Re: [PHP] Re: RewriteRules
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote: Jason: In addition to what everyone else has said, try this: $self = basename($_SERVER['SCRIPT_NAME']) I use it for forms -- you might find it useful. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com No need to use it on forms, as leaving the action attribute empty means the form sends to itself anyway. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
At 2:33 PM + 1/13/09, Ashley Sheridan wrote: On Tue, 2009-01-13 at 09:20 -0500, tedd wrote: Jason: In addition to what everyone else has said, try this: $self = basename($_SERVER['SCRIPT_NAME']) I use it for forms -- you might find it useful. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com No need to use it on forms, as leaving the action attribute empty means the form sends to itself anyway. Ash Ash: That's what I've said for years, but (I think it was on this list, but too lazy to look) there was a concern that some browsers may not follow that default behavior. However, using what I provided will work regardless. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote: At 2:33 PM + 1/13/09, Ashley Sheridan wrote: On Tue, 2009-01-13 at 09:20 -0500, tedd wrote: Jason: In addition to what everyone else has said, try this: $self = basename($_SERVER['SCRIPT_NAME']) I use it for forms -- you might find it useful. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com No need to use it on forms, as leaving the action attribute empty means the form sends to itself anyway. Ash Ash: That's what I've said for years, but (I think it was on this list, but too lazy to look) there was a concern that some browsers may not follow that default behavior. However, using what I provided will work regardless. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com I've not yet seen a browser that doesn't do this, and it's pretty old HTML really, so I don't see a reason why any new browsers wouldn't incorporate it. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://
earthstones.com
No need to use it on forms, as leaving the action attribute empty
means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
Re: [PHP] Re: RewriteRules
On Tue, 2009-01-13 at 13:14 -0500, Jason Pruim wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://
earthstones.com
No need to use it on forms, as leaving the action attribute empty
means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
Wow, that's really low level... I haven't written a form tag in years.
:)
Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Jan 13, 2009, at 1:26 PM, Robert Cummings wrote:
On Tue, 2009-01-13 at 13:14 -0500, Jason Pruim wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
Wow, that's really low level... I haven't written a form tag in
years.
So then the question is begged... How do you write your forms? :) If
there's a better way to do it I'm all ears! Other then using CSS...
My HTML knowledge came from the 90's! :P
--
Jason Pruim
japr...@raoset.com
616.399.2355
Re: [PHP] Re: RewriteRules
On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
No need to use it on forms, as leaving the action attribute empty means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
You know that's asking for xss, right?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Tue, Jan 13, 2009 at 10:28 AM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 1:26 PM, Robert Cummings wrote:
On Tue, 2009-01-13 at 13:14 -0500, Jason Pruim wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
Wow, that's really low level... I haven't written a form tag in years.
So then the question is begged... How do you write your forms? :) If
there's a better way to do it I'm all ears! Other then using CSS... My HTML
knowledge came from the 90's! :P
--
Jason Pruim
japr...@raoset.com
616.399.2355
Build yourself a form builder :).
Makes writing a page as east as 1 2 3!
--
Kyle Terry | www.kyleterry.com
Re: [PHP] Re: RewriteRules
On Jan 13, 2009, at 1:30 PM, Kyle Terry wrote:
On Tue, Jan 13, 2009 at 10:28 AM, Jason Pruim japr...@raoset.com
wrote:
On Jan 13, 2009, at 1:26 PM, Robert Cummings wrote:
On Tue, 2009-01-13 at 13:14 -0500, Jason Pruim wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
Wow, that's really low level... I haven't written a form tag in
years.
So then the question is begged... How do you write your forms? :)
If there's a better way to do it I'm all ears! Other then using
CSS... My HTML knowledge came from the 90's! :P
--
Jason Pruim
japr...@raoset.com
616.399.2355
Build yourself a form builder :).
Makes writing a page as east as 1 2 3!
I'm getting there... But it works better for me if I understand how
it all works before I try and write software to automate it :)
--
Jason Pruim
japr...@raoset.com
616.399.2355
Re: [PHP] Re: RewriteRules
On Jan 13, 2009, at 1:29 PM, Eric Butera wrote:
On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim japr...@raoset.com
wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://
earthstones.com
No need to use it on forms, as leaving the action attribute
empty means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may
not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://
earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty
old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
You know that's asking for xss, right?
Not until just now But I'll be looking into that and changing it
to something more secure very shortly.
--
Jason Pruim
japr...@raoset.com
616.399.2355
Re: [PHP] Re: RewriteRules
On Tue, Jan 13, 2009 at 1:32 PM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 1:29 PM, Eric Butera wrote:
On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
No need to use it on forms, as leaving the action attribute empty means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
You know that's asking for xss, right?
