Re: [PHP] Re: Xpath arguments in variable
On 15/09/10 18:00, David Harkness wrote:
And let's not forget
$v = $row->xpath("//membernumber[. = \"$MemberId\"]");
The \" inside the string turns into a double-quote and using " to delimit
the string allows for variable substitution.
Oooh, I hate using backslashes - they always seem so untidy...
I have a pathological fear of sed scripts, too. :(
--
Peter Ford, Developer phone: 01580 89 fax: 01580 893399
Justcroft International Ltd. www.justcroft.com
Justcroft House, High Street, Staplehurst, Kent TN12 0AH United Kingdom
Registered in England and Wales: 2297906
Registered office: Stag Gates House, 63/64 The Avenue, Southampton SO17 1XS
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] The session problems with a citrix terminal
Hi all, i am looking for a solution (approaching) for the following problem: My Application (PHP 5+, MySQL, Zend Framework) works fine. But unter the citrix terminal server allow to all user to see the informations (session data) of the last user. I think this is because all user of the terminal (thin clients) are connected with the terminal and use the same browser at all. Please if you know a solution for this issue, i will be glad to read it :-) Regards Carlos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] The session problems with a citrix terminal
On Thu, 2010-09-16 at 14:08 +0200, Carlos Medina wrote: > Hi all, > i am looking for a solution (approaching) for the following problem: > > My Application (PHP 5+, MySQL, Zend Framework) works fine. But unter the > citrix terminal server allow to all user to see the informations > (session data) of the last user. I think this is because all user of the > terminal (thin clients) are connected with the terminal and use the same > browser at all. > > Please if you know a solution for this issue, i will be glad to read it :-) > > Regards > > Carlos > Under Citrix, all the applications are run from the web server, not on your local computer, essentially making it like a glorified remote desktop. However, what Citrix should be doing is allowing everyone to have their own setup, so it should allow the sessions to work correctly as far as I understand it, unless Citrix has been configured badly. I assume every user has their own distinct login into Citrix yeah? Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] Re: libmcrypt usage
Gary wrote: Can anyone tell me what the equivalent to the following command line usage of openssl is, in php using the mcrypt_* functions, please: , | openssl enc -e -aes-256-cbc -k ... ` TIA. I tried , | $iv = mcrypt_create_iv(mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, | MCRYPT_MODE_CBC), |MCRYPT_DEV_RANDOM); | $encryptedData = mcrypt_cbc(MCRYPT_RIJNDAEL_256 | ,$passphrase | ,$data | ,MCRYPT_ENCRYPT | ,$iv); ` use MCRYPT_RIJNDAEL_128 use an iv that's 32 bytes long (not 16) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sending Encrypted Email
Floyd Resler wrote: I need to send encrypted email. Can I use our server's signed certificate we use for Apache? Yes you can use the servers certificate, you can use any x509 certificate you like - however, I'd recommend checking out startssl.org who will give you a free smime certificate. note: Each certificate has codes embedded which state for what you can use said certificate, although it's technically possible to use almost any certificate for anything, it's best to use one which has the correct flags set. Best, Nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
Hi there – I’m new to this news group. Any help with this is appreciated – When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street • Allentown, PA 18102 Office: 610-776-4784 • Cell: 484-544-2416 Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, 2010-09-16 at 10:11 -0400, Cheryl Sullivan wrote: > Hi there – I’m new to this news group. Any help with this is appreciated – > > When I populate session vars from a MYSQL query, they are still there when I > change pages. If I populate them from an MSSQL query, they drop. > > It doesn't matter if I get to the next page using a header redirect or a form > submit. I have two session vars I'm loading from a MYSQL query and they > remain, the two loaded from MSSQL disappear. > > I have confirmed that all four session vars are loading ok initially and I > can echo them out to the page, but when the application moves to the next > page via redirect or form submit, the two vars loaded from MSSQL are empty. > > Any ideas? > > > Cheryl L. Sullivan > Interface Analyst / Web Developer > > Sacred Heart Hospital (www.shh.org) > 421 Chew Street • Allentown, PA 18102 > Office: 610-776-4784 • Cell: 484-544-2416 > Please consider the environment before printing this e-mail > > > > Notice: This communication, including attachments, may contain information > that is confidential and protected. It constitutes non-public information > intended to be conveyed only to the designated recipient(s). If you believe > that you have received this communication in error, please notify the sender > immediately by return e-mail and promptly delete this e-mail, including > attachments without reading or saving them in any manner. The unauthorized > use, dissemination, distribution, or reproduction of this e-mail, including > attachments, is prohibited and may be unlawful. Thank you. > > There should be no difference. Can we see some examples of the MySQL and the MSSQL code to see what you're doing differently? Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] Valid Xml not validate with xsd
Hi:
I am working with a xml document that is validate with a schema.
