Re: [PHP] Re: About Session And Cookies
Hello, thanks for all the replies. However, since I'm not very familiar with trans_sid I'll do some research on that. Michelle Konzack, if hiding the id in hidden form field element or enabling trans_sid could lead to security risks, what would you recommend as an alternative method to safely transfer user information across different pages in a website? Thank you. On 8/18/07, Michelle Konzack [EMAIL PROTECTED] wrote: Am 2007-08-17 22:07:47, schrieb Bastien Koert: If cookies are not available, you can either hide the id in the hidden form field element or enable trans_sid to automatically pass the session id in the url This will be a security risk since Session-Hijacker can grap the URL Greetings Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian GNU/Linux Consultant # Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSN LinuxMichi 0033/6/6192519367100 Strasbourg/France IRC #Debian (irc.icq.com)
Re: [PHP] Cookies and sent headers
Kelvin Park wrote:
Otto Wyss wrote:
If built a simple login page and store any information within
$_SESSION's. Yet I'd like to move these into cookies but I always get
an error about sent headers. Is there a way to circumvent this
problem without changing too much in the page?
The setting of the cookies happens just at the end of the page.
if (!$errortext and $Anmelden) {
if (!empty($Permanent)) {
$expires = time()+ 365 * 86400; // 365 days
setcookie (l.Lastname, $_SESSION['l_Lastname'], $expires);
setcookie (l.Firstname, $_SESSION['l_Firstname'], $expires);
setcookie (l.Email1, $_SESSION['l_Email1'], $expires);
setcookie (l.Email2, $_SESSION['l_Email2'], $expires);
}
echo script type=\text/javascript\
parent.location.replace('$index_php;
/script;
exit;
}
O. Wyss
ob_start() might help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Fwd: [PHP] Cookies and sent headers
-- Forwarded message --
From: Kelvin Park [EMAIL PROTECTED]
Date: Aug 18, 2007 4:34 PM
Subject: Re: [PHP] Cookies and sent headers
To: M. Sokolewicz [EMAIL PROTECTED]
the javascript code can definitely change to head(location: whatever.php)
for redirection, if that's the solution, that would be the way to go, but if
you're encountering quite similar problems later you can try ob_start() or
whatever that was recommended in the comments before M. Sokolewicz's
bullshitting comment.
On 8/18/07, M. Sokolewicz [EMAIL PROTECTED] wrote:
bullshit,
what he sees is a warning emitted by PHP, his redirect is done using
JavaScript (which is clientside and has no, 0.0 effect on what PHP
emits). Now, I'm not going to go into how redirecting that way won't
work (or at least shouldn't), but a hint would be to do it properly
using header('Location: [...]') instead.
- Tul
Sanjeev N wrote:
Hi,
Its not the problem of cookies. Its problem of redirection or the
parent.location.replace function. I mean if you already output something
on
the page and tries to redirect then this problem happens.
Redirect before outputting anything on the page.. like space is also an
output.
Warm Regards,
Sanjeev
http://www.sanchanworld.com/
http://webdirectory.sanchanworld.com - Submit your website URL
http://webhosting.sanchanworld.com - Choose your best web hosting plan
-Original Message-
From: Otto Wyss [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 18, 2007 2:56 PM
To: php-general@lists.php.net
Subject: [PHP] Cookies and sent headers
If built a simple login page and store any information within
$_SESSION's. Yet I'd like to move these into cookies but I always get an
error about sent headers. Is there a way to circumvent this problem
without changing too much in the page?
The setting of the cookies happens just at the end of the page.
if (!$errortext and $Anmelden) {
if (!empty($Permanent)) {
$expires = time()+ 365 * 86400; // 365 days
setcookie (l.Lastname, $_SESSION['l_Lastname'], $expires);
setcookie ( l.Firstname, $_SESSION['l_Firstname'], $expires);
setcookie (l.Email1, $_SESSION['l_Email1'], $expires);
setcookie (l.Email2, $_SESSION['l_Email2'], $expires);
}
echo script type=\text/javascript\
parent.location.replace('$index_php;
/script;
exit;
}
O. Wyss
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About Session And Cookies
I am trying to setup a secure login system. I've heard that if I use just cookies for login, members without cookie turned out won't be able to see the member pages. Is using session recommended for e-commerce websites with shopping carts? Or, using both of them might be more effective in some way.
