Re: [PHP] Sending e-mail via socket
Paul M Foster wrote: > Second, you're doing this socket operation as though it's a static > one-sided conversation. I'm not an expert, but SMTP conversations > don't normally work this way. You issue the HELO, wait for the > response, issue other commands, wait for the response, etc. The way > you're doing it, if your SMTP conversation runs into any snags (like > the RCPT TO is not recognized), you won't know it. Your function will > simply ride over the error, because it's not listening to the SMTP > server. Even if the mailserver does pipelining, he'll still need to do the EHLO separately and wait for the response to see if it does. After that you can fire off everything in one go. /Per -- Per Jessen, Zürich (7.8°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
Hi, Well people better than me (how is that possible?!) have said that $_REQUEST has the potential to open your app up to security vulnerabilities, and that it should be avoided because of that. Here's a post from Stephan Esser about it on the PHP-Internals list: http://www.mail-archive.com/intern...@lists.php.net/msg32832.html Stephan heads up the Hardened-PHP project and when it comes to security, I don't know of anyone better. So, if he advises not to use _REQUEST, it's a good idea to follow that advice. -- Richard Heyes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to get the 'return type' of a function?
Hello guys, I try to use 'ReflectionFunction' to retrieve the info of a
function.
For example:
=== output ==
Function [ function strstr ] {
- Parameters [3] {
Parameter #0 [ $haystack ]
Parameter #1 [ $needle ]
Parameter #2 [ $part ]
}
}
The problem is there's no 'return type' (i.e. 'string' in this example)
info about the function.
Could you tell me how to retrieve the 'return type'?
Thanks.
--
Dasn
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re[2]: [PHP] Sending e-mail via socket
Hello Rene,
Can't do that since the message is personalized: I need to put in the
user name ("Hello $username") and some other data, so the BCC is not a
solution, unfortunately...
--
With best regards from Ukraine,
Andre
Skype: Francophile; Wlm&MSN: arthaelon @ yandex.ru; Jabber: arthaelon @
jabber.org
Yahoo! messenger: andre.polykanine; ICQ: 191749952
Twitter: m_elensule
- Original message -
From: Rene Veerman
To: Andre Polykanine
Date: Tuesday, February 23, 2010, 2:58:41 AM
Subject: [PHP] Sending e-mail via socket
have you tried mail() with a large bcc header?
On Tue, Feb 23, 2010 at 1:16 AM, Andre Polykanine wrote:
> Hello everyone,
> I've just subscribed to the list, and I already have a question.
> what I need to do is to send mail using sockets. Actually, the
> built-in Mail() function is great and I wouldn't have to search for
> something else if I didn't need more than one message to be sent at a
> time. Say, I have ten or a hundred of users who want to receive a
> notification about new blog entries. If I use the mail() function in
> the loop, it will be performed too slow since it constantly opens and
> closes the door, I mean, the SMTP connection.
> So I need an alternative.
> And here's what I'm doing:
>
> function socketmail($to, $subject, $message) {
> $from="Oire.org Administration ";
> $connect = fsockopen ("smtp.yandex.ru", 25, $errno, $errstr, 30);
> if ($connect) {
> $out="HELO localhost\r\n";
> $out.="MAIL FROM: $from\n";
> $out.="RCPT TO: $to\n";
> $out.="DATA\r\n";
> $out.="Content-Type: text/plain; charset=utf-8\n";
> $out.="To: $to\n";
> $out.="Subject: $subject\n";
> $out.="\n\n";
> $out.=$message." \r\n";
> $out.=".\r\n";
> $out.="RSET\r\n";
> fwrite ($connect, $out);
> fclose ($connect);
> } else {
> die ("Error: ".$errstr." ($errno)");
> }
> }
>
> socketmail ("arthae...@yandex.ru", "this is a socket mail test",
> "Testing mail sending");
> ?>
>
> And what I get is absolutely nothing. No errors, no warnings, no
> message in the mailbox.
> So three questions:
> 1. What's wrong with my script?
> 2. How to look where the error exactly is? Can't get server logs for
> some reason (will talk to tech support probably).
> 3. How to do the same thing but with an ability to send multiple
> messages without closing the connection after each message?
>
> Thanks!