Within php the xml does not validate, but if i use a external validator the
same xml validates with no problems.
My Php is now 5.2.14, but i test with 5.3.1 and the same problem.
I create a small program as example:
libxml_use_internal_errors(true);
$xDocXml = 'test-file.xml'; // xml
$xmldoc = new DOMDocument();
$bErro = $xmldoc->load( $xDocXml ); // loads xml
if ( $bErro )
{
$return = $xmldoc->schemaValidate( 'nfe_v2.00.xsd' );
if ( !$return )
{
$aErros = libxml_get_errors();
$sErro = '';
foreach ( $aErros as $oErro )
{
switch ( $oErro->level )
{
case LIBXML_ERR_WARNING:
$sErrosErro .= ' Atenção ' . $oErro->code . ": \n";
break;
case LIBXML_ERR_ERROR:
$sErro .= ' Erro ' . $oErro->code . ": \n";
break;
case LIBXML_ERR_FATAL:
$sErro .= ' Erro Fatal ' . $oErro->code . ": \n";
break;
}
$sErro .= '' . "\n";
$sErro .= $oErro->message;
$sErro .= ' Line: ' . $oErro->line . "\n";
$sErro .= ' Column: ' . $oErro->column . "\n";
$sErro .= ' Level: ' . $oErro->level . "\n";
}
echo '';
echo $sErro;
echo '';
} else
echo 'VALID';
}
Result a this moment:
Erro 1839:
Element '{http://www.portalfiscal.inf.br/nfe}IE': [facet 'pattern'] The
value '' is not accepted by the pattern 'ISENTO|[0-9]{0,14}'.
Line: 59
Column: 0
Level: 2
Erro 1824:
Element '{http://www.portalfiscal.inf.br/nfe}IE': '' is not a valid value of
the atomic type '{http://www.portalfiscal.inf.br/nfe}TIeDest'.
Line: 59
Column: 0
Level: 2
This is the rule that fails :
Tipo Inscrição Estadual do
Destinatário
In the xml file the line 59 has :
The pattern for this tag is :
When i change this to work ok, buts each document that has
ISENTO fails validation.
I attached a small rar file with the test case.
How to change the pattern to meets the requirements: or value ISENTO ou
number [0-9]{0,14} or empty ?
Thanks in advance
Alejandro M.S.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
Absolutely -
This is from the first page
fields("emp_ssn");
$_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter");
//access mySQL database
$cnx = mysql_connect("localhost","userID","password");
$db = mysql_select_db("database_name");
$q1 = "select * from tblmainempreport where empUUID =
'sdfsfs920090528131'";
$result = mysql_query($q1);
$recArray = mysql_fetch_array($result);
$_SESSION['empFName'] = $recArray['EmpFName'];
?>
When I echo all five $_SESSION vars from here, they are all populated.
Then I can either redirect or form post to the next page. In either
case, the $_SESSION vars populated from SQL Server ( the SSN and Cost
Center vars) are blank when I echo them on the destination page.
From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk]
Sent: Thursday, September 16, 2010 10:14 AM
To: Cheryl Sullivan
Cc: php-general@lists.php.net
Subject: Re: [PHP] Session Vars loaded from MSSQL Query drop, those
loaded from MYSQL Query stick
On Thu, 2010-09-16 at 10:11 -0400, Cheryl Sullivan wrote:
Hi there - I'm new to this news group. Any help with this is
appreciated -
When I populate session vars from a MYSQL query, they are still there
when I change pages. If I populate them from an MSSQL query, they drop.
It doesn't matter if I get to the next page using a header redirect or a
form submit. I have two session vars I'm loading from a MYSQL query and
they remain, the two loaded from MSSQL disappear.
I have confirmed that all four session vars are loading ok initially and
I can echo them out to the page, but when the application moves to the
next page via redirect or form submit, the two vars loaded from MSSQL
are empty.
Any ideas?