Re: [PHP] About Buggy SQL Query
Chris wrote:
Kelvin Park wrote:
mySQL database becomes inaccessible after a buggy sql string gets
queried.
The SQL server runs fine, however it seems like just the database is
being
looped infinitely so to say.
Here is an example:
(PHP)
$sql = SELECT * FROM DB_TABLE WHERE PR_NUMBER = $whatever, DFLJJ =
$SD;LOOE; (-- invalid sql query string)
mysql_query($sql);
When this query string is queried during the (webpage) loading
process, the
webpage just gets timed out without any error nor warning messages.
Does anyone know if there is a certain way to prevent mysql database
from
stalling due to buggy sql strings?
use mysql_real_escape_string to stop it from happening.
I've tried the mysql_real_escape_string, however it seemed like it was
working well at first, but the problem is that when I do the following
query, the database crashes:
$query = SELECT * FROM PRODUCT_TABLE WHERE MATCH (product, description)
AGAINST('whatever') OR MATCH(categoryname) AGAINST('whatever');
It seems like putting two match functions in the same query might have
caused the crash.
My question is, how could I immediately just have one of my databases in
the Database Server restarted (w/o affecting any of the data)?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] About Buggy SQL Query
Chris wrote: Kelvin Park wrote: mySQL database becomes inaccessible after a buggy sql string gets queried. The SQL server runs fine, however it seems like just the database is being looped infinitely so to say. Here is an example: (PHP) $sql = SELECT * FROM DB_TABLE WHERE PR_NUMBER = $whatever, DFLJJ = $SD;LOOE; (-- invalid sql query string) mysql_query($sql); When this query string is queried during the (webpage) loading process, the webpage just gets timed out without any error nor warning messages. Does anyone know if there is a certain way to prevent mysql database from stalling due to buggy sql strings? use mysql_real_escape_string to stop it from happening. Thanks, I looked over some comments posted on the PHP library web site under mysql_real_escape_string function. I didn't realize it is also used to aid sql injection prevention. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About UTF-8 / ANSI
I heard from a person that he was having some problem with uploading and displaying a web site on an ordinary web hosting server because the files weren't saved as UTF-8 charset (instead they were saved in iso-8859-1). Could saving HTML files in a different charset (UTF-8 or iso-8859-1) cause problem with the web hosting server making the website totally inaccessible? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About Buggy SQL Query
mySQL database becomes inaccessible after a buggy sql string gets queried. The SQL server runs fine, however it seems like just the database is being looped infinitely so to say. Here is an example: (PHP) $sql = SELECT * FROM DB_TABLE WHERE PR_NUMBER = $whatever, DFLJJ = $SD;LOOE; (-- invalid sql query string) mysql_query($sql); When this query string is queried during the (webpage) loading process, the webpage just gets timed out without any error nor warning messages. Does anyone know if there is a certain way to prevent mysql database from stalling due to buggy sql strings?