Not until just now But I'll be looking into that and changing it to
something more secure very shortly.
--
Jason Pruim
japr...@raoset.com
616.399.2355
This might help:
http://www.thespanner.co.uk/2008/01/14/exploiting-php-self/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Tue, 2009-01-13 at 13:28 -0500, Jason Pruim wrote:
Wow, that's really low level... I haven't written a form tag in
years.
So then the question is begged... How do you write your forms? :) If
there's a better way to do it I'm all ears! Other then using CSS... My
HTML knowledge came from the 90's! :P
I use my FormJinn engine... here's a login form as an example:
?php
function createForm()
{
$formJinn = $this-getServiceRef( 'formJinn' );
$trans = $this-getServiceRef( 'translation' );
//
//
// Some pre-handling.
//
//
//
//
// Set up data for options.
//
//
//
//
// Setup form criteria.
//
//
$fields = array();
$values = array();
$preProcessors = array();
$validators = array();
$postProcessors = array();
$fields['username'] = 'text';
$fields['password'] = 'password';
$fields['redirect'] = 'hidden';
$fields['continue'] = 'submit';
//
//
// Preset values.
//
//
$redirect = trim( (string)$this-getHttpGetVar( 'redirect' ) );
if( $redirect )
{
$values['redirect'] = $redirect;
}
//
//
// Field widget attributes.
//
//
$widgetAtts = array
(
'username' = array
(
),
'password' = array
(
'secure' = true,
),
'continue' = array
(
'label' = $trans-get( 'Login' ),
),
);
//
//
// Widgets for which a breakdown of elements is desired.
//
//
$widgetElements = array();
//
//
// Field value validators.
//
//
$validators = array
(
'username' = array
(
array
(
'type' = 'mandatory',
'errorMessage' =
$trans-expand( '[!Required][!:] [!email
address]' ),
),
),
'password' = array
(
array
(
'type' = 'mandatory',
'errorMessage' =
$trans-expand( '[!Required][!:] [!password]' ),
),
),
);
//
//
// Form handlers.
//
//
$processHandler = array
(
array
(
'type' = 'custom',
'source' = 'MyProject/modules/auth/controller.php',
'method' = 'processLoginSubmission',
),
);
//
//
// Generate the form using formJinn.
//
//
$criteria = array
(
'formInfo' = array
(
'name' = $this-formName,
'actionUrl' = $this-actionUrl,
'finalize' = $processHandler,
'aggregateFields' = 'redirect',
),
'fieldInfo' = array
(
'fields'= $fields,
'values'= $values,
'clearValues' = true,
'preProcessors' = $preProcessors,
'validators'= $validators,
'postProcessors'= $postProcessors,
'widgetAtts'= $widgetAtts,
'widgetElements'= $widgetElements,
),
);
$this-slices
Re: [PHP] Re: RewriteRules
On Tue, 2009-01-13 at 13:29 -0500, Eric Butera wrote:
On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
No need to use it on forms, as leaving the action attribute empty means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
You know that's asking for xss, right?
How would you go about XSS on this? As I see it, you'd need
register_globals on for that to work.
Ash
www.ashleysheridan.co.uk
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: RewriteRules
On Tue, Jan 13, 2009 at 5:27 PM, Ashley Sheridan
a...@ashleysheridan.co.uk wrote:
On Tue, 2009-01-13 at 13:29 -0500, Eric Butera wrote:
On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim japr...@raoset.com wrote:
On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
At 2:33 PM + 1/13/09, Ashley Sheridan wrote:
On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
Jason:
In addition to what everyone else has said, try this:
$self = basename($_SERVER['SCRIPT_NAME'])
I use it for forms -- you might find it useful.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
No need to use it on forms, as leaving the action attribute empty means
the form sends to itself anyway.
Ash
Ash:
That's what I've said for years, but (I think it was on this list,
but too lazy to look) there was a concern that some browsers may not
follow that default behavior.
However, using what I provided will work regardless.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
I've not yet seen a browser that doesn't do this, and it's pretty old
HTML really, so I don't see a reason why any new browsers wouldn't
incorporate it.
I prefer to be specific in my programming :)
What I typically do with self submitting forms is:
?PHP
$self = $_SERVER['PHP_SELF'];
echo HTML
form method=post action={$self}
...
/form
HTML;
?
But to each his (Or her) own right?
--
Jason Pruim
japr...@raoset.com
616.399.2355
You know that's asking for xss, right?
How would you go about XSS on this? As I see it, you'd need
register_globals on for that to work.
Ash
www.ashleysheridan.co.uk
Read the examples in the link I provided.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