Cheryl L. Sullivan
Interface Analyst / Web Developer
Sacred Heart Hospital (www.shh.org)
421 Chew Street * Allentown, PA 18102
Office: 610-776-4784 * Cell: 484-544-2416
P Please consider the environment before printing this e-mail
Notice: This communication, including attachments, may contain
information that is confidential and protected. It constitutes
non-public information intended to be conveyed only to the designated
recipient(s). If you believe that you have received this communication
in error, please notify the sender immediately by return e-mail and
promptly delete this e-mail, including attachments without reading or
saving them in any manner. The unauthorized use, dissemination,
distribution, or reproduction of this e-mail, including attachments, is
prohibited and may be unlawful. Thank you.
There should be no difference. Can we see some examples of the MySQL and
the MSSQL code to see what you're doing differently?
Thanks,
Ash
http://www.ashleysheridan.co.uk
[PHP] Duplicate session ids
Hi all!! I have a server running: Debian Lenny Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 PHP/5.2.6-1+lenny9 with Suhosin-Patch Clients connect to the system using firefox browser (all of them), and some of them have cloned machines (win 7 - Norton Ghost). I mention this in case that the session id generation process uses some kind of seed coming from the computer itself, i have looked into the C code of php and i couldn't find any clue that confirms this thought, but just in case. We use an intranet system over a medium lan (about 200 hosts) The problem that we are experiencing right now, is that, randomly, session id's are duplicated between 2 hosts. We tried to increase the entropy by adding /var/urandom to the session.entropy_file, upgraded our apache and php to this actual version, and the problem just keeps existing. We set up a workaround to just kick off the user if the session they try to use is already in use by another computer, but the users tend to lose everything that they've been working on (because of that workaround). Anyone of you have experienced a problem similar to this one? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to store data that doesn't change?
At 8:46 AM -0400 9/15/10, Peter van der Does wrote: Hi, How do you people store data that doesn't change, an example of this would be the version number of your software. You might want to use it through out your program but how to you store it? As far as I can see there are several options to use this data. 1. Global Variable 2. Store it in a registry class 3. Store it in a named constant. 4. Use a function that will return the data (kind of like a regsitry class but it's not a class) Personally I don't like option 1 but what about the other options. Is any of them faster then the others. What other pros and cons are there. Make it's a Constant -- it's simply a Global that doesn't change. I typically hold such things in a global configuration file that can be included when needed. Cheers, tedd -- --- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] timezone math problem.
I have the following: #!/usr/local/bin/php Which returns: machine1 (AST) PHP 5.2.6: -10800 timestamp BETWEEN "2010-09-16 03:00:00" AND "2010-09-17 03:00:00" machine2 (MST) PHP 5.1.6: -21600 timestamp BETWEEN "1969-12-31 17:00:00" AND "1969-12-31 17:00:00" Aside from upgrading the second box, is there some other logic that is wrong? Thanks. -- Paul Halliday Ideation | Individualization | Learner | Achiever | Analytical http://www.pintumbler.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
> -Original Message- > From: Cheryl Sullivan [mailto:csull...@shh.org] > Sent: Thursday, September 16, 2010 7:12 AM > To: php-general@lists.php.net > Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded > from MYSQL Query stick > > Hi there – I’m new to this news group. Any help with this is appreciated – > > When I populate session vars from a MYSQL query, they are still there when > I change pages. If I populate them from an MSSQL query, they drop. > > It doesn't matter if I get to the next page using a header redirect or a form > submit. I have two session vars I'm loading from a MYSQL query and they > remain, the two loaded from MSSQL disappear. > What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy > I have confirmed that all four session vars are loading ok initially and I can > echo them out to the page, but when the application moves to the next > page via redirect or form submit, the two vars loaded from MSSQL are > empty. > > Any ideas? > > > Cheryl L. Sullivan > Interface Analyst / Web Developer > > Sacred Heart Hospital (www.shh.org) > 421 Chew Street • Allentown, PA 18102 > Office: 610-776-4784 • Cell: 484-544-2416 P Please consider the environment > before printing this e-mail > > > > Notice: This communication, including attachments, may contain > information that is confidential and protected. It constitutes non-public > information intended to be conveyed only to the designated recipient(s). If > you believe that you have received this communication in error, please > notify the sender immediately by return e-mail and promptly delete this e- > mail, including attachments without reading or saving them in any manner. > The unauthorized use, dissemination, distribution, or reproduction of this > e-mail, including attachments, is prohibited and may be unlawful. Thank > you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: libmcrypt usage