>
> --
> With best regards from Ukraine,
> Andre
> Http://oire.org/ - The Fantasy blogs of Oire
> Skype: Francophile; Wlm&MSN: arthaelon @ yandex.ru; Jabber: arthaelon @
> jabber.org
> Yahoo! messenger: andre.polykanine; ICQ: 191749952
> Twitter: http://twitter.com/m_elensule
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
On Tue, 2010-02-23 at 09:19 +, Richard wrote: > Hi, > > Well people better than me (how is that possible?!) have said that > $_REQUEST has the potential to open your app up to security > vulnerabilities, and that it should be avoided because of that. Here's > a post from Stephan Esser about it on the PHP-Internals list: > > http://www.mail-archive.com/intern...@lists.php.net/msg32832.html > > Stephan heads up the Hardened-PHP project and when it comes to > security, I don't know of anyone better. So, if he advises not to use > _REQUEST, it's a good idea to follow that advice. > > -- > Richard Heyes > Well, he's only saying there that it 'most probably vulnerable' and mentions that cookies can overwrite post and get data. This isn't a problem with $_REQUEST itself but rather an applications' use of it. So what if someone crafts a cookie to send a bad value. If someone has the gen to do that, then they are going to know how to send get and post values as well. Only decent sanitisation will be able to protect against this. If the order of override variables in $_REQUEST is such an issue too, use the request_order ini setting to specify the order you'd prefer. I've never had any issues with using $_REQUEST, but found a lot of advantages to using it, as I often use a mix of data sources in the same app. Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] PHP / mySQL Project... Real men use 'cat'
On 23 February 2010 00:28, Daevid Vincent wrote: >> -Original Message- >> From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] >> >> On Mon, 2010-02-22 at 14:39 -0800, Don Wieland wrote: >> >> > I am needing assistance IMMEDIATELY in finishing up a project (the >> > developer went in to have shoulder surgery and will be out of >> > commission for 3 weeks) and I need this finished soon. >> >> That only puts one arm out of action surely? >> A real programmer would use the one hand! > > Real programmers use 'cat'. I've always found 'dog' and 'rabbit' to be more stimulating. -- - Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: help, please, understanding my problem
It works like it is ... once. What I don't understand is why the client browser(s I have tried it with Firefox and IE 6) can't find the Javascript function the second time. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: help, please, understanding my problem
On Tue, 2010-02-23 at 05:55 -0600, Stan wrote: > It works like it is ... once. What I don't understand is why the client > browser(s I have tried it with Firefox and IE 6) can't find the Javascript > function the second time. > > > I've had a look, but I'm not sure what you're trying to achieve with your Javascript. The .js files seem to be present in the page even after entering dummy access details into the page. You said you're using PHP to modify what gets put into the .js file. Are you maybe modifying it in a way that breaks the javascript? Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] How to get the 'return type' of a function?
2010/2/23 Dasn :
> Hello guys, I try to use 'ReflectionFunction' to retrieve the info of a
> function.
> For example:
>
> $rf = new ReflectionFunction('strstr');
> echo $rf;
> ?>
> === output ==
>
> Function [ function strstr ] {
>
> - Parameters [3] {
> Parameter #0 [ $haystack ]
> Parameter #1 [ $needle ]
> Parameter #2 [ $part ]
> }
> }
>
> The problem is there's no 'return type' (i.e. 'string' in this example)
> info about the function.
>
> Could you tell me how to retrieve the 'return type'?
> Thanks.
I think PHP doesnt support it.
In ReflectionParameter class you'll see there is no parameter type too.
May be this is because PHP is loosely typed language.
--
Shiplu Mokaddim
My talks, http://talk.cmyweb.net
Follow me, http://twitter.com/shiplu
SUST Programmers, http://groups.google.com/group/p2psust
Innovation distinguishes bet ... ... (ask Steve Jobs the rest)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP / mySQL Project... Real men use 'cat'
Depends on what you do with them! Bastien Sent from my iPod On Feb 23, 2010, at 6:42 AM, Richard Quadling wrote: On 23 February 2010 00:28, Daevid Vincent wrote: -Original Message- From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] On Mon, 2010-02-22 at 14:39 -0800, Don Wieland wrote: I am needing assistance IMMEDIATELY in finishing up a project (the developer went in to have shoulder surgery and will be out of commission for 3 weeks) and I need this finished soon. That only puts one arm out of action surely? A real programmer would use the one hand! Real programmers use 'cat'. I've always found 'dog' and 'rabbit' to be more stimulating. -- - Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] $_POST vs $_REQUEST
From: Rene Veerman [mailto:rene7...@gmail.com]
> On Mon, Feb 22, 2010 at 9:39 PM, Slack-Moehrle
>>
>> Single quotes is best, correct to prevent sql injection?
