunction_name. After some answers, I decided to rebuild a brand new linux virtual machine with Apache + PHP + Postgres, but I still get this annoying error messege with some functions like pg_prepare() and pg_escape_string(). I compiled Postgres with --without-readline option. I compiled PHP with --with-apxs2=/usr/local/apache2/bin/apxs and --with-pgsql=/usr/local/pgsql/ And the compilation process has no errors. What am I doing wrong? Do I have to change something in php_config.h file? If so, what do I have to change? Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Some undefined function errors
Hi Jim. I think it depends on each server configuration but I checked in my server and I don't have the 'pgsql.so' and 'psql.ini' files and neither the 'www' directory. My Apache version is 2.2.15 and my root directory is /usr/local/apache2/htdocs. Thank you. --- Em qui, 20/5/10, Jim Lucas li...@cmsws.com escreveu: De: Jim Lucas li...@cmsws.com Assunto: Re: [PHP] Some undefined function errors Para: Giancarlo Boaron gboa...@yahoo.com.br Cc: pgsql-gene...@postgresql.org, php-general@lists.php.net, pgsql-nov...@postgresql.org Data: Quinta-feira, 20 de Maio de 2010, 13:04 Giancarlo Boaron wrote: Hi all. Recently, I wrote an email about the problem I was having with some Postgres functions that when those functions were called, I received the following error: Call to undefined function function_name. After some answers, I decided to rebuild a brand new linux virtual machine with Apache + PHP + Postgres, but I still get this annoying error messege with some functions like pg_prepare() and pg_escape_string(). I compiled Postgres with --without-readline option. I compiled PHP with --with-apxs2=/usr/local/apache2/bin/apxs and --with-pgsql=/usr/local/pgsql/ And the compilation process has no errors. What am I doing wrong? Do I have to change something in php_config.h file? If so, what do I have to change? Thank you. Depending on what version of apache you are running, you need to make sure that you are loading the pgsql.so file or have the psql.ini file in your /var/www/conf/php5/ directory. This way it knows to load pg. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problem with pg_prepare function
Hi all. I'm receiving the following message when I try to use pg_prepare() function: Call to undefined function pg_prepare(). My application works very well with others pg_* commands... I already checked my configuration files and I have no more ideas about how to fix it. Any suggestions? Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] auth-check_feature and different expires
I was now trying the snapshot with the aim of providing a different expire for eg user kris (admin), than anoter user (not admin). So I defined the Example_Auth (eg the admin only showoff) with a lifetime=1, and a example_default_auth with a lifetime of 3 minutes. But when I am visiting, as admin, a page that is for default_auth, my lifetime gets extended to that of the defauth class, because it's in the persistent $auth-auth array. While I would be able to keep my 'admin' one. So maybe the check feature should also check, if different auth feature, also recalclate the $auth-auth[exp] inherited. Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] own session_name gc
The manual gives an example: function destroy ($id) { global $sess_save_path, $sess_session_name; $sess_file = $sess_save_path/sess_$id; return(unlink($sess_file)); } /* * WARNING - You will need to implement some * * sort of garbage collection routine here. * */ function gc ($maxlifetime) { return true; } But the function_destry is passed a var, $sess_session_name, that does affect noting. Suppose some baldous guy installs a multiuser game that he wants to reset all the sessions, will he block everything for everyone, forcing logoffs etc, unadvetedly? Or, put on anoter way: a savy designer that would like to neatly gc only his session_name()'s recs, how could he? Or is he aware that without an own save path that will cause damage? Or how else not? Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] why manual says 'don't use session_register'?
The manual has many cautions that say 'do not use session_regiister,, session_is_registered, session_unregister, when the ini setting is register_globals=off. But they still do work, it seems. Or how exactly do these function work differently than with reg_globals On? Can I still continue to use them with reg_globals=off, as they seem to work anyway? Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] disabled cookies and sessions
Nick Wilson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * and then Chris Sechiatano declared You have to code the PHPSESSID into your URL if your browser has cookies disabled or else it won't work. No. As I said, i have php compiled with --enable-trans-sid Php session work differently from PHPLIB. PHPLIB will generate a session, if no cookie and no SID in URL is found, then append it to the URL and redirect you there. In this situation, phplib used to accept and adopt any SID in the url, if there was one. Now no more: phplib will accept a session in the url only if it exists. PHP session don't quite work the same. if no cookie nor SID in url, you have to provide it in the URL, and it will be the session. In fact, if you provide it in the url, it will adopt it and create it even if you have cookies enabled! Great feature for spies. Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: emulating --enable-trans-sid -- project idea?
Justin French wrote: Hi all, About 2.30 in the morning I started kicking around an idea, based on the recent discussions on sessions, and what --enable-trans-sid did. From my understanding: + if there is no session cookie, set a cookie AND append a session ID to URLs on the first (session start) page AND do a redirect to self. This is how phplib worked. How do you distinguish the 'first page' from the others? + on the next page, the session is carried, and it checks to see if the cookie set on the prev. page can be found - if it can, it now knows (presumably by setting a session var) that cookies are okay - if it can't, it assumes cookies are not avail, and it knows that the session must be appended to each URL Not quite like that. This is the same as saying: if there's a session in the URL ad no cookie, presume cookies are not available. Wrong presumption. This is the reason why now it is spoofable by opening any page with a user-provided session in the URL + if the session ID must be appended, it waves a magic wand over every .php page and appends a session id... i GUESS through buffering or parsing the entire output. So, couldn't this be emulated by : + following the same set/check routine above + if needed, wave a magic wand over the output before it's sent to the page, by the use of output buffering? If some enough ppl on this list believe it's a good idea to pursue this, and don't think it will result in a big performance drop or anything, I'm keen to start work on it as an opensource project, hopefully with the support of this list to make sure it stays on the right track. On the other hand, there may be a huge flaw in my idea :D Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: emulating --enable-trans-sid -- project idea?