Gary wrote: Nathan Rixham wrote: Gary wrote: Can anyone tell me what the equivalent to the following command line usage of openssl is, in php using the mcrypt_* functions, please: , | openssl enc -e -aes-256-cbc -k ... ` TIA. I tried , | $iv = mcrypt_create_iv(mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, | MCRYPT_MODE_CBC), |MCRYPT_DEV_RANDOM); | $encryptedData = mcrypt_cbc(MCRYPT_RIJNDAEL_256 | ,$passphrase | ,$data | ,MCRYPT_ENCRYPT | ,$iv); ` use MCRYPT_RIJNDAEL_128 Err.. why, if you don't mind me asking? because MCRYPT_RIJNDAEL_128 is the implementation of AES and if you use a 16 bit key you get AES 128, a 32 bit key and you get AES 256 :) after a quick google for "php aes 256", I'd point you to this: http://www.chilkatsoft.com/p/php_aes.asp which explains all -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, Sep 16, 2010 at 10:26 AM, Cheryl Sullivan wrote:
> Absolutely -
>
> This is from the first page
>
>
> $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
>
> $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);
>
> //access MS SQL Server database
>
> $q1 = "select * from emps where emp_last =
> '".$_SESSION['UserLastName']."' and emp_badge =
> '".$_SESSION['BadgeID']."'";
>
> $rs_emp_info = hitMSSQL($q1,"_sql","database","table","password",1);
>
> $_SESSION['SSN'] = $rs_emp_info->fields("emp_ssn");
>
> $_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter");
>
> //access mySQL database
>
> $cnx = mysql_connect("localhost","userID","password");
>
> $db = mysql_select_db("database_name");
>
> $q1 = "select * from tblmainempreport where empUUID =
> 'sdfsfs920090528131'";
>
> $result = mysql_query($q1);
>
> $recArray = mysql_fetch_array($result);
>
> $_SESSION['empFName'] = $recArray['EmpFName'];
>
> ?>
>
>
>
> When I echo all five $_SESSION vars from here, they are all populated.
> Then I can either redirect or form post to the next page. In either
> case, the $_SESSION vars populated from SQL Server ( the SSN and Cost
> Center vars) are blank when I echo them on the destination page.
The fact that you can echo the $_SESSION information on the same page
and they contain the correct values suggest to me that the issue of
MySQL/MSSQL is a red herring. I would look into things like the value
for register_globals to make sure you don't have a global variable
stepping on some of your session variables.
Andrew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
SQL Server 8.00.818 - SP3 (Enterprise Edition) Unfortunately I am fairly new to PHP and my boss just went home sick for the day, so I don't know how to answer the question about the extension. Can you tell me where I can find that? -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:00 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick > -Original Message- > From: Cheryl Sullivan [mailto:csull...@shh.org] > Sent: Thursday, September 16, 2010 7:12 AM > To: php-general@lists.php.net > Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded > from MYSQL Query stick > > Hi there - I'm new to this news group. Any help with this is appreciated - > > When I populate session vars from a MYSQL query, they are still there when > I change pages. If I populate them from an MSSQL query, they drop. > > It doesn't matter if I get to the next page using a header redirect or a form > submit. I have two session vars I'm loading from a MYSQL query and they > remain, the two loaded from MSSQL disappear. > What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy > I have confirmed that all four session vars are loading ok initially and I can > echo them out to the page, but when the application moves to the next > page via redirect or form submit, the two vars loaded from MSSQL are > empty. > > Any ideas? > > > Cheryl L. Sullivan > Interface Analyst / Web Developer > > Sacred Heart Hospital (www.shh.org) > 421 Chew Street * Allentown, PA 18102 > Office: 610-776-4784 * Cell: 484-544-2416 P Please consider the environment > before printing this e-mail > > > > Notice: This communication, including attachments, may contain > information that is confidential and protected. It constitutes non-public > information intended to be conveyed only to the designated recipient(s). If > you believe that you have received this communication in error, please > notify the sender immediately by return e-mail and promptly delete this e- > mail, including attachments without reading or saving them in any manner. > The unauthorized use, dissemination, distribution, or reproduction of this > e-mail, including attachments, is prohibited and may be unlawful. Thank > you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