>
> sql injection fixing is an evolving art, but you can start by pushing
> all variables that can be changed by end-users going into a database
> through a marshalling-function fixSQLinjectionToDB ($var) { return
> addslashes($var); };
> addslashes is the minimum fix i believe, but google around and give us
> back the up-to-date uber-fix-function please :)
Slash is the wrong character. The correct SQL escape character is the
single quote.
The best way to prepare text fields is to use the DB specific escape
functions on each text field before assembling the command string, i.e.
pg_escape_string(). But that is after all fields have been sanitized and
validated.
In addition, if magic_quotes is turned on, you also need to remove them
before doing the validation. The contributed notes in the online manual
have some good suggestions on how to accomplish this.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to get the 'return type' of a function?
2010/2/23 Dasn :
> Hello guys, I try to use 'ReflectionFunction' to retrieve the info of a
> function.
> For example:
>
> $rf = new ReflectionFunction('strstr');
> echo $rf;
> ?>
> === output ==
>
> Function [ function strstr ] {
>
> - Parameters [3] {
> Parameter #0 [ $haystack ]
> Parameter #1 [ $needle ]
> Parameter #2 [ $part ]
> }
> }
>
> The problem is there's no 'return type' (i.e. 'string' in this example)
> info about the function.
>
> Could you tell me how to retrieve the 'return type'?
> Thanks.
>
>
> --
> Dasn
That's not possible. Consider this function:
function foo()
{
switch (rand(0, 1)) {
case 0: return 42;
case 1: return 'bar';
}
}
What should the return type be?
--
Daniel Egeberg
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to get the 'return type' of a function?
2010/2/23 Daniel Egeberg
>
> 2010/2/23 Dasn :
> > Hello guys, I try to use 'ReflectionFunction' to retrieve the info of a
> > function.
> > For example:
> > >
> > $rf = new ReflectionFunction('strstr');
> > echo $rf;
> > ?>
> > === output ==
> >
> > Function [ function strstr ] {
> >
> > - Parameters [3] {
> > Parameter #0 [ $haystack ]
> > Parameter #1 [ $needle ]
> > Parameter #2 [ $part ]
> > }
> > }
> >
> > The problem is there's no 'return type' (i.e. 'string' in this example)
> > info about the function.
> >
> > Could you tell me how to retrieve the 'return type'?
> > Thanks.
> >
> >
> > --
> > Dasn
>
> That's not possible. Consider this function:
>
> function foo()
> {
> switch (rand(0, 1)) {
> case 0: return 42;
> case 1: return 'bar';
> }
> }
>
> What should the return type be?
Mixed?
http://www.php.net/manual/en/language.pseudo-types.php#language.types.mixed
>
> --
> Daniel Egeberg
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to get the 'return type' of a function?
At 3:17 PM +0100 2/23/10, Daniel Egeberg wrote:
2010/2/23 Dasn :
> Could you tell me how to retrieve the 'return type'?
Thanks.
--
Dasn
That's not possible. Consider this function:
function foo()
{
switch (rand(0, 1)) {
case 0: return 42;
case 1: return 'bar';
}
}
What should the return type be?
--
Daniel Egeberg
It can be anything you want to test for -- check out:
is_int();
is_nan();
is_float();
is_long();
is_string();
IOW, is_whatever();
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP / mySQL Project...