Justin French wrote: Hi all, About 2.30 in the morning I started kicking around an idea, based on the recent discussions on sessions, and what --enable-trans-sid did. From my understanding: + if there is no session cookie, set a cookie AND append a session ID to URLs on the first (session start) page + CREATE THAT PHP SESSION as soon as the sid is generated. And THEN redirect to self + on the next page, the session is carried, and it checks to see if the cookie set on the prev. page can be found - if it can, it now knows (presumably by setting a session var) that cookies are okay - if it can't, it assumes cookies are not avail, and it knows that the session must be appended to each URL + IF THE SESSION IS FOUND EXISTENT. It should, because you created it when generated the sid, before doing the redirect to self. Otherwise someone is spoofing. I've recently modified the PHPLIB behavior about session creation policy, to behave like this. The patch is commited and published at the project's site. + if the session ID must be appended, it waves a magic wand over every .php page and appends a session id... i GUESS through buffering or parsing the entire output. So, couldn't this be emulated by : + following the same set/check routine above + if needed, wave a magic wand over the output before it's sent to the page, by the use of output buffering? If some enough ppl on this list believe it's a good idea to pursue this, and don't think it will result in a big performance drop or anything, I'm keen to start work on it as an opensource project, hopefully with the support of this list to make sure it stays on the right track. On the other hand, there may be a huge flaw in my idea :D Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] the ?PHPSESSID=spoofme 'bug'
Can I tell you more than what the subject says? proceeding: Close the browser, clean all your cookies, and open any page with that ?PHPSESSID=spoofme appended. And see what happens. 1) No cookies are left 2) a session 'spoofme' is created Do you need more? Javascript url injection ad cross site scripting become obsolete with this 'feature'. PLS! I mean, as the zend site doesn't quite work like this (do the same test proceeding as described above...) Their session to append to your cookie-enabled browser location are Zend_Session_DB=whatever and Zend_Session_DB_SECURE=whatever2 on their login page. I don't know if this is related to the free downloadable version, and the one they sell and adopt is more 'fortified'... they should clearly state it then! Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: the ?PHPSESSID=spoofme 'bug'
I myself wrote: Can I tell you more than what the subject says? proceeding: Close the browser, clean all your cookies, and open any page with that ?PHPSESSID=spoofme appended. And see what happens. 1) No cookies are left 2) a session 'spoofme' is created Do you need more? Javascript url injection ad cross site scripting become obsolete with this 'feature'. PLS! I mean, as the zend site doesn't quite work like this (do the same test proceeding as described above...) Their session to append to your cookie-enabled browser location are Zend_Session_DB=whatever and Zend_Session_DB_SECURE=whatever2 on their login page. I don't know if this is related to the free downloadable version, and the one they sell and adopt is more 'fortified'... they should clearly state it then! Gian I've commited the latest PHPLIB version (php-lib-stable) that humbly tries to prevent this unsecure behaviour, as I said in one of my prev messages. I can't extend it to the so-called PHPLIB4 (that uses native PHP4 session) tree, because PHP is truely holed in that. Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: the ?PHPSESSID=spoofme 'bug'
Giancarlo Pinerolo wrote: I myself wrote: Can I tell you more than what the subject says? proceeding: Close the browser, clean all your cookies, and open any page with that ?PHPSESSID=spoofme appended. And see what happens. spoofme is not the exact term. ?PHPSESSID=hijackme should be more appropriate, but I avoided it for well known 'historical' reasons :-| G -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session security
Why can a user force php to create a session he's giving the name in the URL? Do you want me to list an half a dozen ways to get rich now with this holes? Does anyone understand the malice of this? Anyone can offer you a click on a session he's going to visit later and hijack from you? Anyone can post data in a black hole of his own and pass it around secretly? Anyone can place precise strings in a precise file location on a server? How is it that a user can force to have any session string, passed in the URL, being created, even when cookies are fully funcional and enabled? Is it possible that there is no policy on creating a new session? There so much fuzz about register_globals, and we let the user create the sessions they want? Shouldn't we check that's us who issued the ticket? How is it that I cannot find a decent reply to these questions? Giancarlo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] is session.use_trans_sid dangerous?
Hi, I've tried the PHP4 built-in sessions, and both with and without the default setting off session.use_trans_sid php.ini, I see that you can force anyone into a session if you point to a URL like http://myhost/a_page.php?PHPSESSID=blackhole even if his cookie are enabled. Wasn't that supposed to be an alternative for those clients with cookies disabled? Is it correct that does it work even if cookies are enabled? Is it correct that there is no check, nor a switch or a directive, that prevents from accepting a session we haven't issued? Thanks Giancarlo Pinerolo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] new session policy
Is it possible that the PHP session features will accept as new any id not generated by the webserver itself? And where's the utility of that? Isn't it an enormous hole? Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] new session creation policy is trust user input ?
What are the benefits of trusting any id provided by the user, when creating a new session? Why should we allow users to create their own session id, and maybe pass them around? Or being driven to some session faked/created by someone else? Can we control that a new session id has been effectively issued by us, and only create new session id that we have generated? Gian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Mysql Question...
Is it possible know the date and the time of the last update of a table in a MYSQL Database? Bye!
[PHP] max size of array
what is the max number of elements into an array?
[PHP] max size of array
what is the max number of elements into an array?
[PHP] prova
ciao -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] help me!! cookie and IIS
i work with php3 and mysql in IIS webserver,my project in php work right on the localhost, but not in the other pc of the LAN, what can i do? the internet options enable Cookies. thank you? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]