> -Original Message- > From: Cheryl Sullivan [mailto:csull...@shh.org] > Sent: Thursday, September 16, 2010 8:33 AM > To: Tommy Pham; php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > SQL Server 8.00.818 - SP3 (Enterprise Edition) > 8? I think that's SQL 2000. If that's the case, you're 1 service pack behind. The latest service pack for SQL 2000 is 4. > Unfortunately I am fairly new to PHP and my boss just went home sick for > the day, so I don't know how to answer the question about the extension. > Can you tell me where I can find that? > phpinfo(); will give all the information pertaining to your PHP environment. Regards, Tommy > -Original Message- > From: Tommy Pham [mailto:tommy...@gmail.com] > Sent: Thursday, September 16, 2010 11:00 AM > To: php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > > -Original Message- > > From: Cheryl Sullivan [mailto:csull...@shh.org] > > Sent: Thursday, September 16, 2010 7:12 AM > > To: php-general@lists.php.net > > Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded > > from MYSQL Query stick > > > > Hi there - I'm new to this news group. Any help with this is > appreciated - > > > > When I populate session vars from a MYSQL query, they are still there > when > > I change pages. If I populate them from an MSSQL query, they drop. > > > > It doesn't matter if I get to the next page using a header redirect or > a form > > submit. I have two session vars I'm loading from a MYSQL query and > they > > remain, the two loaded from MSSQL disappear. > > > > What SQL Server version? What PHP extension are you using? MSSQL? > sqlsrv? > > Regards, > Tommy > > > I have confirmed that all four session vars are loading ok initially > and I can > > echo them out to the page, but when the application moves to the next > > page via redirect or form submit, the two vars loaded from MSSQL are > > empty. > > > > Any ideas? > > > > > > Cheryl L. Sullivan > > Interface Analyst / Web Developer > > > > Sacred Heart Hospital (www.shh.org) > > 421 Chew Street * Allentown, PA 18102 > > Office: 610-776-4784 * Cell: 484-544-2416 P Please consider the > environment > > before printing this e-mail > > > > > > > > Notice: This communication, including attachments, may contain > > information that is confidential and protected. It constitutes > non-public > > information intended to be conveyed only to the designated > recipient(s). If > > you believe that you have received this communication in error, please > > notify the sender immediately by return e-mail and promptly delete > this e- > > mail, including attachments without reading or saving them in any > manner. > > The unauthorized use, dissemination, distribution, or reproduction of > this > > e-mail, including attachments, is prohibited and may be unlawful. > Thank > > you. > > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php > > > Notice: This communication, including attachments, may contain > information that is confidential and protected. It constitutes non-public > information intended to be conveyed only to the designated recipient(s). If > you believe that you have received this communication in error, please > notify the sender immediately by return e-mail and promptly delete this e- > mail, including attachments without reading or saving them in any manner. > The unauthorized use, dissemination, distribution, or reproduction of this > e-mail, including attachments, is prohibited and may be unlawful. Thank > you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On 16 September 2010 16:26, Cheryl Sullivan wrote:
> Absolutely -
>
>
>
> This is from the first page
>
>
>
>
> $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
>
> $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);
>
>
>
> //access MS SQL Server database
>
> $q1 = "select * from emps where emp_last =
> '".$_SESSION['UserLastName']."' and emp_badge =
> '".$_SESSION['BadgeID']."'";
>
> $rs_emp_info = hitMSSQL($q1,"_sql","database","table","password",1);
>
> $_SESSION['SSN'] = $rs_emp_info->fields("emp_ssn");
>
> $_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter");
>
You're sticking values from $_POST into an SQL query without
sanitizing them first. That spells out SQL INJECTION VULNERABILITY.
Regards
Peter
--
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Question about news.php.net
MikeB wrote: Daniel Brown wrote: On Mon, Sep 13, 2010 at 19:51, MikeB wrote: As part of the bug report I included a link to an image of my nntp config. I saw that, thanks. I'll look into creating a mirror of the news server, as well, for NNTP-only access. I won't lie and say that it's a priority, but I'll try to get to it as soon as I have time, Mike. You must have already done something. It's working a lot better today. Thanks. Perhaps I spoke too soon. It seems intermittent. Lots of denials today. However, I've switched to the gmane list as recommended by somone else on this thread and that works a treat, so I may just do an unsubscribe here to get rid of the annoying timeout messages. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
We are actually running the query through a function that removes single
ticks, etc to avoid this, but I didn't think that was relevant to the
question so I didn't include it. Thanks, though!