At 11:46 PM + 2/22/10, Ashley Sheridan wrote: On Mon, 2010-02-22 at 14:39 -0800, Don Wieland wrote: Hello, I am needing assistance IMMEDIATELY in finishing up a project (the developer went in to have shoulder surgery and will be out of > commission for 3 weeks) and I need this finished soon. -snip- Don Wieland > D W D a t a C o n c e p t s That only puts one arm out of action surely? A real programmer would use the one hand! Only joking, hope his/her surgery goes without any problems. Thanks, Ash I was thinking the same thing. I suffered a massive DVT and PE that confined me to a hospital bed for three weeks, yet I worked almost every day with my laptop. Some clients understand and some don't. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $_POST vs $_REQUEST
At 11:07 PM +0100 2/22/10, John Black wrote: On 02/22/2010 10:37 PM, Michael Shadle wrote: On Mon, Feb 22, 2010 at 1:30 PM, David Murphy wrote: Richard, The use of $_REQUEST it no more a security hole than $_GET or $_REQUEST, they should ALL be treats as bad data until normalized and sanitized. The claim that it opens a security hole is just false, that's like saying PHP is insecure, its not it just allows for lazy coding such as $_REQUEST. It represents a way for people to exploit coders who don't know any better. Expecting a cookie value to come through in $_REQUEST but you could override using a query string parameter makes for easy exploitation. And how is this more secure? I can create a cookie, send post or get on my client machine and send anything I want to the server. Just because you are getting a cookie does not mean that you created it :) So you might as well use request because the data can not be trusted either way. -- John It is true that you cannot trust any data coming from a client (i.e., POST, GET, COOKIE, REQUEST, Whatever). However, in trying to secure what you are doing it makes sense to know specifically the origin of your data. Additionally, if you know specifically where your data is coming from, then there are no surprises as there can be by using REQUEST. I am sure you realize that the data provided by a REQUEST can be overridden by processes you may have not accounted for. For example, while you are thinking that the data you're working on was provided by one super global it actually was overridden by another can lead to problems, including security. One security directive is to keep the process simple and under control. The more complicated you make it, the less secure it becomes regardless of the method of data collection. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: help, please, understanding my problem
On Tue, Feb 23, 2010 at 1:03 PM, Ashley Sheridan wrote: > Are you maybe modifying it in > a way that breaks the javascript? > that would be my guess too... firefox + firebug will often give accurate error messages for badly formed js. the error itself is known to be caused by malformed js unable to be parsed by the browser. ie(8) does more js syntax nagging than most other browsers. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to get the 'return type' of a function?
tedd wrote:
> At 3:17 PM +0100 2/23/10, Daniel Egeberg wrote:
>> 2010/2/23 Dasn :
>> > Could you tell me how to retrieve the 'return type'?
>>> Thanks.
>>>
>>>
>>> --
>>> Dasn
>>
>> That's not possible. Consider this function:
>>
>> function foo()
>> {
>> switch (rand(0, 1)) {
>> case 0: return 42;
>> case 1: return 'bar';
>> }
>> }
>>
>> What should the return type be?
>>
>> --
>> Daniel Egeberg
>
>
> It can be anything you want to test for -- check out:
>
> is_int();
> is_nan();
> is_float();
> is_long();
> is_string();
>
> IOW, is_whatever();
>
> Cheers,
>
> tedd
>
As PHP is loosely typed, the only real way around this is to specify a
return type in a PHPDoc block, then parse that using reflection to get
the @return parameter.
another option is to use something like haXe which is an ECMA style
typed language that compiles to multiple targets, one of which is PHP.
Regards!
Nathan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: help, please, understanding my problem
Thanks all.
I rediscovered DIFF, compared the source for the first and second rendering.
Besides the unique variable names there was also the message ... which
contained imbedded single quote marks. When I changed them to imbedded
double quote marks the problem went away.
""Stan"" wrote in message
news:11.66.00376.2ce92...@pb1.pair.com...
> I have a PHP page that has
> require_once("genMyOverlay.js.php");
> .
> .
> .
> echo "";
> echo "doit(\"mydiv\");";
> echo "";
>
> genMyOverlay.js.php contains: createDiv() (see below) that creates a ID="mydiv"> and sets it up to overlay a portion of the wbe page and
> doit()starts it off.
>
> invoke the web page once and it works like it should. invoke the web page
a
> second time (and thereafter until a new session) and it gets error:
> "doit is not defined"
>
> view the source (at the client browser) and it is identical both (all)
times
>
> can anyone please help me understand what is happening?
>
> genMyOverlay.js.php contains
>
> echo "