[PHP] About MySQL Tables
I have two tables that share product codes to relate data. One table is called IMAGE, and another one is called the PRODUCT. There are more than one image for every product, for example product code 1122 will have 3 images and 4938 will have 5 images within the IMAGE table. Since all my product information is stored in PRODUCT table except for the image file names (e.g. 1122_1.jpg, 1122_2.jpg or 4938_1.gif), I have to build the following query: SELECT * FROM PRODUCT, IMAGE WHERE PRODUCT.productcode = IMAGE.productcode. However, this causes a little problem. When I print out all the product information with its images, more than one copy of a product is printed out (because of multiple images for each product). I'm still looking for a way to build a query string so that I could have only one image displayed per product (so that a user can click on the product to view more images). Do you know how this problem can be best approached? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About PHP/MYSQL Pagination
I just couldn't find it anywhere, google or yahoo. I know how to make first, previous, last, and next links for php/mysql pagination. How do you list page numbers in the middle, between previous and next? (ex. first previous | 1 2 3 4 5 | next last ) I know how to display them from 1 to whatever by using for loop, but the problem comes in when I click next from page 5, it does not get re-listed starting from page 6. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: About PHP/MYSQL Pagination
Kelvin Park wrote: I just couldn't find it anywhere, google or yahoo. I know how to make first, previous, last, and next links for php/mysql pagination. How do you list page numbers in the middle, between previous and next? (ex. first previous | 1 2 3 4 5 | next last ) I know how to display them from 1 to whatever by using for loop, but the problem comes in when I click next from page 5, it does not get re-listed starting from page 6. nevermind, I figured it out. didn't know it was quite easy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About XSL Transformation
I have an XML file with 10 products with their registered dates(dates when they were created). My XSL code is set so that it sorts the products in descending order(latest to oldest) by registered dates. I tried to declare xsl:variable to increment within xsl:for-each, however I ran in to some dead ends. How do I print only the 5 latest products? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] About XSL Transformation
Nathan Nobbe wrote: this is basically a design decision on your part. since you are working w/ 2 programming languages, ie. php and xsl, you will need to determine how much logic is implemented in each language. i would recommend you devise a scheme early on in your application lifetime and stay consitent w/ the decisions you make. it will save you headaches in the long run. -nathan On 7/29/07, *Kelvin Park* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Nathan Nobbe wrote: build or modify the xml w/ php. or pickup a book on xsl :) -nathan On 7/29/07, *Kelvin Park* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I have an XML file with 10 products with their registered dates(dates when they were created). My XSL code is set so that it sorts the products in descending order(latest to oldest) by registered dates. I tried to declare xsl:variable to increment within xsl:for-each, however I ran in to some dead ends. How do I print only the 5 latest products? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Thanks! I checked out sitepoint's XSL book, and figured it out. I tried to do it with PHP, for me it seemed just a little bit more work than XSL transformation. Since I'm not very familiar with XSL most of my applications are in PHP and XML (parsed from MYSQL). I have the current project's design planned out with just PHP/XML, however I felt like it was more convenient to just do the latest item print out part with XSL (couple of files). I might run in to some challenges when I get to pagination, I was thinking whether I should deviate a little bit from the plan to create XML/XSL pagination of list of items. This might just become all hybrid code with PHP and XSL, which I'm not looking forward to have. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About One To Many MYSQL TO XML WITH PHP
I am keep running in to a dead end with trying to convert mysql databse tables (more than 4) to XML with PHP. Initially I tried to convert two tables with the code that's attached to this email, however it's limited to printing out just a table row WHERE column='value'. I can relate two tables on database with two rows that share same relational data, so I can do that for one row. Do you know any website that might explain how to convert joined multiple tables(with every rows) to XML? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP/MYSQL/XML Conversion
I'm trying to convert joined multiple database table to one xml file. Is it more efficient to initially, join multiple (more that 4 tables) together to produce XML file, or convert every table in to XML file and use those XML files to relate data? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About XSLT/XML Pagination
This site generally explains how pagination is done with xslt and xml. However it does not fully explain how to paginate the data when a certain number of rows are printed. For example, it wouldn't make another page after 100 item names were printed out where total there are 1000 items that need to be printed out, making it total 10 pages. Do you know what should be added in order to make it work? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About XSLT/XML Pagination
http://www.tonymarston.net/php-mysql/xsl.html#a1 This site generally explains how pagination is done with xslt and xml. However it does not fully explain how to paginate the data when a certain number of rows are printed. For example, it wouldn't make another page after 100 item names were printed out where total there are 1000 items that need to be printed out, making it total 10 pages. Do you know what should be added in order to make it work? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About Login Authentication
What's a good place in the Internet where I could learn about creating login and member authentication enabled web site? I would appreciate any good references.
[PHP] About XML XSLT
I'm trying to make a web site that it entirely XML/XSLT/PHP driven, without MYSQL. However, since I need to reuse the database from my last web site, I had to parse XML with PHP and save it as a file (e.g. xmlFile.xml) in my htdocs folder in FTP. However, I understand that this can cause some security issues such as someone just accessing the xml file from the htdocs folder. Would it be the best way to just place the parsed/saved XML file in the root folder of the FTP server for security purposes? Root folder meaning, the parent folder of htdocs, where it cannot be accessed normally through the browser.