-Original Message-
From: Peter Lind [mailto:peter.e.l...@gmail.com]
Sent: Thursday, September 16, 2010 12:03 PM
To: Cheryl Sullivan
Cc: a...@ashleysheridan.co.uk; php-general@lists.php.net
Subject: Re: [PHP] Session Vars loaded from MSSQL Query drop, those
loaded from MYSQL Query stick
On 16 September 2010 16:26, Cheryl Sullivan wrote:
> Absolutely -
>
>
>
> This is from the first page
>
>
>
>
> $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
>
> $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);
>
>
>
> //access MS SQL Server database
>
> $q1 = "select * from emps where emp_last =
> '".$_SESSION['UserLastName']."' and emp_badge =
> '".$_SESSION['BadgeID']."'";
>
> $rs_emp_info =
hitMSSQL($q1,"_sql","database","table","password",1);
>
> $_SESSION['SSN'] = $rs_emp_info->fields("emp_ssn");
>
> $_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter");
>
You're sticking values from $_POST into an SQL query without
sanitizing them first. That spells out SQL INJECTION VULNERABILITY.
Regards
Peter
--
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
Notice: This communication, including attachments, may contain information that
is confidential and protected. It constitutes non-public information intended
to be conveyed only to the designated recipient(s). If you believe that you
have received this communication in error, please notify the sender immediately
by return e-mail and promptly delete this e-mail, including attachments without
reading or saving them in any manner. The unauthorized use, dissemination,
distribution, or reproduction of this e-mail, including attachments, is
prohibited and may be unlawful. Thank you.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] "Downgrading" HTML
I know I could possibly hack something together using the Tidy libraries... (maybe...) but are there any existing php libraries / projects that already have the ability to take some HTML and "downgrade" the version of HTML being used. One example: turn this... Blah ... into ... Blah This is for an eReader I love but is long out of production and the converter tool only works with HTML 3.2 Thanks in advance. Matt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
Tommy - I ran phpinfo() but I don't see anything in it referencing MSSQL or SQLSRV. I have included all the references to "sql" I see below, but the only references I see to databases are to mySQL and SQLLite. Unfortunately I don't have any control over how service-packed the database server is. Is there something in SP 4 for SQL Server 2000 that is supposed to fix the issue I'm having, I may be able to plead my case for getting the latest SP. Is this the case, do you know? mysql MySQL Support enabled Active Persistent Links 0 Active Links 0 Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value mysql.allow_local_infile On On mysql.allow_persistent On On mysql.cache_size 2000 2000 mysql.connect_timeout 60 60 mysql.default_host no value no value mysql.default_password no value no value mysql.default_port no value no value mysql.default_socket no value no value mysql.default_user no value no value mysql.max_links Unlimited Unlimited mysql.max_persistent Unlimited Unlimited mysql.trace_mode Off Off mysqli MysqlI Support enabled Client API library version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Active Persistent Links 0 Inactive Persistent Links 0 Active Links 0 Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value mysqli.allow_local_infile On On mysqli.allow_persistent On On mysqli.cache_size 2000 2000 mysqli.default_host no value no value mysqli.default_port 3306 3306 mysqli.default_pw no value no value mysqli.default_socket no value no value mysqli.default_user no value no value mysqli.max_links Unlimited Unlimited mysqli.max_persistent Unlimited Unlimited mysqli.reconnect Off Off mysqlnd mysqlnd enabled Version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Command buffer size 2048 Read buffer size 32768 Collecting statistics Yes Collecting memory statistics Yes PDO PDO support enabled PDO drivers mysql, sqlite pdo_mysql PDO Driver for MySQL enabled Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value pdo_mysql.cache_size 2000 2000 pdo_sqlite PDO Driver for SQLite 3.x enabled SQLite Library 3.6.15 -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:39 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick > -Original Message- > From: Cheryl Sullivan [mailto:csull...@shh.org] > Sent: Thursday, September 16, 2010 8:33 AM > To: Tommy Pham; php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > SQL Server 8.00.818 - SP3 (Enterprise Edition) > 8? I think that's SQL 2000. If that's the case, you're 1 service pack behind. The latest service pack for SQL 2000 is 4. > Unfortunately I am fairly new to PHP and my boss just went home sick for > the day, so I don't know how to answer the question about the extension. > Can you tell me where I can find that? > phpinfo(); will give all the information pertaining to your PHP environment. Regards, Tommy > -Original Message- > From: Tommy Pham [mailto:tommy...@gmail.com] > Sent: Thursday, September 16, 2010 11:00 AM > To: php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > > -Original Message- > > From: Cheryl Sullivan [mailto:csull...@shh.org] > > Sent: Thursday, September 16, 2010 7:12 AM > > To: php-general@lists.php.net > > Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded > > from MYSQL Query stick > > > > Hi there - I'm new to this news group. Any help with this is > appreciated - > > > > When I populate session vars from a MYSQL query, they are still there > when > > I change pages. If I populate them from an MSSQL query, they drop. > > > > It doesn't matter if I get to the next page using a header redirect or > a form > > submit. I have two session vars I'm loading from a MYSQL query and > they > > remain, the two loaded from MSSQL disappear. > > > > What SQL Server version? What PHP extension are you using? MSSQL? > sqlsrv? > > Regards, > Tommy > > > I have confirmed that all four session vars are loading ok initially > and I can > > echo them out to the page, but when the application moves to the next > > page via redirect or form submit, the two vars loaded from MSSQL are > > empty. > > > > Any ideas? > > > > > > Cheryl L. S
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, Sep 16, 2010 at 10:26 AM, Cheryl Sullivan wrote: [snip] > When I echo all five $_SESSION vars from here, they are all populated. > Then I can either redirect or form post to the next page. In either > case, the $_SESSION vars populated from SQL Server ( the SSN and Cost > Center vars) are blank when I echo them on the destination page. On Thu, Sep 16, 2010 at 2:12 PM, Cheryl Sullivan wrote: > Tommy - I ran phpinfo() but I don't see anything in it referencing > MSSQL or SQLSRV. I have included all the references to "sql" I see > below, but the only references I see to databases are to mySQL and > SQLLite. Unfortunately I don't have any control over how service-packed > the database server is. Is there something in SP 4 for SQL Server 2000 > that is supposed to fix the issue I'm having, I may be able to plead my > case for getting the latest SP. Is this the case, do you know? > [snip] Again, I ask - based on what you said earlier - are you sure this is even a database issue? You said that when you echo the values in your $_SESSION array AFTER reading them from the database they are there, and you only lose them on the next request after either a redirect or a manual form POST. If the values are getting into $_SESSION correctly within this page, your issue is not related to the database at all. Am I misunderstanding you? Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Xpath arguments in variable
On Thu, Sep 16, 2010 at 1:20 AM, Pete Ford wrote:
> On 15/09/10 18:00, David Harkness wrote:
>
>> $v = $row->xpath("//membernumber[. = \"$MemberId\"]");
>>
>
> Oooh, I hate using backslashes - they always seem so untidy...
> I have a pathological fear of sed scripts, too. :(
And yet I find them the *most* tidy in a way: \" inserts an actual
double-quote into the string. I don't think that's any more magical than
"surround it with single-quotes so it doesn't terminate the string." It will
work in single- and double-quoted strings equally, so you don't have to
worry about switching from one to the other messing up the expression.
David
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On 16 September 2010 20:03, Cheryl Sullivan wrote: > We are actually running the query through a function that removes single > ticks, etc to avoid this, but I didn't think that was relevant to the > question so I didn't include it. Thanks, though! You're the one with the problem you don't understand, which means you don't get to make decisions as what is or is not relevant. Rather: you have no idea what seems relevant to us trying to pinpoint the error. That said, if - like Andrew points out - you see the values directly after storing them, then the problem is not database related. What exactly happens between the two pages and on the second page? Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] "Downgrading" HTML
On Thu, 2010-09-16 at 14:07 -0400, Matt Neimeyer wrote: > I know I could possibly hack something together using the Tidy > libraries... (maybe...) but are there any existing php libraries / > projects that already have the ability to take some HTML and > "downgrade" the version of HTML being used. > > One example: turn this... > >Blah > > ... into ... > >Blah > > This is for an eReader I love but is long out of production and the > converter tool only works with HTML 3.2 > > Thanks in advance. > > Matt > You'd need a full on HTML parser, as what about an element that is given a bold font from an included stylesheet? Where would you put the bold tag then? Regular expressions really won't cut this either. Maybe it's time to look for a different reader? Thanks, Ash http://www.ashleysheridan.co.uk