[PHP] Re: About XML XSLT
I had to Parse XML with PHP with database from mysql. On 7/20/07, Kelvin Park [EMAIL PROTECTED] wrote: I'm trying to make a web site that it entirely XML/XSLT/PHP driven, without MYSQL. However, since I need to reuse the database from my last web site, I had to parse XML with PHP and save it as a file (e.g. xmlFile.xml) in my htdocs folder in FTP. However, I understand that this can cause some security issues such as someone just accessing the xml file from the htdocs folder. Would it be the best way to just place the parsed/saved XML file in the root folder of the FTP server for security purposes? Root folder meaning, the parent folder of htdocs, where it cannot be accessed normally through the browser.
[PHP] About PHP/XML/XSLT/MYSQL Web Sites
I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About Eclipse JVM Termination
Do you know the cause of this error? I'm trying to run it on 64bit Fedora 7. I have AMD64 and JRE 1.6.0_02 64bit is installed. Do you know how to fix the following error? if yes how? ** JVM terminated. Exit code=13 /usr/java/jre1.6.0_02/bin/java -Xms40m -Xmx256m -jar /home/kelvino/downloads/eclipse/plugins/org.eclipse.equinox.launcher_1.0.0.v20070516.jar -os linux -ws gtk -arch x86 -showsplash -launcher /home/kelvino/downloads/eclipse/eclipse -name Eclipse --launcher.library/home/kelvino/downloads/eclipse/plugins/org.eclipse.equinox.launcher.gtk.linux.x86_1.0.0.v20070516/eclipse_1017.so -startup /home/kelvino/downloads/eclipse/plugins/org.eclipse.equinox.launcher_1.0.0.v20070516.jar -exitdata 158008 -clean -data /tmp_workspace -vm /usr/java/jre1.6.0_02/bin/java -vmargs -Xms40m -Xmx256m -jar /home/kelvino/downloads/eclipse/plugins/org.eclipse.equinox.launcher_1.0.0.v20070516.jar **
[PHP] About Fraud Prevention
I'm trying to make a program with PHP, that prevents ecommerce fraud orders. Technically, what's the most effective way to prevent fraud orders on e-commerce web sites?
[PHP] About Incorporating MySQL and XML/XSLT/PHP
I'm using XSLT to make a website template and XML to describe the data on my website. Do I parse the data from MySQL to XML in order to apply styles and display them as XHTML with XSLT? I would have to use PHP to parse XML, however I was unclear on how to pass MySQL data to XML in order for it do be displayed through XSLT template. Do you know a good reference (website, book, article) for the most correct way to display MySQL data with XML/XSLT/PHP?
[PHP] About DOM function in PHP
I'm getting the following fatal error message: *Fatal error*: Cannot instantiate non-existent class: domdocument in * /home/hosting/infotechnow_com/htdocs/admin/inventory/catalog.php* on line *3 * when running this code: // Initialize new object for DOMDocument $doc = new DOMDocument(); What's the problem? **
[PHP] About PHP CMS
Is it possible to have PHP code completely separate from the HTML page that needs to be completely dynamic? (That's how ASP.NET sort of works I think). If this is possible, HTML CODE, PHP CODE, AND THE CSS CODE can be completely separate, increasing the clarity of all the source code. My second question is: Is it more efficient to always code OOP PHP then just simple functions here and there?
[PHP] About DREAMWEAVER
I'm trying to get rid of all the comments that are in a different language in dreamweaver. Anyone know how to do that automatically? I have like 1000 php files with full of comments in different language. I do not intend on translating them or doing anything with em, I just wanna get rid of them just like that. Maybe regular expressions will do? dunno. I'll appreciate any comment. thanks
[PHP] About Website Search Engine
I'm trying to build a search engine for my website (with php), it will have functions such as finding product names and their codes from the mysql database. Does anyone know any good tutorial or reference on any website, or any good books out there that you might recommend? I couldnt' find any decent one but only the ones that keep on saying, use google search engine to search your website! etc. Thanks!