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
> -Original Message- > From: Cheryl Sullivan [mailto:csull...@shh.org] > Sent: Thursday, September 16, 2010 11:12 AM > To: Tommy Pham; php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > Tommy - I ran phpinfo() but I don't see anything in it referencing MSSQL or > SQLSRV. I have included all the references to "sql" I see below, but the only > references I see to databases are to mySQL and SQLLite. Unfortunately I > don't have any control over how service-packed the database server is. Is > there something in SP 4 for SQL Server 2000 that is supposed to fix the issue > I'm having, I may be able to plead my case for getting the latest SP. Is this > the case, do you know? > Here's the long lists of fixes in SP4 for SQL2000: http://support.microsoft.com/kb/888799/ http://support.microsoft.com/kb/00/ As for if it's related to your current problem, we need to find out what are the possible causes for your problem. If you're not using mssql or sqlsrv extension, how are you able to access SQL Server, via ODBC? If you're not using ODBC either, then there is something seriously wrong with your app... or where you think you're getting the data that is supposed to be from MS SQL Server. Look at your class hitMSSQL. What does the internal of the class uses to connect, execute the query, and fetch the results? Are there any error catching/logging within the class? Or are all the statements begin with @? Regards, Tommy > mysql > MySQL Support enabled > Active Persistent Links 0 > Active Links 0 > Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ > Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 > size 2000 free_items 2000 references 2 > > Directive Local Value Master Value > mysql.allow_local_infile On On > mysql.allow_persistent On On > mysql.cache_size 2000 2000 > mysql.connect_timeout 60 60 > mysql.default_host no value no value > mysql.default_password no value no value mysql.default_port no value no > value mysql.default_socket no value no value mysql.default_user no value > no value mysql.max_links Unlimited Unlimited mysql.max_persistent > Unlimited Unlimited mysql.trace_mode Off Off > > > mysqli > MysqlI Support enabled > Client API library version mysqlnd 5.0.5-dev - 081106 - $Revision: > 1.3.2.27 $ > Active Persistent Links 0 > Inactive Persistent Links 0 > Active Links 0 > Persistent cache enabled > put_hits 0 > put_misses 0 > get_hits 0 > get_misses 0 > size 2000 > free_items 2000 > references 2 > > Directive Local Value Master Value > mysqli.allow_local_infile On On > mysqli.allow_persistent On On > mysqli.cache_size 2000 2000 > mysqli.default_host no value no value > mysqli.default_port 3306 3306 > mysqli.default_pw no value no value > mysqli.default_socket no value no value mysqli.default_user no value no > value mysqli.max_links Unlimited Unlimited mysqli.max_persistent > Unlimited Unlimited mysqli.reconnect Off Off > > > mysqlnd > mysqlnd enabled > Version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Command buffer > size 2048 Read buffer size 32768 Collecting statistics Yes Collecting > memory statistics Yes > > PDO > PDO support enabled > PDO drivers mysql, sqlite > > > pdo_mysql > PDO Driver for MySQL enabled > Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ > Persistent cache enabled > put_hits 0 > put_misses 0 > get_hits 0 > get_misses 0 > size 2000 > free_items 2000 > references 2 > > Directive Local Value Master Value > pdo_mysql.cache_size 2000 2000 > > > pdo_sqlite > PDO Driver for SQLite 3.x enabled > SQLite Library 3.6.15 > > -Original Message- > From: Tommy Pham [mailto:tommy...@gmail.com] > Sent: Thursday, September 16, 2010 11:39 AM > To: php-general@lists.php.net > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > loaded from MYSQL Query stick > > > -Original Message- > > From: Cheryl Sullivan [mailto:csull...@shh.org] > > Sent: Thursday, September 16, 2010 8:33 AM > > To: Tommy Pham; php-general@lists.php.net > > Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those > > loaded from MYSQL Query stick > > > > SQL Server 8.00.818 - SP3 (Enterprise Edition) > > > > 8? I think that's SQL 2000. If that's the case, you're 1 service pack > behind. The latest service pack for SQL 2000 is 4. > > > Unfortunately I am fairly new to PHP and my boss just went home sick > for > > the day, so I don't know how to answer the question about the > extension. > > Can you tell me where I can find that? > > > > phpinfo(); will give all the information pertaining to your PHP > environment. > > Regards, > Tommy > > > -Original Message- > > From: Tommy Pham [mailto:tommy...@gmail.com] > > Sent: Thursday, September 16, 2010 11:00 AM > > To: php-general@lists.php.net > > Subject: RE: [PHP] Session Vars loaded from MSSQL Quer
